Mercurial > kallithea

changeset 2845:6b176c679896 beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
failsafe the GET `page` argument
author Marcin Kuzminski <marcin@python-works.com>
date Mon, 17 Sep 2012 22:17:25 +0200
parents 7b0f803229be
children 620669b2a88b
files rhodecode/controllers/admin/admin.py rhodecode/controllers/admin/notifications.py rhodecode/controllers/changelog.py rhodecode/controllers/followers.py rhodecode/controllers/forks.py rhodecode/controllers/journal.py rhodecode/controllers/search.py rhodecode/controllers/shortlog.py rhodecode/lib/utils2.py
diffstat 9 files changed, 36 insertions(+), 11 deletions(-) [+]
line wrap: on
line diff
--- a/rhodecode/controllers/admin/admin.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/controllers/admin/admin.py	Mon Sep 17 22:17:25 2012 +0200
@@ -32,6 +32,7 @@
 from rhodecode.lib.auth import LoginRequired, HasPermissionAllDecorator
 from rhodecode.lib.base import BaseController, render
 from rhodecode.model.db import UserLog
+from rhodecode.lib.utils2 import safe_int
 
 log = logging.getLogger(__name__)
 
@@ -50,7 +51,7 @@
                 .options(joinedload(UserLog.repository))\
                 .order_by(UserLog.action_date.desc())
 
-        p = int(request.params.get('page', 1))
+        p = safe_int(request.params.get('page', 1), 1)
         c.users_log = Page(users_log, page=p, items_per_page=10)
         c.log_data = render('admin/admin_log.html')
 
--- a/rhodecode/controllers/admin/notifications.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/controllers/admin/notifications.py	Mon Sep 17 22:17:25 2012 +0200
@@ -39,6 +39,7 @@
 from rhodecode.lib.auth import LoginRequired, NotAnonymous
 from rhodecode.lib import helpers as h
 from rhodecode.model.meta import Session
+from rhodecode.lib.utils2 import safe_int
 
 
 log = logging.getLogger(__name__)
@@ -62,7 +63,8 @@
         c.user = self.rhodecode_user
         notif = NotificationModel().get_for_user(self.rhodecode_user.user_id,
                                             filter_=request.GET.getall('type'))
-        p = int(request.params.get('page', 1))
+
+        p = safe_int(request.params.get('page', 1), 1)
         c.notifications = Page(notif, page=p, items_per_page=10)
         c.pull_request_type = Notification.TYPE_PULL_REQUEST
         c.comment_type = [Notification.TYPE_CHANGESET_COMMENT,
--- a/rhodecode/controllers/changelog.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/controllers/changelog.py	Mon Sep 17 22:17:25 2012 +0200
@@ -37,6 +37,7 @@
 from rhodecode.lib.compat import json
 from rhodecode.lib.graphmod import _colored, _dagwalker
 from rhodecode.lib.vcs.exceptions import RepositoryError, ChangesetDoesNotExistError
+from rhodecode.lib.utils2 import safe_int
 
 log = logging.getLogger(__name__)
 
@@ -65,7 +66,7 @@
             c.size = int(session.get('changelog_size', default))
         # min size must be 1
         c.size = max(c.size, 1)
-        p = int(request.params.get('page', 1))
+        p = safe_int(request.params.get('page', 1), 1)
         branch_name = request.params.get('branch', None)
         try:
             if branch_name:
--- a/rhodecode/controllers/followers.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/controllers/followers.py	Mon Sep 17 22:17:25 2012 +0200
@@ -30,6 +30,7 @@
 from rhodecode.lib.auth import LoginRequired, HasRepoPermissionAnyDecorator
 from rhodecode.lib.base import BaseRepoController, render
 from rhodecode.model.db import Repository, User, UserFollowing
+from rhodecode.lib.utils2 import safe_int
 
 log = logging.getLogger(__name__)
 
@@ -43,7 +44,7 @@
         super(FollowersController, self).__before__()
 
     def followers(self, repo_name):
-        p = int(request.params.get('page', 1))
+        p = safe_int(request.params.get('page', 1), 1)
         repo_id = c.rhodecode_db_repo.repo_id
         d = UserFollowing.get_repo_followers(repo_id)\
             .order_by(UserFollowing.follows_from)
--- a/rhodecode/controllers/forks.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/controllers/forks.py	Mon Sep 17 22:17:25 2012 +0200
@@ -42,6 +42,7 @@
 from rhodecode.model.repo import RepoModel
 from rhodecode.model.forms import RepoForkForm
 from rhodecode.model.scm import ScmModel
+from rhodecode.lib.utils2 import safe_int
 
 log = logging.getLogger(__name__)
 
@@ -105,7 +106,7 @@
     @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
                                    'repository.admin')
     def forks(self, repo_name):
-        p = int(request.params.get('page', 1))
+        p = safe_int(request.params.get('page', 1), 1)
         repo_id = c.rhodecode_db_repo.repo_id
         d = []
         for r in Repository.get_repo_forks(repo_id):
--- a/rhodecode/controllers/journal.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/controllers/journal.py	Mon Sep 17 22:17:25 2012 +0200
@@ -41,6 +41,7 @@
 from rhodecode.model.meta import Session
 from sqlalchemy.sql.expression import func
 from rhodecode.model.scm import ScmModel
+from rhodecode.lib.utils2 import safe_int
 
 log = logging.getLogger(__name__)
 
@@ -57,7 +58,7 @@
     @NotAnonymous()
     def index(self):
         # Return a rendered template
-        p = int(request.params.get('page', 1))
+        p = safe_int(request.params.get('page', 1), 1)
 
         c.user = User.get(self.rhodecode_user.user_id)
         all_repos = self.sa.query(Repository)\
@@ -177,7 +178,7 @@
     @LoginRequired()
     def public_journal(self):
         # Return a rendered template
-        p = int(request.params.get('page', 1))
+        p = safe_int(request.params.get('page', 1), 1)
 
         c.following = self.sa.query(UserFollowing)\
             .filter(UserFollowing.user_id == self.rhodecode_user.user_id)\
--- a/rhodecode/controllers/search.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/controllers/search.py	Mon Sep 17 22:17:25 2012 +0200
@@ -40,7 +40,7 @@
 from whoosh.qparser import QueryParser, QueryParserError
 from whoosh.query import Phrase, Wildcard, Term, Prefix
 from rhodecode.model.repo import RepoModel
-from rhodecode.lib.utils2 import safe_str
+from rhodecode.lib.utils2 import safe_str, safe_int
 
 log = logging.getLogger(__name__)
 
@@ -83,7 +83,7 @@
             log.debug(cur_query)
 
         if c.cur_query:
-            p = int(request.params.get('page', 1))
+            p = safe_int(request.params.get('page', 1), 1)
             highlight_items = set()
             try:
                 idx = open_dir(config['app_conf']['index_dir'],
--- a/rhodecode/controllers/shortlog.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/controllers/shortlog.py	Mon Sep 17 22:17:25 2012 +0200
@@ -31,6 +31,7 @@
 from rhodecode.lib.base import BaseRepoController, render
 from rhodecode.lib.helpers import RepoPage
 from pylons.controllers.util import redirect
+from rhodecode.lib.utils2 import safe_int
 
 log = logging.getLogger(__name__)
 
@@ -44,8 +45,8 @@
         super(ShortlogController, self).__before__()
 
     def index(self, repo_name):
-        p = int(request.params.get('page', 1))
-        size = int(request.params.get('size', 20))
+        p = safe_int(request.params.get('page', 1), 1)
+        size = safe_int(request.params.get('size', 20), 20)
 
         def url_generator(**kw):
             return url('shortlog_home', repo_name=repo_name, size=size, **kw)
--- a/rhodecode/lib/utils2.py	Mon Sep 17 21:26:32 2012 +0200
+++ b/rhodecode/lib/utils2.py	Mon Sep 17 22:17:25 2012 +0200
@@ -147,6 +147,23 @@
     return hashlib.sha1(username + salt).hexdigest()
 
 
+def safe_int(val, default=None):
+    """
+    Returns int() of val if val is not convertable to int use default
+    instead
+
+    :param val:
+    :param default:
+    """
+
+    try:
+        val = int(val)
+    except ValueError:
+        val = default
+
+    return val
+
+
 def safe_unicode(str_, from_encoding=None):
     """
     safe unicode function. Does few trick to turn str_ into unicode