Mercurial > kallithea

changeset 3104:c77d5c6358eb beta

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implemented #670 Implementation of Roles in Pull Request - only owner, reviewer or admin can change status or close pull request
author Marcin Kuzminski <marcin@python-works.com>
date Fri, 14 Dec 2012 03:19:15 +0100
parents 91492a72b2dc
children 706b9f84ade3
files rhodecode/controllers/pullrequests.py rhodecode/templates/changeset/changeset_file_comment.html rhodecode/templates/pullrequests/pullrequest_show.html
diffstat 3 files changed, 40 insertions(+), 26 deletions(-) [+]
line wrap: on
line diff
--- a/rhodecode/controllers/pullrequests.py	Fri Dec 14 02:27:48 2012 +0100
+++ b/rhodecode/controllers/pullrequests.py	Fri Dec 14 03:19:15 2012 +0100
@@ -96,6 +96,12 @@
             #if repo doesn't have default branch return first found
             return repo.branches.keys()[0]
 
+    def _get_is_allowed_change_status(self, pull_request):
+        owner = self.rhodecode_user.user_id == pull_request.user_id 
+        reviewer = self.rhodecode_user.user_id in [x.user_id for x in
+                                                   pull_request.reviewers]
+        return (self.rhodecode_user.admin or owner or reviewer)
+
     def show_all(self, repo_name):
         c.pull_requests = PullRequestModel().get_all(repo_name)
         c.repo_name = repo_name
@@ -334,7 +340,7 @@
         c.users_groups_array = repo_model.get_users_groups_js()
         c.pull_request = PullRequest.get_or_404(pull_request_id)
         c.target_repo = c.pull_request.org_repo.repo_name
-
+        c.allowed_to_change_status = self._get_is_allowed_change_status(c.pull_request)
         cc_model = ChangesetCommentsModel()
         cs_model = ChangesetStatusModel()
         _cs_statuses = cs_model.get_statuses(c.pull_request.org_repo,
@@ -405,7 +411,9 @@
         status = request.POST.get('changeset_status')
         change_status = request.POST.get('change_changeset_status')
         text = request.POST.get('text')
-        if status and change_status:
+
+        allowed_to_change_status = self._get_is_allowed_change_status(pull_request)
+        if status and change_status and allowed_to_change_status:
             text = text or (_('Status change -> %s')
                             % ChangesetStatus.get_status_lbl(status))
         comm = ChangesetCommentsModel().create(
@@ -416,32 +424,34 @@
             f_path=request.POST.get('f_path'),
             line_no=request.POST.get('line'),
             status_change=(ChangesetStatus.get_status_lbl(status)
-                           if status and change_status else None)
+            if status and change_status and allowed_to_change_status else None)
         )
 
-        # get status if set !
-        if status and change_status:
-            ChangesetStatusModel().set_status(
-                c.rhodecode_db_repo.repo_id,
-                status,
-                c.rhodecode_user.user_id,
-                comm,
-                pull_request=pull_request_id
-            )
         action_logger(self.rhodecode_user,
                       'user_commented_pull_request:%s' % pull_request_id,
                       c.rhodecode_db_repo, self.ip_addr, self.sa)
 
-        if request.POST.get('save_close'):
-            if status in ['rejected', 'approved']:
-                PullRequestModel().close_pull_request(pull_request_id)
-                action_logger(self.rhodecode_user,
-                          'user_closed_pull_request:%s' % pull_request_id,
-                          c.rhodecode_db_repo, self.ip_addr, self.sa)
-            else:
-                h.flash(_('Closing pull request on other statuses than '
-                          'rejected or approved forbidden'),
-                        category='warning')
+        if allowed_to_change_status:
+            # get status if set !
+            if status and change_status:
+                ChangesetStatusModel().set_status(
+                    c.rhodecode_db_repo.repo_id,
+                    status,
+                    c.rhodecode_user.user_id,
+                    comm,
+                    pull_request=pull_request_id
+                )
+
+            if request.POST.get('save_close'):
+                if status in ['rejected', 'approved']:
+                    PullRequestModel().close_pull_request(pull_request_id)
+                    action_logger(self.rhodecode_user,
+                              'user_closed_pull_request:%s' % pull_request_id,
+                              c.rhodecode_db_repo, self.ip_addr, self.sa)
+                else:
+                    h.flash(_('Closing pull request on other statuses than '
+                              'rejected or approved forbidden'),
+                            category='warning')
 
         Session().commit()
 
--- a/rhodecode/templates/changeset/changeset_file_comment.html	Fri Dec 14 02:27:48 2012 +0100
+++ b/rhodecode/templates/changeset/changeset_file_comment.html	Fri Dec 14 03:19:15 2012 +0100
@@ -109,7 +109,7 @@
 </%def>
 
 ## MAIN COMMENT FORM
-<%def name="comments(post_url, cur_status, close_btn=False)">
+<%def name="comments(post_url, cur_status, close_btn=False, change_status=True)">
 
 <div class="comments">
     %if c.rhodecode_user.username != 'default':
@@ -121,9 +121,12 @@
                 ${(_('Comments parsed using %s syntax with %s support.') % (('<a href="%s">RST</a>' % h.url('rst_help')),
           		'<span style="color:#003367" class="tooltip" title="%s">@mention</span>' %
           		_('Use @username inside this text to send notification to this RhodeCode user')))|n}
+              %if change_status:
                 | <label for="show_changeset_status_box" class="tooltip" title="${_('Check this to change current status of code-review for this changeset')}"> ${_('change status')}</label>
                   <input style="vertical-align: bottom;margin-bottom:-2px" id="show_changeset_status_box" type="checkbox" name="change_changeset_status" />
+              %endif
             </div>
+            %if change_status:
             <div id="status_block_container" class="status-block" style="display:none">
                 %for status,lbl in c.changeset_statuses:
                     <div class="">
@@ -132,13 +135,14 @@
                     </div>
                 %endfor
             </div>
+            %endif
             <div class="mentions-container" id="mentions_container"></div>
              ${h.textarea('text')}
         </div>
         <div class="comment-button">
         ${h.submit('save', _('Comment'), class_="ui-btn large")}
-        %if close_btn:
-           ${h.submit('save_close', _('Comment and close'), class_='ui-btn blue large %s' % 'hidden' if cur_status in ['not_reviewd','under_review'] else '')}
+        %if close_btn and change_status:
+           ${h.submit('save_close', _('Comment and close'), class_='ui-btn blue large %s' % ('hidden' if cur_status in ['not_reviewed','under_review'] else ''))}
         %endif
         </div>
         ${h.end_form()}
--- a/rhodecode/templates/pullrequests/pullrequest_show.html	Fri Dec 14 02:27:48 2012 +0100
+++ b/rhodecode/templates/pullrequests/pullrequest_show.html	Fri Dec 14 03:19:15 2012 +0100
@@ -166,7 +166,7 @@
       ${comment.comments(h.url('pullrequest_comment', repo_name=c.repo_name,
                                 pull_request_id=c.pull_request.pull_request_id),
                                 c.current_changeset_status,
-                                close_btn=True)}
+                                close_btn=True, change_status=c.allowed_to_change_status)}
     %endif
 
     <script type="text/javascript">