You're looking at it

Homepage: https://roundabout-host.com

By using this site, you agree to have cookies stored on your device, strictly for functional purposes, such as storing your session and preferences.

Dismiss

Revoke trust

roundabout,
created on Tuesday, 28 January 2025, 19:39:30 (1738093170), received on Tuesday, 28 January 2025, 19:39:32 (1738093172)
Author identity: vlad <vlad.muntoiu@gmail.com>

d2b9dd2fab7b11ef6f8ee40dfcdf44d835da51d3

app.py

@@ -678,6 +678,8 @@ def user_profile(username):

                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                                trust = UserTrust(db.session.get(User, flask.session.get("username")), db.session.get(User, username),
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                                                  trust_level)
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                                db.session.add(trust)
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                        elif trust_level == -1:
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                            existing_trust.cancel()
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                            db.session.commit()
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                            
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                            return flask.redirect("?", code=303)
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                            
                                

models.py

@@ -208,7 +208,7 @@ with (app.app_context()):

                                
                                
                                
                            
                                
                                    
                                        
                                            
                                            
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                    def cancel(self):
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                        """Remove the trusted user from all of the host's repositories."""
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                    relationships = RepoAccess.query.filter(RepoAccess.repo.owner == self.host, RepoAccess.user == self.trusted, RepoAccess.automatic == True)
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                    relationships = RepoAccess.query.filter(RepoAccess.repo.has(owner_name=self.host_username), RepoAccess.user == self.trusted, RepoAccess.automatic == True)
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                        relationships.delete()
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                        db.session.delete(self)
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                            
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        

@@ -256,6 +256,13 @@ with (app.app_context()):

                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                        repo_access = RepoAccess(owner, self, 2)
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                        db.session.add(repo_access)
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                            
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                    with db.session.no_autoflush:
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                        # Add the trusted users to the repo
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                        for trust in owner.trusts:
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                            if trust.trust_level > 0:
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                                repo_access = RepoAccess(trust.trusted, self, trust.trust_level, automatic=True)
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                                db.session.add(repo_access)
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                        
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                        # Create the directory
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                        if not os.path.exists(os.path.join(config.REPOS_PATH, self.owner_name, self.name)):
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                            subprocess.run(["git", "init", self.name],
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                            
                                

templates/user-profile-organisation.html

@@ -2,7 +2,7 @@

                                
                                
                                
                            
                                
                                    
                                        
                                            
                                            {% block title %}
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                {% trans username=user.username %}{{ username }}'s organisation settings{% endtrans %}
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                            {% endblock %}
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                        {% set active_page = "following" %}
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                        {% set active_page = "organisation" %}
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                            
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                            {% block content %}
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                <x-hbox class="wrap homogenous">
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                            
                                

templates/user-profile-trust.html

@@ -9,6 +9,7 @@

                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                    {% trans %}Trusting this user will grant them the equivalent role in all your repositories. If the role is read-write or admin, they will also be able to create new repositories on your behalf.{% endtrans %}
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                    <form method="post" action="/{{ user.username }}/?action=trust-confirm" class="vbox">
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                        <select id="trust-level" name="trust-level" required>
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                                        <option value="-1">{% trans %}Don't trust{% endtrans %}</option>
                                        
                                        
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                            <option value="0">{% trans %}Read-only{% endtrans %}</option>
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                            <option value="1">{% trans %}Read-write{% endtrans %}</option>
                                        
                                        
                                            
                                            
                                            
                                            
                                        
                                    
                                
                                
                                
                            
                                
                                    
                                        
                                            
                                                            <option value="2">{% trans %}Administrator{% endtrans %}</option>