Small refactoring of modules/private #15947
No reviewers
Labels
No Label
backport/done
backport/v1.0
backport/v1.1
backport/v1.10
backport/v1.11
backport/v1.12
backport/v1.13
backport/v1.14
backport/v1.15
backport/v1.2
backport/v1.3
backport/v1.4
backport/v1.5
backport/v1.6
backport/v1.7
backport/v1.8
backport/v1.9
bounty
changelog
dependencies
frontport/done
frontport/main
good first issue
Hacktoberfest
hacktoberfest-accepted
in progress
kind/api
kind/breaking
kind/bug
kind/build
kind/deployment
kind/deprecated
kind/docs
kind/enhancement
kind/feature
kind/lint
kind/misc
kind/moderation
kind/package
kind/proposal
kind/question
kind/refactor
kind/regression
kind/security
kind/summary
kind/testing
kind/translation
kind/ui
kind/upstream-related
kind/usability
kind/ux
lgtm/done
lgtm/need 1
lgtm/need 2
performance/bigrepo
performance/cpu
performance/memory
performance/speed
priority/critical
priority/low
priority/maybe
priority/medium
proposal/rejected
reviewed/confirmed
reviewed/duplicate
reviewed/fixed
reviewed/invalid
reviewed/not-a-bug
reviewed/wontfix
skip-changelog
stale
status/blocked
status/needs-feedback
status/wip
theme/2fa
theme/authentication
theme/avatar
theme/backup-restore
theme/docker
theme/federation
theme/issues
theme/kanban
theme/markdown
theme/migration
theme/mobile
theme/pr
theme/signing
theme/sqlite
theme/timetracker
theme/webhook
theme/wiki
No Milestone
No project
No Assignees
3 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: lunny/gitea#15947
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "refactoring-private"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
as title
If ctx.User == nil should not be removed.
Why? It's never called with nil. And even if it would be called the check is not logical there. It does not make a branch protected if the user is nil.
DeleteBranchPost
redirects to the login page on anonymous acces.The api
DeleteBranch
results in "user should have a permission to write to a repo".Here it's covered by line 1450 and 1459:
77fa7146c6/routers/repo/issue.go (L1450-L1461)
Here it's covered by line 1160:
77fa7146c6/routers/repo/pull.go (L1155-L1193)
It's also enforced by
reqRepoWriter(models.UnitTypeCode)
at:77fa7146c6/routers/api/v1/api.go (L757)
@ -295,10 +281,9 @@ func ServCommand(ctx *context.PrivateContext) {
if repoExist && (mode > models.AccessModeRead || repo.IsPrivate || setting.Service.RequireSignInView) {
if key.Type == models.KeyTypeDeploy {
if deployKey.Mode < mode {
Maybe return 400 or 405
Notfound?
As above.
@ -28,3 +28,3 @@
isProtected, err := repo.IsProtectedBranch(branchName, doer)
isProtected, err := repo.IsProtectedBranch(branchName)
if err != nil {
Why
doer
removed?@ -28,3 +28,3 @@
isProtected, err := repo.IsProtectedBranch(branchName, doer)
isProtected, err := repo.IsProtectedBranch(branchName)
if err != nil {
see https://github.com/go-gitea/gitea/pull/15947#pullrequestreview-666179378
@ -295,10 +281,9 @@ func ServCommand(ctx *context.PrivateContext) {
if repoExist && (mode > models.AccessModeRead || repo.IsPrivate || setting.Service.RequireSignInView) {
if key.Type == models.KeyTypeDeploy {
if deployKey.Mode < mode {
In the end all different error codes result in
Unauthorized
:daa5a23548/cmd/serv.go (L214-L218)