Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2024-12-13 07:49:16 +01:00
Code Issues Activity
bd613c704c
gitea/routers/api/v1/repo
History
zeripath 0b4a8be26b
Ensure that restricted users can access repos for which they are members (#17460) 
There is a small bug in the way that repo access is checked in
repoAssignment: Accessibility is checked by checking if the user has a
marked access to the repository instead of checking if the user has any
team granted access.

This PR changes this permissions check to use HasAccess() which does the
correct test. There is also a fix in the release api ListReleases where
it should return draft releases if the user is a member of a team with
write access to the releases.

The PR also adds a testcase.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-10-28 10:54:40 +08:00
..
blob.go
branch.go Support unprotected file patterns (#16395) 2021-09-11 16:21:17 +02:00
collaborators.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
commits.go Add API to get commit diff/patch (#17095) 2021-09-20 18:14:29 +02:00
file.go Add caller to cat-file batch calls (#17082) 2021-09-17 20:54:15 -04:00
fork.go Refactor the fork service slightly to take ForkRepoOptions (#16744) 2021-08-28 16:37:14 +08:00
git_hook.go
git_ref.go Let branch/tag name be a valid ref to get CI status (#16400) 2021-07-13 08:14:14 +01:00
hook_test.go Move db related basic functions to models/db (#17075) 2021-09-19 19:49:59 +08:00
hook.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
issue_comment.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
issue_label.go Calculate label URL on API (#16186) 2021-09-10 18:03:16 +02:00
issue_reaction.go
issue_stopwatch.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
issue_subscription.go
issue_tracked_time.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
issue.go API: don't allow merged PRs to be reopened (#17192) 2021-10-02 23:11:17 -04:00
key.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
label.go Calculate label URL on API (#16186) 2021-09-10 18:03:16 +02:00
language.go
main_test.go Move db related basic functions to models/db (#17075) 2021-09-19 19:49:59 +08:00
migrate.go Make mirror feature more configurable (#16957) 2021-09-07 17:49:36 +02:00
milestone.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
mirror.go Make mirror feature more configurable (#16957) 2021-09-07 17:49:36 +02:00
notes.go Add an api endpoint to fetch git notes (#15373) (#16649) 2021-08-11 03:01:40 +02:00
pull_review.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
pull.go Add buttons to allow loading of incomplete diffs (#16829) 2021-10-15 17:05:33 +01:00
release_attachment.go Add repo_id for attachment (#16958) 2021-09-08 17:19:30 +02:00
release_tags.go
release.go Ensure that restricted users can access repos for which they are members (#17460) 2021-10-28 10:54:40 +08:00
repo_test.go Move db related basic functions to models/db (#17075) 2021-09-19 19:49:59 +08:00
repo.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
star.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
status.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
subscriber.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
tag.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
teams.go
topic.go [API] generalize list header (#16551) 2021-08-12 14:43:08 +02:00
transfer.go
tree.go Rename context.Query to context.Form (#16562) 2021-07-29 03:42:15 +02:00
wiki.go Add API to get/edit wiki (#17278) 2021-10-25 11:43:40 +08:00