tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-07-22 18:28:37 +00:00
Code Releases Activity

Fix comment permissions (#28213)

Browse Source 
This PR will fix some missed checks for private repositories' data on
web routes and API routes.
This commit is contained in:
Lunny Xiao
2023-11-26 01:21:21 +08:00
committed by GitHub
parent 80217cacfc
commit 882e502327
34 changed files with 417 additions and 105 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
routers/web/repo/release.go
View File

@@ -616,7 +616,27 @@ func DeleteTag(ctx *context.Context) {
}
func deleteReleaseOrTag(ctx *context.Context, isDelTag bool) {
if err := releaseservice.DeleteReleaseByID(ctx, ctx.FormInt64("id"), ctx.Doer, isDelTag); err != nil {
redirect := func() {
if isDelTag {
ctx.JSONRedirect(ctx.Repo.RepoLink + "/tags")
return
}
ctx.JSONRedirect(ctx.Repo.RepoLink + "/releases")
}
rel, err := repo_model.GetReleaseForRepoByID(ctx, ctx.Repo.Repository.ID, ctx.FormInt64("id"))
if err != nil {
if repo_model.IsErrReleaseNotExist(err) {
ctx.NotFound("GetReleaseForRepoByID", err)
} else {
ctx.Flash.Error("DeleteReleaseByID: " + err.Error())
redirect()
}
return
}
if err := releaseservice.DeleteReleaseByID(ctx, ctx.Repo.Repository, rel, ctx.Doer, isDelTag); err != nil {
if models.IsErrProtectedTagName(err) {
ctx.Flash.Error(ctx.Tr("repo.release.tag_name_protected"))
} else {
@@ -630,10 +650,5 @@ func deleteReleaseOrTag(ctx *context.Context, isDelTag bool) {
}
}
if isDelTag {
ctx.JSONRedirect(ctx.Repo.RepoLink + "/tags")
return
}
ctx.JSONRedirect(ctx.Repo.RepoLink + "/releases")
redirect()
}