kallithea Changeset - 3591b33e0c94

Changeset - 3591b33e0c94

Parent rev.

Child rev.

[Not reviewed]

beta

0 2 0

Mads Kiilerich - 13 years ago 2013-04-08 21:59:09
madski@unity3d.com

hg: use 'revset injection safe' repo.revs for revsets

2 files changed with 26 insertions and 24 deletions:

rhodecode/controllers/compare.py

rhodecode/controllers/pullrequests.py

0 comments (0 inline, 0 general)

rhodecode/controllers/compare.py

➞

Show inline comments

@@ @@ -60,134 +60,130 @@ class CompareController(BaseRepoControll @@
         Safe way to get changeset if error occur it redirects to changeset with
         proper message. If partial is set then don't do redirect raise Exception
         instead
         :param rev: revision to fetch
         :param repo: repo instance
         """
         try:
             type_, rev = rev
             return repo.scm_instance.get_changeset(rev)
         except EmptyRepositoryError, e:
             if not redirect_after:
                 return None
             h.flash(h.literal(_('There are no changesets yet')),
                     category='warning')
             redirect(url('summary_home', repo_name=repo.repo_name))
         except RepositoryError, e:
             log.error(traceback.format_exc())
             h.flash(str(e), category='warning')
             if not partial:
                 redirect(h.url('summary_home', repo_name=repo.repo_name))
             raise HTTPBadRequest()
     def _get_changesets(self, alias, org_repo, org_ref, other_repo, other_ref, merge):
         """
         Returns a list of changesets that can be merged from org_repo@org_ref
         to other_repo@other_ref ... and the ancestor that would be used for merge
         :param org_repo:
         :param org_ref:
         :param other_repo:
         :param other_ref:
         :param tmp:
         """
         ancestor = None
         if alias == 'hg':
             # lookup up the exact node id
             _revset_predicates = {
                     'branch': 'branch',
                     'book': 'bookmark',
                     'tag': 'tag',
                     'rev': 'id',
+                }
             org_rev_spec = "max(%s('%s'))" % (_revset_predicates[org_ref[0]],
                                               safe_str(org_ref[1]))
             org_revs = scmutil.revrange(org_repo._repo, [org_rev_spec])
             org_rev_spec = "max(%s(%%s))" % _revset_predicates[org_ref[0]]
             org_revs = org_repo._repo.revs(org_rev_spec, safe_str(org_ref[1]))
             org_rev = org_repo._repo[org_revs[-1] if org_revs else -1].hex()
             other_rev_spec = "max(%s('%s'))" % (_revset_predicates[other_ref[0]],
                                                 safe_str(other_ref[1]))
             other_revs = scmutil.revrange(other_repo._repo, [other_rev_spec])
             other_revs_spec = "max(%s(%%s))" % _revset_predicates[other_ref[0]]
             other_revs = other_repo._repo.revs(other_revs_spec, safe_str(other_ref[1]))
             other_rev = other_repo._repo[other_revs[-1] if other_revs else -1].hex()
             #case two independent repos
             if org_repo != other_repo:
                 hgrepo = unionrepo.unionrepository(other_repo.baseui,
                                                    other_repo.path,
                                                    org_repo.path)
                 # all the changesets we are looking for will be in other_repo,
                 # so rev numbers from hgrepo can be used in other_repo
             #no remote compare do it on the same repository
             else:
                 hgrepo = other_repo._repo
             if merge:
                 revs = ["ancestors(id('%s')) and not ancestors(id('%s')) and not id('%s')" %
                         (other_rev, org_rev, org_rev)]
                 revs = hgrepo.revs("ancestors(id(%s)) and not ancestors(id(%s)) and not id(%s)",
                                    other_rev, org_rev, org_rev)
                 ancestors = scmutil.revrange(hgrepo,
                      ["ancestor(id('%s'), id('%s'))" % (org_rev, other_rev)])
                 ancestors = hgrepo.revs("ancestor(id(%s), id(%s))", org_rev, other_rev)
                 if ancestors:
                     # pick arbitrary ancestor - but there is usually only one
                     ancestor = hgrepo[ancestors[0]].hex()
             else:
                 # TODO: have both + and - changesets
                 revs = ["id('%s') :: id('%s') - id('%s')" %
                         (org_rev, other_rev, org_rev)]
                 revs = hgrepo.revs("id(%s) :: id(%s) - id(%s)",
                                    org_rev, other_rev, org_rev)
             changesets = [other_repo.get_changeset(cs)
                           for cs in scmutil.revrange(hgrepo, revs)]
             changesets = [other_repo.get_changeset(rev) for rev in revs]
         elif alias == 'git':
             if org_repo != other_repo:
                 raise Exception('Comparing of different GIT repositories is not'
                                 'allowed. Got %s != %s' % (org_repo, other_repo))
             so, se = org_repo.run_git_command(
                 'log --reverse --pretty="format: %%H" -s -p %s..%s'
                     % (org_ref[1], other_ref[1])
+            )
             changesets = [org_repo.get_changeset(cs)
                           for cs in re.findall(r'[0-9a-fA-F]{40}', so)]
         return changesets, ancestor
     @LoginRequired()
     @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                    'repository.admin')
     def index(self, org_ref_type, org_ref, other_ref_type, other_ref):
         # org_ref will be evaluated in org_repo
         org_repo = c.rhodecode_db_repo.repo_name
         org_ref = (org_ref_type, org_ref)
         # other_ref will be evaluated in other_repo
         other_ref = (other_ref_type, other_ref)
         other_repo = request.GET.get('other_repo', org_repo)
         # If merge is True:
         #   Show what org would get if merged with other:
         #   List changesets that are ancestors of other but not of org.
         #   New changesets in org is thus ignored.
         #   Diff will be from common ancestor, and merges of org to other will thus be ignored.
         # If merge is False:
         #   Make a raw diff from org to other, no matter if related or not.
         #   Changesets in one and not in the other will be ignored
         merge = bool(request.GET.get('merge'))
         # fulldiff disables cut_off_limit
         c.fulldiff = request.GET.get('fulldiff')
         # partial uses compare_cs.html template directly
         partial = request.environ.get('HTTP_X_PARTIAL_XHR')
         # as_form puts hidden input field with changeset revisions
         c.as_form = partial and request.GET.get('as_form')
         # swap url for compare_diff page - never partial and never as_form
         c.swap_url = h.url('compare_url',
             repo_name=other_repo,
             org_ref_type=other_ref[0], org_ref=other_ref[1],
             other_repo=org_repo,
             other_ref_type=org_ref[0], other_ref=org_ref[1],
             merge=merge or '')

rhodecode/controllers/pullrequests.py

➞

Show inline comments

@@ @@ -25,130 +25,136 @@ @@
 import logging
 import traceback
 import formencode
 from webob.exc import HTTPNotFound, HTTPForbidden
 from collections import defaultdict
 from itertools import groupby
 from pylons import request, response, session, tmpl_context as c, url
 from pylons.controllers.util import abort, redirect
 from pylons.i18n.translation import _
 from rhodecode.lib.compat import json
 from rhodecode.lib.base import BaseRepoController, render
 from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator,\
     NotAnonymous
 from rhodecode.lib.helpers import Page
 from rhodecode.lib import helpers as h
 from rhodecode.lib import diffs
 from rhodecode.lib.utils import action_logger, jsonify
 from rhodecode.lib.vcs.utils import safe_str
 from rhodecode.lib.vcs.exceptions import EmptyRepositoryError
 from rhodecode.lib.vcs.backends.base import EmptyChangeset
 from rhodecode.lib.diffs import LimitedDiffContainer
 from rhodecode.model.db import User, PullRequest, ChangesetStatus,\
     ChangesetComment
 from rhodecode.model.pull_request import PullRequestModel
 from rhodecode.model.meta import Session
 from rhodecode.model.repo import RepoModel
 from rhodecode.model.comment import ChangesetCommentsModel
 from rhodecode.model.changeset_status import ChangesetStatusModel
 from rhodecode.model.forms import PullRequestForm
 from mercurial import scmutil
 from rhodecode.lib.utils2 import safe_int
 log = logging.getLogger(__name__)
 class PullrequestsController(BaseRepoController):
     def __before__(self):
         super(PullrequestsController, self).__before__()
         repo_model = RepoModel()
         c.users_array = repo_model.get_users_js()
         c.users_groups_array = repo_model.get_users_groups_js()
     def _get_repo_refs(self, repo, rev=None, branch_rev=None):
         """return a structure with repo's interesting changesets, suitable for
         the selectors in pullrequest.html"""
         the selectors in pullrequest.html
         rev: a revision that must be in the list and selected by default
         branch_rev: a revision of which peers should be preferred and available."""
         # list named branches that has been merged to this named branch - it should probably merge back
         peers = []
         if rev:
             rev = safe_str(rev)
         if branch_rev:
             branch_rev = safe_str(branch_rev)
             # not restricting to merge() would also get branch point and be better
             # (especially because it would get the branch point) ... but is currently too expensive
             revs = ["sort(parents(branch(id('%s')) and merge()) - branch(id('%s')))" %
                     (branch_rev, branch_rev)]
             otherbranches = {}
             for i in scmutil.revrange(repo._repo, revs):
             for i in repo._repo.revs(
                 "sort(parents(branch(id(%s)) and merge()) - branch(id(%s)))",
                 branch_rev, branch_rev):
                 cs = repo.get_changeset(i)
                 otherbranches[cs.branch] = cs.raw_id
             for branch, node in otherbranches.iteritems():
                 selected = 'branch:%s:%s' % (branch, node)
                 peers.append((selected, branch))
             for abranch, node in otherbranches.iteritems():
                 selected = 'branch:%s:%s' % (abranch, node)
                 peers.append((selected, abranch))
         selected = None
         branches = []
         for branch, branchrev in repo.branches.iteritems():
             n = 'branch:%s:%s' % (branch, branchrev)
             branches.append((n, branch))
         for abranch, branchrev in repo.branches.iteritems():
             n = 'branch:%s:%s' % (abranch, branchrev)
             branches.append((n, abranch))
             if rev == branchrev:
                 selected = n
         bookmarks = []
         for bookmark, bookmarkrev in repo.bookmarks.iteritems():
             n = 'book:%s:%s' % (bookmark, bookmarkrev)
             bookmarks.append((n, bookmark))
             if rev == bookmarkrev:
                 selected = n
         tags = []
         for tag, tagrev in repo.tags.iteritems():
             n = 'tag:%s:%s' % (tag, tagrev)
             tags.append((n, tag))
             if rev == tagrev and tag != 'tip': # tip is not a real tag - and its branch is better
                 selected = n
         # prio 1: rev was selected as existing entry above
         # prio 2: create special entry for rev; rev _must_ be used
         specials = []
         if rev and selected is None:
             selected = 'rev:%s:%s' % (rev, rev)
             specials = [(selected, '%s: %s' % (_("Changeset"), rev[:12]))]
         # prio 3: most recent peer branch
         if peers and not selected:
             selected = peers[0][0][0]
         # prio 4: tip revision
         if not selected:
             selected = 'tag:tip:%s' % repo.tags['tip']
         groups = [(specials, _("Special")),
                   (peers, _("Peer branches")),
                   (bookmarks, _("Bookmarks")),
                   (branches, _("Branches")),
                   (tags, _("Tags")),
+                  ]
         return [g for g in groups if g[0]], selected
     def _get_is_allowed_change_status(self, pull_request):
         owner = self.rhodecode_user.user_id == pull_request.user_id
         reviewer = self.rhodecode_user.user_id in [x.user_id for x in
                                                    pull_request.reviewers]
         return (self.rhodecode_user.admin or owner or reviewer)
     def _load_compare_data(self, pull_request, enable_comments=True):
         """
         Load context data needed for generating compare diff
         :param pull_request:
         :type pull_request:
         """
         org_repo = pull_request.org_repo
         (org_ref_type,
          org_ref_name,
          org_ref_rev) = pull_request.org_ref.split(':')

0 comments (0 inline, 0 general)