Mercurial > p > roundup > code

comparison roundup/cgi/client.py @ 1936:e84e5bb90ccc

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add 'return' after failed permission checks in search/editCSV actions.
author Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
date Fri, 21 Nov 2003 21:59:05 +0000
parents 0798ce090450
children 4c850112895b
comparison
equal deleted inserted replaced
1935:b4e670840963 1936:e84e5bb90ccc
1 # $Id: client.py,v 1.146 2003-11-13 05:56:48 richard Exp $ 1 # $Id: client.py,v 1.147 2003-11-21 21:59:05 jlgijsbers Exp $
2 2
3 __doc__ = """ 3 __doc__ = """
4 WWW request handler (also used in the stand-alone server). 4 WWW request handler (also used in the stand-alone server).
5 """ 5 """
6 6
1123 non-existent ID) and removed lines are retired. 1123 non-existent ID) and removed lines are retired.
1124 ''' 1124 '''
1125 # this is per-class only 1125 # this is per-class only
1126 if not self.editCSVPermission(): 1126 if not self.editCSVPermission():
1127 self.error_message.append( 1127 self.error_message.append(
1128 _('You do not have permission to edit %s' %self.classname)) 1128 _('You do not have permission to edit %s' %self.classname))
1129 return
1129 1130
1130 # get the CSV module 1131 # get the CSV module
1131 if rcsv.error: 1132 if rcsv.error:
1132 self.error_message.append(_(rcsv.error)) 1133 self.error_message.append(_(rcsv.error))
1133 return 1134 return
1235 ''' 1236 '''
1236 # generic edit is per-class only 1237 # generic edit is per-class only
1237 if not self.searchPermission(): 1238 if not self.searchPermission():
1238 self.error_message.append( 1239 self.error_message.append(
1239 _('You do not have permission to search %s' %self.classname)) 1240 _('You do not have permission to search %s' %self.classname))
1241 return
1240 1242
1241 # add a faked :filter form variable for each filtering prop 1243 # add a faked :filter form variable for each filtering prop
1242 props = self.db.classes[self.classname].getprops() 1244 props = self.db.classes[self.classname].getprops()
1243 queryname = '' 1245 queryname = ''
1244 for key in self.form.keys(): 1246 for key in self.form.keys():
Roundup Issue Tracker: http://roundup-tracker.org/