TRKJ/gitea
2
0
Fork 0
mirror of https://gitee.com/gitea/gitea synced 2025-11-04 08:30:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

models/webhook: restrict deletion to be explicitly with repo and org ID

Browse Source
This commit is contained in:
Unknwon
2016-07-17 08:33:59 +08:00
parent 5ff2dfb23e
commit 60110adc06
7 changed files with 55 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
routers/org/setting.go
View File

@@ -7,8 +7,6 @@ package org
import (
"strings"
"github.com/Unknwon/com"
"github.com/gogits/gogs/models"
"github.com/gogits/gogs/modules/auth"
"github.com/gogits/gogs/modules/base"
@@ -142,18 +140,6 @@ func Webhooks(ctx *context.Context) {
ctx.Data["BaseLink"] = ctx.Org.OrgLink
ctx.Data["Description"] = ctx.Tr("org.settings.hooks_desc")
// Delete web hook.
remove := com.StrTo(ctx.Query("remove")).MustInt64()
if remove > 0 {
if err := models.DeleteWebhook(remove); err != nil {
ctx.Handle(500, "DeleteWebhook", err)
return
}
ctx.Flash.Success(ctx.Tr("repo.settings.remove_hook_success"))
ctx.Redirect(ctx.Org.OrgLink + "/settings/hooks")
return
}
ws, err := models.GetWebhooksByOrgID(ctx.Org.Organization.Id)
if err != nil {
ctx.Handle(500, "GetWebhooksByOrgId", err)
@@ -165,8 +151,8 @@ func Webhooks(ctx *context.Context) {
}
func DeleteWebhook(ctx *context.Context) {
if err := models.DeleteWebhook(ctx.QueryInt64("id")); err != nil {
ctx.Flash.Error("DeleteWebhook: " + err.Error())
if err := models.DeleteWebhookByOrgID(ctx.Org.Organization.Id, ctx.QueryInt64("id")); err != nil {
ctx.Flash.Error("DeleteWebhookByOrgID: " + err.Error())
} else {
ctx.Flash.Success(ctx.Tr("repo.settings.webhook_deletion_success"))
}