Infrastructure/forgejo
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-03-12 22:51:44 -05:00
Code Issues Activity
forgejo/models/issues
History
Gusted a2958f5a26 fix: consider public issues for project boards (#7143) 
- The security patch of forgejo/forgejo#6843 fixed the issue where project boards loaded all issues without considering if the doer actually had permission to view that issue. Within that patch the call to `Issues` was modified to include this permission checking.
- The query being generated was not entirely correct. Issues in public repositories weren't considered correctly (partly the fault of not setting `AllPublic` unconditionally) in the cause an authenticated user loaded the project.
- This is now fixed by setting `AllPublic` unconditionally and subsequently fixing the `Issue` function to ensure that the combination of setting `AllPublic` and `User` generates the correct query, by combining the permission check and issues in public repositories as one `AND` query.
- Added unit testing.
- Added integration testing.
- Resolves Codeberg/Community#1809
- Regression of https://codeberg.org/forgejo/forgejo/pulls/6843

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7143
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-03-06 23:26:08 +00:00
..
TestGetUIDsAndStopwatch
action_aggregator.go feat(ui): create a comment aggregator to reduce noise in issues (#6523) 2025-03-05 17:24:51 +00:00
assignees.go
assignees_test.go
comment.go feat(ui): create a comment aggregator to reduce noise in issues (#6523) 2025-03-05 17:24:51 +00:00
comment_code.go
comment_list.go
comment_list_test.go
comment_test.go Fix issue comment number (#30556) 2025-01-05 12:21:39 +00:00
content_history.go
content_history_test.go
dependency.go
dependency_test.go
issue.go chore: Remove ChangeMilestoneStatus (#6741) 2025-01-30 11:09:53 +00:00
issue_index.go
issue_index_test.go
issue_label.go
issue_label_test.go
issue_list.go
issue_list_test.go
issue_lock.go
issue_project.go fix: consider public issues for project boards (#7143) 2025-03-06 23:26:08 +00:00
issue_project_test.go fix: consider public issues for project boards (#7143) 2025-03-06 23:26:08 +00:00
issue_search.go fix: consider public issues for project boards (#7143) 2025-03-06 23:26:08 +00:00
issue_stats.go
issue_stats_test.go
issue_test.go Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v1.64.6 (forgejo) (#7118) 2025-03-04 21:38:35 +00:00
issue_update.go fix(web): forbid blocked users from reopening issues (#7010) 2025-03-01 12:39:52 +00:00
issue_user.go
issue_user_test.go
issue_watch.go Strict pagination check (#32548) 2024-12-01 07:56:45 +01:00
issue_watch_test.go
issue_xref.go
issue_xref_test.go
label.go Support org labels when adding labels by label names (#32988) 2024-12-28 19:32:09 +00:00
label_test.go
main_test.go
milestone.go chore: Remove ChangeMilestoneStatus (#6741) 2025-01-30 11:09:53 +00:00
milestone_list.go
milestone_test.go chore: Remove ChangeMilestoneStatus (#6741) 2025-01-30 11:09:53 +00:00
pull.go chore: Remove ChangeMilestoneStatus (#6741) 2025-01-30 11:09:53 +00:00
pull_list.go
pull_test.go
reaction.go Strict pagination check (#32548) 2024-12-01 07:56:45 +01:00
reaction_test.go
review.go Fix issue comment number (#30556) 2025-01-05 12:21:39 +00:00
review_list.go
review_test.go
stopwatch.go Strict pagination check (#32548) 2024-12-01 07:56:45 +01:00
stopwatch_test.go
tracked_time.go Strict pagination check (#32548) 2024-12-01 07:56:45 +01:00
tracked_time_test.go