Improve permission check of packages (#23879)

At first, we have one unified team unit permission which is called
`Team.Authorize` in DB.
But since https://github.com/go-gitea/gitea/pull/17811, we allowed
different units to have different permission.

The old code is only designed for the old version. So after #17811, if
org users have write permission of other units, but have no permission
of packages, they can also get write permission of packages.

Co-authored-by: delvh <dev.lh@web.de>
This commit is contained in:
yp05327
2023-04-06 23:18:29 +09:00
committed by GitHub
parent 5cb394ff2f
commit bbf83f5d4b
8 changed files with 63 additions and 26 deletions

View File

@ -75,3 +75,9 @@
uid: 31
org_id: 19
is_public: true
-
id: 14
uid: 5
org_id: 23
is_public: false

View File

@ -172,4 +172,15 @@
num_repos: 0
num_members: 0
includes_all_repositories: false
can_create_org_repo: true
can_create_org_repo: true
-
id: 17
org_id: 23
lower_name: team14writeauth
name: team14WriteAuth
authorize: 2 # write
num_repos: 0
num_members: 1
includes_all_repositories: false
can_create_org_repo: true

View File

@ -268,3 +268,9 @@
team_id: 9
type: 1 # code
access_mode: 1
-
id: 46
team_id: 17
type: 9 # package
access_mode: 0

View File

@ -99,3 +99,9 @@
org_id: 3
team_id: 14
uid: 2
-
id: 18
org_id: 23
team_id: 17
uid: 5

View File

@ -844,8 +844,8 @@
num_following: 0
num_stars: 0
num_repos: 2
num_teams: 1
num_members: 0
num_teams: 2
num_members: 1
visibility: 2
repo_admin_change_team_access: false
theme: ""