Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix user visible check #21210

Merged
merged 10 commits into from
Sep 20, 2022
Merged

Fix user visible check #21210

merged 10 commits into from
Sep 20, 2022

Conversation

KN4CK3R
Copy link
Member

@KN4CK3R KN4CK3R commented Sep 19, 2022

Fixes #21206

If user and viewer are equal the method should return true.
Also the common organization check was wrong as count can never be less then 0.

@KN4CK3R KN4CK3R added this to the 1.18.0 milestone Sep 19, 2022
@KN4CK3R KN4CK3R added the topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! label Sep 19, 2022
@6543
Copy link
Member

6543 commented Sep 19, 2022

please add a this case as test
so regressions dont happen so likely

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Sep 19, 2022
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Sep 19, 2022
@KN4CK3R KN4CK3R mentioned this pull request Sep 19, 2022
Closed
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Sep 19, 2022
@KN4CK3R
Copy link
Member Author

KN4CK3R commented Sep 19, 2022

Will add a test soon.

lunny
lunny reviewed Sep 19, 2022
View reviewed changes
models/user/user.go Outdated Show resolved Hide resolved
@KN4CK3R
Copy link
Member Author

KN4CK3R commented Sep 19, 2022

There are some consistency checks failing. Will have a look.

@lunny lunny mentioned this pull request Sep 20, 2022
Merged
@lunny lunny added the backport/done All backports for this PR have been created label Sep 20, 2022
@6543
Copy link
Member

6543 commented Sep 20, 2022 

--- FAIL: TestFixtureGeneration (0.10s)

    fixture_test.go:31: 

        	Error Trace:	/drone/src/models/fixture_test.go:31

        	            				/drone/src/models/fixture_test.go:34

        	Error:      	Should be true

        	Test:       	TestFixtureGeneration

        	Messages:   	Differences detected for access.yml

FAIL

ci fail related, fixtures are now inconsistent

@wxiaoguang wxiaoguang merged commit 1b630ff into go-gitea:main Sep 20, 2022
@KN4CK3R KN4CK3R deleted the patch-2 branch September 20, 2022 08:00
wxiaoguang pushed a commit that referenced this pull request Sep 20, 2022
@lunny
Fix limited user cannot view himself's profile (#21212)
f663773 
backport #21210, fix #21206

If user and viewer are equal the method should return true.
Also the common organization check was wrong as count can never be less then 0.

Tests are on main branch.
zjjhot added a commit to zjjhot/gitea that referenced this pull request Sep 22, 2022
@zjjhot
Merge remote-tracking branch 'upstream/main'
96bc6db 
* upstream/main:
  Use absolute links in feeds (go-gitea#21229)
  Prevent invalid behavior for file reviewing when loading more files (go-gitea#21230)
  Respect `REQUIRE_SIGNIN_VIEW` for packages (go-gitea#20873)
  Make Clone in VSCode link get updated correctly (go-gitea#21225)
  Configure golangci-lint to show all issues (go-gitea#21106)
  Fix user visible check (go-gitea#21210)
  Fix template bug of admin monitor (go-gitea#21208)
  Clarify that `ENABLE_SWAGGER` only influences the API docs, not the routes (go-gitea#21215)
  Enable fluid page layout on medium size viewports (go-gitea#21178)
  [API] teamSearch show teams with no members if user is admin (go-gitea#21204)
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@lunny lunny lunny approved these changes

@6543 6543 6543 approved these changes

@delvh delvh delvh approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! type/bug
Projects
None yet
Milestone
1.18.0
Development

Successfully merging this pull request may close these issues.

User with limited visibility cannot view its own profile
6 participants
@KN4CK3R @6543 @lunny @delvh @wxiaoguang @GiteaBot