0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-28 02:14:06 -05:00
forgejo/modules
Earl Warren e658a6a9cd
[GITEA] API commentAssignment() to verify the id belongs
Instead of repeating the tests that verify the ID of a comment
is related to the repository of the API endpoint, add the middleware
function commentAssignment() to assign ctx.Comment if the ID of the
comment is verified to be related to the repository.

There already are integration tests for cases of potential unrelated
comment IDs that cover some of the modified endpoints which covers the
commentAssignment() function logic.

* TestAPICommentReactions - GetIssueCommentReactions
* TestAPICommentReactions - PostIssueCommentReaction
* TestAPICommentReactions - DeleteIssueCommentReaction
* TestAPIEditComment - EditIssueComment
* TestAPIDeleteComment - DeleteIssueComment
* TestAPIGetCommentAttachment - GetIssueCommentAttachment

The other modified endpoints do not have tests to verify cases of
potential unrelated comment IDs. They no longer need to because they
no longer implement the logic to enforce this. They however all have
integration tests that verify the commentAssignment() they now rely on
does not introduce a regression.

* TestAPIGetComment - GetIssueComment
* TestAPIListCommentAttachments - ListIssueCommentAttachments
* TestAPICreateCommentAttachment - CreateIssueCommentAttachment
* TestAPIEditCommentAttachment - EditIssueCommentAttachment
* TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment

(cherry picked from commit d414376d74)
(cherry picked from commit 09db07aeae)
(cherry picked from commit f44830c3cb)

Conflicts:
	modules/context/api.go
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 9d1bf7be15)
2024-02-05 16:09:43 +01:00
..
actions [CI] Search .forgejo/workflows first 2024-02-05 13:33:59 +01:00
activitypub
analyze
assetfs
auth [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
avatar [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
base [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
cache Always enable caches (#28527) 2023-12-19 09:29:05 +00:00
charset Preserve BOM in web editor (#28935) 2024-01-27 18:02:51 +00:00
container
context [GITEA] API commentAssignment() to verify the id belongs 2024-02-05 16:09:43 +01:00
contexttest Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
csv
emoji
eventsource
generate
git [GITEA] Find README.md for user profiles case insensitively 2024-02-05 16:09:42 +01:00
gitgraph
gitrepo Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
graceful Suggest to use Type=simple for systemd service (#28717) 2024-01-07 15:18:04 +00:00
hcaptcha
highlight Add option to disable ambiguous unicode characters detection (#28454) 2023-12-17 14:38:54 +00:00
hostmatcher
html
httpcache Also match weakly validated ETags (#28957) 2024-01-29 16:18:40 +00:00
httplib
indexer [GITEA] Vendor rupture dependency 2024-02-05 15:08:04 +01:00
issue/template
json
label
lfs [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
log
markup [GITEA] Add footnote testing 2024-02-05 16:09:41 +01:00
mcaptcha
metrics
migration
nosql
optional Unify user update methods (#28733) 2024-02-04 13:29:09 +00:00
options
packages [GITEA] feat(nuget): basic manifest download 2024-02-05 15:08:04 +01:00
paginator
pprof
private [CLI] implement forgejo-cli 2024-02-05 13:33:58 +01:00
process
proxy
proxyprotocol
public Refactor CORS handler (#28587) 2023-12-25 20:13:18 +08:00
queue [CI] disable redis test, no redis server yet in CI 2024-02-05 13:33:58 +01:00
recaptcha
references Add support for sha256 repositories (#23894) 2024-01-19 17:05:02 +01:00
regexplru
repository Fix bug for generated repository object format (#28969) 2024-01-28 20:18:15 +00:00
secret [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
session
setting [FEAT] Repository flags 2024-02-05 16:09:42 +01:00
sitemap
ssh Remove SSH workaround (#27893) 2023-11-03 15:21:05 +00:00
storage [CI] Forgejo Actions based CI for PR & branches 2024-02-05 13:33:59 +01:00
structs [GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments 2024-02-05 16:09:42 +01:00
svg
sync
system
templates [FEAT] Repository flags 2024-02-05 16:09:42 +01:00
test
testlogger
timeutil Make template DateTime show proper tooltip (#28677) 2024-01-02 20:09:18 +01:00
translation [I18N] add [common] as first line 2024-02-05 15:10:55 +01:00
turnstile
typesniffer
updatechecker
upload
uri
user
util [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
validation [GITEA] add option for banning dots in usernames 2024-02-05 16:05:50 +01:00
web [GITEA] Configurable clone methods 2024-02-05 16:09:42 +01:00
webhook Fix schedule tasks bugs (#28691) 2024-01-12 21:50:38 +00:00