mirror of
https://github.com/verdaccio/verdaccio.git
synced 2024-12-16 21:56:25 -05:00
fix: search leak private package and ui bug
- Check permission in search API - Fix author's name not show in search result
This commit is contained in:
parent
04e8638291
commit
38518baf44
3 changed files with 13 additions and 7 deletions
|
@ -8,7 +8,10 @@
|
||||||
</div>
|
</div>
|
||||||
<div class="col-md-4 col-sm-4">
|
<div class="col-md-4 col-sm-4">
|
||||||
<div class="author pull-right">
|
<div class="author pull-right">
|
||||||
<small>By: {{ author.name }}</small>
|
{{!-- I can't make hbs helper work without break code style --}}
|
||||||
|
{{#with author}}
|
||||||
|
<small>By: {{{ name }}}</small>
|
||||||
|
{{/with}}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
@ -133,7 +133,11 @@ module.exports = function(config, auth, storage) {
|
||||||
var getData = function(i) {
|
var getData = function(i) {
|
||||||
storage.get_package(results[i].ref, function(err, entry) {
|
storage.get_package(results[i].ref, function(err, entry) {
|
||||||
if (!err && entry) {
|
if (!err && entry) {
|
||||||
packages.push(entry.versions[entry['dist-tags'].latest])
|
auth.allow_access(entry.name, req.remote_user, function(err, allowed) { // TODO: This may cause performance issue?
|
||||||
|
if (err || !allowed) return
|
||||||
|
|
||||||
|
packages.push(entry.versions[entry['dist-tags'].latest])
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
if (i >= results.length - 1) {
|
if (i >= results.length - 1) {
|
||||||
|
|
|
@ -27,7 +27,7 @@ var packages = [
|
||||||
_npmUser: {
|
_npmUser: {
|
||||||
name: 'test_user',
|
name: 'test_user',
|
||||||
}
|
}
|
||||||
},
|
}
|
||||||
]
|
]
|
||||||
|
|
||||||
describe('search', function() {
|
describe('search', function() {
|
||||||
|
@ -44,7 +44,7 @@ describe('search', function() {
|
||||||
it('search query item', function() {
|
it('search query item', function() {
|
||||||
var result = Search.query('t');
|
var result = Search.query('t');
|
||||||
assert(result.length === 3);
|
assert(result.length === 3);
|
||||||
})
|
});
|
||||||
|
|
||||||
it('search remove item', function() {
|
it('search remove item', function() {
|
||||||
var item = {
|
var item = {
|
||||||
|
@ -60,7 +60,6 @@ describe('search', function() {
|
||||||
Search.remove(item.name);
|
Search.remove(item.name);
|
||||||
var result = Search.query('test6');
|
var result = Search.query('test6');
|
||||||
assert(result.length === 0);
|
assert(result.length === 0);
|
||||||
})
|
});
|
||||||
|
|
||||||
})
|
|
||||||
|
|
||||||
|
});
|
||||||
|
|
Loading…
Reference in a new issue