Thu, 26 Dec 2019 15:16:29 +0100 |
Mads Kiilerich |
py3: remove safe_unicode in places where it no longer is needed because all strings (except bytes) already *are* unicode strings
|
Sat, 28 Dec 2019 13:38:22 +0100 |
Mads Kiilerich |
lib: clean up ext_json and how it is used - avoid monkey patching
|
Tue, 24 Dec 2019 04:13:48 +0100 |
Mads Kiilerich |
lib: handle both HTML, unsafe strings, and exceptions passed to helpers.flash()
|
Thu, 26 Dec 2019 16:09:30 +0100 |
Mads Kiilerich |
lib: refactor _get_access_path as get_path_info
|
Mon, 16 Dec 2019 00:02:34 +0100 |
Mads Kiilerich |
py3: only use safe_str for string conversion - not for arbitrary __str__ invocation
|
Mon, 16 Dec 2019 01:35:41 +0100 |
Mads Kiilerich |
cleanup: minor refactorings and simplification of dict usage
|
Mon, 16 Dec 2019 00:53:11 +0100 |
Mads Kiilerich |
py3: replace base64 encoding with base64 module
|
Sat, 23 Nov 2019 15:55:40 +0100 |
Mads Kiilerich |
lib: drop redundant json.dumps encoding=utf8
|
Sun, 24 Nov 2019 00:16:31 +0100 |
Mads Kiilerich |
app: drop finally handling in BaseVCSController.__call__
|
Wed, 07 Aug 2019 00:25:02 +0200 |
Mads Kiilerich |
scripts: initial run of import cleanup using isort
|
Mon, 22 Jul 2019 03:29:45 +0200 |
Mads Kiilerich |
helpers: rename internal names of authentication_token to clarify that secure_form is about session CSRF secrets - not authentication
|
Sun, 21 Jul 2019 18:24:09 +0200 |
Mads Kiilerich |
helpers: always access secure_form through helpers
|
Wed, 27 Sep 2017 22:45:28 +0200 |
domruf |
ssh: show ssh URL on summary page
|
Fri, 19 Jul 2019 01:12:35 +0200 |
Thomas De Schampheleire |
ssh: introduce ini setting 'ssh_enabled', disabled by default
|
Tue, 30 Jul 2019 22:59:44 +0200 |
Mads Kiilerich |
clone_url: always pass a clone_uri_tmpl, with Repository.DEFAULT_CLONE_URI as last resort
|
Thu, 10 Jan 2019 03:43:14 +0100 |
Mads Kiilerich |
hooks: move _handle_rc_scm_extras to utils2 as set_hook_environment and get_hook_environment
|
Thu, 10 Jan 2019 03:35:01 +0100 |
Mads Kiilerich |
middleware: use shared code for setting hook context (KALLITHEA_EXTRAS environment variable)
|
Thu, 10 Jan 2019 03:35:01 +0100 |
Mads Kiilerich |
hooks: drop 'server_url' parameter
|
Thu, 10 Jan 2019 03:34:45 +0100 |
Mads Kiilerich |
middleware: unify Mercurial and Git _handle_request in the VCS base class
|
Mon, 07 Jan 2019 02:08:38 +0100 |
Mads Kiilerich |
middleware: minor cleanup and alignment between VCSs to clarify how things work
|
Tue, 08 Jan 2019 13:04:19 +0100 |
Mads Kiilerich |
middleware: introduce BaseVCSController scm_alias - prepare for sharing shared code
|
Tue, 08 Jan 2019 13:02:44 +0100 |
Mads Kiilerich |
middleware: introduce more generic VCS webob.exc.HTTPException exception handling
|
Tue, 08 Jan 2019 13:02:34 +0100 |
Mads Kiilerich |
middleware: introduce BaseVCSController parse_request retrieving repo_name and use that for VCS dispatch
|
Mon, 07 Jan 2019 01:50:56 +0100 |
Mads Kiilerich |
middleware: move handling of permanent repo URLs to separate middleware
|
Fri, 04 Jan 2019 03:51:45 +0100 |
Mads Kiilerich |
auth: drop authenticating_api_key from AuthUser
|
Fri, 04 Jan 2019 03:51:38 +0100 |
Mads Kiilerich |
auth: move CSRF checks from the optional LoginRequired to the more basic BaseController._before
|
Fri, 04 Jan 2019 03:42:23 +0100 |
Mads Kiilerich |
auth: simplify API key auth - move it out of _determine_auth_user
|
Mon, 08 Apr 2019 00:11:20 +0200 |
Mads Kiilerich |
auth: make User.get_by_api_key more strict about only returning active non-default users
|
Thu, 03 Jan 2019 01:22:56 +0100 |
Mads Kiilerich |
auth: move IP check to AuthUser.make - it is more about accepting authentication than about permissions after authentication
|
Thu, 03 Jan 2019 01:22:45 +0100 |
Mads Kiilerich |
auth: introduce AuthUser.make factory which can return None if user can't be authenticated
|
Sun, 07 Apr 2019 23:44:17 +0200 |
Mads Kiilerich |
auth: remove AuthUser __init__ magic for fallback to default user instead of the requested user
|
Thu, 03 Jan 2019 01:22:06 +0100 |
Mads Kiilerich |
auth: drop unused AuthUser.is_authenticated
|
Wed, 16 Jan 2019 02:32:35 +0100 |
Mads Kiilerich |
locking: drop the pull-to-lock / push-to-unlock functionality
|
Sun, 03 Mar 2019 21:43:18 +0100 |
Thomas De Schampheleire |
Merge stable
|
Sat, 26 Jan 2019 20:00:14 +0100 |
Thomas De Schampheleire |
cleanup: remove unnecessary (and potentially problematic) use of 'literal'
|
Sat, 26 Jan 2019 20:00:14 +0100 |
Thomas De Schampheleire |
cleanup: remove unnecessary (and potentially problematic) use of 'literal'
stable
|
Sat, 29 Dec 2018 22:02:39 +0100 |
Thomas De Schampheleire |
lib: BaseRepoController: use webob.exc.HTTPNotFound if possible
|
Wed, 26 Dec 2018 22:55:06 +0100 |
Mads Kiilerich |
auth: drop UserCreationError handling for AuthUser.from_cookie
|
Wed, 26 Dec 2018 03:03:31 +0100 |
Mads Kiilerich |
auth: make sure request.authuser *always* has been checked for check_ip_allowed - there is thus no need to check it later
|
Wed, 26 Dec 2018 02:21:26 +0100 |
Mads Kiilerich |
auth: consistently use request.authuser - drop request.user
|
Tue, 04 Dec 2018 21:32:57 +0100 |
Thomas De Schampheleire |
templates: remove notification count from user profile button
|
Mon, 05 Nov 2018 00:31:07 +0100 |
Mads Kiilerich |
Merge stable
|
Thu, 11 Oct 2018 02:06:50 +0200 |
Mads Kiilerich |
hg: make __get_action command parsing simpler and safer
stable
|
Wed, 08 Aug 2018 02:23:11 +0200 |
Mads Kiilerich |
cache: move cache invalidation from web handler to post push hook
|
Wed, 25 Oct 2017 21:38:43 +0200 |
domruf |
less: use .label and .label-* style instead of custom .*tag
|
Mon, 11 Sep 2017 21:16:49 +0200 |
domruf |
auth: consume request body before responding 401 or 403 during authentication
|
Fri, 25 Aug 2017 14:32:50 +0200 |
Lars Kruse |
codingstyle: trivial whitespace fixes
|
Thu, 10 Nov 2016 16:10:41 +0100 |
Mads Kiilerich |
helpers: more helpful error messages for changeset not found
stable
|
Thu, 06 Apr 2017 16:55:55 +0300 |
Anton Schur |
middleware: convert check_locking_state to be a separate function
|
Fri, 07 Apr 2017 04:22:42 +0200 |
Mads Kiilerich |
lib: pass full user to _check_locking_state - not just user_id
|
Fri, 07 Apr 2017 04:21:38 +0200 |
Mads Kiilerich |
lib: move special Mercurial HTTP listkey exception out of _check_locking_state
|
Fri, 07 Apr 2017 04:21:32 +0200 |
Mads Kiilerich |
lib: slight cleanup of _check_locking_state
|
Sun, 29 Jan 2017 21:08:49 +0100 |
Alessandro Molina |
backend: replace Pylons with TurboGears2
|
Sun, 02 Apr 2017 13:38:08 +0200 |
domruf |
auth: refactor auth plugin importing
|
Wed, 15 Mar 2017 21:20:24 +0100 |
Thomas De Schampheleire |
controllers: rename __before__ to _before in preparation of TurboGears2
|
Sat, 24 Dec 2016 01:27:47 +0100 |
Mads Kiilerich |
tg: minimize future diff by some mocking and replacing some pylons imports with tg
|
Tue, 28 Feb 2017 21:09:48 +0100 |
Søren Løvborg |
model: remove BaseModel class
|
Tue, 14 Feb 2017 20:27:45 +0100 |
Søren Løvborg |
vcs: restructure authorization check
|
Wed, 04 Jan 2017 23:01:48 +0100 |
Søren Løvborg |
vcs: dedup auth code between Hg and Git middleware
|
Sat, 24 Dec 2016 01:27:47 +0100 |
Mads Kiilerich |
controllers: avoid setting request state in controller instances - set it in the thread global request variable
|