From 3e6250465d93543ce60331c3603a82f20a057602 Mon Sep 17 00:00:00 2001 From: Pierre-Yves Chibon Date: Apr 21 2017 14:49:34 +0000 Subject: Ensure API token associated with required flags can flag a pull-request --- diff --git a/pagure/api/fork.py b/pagure/api/fork.py index 1e5d62b..66dbdbf 100644 --- a/pagure/api/fork.py +++ b/pagure/api/fork.py @@ -1,7 +1,7 @@ # -*- coding: utf-8 -*- """ - (c) 2015 - Copyright Red Hat Inc + (c) 2015-2017 - Copyright Red Hat Inc Authors: Pierre-Yves Chibon diff --git a/pagure/lib/git.py b/pagure/lib/git.py index 4831a7f..b05b717 100644 --- a/pagure/lib/git.py +++ b/pagure/lib/git.py @@ -1,7 +1,7 @@ # -*- coding: utf-8 -*- """ - (c) 2015-2016 - Copyright Red Hat Inc + (c) 2015-2017 - Copyright Red Hat Inc Authors: Pierre-Yves Chibon diff --git a/pagure/ui/repo.py b/pagure/ui/repo.py index 00d8208..2c8ffd9 100644 --- a/pagure/ui/repo.py +++ b/pagure/ui/repo.py @@ -2608,7 +2608,24 @@ def update_enforced_flags(repo, username=None, namespace=None): 'error') error = True - print tokens, titles + for input_token in tokens: + seen = False + try: + for saved_token in repo.tokens: + if saved_token.id == input_token: + seen = True + if 'pull_request_flag' not in saved_token.acls_list: + raise pagure.exceptions.PagureException( + 'Token %s does not have the permission to ' + 'flag a pull-request.' % input_token) + break + if not seen: + raise pagure.exceptions.PagureException( + 'No token %s found associated with this ' + 'project' % input_token) + except pagure.exceptions.PagureException as err: + error = True + flask.flash(str(err), 'error') if not error: enforced_flags = {} @@ -2623,7 +2640,6 @@ def update_enforced_flags(repo, username=None, namespace=None): except SQLAlchemyError as err: # pragma: no cover SESSION.rollback() flask.flash(str(err), 'error') - print repo.enforced_flags return flask.redirect(flask.url_for( 'view_settings', username=username, repo=repo.name,