From eabbddcd98717ef20d8475e819f403c50f4a9787 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Wed, 28 Nov 2018 19:26:14 +0800 Subject: Restrict permission check on repositories and fix some problems (#5314) * fix units permission problems * fix some bugs and merge LoadUnits to repoAssignment * refactor permission struct and add some copyright heads * remove unused codes * fix routes units check * improve permission check * add unit tests for permission * fix typo * fix tests * fix some routes * fix api permission check * improve permission check * fix some permission check * fix tests * fix tests * improve some permission check * fix some permission check * refactor AccessLevel * fix bug * fix tests * fix tests * fix tests * fix AccessLevel * rename CanAccess * fix tests * fix comment * fix bug * add missing unit for test repos * fix bug * rename some functions * fix routes check --- routers/user/home.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'routers/user') diff --git a/routers/user/home.go b/routers/user/home.go index 49c6579556..4c6a9f6cd0 100644 --- a/routers/user/home.go +++ b/routers/user/home.go @@ -286,7 +286,12 @@ func Issues(ctx *context.Context) { repo := showReposMap[repoID] // Check if user has access to given repository. - if !repo.IsOwnedBy(ctxUser.ID) && !repo.HasAccess(ctxUser) { + perm, err := models.GetUserRepoPermission(repo, ctxUser) + if err != nil { + ctx.ServerError("GetUserRepoPermission", fmt.Errorf("[%d]%v", repoID, err)) + return + } + if !perm.CanRead(models.UnitTypeIssues) { ctx.Status(404) return } -- cgit v1.2.3