diff options
Diffstat (limited to 'services/lfs')
| -rw-r--r-- | services/lfs/locks.go | 9 | ||||
| -rw-r--r-- | services/lfs/server.go | 8 |
2 files changed, 12 insertions, 5 deletions
diff --git a/services/lfs/locks.go b/services/lfs/locks.go index 1e5db6bd20..08d7432656 100644 --- a/services/lfs/locks.go +++ b/services/lfs/locks.go @@ -8,6 +8,7 @@ import ( "strconv" "strings" + auth_model "code.gitea.io/gitea/models/auth" git_model "code.gitea.io/gitea/models/git" repo_model "code.gitea.io/gitea/models/repo" "code.gitea.io/gitea/modules/context" @@ -58,7 +59,7 @@ func GetListLockHandler(ctx *context.Context) { } repository.MustOwner(ctx) - context.CheckRepoScopedToken(ctx, repository) + context.CheckRepoScopedToken(ctx, repository, auth_model.Read) if ctx.Written() { return } @@ -150,7 +151,7 @@ func PostLockHandler(ctx *context.Context) { } repository.MustOwner(ctx) - context.CheckRepoScopedToken(ctx, repository) + context.CheckRepoScopedToken(ctx, repository, auth_model.Write) if ctx.Written() { return } @@ -222,7 +223,7 @@ func VerifyLockHandler(ctx *context.Context) { } repository.MustOwner(ctx) - context.CheckRepoScopedToken(ctx, repository) + context.CheckRepoScopedToken(ctx, repository, auth_model.Read) if ctx.Written() { return } @@ -293,7 +294,7 @@ func UnLockHandler(ctx *context.Context) { } repository.MustOwner(ctx) - context.CheckRepoScopedToken(ctx, repository) + context.CheckRepoScopedToken(ctx, repository, auth_model.Write) if ctx.Written() { return } diff --git a/services/lfs/server.go b/services/lfs/server.go index 64e1203394..1f82aed54b 100644 --- a/services/lfs/server.go +++ b/services/lfs/server.go @@ -18,6 +18,7 @@ import ( "strings" actions_model "code.gitea.io/gitea/models/actions" + auth_model "code.gitea.io/gitea/models/auth" git_model "code.gitea.io/gitea/models/git" "code.gitea.io/gitea/models/perm" access_model "code.gitea.io/gitea/models/perm/access" @@ -423,7 +424,12 @@ func getAuthenticatedRepository(ctx *context.Context, rc *requestContext, requir return nil } - context.CheckRepoScopedToken(ctx, repository) + if requireWrite { + context.CheckRepoScopedToken(ctx, repository, auth_model.Write) + } else { + context.CheckRepoScopedToken(ctx, repository, auth_model.Read) + } + if ctx.Written() { return nil } |