]> source.dussan.org Git - gitea.git/commitdiff
projects / gitea.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 55a5717)
Fix some mistakes when using `ignSignIn` (#24415)
authorwxiaoguang <wxiaoguang@gmail.com>
Thu, 4 May 2023 12:07:15 +0000 (20:07 +0800)
committerGitHub <noreply@github.com>
Thu, 4 May 2023 12:07:15 +0000 (12:07 +0000)
Some old code doesn't respect the definition of `RequireSignInView` (the
`ignSignIn` is forgotten).

After #24413, this PR will do more fixes, ~~and rename the strange
`ignSignIn` to `optSignIn`.~~

This PR is ready for review, I think we can postpone the "ignSignIn"
renaming to another, to make this PR simple and clear.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
routers/web/web.go patch | blob | history

diff --git a/routers/web/web.go b/routers/web/web.go
index 8cdc10935efbef5b845c4da311cf9d2b032fd514..e904db321d8169f124904a8a8556211f413a7d8c 100644 (file)
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -176,10 +176,11 @@ func Routes(ctx gocontext.Context) *web.Route {
 // registerRoutes register routes
 func registerRoutes(m *web.Route) {
        reqSignIn := auth_service.VerifyAuthWithOptions(&auth_service.VerifyOptions{SignInRequired: true})
+       reqSignOut := auth_service.VerifyAuthWithOptions(&auth_service.VerifyOptions{SignOutRequired: true})
+       // TODO: rename them to "optSignIn", which means that the "sign-in" could be optional, depends on the VerifyOptions (RequireSignInView)
        ignSignIn := auth_service.VerifyAuthWithOptions(&auth_service.VerifyOptions{SignInRequired: setting.Service.RequireSignInView})
        ignExploreSignIn := auth_service.VerifyAuthWithOptions(&auth_service.VerifyOptions{SignInRequired: setting.Service.RequireSignInView || setting.Service.Explore.RequireSigninView})
        ignSignInAndCsrf := auth_service.VerifyAuthWithOptions(&auth_service.VerifyOptions{DisableCSRF: true})
-       reqSignOut := auth_service.VerifyAuthWithOptions(&auth_service.VerifyOptions{SignOutRequired: true})
        validation.AddBindingRules()
 
        linkAccountEnabled := func(ctx *context.Context) {
@@ -489,7 +490,6 @@ func registerRoutes(m *web.Route) {
        }, reqSignIn, ctxDataSet("PageIsUserSettings", true, "AllThemes", setting.UI.Themes, "EnablePackages", setting.Packages.Enabled))
 
        m.Group("/user", func() {
-               // r.Get("/feeds", binding.Bind(auth.FeedsForm{}), user.Feeds)
                m.Get("/activate", auth.Activate)
                m.Post("/activate", auth.ActivatePost)
                m.Any("/activate_email", auth.ActivateEmail)
@@ -809,7 +809,7 @@ func registerRoutes(m *web.Route) {
                                                }, reqPackageAccess(perm.AccessModeWrite))
                                        })
                                })
-                       }, ignSignIn, context.PackageAssignment(), reqPackageAccess(perm.AccessModeRead))
+                       }, context.PackageAssignment(), reqPackageAccess(perm.AccessModeRead))
                }
 
                m.Group("/projects", func() {
@@ -848,7 +848,7 @@ func registerRoutes(m *web.Route) {
                m.Group("", func() {
                        m.Get("/code", user.CodeSearch)
                }, reqUnitAccess(unit.TypeCode, perm.AccessModeRead))
-       }, context_service.UserAssignmentWeb(), context.OrgAssignment())
+       }, ignSignIn, context_service.UserAssignmentWeb(), context.OrgAssignment()) // for "/{username}/-" (packages, projects, code)
 
        // ***** Release Attachment Download without Signin
        m.Get("/{username}/{reponame}/releases/download/{vTag}/{fileName}", ignSignIn, context.RepoAssignment, repo.MustBeNotEmpty, repo.RedirectDownload)
@@ -940,7 +940,7 @@ func registerRoutes(m *web.Route) {
 
        m.Post("/{username}/{reponame}/action/{action}", reqSignIn, context.RepoAssignment, context.UnitTypes(), repo.Action)
 
-       // Grouping for those endpoints not requiring authentication
+       // Grouping for those endpoints not requiring authentication (but should respect ignSignIn)
        m.Group("/{username}/{reponame}", func() {
                m.Group("/milestone", func() {
                        m.Get("/{id}", repo.MilestoneIssuesAndPulls)
@@ -953,14 +953,14 @@ func registerRoutes(m *web.Route) {
                })
                m.Get("/compare", repo.MustBeNotEmpty, reqRepoCodeReader, repo.SetEditorconfigIfExists, ignSignIn, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.CompareDiff)
                m.Combo("/compare/*", repo.MustBeNotEmpty, reqRepoCodeReader, repo.SetEditorconfigIfExists).
-                       Get(ignSignIn, repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.CompareDiff).
+                       Get(repo.SetDiffViewStyle, repo.SetWhitespaceBehavior, repo.CompareDiff).
                        Post(reqSignIn, context.RepoMustNotBeArchived(), reqRepoPullsReader, repo.MustAllowPulls, web.Bind(forms.CreateIssueForm{}), repo.SetWhitespaceBehavior, repo.CompareAndPullRequestPost)
                m.Group("/{type:issues|pulls}", func() {
                        m.Group("/{index}", func() {
                                m.Get("/info", repo.GetIssueInfo)
                        })
                })
-       }, context.RepoAssignment, context.UnitTypes())
+       }, ignSignIn, context.RepoAssignment, context.UnitTypes()) // for "/{username}/{reponame}" which doesn't require authentication
 
        // Grouping for those endpoints that do require authentication
        m.Group("/{username}/{reponame}", func() {
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea