Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not add links to Posters or Assignees with ID < 0 #20577

Merged
merged 8 commits into from
Sep 3, 2022
Merged

Do not add links to Posters or Assignees with ID < 0 #20577

merged 8 commits into from
Sep 3, 2022

Conversation

zeripath
Copy link
Contributor

There are several places in templates/repo/issue/view_content/comments.tmpl where links are made to Posters or Assignees who are Ghosts or have IDs <0.

Fix #20559

Signed-off-by: Andrew Thornton art27@cantab.net

@zeripath
Do not add links to Posters or Assignees with ID < 0
8281ea2 
Fix go-gitea#20559

Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath added this to the 1.18.0 milestone Jul 31, 2022
@zeripath
Copy link
Contributor Author

We probably need to create a subtemplate here but this is the hacky quick solution

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Jul 31, 2022
delvh
delvh reviewed Jul 31, 2022
View reviewed changes
Copy link
Member

@delvh delvh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good so far, but I can find 121 instances with ag '[^\s{]\.HomeLink', where basically nowhere the assumption can be made that the user exists. Not even if in the profile.tmpl because even if the user manages to be linked to the Ghost user profile, he still shouldn't get links like to his RSS feed.

templates/repo/issue/view_content/comments.tmpl Outdated Show resolved Hide resolved
@zeripath
Copy link
Contributor Author

zeripath commented Aug 1, 2022

Good so far, but I can find 121 instances with ag '[^\s{]\.HomeLink', where basically nowhere the assumption can be made that the user exists. Not even if in the profile.tmpl because even if the user manages to be linked to the Ghost user profile, he still shouldn't get links like to his RSS feed.

I mean honestly it looks like we should just create the subtemplate.

@Gusted Gusted added the pr/wip This PR is not ready for review label Aug 9, 2022
delvh
delvh reviewed Aug 12, 2022
View reviewed changes
Copy link
Member

@delvh delvh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, a PR that removes lines, improves readability, and still adds additional functionality.
That is a good PR.

templates/org/team/teams.tmpl Show resolved Hide resolved
templates/repo/issue/view_content/comments.tmpl Outdated Show resolved Hide resolved
@zeripath
fix spans
bcffc12 
Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath
fix spacing;
3c3c9ed 
Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath
fix spacing 2
c73ec14 
Signed-off-by: Andrew Thornton <art27@cantab.net>
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Aug 12, 2022
@codecov-commenter
Copy link

Codecov Report

❗ No coverage uploaded for pull request base (main@c81b26b). Click here to learn what that means.
The diff coverage is n/a.

@@           Coverage Diff           @@
##             main   #20577   +/-   ##
=======================================
  Coverage        ?   47.03%           
=======================================
  Files           ?      982           
  Lines           ?   135988           
  Branches        ?        0           
=======================================
  Hits            ?    63959           
  Misses          ?    64177           
  Partials        ?     7852

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@zeripath zeripath removed the pr/wip This PR is not ready for review label Aug 13, 2022
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Sep 3, 2022
@zeripath zeripath merged commit de7b87f into go-gitea:main Sep 3, 2022
@zeripath zeripath deleted the fix-20559-no-links-to-ghosts branch September 3, 2022 09:33
zeripath added a commit to zeripath/gitea that referenced this pull request Sep 3, 2022
@zeripath
Do not add links to Posters or Assignees with ID < 0 (go-gitea#20577)
9f20b44 
Backport go-gitea#20577

There are several places in templates/repo/issue/view_content/comments.tmpl where links are made to Posters or Assignees who are Ghosts or have IDs <0.

Fix go-gitea#20559

Signed-off-by: Andrew Thornton <art27@cantab.net>
@zeripath zeripath mentioned this pull request Sep 3, 2022
Merged
@zeripath zeripath added the backport/done All backports for this PR have been created label Sep 3, 2022
lunny pushed a commit that referenced this pull request Sep 3, 2022
@zeripath
Do not add links to Posters or Assignees with ID < 0 (#20577) (#21037)
2f0a1eb 
Backport #20577

There are several places in templates/repo/issue/view_content/comments.tmpl where links are made to Posters or Assignees who are Ghosts or have IDs <0.

Fix #20559

Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
zjjhot added a commit to zjjhot/gitea that referenced this pull request Sep 5, 2022
@zjjhot
Merge remote-tracking branch 'upstream/main'
ccd705d 
* upstream/main: (22 commits)
  [skip ci] Updated translations via Crowdin
  Webhook for Wiki changes (go-gitea#20219)
  test: use `T.TempDir` to create temporary test directory (go-gitea#21043)
  Set uploadpack.allowFilter etc on gitea serv to enable partial clones with ssh (go-gitea#20902)
  Fix 500 on time tracking in timeline API (go-gitea#21052)
  Add more checks in migration code (go-gitea#21011)
  Fill the specified ref in webhook test payload (go-gitea#20961)
  [skip ci] Updated licenses and gitignores
  Add go licenses to licenses.txt (go-gitea#21034)
  Added docs for agit-setup (go-gitea#21027)
  Add another index for Action table on postgres (go-gitea#21033)
  Delete unreferenced packages when deleting a package version (go-gitea#20977)
  Improve arc-green code theme (go-gitea#21039)
  Add down key check has tribute container (go-gitea#21016)
  Do not add links to Posters or Assignees with ID < 0 (go-gitea#20577)
  [skip ci] Updated translations via Crowdin
  Show language name on hover (go-gitea#20923)
  fix: PackageMetadataVersion deps (go-gitea#21017)
  Fix the quick-submit for pending review comment (go-gitea#20992)
  Kd/ci playwright go test (go-gitea#20123)
  ...
vanhoang1107 added a commit to vanhoang1107/gitea that referenced this pull request Oct 31, 2022
@vanhoang1107
Merge remote-tracking branch 'src/release/v1.17' into release/v1.17
d7bf1a9 
* src/release/v1.17: (26 commits)
  Fix reaction of issues (go-gitea#21185) (go-gitea#21196)
  Fix CSV diff for added/deleted files (go-gitea#21189) (go-gitea#21193)
  Fix pagination limit parameter problem (go-gitea#21111)
  Add MD5 back to template helper functions to avoid breaking (go-gitea#21102)
  Add changelog for v1.17.2 (go-gitea#21089)
  Fix sub folder in repository missing add file dropdown (go-gitea#21069) (go-gitea#21083)
  Fix hard-coded timeout and error panic in API archive download endpoint (go-gitea#20925) (go-gitea#21051)
  Fix delete user missed some comments (go-gitea#21067) (go-gitea#21068)
  Delete unreferenced packages when deleting a package version (go-gitea#20977) (go-gitea#21060)
  Redirect if user does not exist on admin pages (go-gitea#20981) (go-gitea#21059)
  Set uploadpack.allowFilter etc on gitea serv to enable partial clones with ssh (go-gitea#20902) (go-gitea#21058)
  Fix 500 on time in timeline API (go-gitea#21052) (go-gitea#21057)
  Fill the specified ref in webhook test payload (go-gitea#20961) (go-gitea#21055)
  Add another index for Action table on postgres (go-gitea#21033) (go-gitea#21054)
  fix broken insecureskipverify handling in rediss connection uris (go-gitea#20967) (go-gitea#21053)
  Add more checks in migration code (go-gitea#21011) (go-gitea#21050)
  Add Dev, Peer and Optional dependencies to npm PackageMetadataVersion (go-gitea#21017) (go-gitea#21044)
  Improve arc-green code theme (go-gitea#21039) (go-gitea#21042)
  Add down key check has tribute container (go-gitea#21016) (go-gitea#21038)
  Do not add links to Posters or Assignees with ID < 0 (go-gitea#20577) (go-gitea#21037)
  ...
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@techknowlogick techknowlogick techknowlogick approved these changes

@delvh delvh delvh approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/bug
Projects
None yet
Milestone
1.18.0
Development

Successfully merging this pull request may close these issues.

Do not create links to Ghost users
6 participants
@zeripath @codecov-commenter @techknowlogick @delvh @GiteaBot @Gusted