Procházet zdrojové kódy
Nuke the incorrect permission report on /api/v1/notifications (#19761)
The permissions created in convertRepo use a minimal perm.AccessModeRead instead of correctly computing the permission for the repository. This incorrect permission is then reported to the user. I do not believe that reporting the permissions is helpful and therefore I propose we simply null these out. The user can check their permissions using a different endpoint. Fix #19759 Signed-off-by: Andrew Thornton <art27@cantab.net>tags/v1.18.0-dev
zeripath
před 2 roky
1 změnil soubory, kde provedl 5 přidání a 0 odebrání
+ 5
- 0
modules/convert/notification.go
Zobrazit soubor
| @@ -25,6 +25,11 @@ func ToNotificationThread(n *models.Notification) *api.NotificationThread { | |||
| // since user only get notifications when he has access to use minimal access mode | |||
| if n.Repository != nil { | |||
| result.Repository = ToRepo(n.Repository, perm.AccessModeRead) | |||
| // This permission is not correct and we should not be reporting it | |||
| for repository := result.Repository; repository != nil; repository = repository.Parent { | |||
| repository.Permissions = nil | |||
| } | |||
| } | |||
| // handle Subject | |||
Načítá se…