def test_project_admins_can_delete_subprojects_that_they_are_not_admin_of(self): self.project.users.add(self.user) self.assertFalse(AdminPermission.is_admin(self.user, self.subproject)) response = self.client.get('/dashboard/my-mainproject/subprojects/delete/my-subproject/') self.assertEqual(response.status_code, 302) self.assertTrue(self.subproject not in [r.child for r in self.project.subprojects.all()])
def serve_docs(request, project, subproject, lang_slug=None, version_slug=None, filename=''): """ This exists mainly to map existing proj, lang, version, filename views to the file format. """ if not version_slug: version_slug = project.get_default_version() try: version = project.versions.public(request.user).get(slug=version_slug) except Version.DoesNotExist: # Properly raise a 404 if the version doesn't exist & a 401 if it does if project.versions.filter(slug=version_slug).exists(): return _serve_401(request, project) raise Http404('Version does not exist.') filename = resolve_path( subproject or project, # Resolve the subproject if it exists version_slug=version_slug, language=lang_slug, filename=filename, subdomain=True, # subdomain will make it a "full" path without a URL prefix ) if ( version.privacy_level == constants.PRIVATE and not AdminPermission.is_member(user=request.user, obj=project) ): return _serve_401(request, project) return _serve_symlink_docs(request, filename=filename, project=project, privacy_level=version.privacy_level)
def test_project_admins_can_delete_subprojects_that_they_are_not_admin_of(self): self.project.users.add(self.user) self.assertFalse(AdminPermission.is_admin(self.user, self.subproject)) response = self.client.get('/dashboard/my-mainproject/subprojects/delete/my-subproject/') self.assertEqual(response.status_code, 302) self.assertTrue(self.subproject not in [r.child for r in self.project.subprojects.all()])
def serve_docs(request, project, subproject, lang_slug=None, version_slug=None, filename=''): """Exists to map existing proj, lang, version, filename views to the file format.""" if not version_slug: version_slug = project.get_default_version() try: version = project.versions.public(request.user).get(slug=version_slug) except Version.DoesNotExist: # Properly raise a 404 if the version doesn't exist & a 401 if it does if project.versions.filter(slug=version_slug).exists(): return _serve_401(request, project) raise Http404('Version does not exist.') filename = resolve_path( subproject or project, # Resolve the subproject if it exists version_slug=version_slug, language=lang_slug, filename=filename, subdomain= True, # subdomain will make it a "full" path without a URL prefix ) if (version.privacy_level == constants.PRIVATE and not AdminPermission.is_member(user=request.user, obj=project)): return _serve_401(request, project) return _serve_symlink_docs(request, filename=filename, project=project, privacy_level=version.privacy_level)
def clean_subproject(self): subproject_name = self.cleaned_data['subproject'] subproject_qs = Project.objects.filter(slug=subproject_name) if not subproject_qs.exists(): raise forms.ValidationError((_("Project %(name)s does not exist") % {'name': subproject_name})) subproject = subproject_qs.first() if not AdminPermission.is_admin(self.user, subproject): raise forms.ValidationError(_( 'You need to be admin of {name} in order to add it as ' 'a subproject.'.format(name=subproject_name))) return subproject
def clean_subproject(self): subproject_name = self.cleaned_data['subproject'] subproject_qs = Project.objects.filter(slug=subproject_name) if not subproject_qs.exists(): raise forms.ValidationError( (_("Project %(name)s does not exist") % { 'name': subproject_name })) subproject = subproject_qs.first() if not AdminPermission.is_admin(self.user, subproject): raise forms.ValidationError( _('You need to be admin of {name} in order to add it as ' 'a subproject.'.format(name=subproject_name))) return subproject
def clean_subproject(self): """Normalize subproject field Does lookup on against :py:cls:`Project` to ensure matching project exists. Return the :py:cls:`Project` object instead. """ subproject_name = self.cleaned_data['subproject'] subproject_qs = Project.objects.filter(slug=subproject_name) if not subproject_qs.exists(): raise forms.ValidationError((_("Project %(name)s does not exist") % {'name': subproject_name})) subproject = subproject_qs.first() if not AdminPermission.is_admin(self.user, subproject): raise forms.ValidationError(_( 'You need to be admin of {name} in order to add it as ' 'a subproject.'.format(name=subproject_name))) return subproject
def clean_subproject(self): """Normalize subproject field Does lookup on against :py:class:`Project` to ensure matching project exists. Return the :py:class:`Project` object instead. """ subproject_name = self.cleaned_data['subproject'] subproject_qs = Project.objects.filter(slug=subproject_name) if not subproject_qs.exists(): raise forms.ValidationError((_("Project %(name)s does not exist") % {'name': subproject_name})) subproject = subproject_qs.first() if not AdminPermission.is_admin(self.user, subproject): raise forms.ValidationError(_( 'You need to be admin of {name} in order to add it as ' 'a subproject.'.format(name=subproject_name))) return subproject
def _serve_symlink_docs(request, project, privacy_level, filename=''): # Handle indexes if filename == '' or filename[-1] == '/': filename += 'index.html' # This breaks path joining, by ignoring the root when given an "absolute" path if filename[0] == '/': filename = filename[1:] log.info('Serving %s for %s' % (filename, project)) files_tried = [] serve_docs = getattr(settings, 'SERVE_DOCS', [constants.PRIVATE]) if (settings.DEBUG or constants.PUBLIC in serve_docs) and privacy_level != constants.PRIVATE: public_symlink = PublicSymlink(project) basepath = public_symlink.project_root if os.path.exists(os.path.join(basepath, filename)): return _serve_file(request, filename, basepath) else: files_tried.append(os.path.join(basepath, filename)) if (settings.DEBUG or constants.PRIVATE in serve_docs) and privacy_level == constants.PRIVATE: # Handle private private_symlink = PrivateSymlink(project) basepath = private_symlink.project_root if os.path.exists(os.path.join(basepath, filename)): if not AdminPermission.is_member(user=request.user, obj=project): return _serve_401(request, project) return _serve_file(request, filename, basepath) else: files_tried.append(os.path.join(basepath, filename)) raise Http404('File not found. Tried these files: %s' % ','.join(files_tried))
def _serve_symlink_docs(request, project, privacy_level, filename=''): # Handle indexes if filename == '' or filename[-1] == '/': filename += 'index.html' # This breaks path joining, by ignoring the root when given an "absolute" path if filename[0] == '/': filename = filename[1:] log.info('Serving %s for %s' % (filename, project)) files_tried = [] serve_docs = getattr(settings, 'SERVE_DOCS', [constants.PRIVATE]) if (settings.DEBUG or constants.PUBLIC in serve_docs) and privacy_level != constants.PRIVATE: public_symlink = PublicSymlink(project) basepath = public_symlink.project_root if os.path.exists(os.path.join(basepath, filename)): return _serve_file(request, filename, basepath) else: files_tried.append(os.path.join(basepath, filename)) if (settings.DEBUG or constants.PRIVATE in serve_docs) and privacy_level == constants.PRIVATE: # Handle private private_symlink = PrivateSymlink(project) basepath = private_symlink.project_root if os.path.exists(os.path.join(basepath, filename)): if not AdminPermission.is_member(user=request.user, obj=project): return _serve_401(request, project) return _serve_file(request, filename, basepath) else: files_tried.append(os.path.join(basepath, filename)) raise Http404('File not found. Tried these files: %s' % ','.join(files_tried))