Changeset - dc7e37ec3dfd
Parent rev.
Child rev.
[Not reviewed]
default
0 2 0
domruf - 8 years ago 2017-11-23 22:16:34
dominikruf@gmail.com
Grafted from: ebaf649bc81e
auth: users_and_groups_data should not be available for anonymous/default user
2 files changed with 5 insertions and 2 deletions:
kallithea/controllers/home.py
1
1
kallithea/tests/functional/test_home.py
4
1
0 comments (0 inline, 0 general)
kallithea/controllers/home.py
Show inline comments
 
@@ -142,13 +142,13 @@ class HomeController(BaseController):
 
        data = {
 
            'more': False,
 
            'results': res
 
        }
 
        return data
 

			




	
	
	
		
 
    @LoginRequired(allow_default_user=True)

			




	
	
	
		
 
    @LoginRequired()

			




	
	
	
		
 
    @jsonify

			




	
	
	
		
 
    def users_and_groups_data(self):

			




	
	
	
		
 
        """

			




	
	
	
		
 
        Returns 'results' with a list of users and user groups.

			




	
	
	
		
 

			




	
	
	
		
 
        You can either use the 'key' GET parameter to get a user by providing

			




        

    


    
    

    

        

                

                    kallithea/tests/functional/test_home.py
                

                

                  
                      
                        

                      

                      
                        
                  

                  
                      
                  
                      
                  
                      
                  
                      
                  
                  
                

                

                    Show inline comments
                    
                

        

        

            



	
	
		
 
@@ -63,16 +63,19 @@ class TestHomeController(TestController)

			




	
	
	
		
 
        finally:

			




	
	
	
		
 
            RepoModel().delete(u'gr1/repo_in_group')

			




	
	
	
		
 
            RepoGroupModel().delete(repo_group=u'gr1', force_delete=True)

			




	
	
	
		
 
            Session().commit()

			




	
	
	
		
 

			




	
	
	
		
 
    def test_users_and_groups_data(self):

			




	
	
	
		
 
        self.log_user()

			




	
	
	
		
 
        fixture.create_user('evil', firstname=u'D\'o\'ct"o"r', lastname=u'Évíl')

			




	
	
	
		
 
        fixture.create_user_group(u'grrrr', user_group_description=u"Groüp")

			




	
	
	
		
 
        response = self.app.get(url('users_and_groups_data', query=u'evi'))

			




	
	
	
		
 
        assert response.status_code == 302

			




	
	
	
		
 
        assert url('login_home') in response.location

			




	
	
	
		
 
        self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)

			




	
	
	
		
 
        response = self.app.get(url('users_and_groups_data', query=u'evi'))

			




	
	
	
		
 
        result = json.loads(response.body)['results']

			




	
	
	
		
 
        assert result[0].get('fname') == u'D\'o\'ct"o"r'

			




	
	
	
		
 
        assert result[0].get('lname') == u'Évíl'

			




	
	
	
		
 
        response = self.app.get(url('users_and_groups_data', key=u'evil'))

			




	
	
	
		
 
        result = json.loads(response.body)['results']

			




	
	
	
		
 
        assert result[0].get('fname') == u'D\'o\'ct"o"r'

			




        

    



    


    



    



      

      





    
    0 comments (0 inline, 0 general)
    





    


  

  







  


    




    








    
        
    
    
        This site is powered by
            Kallithea 0.7.0,
        which is
        © 2010–2025 by various authors & licensed under GPLv3.