source.dussan.org Git - gitea.git/commit

author	Antoine GIRARD <sapk@users.noreply.github.com>
	Sat, 4 Jan 2020 23:20:08 +0000 (00:20 +0100)
committer	Lauris BH <lauris@nix.lv>
	Sat, 4 Jan 2020 23:20:08 +0000 (01:20 +0200)
commit	8b2407371365fc123fc368bfd46b15f55ba8ae6a
tree	8f112acce97c863846a88a6b37e3b570062860d2	tree \| snapshot
parent	6a5a2f493a2b8d19a9f6196bd208a3b8a14e9c1c	commit \| diff

Only serve attachments when linked to issue/release and if accessible by user (#9340)

* test: add current attachement responses

* refactor: check if attachement is linked and accessible by user

* chore: clean TODO

* fix: typo attachement -> attachment

* revert un-needed go.sum change

* refactor: move models logic to models

* fix TestCreateIssueAttachment which was wrongly successful

* fix unit tests with unittype added

* fix unit tests with changes

* use a valid uuid format for pgsql int. test

* test: add unit test TestLinkedRepository

* refactor: allow uploader to access unlinked attachement

* add missing blank line

* refactor: move to a separate function repo.GetAttachment

* typo

* test: remove err test return

* refactor: use repo perm for access checking generally + 404 for all reject

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea

RSS Atom

integrations/attachement_test.go	[deleted file]	blob \| history
integrations/attachment_test.go	[new file with mode: 0644]	blob
models/attachment.go		diff \| blob \| history
models/attachment_test.go		diff \| blob \| history
models/fixtures/attachment.yml		diff \| blob \| history
models/fixtures/release.yml		diff \| blob \| history
models/fixtures/repo_unit.yml		diff \| blob \| history
routers/repo/attachment.go		diff \| blob \| history
routers/routes/routes.go		diff \| blob \| history
routers/user/home_test.go		diff \| blob \| history