def update(request, user_name, repo_name, issue_id, attr): repo = RepoManager.get_repo_by_name(user_name, repo_name) if repo is None: raise Http404 issue = IssueManager.get_issue(repo.id, issue_id) if issue is None: return _json_failed() has_issue_modify_right = _has_issue_modify_right(request, issue, repo) if not has_issue_modify_right: return _json_failed() orgi_issue = copy.copy(issue) (key, value) = attr.split('___', 1) if key == 'assigned': user = GsuserManager.get_user_by_name(value) if user is None: return _json_failed() repoMember = RepoManager.get_repo_member(repo.id, user.id) if repoMember is None: return _json_failed() issue.assigned = repoMember.user_id issue.save() FeedManager.notif_issue_status(request.user, issue, ISSUE_STATUS.ASSIGNED) FeedManager.feed_issue_change(request.user, repo, orgi_issue, issue.id) return _json_ok() value = int(value) if key == 'tracker': issue.tracker = value elif key == 'status': issue.status = value elif key == 'priority': issue.priority = value issue.save() FeedManager.feed_issue_change(request.user, repo, orgi_issue, issue.id) return _json_ok()
def update(request, user_name, repo_name, issue_id, attr): repo = RepoManager.get_repo_by_name(user_name, repo_name) if repo is None: raise Http404 issue = IssueManager.get_issue(repo.id, issue_id) if issue is None: return _json_failed() has_issue_modify_right = _has_issue_modify_right(request, issue, repo) if not has_issue_modify_right: return _json_failed() orgi_issue = copy.copy(issue) (key, value) = attr.split('___', 1) if key == 'assigned': user = GsuserManager.get_user_by_name(value) if user is None: return _json_failed() repoMember = RepoManager.get_repo_member(repo.id, user.id) if repoMember is None: return _json_failed() issue.assigned = repoMember.user_id issue.save() FeedManager.notif_issue_status(request.user, issue, ISSUE_STATUS.ASSIGNED) FeedManager.feed_issue_change(request.user, repo, orgi_issue, issue.id) return _json_ok() value = int(value) if key == 'tracker': issue.tracker = value elif key == 'status': issue.status = value elif key == 'priority': issue.priority = value issue.save() FeedManager.feed_issue_change(request.user, repo, orgi_issue, issue.id) return _json_ok()
def keyauth(request, fingerprint, command): command = command.strip() last_blank_idx = command.rfind(' ') if last_blank_idx == -1: return not_git_command() pre_command = command[0:last_blank_idx] short_repo_path = command[last_blank_idx + 1:] if pre_command == '' or '"' in pre_command or '\'' in pre_command or short_repo_path == '': return not_git_command() first_repo_char_idx = -1 slash_idx = -1 last_repo_char_idx = -1 for i in range(0, len(short_repo_path)): schar = short_repo_path[i] if first_repo_char_idx == -1 and re.match('\w', schar): first_repo_char_idx = i if schar == '/': slash_idx = i if re.match('[a-zA-Z0-9_\-]', schar): last_repo_char_idx = i if not (first_repo_char_idx > -1 and first_repo_char_idx < slash_idx and slash_idx < last_repo_char_idx): return not_git_command() username = short_repo_path[first_repo_char_idx:slash_idx] reponame = short_repo_path[slash_idx + 1:last_repo_char_idx + 1] if reponame.endswith('.git'): reponame = reponame[0:len(reponame) - 4] if not (re.match('^[a-zA-Z0-9_\-]+$', username) and RepoManager.is_allowed_reponame_pattern(reponame)): return not_git_command() user = GsuserManager.get_user_by_name(username) if user is None: return not_git_command() userprofile = GsuserManager.get_userprofile_by_id(user.id) if userprofile is None: return not_git_command() if userprofile.used_quote > userprofile.quote: return not_git_command() repo = RepoManager.get_repo_by_userId_name(user.id, reponame) if repo is None: return not_git_command() quote = userprofile.quote # author of the repo userPubkey = KeyauthManager.get_userpubkey_by_userId_fingerprint( user.id, fingerprint) if userPubkey is not None: return response_full_git_command(quote, pre_command, user, user, repo) userpubkeys = KeyauthManager.list_userpubkey_by_fingerprint(fingerprint) for userpubkey in userpubkeys: # member of the repo repoMember = RepoManager.get_repo_member(repo.id, userpubkey.user_id) # member of the team user teamMember = TeamManager.get_teamMember_by_teamUserId_userId( user.id, userpubkey.user_id) if repoMember or teamMember: pushUser = GsuserManager.get_user_by_id(userpubkey.user_id) if 'git-receive-pack' in pre_command: if RepoManager.is_allowed_access_repo(repo, pushUser, REPO_PERMISSION.WRITE): return response_full_git_command(quote, pre_command, pushUser, user, repo) elif RepoManager.is_allowed_access_repo(repo, pushUser, REPO_PERMISSION.READ_ONLY): return response_full_git_command(quote, pre_command, pushUser, user, repo) return not_git_command()
def keyauth(request, fingerprint, command): command = command.strip() last_blank_idx = command.rfind(' ') if last_blank_idx == -1: return not_git_command() pre_command = command[0 : last_blank_idx] short_repo_path = command[last_blank_idx+1 :] if pre_command == '' or '"' in pre_command or '\'' in pre_command or short_repo_path == '': return not_git_command() first_repo_char_idx = -1 slash_idx = -1 last_repo_char_idx = -1 for i in range(0, len(short_repo_path)): schar = short_repo_path[i] if first_repo_char_idx == -1 and re.match('\w', schar): first_repo_char_idx = i if schar == '/': slash_idx = i if re.match('[a-zA-Z0-9_\-]', schar): last_repo_char_idx = i if not (first_repo_char_idx > -1 and first_repo_char_idx < slash_idx and slash_idx < last_repo_char_idx): return not_git_command() username = short_repo_path[first_repo_char_idx : slash_idx] reponame = short_repo_path[slash_idx+1 : last_repo_char_idx+1] if reponame.endswith('.git'): reponame = reponame[0 : len(reponame)-4] if not (re.match('^[a-zA-Z0-9_\-]+$', username) and RepoManager.is_allowed_reponame_pattern(reponame)): return not_git_command() user = GsuserManager.get_user_by_name(username) if user is None: return not_git_command() userprofile = GsuserManager.get_userprofile_by_id(user.id) if userprofile is None: return not_git_command() if userprofile.used_quote > userprofile.quote: return not_git_command() repo = RepoManager.get_repo_by_userId_name(user.id, reponame) if repo is None: return not_git_command() quote = userprofile.quote # author of the repo userPubkey = KeyauthManager.get_userpubkey_by_userId_fingerprint(user.id, fingerprint) if userPubkey is not None: return response_full_git_command(quote, pre_command, user, user, repo) userpubkeys = KeyauthManager.list_userpubkey_by_fingerprint(fingerprint) for userpubkey in userpubkeys: # member of the repo repoMember = RepoManager.get_repo_member(repo.id, userpubkey.user_id) # member of the team user teamMember = TeamManager.get_teamMember_by_teamUserId_userId(user.id, userpubkey.user_id) if repoMember or teamMember: pushUser = GsuserManager.get_user_by_id(userpubkey.user_id) if 'git-receive-pack' in pre_command: if RepoManager.is_allowed_access_repo(repo, pushUser, REPO_PERMISSION.WRITE): return response_full_git_command(quote, pre_command, pushUser, user, repo) elif RepoManager.is_allowed_access_repo(repo, pushUser, REPO_PERMISSION.READ_ONLY): return response_full_git_command(quote, pre_command, pushUser, user, repo) return not_git_command()