New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix package permission(Read and Write) is not as expected #30895
Conversation
…ad permission Co-authored-by: littleplus<11694750+littleplus@users.noreply.github.com> Signed-off-by: littleplus<11694750+littleplus@users.noreply.github.com>
Good catch. Can you add some tests for the PR? |
@lunny Where the test file should I create in? Is it |
Ideally the logic could be:
It is clearer than |
@wxiaoguang Of course, I have the same idea before, and I also notice that the duplicated code will bring more unmaintainability while trying to edit the logic of func |
Ping the original author @jolheiser |
For unit test, it's OK. |
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
By reading the code:
So
So the existing logic looks right. Could you explain why it doesn't work in your case? |
Yes, the code seem right, and I lost my first key and can not reproduce with new key. Looks like it's my mistake, I will close it first before I find the problem. |
I create an access token with package(Read and Write) permission from web:
Client Log:
Server Log:
However, I can't pull the image with the same token, and I find the code, where write token is not permitted to do read package:
gitea/routers/api/packages/api.go
Line 48 in d9b37d0