Mercurial > p > roundup > code
view detectors/creator_resolution.py @ 5211:f4b6a2a3e605
Fix expiration dates and expire csrf tokens properly
In client.py: add explicit expiration of csrf tokens to
handle_csrf. There is a clean_up() that runs on every client
connection before handle)csrf is invoked, but it only cleans every
hour. With short lived tokens this is insufficient. Also remove
debugging.
In templating.py fix values for seconds/week and minutes per week. The
original values were shifted/transposed and an order of magnitude off.
In test_templating.py again fix seconds/week constant.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 19 Mar 2017 17:10:13 -0400 |
| parents | b3f46759b4d1 |
| children | 35ea9b1efc14 |
line wrap: on
line source
# This detector was written by richard@mechanicalcat.net and it's been # placed in the Public Domain. Copy and modify to your heart's content. from roundup.exceptions import Reject def creator_resolution(db, cl, nodeid, newvalues): '''Catch attempts to set the status to "resolved" - if the assignedto user isn't the creator, then set the status to "in-progress" (try "confirm-done" first though, but "classic" Roundup doesn't have that status) ''' if not newvalues.has_key('status'): return # get the resolved state ID resolved_id = db.status.lookup('resolved') if newvalues['status'] != resolved_id: return # check the assignedto assignedto = newvalues.get('assignedto', cl.get(nodeid, 'assignedto')) creator = cl.get(nodeid, 'creator') if assignedto == creator: if db.getuid() != creator: name = db.user.get(creator, 'username') raise Reject, 'Only the creator (%s) may close this issue'%name return # set the assignedto and status newvalues['assignedto'] = creator try: status = db.status.lookup('confirm-done') except KeyError: status = db.status.lookup('in-progress') newvalues['status'] = status def init(db): db.issue.audit('set', creator_resolution) # vim: set filetype=python ts=4 sw=4 et si