...

2026-01-26 06:15:22 +01:00 · 2025-12-26 12:49:27 +01:00 · 2025-12-26 12:49:27 +01:00 · ae43a09aa8
commit ae43a09aa8
parent 621c0e2b50
2 changed files with 6 additions and 2 deletions
--- a/routers/api/packages/api.go
+++ b/routers/api/packages/api.go
@ -4,7 +4,6 @@
 package packages

 import (
-	"fmt"
 	"net/http"

 	actions_model "code.gitea.io/gitea/models/actions"
@ -124,7 +123,6 @@ func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.Context) {
 				}

 				if task.RepoID != packageRepoID {
-					fmt.Printf("DEBUG: taskRepoID %d != packageRepoID %d. Checking cross-repo.\n", task.RepoID, packageRepoID)
 					// Cross-repository access - check org policy
 					cfg, err := actions_model.GetOrgActionsConfig(ctx, ctx.Package.Owner.ID)
 					if err != nil {
--- a/tests/integration/actions_job_token_test.go
+++ b/tests/integration/actions_job_token_test.go
@ -9,6 +9,7 @@ import (
 	"fmt"
 	"net/http"
 	"net/url"
+
 	"testing"

 	actions_model "code.gitea.io/gitea/models/actions"
@ -383,6 +384,11 @@ func TestActionsCrossRepoAccess(t *testing.T) {
 			require.NoError(t, packages_model.SetRepositoryLink(t.Context(), pkg.ID, repoBID))

 			// By default, cross-repo is disabled
+			// Explicitly set it to false to ensure test determinism (in case defaults change)
+			require.NoError(t, actions_model.SetOrgActionsConfig(t.Context(), org.ID, &repo_model.ActionsConfig{
+				AllowCrossRepoAccess: false,
+			}))
+
 			// Try to download with cross-repo disabled - should fail
 			downloadReqDenied := NewRequest(t, "GET", packageURL)
 			downloadReqDenied.Header.Set("Authorization", "Bearer "+task.Token)