def settings_rename(owner_name, repo_name): owner, repo = check_access(owner_name, repo_name, UserAccess.manage) if isinstance(repo, BaseRedirectMixin): return redirect( url_for(".settings_rename", owner_name=owner_name, repo_name=repo.new_repo.name)) return render_template("settings_rename.html", owner=owner, repo=repo)
def settings_delete_POST(owner_name, repo_name): if not current_app.repo_api: abort(501) owner, repo = check_access(owner_name, repo_name, UserAccess.manage) if isinstance(repo, BaseRedirectMixin): # Normally we'd redirect but we don't want to f**k up some other repo abort(404) current_app.repo_api.delete_repo(repo) session["notice"] = "{}/{} was deleted.".format(owner.canonical_name, repo.name) return redirect("/" + owner.canonical_name)
def settings_info_POST(owner_name, repo_name): owner, repo = check_access(owner_name, repo_name, UserAccess.manage) if isinstance(repo, BaseRedirectMixin): repo = repo.new_repo valid = Validation(request) desc = valid.optional("description", default=repo.description) visibility = valid.optional("visibility", cls=RepoVisibility, default=repo.visibility) repo.visibility = visibility repo.description = desc db.session.commit() return redirect("/{}/{}/settings/info".format(owner_name, repo_name))
def settings_access_revoke_POST(owner_name, repo_name, grant_id): owner, repo = check_access(owner_name, repo_name, UserAccess.manage) if isinstance(repo, BaseRedirectMixin): repo = repo.new_repo Access = current_app.Access grant = (Access.query.filter(Access.repo_id == repo.id, Access.id == grant_id)).first() if not grant: abort(404) db.session.delete(grant) db.session.commit() return redirect("/{}/{}/settings/access".format(owner.canonical_name, repo.name))
def settings_rename_POST(owner_name, repo_name): if not current_app.repo_api: abort(501) owner, repo = check_access(owner_name, repo_name, UserAccess.manage) if isinstance(repo, BaseRedirectMixin): repo = repo.new_repo valid = Validation(request) repo = current_app.repo_api.rename_repo(owner, repo, valid) if not repo: return render_template("settings_rename.html", owner=owner, repo=repo, **valid.kwargs) return redirect("/{}/{}".format(owner_name, repo.name))
def settings_access_POST(owner_name, repo_name): owner, repo = check_access(owner_name, repo_name, UserAccess.manage) if isinstance(repo, BaseRedirectMixin): repo = repo.new_repo valid = Validation(request) user = valid.require("user", friendly_name="User") mode = valid.optional("access", cls=AccessMode, default=AccessMode.ro) if not valid.ok: return render_template("settings_access.html", owner=owner, repo=repo, **valid.kwargs) # TODO: Group access if user[0] == "~": user = user[1:] User = current_app.User user = User.query.filter(User.username == user).first() valid.expect( user, "I don't know this user. Have they logged into this service before?", field="user") valid.expect( not user or user.id != current_user.id, "You can't adjust your own access controls. You always have full read/write access.", field="user") if not valid.ok: return render_template("settings_access.html", owner=owner, repo=repo, **valid.kwargs) Access = current_app.Access grant = (Access.query.filter(Access.repo_id == repo.id, Access.user_id == user.id)).first() if not grant: grant = Access() grant.repo_id = repo.id grant.user_id = user.id db.session.add(grant) grant.mode = mode db.session.commit() return redirect("/{}/{}/settings/access".format(owner.canonical_name, repo.name))