summaryrefslogtreecommitdiffstats
path: root/models/organization
diff options
context:
space:
mode:
authoryp05327 <576951401@qq.com>2023-04-06 23:18:29 +0900
committerGitHub <noreply@github.com>2023-04-06 22:18:29 +0800
commitbbf83f5d4bd8dbe1cd6dbcf7b45ef47072e5add0 (patch)
tree86f6b9e782874c8a88447f246ee6a9fbe2ee130d /models/organization
parent5cb394ff2fb93935b90493894b97371734f1384e (diff)
downloadgitea-bbf83f5d4bd8dbe1cd6dbcf7b45ef47072e5add0.tar.gz
gitea-bbf83f5d4bd8dbe1cd6dbcf7b45ef47072e5add0.zip
Improve permission check of packages (#23879)
At first, we have one unified team unit permission which is called `Team.Authorize` in DB. But since https://github.com/go-gitea/gitea/pull/17811, we allowed different units to have different permission. The old code is only designed for the old version. So after #17811, if org users have write permission of other units, but have no permission of packages, they can also get write permission of packages. Co-authored-by: delvh <dev.lh@web.de>
Diffstat (limited to 'models/organization')
-rw-r--r--models/organization/org_test.go16
1 files changed, 11 insertions, 5 deletions
diff --git a/models/organization/org_test.go b/models/organization/org_test.go
index cfa304d7b2..6e58387997 100644
--- a/models/organization/org_test.go
+++ b/models/organization/org_test.go
@@ -212,25 +212,31 @@ func TestGetOrgUsersByUserID(t *testing.T) {
orgUsers, err := organization.GetOrgUsersByUserID(5, &organization.SearchOrganizationsOptions{All: true})
assert.NoError(t, err)
- if assert.Len(t, orgUsers, 2) {
+ if assert.Len(t, orgUsers, 3) {
assert.Equal(t, organization.OrgUser{
ID: orgUsers[0].ID,
- OrgID: 6,
+ OrgID: 23,
UID: 5,
- IsPublic: true,
+ IsPublic: false,
}, *orgUsers[0])
assert.Equal(t, organization.OrgUser{
ID: orgUsers[1].ID,
+ OrgID: 6,
+ UID: 5,
+ IsPublic: true,
+ }, *orgUsers[1])
+ assert.Equal(t, organization.OrgUser{
+ ID: orgUsers[2].ID,
OrgID: 7,
UID: 5,
IsPublic: false,
- }, *orgUsers[1])
+ }, *orgUsers[2])
}
publicOrgUsers, err := organization.GetOrgUsersByUserID(5, &organization.SearchOrganizationsOptions{All: false})
assert.NoError(t, err)
assert.Len(t, publicOrgUsers, 1)
- assert.Equal(t, *orgUsers[0], *publicOrgUsers[0])
+ assert.Equal(t, *orgUsers[1], *publicOrgUsers[0])
orgUsers, err = organization.GetOrgUsersByUserID(1, &organization.SearchOrganizationsOptions{All: true})
assert.NoError(t, err)