summaryrefslogtreecommitdiffstats
path: root/routers/repo/issue_watch.go
diff options
context:
space:
mode:
Diffstat (limited to 'routers/repo/issue_watch.go')
-rw-r--r--routers/repo/issue_watch.go25
1 files changed, 15 insertions, 10 deletions
diff --git a/routers/repo/issue_watch.go b/routers/repo/issue_watch.go
index a499b70d9c..c6a436801a 100644
--- a/routers/repo/issue_watch.go
+++ b/routers/repo/issue_watch.go
@@ -14,23 +14,28 @@ import (
)
// IssueWatch sets issue watching
-func IssueWatch(c *context.Context) {
- watch, err := strconv.ParseBool(c.Req.PostForm.Get("watch"))
- if err != nil {
- c.ServerError("watch is not bool", err)
+func IssueWatch(ctx *context.Context) {
+ issue := GetActionIssue(ctx)
+ if ctx.Written() {
return
}
- issue := GetActionIssue(c)
- if c.Written() {
+ if !ctx.IsSigned || (ctx.User.ID != issue.PosterID && !ctx.Repo.CanReadIssuesOrPulls(issue.IsPull)) {
+ ctx.Error(403)
+ return
+ }
+
+ watch, err := strconv.ParseBool(ctx.Req.PostForm.Get("watch"))
+ if err != nil {
+ ctx.ServerError("watch is not bool", err)
return
}
- if err := models.CreateOrUpdateIssueWatch(c.User.ID, issue.ID, watch); err != nil {
- c.ServerError("CreateOrUpdateIssueWatch", err)
+ if err := models.CreateOrUpdateIssueWatch(ctx.User.ID, issue.ID, watch); err != nil {
+ ctx.ServerError("CreateOrUpdateIssueWatch", err)
return
}
- url := fmt.Sprintf("%s/issues/%d", c.Repo.RepoLink, issue.Index)
- c.Redirect(url, http.StatusSeeOther)
+ url := fmt.Sprintf("%s/issues/%d", ctx.Repo.RepoLink, issue.Index)
+ ctx.Redirect(url, http.StatusSeeOther)
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-15 14:36:06 +0000