diff options
| author | KN4CK3R <admin@oldschoolhack.me> | 2022-12-09 07:35:56 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-09 14:35:56 +0800 |
| commit | 3c59d31bc605bbefc6636e9b0a93e90ad2696ed9 (patch) | |
| tree | d26f47a8d0e0ea4cad3f01ea7bbc35668220f81b /services/release | |
| parent | 8fb1e53ca2bea37d9d6b89a47cb13e253355829b (diff) | |
| download | gitea-3c59d31bc605bbefc6636e9b0a93e90ad2696ed9.tar.gz gitea-3c59d31bc605bbefc6636e9b0a93e90ad2696ed9.zip | |
Add API management for issue/pull and comment attachments (#21783)
Close #14601
Fix #3690
Revive of #14601.
Updated to current code, cleanup and added more read/write checks.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Signed-off-by: Andre Bruch <ab@andrebruch.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Norwin <git@nroo.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Diffstat (limited to 'services/release')
| -rw-r--r-- | services/release/release.go | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/services/release/release.go b/services/release/release.go index 1d599fcda1..13042cd3ac 100644 --- a/services/release/release.go +++ b/services/release/release.go @@ -21,6 +21,7 @@ import ( "code.gitea.io/gitea/modules/repository" "code.gitea.io/gitea/modules/storage" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/util" ) func createTag(ctx context.Context, gitRepo *git.Repository, rel *repo_model.Release, msg string) (bool, error) { @@ -218,7 +219,10 @@ func UpdateRelease(doer *user_model.User, gitRepo *git.Repository, rel *repo_mod } for _, attach := range attachments { if attach.ReleaseID != rel.ID { - return errors.New("delete attachement of release permission denied") + return util.SilentWrap{ + Message: "delete attachment of release permission denied", + Err: util.ErrPermissionDenied, + } } deletedUUIDs.Add(attach.UUID) } @@ -240,7 +244,10 @@ func UpdateRelease(doer *user_model.User, gitRepo *git.Repository, rel *repo_mod } for _, attach := range attachments { if attach.ReleaseID != rel.ID { - return errors.New("update attachement of release permission denied") + return util.SilentWrap{ + Message: "update attachment of release permission denied", + Err: util.ErrPermissionDenied, + } } } |