0
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-12-14 11:55:42 +01:00
gitea/models
Jason Song a33e74d40d
Clarify Actions resources ownership (#31724)
Fix #31707.

Also related to #31715.

Some Actions resources could has different types of ownership. It could
be:

- global: all repos and orgs/users can use it.
- org/user level: only the org/user can use it.
- repo level: only the repo can use it.

There are two ways to distinguish org/user level from repo level:
1. `{owner_id: 1, repo_id: 2}` for repo level, and `{owner_id: 1,
repo_id: 0}` for org level.
2. `{owner_id: 0, repo_id: 2}` for repo level, and `{owner_id: 1,
repo_id: 0}` for org level.

The first way seems more reasonable, but it may not be true. The point
is that although a resource, like a runner, belongs to a repo (it can be
used by the repo), the runner doesn't belong to the repo's org (other
repos in the same org cannot use the runner). So, the second method
makes more sense.

And the first way is not user-friendly to query, we must set the repo id
to zero to avoid wrong results.

So, #31715 should be right. And the most simple way to fix #31707 is
just:

```diff
-	shared.GetRegistrationToken(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.ID)
+	shared.GetRegistrationToken(ctx, 0, ctx.Repo.Repository.ID)
```

However, it is quite intuitive to set both owner id and repo id since
the repo belongs to the owner. So I prefer to be compatible with it. If
we get both owner id and repo id not zero when creating or finding, it's
very clear that the caller want one with repo level, but set owner id
accidentally. So it's OK to accept it but fix the owner id to zero.
2024-08-01 09:04:04 +00:00
..
actions Clarify Actions resources ownership (#31724) 2024-08-01 09:04:04 +00:00
activities Refactor webhook (#31587) 2024-07-10 11:37:16 +00:00
admin
asymkey Enable more revive linter rules (#30608) 2024-04-22 11:48:42 +00:00
auth add skip secondary authorization option for public oauth2 clients (#31454) 2024-07-19 14:28:30 -04:00
avatars Replace 10 more gt- classes with tw- (#29945) 2024-03-22 13:45:10 +00:00
db [Refactor] Unify repo search order by logic (#30876) 2024-06-13 09:13:11 +00:00
dbfs Enable unparam linter (#31277) 2024-06-11 18:47:45 +00:00
fixtures Fix wrong display of recently pushed notification (#25812) 2024-05-21 17:00:35 +00:00
git Exclude protected branches from recently pushed (#31748) 2024-08-01 10:21:28 +03:00
issues Add permission check when creating PR (#31033) 2024-07-29 02:21:22 +00:00
migrations add skip secondary authorization option for public oauth2 clients (#31454) 2024-07-19 14:28:30 -04:00
organization Fix wrong display of recently pushed notification (#25812) 2024-05-21 17:00:35 +00:00
packages Fix package list performance (#30520) 2024-04-20 13:07:00 +02:00
perm Clarify permission "HasAccess" behavior (#30585) 2024-04-20 03:15:04 +00:00
project Fix the display of project type for deleted projects (#31732) 2024-07-30 04:37:43 +00:00
pull
repo Make GetRepositoryByName more safer (#31712) 2024-07-29 01:32:54 +00:00
secret Clarify Actions resources ownership (#31724) 2024-08-01 09:04:04 +00:00
shared/types
system
unit Refactor repo unit "disabled" check (#31389) 2024-06-18 00:51:13 +00:00
unittest Add some tests to clarify the "must-change-password" behavior (#30693) 2024-04-27 12:23:37 +00:00
user Support delete user email in admin panel (#31690) 2024-07-25 18:11:04 +08:00
webhook Store webhook event in database (#29145) 2024-03-07 23:18:38 +01:00
error.go
fixture_generation.go
fixture_test.go
main_test.go
org_team_test.go
org_team.go Clarify permission "HasAccess" behavior (#30585) 2024-04-20 03:15:04 +00:00
org_test.go
org.go
repo_test.go
repo_transfer.go chore: use errors.New to replace fmt.Errorf with no parameters will much better (#30621) 2024-04-21 19:44:03 +00:00
repo.go