fix

2026-05-13 06:46:03 +02:00 · 2026-05-08 11:05:14 -07:00 · 2026-05-08 11:05:14 -07:00 · 2d97484be9
commit 2d97484be9
parent f82cdc3d6c
5 changed files with 47 additions and 15 deletions
--- a/routers/api/packages/composer/api.go
+++ b/routers/api/packages/composer/api.go
@ -10,6 +10,7 @@ import (

 	packages_model "code.gitea.io/gitea/models/packages"
 	access_model "code.gitea.io/gitea/models/perm/access"
+	"code.gitea.io/gitea/modules/log"
 	composer_module "code.gitea.io/gitea/modules/packages/composer"
 	"code.gitea.io/gitea/services/context"
 )
@ -93,7 +94,7 @@ type Source struct {
 	Reference string `json:"reference"`
 }

-func createPackageMetadataResponse(ctx *context.Context, registryURL string, pds []*packages_model.PackageDescriptor) (*PackageMetadataResponse, error) {
+func createPackageMetadataResponse(ctx *context.Context, registryURL string, pds []*packages_model.PackageDescriptor) *PackageMetadataResponse {
 	versions := make([]*PackageVersionMetadata, 0, len(pds))

 	for _, pd := range pds {
@ -120,10 +121,8 @@ func createPackageMetadataResponse(ctx *context.Context, registryURL string, pds
 		if pd.Repository != nil {
 			permission, err := access_model.GetDoerRepoPermission(ctx, pd.Repository, ctx.Doer)
 			if err != nil {
-				return nil, err
-			}
-
-			if permission.HasAnyUnitAccess() {
+				log.Error("GetDoerRepoPermission[%d]: %v", pd.Repository.ID, err)
+			} else if permission.HasAnyUnitAccessOrPublicAccess() {
 				pkg.Source = Source{
 					URL:       pd.Repository.HTMLURL(),
 					Type:      "git",
@ -140,5 +139,5 @@ func createPackageMetadataResponse(ctx *context.Context, registryURL string, pds
 		Packages: map[string][]*PackageVersionMetadata{
 			pds[0].Package.Name: versions,
 		},
-	}, nil
+	}
 }
--- a/routers/api/packages/composer/composer.go
+++ b/routers/api/packages/composer/composer.go
@ -145,15 +145,11 @@ func PackageMetadata(ctx *context.Context) {
 		return
 	}

-	resp, err := createPackageMetadataResponse(
+	resp := createPackageMetadataResponse(
 		ctx,
 		setting.AppURL+"api/packages/"+ctx.Package.Owner.Name+"/composer",
 		pds,
 	)
-	if err != nil {
-		apiError(ctx, http.StatusInternalServerError, err)
-		return
-	}

 	ctx.JSON(http.StatusOK, resp)
 }
--- a/templates/package/shared/cleanup_rules/preview.tmpl
+++ b/templates/package/shared/cleanup_rules/preview.tmpl
@ -20,9 +20,11 @@
 					<td>{{.Package.Type.Name}}</td>
 					<td>
 						{{.Package.Name}}
-						<span class="label-list">
-							{{template "package/shared/visibility_badge" dict "Package" .Package "Owner" .Owner}}
-						</span>
+						{{if .Owner}}
+							<span class="label-list">
+								{{template "package/shared/visibility_badge" dict "Package" .Package "Owner" .Owner}}
+							</span>
+						{{end}}
 					</td>
 					<td><a href="{{.VersionWebLink}}">{{.Version.Version}}</a></td>
 					<td><a href="{{.Creator.HomeLink}}">{{.Creator.Name}}</a></td>
--- a/templates/package/shared/visibility_badge.tmpl
+++ b/templates/package/shared/visibility_badge.tmpl
@ -1,5 +1,5 @@
 {{if .Package.IsInternal}}
-	<span class="ui basic label">{{ctx.Locale.Tr "repo.desc.private"}}</span>
+	<span class="ui basic label">{{ctx.Locale.Tr "repo.desc.internal"}}</span>
 {{else if .Owner.Visibility.IsPrivate}}
 	<span class="ui basic label">{{ctx.Locale.Tr "repo.desc.private"}}</span>
 {{else if .Owner.Visibility.IsLimited}}
--- a/tests/integration/api_packages_composer_test.go
+++ b/tests/integration/api_packages_composer_test.go
@ -28,6 +28,7 @@ func TestPackageComposer(t *testing.T) {

 	user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
 	otherUser := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})
+	privateUser := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 31})

 	vendorName := "gitea"
 	projectName := "composer-package"
@ -288,5 +289,39 @@ func TestPackageComposer(t *testing.T) {
 		viewResp := MakeRequest(t, viewReq, http.StatusOK)
 		viewDoc := NewHTMLParser(t, bytes.NewReader(viewResp.Body.Bytes()))
 		assert.Equal(t, 0, viewDoc.Find(".issue-title-header .ui.basic.label").Length())
+
+		privatePackageName := privateUser.Name + "/private-composer-package"
+		privatePackageVersion := "1.0.0"
+		privateContent := test.WriteZipArchive(map[string]string{
+			"composer.json": `{
+				"name": "` + privatePackageName + `",
+				"description": "Private Package",
+				"type": "` + packageType + `",
+				"license": "` + packageLicense + `",
+				"authors": [
+					{
+						"name": "` + packageAuthor + `"
+					}
+				]
+			}`,
+		}).Bytes()
+		privateUploadURL := fmt.Sprintf("%sapi/packages/%s/composer?version=%s", setting.AppURL, privateUser.Name, privatePackageVersion)
+
+		uploadReq := NewRequestWithBody(t, "PUT", privateUploadURL, bytes.NewReader(privateContent)).
+			AddBasicAuth(privateUser.Name)
+		MakeRequest(t, uploadReq, http.StatusCreated)
+		privateSession := loginUser(t, privateUser.Name)
+
+		privateListReq := NewRequest(t, "GET", fmt.Sprintf("/%s/-/packages", privateUser.Name))
+		privateListResp := privateSession.MakeRequest(t, privateListReq, http.StatusOK)
+		privateListDoc := NewHTMLParser(t, bytes.NewReader(privateListResp.Body.Bytes()))
+		assert.Equal(t, 1, privateListDoc.Find(".item-title .ui.basic.label").Length())
+		assert.Equal(t, "Private", privateListDoc.Find(".item-title .ui.basic.label").First().Text())
+
+		privateViewReq := NewRequest(t, "GET", fmt.Sprintf("/%s/-/packages/composer/%s/%s", privateUser.Name, neturl.PathEscape(privatePackageName), neturl.PathEscape(privatePackageVersion)))
+		privateViewResp := privateSession.MakeRequest(t, privateViewReq, http.StatusOK)
+		privateViewDoc := NewHTMLParser(t, bytes.NewReader(privateViewResp.Body.Bytes()))
+		assert.Equal(t, 1, privateViewDoc.Find(".issue-title-header .ui.basic.label").Length())
+		assert.Equal(t, "Private", privateViewDoc.Find(".issue-title-header .ui.basic.label").First().Text())
 	})
 }