mirror of
1
Fork 0
forgejo/modules
Earl Warren e658a6a9cd
[GITEA] API commentAssignment() to verify the id belongs
Instead of repeating the tests that verify the ID of a comment
is related to the repository of the API endpoint, add the middleware
function commentAssignment() to assign ctx.Comment if the ID of the
comment is verified to be related to the repository.

There already are integration tests for cases of potential unrelated
comment IDs that cover some of the modified endpoints which covers the
commentAssignment() function logic.

* TestAPICommentReactions - GetIssueCommentReactions
* TestAPICommentReactions - PostIssueCommentReaction
* TestAPICommentReactions - DeleteIssueCommentReaction
* TestAPIEditComment - EditIssueComment
* TestAPIDeleteComment - DeleteIssueComment
* TestAPIGetCommentAttachment - GetIssueCommentAttachment

The other modified endpoints do not have tests to verify cases of
potential unrelated comment IDs. They no longer need to because they
no longer implement the logic to enforce this. They however all have
integration tests that verify the commentAssignment() they now rely on
does not introduce a regression.

* TestAPIGetComment - GetIssueComment
* TestAPIListCommentAttachments - ListIssueCommentAttachments
* TestAPICreateCommentAttachment - CreateIssueCommentAttachment
* TestAPIEditCommentAttachment - EditIssueCommentAttachment
* TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment

(cherry picked from commit d414376d74)
(cherry picked from commit 09db07aeae)
(cherry picked from commit f44830c3cb)

Conflicts:
	modules/context/api.go
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 9d1bf7be15)
2024-02-05 16:09:43 +01:00
..
actions [CI] Search .forgejo/workflows first 2024-02-05 13:33:59 +01:00
activitypub Upgrade to golangci-lint@v1.55.0 (#27756) 2023-10-24 02:54:59 +00:00
analyze Rename code_langauge.go to code_language.go (#26377) 2023-08-07 15:00:53 -04:00
assetfs Use `Set[Type]` instead of `map[Type]bool/struct{}`. (#26804) 2023-08-30 06:55:25 +00:00
auth [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
avatar [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
base [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
cache Always enable caches (#28527) 2023-12-19 09:29:05 +00:00
charset Preserve BOM in web editor (#28935) 2024-01-27 18:02:51 +00:00
container Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
context [GITEA] API commentAssignment() to verify the id belongs 2024-02-05 16:09:43 +01:00
contexttest Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
csv Refactor locale number (#24134) 2023-04-17 11:37:23 +08:00
emoji Update emoji set to Unicode 15 (#25595) 2023-06-29 16:29:48 +00:00
eventsource Final round of `db.DefaultContext` refactor (#27587) 2023-10-14 08:37:24 +00:00
generate Handle base64 decoding correctly to avoid panic (#26483) 2023-08-14 10:30:16 +00:00
git [GITEA] Find README.md for user profiles case insensitively 2024-02-05 16:09:42 +01:00
gitgraph More `db.DefaultContext` refactor (#27265) 2023-09-29 12:12:54 +00:00
gitrepo Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
graceful Suggest to use Type=simple for systemd service (#28717) 2024-01-07 15:18:04 +00:00
hcaptcha Consume hcaptcha and pwn deps (#22610) 2023-01-29 09:49:51 -06:00
highlight Add option to disable ambiguous unicode characters detection (#28454) 2023-12-17 14:38:54 +00:00
hostmatcher Support allowed hosts for webhook to work with proxy (#27655) 2023-10-18 09:44:36 +00:00
html Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
httpcache Also match weakly validated ETags (#28957) 2024-01-29 16:18:40 +00:00
httplib Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
indexer [GITEA] Vendor rupture dependency 2024-02-05 15:08:04 +01:00
issue/template Replace `interface{}` with `any` (#25686) 2023-07-04 18:36:08 +00:00
json Replace `interface{}` with `any` (#25686) 2023-07-04 18:36:08 +00:00
label Make label templates have consistent behavior and priority (#23749) 2023-04-10 16:44:02 +08:00
lfs [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
log Reduce some allocations in type conversion (#26772) 2023-08-29 00:43:16 +08:00
markup [GITEA] Add footnote testing 2024-02-05 16:09:41 +01:00
mcaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
metrics Reduce usage of `db.DefaultContext` (#27073) 2023-09-14 17:09:32 +00:00
migration Replace `interface{}` with `any` (#25686) 2023-07-04 18:36:08 +00:00
nosql Update tool dependencies, lock govulncheck and actionlint (#25655) 2023-07-09 11:58:06 +00:00
optional Unify user update methods (#28733) 2024-02-04 13:29:09 +00:00
options Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
packages [GITEA] feat(nuget): basic manifest download 2024-02-05 15:08:04 +01:00
paginator Use more specific test methods (#24265) 2023-04-22 17:56:27 -04:00
pprof Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
private [CLI] implement forgejo-cli 2024-02-05 13:33:58 +01:00
process Replace assert.Fail with assert.FailNow (#27578) 2023-10-11 11:02:24 +00:00
proxy Use proxy for pull mirror (#22771) 2023-02-11 08:39:50 +08:00
proxyprotocol Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
public Refactor CORS handler (#28587) 2023-12-25 20:13:18 +08:00
queue [CI] disable redis test, no redis server yet in CI 2024-02-05 13:33:58 +01:00
recaptcha Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
references Add support for sha256 repositories (#23894) 2024-01-19 17:05:02 +01:00
regexplru Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
repository Fix bug for generated repository object format (#28969) 2024-01-28 20:18:15 +00:00
secret [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
session Next round of `db.DefaultContext` refactor (#27089) 2023-09-16 14:39:12 +00:00
setting [FEAT] Repository flags 2024-02-05 16:09:42 +01:00
sitemap Fix sitemap (#22272) 2022-12-30 23:31:00 +08:00
ssh Remove SSH workaround (#27893) 2023-11-03 15:21:05 +00:00
storage [CI] Forgejo Actions based CI for PR & branches 2024-02-05 13:33:59 +01:00
structs [GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments 2024-02-05 16:09:42 +01:00
svg Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
sync Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
system Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
templates [FEAT] Repository flags 2024-02-05 16:09:42 +01:00
test Move web/api context related testing function into a separate package (#26859) 2023-09-01 11:26:07 +00:00
testlogger Replace `interface{}` with `any` (#25686) 2023-07-04 18:36:08 +00:00
timeutil Make template `DateTime` show proper tooltip (#28677) 2024-01-02 20:09:18 +01:00
translation [I18N] add [common] as first line 2024-02-05 15:10:55 +01:00
turnstile Add new captcha: cloudflare turnstile (#22369) 2023-02-05 15:29:03 +08:00
typesniffer Detect ogg mime-type as audio or video (#26494) 2023-08-15 10:31:25 +08:00
updatechecker Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
upload Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
uri Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
user Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
util [GITEA] Drop sha256-simd in favor of stdlib 2024-02-05 16:09:40 +01:00
validation [GITEA] add option for banning dots in usernames 2024-02-05 16:05:50 +01:00
web [GITEA] Configurable clone methods 2024-02-05 16:09:42 +01:00
webhook Fix schedule tasks bugs (#28691) 2024-01-12 21:50:38 +00:00