| ... | ... |
@@ -103,6 +103,19 @@ sub can_access_private_project {
|
| 103 | 103 |
return $is_valid; |
| 104 | 104 |
} |
| 105 | 105 |
|
| 106 |
+sub can_write_access {
|
|
| 107 |
+ my ($self, $session_user_id, $user_id, $project_id) = @_; |
|
| 108 |
+ |
|
| 109 |
+ my $can_write_access |
|
| 110 |
+ = length $session_user_id && |
|
| 111 |
+ ( |
|
| 112 |
+ $session_user_id eq $user_id |
|
| 113 |
+ || $self->is_collaborator($session_user_id, $user_id, $project_id) |
|
| 114 |
+ ); |
|
| 115 |
+ |
|
| 116 |
+ return $can_write_access; |
|
| 117 |
+} |
|
| 118 |
+ |
|
| 106 | 119 |
sub new {
|
| 107 | 120 |
my ($class, $cntl) = @_; |
| 108 | 121 |
|
| ... | ... |
@@ -17,11 +17,34 @@ |
| 17 | 17 |
my $git = $self->app->git; |
| 18 | 18 |
|
| 19 | 19 |
if (lc $self->req->method eq 'post') {
|
| 20 |
- my $op = param('op');
|
|
| 21 | 20 |
|
| 22 | 21 |
# Access controll |
| 22 |
+ unless ($api->can_write_access($session_user_id, $user_id, $project_id)) {
|
|
| 23 |
+ $self->reply->exception('Forbbiden');
|
|
| 24 |
+ return; |
|
| 25 |
+ } |
|
| 26 |
+ |
|
| 27 |
+ # Close pull request |
|
| 28 |
+ my $op = param('op');
|
|
| 23 | 29 |
if ($op eq 'close') {
|
| 24 |
- |
|
| 30 |
+ app->dbi->model('pull_request')->update(
|
|
| 31 |
+ {open => 0},
|
|
| 32 |
+ where => {row_id => $row_id}
|
|
| 33 |
+ ); |
|
| 34 |
+ $self->redirect_to('current');
|
|
| 35 |
+ return; |
|
| 36 |
+ } |
|
| 37 |
+ elsif ($op eq 'reopen') {
|
|
| 38 |
+ my $open_time = time; |
|
| 39 |
+ app->dbi->model('pull_request')->update(
|
|
| 40 |
+ {
|
|
| 41 |
+ open => 1, |
|
| 42 |
+ open_time => $open_time |
|
| 43 |
+ }, |
|
| 44 |
+ where => {row_id => $row_id}
|
|
| 45 |
+ ); |
|
| 46 |
+ $self->redirect_to('current');
|
|
| 47 |
+ return; |
|
| 25 | 48 |
} |
| 26 | 49 |
} |
| 27 | 50 |
|
| ... | ... |
@@ -95,7 +118,7 @@ |
| 95 | 118 |
Open |
| 96 | 119 |
</div> |
| 97 | 120 |
% } else {
|
| 98 |
- <div style="background:red;padding:4px 8px;border-radius:3px;"> |
|
| 121 |
+ <div style="background:#bd2c00;padding:4px 8px;border-radius:3px;"> |
|
| 99 | 122 |
Closed |
| 100 | 123 |
</div> |
| 101 | 124 |
% } |
| ... | ... |
@@ -188,35 +211,47 @@ |
| 188 | 211 |
|
| 189 | 212 |
%= include '/include/commit_body', %commit_body_args; |
| 190 | 213 |
|
| 191 |
- % if ($api->logined($user_id)) {
|
|
| 192 |
- <form action="<%= url_for %>" method="post"> |
|
| 193 |
- <div class="pull-request-form"> |
|
| 194 |
- <div style="overflow:hidden"> |
|
| 195 |
- <div style="float:left;padding:10px;padding-right:0"> |
|
| 196 |
- <div style="width:30px;height:30px;text-align:center;border-radius:15px;background:#95c97e;color:white;padding-top:5px;"><%= "\x{2714}" %></div>
|
|
| 197 |
- </div> |
|
| 198 |
- <div style="float:left"> |
|
| 199 |
- <div class="pull-request-form-title"> |
|
| 200 |
- <div> |
|
| 201 |
- <b>This branch has no conflicts with the base branch</b> |
|
| 202 |
- </div> |
|
| 203 |
- <div> |
|
| 204 |
- <span style="color:#767676">Merging can be performed automatically.</span> |
|
| 214 |
+ % if ($api->can_write_access($session_user_id, $user_id, $project_id)) {
|
|
| 215 |
+ % if ($pull_request->{open}) {
|
|
| 216 |
+ <form action="<%= url_for %>" method="post"> |
|
| 217 |
+ <div class="pull-request-form"> |
|
| 218 |
+ <div style="overflow:hidden"> |
|
| 219 |
+ <div style="float:left;padding:10px;padding-right:0"> |
|
| 220 |
+ <div style="width:30px;height:30px;text-align:center;border-radius:15px;background:#95c97e;color:white;padding-top:5px;"><%= "\x{2714}" %></div>
|
|
| 221 |
+ </div> |
|
| 222 |
+ <div style="float:left"> |
|
| 223 |
+ <div class="pull-request-form-title"> |
|
| 224 |
+ <div> |
|
| 225 |
+ <b>This branch has no conflicts with the base branch</b> |
|
| 226 |
+ </div> |
|
| 227 |
+ <div> |
|
| 228 |
+ <span style="color:#767676">Merging can be performed automatically.</span> |
|
| 229 |
+ </div> |
|
| 205 | 230 |
</div> |
| 206 | 231 |
</div> |
| 207 | 232 |
</div> |
| 233 |
+ <div class="pull-request-form-button"> |
|
| 234 |
+ <%= submit_button 'Merge pull request', class => "btn btn-success" %> |
|
| 235 |
+ </div> |
|
| 208 | 236 |
</div> |
| 209 |
- <div class="pull-request-form-button"> |
|
| 210 |
- <%= submit_button 'Merge pull request', class => "btn btn-success" %> |
|
| 211 |
- </div> |
|
| 212 |
- </div> |
|
| 213 |
- </form> |
|
| 214 |
- <div style="text-align:right;margin-top:10px;"> |
|
| 215 |
- <form action="<%= url_for %>" method="post"> |
|
| 216 |
- <%= hidden_field op => 'close' %> |
|
| 217 |
- <%= submit_button 'Close pull request', class => 'btn' %> |
|
| 218 | 237 |
</form> |
| 219 |
- </div> |
|
| 238 |
+ % } |
|
| 239 |
+ |
|
| 240 |
+ % if ($pull_request->{open}) {
|
|
| 241 |
+ <div style="text-align:right;margin-top:10px;"> |
|
| 242 |
+ <form action="<%= url_for %>" method="post"> |
|
| 243 |
+ <%= hidden_field op => 'close' %> |
|
| 244 |
+ <%= submit_button 'Close pull request', class => 'btn' %> |
|
| 245 |
+ </form> |
|
| 246 |
+ </div> |
|
| 247 |
+ % } else {
|
|
| 248 |
+ <div style="text-align:right;margin-top:10px;"> |
|
| 249 |
+ <form action="<%= url_for %>" method="post"> |
|
| 250 |
+ <%= hidden_field op => 'reopen' %> |
|
| 251 |
+ <%= submit_button 'Reopen pull request', class => 'btn' %> |
|
| 252 |
+ </form> |
|
| 253 |
+ </div> |
|
| 254 |
+ % } |
|
| 220 | 255 |
% } |
| 221 | 256 |
</div> |
| 222 | 257 |
</div> |