Changeset - ad4a680113b7
Parent rev.
Child rev.
[Not reviewed]
beta
0 3 0
Marcin Kuzminski - 13 years ago 2013-05-11 23:19:06
marcin@python-works.com
Gist: implemented delete of gists by owner, or super admin
3 files changed with 33 insertions and 7 deletions:
rhodecode/controllers/admin/gists.py
11
1
rhodecode/templates/admin/gists/show.html
4
2
rhodecode/tests/functional/test_admin_gists.py
18
4
0 comments (0 inline, 0 general)
rhodecode/controllers/admin/gists.py
Show inline comments
 
@@ -41,7 +41,7 @@ from rhodecode.lib.base import BaseContr
 
from rhodecode.lib.auth import LoginRequired, NotAnonymous
 
from rhodecode.lib.utils2 import safe_str, safe_int, time_to_datetime
 
from rhodecode.lib.helpers import Page
 
from webob.exc import HTTPNotFound
 
from webob.exc import HTTPNotFound, HTTPForbidden
 
from sqlalchemy.sql.expression import or_
 
from rhodecode.lib.vcs.exceptions import VCSError
 

			




	
	
		
 
@@ -151,6 +151,16 @@ class GistsController(BaseController):

			




	
	
	
		
 
        #    h.form(url('gist', id=ID),

			




	
	
	
		
 
        #           method='delete')

			




	
	
	
		
 
        # url('gist', id=ID)

			




	
	
	
		
 
        gist = GistModel().get_gist(id)

			




	
	
	
		
 
        owner = gist.gist_owner == c.rhodecode_user.user_id

			




	
	
	
		
 
        if h.HasPermissionAny('hg.admin')() or owner:

			




	
	
	
		
 
            GistModel().delete(gist)

			




	
	
	
		
 
            Session().commit()

			




	
	
	
		
 
            h.flash(_('Deleted gist %s') % gist.gist_access_id, category='success')

			




	
	
	
		
 
        else:

			




	
	
	
		
 
            raise HTTPForbidden()

			




	
	
	
		
 

			




	
	
	
		
 
        return redirect(url('gists'))

			




	
	
	
		
 

			




	
	
	
		
 
    @LoginRequired()

			




	
	
	
		
 
    def show(self, id, format='html'):

			




        

    


    
    

    

        

                

                    rhodecode/templates/admin/gists/show.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -48,9 +48,11 @@

			




	
	
	
		
 
                        <div class="left item last">${c.gist.gist_description}</div>

			




	
	
	
		
 
                        <div class="buttons">

			




	
	
	
		
 
                          ## only owner should see that

			




	
	
	
		
 
                          %if c.gist.owner.username == c.rhodecode_user.username:

			




	
	
	
		
 
                          %if h.HasPermissionAny('hg.admin')() or c.gist.gist_owner == c.rhodecode_user.user_id:

			




	
	
	
		
 
                            ##${h.link_to(_('Edit'),h.url(''),class_="ui-btn")}

			




	
	
	
		
 
                            ##${h.link_to(_('Delete'),h.url(''),class_="ui-btn red")}

			




	
	
	
		
 
                            ${h.form(url('gist', id=c.gist.gist_id),method='delete')}

			




	
	
	
		
 
                                ${h.submit('remove_gist', _('Delete'),class_="ui-btn red",onclick="return confirm('"+_('Confirm to delete this gist')+"');")}

			




	
	
	
		
 
                            ${h.end_form()}

			




	
	
	
		
 
                          %endif

			




	
	
	
		
 
                        </div>

			




	
	
	
		
 
                    </div>

			




        

    


    
    

    

        

                

                    rhodecode/tests/functional/test_admin_gists.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -5,11 +5,12 @@ from rhodecode.model.db import User, Gis

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def _create_gist(f_name, content='some gist', lifetime=-1,

			




	
	
	
		
 
                 description='gist-desc', gist_type='public'):

			




	
	
	
		
 
                 description='gist-desc', gist_type='public',

			




	
	
	
		
 
                 owner=TEST_USER_ADMIN_LOGIN):

			




	
	
	
		
 
    gist_mapping = {

			




	
	
	
		
 
        f_name: {'content': content}

			




	
	
	
		
 
    }

			




	
	
	
		
 
    user = User.get_by_username(TEST_USER_ADMIN_LOGIN)

			




	
	
	
		
 
    user = User.get_by_username(owner)

			




	
	
	
		
 
    gist = GistModel().create(description, owner=user,

			




	
	
	
		
 
                       gist_mapping=gist_mapping, gist_type=gist_type,

			




	
	
	
		
 
                       lifetime=lifetime)

			




	
	
		
 
@@ -109,8 +110,21 @@ class TestGistsController(TestController

			




	
	
	
		
 
        response = self.app.put(url('gist', id=1))

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete(self):

			




	
	
	
		
 
        self.skipTest('not implemented')

			




	
	
	
		
 
        response = self.app.delete(url('gist', id=1))

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        gist = _create_gist('delete-me')

			




	
	
	
		
 
        response = self.app.delete(url('gist', id=gist.gist_id))

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Deleted gist %s' % gist.gist_id)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_normal_user_his_gist(self):

			




	
	
	
		
 
        self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)

			




	
	
	
		
 
        gist = _create_gist('delete-me', owner=TEST_USER_REGULAR_LOGIN)

			




	
	
	
		
 
        response = self.app.delete(url('gist', id=gist.gist_id))

			




	
	
	
		
 
        self.checkSessionFlash(response, 'Deleted gist %s' % gist.gist_id)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_delete_normal_user_not_his_own_gist(self):

			




	
	
	
		
 
        self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)

			




	
	
	
		
 
        gist = _create_gist('delete-me')

			




	
	
	
		
 
        response = self.app.delete(url('gist', id=gist.gist_id), status=403)

			




	
	
	
		
 

			




	
	
	
		
 
    def test_show(self):

			




	
	
	
		
 
        gist = _create_gist('gist-show-me')

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.