fix(permissions): Fix reading permission (#37769) (#37781)

This commit is contained in:
Giteabot
2026-05-19 08:06:09 -07:00
committed by GitHub
parent 1b70a4451a
commit 6d2b02dac1
3 changed files with 38 additions and 3 deletions
@@ -8,6 +8,7 @@ import (
"net/http"
"testing"
auth_model "code.gitea.io/gitea/models/auth"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
@@ -179,3 +180,19 @@ func TestAPIRepoValidateIssueConfig(t *testing.T) {
assert.NotEmpty(t, issueConfigValidation.Message)
})
}
func TestAPIRepoIssueConfigRequiresCodeUnit(t *testing.T) {
defer tests.PrepareTestEnv(t)()
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 24})
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
token := getUserToken(t, user.Name, auth_model.AccessTokenScopeReadRepository)
for _, path := range []string{
fmt.Sprintf("/api/v1/repos/%s/issue_config", repo.FullName()),
fmt.Sprintf("/api/v1/repos/%s/issue_config/validate", repo.FullName()),
} {
req := NewRequest(t, "GET", path).AddTokenAuth(token)
MakeRequest(t, req, http.StatusForbidden)
}
}