-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix auth check bug #24382
Fix auth check bug #24382
Conversation
I will add some tests |
Fix https://github.com/go-gitea/gitea/pull/24362/files#r1179095324 `getAuthenticatedMeta` has checked them, these code are duplicated one. And the first invokation has a wrong permission check. `DownloadHandle` should require read permission but not write.
Backport #24382 by @lunny Fix https://github.com/go-gitea/gitea/pull/24362/files#r1179095324 `getAuthenticatedMeta` has checked them, these code are duplicated one. And the first invokation has a wrong permission check. `DownloadHandle` should require read permission but not write. Co-authored-by: Lunny Xiao <[email protected]>
@@ -89,6 +115,21 @@ func TestGetLFSSmall(t *testing.T) { | |||
checkResponseTestContentEncoding(t, &content, resp, false) | |||
} | |||
|
|||
func TestGetLFSSmallToken(t *testing.T) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TestGetLFSSmallToken
What is a "small token"?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's "Get LFS small (file with) Token"
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm, maybe it should be with token
because there is a similar tests with username/password
* giteaofficial/main: (26 commits) Refactor docs (go-gitea#23752) Fix layouts of admin table / adapt repo / email test (go-gitea#24370) Move secrets and runners settings to actions settings (go-gitea#24200) Gitea Actions add `base_ref`, `head_ref`, `api_url`, `ref_type` fields (go-gitea#24356) Fix auth check bug (go-gitea#24382) Display 'Unknown' when runner.version is empty (go-gitea#24378) Fix incorrect last online time in runner_edit.tmpl (go-gitea#24376) Refactor "route" related code, fix Safari cookie bug (go-gitea#24330) Add custom helm repo name generated from url (go-gitea#24363) Add API for gitignore templates (go-gitea#22783) Add eslint-plugin-regexp (go-gitea#24361) Support uploading file to empty repo by API (go-gitea#24357) [skip ci] Updated translations via Crowdin Require repo scope for PATs for private repos and basic authentication (go-gitea#24362) Alert error message if open dependencies are included in the issues that try to batch close (go-gitea#24329) Fix 404 error when leaving the last private org team (go-gitea#24322) Modify width of ui container, fine tune css for settings pages and org header (go-gitea#24315) Add .livemd as a markdown extension (go-gitea#22730) Display when a repo was archived (go-gitea#22664) Fix wrong error info in RepoRefForAPI (go-gitea#24344) ...
Fix https://github.com/go-gitea/gitea/pull/24362/files#r1179095324
getAuthenticatedMeta
has checked them, these code are duplicated one. And the first invokation has a wrong permission check.DownloadHandle
should require read permission but not write.