123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136 |
- # -*- coding: utf-8 -*-
- """
- (c) 2018-2019 - Copyright Red Hat Inc
- Authors:
- Clement Verna <cverna@tutanota.com>
- Pierre-Yves Chibon <pingou@pingoured.fr>
- """
- from __future__ import absolute_import, unicode_literals
- from functools import wraps
- import flask
- from pagure.flask_app import admin_session_timedout
- def has_issue_tracker(function):
- """
- Decorator that checks if the current pagure project has the
- issue tracker active
- If not active returns a 404 page
- """
- @wraps(function)
- def check_issue_tracker(*args, **kwargs):
- repo = flask.g.repo
- if not flask.g.issues_enabled or not repo.settings.get(
- "issue_tracker", True
- ):
- flask.abort(
- 404, description="No issue tracker found for this project"
- )
- # forbid all POST requests if the issue tracker is made read-only
- if flask.request.method == "POST" and repo.settings.get(
- "issue_tracker_read_only", False
- ):
- flask.abort(
- 401,
- description="The issue tracker for this project is read-only",
- )
- return function(*args, **kwargs)
- return check_issue_tracker
- def has_pr_enabled(function):
- """
- Decorator that checks if the current pagure project has the
- issue tracker active or has PRs function active
- If not active returns a 404 page
- """
- @wraps(function)
- def check_trackers(*args, **kwargs):
- repo = flask.g.repo
- if not repo.settings.get("pull_requests", True):
- flask.abort(
- 404,
- description="Pull Requests are not enabled on this project",
- )
- return function(*args, **kwargs)
- return check_trackers
- def has_issue_or_pr_enabled(function):
- """
- Decorator that checks if the current pagure project has either their
- issue tracker or their PR active. If both of them are disabled, it
- returns a 404 page.
- """
- @wraps(function)
- def check_issue_pr_trackers(*args, **kwargs):
- repo = flask.g.repo
- issue_enabled = flask.g.issues_enabled
- issue_ro = repo.settings.get("issue_tracker_read_only", False)
- pr_enabled = repo.settings.get("pull_requests", True)
- if not issue_enabled and not pr_enabled:
- flask.abort(
- 404,
- description="Issue tracker and Pull-Request disabled for "
- "this project",
- )
- elif flask.request.method == "POST" and not pr_enabled and issue_ro:
- flask.abort(
- 401,
- description="The issue tracker for this project is read-only",
- )
- return function(*args, **kwargs)
- return check_issue_pr_trackers
- def is_repo_admin(function):
- """
- Decorator that checks if the current user is the admin of
- the project.
- If not active returns a 403 page
- """
- @wraps(function)
- def check_repo_admin(*args, **kwargs):
- if not flask.g.repo_admin:
- flask.abort(
- 403,
- description="You are not allowed to change the "
- "settings for this project",
- )
- return function(*args, **kwargs)
- return check_repo_admin
- def is_admin_sess_timedout(function):
- """
- Decorator that checks if the admin session has timeout.
- If not true redirect to the login page
- """
- @wraps(function)
- def check_session_timeout(*args, **kwargs):
- if admin_session_timedout():
- if flask.request.method == "POST":
- flask.flash("Action canceled, try it again", "error")
- return flask.redirect(
- flask.url_for("auth_login", next=flask.request.url)
- )
- return function(*args, **kwargs)
- return check_session_timeout
|