Backport #25019 by @lunny Caused by #24362 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
This commit is contained in:
parent
b83e4f295d
commit
73ae6b21d1
|
@ -110,11 +110,6 @@ func GetAttachment(ctx *context.Context) {
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
} else { // If we have the repository we check access
|
} else { // If we have the repository we check access
|
||||||
context.CheckRepoScopedToken(ctx, repository)
|
|
||||||
if ctx.Written() {
|
|
||||||
return
|
|
||||||
}
|
|
||||||
|
|
||||||
perm, err := access_model.GetUserRepoPermission(ctx, repository, ctx.Doer)
|
perm, err := access_model.GetUserRepoPermission(ctx, repository, ctx.Doer)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err.Error())
|
ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err.Error())
|
||||||
|
|
|
@ -89,6 +89,9 @@ func TestCreateIssueAttachment(t *testing.T) {
|
||||||
// Validate that attachment is available
|
// Validate that attachment is available
|
||||||
req = NewRequest(t, "GET", "/attachments/"+uuid)
|
req = NewRequest(t, "GET", "/attachments/"+uuid)
|
||||||
session.MakeRequest(t, req, http.StatusOK)
|
session.MakeRequest(t, req, http.StatusOK)
|
||||||
|
|
||||||
|
// anonymous visit should be allowed because user2/repo1 is a public repository
|
||||||
|
MakeRequest(t, req, http.StatusOK)
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestGetAttachment(t *testing.T) {
|
func TestGetAttachment(t *testing.T) {
|
||||||
|
|
Loading…
Reference in New Issue