Nuke the incorrect permission report on /api/v1/notifications (#19761)
The permissions created in convertRepo use a minimal perm.AccessModeRead instead of correctly computing the permission for the repository. This incorrect permission is then reported to the user. I do not believe that reporting the permissions is helpful and therefore I propose we simply null these out. The user can check their permissions using a different endpoint. Fix #19759 Signed-off-by: Andrew Thornton <art27@cantab.net>
This commit is contained in:
parent
fd7d83ace6
commit
a9af93cb21
1 changed files with 5 additions and 0 deletions
|
@ -25,6 +25,11 @@ func ToNotificationThread(n *models.Notification) *api.NotificationThread {
|
||||||
// since user only get notifications when he has access to use minimal access mode
|
// since user only get notifications when he has access to use minimal access mode
|
||||||
if n.Repository != nil {
|
if n.Repository != nil {
|
||||||
result.Repository = ToRepo(n.Repository, perm.AccessModeRead)
|
result.Repository = ToRepo(n.Repository, perm.AccessModeRead)
|
||||||
|
|
||||||
|
// This permission is not correct and we should not be reporting it
|
||||||
|
for repository := result.Repository; repository != nil; repository = repository.Parent {
|
||||||
|
repository.Permissions = nil
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// handle Subject
|
// handle Subject
|
||||||
|
|
Loading…
Reference in a new issue