Mercurial > kallithea
comparison rhodecode/controllers/admin/settings.py @ 2626:4abce2c11c5f beta
My account pages shouldn't be accessible by anonymous users
| author | Marcin Kuzminski <marcin@python-works.com> |
|---|---|
| date | Mon, 16 Jul 2012 23:44:50 +0200 |
| parents | fc19979a8421 |
| children | 91c442a489bb |
comparison
equal
deleted
inserted
replaced
| 2625:fc19979a8421 | 2626:4abce2c11c5f |
|---|---|
| 348 encoding="UTF-8", | 348 encoding="UTF-8", |
| 349 force_defaults=False | 349 force_defaults=False |
| 350 ) | 350 ) |
| 351 return render('admin/users/user_edit_my_account.html') | 351 return render('admin/users/user_edit_my_account.html') |
| 352 | 352 |
| 353 @NotAnonymous() | |
| 353 def my_account_update(self): | 354 def my_account_update(self): |
| 354 """PUT /_admin/my_account_update: Update an existing item""" | 355 """PUT /_admin/my_account_update: Update an existing item""" |
| 355 # Forms posted to this method should contain a hidden field: | 356 # Forms posted to this method should contain a hidden field: |
| 356 # <input type="hidden" name="_method" value="PUT" /> | 357 # <input type="hidden" name="_method" value="PUT" /> |
| 357 # Or using helpers: | 358 # Or using helpers: |
| 383 log.error(traceback.format_exc()) | 384 log.error(traceback.format_exc()) |
| 384 h.flash(_('error occurred during update of user %s') \ | 385 h.flash(_('error occurred during update of user %s') \ |
| 385 % form_result.get('username'), category='error') | 386 % form_result.get('username'), category='error') |
| 386 | 387 |
| 387 return redirect(url('my_account')) | 388 return redirect(url('my_account')) |
| 388 | 389 |
| 390 @NotAnonymous() | |
| 389 def my_account_my_repos(self): | 391 def my_account_my_repos(self): |
| 390 all_repos = self.sa.query(Repository)\ | 392 all_repos = self.sa.query(Repository)\ |
| 391 .filter(Repository.user_id == self.rhodecode_user.user_id)\ | 393 .filter(Repository.user_id == self.rhodecode_user.user_id)\ |
| 392 .order_by(func.lower(Repository.repo_name))\ | 394 .order_by(func.lower(Repository.repo_name))\ |
| 393 .all() | 395 .all() |
| 394 c.user_repos = ScmModel().get_repos(all_repos) | 396 c.user_repos = ScmModel().get_repos(all_repos) |
| 395 return render('admin/users/user_edit_my_account_repos.html') | 397 return render('admin/users/user_edit_my_account_repos.html') |
| 396 | 398 |
| 399 @NotAnonymous() | |
| 397 def my_account_my_pullrequests(self): | 400 def my_account_my_pullrequests(self): |
| 398 c.my_pull_requests = PullRequest.query()\ | 401 c.my_pull_requests = PullRequest.query()\ |
| 399 .filter(PullRequest.user_id== | 402 .filter(PullRequest.user_id== |
| 400 self.rhodecode_user.user_id)\ | 403 self.rhodecode_user.user_id)\ |
| 401 .all() | 404 .all() |
| 418 new_repo = request.GET.get('repo', '') | 421 new_repo = request.GET.get('repo', '') |
| 419 c.new_repo = repo_name_slug(new_repo) | 422 c.new_repo = repo_name_slug(new_repo) |
| 420 | 423 |
| 421 return render('admin/repos/repo_add_create_repository.html') | 424 return render('admin/repos/repo_add_create_repository.html') |
| 422 | 425 |
| 426 @NotAnonymous() | |
| 423 def get_hg_ui_settings(self): | 427 def get_hg_ui_settings(self): |
| 424 ret = self.sa.query(RhodeCodeUi).all() | 428 ret = self.sa.query(RhodeCodeUi).all() |
| 425 | 429 |
| 426 if not ret: | 430 if not ret: |
| 427 raise Exception('Could not get application ui settings !') | 431 raise Exception('Could not get application ui settings !') |