Changeset - c9cfaeb1cdfe
Parent rev.
Child rev.
[Not reviewed]
stable
0 3 0
Mads Kiilerich - 10 years ago 2015-07-07 02:09:35
madski@unity3d.com
tooltips: fix unsafe insertion of userdata into the DOM as html

This fixes js injection in the admin journal ... and probably also in other places.

Tooltips are used both with hardcoded strings (which is safe and simple) and
with user provided strings wrapped in html formatting (which requires careful
escaping before being put into the DOM as html). The templating will
automatically take care of one level of escaping, but here it requires two
levels to do it correctly ... and that was not always done correctly.

Instead, by default, just insert it into the DOM as text, not as html.

The few places where we know the tooltip contains safe html are handled
specially - the element is given the safe-html-title class. That is the case in
file annotation and in display of tip revision in repo lists.
3 files changed with 13 insertions and 7 deletions:
kallithea/lib/helpers.py
3
3
kallithea/public/js/base.js
9
3
kallithea/templates/data_table/_dt_elements.html
1
1
0 comments (0 inline, 0 general)
kallithea/lib/helpers.py
Show inline comments
 
@@ -259,208 +259,208 @@ class CodeHtmlFormatter(HtmlFormatter):
 
            yield 0, ('<table class="%stable">' % self.cssclass +
 
                      '<tr><td><div class="linenodiv" '
 
                      'style="background-color: #f0f0f0; padding-right: 10px">'
 
                      '<pre style="line-height: 125%">' +
 
                      ls + '</pre></div></td><td id="hlcode" class="code">')
 
        else:
 
            yield 0, ('<table class="%stable">' % self.cssclass +
 
                      '<tr><td class="linenos"><div class="linenodiv"><pre>' +
 
                      ls + '</pre></div></td><td id="hlcode" class="code">')
 
        yield 0, dummyoutfile.getvalue()
 
        yield 0, '</td></tr></table>'
 

			




	
	
	
		
 

			




	
	
	
		
 
_whitespace_re = re.compile(r'(\t)|( )(?=\n|</div>)')

			




	
	
	
		
 

			




	
	
	
		
 
def _markup_whitespace(m):

			




	
	
	
		
 
    groups = m.groups()

			




	
	
	
		
 
    if groups[0]:

			




	
	
	
		
 
        return '<u>\t</u>'

			




	
	
	
		
 
    if groups[1]:

			




	
	
	
		
 
        return ' <i></i>'

			




	
	
	
		
 

			




	
	
	
		
 
def markup_whitespace(s):

			




	
	
	
		
 
    return _whitespace_re.sub(_markup_whitespace, s)

			




	
	
	
		
 

			




	
	
	
		
 
def pygmentize(filenode, **kwargs):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    pygmentize function using pygments

			




	
	
	
		
 

			




	
	
	
		
 
    :param filenode:

			




	
	
	
		
 
    """

			




	
	
	
		
 
    lexer = get_custom_lexer(filenode.extension) or filenode.lexer

			




	
	
	
		
 
    return literal(markup_whitespace(

			




	
	
	
		
 
        code_highlight(filenode.content, lexer, CodeHtmlFormatter(**kwargs))))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def pygmentize_annotation(repo_name, filenode, **kwargs):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    pygmentize function for annotation

			




	
	
	
		
 

			




	
	
	
		
 
    :param filenode:

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    color_dict = {}

			




	
	
	
		
 

			




	
	
	
		
 
    def gen_color(n=10000):

			




	
	
	
		
 
        """generator for getting n of evenly distributed colors using

			




	
	
	
		
 
        hsv color and golden ratio. It always return same order of colors

			




	
	
	
		
 

			




	
	
	
		
 
        :returns: RGB tuple

			




	
	
	
		
 
        """

			




	
	
	
		
 

			




	
	
	
		
 
        def hsv_to_rgb(h, s, v):

			




	
	
	
		
 
            if s == 0.0:

			




	
	
	
		
 
                return v, v, v

			




	
	
	
		
 
            i = int(h * 6.0)  # XXX assume int() truncates!

			




	
	
	
		
 
            f = (h * 6.0) - i

			




	
	
	
		
 
            p = v * (1.0 - s)

			




	
	
	
		
 
            q = v * (1.0 - s * f)

			




	
	
	
		
 
            t = v * (1.0 - s * (1.0 - f))

			




	
	
	
		
 
            i = i % 6

			




	
	
	
		
 
            if i == 0:

			




	
	
	
		
 
                return v, t, p

			




	
	
	
		
 
            if i == 1:

			




	
	
	
		
 
                return q, v, p

			




	
	
	
		
 
            if i == 2:

			




	
	
	
		
 
                return p, v, t

			




	
	
	
		
 
            if i == 3:

			




	
	
	
		
 
                return p, q, v

			




	
	
	
		
 
            if i == 4:

			




	
	
	
		
 
                return t, p, v

			




	
	
	
		
 
            if i == 5:

			




	
	
	
		
 
                return v, p, q

			




	
	
	
		
 

			




	
	
	
		
 
        golden_ratio = 0.618033988749895

			




	
	
	
		
 
        h = 0.22717784590367374

			




	
	
	
		
 

			




	
	
	
		
 
        for _unused in xrange(n):

			




	
	
	
		
 
            h += golden_ratio

			




	
	
	
		
 
            h %= 1

			




	
	
	
		
 
            HSV_tuple = [h, 0.95, 0.95]

			




	
	
	
		
 
            RGB_tuple = hsv_to_rgb(*HSV_tuple)

			




	
	
	
		
 
            yield map(lambda x: str(int(x * 256)), RGB_tuple)

			




	
	
	
		
 

			




	
	
	
		
 
    cgenerator = gen_color()

			




	
	
	
		
 

			




	
	
	
		
 
    def get_color_string(cs):

			




	
	
	
		
 
        if cs in color_dict:

			




	
	
	
		
 
            col = color_dict[cs]

			




	
	
	
		
 
        else:

			




	
	
	
		
 
            col = color_dict[cs] = cgenerator.next()

			




	
	
	
		
 
        return "color: rgb(%s)! important;" % (', '.join(col))

			




	
	
	
		
 

			




	
	
	
		
 
    def url_func(repo_name):

			




	
	
	
		
 

			




	
	
	
		
 
        def _url_func(changeset):

			




	
	
	
		
 
            author = changeset.author

			




	
	
	
		
 
            author = escape(changeset.author)

			




	
	
	
		
 
            date = changeset.date

			




	
	
	
		
 
            message = tooltip(changeset.message)

			




	
	
	
		
 
            message = escape(changeset.message)

			




	
	
	
		
 

			




	
	
	
		
 
            tooltip_html = ("<div style='font-size:0.8em'><b>Author:</b>"

			




	
	
	
		
 
                            " %s<br/><b>Date:</b> %s</b><br/><b>Message:"

			




	
	
	
		
 
                            "</b> %s<br/></div>")

			




	
	
	
		
 

			




	
	
	
		
 
            tooltip_html = tooltip_html % (author, date, message)

			




	
	
	
		
 
            lnk_format = show_id(changeset)

			




	
	
	
		
 
            uri = link_to(

			




	
	
	
		
 
                    lnk_format,

			




	
	
	
		
 
                    url('changeset_home', repo_name=repo_name,

			




	
	
	
		
 
                        revision=changeset.raw_id),

			




	
	
	
		
 
                    style=get_color_string(changeset.raw_id),

			




	
	
	
		
 
                    class_='tooltip',

			




	
	
	
		
 
                    class_='tooltip safe-html-title',

			




	
	
	
		
 
                    title=tooltip_html

			




	
	
	
		
 
                  )

			




	
	
	
		
 

			




	
	
	
		
 
            uri += '\n'

			




	
	
	
		
 
            return uri

			




	
	
	
		
 
        return _url_func

			




	
	
	
		
 

			




	
	
	
		
 
    return literal(markup_whitespace(annotate_highlight(filenode, url_func(repo_name), **kwargs)))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def is_following_repo(repo_name, user_id):

			




	
	
	
		
 
    from kallithea.model.scm import ScmModel

			




	
	
	
		
 
    return ScmModel().is_following_repo(repo_name, user_id)

			




	
	
	
		
 

			




	
	
	
		
 
class _Message(object):

			




	
	
	
		
 
    """A message returned by ``Flash.pop_messages()``.

			




	
	
	
		
 

			




	
	
	
		
 
    Converting the message to a string returns the message text. Instances

			




	
	
	
		
 
    also have the following attributes:

			




	
	
	
		
 

			




	
	
	
		
 
    * ``message``: the message text.

			




	
	
	
		
 
    * ``category``: the category specified when the message was created.

			




	
	
	
		
 
    """

			




	
	
	
		
 

			




	
	
	
		
 
    def __init__(self, category, message):

			




	
	
	
		
 
        self.category = category

			




	
	
	
		
 
        self.message = message

			




	
	
	
		
 

			




	
	
	
		
 
    def __str__(self):

			




	
	
	
		
 
        return self.message

			




	
	
	
		
 

			




	
	
	
		
 
    __unicode__ = __str__

			




	
	
	
		
 

			




	
	
	
		
 
    def __html__(self):

			




	
	
	
		
 
        return escape(safe_unicode(self.message))

			




	
	
	
		
 

			




	
	
	
		
 
class Flash(_Flash):

			




	
	
	
		
 

			




	
	
	
		
 
    def pop_messages(self):

			




	
	
	
		
 
        """Return all accumulated messages and delete them from the session.

			




	
	
	
		
 

			




	
	
	
		
 
        The return value is a list of ``Message`` objects.

			




	
	
	
		
 
        """

			




	
	
	
		
 
        from pylons import session

			




	
	
	
		
 
        messages = session.pop(self.session_key, [])

			




	
	
	
		
 
        session.save()

			




	
	
	
		
 
        return [_Message(*m) for m in messages]

			




	
	
	
		
 

			




	
	
	
		
 
flash = Flash()

			




	
	
	
		
 

			




	
	
	
		
 
#==============================================================================

			




	
	
	
		
 
# SCM FILTERS available via h.

			




	
	
	
		
 
#==============================================================================

			




	
	
	
		
 
from kallithea.lib.vcs.utils import author_name, author_email

			




	
	
	
		
 
from kallithea.lib.utils2 import credentials_filter, age as _age

			




	
	
	
		
 
from kallithea.model.db import User, ChangesetStatus

			




	
	
	
		
 

			




	
	
	
		
 
age = lambda  x, y=False: _age(x, y)

			




	
	
	
		
 
capitalize = lambda x: x.capitalize()

			




	
	
	
		
 
email = author_email

			




	
	
	
		
 
short_id = lambda x: x[:12]

			




	
	
	
		
 
hide_credentials = lambda x: ''.join(credentials_filter(x))

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def show_id(cs):

			




	
	
	
		
 
    """

			




	
	
	
		
 
    Configurable function that shows ID

			




	
	
	
		
 
    by default it's r123:fffeeefffeee

			




	
	
	
		
 

			




	
	
	
		
 
    :param cs: changeset instance

			




	
	
	
		
 
    """

			




	
	
	
		
 
    from kallithea import CONFIG

			




	
	
	
		
 
    def_len = safe_int(CONFIG.get('show_sha_length', 12))

			




	
	
	
		
 
    show_rev = str2bool(CONFIG.get('show_revision_number', False))

			




	
	
	
		
 

			




	
	
	
		
 
    raw_id = cs.raw_id[:def_len]

			




	
	
	
		
 
    if show_rev:

			




	
	
	
		
 
        return 'r%s:%s' % (cs.revision, raw_id)

			




	
	
	
		
 
    else:

			




	
	
	
		
 
        return '%s' % (raw_id)

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def fmt_date(date):

			




	
	
	
		
 
    if date:

			




	
	
	
		
 
        return date.strftime("%Y-%m-%d %H:%M:%S").decode('utf8')

			




	
	
	
		
 

			




	
	
	
		
 
    return ""

			




	
	
	
		
 

			




	
	
	
		
 

			




	
	
	
		
 
def is_git(repository):

			




	
	
	
		
 
    if hasattr(repository, 'alias'):

			




	
	
	
		
 
        _type = repository.alias

			




	
	
	
		
 
    elif hasattr(repository, 'repo_type'):

			




	
	
	
		
 
        _type = repository.repo_type

			




	
	
	
		
 
    else:

			




	
	
	
		
 
        _type = repository

			




        

    


    
    

    

        

                

                    kallithea/public/js/base.js
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -417,211 +417,217 @@ var show_more_event = function(){

			




	
	
	
		
 
        $(el.parentNode).show();

			




	
	
	
		
 
    });

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * activate .lazy-cs mouseover for showing changeset tooltip

			




	
	
	
		
 
 */

			




	
	
	
		
 
var show_changeset_tooltip = function(){

			




	
	
	
		
 
    $('.lazy-cs').mouseover(function(e){

			




	
	
	
		
 
        var $target = $(e.currentTarget);

			




	
	
	
		
 
        var rid = $target.attr('raw_id');

			




	
	
	
		
 
        var repo_name = $target.attr('repo_name');

			




	
	
	
		
 
        if(rid && !$target.hasClass('tooltip')){

			




	
	
	
		
 
            _show_tooltip(e, _TM['loading ...']);

			




	
	
	
		
 
            var url = pyroutes.url('changeset_info', {"repo_name": repo_name, "revision": rid});

			




	
	
	
		
 
            ajaxGET(url, function(json){

			




	
	
	
		
 
                    $target.addClass('tooltip')

			




	
	
	
		
 
                    _show_tooltip(e, json['message']);

			




	
	
	
		
 
                    _activate_tooltip($target);

			




	
	
	
		
 
                });

			




	
	
	
		
 
        }

			




	
	
	
		
 
    });

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var _onSuccessFollow = function(target){

			




	
	
	
		
 
    var $target = $(target);

			




	
	
	
		
 
    var $f_cnt = $('#current_followers_count');

			




	
	
	
		
 
    if($target.hasClass('follow')){

			




	
	
	
		
 
        $target.attr('class', 'following');

			




	
	
	
		
 
        $target.attr('title', _TM['Stop following this repository']);

			




	
	
	
		
 
        if($f_cnt.html()){

			




	
	
	
		
 
            var cnt = Number($f_cnt.html())+1;

			




	
	
	
		
 
            $f_cnt.html(cnt);

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 
    else{

			




	
	
	
		
 
        $target.attr('class', 'follow');

			




	
	
	
		
 
        $target.attr('title', _TM['Start following this repository']);

			




	
	
	
		
 
        if($f_cnt.html()){

			




	
	
	
		
 
            var cnt = Number($f_cnt.html())-1;

			




	
	
	
		
 
            $f_cnt.html(cnt);

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 
}

			




	
	
	
		
 

			




	
	
	
		
 
var toggleFollowingRepo = function(target, follows_repo_id){

			




	
	
	
		
 
    var args = 'follows_repo_id=' + follows_repo_id;

			




	
	
	
		
 
    args += '&amp;_authentication_token=' + _authentication_token;

			




	
	
	
		
 
    $.post(TOGGLE_FOLLOW_URL, args, function(data){

			




	
	
	
		
 
            _onSuccessFollow(target);

			




	
	
	
		
 
        });

			




	
	
	
		
 
    return false;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var showRepoSize = function(target, repo_name){

			




	
	
	
		
 
    var args = '_authentication_token=' + _authentication_token;

			




	
	
	
		
 

			




	
	
	
		
 
    if(!$("#" + target).hasClass('loaded')){

			




	
	
	
		
 
        $("#" + target).html(_TM['Loading ...']);

			




	
	
	
		
 
        var url = pyroutes.url('repo_size', {"repo_name":repo_name});

			




	
	
	
		
 
        $.post(url, args, function(data) {

			




	
	
	
		
 
            $("#" + target).html(data);

			




	
	
	
		
 
            $("#" + target).addClass('loaded');

			




	
	
	
		
 
        });

			




	
	
	
		
 
    }

			




	
	
	
		
 
    return false;

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * tooltips

			




	
	
	
		
 
 */

			




	
	
	
		
 

			




	
	
	
		
 
var tooltip_activate = function(){

			




	
	
	
		
 
    $(document).ready(_init_tooltip);

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var _activate_tooltip = function($tt){

			




	
	
	
		
 
    $tt.mouseover(_show_tooltip);

			




	
	
	
		
 
    $tt.mousemove(_move_tooltip);

			




	
	
	
		
 
    $tt.mouseout(_close_tooltip);

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var _init_tooltip = function(){

			




	
	
	
		
 
    var $tipBox = $('#tip-box');

			




	
	
	
		
 
    if(!$tipBox.length){

			




	
	
	
		
 
        $tipBox = $('<div id="tip-box"></div>')

			




	
	
	
		
 
        $(document.body).append($tipBox);

			




	
	
	
		
 
    }

			




	
	
	
		
 

			




	
	
	
		
 
    $tipBox.hide();

			




	
	
	
		
 
    $tipBox.css('position', 'absolute');

			




	
	
	
		
 
    $tipBox.css('max-width', '600px');

			




	
	
	
		
 

			




	
	
	
		
 
    _activate_tooltip($('.tooltip'));

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var _show_tooltip = function(e, tipText){

			




	
	
	
		
 
var _show_tooltip = function(e, tipText, safe){

			




	
	
	
		
 
    e.stopImmediatePropagation();

			




	
	
	
		
 
    var el = e.currentTarget;

			




	
	
	
		
 
    var $el = $(el);

			




	
	
	
		
 
    if(tipText){

			




	
	
	
		
 
        // just use it

			




	
	
	
		
 
    } else if(el.tagName.toLowerCase() === 'img'){

			




	
	
	
		
 
        tipText = el.alt ? el.alt : '';

			




	
	
	
		
 
    } else {

			




	
	
	
		
 
        tipText = el.title ? el.title : '';

			




	
	
	
		
 
        safe = safe || $el.hasClass("safe-html-title");

			




	
	
	
		
 
    }

			




	
	
	
		
 

			




	
	
	
		
 
    if(tipText !== ''){

			




	
	
	
		
 
        // save org title

			




	
	
	
		
 
        $(el).attr('tt_title', tipText);

			




	
	
	
		
 
        $el.attr('tt_title', tipText);

			




	
	
	
		
 
        // reset title to not show org tooltips

			




	
	
	
		
 
        $(el).attr('title', '');

			




	
	
	
		
 
        $el.attr('title', '');

			




	
	
	
		
 

			




	
	
	
		
 
        var $tipBox = $('#tip-box');

			




	
	
	
		
 
        if (safe) {

			




	
	
	
		
 
        $tipBox.html(tipText);

			




	
	
	
		
 
        } else {

			




	
	
	
		
 
            $tipBox.text(tipText);

			




	
	
	
		
 
        }

			




	
	
	
		
 
        $tipBox.css('display', 'block');

			




	
	
	
		
 
    }

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var _move_tooltip = function(e){

			




	
	
	
		
 
    e.stopImmediatePropagation();

			




	
	
	
		
 
    var $tipBox = $('#tip-box');

			




	
	
	
		
 
    $tipBox.css('top', (e.pageY + 15) + 'px');

			




	
	
	
		
 
    $tipBox.css('left', (e.pageX + 15) + 'px');

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
var _close_tooltip = function(e){

			




	
	
	
		
 
    e.stopImmediatePropagation();

			




	
	
	
		
 
    var $tipBox = $('#tip-box');

			




	
	
	
		
 
    $tipBox.hide();

			




	
	
	
		
 
    var el = e.currentTarget;

			




	
	
	
		
 
    $(el).attr('title', $(el).attr('tt_title'));

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/**

			




	
	
	
		
 
 * Quick filter widget

			




	
	
	
		
 
 *

			




	
	
	
		
 
 * @param target: filter input target

			




	
	
	
		
 
 * @param nodes: list of nodes in html we want to filter.

			




	
	
	
		
 
 * @param display_element function that takes current node from nodes and

			




	
	
	
		
 
 *    does hide or show based on the node

			




	
	
	
		
 
 */

			




	
	
	
		
 
var q_filter = (function() {

			




	
	
	
		
 
    var _namespace = {};

			




	
	
	
		
 
    var namespace = function (target) {

			




	
	
	
		
 
        if (!(target in _namespace)) {

			




	
	
	
		
 
            _namespace[target] = {};

			




	
	
	
		
 
        }

			




	
	
	
		
 
        return _namespace[target];

			




	
	
	
		
 
    };

			




	
	
	
		
 
    return function (target, $nodes, display_element) {

			




	
	
	
		
 
        var $nodes = $nodes;

			




	
	
	
		
 
        var $q_filter_field = $('#' + target);

			




	
	
	
		
 
        var F = namespace(target);

			




	
	
	
		
 

			




	
	
	
		
 
        $q_filter_field.keyup(function (e) {

			




	
	
	
		
 
            clearTimeout(F.filterTimeout);

			




	
	
	
		
 
            F.filterTimeout = setTimeout(F.updateFilter, 600);

			




	
	
	
		
 
        });

			




	
	
	
		
 

			




	
	
	
		
 
        F.filterTimeout = null;

			




	
	
	
		
 

			




	
	
	
		
 
        F.updateFilter = function () {

			




	
	
	
		
 
            // Reset timeout

			




	
	
	
		
 
            F.filterTimeout = null;

			




	
	
	
		
 

			




	
	
	
		
 
            var obsolete = [];

			




	
	
	
		
 

			




	
	
	
		
 
            var req = $q_filter_field.val().toLowerCase();

			




	
	
	
		
 

			




	
	
	
		
 
            var showing = 0;

			




	
	
	
		
 
            $nodes.each(function () {

			




	
	
	
		
 
                var n = this;

			




	
	
	
		
 
                var target_element = display_element(n);

			




	
	
	
		
 
                if (req && n.innerHTML.toLowerCase().indexOf(req) == -1) {

			




	
	
	
		
 
                    $(target_element).hide();

			




	
	
	
		
 
                }

			




	
	
	
		
 
                else {

			




	
	
	
		
 
                    $(target_element).show();

			




	
	
	
		
 
                    showing += 1;

			




	
	
	
		
 
                }

			




	
	
	
		
 
            });

			




	
	
	
		
 

			




	
	
	
		
 
            $('#repo_count').html(showing);

			




	
	
	
		
 
            /* FIXME: don't hardcode */

			




	
	
	
		
 
        }

			




	
	
	
		
 
    }

			




	
	
	
		
 
})();

			




	
	
	
		
 

			




	
	
	
		
 
/* return jQuery expression with a tr with body in 3rd column and class cls and id named after the body */

			




	
	
	
		
 
var _table_tr = function(cls, body){

			




	
	
	
		
 
    // like: <div class="comment" id="comment-8" line="o92"><div class="comment-wrapp">...

			




	
	
	
		
 
    // except new inlines which are different ...

			




	
	
	
		
 
    var comment_id = ($(body).attr('id') || 'comment-new').split('comment-')[1];

			




	
	
	
		
 
    var tr_id = 'comment-tr-{0}'.format(comment_id);

			




	
	
	
		
 
    return $(('<tr id="{0}" class="{1}">'+

			




	
	
	
		
 
                  '<td class="lineno-inline new-inline"></td>'+

			




	
	
	
		
 
                  '<td class="lineno-inline old-inline"></td>'+

			




	
	
	
		
 
                  '<td>{2}</td>'+

			




	
	
	
		
 
                 '</tr>').format(tr_id, cls, body));

			




	
	
	
		
 
};

			




	
	
	
		
 

			




	
	
	
		
 
/** return jQuery expression with new inline form based on template **/

			




	
	
	
		
 
var _createInlineForm = function(parent_tr, f_path, line) {

			




	
	
	
		
 
    var $tmpl = $('#comment-inline-form-template').html().format(f_path, line);

			




	
	
	
		
 
    var $form = _table_tr('comment-form-inline', $tmpl)

			




	
	
	
		
 

			




	
	
	
		
 
    // create event for hide button

			




	
	
	
		
 
    $form.find('.hide-inline-form').click(function(e) {

			




	
	
	
		
 
        var newtr = e.currentTarget.parentNode.parentNode.parentNode.parentNode.parentNode;

			




	
	
	
		
 
        if($(newtr).next().hasClass('inline-comments-button')){

			




        

    


    
    

    

        

                

                    kallithea/templates/data_table/_dt_elements.html
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
	
		
 
## DATA TABLE RE USABLE ELEMENTS

			




	
	
	
		
 
## usage:

			




	
	
	
		
 
## <%namespace name="dt" file="/data_table/_dt_elements.html"/>

			




	
	
	
		
 

			




	
	
	
		
 
<%namespace name="base" file="/base/base.html"/>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="quick_menu(repo_name)">

			




	
	
	
		
 
  <ul class="menu_items hidden">

			




	
	
	
		
 
  ##<ul class="dropdown-menu" role="menu" aria-labelledby="dropdownMenu">

			




	
	
	
		
 

			




	
	
	
		
 
    <li style="border-top:1px solid #577632; margin-left: 21px; padding-left: -99px;"></li>

			




	
	
	
		
 
    <li>

			




	
	
	
		
 
       <a title="${_('Summary')}" href="${h.url('summary_home',repo_name=repo_name)}">

			




	
	
	
		
 
       <span class="icon">

			




	
	
	
		
 
           <i class="icon-doc-text-inv"></i>

			




	
	
	
		
 
       </span>

			




	
	
	
		
 
       <span>${_('Summary')}</span>

			




	
	
	
		
 
       </a>

			




	
	
	
		
 
    </li>

			




	
	
	
		
 
    <li>

			




	
	
	
		
 
       <a title="${_('Changelog')}" href="${h.url('changelog_home',repo_name=repo_name)}">

			




	
	
	
		
 
       <span class="icon">

			




	
	
	
		
 
           <i class="icon-clock"></i>

			




	
	
	
		
 
       </span>

			




	
	
	
		
 
       <span>${_('Changelog')}</span>

			




	
	
	
		
 
       </a>

			




	
	
	
		
 
    </li>

			




	
	
	
		
 
    <li>

			




	
	
	
		
 
       <a title="${_('Files')}" href="${h.url('files_home',repo_name=repo_name)}">

			




	
	
	
		
 
       <span class="icon">

			




	
	
	
		
 
           <i class="icon-docs"></i>

			




	
	
	
		
 
       </span>

			




	
	
	
		
 
       <span>${_('Files')}</span>

			




	
	
	
		
 
       </a>

			




	
	
	
		
 
    </li>

			




	
	
	
		
 
    <li>

			




	
	
	
		
 
       <a title="${_('Fork')}" href="${h.url('repo_fork_home',repo_name=repo_name)}">

			




	
	
	
		
 
       <span class="icon">

			




	
	
	
		
 
           <i class="icon-fork"></i>

			




	
	
	
		
 
       </span>

			




	
	
	
		
 
       <span>${_('Fork')}</span>

			




	
	
	
		
 
       </a>

			




	
	
	
		
 
    </li>

			




	
	
	
		
 
    <li>

			




	
	
	
		
 
       <a title="${_('Settings')}" href="${h.url('edit_repo',repo_name=repo_name)}">

			




	
	
	
		
 
       <span class="icon">

			




	
	
	
		
 
           <i class="icon-gear"></i>

			




	
	
	
		
 
       </span>

			




	
	
	
		
 
       <span>${_('Settings')}</span>

			




	
	
	
		
 
       </a>

			




	
	
	
		
 
    </li>

			




	
	
	
		
 
  </ul>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_name(name,rtype,rstate,private,fork_of,short_name=False,admin=False)">

			




	
	
	
		
 
    <%

			




	
	
	
		
 
    def get_name(name,short_name=short_name):

			




	
	
	
		
 
      if short_name:

			




	
	
	
		
 
        return name.split('/')[-1]

			




	
	
	
		
 
      else:

			




	
	
	
		
 
        return name

			




	
	
	
		
 
    %>

			




	
	
	
		
 
  <div class="dt_repo ${'dt_repo_pending' if rstate == 'repo_state_pending' else ''}">

			




	
	
	
		
 
    ##NAME

			




	
	
	
		
 
    <a href="${h.url('edit_repo' if admin else 'summary_home', repo_name=name)}">

			




	
	
	
		
 

			




	
	
	
		
 
    ##TYPE OF REPO

			




	
	
	
		
 
    ${base.repotag(rtype)}

			




	
	
	
		
 

			




	
	
	
		
 
    ##PRIVATE/PUBLIC

			




	
	
	
		
 
    %if private and c.visual.show_private_icon:

			




	
	
	
		
 
      <i class="icon-keyhole-circled" title="${_('Private repository')}"></i>

			




	
	
	
		
 
    %elif not private and c.visual.show_public_icon:

			




	
	
	
		
 
      <i class="icon-globe" title="${_('Public repository')}"></i>

			




	
	
	
		
 
    %else:

			




	
	
	
		
 
      <span style="margin: 0px 8px 0px 8px"></span>

			




	
	
	
		
 
    %endif

			




	
	
	
		
 
    <span class="dt_repo_name">${get_name(name)}</span>

			




	
	
	
		
 
    </a>

			




	
	
	
		
 
    %if fork_of:

			




	
	
	
		
 
      <a href="${h.url('summary_home',repo_name=fork_of.repo_name)}"><i class="icon-fork"></i></a>

			




	
	
	
		
 
    %endif

			




	
	
	
		
 
    %if rstate == 'repo_state_pending':

			




	
	
	
		
 
      <i class="icon-wrench" title="${_('Repository creation in progress...')}"></i>

			




	
	
	
		
 
    %endif

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="last_change(last_change)">

			




	
	
	
		
 
  <span class="tooltip" date="${last_change}" title="${h.tooltip(h.fmt_date(last_change))}">${h.age(last_change)}</span>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="revision(name,rev,tip,author,last_msg)">

			




	
	
	
		
 
  <div>

			




	
	
	
		
 
  %if rev >= 0:

			




	
	
	
		
 
      <a title="${h.tooltip('%s:\n\n%s' % (author,last_msg))}" class="tooltip revision-link" href="${h.url('changeset_home',repo_name=name,revision=tip)}">${'r%s:%s' % (rev,h.short_id(tip))}</a>

			




	
	
	
		
 
      <a title="${h.tooltip('%s:\n\n%s' % (author,last_msg))}" class="tooltip revision-link safe-html-title" href="${h.url('changeset_home',repo_name=name,revision=tip)}">${'r%s:%s' % (rev,h.short_id(tip))}</a>

			




	
	
	
		
 
  %else:

			




	
	
	
		
 
      ${_('No changesets yet')}

			




	
	
	
		
 
  %endif

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="rss(name)">

			




	
	
	
		
 
  %if c.authuser.username != 'default':

			




	
	
	
		
 
    <a title="${_('Subscribe to %s rss feed')% name}" href="${h.url('rss_feed_home',repo_name=name,api_key=c.authuser.api_key)}"><i class="icon-rss-squared"></i></a>

			




	
	
	
		
 
  %else:

			




	
	
	
		
 
    <a title="${_('Subscribe to %s rss feed')% name}" href="${h.url('rss_feed_home',repo_name=name)}"><i class="icon-rss-squared"></i></a>

			




	
	
	
		
 
  %endif

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="atom(name)">

			




	
	
	
		
 
  %if c.authuser.username != 'default':

			




	
	
	
		
 
    <a title="${_('Subscribe to %s atom feed')% name}" href="${h.url('atom_feed_home',repo_name=name,api_key=c.authuser.api_key)}"><i class="icon-rss-squared"></i></a>

			




	
	
	
		
 
  %else:

			




	
	
	
		
 
    <a title="${_('Subscribe to %s atom feed')% name}" href="${h.url('atom_feed_home',repo_name=name)}"><i class="icon-rss-squared"></i></a>

			




	
	
	
		
 
  %endif

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_actions(repo_name, super_user=True)">

			




	
	
	
		
 
  <div>

			




	
	
	
		
 
    <div style="float:left; margin-right:5px;" class="grid_edit">

			




	
	
	
		
 
      <a href="${h.url('edit_repo',repo_name=repo_name)}" title="${_('edit')}">

			




	
	
	
		
 
        <i class="icon-pencil"></i> ${h.submit('edit_%s' % repo_name,_('edit'),class_="action_button")}

			




	
	
	
		
 
      </a>

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
    <div style="float:left" class="grid_delete">

			




	
	
	
		
 
      ${h.form(h.url('repo', repo_name=repo_name),method='delete')}

			




	
	
	
		
 
        <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
        ${h.submit('remove_%s' % repo_name,_('delete'),class_="action_button",

			




	
	
	
		
 
        onclick="return confirm('"+_('Confirm to delete this repository: %s') % repo_name+"');")}

			




	
	
	
		
 
      ${h.end_form()}

			




	
	
	
		
 
    </div>

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_state(repo_state)">

			




	
	
	
		
 
  <div>

			




	
	
	
		
 
    %if repo_state == 'repo_state_pending':

			




	
	
	
		
 
        <div class="btn btn-mini btn-info disabled">${_('Creating')}</div>

			




	
	
	
		
 
    %elif repo_state == 'repo_state_created':

			




	
	
	
		
 
        <div class="btn btn-mini btn-success disabled">${_('Created')}</div>

			




	
	
	
		
 
    %else:

			




	
	
	
		
 
        <div class="btn btn-mini btn-danger disabled" title="${repo_state}">invalid</div>

			




	
	
	
		
 
    %endif

			




	
	
	
		
 
  </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_actions(user_id, username)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
   <a href="${h.url('edit_user',id=user_id)}" title="${_('edit')}">

			




	
	
	
		
 
     <i class="icon-pencil"></i> ${h.submit('edit_%s' % username,_('edit'),class_="action_button")}

			




	
	
	
		
 
   </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
  ${h.form(h.url('delete_user', id=user_id),method='delete')}

			




	
	
	
		
 
    <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
    ${h.submit('remove_',_('delete'),id="remove_user_%s" % user_id, class_="action_button",

			




	
	
	
		
 
    onclick="return confirm('"+_('Confirm to delete this user: %s') % username+"');")}

			




	
	
	
		
 
  ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="user_group_actions(user_group_id, user_group_name)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
    <a href="${h.url('edit_users_group', id=user_group_id)}" title="${_('Edit')}">

			




	
	
	
		
 
    <i class="icon-pencil"></i>

			




	
	
	
		
 
     ${h.submit('edit_%s' % user_group_name,_('edit'),class_="action_button", id_="submit_user_group_edit")}

			




	
	
	
		
 
    </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
    ${h.form(h.url('users_group', id=user_group_id),method='delete')}

			




	
	
	
		
 
      <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
      ${h.submit('remove_',_('delete'),id="remove_group_%s" % user_group_id, class_="action_button",

			




	
	
	
		
 
      onclick="return confirm('"+_('Confirm to delete this user group: %s') % user_group_name+"');")}

			




	
	
	
		
 
    ${h.end_form()}

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
</%def>

			




	
	
	
		
 

			




	
	
	
		
 
<%def name="repo_group_actions(repo_group_id, repo_group_name, gr_count)">

			




	
	
	
		
 
 <div style="float:left" class="grid_edit">

			




	
	
	
		
 
    <a href="${h.url('edit_repo_group',group_name=repo_group_name)}" title="${_('Edit')}">

			




	
	
	
		
 
    <i class="icon-pencil"></i>

			




	
	
	
		
 
     ${h.submit('edit_%s' % repo_group_name, _('edit'),class_="action_button")}

			




	
	
	
		
 
    </a>

			




	
	
	
		
 
 </div>

			




	
	
	
		
 
 <div style="float:left" class="grid_delete">

			




	
	
	
		
 
    ${h.form(h.url('repos_group', group_name=repo_group_name),method='delete')}

			




	
	
	
		
 
        <i class="icon-minus-circled" style="color:#FF4444"></i>

			




	
	
	
		
 
        ${h.submit('remove_%s' % repo_group_name,_('delete'),class_="action_button",

			




	
	
	
		
 
        onclick="return confirm('"+ungettext('Confirm to delete this group: %s with %s repository','Confirm to delete this group: %s with %s repositories',gr_count) % (repo_group_name, gr_count)+"');")}

			




	
	
	
		
 
    ${h.end_form()}

			




	
	
	
		
 
 </div>

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.