1. Patchew
  2. Patchew
  3. View series

[Patchew-devel] [PATCH] git: do not require superuser permissions to edit configuration

Paolo Bonzini posted 1 patch 6 years, 1 month ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/patchew-ci tags/patchew/20180308064126.17240-1-pbonzini@redhat.com
mods/git.py | 2 --
1 file changed, 2 deletions(-)
[Patchew-devel] [PATCH] git: do not require superuser permissions to edit configuration
Posted by Paolo Bonzini 6 years, 1 month ago 
Currently, mods/git.py only shows the config box to superusers.  This
was a mistake, so fix it.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
	Applied.

 mods/git.py | 2 --
 1 file changed, 2 deletions(-)

diff --git a/mods/git.py b/mods/git.py
index b0df7e8..df4185a 100644
--- a/mods/git.py
+++ b/mods/git.py
@@ -193,8 +193,6 @@ class GitModule(PatchewModule):
                                          })
 
     def prepare_project_hook(self, request, project):
-        if not request.user.is_superuser:
-            return
         project.extra_info.append({"title": "Git configuration",
                                    "class": "info",
                                    "content_html": self.build_config_html(request,
-- 
2.14.3


_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel
Re: [Patchew-devel] [PATCH] git: do not require superuser permissions to edit configuration
Posted by Fam Zheng 6 years, 1 month ago 
On Thu, 03/08 07:41, Paolo Bonzini wrote:
> Currently, mods/git.py only shows the config box to superusers.  This
> was a mistake, so fix it.
> 
> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
> ---
> 	Applied.
> 
>  mods/git.py | 2 --
>  1 file changed, 2 deletions(-)
> 
> diff --git a/mods/git.py b/mods/git.py
> index b0df7e8..df4185a 100644
> --- a/mods/git.py
> +++ b/mods/git.py
> @@ -193,8 +193,6 @@ class GitModule(PatchewModule):
>                                           })
>  
>      def prepare_project_hook(self, request, project):
> -        if not request.user.is_superuser:
> -            return

No, now git info especially the push_to which has GitHub password is visible
without authentication. I think we want project.maintained_by here.

Fam

>          project.extra_info.append({"title": "Git configuration",
>                                     "class": "info",
>                                     "content_html": self.build_config_html(request,
> -- 
> 2.14.3
> 
> 
> _______________________________________________
> Patchew-devel mailing list
> Patchew-devel@redhat.com
> https://www.redhat.com/mailman/listinfo/patchew-devel

_______________________________________________
Patchew-devel mailing list
Patchew-devel@redhat.com
https://www.redhat.com/mailman/listinfo/patchew-devel

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.