From c398b411c13409916b4c09a080e6ea05fe1bbe38 Mon Sep 17 00:00:00 2001 From: portnov Date: Sun, 22 Jun 2008 11:30:42 +0600 Subject: [PATCH] For unauthorized users, show only `open` git repos. --- pygit/views.py | 22 ++++++++++++++++++++-- 1 files changed, 20 insertions(+), 2 deletions(-) diff --git a/pygit/views.py b/pygit/views.py index 6e88fa5..d3a88bc 100644 --- a/pygit/views.py +++ b/pygit/views.py @@ -3,17 +3,29 @@ import sys from os.path import dirname,join -from django.http import HttpResponseRedirect +from django.http import HttpResponseRedirect, HttpResponseForbidden from django.core.urlresolvers import reverse from django.core.cache import cache from django.views.decorators.cache import cache_page +from models import GitRepo import pygit from chart import Chart sys.path.append(dirname(dirname(__file__))) from mgmt.utils import render_it +def if_can_view(func): + def wrapper(request,rid,*args,**kwargs) + r = GitRepo.objects.git(pk=rid) + if r.open or request.user.is_authorized(): + return func(request,rid,*args,**kwargs) + else: + return HttpResponseForbidden("

You are not allowed to view this page!

") + wrapper.__name__ = func.__name__ + wrapper.__doc__ = func.__doc__ + return wrapper + class Repo(object): pass @@ -24,8 +36,13 @@ def repo_rid(rid): return r def all_repos(request): + if request.user.is_authorized(): + rs = GitRepo.objects.all() + else: + rs = GitRepo.objects.filter(open=True) + repos = [(r.id,r.name) for r in rs] return render_it('repos.html', - {'repos': pygit.repos()}, + {'repos': repos}, request) def cached_stats(rid,branch,cid): @@ -37,6 +54,7 @@ def cached_stats(rid,branch,cid): cache.set('git_stats_%s' % cid, r, 60*60) return r +@if_can_view def one_repo(request,rid,branch='master'): if not branch: branch = 'master' -- 1.7.2.3