oleks/gitea
1
0
Fork 0
Code Issues Pull Requests Packages Projects 2 Releases Wiki Activity

fix(git): Fix smart http request scope bug (#37583)

Browse Source 
Co-authored-by: Nicolas <bircni@icloud.com>
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
Co-authored-by: silverwind <me@silverwind.io>
This commit is contained in:
Lunny Xiao
2026-05-07 23:30:23 -07:00
committed by GitHub
parent 243c2d7146
commit 7dc3087acd
2 changed files with 44 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/context/permission.go
+4 -4
View File
@@ -57,14 +57,14 @@ func RequireUnitReader(unitTypes ...unit.Type) func(ctx *Context) {
}
}
// CheckRepoScopedToken check whether personal access token has repo scope
// CheckRepoScopedToken checks whether the authenticated API token has repo scope.
func CheckRepoScopedToken(ctx *Context, repo *repo_model.Repository, level auth_model.AccessTokenScopeLevel) {
if !ctx.IsBasicAuth || ctx.Data["IsApiToken"] != true {
if ctx.Data["IsApiToken"] != true {
return
}
scope, ok := ctx.Data["ApiTokenScope"].(auth_model.AccessTokenScope)
if ok { // it's a personal access token but not oauth2 token
if ok {
var scopeMatched bool
requiredScopes := auth_model.GetRequiredScopes(level, auth_model.AccessTokenScopeCategoryRepository)
@@ -76,7 +76,7 @@ func CheckRepoScopedToken(ctx *Context, repo *repo_model.Repository, level auth_
return
}
if publicOnly && repo.IsPrivate {
if publicOnly && repo != nil && repo.IsPrivate {
ctx.HTTPError(http.StatusForbidden)
return
}