mirror of https://github.com/go-gitea/gitea.git
Repo permission bug fixes (#513)
This commit is contained in:
parent
ac51caa517
commit
6f4ba6884c
|
@ -75,36 +75,6 @@ func APIContexter() macaron.Handler {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// ExtractOwnerAndRepo returns a handler that populates the `Repo.Owner` and
|
|
||||||
// `Repo.Repository` fields of an APIContext
|
|
||||||
func ExtractOwnerAndRepo() macaron.Handler {
|
|
||||||
return func(ctx *APIContext) {
|
|
||||||
owner, err := models.GetUserByName(ctx.Params(":username"))
|
|
||||||
if err != nil {
|
|
||||||
if models.IsErrUserNotExist(err) {
|
|
||||||
ctx.Error(422, "", err)
|
|
||||||
} else {
|
|
||||||
ctx.Error(500, "GetUserByName", err)
|
|
||||||
}
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
repo, err := models.GetRepositoryByName(owner.ID, ctx.Params(":reponame"))
|
|
||||||
if err != nil {
|
|
||||||
if models.IsErrRepoNotExist(err) {
|
|
||||||
ctx.Status(404)
|
|
||||||
} else {
|
|
||||||
ctx.Error(500, "GetRepositoryByName", err)
|
|
||||||
}
|
|
||||||
return
|
|
||||||
}
|
|
||||||
ctx.Repo.Owner = owner
|
|
||||||
ctx.Data["Owner"] = owner
|
|
||||||
ctx.Repo.Repository = repo
|
|
||||||
ctx.Data["Repository"] = repo
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// ReferencesGitRepo injects the GitRepo into the Context
|
// ReferencesGitRepo injects the GitRepo into the Context
|
||||||
func ReferencesGitRepo() macaron.Handler {
|
func ReferencesGitRepo() macaron.Handler {
|
||||||
return func(ctx *APIContext) {
|
return func(ctx *APIContext) {
|
||||||
|
|
|
@ -239,7 +239,7 @@ func RegisterRoutes(m *macaron.Macaron) {
|
||||||
m.Get("", user.IsStarring)
|
m.Get("", user.IsStarring)
|
||||||
m.Put("", user.Star)
|
m.Put("", user.Star)
|
||||||
m.Delete("", user.Unstar)
|
m.Delete("", user.Unstar)
|
||||||
}, context.ExtractOwnerAndRepo())
|
}, repoAssignment())
|
||||||
})
|
})
|
||||||
|
|
||||||
m.Get("/subscriptions", user.GetMyWatchedRepos)
|
m.Get("/subscriptions", user.GetMyWatchedRepos)
|
||||||
|
@ -258,11 +258,9 @@ func RegisterRoutes(m *macaron.Macaron) {
|
||||||
|
|
||||||
m.Group("/repos", func() {
|
m.Group("/repos", func() {
|
||||||
m.Post("/migrate", bind(auth.MigrateRepoForm{}), repo.Migrate)
|
m.Post("/migrate", bind(auth.MigrateRepoForm{}), repo.Migrate)
|
||||||
m.Combo("/:username/:reponame", context.ExtractOwnerAndRepo()).
|
|
||||||
Get(repo.Get).
|
|
||||||
Delete(repo.Delete)
|
|
||||||
|
|
||||||
m.Group("/:username/:reponame", func() {
|
m.Group("/:username/:reponame", func() {
|
||||||
|
m.Combo("").Get(repo.Get).Delete(repo.Delete)
|
||||||
m.Group("/hooks", func() {
|
m.Group("/hooks", func() {
|
||||||
m.Combo("").Get(repo.ListHooks).
|
m.Combo("").Get(repo.ListHooks).
|
||||||
Post(bind(api.CreateHookOption{}), repo.CreateHook)
|
Post(bind(api.CreateHookOption{}), repo.CreateHook)
|
||||||
|
@ -330,7 +328,7 @@ func RegisterRoutes(m *macaron.Macaron) {
|
||||||
m.Get("", user.IsWatching)
|
m.Get("", user.IsWatching)
|
||||||
m.Put("", user.Watch)
|
m.Put("", user.Watch)
|
||||||
m.Delete("", user.Unwatch)
|
m.Delete("", user.Unwatch)
|
||||||
}, context.ExtractOwnerAndRepo())
|
})
|
||||||
m.Get("/editorconfig/:filename", context.RepoRef(), repo.GetEditorconfig)
|
m.Get("/editorconfig/:filename", context.RepoRef(), repo.GetEditorconfig)
|
||||||
m.Group("/pulls", func() {
|
m.Group("/pulls", func() {
|
||||||
m.Combo("").Get(bind(api.ListPullRequestsOptions{}), repo.ListPullRequests).Post(reqRepoWriter(), bind(api.CreatePullRequestOption{}), repo.CreatePullRequest)
|
m.Combo("").Get(bind(api.ListPullRequestsOptions{}), repo.ListPullRequests).Post(reqRepoWriter(), bind(api.CreatePullRequestOption{}), repo.CreatePullRequest)
|
||||||
|
|
|
@ -275,6 +275,10 @@ func GetByID(ctx *context.APIContext) {
|
||||||
// Delete one repository
|
// Delete one repository
|
||||||
// see https://github.com/gogits/go-gogs-client/wiki/Repositories#delete
|
// see https://github.com/gogits/go-gogs-client/wiki/Repositories#delete
|
||||||
func Delete(ctx *context.APIContext) {
|
func Delete(ctx *context.APIContext) {
|
||||||
|
if !ctx.Repo.IsAdmin() {
|
||||||
|
ctx.Error(403, "", "Must have admin rights")
|
||||||
|
return
|
||||||
|
}
|
||||||
owner := ctx.Repo.Owner
|
owner := ctx.Repo.Owner
|
||||||
repo := ctx.Repo.Repository
|
repo := ctx.Repo.Repository
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue