Browse Source

Fix GetContents(): Dont't ignore Executables (#11192)

* Refactor: dont expose help functions

* repofiles GetContents: dont ignore executables

* CI.restart()
mj
6543 2 years ago
committed by GitHub
parent
commit
4ddfe0d07a
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      modules/repofiles/content.go
  2. 14
      routers/api/v1/repo/file.go

2
modules/repofiles/content.go

@ -159,7 +159,7 @@ func GetContents(repo *models.Repository, treePath, ref string, forList bool) (*
}
// Now populate the rest of the ContentsResponse based on entry type
if entry.IsRegular() {
if entry.IsRegular() || entry.IsExecutable() {
contentsResponse.Type = string(ContentTypeRegular)
if blobResponse, err := GetBlobBySHA(repo, entry.ID.String()); err != nil {
return nil, err

14
routers/api/v1/repo/file.go

@ -155,13 +155,13 @@ func GetEditorconfig(ctx *context.APIContext) {
ctx.JSON(http.StatusOK, def)
}
// CanWriteFiles returns true if repository is editable and user has proper access level.
func CanWriteFiles(r *context.Repository) bool {
// canWriteFiles returns true if repository is editable and user has proper access level.
func canWriteFiles(r *context.Repository) bool {
return r.Permission.CanWrite(models.UnitTypeCode) && !r.Repository.IsMirror && !r.Repository.IsArchived
}
// CanReadFiles returns true if repository is readable and user has proper access level.
func CanReadFiles(r *context.Repository) bool {
// canReadFiles returns true if repository is readable and user has proper access level.
func canReadFiles(r *context.Repository) bool {
return r.Permission.CanRead(models.UnitTypeCode)
}
@ -321,7 +321,7 @@ func UpdateFile(ctx *context.APIContext, apiOpts api.UpdateFileOptions) {
// Called from both CreateFile or UpdateFile to handle both
func createOrUpdateFile(ctx *context.APIContext, opts *repofiles.UpdateRepoFileOptions) (*api.FileResponse, error) {
if !CanWriteFiles(ctx.Repo) {
if !canWriteFiles(ctx.Repo) {
return nil, models.ErrUserDoesNotHaveAccessToRepo{
UserID: ctx.User.ID,
RepoName: ctx.Repo.Repository.LowerName,
@ -377,7 +377,7 @@ func DeleteFile(ctx *context.APIContext, apiOpts api.DeleteFileOptions) {
// "404":
// "$ref": "#/responses/error"
if !CanWriteFiles(ctx.Repo) {
if !canWriteFiles(ctx.Repo) {
ctx.Error(http.StatusForbidden, "DeleteFile", models.ErrUserDoesNotHaveAccessToRepo{
UserID: ctx.User.ID,
RepoName: ctx.Repo.Repository.LowerName,
@ -474,7 +474,7 @@ func GetContents(ctx *context.APIContext) {
// "404":
// "$ref": "#/responses/notFound"
if !CanReadFiles(ctx.Repo) {
if !canReadFiles(ctx.Repo) {
ctx.Error(http.StatusInternalServerError, "GetContentsOrList", models.ErrUserDoesNotHaveAccessToRepo{
UserID: ctx.User.ID,
RepoName: ctx.Repo.Repository.LowerName,

Loading…
Cancel
Save