Skip to content

Commit a9af93c

Browse files
authored
Nuke the incorrect permission report on /api/v1/notifications (#19761)
The permissions created in convertRepo use a minimal perm.AccessModeRead instead of correctly computing the permission for the repository. This incorrect permission is then reported to the user. I do not believe that reporting the permissions is helpful and therefore I propose we simply null these out. The user can check their permissions using a different endpoint. Fix #19759 Signed-off-by: Andrew Thornton <[email protected]>
1 parent fd7d83a commit a9af93c

File tree

1 file changed

+5
-0
lines changed

1 file changed

+5
-0
lines changed

modules/convert/notification.go

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,11 @@ func ToNotificationThread(n *models.Notification) *api.NotificationThread {
2525
// since user only get notifications when he has access to use minimal access mode
2626
if n.Repository != nil {
2727
result.Repository = ToRepo(n.Repository, perm.AccessModeRead)
28+
29+
// This permission is not correct and we should not be reporting it
30+
for repository := result.Repository; repository != nil; repository = repository.Parent {
31+
repository.Permissions = nil
32+
}
2833
}
2934

3035
// handle Subject

0 commit comments

Comments
 (0)