forks
/
gitea
1
0
Fork 0
Code Releases Activity
gitea/models/fixtures
History
zeripath 0b4a8be26b
Ensure that restricted users can access repos for which they are members (#17460) 
There is a small bug in the way that repo access is checked in
repoAssignment: Accessibility is checked by checking if the user has a
marked access to the repository instead of checking if the user has any
team granted access.

This PR changes this permissions check to use HasAccess() which does the
correct test. There is also a fix in the release api ListReleases where
it should return draft releases if the user is a member of a team with
write access to the releases.

The PR also adds a testcase.

Signed-off-by: Andrew Thornton <art27@cantab.net>
 		2021-10-28 10:54:40 +08:00
..
access.yml Fix "access" fixtures and tests (#10247) 2020-02-15 12:29:06 +08:00
access_token.yml Hash App token (#6724) 2019-05-04 11:45:34 -04:00
action.yml Fix heatmap activity (#15252) 2021-06-25 12:59:25 -04:00
attachment.yml Add repo_id for attachment (#16958) 2021-09-08 17:19:30 +02:00
collaboration.yml Fix "access" fixtures and tests (#10247) 2020-02-15 12:29:06 +08:00
comment.yml [API] Add "before" query to ListIssueComments and ListRepoIssue… (#9685) 2020-01-13 17:02:24 +01:00
commit_status.yml
commit_status_index.yml Fix commit status index problem (#17061) 2021-09-23 18:50:06 +08:00
deleted_branch.yml
deploy_key.yml
email_address.yml Always store primary email address into email_address table and also the state (#15956) 2021-06-08 11:52:51 +08:00
follow.yml
gpg_key.yml
gpg_key_import.yml
hook_task.yml
issue.yml Add filter by owner and team to issue/pulls search endpoint (#16662) 2021-08-13 22:47:25 +02:00
issue_assignees.yml [UI] IssuePage multi repo select (#8741) 2019-12-01 22:50:36 -05:00
issue_index.yml Add a new table issue_index to store the max issue index so that issue could be deleted with no duplicated index (#15599) 2021-06-14 10:22:55 +08:00
issue_label.yml Add Organization Wide Labels (#10814) 2020-04-01 01:14:46 -03:00
issue_user.yml [API] ListIssues add more filters (#16174) 2021-06-16 18:33:37 -04:00
issue_watch.yml Refactor Issues Subscription (#8738) 2019-11-20 22:50:54 +08:00
label.yml API: fix set milestone on PR creation (#14981) 2021-03-13 19:06:52 +01:00
login_source.yml
milestone.yml API: fix set milestone on PR creation (#14981) 2021-03-13 19:06:52 +01:00
notice.yml
notification.yml [API] Add notification endpoint (#9488) 2020-01-09 11:56:32 +00:00
oauth2_application.yml
oauth2_authorization_code.yml
oauth2_grant.yml Fix wrong user in OpenID response (#16736) 2021-08-19 12:11:30 -04:00
org_user.yml Restricted users (#6274) 2020-01-13 18:33:46 +01:00
project.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_board.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
project_issue.yml Kanban board (#8346) 2020-08-16 23:07:38 -04:00
protected_branch.yml
public_key.yml test: command keys (#9357) 2019-12-15 08:11:31 +00:00
pull_request.yml Add review request api (#11355) 2020-10-20 14:18:25 -04:00
reaction.yml [API] Add Reactions (#9220) 2019-12-07 17:04:19 -05:00
release.yml [API] ListReleases add filter for draft and pre-releases (#16175) 2021-06-17 10:58:10 +02:00
renamed_branch.yml Add a simple way to rename branch like gh (#15870) 2021-10-08 19:03:04 +02:00
repo_archiver.yml Rework repository archive (#14723) 2021-06-23 17:12:38 -04:00
repo_indexer_status.yml
repo_redirect.yml
repo_topic.yml Add API endpoint for accessing repo topics (#7963) 2019-09-03 23:46:24 +08:00
repo_transfer.yml Repository transfer has to be confirmed, if user can not create repo for new owner (#14792) 2021-03-01 01:47:30 +01:00
repo_unit.yml Issues overview should not show issues from archived repos (#13220) 2021-01-12 23:19:17 -05:00
repository.yml Ensure that restricted users can access repos for which they are members (#17460) 2021-10-28 10:54:40 +08:00
review.yml Add dismiss review feature (#12674) 2021-02-11 18:32:25 +01:00
star.yml
stopwatch.yml [API] extend StopWatch (#9196) 2019-12-11 23:23:05 -05:00
team.yml Restricted users (#6274) 2020-01-13 18:33:46 +01:00
team_repo.yml
team_unit.yml
team_user.yml Restricted users (#6274) 2020-01-13 18:33:46 +01:00
topic.yml Add API endpoint for accessing repo topics (#7963) 2019-09-03 23:46:24 +08:00
tracked_time.yml [API] Extend times API (#9200) 2019-12-27 20:30:58 +00:00
two_factor.yml org/members: display 2FA members states + optimize sql requests (#7621) 2019-08-02 12:06:27 -04:00
u2f_registration.yml
user.yml Add user status filter to admin user management page (#16770) 2021-10-12 20:11:35 +02:00
user_open_id.yml
user_redirect.yml Redirect on changed user and org name (#11649) 2021-01-24 16:23:05 +01:00
watch.yml Auto-subscribe user to repository when they commit/tag to it (#7657) 2019-11-10 09:22:19 +00:00
webhook.yml Implement webhook branch filter (#7791) 2019-09-09 08:48:21 +03:00