Mercurial > kallithea

changeset 3755:f5b204789b46

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
added missing perms check on history call
author Marcin Kuzminski <marcin@python-works.com>
date Mon, 15 Apr 2013 02:11:06 +0200
parents 7efc8dcc0dc4
children a7d69146021b
files rhodecode/controllers/files.py
diffstat 1 files changed, 3 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/rhodecode/controllers/files.py	Sat Apr 13 12:51:34 2013 +0200
+++ b/rhodecode/controllers/files.py	Mon Apr 15 02:11:06 2013 +0200
@@ -182,6 +182,9 @@
 
         return render('files/files.html')
 
+    @LoginRequired()
+    @HasRepoPermissionAnyDecorator('repository.read', 'repository.write',
+                                   'repository.admin')
     def history(self, repo_name, revision, f_path, annotate=False):
         if request.environ.get('HTTP_X_PARTIAL_XHR'):
             c.changeset = self.__get_cs_or_redirect(revision, repo_name)