mirror of
https://codeberg.org/forgejo/forgejo
synced 2024-11-24 02:36:10 +01:00
a9af93cb21
The permissions created in convertRepo use a minimal perm.AccessModeRead instead of correctly computing the permission for the repository. This incorrect permission is then reported to the user. I do not believe that reporting the permissions is helpful and therefore I propose we simply null these out. The user can check their permissions using a different endpoint. Fix #19759 Signed-off-by: Andrew Thornton <art27@cantab.net>
97 lines
3.1 KiB
Go
97 lines
3.1 KiB
Go
// Copyright 2020 The Gitea Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package convert
|
|
|
|
import (
|
|
"net/url"
|
|
|
|
"code.gitea.io/gitea/models"
|
|
"code.gitea.io/gitea/models/perm"
|
|
api "code.gitea.io/gitea/modules/structs"
|
|
)
|
|
|
|
// ToNotificationThread convert a Notification to api.NotificationThread
|
|
func ToNotificationThread(n *models.Notification) *api.NotificationThread {
|
|
result := &api.NotificationThread{
|
|
ID: n.ID,
|
|
Unread: !(n.Status == models.NotificationStatusRead || n.Status == models.NotificationStatusPinned),
|
|
Pinned: n.Status == models.NotificationStatusPinned,
|
|
UpdatedAt: n.UpdatedUnix.AsTime(),
|
|
URL: n.APIURL(),
|
|
}
|
|
|
|
// since user only get notifications when he has access to use minimal access mode
|
|
if n.Repository != nil {
|
|
result.Repository = ToRepo(n.Repository, perm.AccessModeRead)
|
|
|
|
// This permission is not correct and we should not be reporting it
|
|
for repository := result.Repository; repository != nil; repository = repository.Parent {
|
|
repository.Permissions = nil
|
|
}
|
|
}
|
|
|
|
// handle Subject
|
|
switch n.Source {
|
|
case models.NotificationSourceIssue:
|
|
result.Subject = &api.NotificationSubject{Type: api.NotifySubjectIssue}
|
|
if n.Issue != nil {
|
|
result.Subject.Title = n.Issue.Title
|
|
result.Subject.URL = n.Issue.APIURL()
|
|
result.Subject.HTMLURL = n.Issue.HTMLURL()
|
|
result.Subject.State = n.Issue.State()
|
|
comment, err := n.Issue.GetLastComment()
|
|
if err == nil && comment != nil {
|
|
result.Subject.LatestCommentURL = comment.APIURL()
|
|
result.Subject.LatestCommentHTMLURL = comment.HTMLURL()
|
|
}
|
|
}
|
|
case models.NotificationSourcePullRequest:
|
|
result.Subject = &api.NotificationSubject{Type: api.NotifySubjectPull}
|
|
if n.Issue != nil {
|
|
result.Subject.Title = n.Issue.Title
|
|
result.Subject.URL = n.Issue.APIURL()
|
|
result.Subject.HTMLURL = n.Issue.HTMLURL()
|
|
result.Subject.State = n.Issue.State()
|
|
comment, err := n.Issue.GetLastComment()
|
|
if err == nil && comment != nil {
|
|
result.Subject.LatestCommentURL = comment.APIURL()
|
|
result.Subject.LatestCommentHTMLURL = comment.HTMLURL()
|
|
}
|
|
|
|
pr, _ := n.Issue.GetPullRequest()
|
|
if pr != nil && pr.HasMerged {
|
|
result.Subject.State = "merged"
|
|
}
|
|
}
|
|
case models.NotificationSourceCommit:
|
|
url := n.Repository.HTMLURL() + "/commit/" + url.PathEscape(n.CommitID)
|
|
result.Subject = &api.NotificationSubject{
|
|
Type: api.NotifySubjectCommit,
|
|
Title: n.CommitID,
|
|
URL: url,
|
|
HTMLURL: url,
|
|
}
|
|
case models.NotificationSourceRepository:
|
|
result.Subject = &api.NotificationSubject{
|
|
Type: api.NotifySubjectRepository,
|
|
Title: n.Repository.FullName(),
|
|
// FIXME: this is a relative URL, rather useless and inconsistent, but keeping for backwards compat
|
|
URL: n.Repository.Link(),
|
|
HTMLURL: n.Repository.HTMLURL(),
|
|
}
|
|
}
|
|
|
|
return result
|
|
}
|
|
|
|
// ToNotifications convert list of Notification to api.NotificationThread list
|
|
func ToNotifications(nl models.NotificationList) []*api.NotificationThread {
|
|
result := make([]*api.NotificationThread, 0, len(nl))
|
|
for _, n := range nl {
|
|
result = append(result, ToNotificationThread(n))
|
|
}
|
|
return result
|
|
}
|