From e1cc43a8cebe38847f5e81ff44cba81366e7be74 Mon Sep 17 00:00:00 2001
From: Dusty Phillips <buchuki@gmail.com>
Date: Fri, 24 Jul 2009 15:33:09 -0400
Subject: Repo-based permissions when adopting packages.

---
 packages/views.py | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to 'packages')

diff --git a/packages/views.py b/packages/views.py
index 835323fc..2ea444a6 100644
--- a/packages/views.py
+++ b/packages/views.py
@@ -24,13 +24,24 @@ def update(request):
         maint_id = 0
 
     if mode:
-        for id in ids:
-            pkg = Package.objects.get(id=id)
+        pkgs = Package.objects.filter(
+                id__in=ids,
+                repo__in=request.user.userprofile_user.all(
+                    )[0].allowed_repos.all())
+        disallowed_pkgs = Package.objects.filter(id__in=ids).exclude(
+                repo__in=request.user.userprofile_user.all(
+                    )[0].allowed_repos.all())
+        for pkg in pkgs:
             pkg.maintainer_id = maint_id
             pkg.save()
 
         request.user.message_set.create(message="%d packages %sed" % (
-            len(ids), mode))
+            len(pkgs), mode))
+        if disallowed_pkgs:
+            request.user.message_set.create(
+                    message="You do not have permmission to adopt: %s" % (
+                        ' '.join([p.pkgname for p in disallowed_pkgs])
+                        ))
     else:
         request.user.message_set.create(message="update called without adopt/disown")
     return HttpResponseRedirect('/packages/')
-- 
cgit v1.2.3