forks
/
gitea
1
0
Fork 0
Code Releases Activity
gitea/modules
History
zeripath 0b4a8be26b
Ensure that restricted users can access repos for which they are members (#17460) 
There is a small bug in the way that repo access is checked in
repoAssignment: Accessibility is checked by checking if the user has a
marked access to the repository instead of checking if the user has any
team granted access.

This PR changes this permissions check to use HasAccess() which does the
correct test. There is also a fix in the release api ListReleases where
it should return draft releases if the user is a member of a team with
write access to the releases.

The PR also adds a testcase.

Signed-off-by: Andrew Thornton <art27@cantab.net>
 		2021-10-28 10:54:40 +08:00
..
activitypub Create pub/priv keypair for federation (#17071) 2021-09-28 15:19:22 -04:00
analyze Use git attributes to determine generated and vendored status for language stats and diffs (#16773) 2021-09-09 21:13:36 +01:00
appstate Sync gitea app path for git hooks and authorized keys when starting (#17335) 2021-10-21 17:22:43 +08:00
auth Add bundle download for repository (#14538) 2021-08-24 11:47:09 -05:00
avatar refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
base
cache Add an abstract json layout to make it's easier to change json library (#16528) 2021-07-24 18:03:58 +02:00
charset Read expected buffer size (#17409) 2021-10-24 22:12:43 +01:00
context Ensure that restricted users can access repos for which they are members (#17460) 2021-10-28 10:54:40 +08:00
convert In many cases user avatar link should be an absolute URL with http host (#17420) 2021-10-25 13:01:16 +08:00
cron Refactor update checker to use AppState (#17387) 2021-10-21 17:10:49 +01:00
csv Fixes #16559 - Do not trim leading spaces for tab delimited (#17442) 2021-10-26 16:46:56 -05:00
doctor Nicely handle missing user in collaborations (#17049) 2021-09-27 19:07:19 +01:00
emoji
eventsource Add an abstract json layout to make it's easier to change json library (#16528) 2021-07-24 18:03:58 +02:00
generate switch to maintained lib (#16532) 2021-07-24 13:00:41 +02:00
git Read expected buffer size (#17409) 2021-10-24 22:12:43 +01:00
gitgraph Fix some lints (#17337) 2021-10-17 20:47:12 +01:00
graceful Fix some lints (#17337) 2021-10-17 20:47:12 +01:00
hcaptcha
highlight Prevent panic in Org mode HighlightCodeBlock (#17140) 2021-09-24 14:29:32 +01:00
httpcache Use a variable but a function for IsProd because of a slight performance increment (#17368) 2021-10-20 16:37:19 +02:00
httplib refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
indexer Fix some lints (#17337) 2021-10-17 20:47:12 +01:00
json Add an abstract json layout to make it's easier to change json library (#16528) 2021-07-24 18:03:58 +02:00
lfs Fix some lints (#17337) 2021-10-17 20:47:12 +01:00
log refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
markup Fix issue markdown bugs (#17411) 2021-10-23 21:38:12 +08:00
matchlist
metrics Add metrics to get issues by repository (#17225) 2021-10-05 20:39:37 +02:00
migrations Upgrade go-github to v39 (#17437) 2021-10-26 08:19:21 +01:00
nosql
notification API pull's head/base have correct permission (#17214) 2021-10-07 02:03:37 +02:00
options refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
password
pprof refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
private refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
process
proxy Return nil proxy function if proxy not enabled (#16742) 2021-08-19 16:41:20 -04:00
public refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
queue Make the Mirror Queue a queue (#17326) 2021-10-17 12:43:25 +01:00
recaptcha refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
references
repofiles Read expected buffer size (#17409) 2021-10-24 22:12:43 +01:00
repository Sync gitea app path for git hooks and authorized keys when starting (#17335) 2021-10-21 17:22:43 +08:00
secret
session Move session to models/login (#17338) 2021-10-17 19:51:56 +01:00
setting Sync gitea app path for git hooks and authorized keys when starting (#17335) 2021-10-21 17:22:43 +08:00
ssh Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) 2021-10-20 15:55:33 -04:00
storage refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
structs Add API to get/edit wiki (#17278) 2021-10-25 11:43:40 +08:00
svg refactor: move from io/ioutil to io and os package (#17109) 2021-09-22 13:38:34 +08:00
sync
task Fix bug of migrated repository not index (#16991) 2021-09-08 18:43:19 +01:00
templates Use a variable but a function for IsProd because of a slight performance increment (#17368) 2021-10-20 16:37:19 +02:00
test Upgrade chi to v5 (#17298) 2021-10-13 22:50:23 -04:00
timeutil Allow mocking timeutil (#17354) 2021-10-18 21:12:26 +01:00
translation
typesniffer Read expected buffer size (#17409) 2021-10-24 22:12:43 +01:00
updatechecker Refactor update checker to use AppState (#17387) 2021-10-21 17:10:49 +01:00
upload
uri
user
util Read expected buffer size (#17409) 2021-10-24 22:12:43 +01:00
validation Upgrade chi to v5 (#17298) 2021-10-13 22:50:23 -04:00
web Upgrade chi to v5 (#17298) 2021-10-13 22:50:23 -04:00