woodpecker/server/api
qwerty287 e847cbadfa
Check permissions on repo lookup (#2357)
There was no permission check when looking up repos so you were able to
get basic repo information even if you're not allowed to.

This uses `session.MustPull` (and set repo/perms before) to fix this.
2023-08-30 16:35:34 +02:00
..
debug Update swagger API specification (#1782) 2023-06-03 21:38:36 +02:00
metrics disable metrics access if no token is set (#1469) 2022-12-09 18:03:43 +01:00
agent.go Update swagger API specification (#1782) 2023-06-03 21:38:36 +02:00
badge.go Show that repo is disabled (#2340) 2023-08-28 18:57:44 +02:00
cron.go Access repos by their ids (#1691) 2023-06-13 01:07:52 +02:00
global_secret.go Fix swagger response code (#2119) 2023-08-05 19:44:49 +02:00
helper.go Refactor nits (#1652) 2023-03-19 18:32:19 +01:00
hook.go Move "skip ci" logic into global pipeline conditions (#2216) 2023-08-17 15:52:43 +02:00
login.go Fix UI and backend paths with subpath (#1799) 2023-08-07 16:05:18 +02:00
org.go Support user secrets (#2126) 2023-08-21 15:04:12 +02:00
org_secret.go Fix swagger response code (#2119) 2023-08-05 19:44:49 +02:00
orgs.go Add org list (#2338) 2023-08-28 11:15:16 +02:00
pipeline.go Add missing return (#2316) 2023-08-22 09:47:29 +02:00
registry.go Access repos by their ids (#1691) 2023-06-13 01:07:52 +02:00
repo.go Check permissions on repo lookup (#2357) 2023-08-30 16:35:34 +02:00
repo_secret.go Fix swagger response code (#2119) 2023-08-05 19:44:49 +02:00
signature_public_key.go Update swagger API specification (#1782) 2023-06-03 21:38:36 +02:00
stream.go Fix log view (#1874) 2023-07-01 18:55:00 +02:00
user.go Show that repo is disabled (#2340) 2023-08-28 18:57:44 +02:00
users.go Update swagger API specification (#1782) 2023-06-03 21:38:36 +02:00
z.go Update swagger API specification (#1782) 2023-06-03 21:38:36 +02:00