Projet

Général

Profil

0001-myspace-don-t-preemptively-block-access-to-myspace-6.patch

Frédéric Péters, 30 janvier 2015 14:05

Télécharger (1,5 ko)

Voir les différences: 

Subject: [PATCH] myspace: don't preemptively block access to myspace (#6385)

Most views were already doing their own checks, and some views needed to be
open to API users.

 extra/modules/myspace.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
extra/modules/myspace.py
430 430 
    json = JsonDirectory()
431 431 

  		




  432
  432
  
    
    def _q_traverse(self, path):

  		




  433
  
  
    
        if (path[0] not in ('new', 'json')) and (not get_request().user or get_request().user.anonymous):

  		




  434
  
  
    
            raise errors.AccessUnauthorizedError()

  		




  435
  433
  
    
        get_response().filter['bigdiv'] = 'profile'

  		




  436
  434
  
    
        get_response().breadcrumb.append(('myspace/', _('My Space')))

  		




  437
  435
  
    

  		




  ......




  697
  695
  
    
        options = get_cfg('misc', {}).get('announce_themes')

  		




  698
  696
  
    
        if not options:

  		




  699
  697
  
    
            raise errors.TraversalError()

  		




  
  698
  
    
        user = get_request().user

  		




  
  699
  
    
        if not user or user.anonymous:

  		




  
  700
  
    
            raise errors.AccessUnauthorizedError()

  		




  700
  701
  
    
        subscription = AnnounceSubscription.get_on_index(get_request().user.id, str('user_id'))

  		




  701
  702
  
    
        if not subscription:

  		




  702
  703
  
    
            raise errors.TraversalError()

  		




  703
  
  
    
-