aboutsummaryrefslogtreecommitdiffstats
path: root/routers
diff options
context:
space:
mode:
authorLunny Xiao <xiaolunwen@gmail.com>2024-11-17 19:06:25 -0800
committerGitHub <noreply@github.com>2024-11-18 03:06:25 +0000
commit4f879a00df029e09b40f64bf8de0572704766115 (patch)
treebb6d9b0b70fdc1d4e92e298355f244f52e831930 /routers
parentf122aaf9ff627515922a68782339725e2d7c079a (diff)
downloadgitea-4f879a00df029e09b40f64bf8de0572704766115.tar.gz
gitea-4f879a00df029e09b40f64bf8de0572704766115.zip
Refactor find forks and fix possible bugs that weak permissions check (#32528)
- Move models/GetForks to services/FindForks - Add doer as a parameter of FindForks to check permissions - Slight performance optimization for get forks API with batch loading of repository units - Add tests for forking repository to organizations --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Diffstat (limited to 'routers')
-rw-r--r--routers/api/v1/repo/fork.go15
-rw-r--r--routers/web/repo/view.go23
2 files changed, 23 insertions, 15 deletions
diff --git a/routers/api/v1/repo/fork.go b/routers/api/v1/repo/fork.go
index a1e3c9804b..14a1a8d1c4 100644
--- a/routers/api/v1/repo/fork.go
+++ b/routers/api/v1/repo/fork.go
@@ -55,11 +55,20 @@ func ListForks(ctx *context.APIContext) {
// "404":
// "$ref": "#/responses/notFound"
- forks, err := repo_model.GetForks(ctx, ctx.Repo.Repository, utils.GetListOptions(ctx))
+ forks, total, err := repo_service.FindForks(ctx, ctx.Repo.Repository, ctx.Doer, utils.GetListOptions(ctx))
if err != nil {
- ctx.Error(http.StatusInternalServerError, "GetForks", err)
+ ctx.Error(http.StatusInternalServerError, "FindForks", err)
return
}
+ if err := repo_model.RepositoryList(forks).LoadOwners(ctx); err != nil {
+ ctx.Error(http.StatusInternalServerError, "LoadOwners", err)
+ return
+ }
+ if err := repo_model.RepositoryList(forks).LoadUnits(ctx); err != nil {
+ ctx.Error(http.StatusInternalServerError, "LoadUnits", err)
+ return
+ }
+
apiForks := make([]*api.Repository, len(forks))
for i, fork := range forks {
permission, err := access_model.GetUserRepoPermission(ctx, fork, ctx.Doer)
@@ -70,7 +79,7 @@ func ListForks(ctx *context.APIContext) {
apiForks[i] = convert.ToRepo(ctx, fork, permission)
}
- ctx.SetTotalCountHeader(int64(ctx.Repo.Repository.NumForks))
+ ctx.SetTotalCountHeader(total)
ctx.JSON(http.StatusOK, apiForks)
}
diff --git a/routers/web/repo/view.go b/routers/web/repo/view.go
index 7030f6d8a9..5d68ace29b 100644
--- a/routers/web/repo/view.go
+++ b/routers/web/repo/view.go
@@ -1151,26 +1151,25 @@ func Forks(ctx *context.Context) {
if page <= 0 {
page = 1
}
+ pageSize := setting.ItemsPerPage
- pager := context.NewPagination(ctx.Repo.Repository.NumForks, setting.ItemsPerPage, page, 5)
- ctx.Data["Page"] = pager
-
- forks, err := repo_model.GetForks(ctx, ctx.Repo.Repository, db.ListOptions{
- Page: pager.Paginater.Current(),
- PageSize: setting.ItemsPerPage,
+ forks, total, err := repo_service.FindForks(ctx, ctx.Repo.Repository, ctx.Doer, db.ListOptions{
+ Page: page,
+ PageSize: pageSize,
})
if err != nil {
- ctx.ServerError("GetForks", err)
+ ctx.ServerError("FindForks", err)
return
}
- for _, fork := range forks {
- if err = fork.LoadOwner(ctx); err != nil {
- ctx.ServerError("LoadOwner", err)
- return
- }
+ if err := repo_model.RepositoryList(forks).LoadOwners(ctx); err != nil {
+ ctx.ServerError("LoadAttributes", err)
+ return
}
+ pager := context.NewPagination(int(total), pageSize, page, 5)
+ ctx.Data["Page"] = pager
+
ctx.Data["Forks"] = forks
ctx.HTML(http.StatusOK, tplForks)