... | ... |
@@ -103,6 +103,19 @@ sub can_access_private_project { |
103 | 103 |
return $is_valid; |
104 | 104 |
} |
105 | 105 |
|
106 |
+sub can_write_access { |
|
107 |
+ my ($self, $session_user_id, $user_id, $project_id) = @_; |
|
108 |
+ |
|
109 |
+ my $can_write_access |
|
110 |
+ = length $session_user_id && |
|
111 |
+ ( |
|
112 |
+ $session_user_id eq $user_id |
|
113 |
+ || $self->is_collaborator($session_user_id, $user_id, $project_id) |
|
114 |
+ ); |
|
115 |
+ |
|
116 |
+ return $can_write_access; |
|
117 |
+} |
|
118 |
+ |
|
106 | 119 |
sub new { |
107 | 120 |
my ($class, $cntl) = @_; |
108 | 121 |
|
... | ... |
@@ -17,11 +17,34 @@ |
17 | 17 |
my $git = $self->app->git; |
18 | 18 |
|
19 | 19 |
if (lc $self->req->method eq 'post') { |
20 |
- my $op = param('op'); |
|
21 | 20 |
|
22 | 21 |
# Access controll |
22 |
+ unless ($api->can_write_access($session_user_id, $user_id, $project_id)) { |
|
23 |
+ $self->reply->exception('Forbbiden'); |
|
24 |
+ return; |
|
25 |
+ } |
|
26 |
+ |
|
27 |
+ # Close pull request |
|
28 |
+ my $op = param('op'); |
|
23 | 29 |
if ($op eq 'close') { |
24 |
- |
|
30 |
+ app->dbi->model('pull_request')->update( |
|
31 |
+ {open => 0}, |
|
32 |
+ where => {row_id => $row_id} |
|
33 |
+ ); |
|
34 |
+ $self->redirect_to('current'); |
|
35 |
+ return; |
|
36 |
+ } |
|
37 |
+ elsif ($op eq 'reopen') { |
|
38 |
+ my $open_time = time; |
|
39 |
+ app->dbi->model('pull_request')->update( |
|
40 |
+ { |
|
41 |
+ open => 1, |
|
42 |
+ open_time => $open_time |
|
43 |
+ }, |
|
44 |
+ where => {row_id => $row_id} |
|
45 |
+ ); |
|
46 |
+ $self->redirect_to('current'); |
|
47 |
+ return; |
|
25 | 48 |
} |
26 | 49 |
} |
27 | 50 |
|
... | ... |
@@ -95,7 +118,7 @@ |
95 | 118 |
Open |
96 | 119 |
</div> |
97 | 120 |
% } else { |
98 |
- <div style="background:red;padding:4px 8px;border-radius:3px;"> |
|
121 |
+ <div style="background:#bd2c00;padding:4px 8px;border-radius:3px;"> |
|
99 | 122 |
Closed |
100 | 123 |
</div> |
101 | 124 |
% } |
... | ... |
@@ -188,35 +211,47 @@ |
188 | 211 |
|
189 | 212 |
%= include '/include/commit_body', %commit_body_args; |
190 | 213 |
|
191 |
- % if ($api->logined($user_id)) { |
|
192 |
- <form action="<%= url_for %>" method="post"> |
|
193 |
- <div class="pull-request-form"> |
|
194 |
- <div style="overflow:hidden"> |
|
195 |
- <div style="float:left;padding:10px;padding-right:0"> |
|
196 |
- <div style="width:30px;height:30px;text-align:center;border-radius:15px;background:#95c97e;color:white;padding-top:5px;"><%= "\x{2714}" %></div> |
|
197 |
- </div> |
|
198 |
- <div style="float:left"> |
|
199 |
- <div class="pull-request-form-title"> |
|
200 |
- <div> |
|
201 |
- <b>This branch has no conflicts with the base branch</b> |
|
202 |
- </div> |
|
203 |
- <div> |
|
204 |
- <span style="color:#767676">Merging can be performed automatically.</span> |
|
214 |
+ % if ($api->can_write_access($session_user_id, $user_id, $project_id)) { |
|
215 |
+ % if ($pull_request->{open}) { |
|
216 |
+ <form action="<%= url_for %>" method="post"> |
|
217 |
+ <div class="pull-request-form"> |
|
218 |
+ <div style="overflow:hidden"> |
|
219 |
+ <div style="float:left;padding:10px;padding-right:0"> |
|
220 |
+ <div style="width:30px;height:30px;text-align:center;border-radius:15px;background:#95c97e;color:white;padding-top:5px;"><%= "\x{2714}" %></div> |
|
221 |
+ </div> |
|
222 |
+ <div style="float:left"> |
|
223 |
+ <div class="pull-request-form-title"> |
|
224 |
+ <div> |
|
225 |
+ <b>This branch has no conflicts with the base branch</b> |
|
226 |
+ </div> |
|
227 |
+ <div> |
|
228 |
+ <span style="color:#767676">Merging can be performed automatically.</span> |
|
229 |
+ </div> |
|
205 | 230 |
</div> |
206 | 231 |
</div> |
207 | 232 |
</div> |
233 |
+ <div class="pull-request-form-button"> |
|
234 |
+ <%= submit_button 'Merge pull request', class => "btn btn-success" %> |
|
235 |
+ </div> |
|
208 | 236 |
</div> |
209 |
- <div class="pull-request-form-button"> |
|
210 |
- <%= submit_button 'Merge pull request', class => "btn btn-success" %> |
|
211 |
- </div> |
|
212 |
- </div> |
|
213 |
- </form> |
|
214 |
- <div style="text-align:right;margin-top:10px;"> |
|
215 |
- <form action="<%= url_for %>" method="post"> |
|
216 |
- <%= hidden_field op => 'close' %> |
|
217 |
- <%= submit_button 'Close pull request', class => 'btn' %> |
|
218 | 237 |
</form> |
219 |
- </div> |
|
238 |
+ % } |
|
239 |
+ |
|
240 |
+ % if ($pull_request->{open}) { |
|
241 |
+ <div style="text-align:right;margin-top:10px;"> |
|
242 |
+ <form action="<%= url_for %>" method="post"> |
|
243 |
+ <%= hidden_field op => 'close' %> |
|
244 |
+ <%= submit_button 'Close pull request', class => 'btn' %> |
|
245 |
+ </form> |
|
246 |
+ </div> |
|
247 |
+ % } else { |
|
248 |
+ <div style="text-align:right;margin-top:10px;"> |
|
249 |
+ <form action="<%= url_for %>" method="post"> |
|
250 |
+ <%= hidden_field op => 'reopen' %> |
|
251 |
+ <%= submit_button 'Reopen pull request', class => 'btn' %> |
|
252 |
+ </form> |
|
253 |
+ </div> |
|
254 |
+ % } |
|
220 | 255 |
% } |
221 | 256 |
</div> |
222 | 257 |
</div> |