Mercurial > kallithea

changeset 2444:b45e9fd75ac0 codereview

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
data checks
author Marcin Kuzminski <marcin@python-works.com>
date Mon, 11 Jun 2012 23:10:34 +0200
parents fd0a822481ec
children 4753a3445ff7
files rhodecode/controllers/compare.py rhodecode/controllers/pullrequests.py
diffstat 2 files changed, 19 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/rhodecode/controllers/compare.py	Mon Jun 11 00:58:24 2012 +0200
+++ b/rhodecode/controllers/compare.py	Mon Jun 11 23:10:34 2012 +0200
@@ -68,6 +68,10 @@
             log.error('Could not found repo %s or %s' % (org_repo, other_repo))
             raise HTTPNotFound
 
+        if c.org_repo.scm_instance.alias != 'hg':
+            log.error('Review not available for GIT REPOS')
+            raise HTTPNotFound
+
         c.cs_ranges, discovery_data = PullRequestModel().get_compare_data(
                                        org_repo, org_ref, other_repo, other_ref
                                       )
--- a/rhodecode/controllers/pullrequests.py	Mon Jun 11 00:58:24 2012 +0200
+++ b/rhodecode/controllers/pullrequests.py	Mon Jun 11 23:10:34 2012 +0200
@@ -78,6 +78,11 @@
 
     def index(self):
         org_repo = c.rhodecode_db_repo
+
+        if org_repo.scm_instance.alias != 'hg':
+            log.error('Review not available for GIT REPOS')
+            raise HTTPNotFound
+
         c.org_refs = self._get_repo_refs(c.rhodecode_repo)
         c.org_repos = []
         c.other_repos = []
@@ -101,7 +106,6 @@
                                         org_repo.parent.repo_name))
                                      )
 
-        #TODO: maybe the owner should be default ?
         c.review_members = []
         c.available_members = []
         for u in User.query().filter(User.username != 'default').all():
@@ -192,6 +196,15 @@
         c.users_groups_array = repo_model.get_users_groups_js()
         c.pull_request = PullRequest.get(pull_request_id)
 
+        # valid ID
+        if not c.pull_request:
+            raise HTTPNotFound
+
+        # pull_requests repo_name we opened it against
+        # ie. other_repo must match
+        if repo_name != c.pull_request.other_repo.repo_name:
+            raise HTTPNotFound
+
         # load compare data into template context
         self._load_compare_data(c.pull_request)
 
@@ -261,4 +274,4 @@
             data.update({'rendered_text':
                          render('changeset/changeset_comment_block.html')})
 
-        return data
\ No newline at end of file
+        return data