def delete(self, request): gist = self.gist user = request.user if not user or user.username != gist.owner_id: raise AccessError() gist.delete() return request.redirect('/gist/%s' % user.username)
def _q_access(request): if request.session.user == None: raise NotLoggedInError('Authorized access only.') if not (request.session.user.is_admin \ or request.session.user.is_editor \ or request.session.user.is_assistant): raise AccessError("You don't have access to this page.")
def create(self, request): user = request.user if not user: raise AccessError from_proj = request.get_form_var('from_proj') from_ref = request.get_form_var('from_ref') to_ref = request.get_form_var('to_ref') to_proj = request.get_form_var('to_proj') title = request.get_form_var('title', '').decode('utf-8') comment = request.get_form_var('body', '').decode('utf-8') if not all([from_ref, from_proj, to_ref, to_proj]): raise TraversalError from_proj = CodeDoubanProject.get_by_name(from_proj) to_proj = CodeDoubanProject.get_by_name(to_proj) if from_proj != to_proj: if not from_proj.has_push_perm(user.name): raise AccessError( "Need push permission to create PR on another project") pullreq = PullRequest.open(from_proj, from_ref, to_proj, to_ref) ticket = Ticket(None, None, to_proj.id, title, comment, user.username, None, None) pullreq = add_pull(ticket, pullreq, user) ticket = pullreq.ticket return request.redirect( str('/%s/pull/%s/' % (to_proj.name, ticket.ticket_id)))
def new(self, request): user = request.user if not user: raise AccessError from_proj = self.project from_ref = request.get_form_var('head_ref', from_proj.default_branch) parent_proj = from_proj.get_forked_from() to_proj = request.get_form_var('base_repo') if to_proj: to_proj = CodeDoubanProject.get_by_name(to_proj) elif parent_proj: to_proj = parent_proj else: to_proj = from_proj if not to_proj: raise TraversalError("The PR's upstream project is not existed") to_ref = request.get_form_var('base_ref', to_proj.default_branch) if from_proj != to_proj: # Allow to create PR to a different project only if user has push perm # ~~A bit weird, maybe should be separate perms # ~~If from and to projects are the same, we should be in online edit mode if not from_proj.has_push_perm(user.name): raise AccessError( "Need push permission to add a PR on another project") pullreq = PullRequest.open(from_proj, from_ref, to_proj, to_ref) family = from_proj.get_fork_network() from_branches = from_proj.repo.branches to_branches = to_proj.repo.branches from_commit = pullreq.from_commit to_commit = pullreq.to_commit if not pullreq.can_pull: raise TraversalError( "The PR's head_ref or base_ref is not existed") highlighted_projects = filter(None, [from_proj, parent_proj]) commits = pullreq.commits n_commits = len(commits) n_authors = len(set(c.author.username for c in commits)) ticket_title, ticket_desc = self._choose_default_PR_title_and_description( commits) # noqa # get diff diff = pullreq.get_diff(rename_detection=True) n_files = diff.length grouped_commits = groupby(commits, lambda c: c.author_time.date()) prs = PullRequest.get_by_from_and_to(from_proj.id, from_ref, to_proj.id, to_ref) open_pullreqs = [] for pr in prs: t = Ticket.get_by_projectid_and_ticketnumber( to_proj.id, pr.ticket_id) if t and t.closed is None: open_pullreqs.append(pr) guideline_url = get_project_guidelines(to_proj) teams = Team.get_all_team_uids() return st('/pull/new.html', **locals())
def _q_access(self, request): gist = self.gist user = request.user if not gist: raise TraversalError() if not gist.is_public: if not user or user.username != gist.owner_id: raise AccessError()
def format(self): response = quixote.get_response() (exp,dict) = _auth_challenge(self.scheme, self.realm, self.stale) auth = _format_auth(self.scheme, dict) #print 'auth=%s' % auth response.set_header('WWW-Authenticate', auth) return AccessError.format(self)
def edit(self, request): gist = self.gist user = request.user if not user or user.username != gist.owner_id: raise AccessError() if request.method == 'POST': desc, is_public, names, contents, oids = _get_req_gist_data( request) gist.update(desc, names, contents, oids) return request.redirect(gist.url) tdt = dict(request=request, gist=gist, user=user) if is_mobile_device(request): return st('/m/gist/edit.html', **tdt) return st('/gist/edit.html', **tdt)
def format(self): request = get_request() request.response.set_header('WWW-Authenticate', 'Basic realm="%s"' % self.realm) return AccessError.format(self)
def __init__(self, realm='Protected', public_msg=None, private_msg=None): self.realm = realm AccessError.__init__(self, public_msg, private_msg)
def _q_access(self): session = get_session() if not session.user: raise AccessError("you must have a username")
def format(self): get_response().set_header("WWW-Authenticate", 'Basic realm="%s"' % self.realm) return AccessError.format(self)
def __init__(self, realm, scheme='digest', public_msg=None, private_msg=None, stale=False): self.realm = realm self.scheme = scheme self.stale = stale AccessError.__init__(self, public_msg, private_msg)
def _q_access(request): if not request.user: raise AccessError('must login')