kallithea Files · docs/theme/nature/layout.html

Files @ b580691553f5

Branch filter:

Location: kallithea/docs/theme/nature/layout.html

b580691553f5 1.0 KiB text/html Show Annotation Show as Raw Download as Raw

Søren Løvborg

auth: turn dead AuthUser code into assertion

The result of db.User.get_dict never contains the keys 'api_keys' or
'permissions'. The keys returned by get_dict are 1) all the User table
columns, 2) the keys explicitly defined in User.__json__, and 3) the
keys defined in User.get_api_data, none of which include the two
blacklisted keys.

'api_keys' would be returned if __json__ called get_api_data with
argument details=True; but currently that is not the case.

In case there's a reason why these two keys must never appear in an
AuthUser object, the check has not been removed entirely; instead, it's
been turned into an assertion. This way, it will be noticed if __json__
is later modified to request detailed API data, for instance.

{% extends "basic/layout.html" %}

{% block sidebarlogo %}
<div style="text-align:center;margin:10px;padding:20px;background:white">
  <img src="{{pathto('_static/kallithea-logo.svg',1)}}"/>
</div>
<h3>Support Kallithea development</h3>
<div style="text-align:center">
<form action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_top">
<input type="hidden" name="cmd" value="_s-xclick">
<input type="hidden" name="hosted_button_id" value="EYXFS3SQPHYUL">
<input type="image" src="https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif" border="0" name="submit" alt="PayPal - The safer, easier way to pay online!">
<img alt="" border="0" src="https://www.paypalobjects.com/en_US/i/scr/pixel.gif" width="1" height="1">
</form>
    <div style="padding:5px">
     <a href="https://flattr.com/thing/922714/Donate-to-Software-Freedom-Conservancy" target="_blank">
     <img src="http://api.flattr.com/button/flattr-badge-large.png" alt="Flattr this" title="Flattr this" border="0" /></a>
    </div>
</div>
{% endblock %}}