haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-03 16:10:26 +00:00
Code Issues Releases Wiki Activity

Fix bug in view repo as anonymous user, and clean code

Browse Source
This commit is contained in:
xiez
2012-05-05 19:52:36 +08:00
parent 5143d5d370
commit 0da0fa73a5
1 changed files with 16 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
views.py
View File

@@ -9,6 +9,7 @@ from django.views.decorators.csrf import csrf_protect
from auth.forms import AuthenticationForm, PasswordResetForm, SetPasswordForm, PasswordChangeForm from auth.forms import AuthenticationForm, PasswordResetForm, SetPasswordForm, PasswordChangeForm
from auth.tokens import default_token_generator from auth.tokens import default_token_generator
from pysearpc import SearpcError
from seaserv import cclient, ccnet_rpc, get_groups, get_users, get_repos, \ from seaserv import cclient, ccnet_rpc, get_groups, get_users, get_repos, \
get_repo, get_commits, get_branches, \ get_repo, get_commits, get_branches, \
seafserv_threaded_rpc, seafserv_rpc, get_binding_peerids, get_ccnetuser seafserv_threaded_rpc, seafserv_rpc, get_binding_peerids, get_ccnetuser
@@ -161,33 +162,36 @@ def validate_emailuser(email):
return False return False
@login_required
def repo(request, repo_id): def repo(request, repo_id):
# if user is not staff and not owner and not fetch this repo # get repo web access property, if no repo access property in db, then
# assume repo ap is 'own'
repo_ap = seafserv_threaded_rpc.repo_query_access_property(repo_id)
if repo_ap == None:
repo_ap = 'own'
# if repo is 'own' and user is not staff and is not owner
# and not shared this repo, then goto 404 page.. # and not shared this repo, then goto 404 page..
if not validate_owner(request, repo_id) and not check_shared_repo(request, repo_id) \ if cmp(repo_ap, 'own') == 0 and not validate_owner(request, repo_id) \
and not request.user.is_staff: and not check_shared_repo(request, repo_id) and not request.user.is_staff:
raise Http404 raise Http404
repo = get_repo(repo_id) repo = get_repo(repo_id)
if repo == None:
raise Http404
recent_commits = get_commits(repo_id, 0, 3) recent_commits = get_commits(repo_id, 0, 3)
token = ""
is_owner = False is_owner = False
repo_ap = ""
if request.user.is_authenticated(): if request.user.is_authenticated():
if validate_owner(request, repo_id): if validate_owner(request, repo_id):
is_owner = True is_owner = True
token = seafserv_threaded_rpc.get_repo_token(repo_id)
repo_ap = seafserv_threaded_rpc.repo_query_access_property(repo_id) repo_size = seafserv_threaded_rpc.server_repo_size(repo_id)
repo_size = seafserv_threaded_rpc.server_repo_size(repo_id)
dirs = [] dirs = []
if not repo.props.encrypted: if not repo.props.encrypted:
if not request.GET.get('root_id'): if not request.GET.get('root_id'):
# ..use HEAD commit's root id # use HEAD commit's root id
commit = seafserv_rpc.get_commit(repo.props.head_cmmt_id) commit = seafserv_rpc.get_commit(repo.props.head_cmmt_id)
root_id = commit.props.root_id root_id = commit.props.root_id
else: else:
@@ -209,7 +213,6 @@ def repo(request, repo_id):
"is_owner": is_owner, "is_owner": is_owner,
"repo_ap": repo_ap, "repo_ap": repo_ap,
"repo_size": repo_size, "repo_size": repo_size,
"token": token,
"dirs": dirs, "dirs": dirs,
}, context_instance=RequestContext(request)) }, context_instance=RequestContext(request))
@@ -371,7 +374,6 @@ def repo_list_dir(request, repo_id):
}, },
context_instance=RequestContext(request)) context_instance=RequestContext(request))
@login_required
def repo_operation_file(request, op, repo_id, obj_id): def repo_operation_file(request, op, repo_id, obj_id):
if repo_id: if repo_id:
# any person visit private repo, go to 404 page # any person visit private repo, go to 404 page