1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-01-24 23:15:22 +00:00
forgejo/routers/api/v1/repo
Earl Warren e658a6a9cd
[GITEA] API commentAssignment() to verify the id belongs
Instead of repeating the tests that verify the ID of a comment
is related to the repository of the API endpoint, add the middleware
function commentAssignment() to assign ctx.Comment if the ID of the
comment is verified to be related to the repository.

There already are integration tests for cases of potential unrelated
comment IDs that cover some of the modified endpoints which covers the
commentAssignment() function logic.

* TestAPICommentReactions - GetIssueCommentReactions
* TestAPICommentReactions - PostIssueCommentReaction
* TestAPICommentReactions - DeleteIssueCommentReaction
* TestAPIEditComment - EditIssueComment
* TestAPIDeleteComment - DeleteIssueComment
* TestAPIGetCommentAttachment - GetIssueCommentAttachment

The other modified endpoints do not have tests to verify cases of
potential unrelated comment IDs. They no longer need to because they
no longer implement the logic to enforce this. They however all have
integration tests that verify the commentAssignment() they now rely on
does not introduce a regression.

* TestAPIGetComment - GetIssueComment
* TestAPIListCommentAttachments - ListIssueCommentAttachments
* TestAPICreateCommentAttachment - CreateIssueCommentAttachment
* TestAPIEditCommentAttachment - EditIssueCommentAttachment
* TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment

(cherry picked from commit d414376d74)
(cherry picked from commit 09db07aeae)
(cherry picked from commit f44830c3cb)

Conflicts:
	modules/context/api.go
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 9d1bf7be15)
2024-02-05 16:09:43 +01:00
..
action.go Refactor secrets modification logic (#26873) 2023-09-05 15:21:02 +00:00
avatar.go Add missing 404 response to Swagger (#27038) 2023-09-13 10:37:54 +08:00
blob.go Add missing 404 response to Swagger (#27038) 2023-09-13 10:37:54 +08:00
branch.go Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
collaborators.go Move more functions to db.Find (#28419) 2024-01-15 02:19:25 +00:00
commits.go Update tool dependencies (#29030) 2024-02-02 19:11:39 -05:00
file.go Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
flags.go [FEAT] API support for repository flags 2024-02-05 16:09:42 +01:00
fork.go Even more db.DefaultContext refactor (#27352) 2023-10-03 10:30:41 +00:00
git_hook.go Add missing 404 response to Swagger (#27038) 2023-09-13 10:37:54 +08:00
git_ref.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
hook.go Use db.Find instead of writing methods for every object (#28084) 2023-11-24 03:49:41 +00:00
hook_test.go Move web/api context related testing function into a separate package (#26859) 2023-09-01 11:26:07 +00:00
issue.go [FEAT] allow setting the update date on issues and comments 2024-02-05 14:44:33 +01:00
issue_attachment.go [FEAT] allow setting the update date on issues and comments 2024-02-05 14:44:33 +01:00
issue_comment.go [GITEA] API commentAssignment() to verify the id belongs 2024-02-05 16:09:43 +01:00
issue_comment_attachment.go [GITEA] API commentAssignment() to verify the id belongs 2024-02-05 16:09:43 +01:00
issue_dependency.go Fix issue dependencies (#27736) 2024-01-12 16:49:02 +00:00
issue_label.go [FEAT] allow setting the update date on issues and comments 2024-02-05 14:44:33 +01:00
issue_pin.go Even more db.DefaultContext refactor (#27352) 2023-10-03 10:30:41 +00:00
issue_reaction.go [GITEA] API commentAssignment() to verify the id belongs 2024-02-05 16:09:43 +01:00
issue_stopwatch.go Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
issue_subscription.go Even more db.DefaultContext refactor (#27352) 2023-10-03 10:30:41 +00:00
issue_tracked_time.go Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
key.go Fix comment permissions (#28213) 2023-11-25 17:21:21 +00:00
label.go Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
language.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
main_test.go make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
migrate.go Remove unnecessary parameter (#27671) 2023-10-18 15:03:10 +00:00
milestone.go Second part of refactor db.Find (#28194) 2023-12-11 16:56:48 +08:00
mirror.go Refactor deletion (#28610) 2023-12-25 21:25:29 +01:00
notes.go Abstract hash function usage (#28138) 2023-12-13 21:02:00 +00:00
patch.go Updates to the API for archived repos (#27149) 2023-09-21 23:43:29 +00:00
pull.go Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
pull_review.go [GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments 2024-02-05 16:09:42 +01:00
release.go Move more functions to db.Find (#28419) 2024-01-15 02:19:25 +00:00
release_attachment.go Fix comment permissions (#28213) 2023-11-25 17:21:21 +00:00
release_tags.go Fix comment permissions (#28213) 2023-11-25 17:21:21 +00:00
repo.go Simplify how git repositories are opened (#28937) 2024-01-27 21:09:51 +01:00
repo_test.go Move web/api context related testing function into a separate package (#26859) 2023-09-01 11:26:07 +00:00
runners.go Add get actions runner registration token for API routes, repo, org, user and global level (#27144) 2023-12-27 07:57:54 +00:00
star.go More refactoring of db.DefaultContext (#27083) 2023-09-15 06:13:19 +00:00
status.go Fix GetCommitStatuses (#28787) 2024-01-15 14:07:32 +00:00
subscriber.go More refactoring of db.DefaultContext (#27083) 2023-09-15 06:13:19 +00:00
tag.go Fix comment permissions (#28213) 2023-11-25 17:21:21 +00:00
teams.go More refactoring of db.DefaultContext (#27083) 2023-09-15 06:13:19 +00:00
topic.go Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
transfer.go Move some repository transfer functions to service layer (#28855) 2024-02-05 06:17:23 +00:00
tree.go Add missing 404 response to Swagger (#27038) 2023-09-13 10:37:54 +08:00
wiki.go Fix an actions schedule bug (#28942) 2024-01-31 14:55:12 +00:00