Files @ a17c8e5f6712
Branch filter:

Location: kallithea/kallithea/templates/search/search_commit.html

a17c8e5f6712 1.5 KiB text/html Show Annotation Show as Raw Download as Raw
Søren Løvborg
auth: simplify repository permission checks

In practice, Kallithea has the 'repository.admin' permission imply the
'repository.write' permission, which again implies 'repository.read'.

This codifies/enforces this practice by replacing HasRepoPermissionAny
"perm function" with the new HasRepositoryLevel function, reducing the
risk of errors and saving quite a lot of typing.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
##commit highlighting

%for cnt,sr in enumerate(c.formated_results):
    %if h.HasRepoPermissionLevel('read')(sr['repository'],'search results check'):
        <div id="body${cnt}" class="codeblock">
            <div class="code-header">
                <div class="search-path">${h.link_to(h.literal('%s &raquo; %s' % (sr['repository'],sr['raw_id'])),
                h.url('changeset_home',repo_name=sr['repository'],revision=sr['raw_id']))}
                ${h.fmt_date(h.time_to_datetime(sr['date']))}
                </div>
            </div>
            <div class="left">
                <div class="author">
                    ${h.gravatar_div(h.email_or_none(sr['author']), size=20)}
                    <span>${h.person(sr['author'])}</span><br/>
                    <span>${h.email_or_none(sr['author'])}</span><br/>
                </div>
                %if sr['message_hl']:
                <div class="search-code-body">
                    <pre>${h.literal(sr['message_hl'])}</pre>
                </div>
                %else:
                <div class="message">${h.urlify_text(sr['message'], sr['repository'])}</div>
                %endif
            </div>
        </div>
    %else:
        %if cnt == 0:
            <div id="body${cnt}" class="codeblock">
                <div class="error">${_('Permission denied')}</div>
            </div>
        %endif
    %endif
%endfor
%if c.cur_query and c.formated_results:
    <ul class="pagination">
        ${c.formated_results.pager()}
    </ul>
%endif
Server instance: clio-20623 This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3. – Support