mirror of
https://github.com/go-gitea/gitea
synced 2025-07-22 18:28:37 +00:00
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems * fix some bugs and merge LoadUnits to repoAssignment * refactor permission struct and add some copyright heads * remove unused codes * fix routes units check * improve permission check * add unit tests for permission * fix typo * fix tests * fix some routes * fix api permission check * improve permission check * fix some permission check * fix tests * fix tests * improve some permission check * fix some permission check * refactor AccessLevel * fix bug * fix tests * fix tests * fix tests * fix AccessLevel * rename CanAccess * fix tests * fix comment * fix bug * add missing unit for test repos * fix bug * rename some functions * fix routes check
This commit is contained in:
@@ -14,23 +14,28 @@ import (
|
||||
)
|
||||
|
||||
// IssueWatch sets issue watching
|
||||
func IssueWatch(c *context.Context) {
|
||||
watch, err := strconv.ParseBool(c.Req.PostForm.Get("watch"))
|
||||
func IssueWatch(ctx *context.Context) {
|
||||
issue := GetActionIssue(ctx)
|
||||
if ctx.Written() {
|
||||
return
|
||||
}
|
||||
|
||||
if !ctx.IsSigned || (ctx.User.ID != issue.PosterID && !ctx.Repo.CanReadIssuesOrPulls(issue.IsPull)) {
|
||||
ctx.Error(403)
|
||||
return
|
||||
}
|
||||
|
||||
watch, err := strconv.ParseBool(ctx.Req.PostForm.Get("watch"))
|
||||
if err != nil {
|
||||
c.ServerError("watch is not bool", err)
|
||||
ctx.ServerError("watch is not bool", err)
|
||||
return
|
||||
}
|
||||
|
||||
issue := GetActionIssue(c)
|
||||
if c.Written() {
|
||||
if err := models.CreateOrUpdateIssueWatch(ctx.User.ID, issue.ID, watch); err != nil {
|
||||
ctx.ServerError("CreateOrUpdateIssueWatch", err)
|
||||
return
|
||||
}
|
||||
|
||||
if err := models.CreateOrUpdateIssueWatch(c.User.ID, issue.ID, watch); err != nil {
|
||||
c.ServerError("CreateOrUpdateIssueWatch", err)
|
||||
return
|
||||
}
|
||||
|
||||
url := fmt.Sprintf("%s/issues/%d", c.Repo.RepoLink, issue.Index)
|
||||
c.Redirect(url, http.StatusSeeOther)
|
||||
url := fmt.Sprintf("%s/issues/%d", ctx.Repo.RepoLink, issue.Index)
|
||||
ctx.Redirect(url, http.StatusSeeOther)
|
||||
}
|
||||
|
Reference in New Issue
Block a user