ProjectMiddleware query project and check permissions

2014-08-07 13:30:51 -07:00 · 2014-08-07 13:30:51 -07:00 · 98f181ca4f
commit 98f181ca4f
parent 00b8ae612d
2 changed files with 30 additions and 30 deletions
--- a/issue/middleware.py
+++ b/issue/middleware.py
@ -1,3 +1,7 @@
 from django.core.exceptions import ObjectDoesNotExist
 from django.http import HttpResponseForbidden
 from django.contrib.auth.decorators import login_required
 from issue.models import *
@ -10,3 +14,15 @@ class ProjectMiddleware:
        projects = Project.objects.filter(public=True)
        request.projects = projects
        project = view_kwargs.get('project')
        if not project:
            return
        try:
            project = projects.get(name=project)
        except ObjectDoesNotExist:
            if request.user.is_authenticated():
                return HttpResponseForbidden()
            else:
                return login_required(view)(request, *view_args, **view_kwargs)
        view_kwargs['project'] = project
--- a/issue/views.py
+++ b/issue/views.py
@ -46,8 +46,6 @@ def project_add(request):
 def project_edit(request, project):
    project = get_object_or_404(Project, name=project)
    form = EditProjectForm(request.POST or None, instance=project)
    if request.method == 'POST' and form.is_valid():
@ -74,8 +72,6 @@ def project_edit(request, project):
 def project_delete(request, project):
    project = get_object_or_404(Project, name=project)
    project.delete()
    messages.success(request, 'Project deleted successfully.')
@ -84,8 +80,6 @@ def project_delete(request, project):
 def issue_list(request, project):
    project = get_object_or_404(Project, name=project)
    issues = project.issues
    is_open = ''
@ -187,10 +181,8 @@ def issue_list(request, project):
 def issue_edit(request, project, issue=None):
    project = get_object_or_404(Project, name=project)
    if issue:
-        issue = get_object_or_404(Issue, project__name=project.name, id=issue)
+        issue = get_object_or_404(Issue, project=project.name, id=issue)
        init_data = {'title': issue.title,
                     'description': issue.description}
    else:
@ -247,7 +239,7 @@ def issue_edit(request, project, issue=None):
 def issue(request, project, issue):
-    issue = get_object_or_404(Issue, project__name=project, id=issue)
+    issue = get_object_or_404(Issue, project=project, id=issue)
    labels = Label.objects.filter(project=issue.project, deleted=False) \
            .exclude(id__in=issue.labels.all().values_list('id'))
@ -269,7 +261,7 @@ def issue(request, project, issue):
 def issue_comment(request, project, issue, comment=None):
-    issue = get_object_or_404(Issue, project__name=project, id=issue)
+    issue = get_object_or_404(Issue, project=project, id=issue)
    if comment:
        event = get_object_or_404(Event, code=Event.COMMENT, issue=issue, id=comment)
@ -313,7 +305,7 @@ def issue_comment(request, project, issue, comment=None):
 def issue_close(request, project, issue):
-    issue = get_object_or_404(Issue, project__name=project, id=issue, closed=False)
+    issue = get_object_or_404(Issue, project=project, id=issue, closed=False)
    issue.closed = True
    issue.save()
@ -326,7 +318,7 @@ def issue_close(request, project, issue):
 def issue_reopen(request, project, issue):
-    issue = get_object_or_404(Issue, project__name=project, id=issue, closed=True)
+    issue = get_object_or_404(Issue, project=project, id=issue, closed=True)
    issue.closed = False
    issue.save()
@ -339,7 +331,7 @@ def issue_reopen(request, project, issue):
 def issue_delete(request, project, issue):
-    issue = get_object_or_404(Issue, project__name=project, id=issue)
+    issue = get_object_or_404(Issue, project=project, id=issue)
    issue.delete()
@ -349,8 +341,8 @@ def issue_delete(request, project, issue):
 def issue_add_label(request, project, issue, label):
-    issue = get_object_or_404(Issue, project__name=project, id=issue)
+    issue = get_object_or_404(Issue, project=project, id=issue)
-    label = get_object_or_404(Label, project__name=project, id=label)
+    label = get_object_or_404(Label, project=project, id=label)
    author = User.objects.get(username=request.user.username)
    issue.add_label(author, label)
@ -359,8 +351,8 @@ def issue_add_label(request, project, issue, label):
 def issue_remove_label(request, project, issue, label):
-    issue = get_object_or_404(Issue, project__name=project, id=issue)
+    issue = get_object_or_404(Issue, project=project, id=issue)
-    label = get_object_or_404(Label, project__name=project, id=label)
+    label = get_object_or_404(Label, project=project, id=label)
    author = User.objects.get(username=request.user.username)
    issue.remove_label(author, label)
@ -369,8 +361,8 @@ def issue_remove_label(request, project, issue, label):
 def issue_add_milestone(request, project, issue, milestone):
-    issue = get_object_or_404(Issue, project__name=project, id=issue)
+    issue = get_object_or_404(Issue, project=project, id=issue)
-    milestone = get_object_or_404(Milestone, project__name=project, name=milestone)
+    milestone = get_object_or_404(Milestone, project=project, name=milestone)
    author = User.objects.get(username=request.user.username)
    issue.add_milestone(author, milestone)
@ -379,8 +371,8 @@ def issue_add_milestone(request, project, issue, milestone):
 def issue_remove_milestone(request, project, issue, milestone):
-    issue = get_object_or_404(Issue, project__name=project, id=issue)
+    issue = get_object_or_404(Issue, project=project, id=issue)
-    milestone = get_object_or_404(Milestone, project__name=project, name=milestone)
+    milestone = get_object_or_404(Milestone, project=project, name=milestone)
    author = User.objects.get(username=request.user.username)
    issue.remove_milestone(author, milestone)
@ -389,8 +381,6 @@ def issue_remove_milestone(request, project, issue, milestone):
 def label_list(request, project):
    project = get_object_or_404(Project, name=project)
    labels = project.labels.filter(deleted=False)
    c = {
@ -402,8 +392,6 @@ def label_list(request, project):
 def label_edit(request, project, id=None):
    project = get_object_or_404(Project, name=project)
    if id:
        label = get_object_or_404(Label, project=project, id=id)
    else:
@ -463,8 +451,6 @@ def label_delete(request, project, id):
 def milestone_list(request, project):
    project = get_object_or_404(Project, name=project)
    show = request.GET.get('show', 'open')
    if show == 'open':
@ -487,8 +473,6 @@ def milestone_list(request, project):
 def milestone_edit(request, project, name=None):
    project = get_object_or_404(Project, name=project)
    if name:
        milestone = get_object_or_404(Milestone, project=project, name=name)
    else: