JavaScript is disabled, refresh for a better experience. ambee/giterated

ambee/giterated

Git repository hosting, collaboration, and discovery for the Fediverse.

Check if requesting user is allowed to see the repository

View files Patch

Type: Fix

emilia - ⁨2⁩ years ago

parent: tbd commit: ⁨1b40c1d

Showing ⁨⁨5⁩ changed files⁩ with ⁨⁨35⁩ insertions⁩ and ⁨⁨19⁩ deletions⁩

src/authentication.rs

View file
@@ -107,7 +107,9 @@ impl AuthenticationTokenGranter {
107 107 )
108 108 .unwrap();
109 109
110 Ok(AuthenticationTokenResponse { token: UserAuthenticationToken::from(token) })
110 Ok(AuthenticationTokenResponse {
111 token: UserAuthenticationToken::from(token),
112 })
111 113 }
112 114
113 115 pub async fn extension_request(

src/backend/git.rs

View file
@@ -262,8 +262,7 @@ impl RepositoryBackend for GitBackend {
262 262 error!("Failed creating repository on disk!? {:?}", err);
263 263
264 264 // Delete repository from database
265 self
266 .delete_by_owner_user_name(&request.owner, request.name.as_str())
265 self.delete_by_owner_user_name(&request.owner, request.name.as_str())
267 266 .await?;
268 267
269 268 // ???
@@ -441,6 +440,7 @@ impl RepositoryBackend for GitBackend {
441 440
442 441 async fn repositories_for_user(
443 442 &mut self,
443 requester: Option<&User>,
444 444 user: &User,
445 445 ) -> Result<Vec<RepositorySummary>, Error> {
446 446 let mut repositories = sqlx::query_as!(
@@ -453,18 +453,25 @@ impl RepositoryBackend for GitBackend {
453 453 let mut result = vec![];
454 454
455 455 while let Some(Ok(Either::Right(repository))) = repositories.next().await {
456 result.push(RepositorySummary {
457 repository: Repository {
456 // Check if the requesting user is allowed to see the repository
457 if matches!(
458 repository.visibility,
459 RepositoryVisibility::Unlisted | RepositoryVisibility::Private
460 ) && Some(&repository.owner_user.clone()) != requester
461 {
462 result.push(RepositorySummary {
463 repository: Repository {
464 owner: repository.owner_user.clone(),
465 name: repository.name,
466 instance: self.instance.clone(),
467 },
458 468 owner: repository.owner_user.clone(),
459 name: repository.name,
460 instance: self.instance.clone(),
461 },
462 owner: repository.owner_user.clone(),
463 visibility: repository.visibility,
464 description: repository.description,
465 // TODO
466 last_commit: None,
467 });
469 visibility: repository.visibility,
470 description: repository.description,
471 // TODO
472 last_commit: None,
473 });
474 }
468 475 }
469 476
470 477 Ok(result)

src/backend/mod.rs

View file
@@ -6,6 +6,7 @@ pub mod user;
6 6 use anyhow::Error;
7 7 use async_trait::async_trait;
8 8
9 use crate::backend::git::GitBackendError;
9 10 use crate::{
10 11 messages::{
11 12 authentication::{
@@ -28,7 +29,6 @@ use crate::{
28 29 user::User,
29 30 },
30 31 };
31 use crate::backend::git::GitBackendError;
32 32
33 33 #[async_trait]
34 34 pub trait RepositoryBackend: IssuesBackend {
@@ -47,8 +47,11 @@ pub trait RepositoryBackend: IssuesBackend {
47 47 requester: Option<&User>,
48 48 request: &RepositoryFileInspectRequest,
49 49 ) -> Result<RepositoryFileInspectionResponse, Error>;
50 async fn repositories_for_user(&mut self, user: &User)
51 -> Result<Vec<RepositorySummary>, Error>;
50 async fn repositories_for_user(
51 &mut self,
52 requester: Option<&User>,
53 user: &User,
54 ) -> Result<Vec<RepositorySummary>, Error>;
52 55 }
53 56
54 57 pub trait IssuesBackend {

src/connection/repository.rs

View file
@@ -1,5 +1,6 @@
1 1 use anyhow::Error;
2 2
3 use crate::backend::git::GitBackendError;
3 4 use crate::{
4 5 messages::repository::{
5 6 RepositoryCreateRequest, RepositoryFileInspectRequest, RepositoryInfoRequest,
@@ -7,7 +8,6 @@ use crate::{
7 8 },
8 9 model::authenticated::{AuthenticatedUser, Message, MessageHandler, NetworkMessage, State},
9 10 };
10 use crate::backend::git::GitBackendError;
11 11
12 12 use super::{wrapper::ConnectionState, HandlerUnhandled};
13 13

src/model/authenticated.rs

View file
@@ -243,7 +243,11 @@ impl FromMessage<ConnectionState> for AuthenticatedInstance {
243 243 .source
244 244 .iter()
245 245 .filter_map(|auth| {
246 if let AuthenticationSource::Instance { instance, signature } = auth {
246 if let AuthenticationSource::Instance {
247 instance,
248 signature,
249 } = auth
250 {
247 251 Some((instance, signature))
248 252 } else {
249 253 None