mirror/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-02-23 19:50:43 +08:00
Code Issues Packages Projects Releases Wiki Activity
ef12b8de80
gitea/models
History
zeripath ef12b8de80
Ensure that restricted users can access repos for which they are members (#17460) (#17464) 
Backport #17460

There is a small bug in the way that repo access is checked in
repoAssignment: Accessibility is checked by checking if the user has a
marked access to the repository instead of checking if the user has any
team granted access.

This PR changes this permissions check to use HasAccess() which does the
correct test. There is also a fix in the release api ListReleases where
it should return draft releases if the user is a member of a team with
write access to the releases.

The PR also adds a testcase.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-10-28 11:33:18 +08:00
..
fixtures Ensure that restricted users can access repos for which they are members (#17460) (#17464) 2021-10-28 11:33:18 +08:00
migrations Add primary_key to issue_index (#16813) (#16820) 2021-08-25 18:10:15 -04:00
access_test.go
access.go Nicely handle missing user in collaborations (#17049) (#17166) 2021-09-28 07:41:12 +01:00
action_list.go
action_test.go Clarify the suffices and prefixes of setting.AppSubURL and setting.AppURL (#12999) 2021-02-19 22:36:43 +01:00
action.go Improve notifications for WIP draft PR's (#14663) 2021-06-23 00:14:22 -04:00
admin_test.go
admin.go improve empty notice (#15890) 2021-05-16 19:58:26 +08:00
attachment_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
attachment.go Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977) 2021-09-07 19:39:05 +01:00
avatar_test.go Fix individual tests (addition to #15802) (#15818) 2021-05-12 00:13:42 -04:00
avatar.go Double the avatar size factor (#15941) 2021-05-21 21:18:43 -04:00
branches_test.go
branches.go Fix various documentation, user-facing, and source comment typos (#16367) 2021-07-08 13:38:13 +02:00
commit_status_test.go Fix bug about ListOptions and stars/watchers pagnation (#14556) 2021-02-04 11:23:46 -06:00
commit_status.go Fix session bugs (#16552) (#16553) 2021-07-27 09:44:44 +08:00
consistency_test.go Fix orphaned objects deletion bug (#15657) 2021-04-30 20:08:46 +02:00
consistency.go Update milestone counters on new issue. (#16183) 2021-06-21 14:34:58 -04:00
context.go Correctly rollback in ForkRepository (#17034) (#17045) 2021-09-15 08:42:09 +03:00
convert.go just add some unit tests (#16291) 2021-06-29 22:00:02 +01:00
error_oauth2.go
error.go Add option to provide signature for a token to verify key ownership (#14054) 2021-07-13 15:28:07 +02:00
external_login_user.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
fixture_generation.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
fixture_test.go
gpg_key_add.go Handle duplicate keys on GPG key ring (#17242) (#17284) 2021-10-11 05:13:10 +03:00
gpg_key_commit_verification.go Add option to provide signature for a token to verify key ownership (#14054) 2021-07-13 15:28:07 +02:00
gpg_key_common.go Add option to provide signature for a token to verify key ownership (#14054) 2021-07-13 15:28:07 +02:00
gpg_key_import.go Add option to provide signature for a token to verify key ownership (#14054) 2021-07-13 15:28:07 +02:00
gpg_key_test.go Add option to provide signature for a token to verify key ownership (#14054) 2021-07-13 15:28:07 +02:00
gpg_key_verify.go Add option to provide signature for a token to verify key ownership (#14054) 2021-07-13 15:28:07 +02:00
gpg_key.go Add option to provide signature for a token to verify key ownership (#14054) 2021-07-13 15:28:07 +02:00
helper_directory.go
helper_environment.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
helper.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
index_test.go Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) 2021-06-14 10:22:55 +08:00
index.go Add unique constraint back into issue_index (#16938) 2021-09-03 17:35:18 +08:00
issue_assignees_test.go Fix individual tests (addition to #15802) (#15818) 2021-05-12 00:13:42 -04:00
issue_assignees.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_comment_list.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_comment_test.go
issue_comment.go Fix various documentation, user-facing, and source comment typos (#16367) 2021-07-08 13:38:13 +02:00
issue_dependency_test.go
issue_dependency.go Fix various documentation, user-facing, and source comment typos (#16367) 2021-07-08 13:38:13 +02:00
issue_label_test.go Fix various documentation, user-facing, and source comment typos (#16367) 2021-07-08 13:38:13 +02:00
issue_label.go Code Formats, Nits & Unused Func/Var deletions (#15286) 2021-04-09 09:40:34 +02:00
issue_list_test.go
issue_list.go Performance improvement for list pull requests (#15447) 2021-04-15 19:34:43 +02:00
issue_lock.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_milestone_test.go Update milestone counters on new issue. (#16183) 2021-06-21 14:34:58 -04:00
issue_milestone.go Update milestone counters on new issue. (#16183) 2021-06-21 14:34:58 -04:00
issue_reaction_test.go
issue_reaction.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_stopwatch_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
issue_stopwatch.go Fix session bugs (#16552) (#16553) 2021-07-27 09:44:44 +08:00
issue_test.go Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) 2021-06-14 10:22:55 +08:00
issue_tracked_time_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_tracked_time.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_user_test.go
issue_user.go
issue_watch_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
issue_watch.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
issue_xref_test.go Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) 2021-06-14 10:22:55 +08:00
issue_xref.go don't record error when loading ref comment but ref comment id is zero (#15820) 2021-05-11 21:43:35 +01:00
issue.go Update issue_index to finish migration (#16685) (#16687) 2021-08-13 15:13:03 +01:00
lfs_lock.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
lfs.go Code Formats, Nits & Unused Func/Var deletions (#15286) 2021-04-09 09:40:34 +02:00
list_options.go Fix list_options GetStartEnd (#16303) 2021-06-29 22:42:23 +01:00
log.go Fix xorm log stack level (#15285) 2021-04-05 08:41:22 +01:00
login_source.go Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137) 2021-09-27 18:30:11 +01:00
main_test.go
migrate.go Fix delete nonexist oauth application 500 and prevent deadlock (#15384) 2021-04-10 16:49:10 -04:00
models_test.go Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848) 2021-08-28 13:16:19 +02:00
models.go Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848) 2021-08-28 13:16:19 +02:00
notification_test.go
notification.go Improve notifications for WIP draft PR's (#14663) 2021-06-23 00:14:22 -04:00
oauth2_application_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
oauth2_application.go Switch to maintained jwt lib (#16532) (#16533) 2021-07-24 11:13:50 -04:00
oauth2.go Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16570) 2021-07-29 18:52:38 +01:00
org_team_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
org_team.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
org_test.go Add Visible modes function from Organisation to Users too (#16069) 2021-06-26 20:53:14 +01:00
org.go Fix incorrect repository count on organization tab of dashboard (#17266) 2021-10-08 17:33:16 +08:00
project_board.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
project_issue.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
project_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
project.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
protected_tag_test.go Add tag protection (#15629) 2021-06-25 16:28:55 +02:00
protected_tag.go Add tag protection (#15629) 2021-06-25 16:28:55 +02:00
pull_list.go
pull_sign.go
pull_test.go Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227) 2021-10-05 20:16:22 +02:00
pull.go Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) (#17227) 2021-10-05 20:16:22 +02:00
release.go [API] ListReleases add filter for draft and pre-releases (#16175) 2021-06-17 10:58:10 +02:00
repo_activity.go
repo_archiver.go Fix archive error when rename repo or user (#16399) 2021-07-13 14:16:31 +02:00
repo_avatar.go
repo_branch.go
repo_collaboration_test.go
repo_collaboration.go Nicely handle missing user in collaborations (#17049) (#17166) 2021-09-28 07:41:12 +01:00
repo_generate_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
repo_generate.go Refactor renders (#15175) 2021-04-19 18:25:08 -04:00
repo_indexer.go
repo_issue.go
repo_language_stats.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_list_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_list.go not show private user's repo in explore view (#16550) (#16554) 2021-07-27 07:34:25 +01:00
repo_mirror.go Add push to remote mirror repository (#15157) 2021-06-14 19:20:43 +02:00
repo_permission_test.go
repo_permission.go Fix various documentation, user-facing, and source comment typos (#16367) 2021-07-08 13:38:13 +02:00
repo_pushmirror_test.go Add push to remote mirror repository (#15157) 2021-06-14 19:20:43 +02:00
repo_pushmirror.go Fix various documentation, user-facing, and source comment typos (#16367) 2021-07-08 13:38:13 +02:00
repo_redirect_test.go Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
repo_redirect.go Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
repo_sign.go
repo_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
repo_transfer_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo_transfer.go Nicely handle missing user in collaborations (#17049) (#17166) 2021-09-28 07:41:12 +01:00
repo_unit.go Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 (#17136) (#17137) 2021-09-27 18:30:11 +01:00
repo_watch_test.go
repo_watch.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
repo.go Ensure that git daemon export ok is created for mirrors (#17243) (#17306) 2021-10-14 18:07:53 +02:00
review_test.go Ensure review dismissal only dismisses the correct review (#15477) 2021-04-15 11:03:11 +01:00
review.go Fix unwanted team review request deletion (#17257) (#17264) 2021-10-07 23:58:13 +02:00
session.go Fix DB session cleanup (#15697) 2021-05-01 22:51:03 -04:00
sql_postgres_with_schema.go
ssh_key_test.go
ssh_key.go Retry rename on lock induced failures (#16435) 2021-07-15 11:46:07 -04:00
star_test.go
star.go
task.go Add Status Updates whilst Gitea migrations are occurring (#15076) 2021-06-16 18:02:24 -04:00
test_fixtures.go Create Proper Migration Tests (#15116) 2021-03-24 19:27:22 +01:00
token_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
token.go Only check access tokens if they are likely to be tokens (#16164) 2021-06-16 00:29:25 +02:00
topic_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
topic.go Fix various documentation, user-facing, and source comment typos (#16367) 2021-07-08 13:38:13 +02:00
twofactor.go Use single shared random string generation function (#15741) 2021-05-10 07:45:17 +01:00
u2f_test.go Don't panic if we fail to parse U2FRegistration data (#17304) (#17371) 2021-10-20 21:45:17 +02:00
u2f.go Don't panic if we fail to parse U2FRegistration data (#17304) (#17371) 2021-10-20 21:45:17 +02:00
unit_tests.go Rework repository archive (#14723) 2021-06-23 17:12:38 -04:00
unit.go
update.go
upload.go
user_avatar.go Send size to /avatars if requested (#15459) 2021-04-17 00:22:25 +02:00
user_follow_test.go
user_follow.go
user_heatmap_test.go Allow mocking timeutil (#17354) (#17356) 2021-10-18 16:48:23 -05:00
user_heatmap.go Fix heatmap activity (#15252) 2021-06-25 12:59:25 -04:00
user_mail_test.go Always store primary email address into email_address table and also the state (#15956) 2021-06-08 11:52:51 +08:00
user_mail.go Fix activation of primary email addresses (#16385) 2021-07-13 22:59:27 +02:00
user_openid_test.go Fixed assert statements. (#16089) 2021-06-07 07:27:09 +02:00
user_openid.go Code Formats, Nits & Unused Func/Var deletions (#15286) 2021-04-09 09:40:34 +02:00
user_redirect_test.go Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
user_redirect.go Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
user_test.go Make allowed Visiblity modes configurable for Users (#16271) 2021-06-27 19:47:35 +01:00
user.go Fix broken Activities link in team dashboard (#17255) (#17258) 2021-10-07 20:58:59 +02:00
userlist_test.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
userlist.go chore(models): rewrite code format. (#14754) 2021-03-14 19:52:12 +01:00
webhook_test.go Refactor Webhook + Add X-Hub-Signature (#16176) 2021-06-27 20:21:09 +01:00
webhook.go Refactor Webhook + Add X-Hub-Signature (#16176) 2021-06-27 20:21:09 +01:00
wiki_test.go
wiki.go