Show More
| @@ -28,7 +28,7 b' import traceback' | |||||
| 28 |
|
28 | |||
| 29 | from pylons import request |
|
29 | from pylons import request | |
| 30 | from pylons import tmpl_context as c, url |
|
30 | from pylons import tmpl_context as c, url | |
| 31 | from pylons.controllers.util import redirect |
|
31 | from pylons.controllers.util import redirect, abort | |
| 32 |
|
32 | |||
| 33 | from webhelpers.paginate import Page |
|
33 | from webhelpers.paginate import Page | |
| 34 |
|
34 | |||
| @@ -117,7 +117,7 b' class NotificationsController(BaseContro' | |||||
| 117 | Session().commit() |
|
117 | Session().commit() | |
| 118 | return 'ok' |
|
118 | return 'ok' | |
| 119 | except Exception: |
|
119 | except Exception: | |
| 120 | Session.rollback() |
|
120 | Session().rollback() | |
| 121 | log.error(traceback.format_exc()) |
|
121 | log.error(traceback.format_exc()) | |
| 122 | return 'fail' |
|
122 | return 'fail' | |
| 123 |
|
123 | |||
| @@ -139,7 +139,7 b' class NotificationsController(BaseContro' | |||||
| 139 | Session().commit() |
|
139 | Session().commit() | |
| 140 | return 'ok' |
|
140 | return 'ok' | |
| 141 | except Exception: |
|
141 | except Exception: | |
| 142 | Session.rollback() |
|
142 | Session().rollback() | |
| 143 | log.error(traceback.format_exc()) |
|
143 | log.error(traceback.format_exc()) | |
| 144 | return 'fail' |
|
144 | return 'fail' | |
| 145 |
|
145 | |||
| @@ -149,8 +149,9 b' class NotificationsController(BaseContro' | |||||
| 149 | c.user = self.rhodecode_user |
|
149 | c.user = self.rhodecode_user | |
| 150 | no = Notification.get(notification_id) |
|
150 | no = Notification.get(notification_id) | |
| 151 |
|
151 | |||
| 152 |
owner = a |
|
152 | owner = any(un.user.user_id == c.rhodecode_user.user_id | |
| 153 | for un in no.notifications_to_users) |
|
153 | for un in no.notifications_to_users) | |
|
|
154 | ||||
| 154 | if no and (h.HasPermissionAny('hg.admin', 'repository.admin')() or owner): |
|
155 | if no and (h.HasPermissionAny('hg.admin', 'repository.admin')() or owner): | |
| 155 | unotification = NotificationModel()\ |
|
156 | unotification = NotificationModel()\ | |
| 156 | .get_user_notification(c.user.user_id, no) |
|
157 | .get_user_notification(c.user.user_id, no) | |
| @@ -165,7 +166,7 b' class NotificationsController(BaseContro' | |||||
| 165 |
|
166 | |||
| 166 | return render('admin/notifications/show_notification.html') |
|
167 | return render('admin/notifications/show_notification.html') | |
| 167 |
|
168 | |||
| 168 | return redirect(url('notifications')) |
|
169 | return abort(403) | |
| 169 |
|
170 | |||
| 170 | def edit(self, notification_id, format='html'): |
|
171 | def edit(self, notification_id, format='html'): | |
| 171 | """GET /_admin/notifications/id/edit: Form to edit an existing item""" |
|
172 | """GET /_admin/notifications/id/edit: Form to edit an existing item""" | |
General Comments 0
You need to be logged in to leave comments.
Login now