TRKJ/gitea
2
0
Fork 0
mirror of https://gitee.com/gitea/gitea synced 2025-11-04 08:30:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Require repo scope for PATs for private repos and basic authentication (#24362)

Browse Source 
> The scoped token PR just checked all API routes but in fact, some web
routes like `LFS`, git `HTTP`, container, and attachments supports basic
auth. This PR added scoped token check for them.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
This commit is contained in:
John Olheiser
2023-04-26 19:24:03 -05:00
committed by GitHub
parent 8f57aa014b
commit 5e36024105
11 changed files with 117 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tests/integration/api_packages_vagrant_test.go
View File

@@ -12,6 +12,7 @@ import (
"strings"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
"code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/packages"
"code.gitea.io/gitea/models/unittest"
@@ -27,7 +28,7 @@ func TestPackageVagrant(t *testing.T) {
defer tests.PrepareTestEnv(t)()
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
token := "Bearer " + getUserToken(t, user.Name)
token := "Bearer " + getUserToken(t, user.Name, auth_model.AccessTokenScopePackage)
packageName := "test_package"
packageVersion := "1.0.1"