mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-12-24 08:06:49 -05:00
661d3d28e9
In the case of misuse or misunderstanding from a developer whereby, if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the creation of a new element. Current usage is using hard-coded selectors in the templates, but nobody prevents that from expanding to user-controlled somehow.
66 lines
2 KiB
JavaScript
66 lines
2 KiB
JavaScript
import {createMonaco} from './codeeditor.js';
|
|
import {initRepoCommonFilterSearchDropdown} from './repo-common.js';
|
|
|
|
const {appSubUrl, csrfToken} = window.config;
|
|
|
|
export function initRepoSettingsCollaboration() {
|
|
// Change collaborator access mode
|
|
$('.access-mode.menu .item').on('click', function () {
|
|
const $menu = $(this).parent();
|
|
$.post($menu.data('url'), {
|
|
_csrf: csrfToken,
|
|
uid: $menu.data('uid'),
|
|
mode: $(this).data('value')
|
|
});
|
|
});
|
|
}
|
|
|
|
export function initRepoSettingSearchTeamBox() {
|
|
const $searchTeamBox = $('#search-team-box');
|
|
$searchTeamBox.search({
|
|
minCharacters: 2,
|
|
apiSettings: {
|
|
url: `${appSubUrl}/api/v1/orgs/${$searchTeamBox.data('org')}/teams/search?q={query}`,
|
|
headers: {'X-Csrf-Token': csrfToken},
|
|
onResponse(response) {
|
|
const items = [];
|
|
$.each(response.data, (_i, item) => {
|
|
const title = `${item.name} (${item.permission} access)`;
|
|
items.push({
|
|
title,
|
|
});
|
|
});
|
|
|
|
return {results: items};
|
|
}
|
|
},
|
|
searchFields: ['name', 'description'],
|
|
showNoResults: false
|
|
});
|
|
}
|
|
|
|
|
|
export function initRepoSettingGitHook() {
|
|
if ($('.edit.githook').length === 0) return;
|
|
const filename = document.querySelector('.hook-filename').textContent;
|
|
const _promise = createMonaco($('#content')[0], filename, {language: 'shell'});
|
|
}
|
|
|
|
export function initRepoSettingBranches() {
|
|
// Branches
|
|
if ($('.repository.settings.branches').length > 0) {
|
|
initRepoCommonFilterSearchDropdown('.protected-branches .dropdown');
|
|
$('.enable-protection, .enable-whitelist, .enable-statuscheck').on('change', function () {
|
|
if (this.checked) {
|
|
$.find($(this).data('target')).removeClass('disabled');
|
|
} else {
|
|
$.find($(this).data('target')).addClass('disabled');
|
|
}
|
|
});
|
|
$('.disable-whitelist').on('change', function () {
|
|
if (this.checked) {
|
|
$.find($(this).data('target')).addClass('disabled');
|
|
}
|
|
});
|
|
}
|
|
}
|