diff --git a/rhodecode/controllers/changeset.py b/rhodecode/controllers/changeset.py --- a/rhodecode/controllers/changeset.py +++ b/rhodecode/controllers/changeset.py @@ -37,7 +37,8 @@ from rhodecode.lib.vcs.exceptions import ChangesetDoesNotExistError import rhodecode.lib.helpers as h -from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator +from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator,\ + NotAnonymous from rhodecode.lib.base import BaseRepoController, render from rhodecode.lib.utils import action_logger from rhodecode.lib.compat import OrderedDict @@ -169,9 +170,6 @@ def _context_url(GET, fileid=None): class ChangesetController(BaseRepoController): - @LoginRequired() - @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', - 'repository.admin') def __before__(self): super(ChangesetController, self).__before__() c.affected_files_cut_off = 60 @@ -179,7 +177,7 @@ class ChangesetController(BaseRepoContro c.users_array = repo_model.get_users_js() c.users_groups_array = repo_model.get_users_groups_js() - def index(self, revision, method='show'): + def _index(self, revision, method): c.anchor_url = anchor_url c.ignorews_url = _ignorews_url c.context_url = _context_url @@ -236,7 +234,7 @@ class ChangesetController(BaseRepoContro # show comments from them prs = set([x.pull_request for x in - filter(lambda x: x.pull_request != None, st)]) + filter(lambda x: x.pull_request is not None, st)]) for pr in prs: c.comments.extend(pr.comments) @@ -267,9 +265,8 @@ class ChangesetController(BaseRepoContro c.limited_diff = True for f in _parsed: st = f['stats'] - if st[0] != 'b': - c.lines_added += st[0] - c.lines_deleted += st[1] + c.lines_added += st['added'] + c.lines_deleted += st['deleted'] fid = h.FID(changeset.raw_id, f['filename']) diff = diff_processor.as_html(enable_comments=enable_comments, parsed_lines=[f]) @@ -311,15 +308,34 @@ class ChangesetController(BaseRepoContro else: return render('changeset/changeset_range.html') + @LoginRequired() + @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', + 'repository.admin') + def index(self, revision, method='show'): + return self._index(revision, method=method) + + @LoginRequired() + @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', + 'repository.admin') def changeset_raw(self, revision): - return self.index(revision, method='raw') + return self._index(revision, method='raw') + @LoginRequired() + @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', + 'repository.admin') def changeset_patch(self, revision): - return self.index(revision, method='patch') + return self._index(revision, method='patch') + @LoginRequired() + @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', + 'repository.admin') def changeset_download(self, revision): - return self.index(revision, method='download') + return self._index(revision, method='download') + @LoginRequired() + @NotAnonymous() + @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', + 'repository.admin') @jsonify def comment(self, repo_name, revision): status = request.POST.get('changeset_status') @@ -382,6 +398,22 @@ class ChangesetController(BaseRepoContro return data + @LoginRequired() + @NotAnonymous() + @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', + 'repository.admin') + def preview_comment(self): + if not request.environ.get('HTTP_X_PARTIAL_XHR'): + raise HTTPBadRequest() + text = request.POST.get('text') + if text: + return h.rst_w_mentions(text) + return '' + + @LoginRequired() + @NotAnonymous() + @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', + 'repository.admin') @jsonify def delete_comment(self, repo_name, comment_id): co = ChangesetComment.get(comment_id) @@ -393,6 +425,9 @@ class ChangesetController(BaseRepoContro else: raise HTTPForbidden() + @LoginRequired() + @HasRepoPermissionAnyDecorator('repository.read', 'repository.write', + 'repository.admin') @jsonify def changeset_info(self, repo_name, revision): if request.is_xhr: