You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by jo...@apache.org on 2013/12/16 18:09:42 UTC
[03/36] git commit: [#6941] Check commit activity access against
original tool if possible.
[#6941] Check commit activity access against original tool if possible.
Signed-off-by: Tim Van Steenburgh <tv...@gmail.com>
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/192a5a05
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/192a5a05
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/192a5a05
Branch: refs/heads/cj/6821
Commit: 192a5a054433a9a16fdb97a42709523293ddf3e4
Parents: 5c312e4
Author: Tim Van Steenburgh <tv...@gmail.com>
Authored: Thu Dec 5 22:16:30 2013 +0000
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Fri Dec 6 21:24:26 2013 +0000
----------------------------------------------------------------------
Allura/allura/model/discuss.py | 2 +-
Allura/allura/model/repo.py | 19 +++++++++++++++++--
Allura/allura/model/timeline.py | 4 ++--
3 files changed, 20 insertions(+), 5 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/192a5a05/Allura/allura/model/discuss.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/discuss.py b/Allura/allura/model/discuss.py
index df55ac9..7b4f306 100644
--- a/Allura/allura/model/discuss.py
+++ b/Allura/allura/model/discuss.py
@@ -476,7 +476,7 @@ class Post(Message, VersionedArtifact, ActivityObject):
def activity_name(self):
return 'a comment'
- def has_activity_access(self, perm, user):
+ def has_activity_access(self, perm, user, activity):
"""Return True if user has perm access to this object, otherwise
return False.
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/192a5a05/Allura/allura/model/repo.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/repo.py b/Allura/allura/model/repo.py
index 1ff6641..8918b02 100644
--- a/Allura/allura/model/repo.py
+++ b/Allura/allura/model/repo.py
@@ -37,8 +37,10 @@ from ming.orm import mapper, session
from allura.lib import utils
from allura.lib import helpers as h
+from allura.lib.security import has_access
from .auth import User
+from .project import AppConfig, Project
from .session import main_doc_session, project_doc_session
from .session import repository_orm_session
from .timeline import ActivityObject
@@ -174,10 +176,23 @@ class Commit(RepoObject, ActivityObject):
def activity_name(self):
return self.shorthand_id()
- def has_activity_access(self, perm, user):
- """Commits have no ACLs and are therefore always viewable by any user.
+ @property
+ def activity_extras(self):
+ d = ActivityObject.activity_extras.fget(self)
+ d.update(summary=self.summary)
+ if self.repo:
+ d.update(app_config_id=self.repo.app.config._id)
+ return d
+ def has_activity_access(self, perm, user, activity):
+ """
+ Commits have no ACLs and are therefore always viewable by any user, if
+ they have access to the tool.
"""
+ app_config_id = activity.obj.activity_extras.get('app_config_id')
+ if app_config_id:
+ app_config = AppConfig.query.get(_id=app_config_id)
+ return has_access(app_config, perm, user)
return True
def set_context(self, repo):
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/192a5a05/Allura/allura/model/timeline.py
----------------------------------------------------------------------
diff --git a/Allura/allura/model/timeline.py b/Allura/allura/model/timeline.py
index a80e5ba..b45118e 100644
--- a/Allura/allura/model/timeline.py
+++ b/Allura/allura/model/timeline.py
@@ -51,7 +51,7 @@ class ActivityObject(base.ActivityObjectBase):
"""
return "%s:%s" % (self.__class__.__name__, self._id)
- def has_activity_access(self, perm, user):
+ def has_activity_access(self, perm, user, activity):
"""Return True if user has perm access to this object, otherwise
return False.
"""
@@ -74,5 +74,5 @@ def perm_check(user):
except bson.errors.InvalidId:
pass
obj = cls.query.get(_id=_id)
- return obj and obj.has_activity_access('read', user)
+ return obj and obj.has_activity_access('read', user, activity)
return _perm_check