Infrastructure/forgejo
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-03-12 22:51:44 -05:00
Code Issues Activity
forgejo/models
History
Gusted a2958f5a26 fix: consider public issues for project boards (#7143) 
- The security patch of forgejo/forgejo#6843 fixed the issue where project boards loaded all issues without considering if the doer actually had permission to view that issue. Within that patch the call to `Issues` was modified to include this permission checking.
- The query being generated was not entirely correct. Issues in public repositories weren't considered correctly (partly the fault of not setting `AllPublic` unconditionally) in the cause an authenticated user loaded the project.
- This is now fixed by setting `AllPublic` unconditionally and subsequently fixing the `Issue` function to ensure that the combination of setting `AllPublic` and `User` generates the correct query, by combining the permission check and issues in public repositories as one `AND` query.
- Added unit testing.
- Added integration testing.
- Resolves Codeberg/Community#1809
- Regression of https://codeberg.org/forgejo/forgejo/pulls/6843

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7143
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
2025-03-06 23:26:08 +00:00
..
actions Fix Untranslated Text on Actions Page (#33635) 2025-02-25 21:41:58 +01:00
activities Fix nil panic if repo doesn't exist (#32501) 2024-11-17 12:18:56 +01:00
admin Fix omitempty bug (#33663) 2025-02-25 21:41:58 +01:00
asymkey fix: native parsing of ssh certificate key (#6953) 2025-02-15 15:42:57 +00:00
auth chore: Remove GetSourceByName 2025-01-31 14:40:27 +01:00
avatars chore(build): use a stable mirror for go-libravatar 2024-09-14 09:58:49 +02:00
db feat: add limited execution tracing support 2025-01-05 04:07:49 +01:00
dbfs
fixtures fix: consider public issues for project boards (#7143) 2025-03-06 23:26:08 +00:00
forgefed
forgejo/semver tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
forgejo_migrations fix: Use correct table in migration v18 (#7114) 2025-03-04 16:44:37 +00:00
git Detect whether action view branch was deleted (#32764) 2024-12-15 09:45:10 +01:00
issues fix: consider public issues for project boards (#7143) 2025-03-06 23:26:08 +00:00
migrations fix: reduce noise for the v303 migration (#6591) 2025-01-17 07:42:20 +00:00
organization Order the user's organization list alphabetically 2025-02-19 15:39:33 +01:00
packages Add composor source field (#33502) 2025-03-04 00:00:09 +01:00
perm tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
project fix(sec): permission check for project issue 2025-02-08 07:22:10 +00:00
pull Add branch auto deletion for scheduled PRs 2024-10-31 03:49:15 +01:00
quota feat(ui): add quota overview (#6602) 2025-02-26 14:36:53 +00:00
repo linting: fix typos, add toml validation (#7007) 2025-02-21 08:23:03 +00:00
secret feat(secret): generate FORGEJO_TOKEN for all tasks 2024-12-08 09:42:18 +08:00
shared/types
system fix: xorm:version default is inconsistent 2024-12-24 09:42:47 +01:00
unit i18n: UX improvements: Team permissions and issue closing 2024-09-24 19:03:30 +02:00
unittest Refactor env var related code (#33075) 2025-01-05 13:46:19 +00:00
user Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v1.64.6 (forgejo) (#7118) 2025-03-04 21:38:35 +00:00
webhook Update module github.com/golangci/golangci-lint/cmd/golangci-lint to v1.64.6 (forgejo) (#7118) 2025-03-04 21:38:35 +00:00
error.go chore: Remove ErrUpdateTaskNotExist 2025-01-31 16:22:29 +01:00
main_test.go tests: improve actvititypub integration test code 2024-11-01 22:39:49 +01:00
org.go
org_team.go
org_team_test.go
org_test.go
repo.go Fix issue comment number (#30556) 2025-01-05 12:21:39 +00:00
repo_test.go Fix issue comment number (#30556) 2025-01-05 12:21:39 +00:00
repo_transfer.go
repo_transfer_test.go