loading up the forgejo repo on tangled to test page performance
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge pull request '[PORT] gitea#30406: Check the token's owner and repository when registering a runner' (#3257) from algernon/forgejo:gitea/port/30406 into forgejo

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3257
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>

+19
+3
models/organization/org.go
··· 9 9 "fmt" 10 10 "strings" 11 11 12 + actions_model "code.gitea.io/gitea/models/actions" 12 13 "code.gitea.io/gitea/models/db" 13 14 "code.gitea.io/gitea/models/perm" 14 15 repo_model "code.gitea.io/gitea/models/repo" ··· 401 402 &TeamUnit{OrgID: org.ID}, 402 403 &TeamInvite{OrgID: org.ID}, 403 404 &secret_model.Secret{OwnerID: org.ID}, 405 + &actions_model.ActionRunner{OwnerID: org.ID}, 406 + &actions_model.ActionRunnerToken{OwnerID: org.ID}, 404 407 ); err != nil { 405 408 return fmt.Errorf("DeleteBeans: %w", err) 406 409 }
+14
routers/api/actions/runner/runner.go
··· 9 9 "net/http" 10 10 11 11 actions_model "code.gitea.io/gitea/models/actions" 12 + repo_model "code.gitea.io/gitea/models/repo" 13 + user_model "code.gitea.io/gitea/models/user" 12 14 "code.gitea.io/gitea/modules/actions" 13 15 "code.gitea.io/gitea/modules/log" 14 16 "code.gitea.io/gitea/modules/util" ··· 52 54 53 55 if !runnerToken.IsActive { 54 56 return nil, errors.New("runner registration token has been invalidated, please use the latest one") 57 + } 58 + 59 + if runnerToken.OwnerID > 0 { 60 + if _, err := user_model.GetUserByID(ctx, runnerToken.OwnerID); err != nil { 61 + return nil, errors.New("owner of the token not found") 62 + } 63 + } 64 + 65 + if runnerToken.RepoID > 0 { 66 + if _, err := repo_model.GetRepositoryByID(ctx, runnerToken.RepoID); err != nil { 67 + return nil, errors.New("repository of the token not found") 68 + } 55 69 } 56 70 57 71 labels := req.Msg.Labels
+1
services/repository/delete.go
··· 163 163 &actions_model.ActionSchedule{RepoID: repoID}, 164 164 &actions_model.ActionArtifact{RepoID: repoID}, 165 165 &repo_model.RepoArchiveDownloadCount{RepoID: repoID}, 166 + &actions_model.ActionRunnerToken{RepoID: repoID}, 166 167 ); err != nil { 167 168 return fmt.Errorf("deleteBeans: %w", err) 168 169 }
+1
services/user/delete.go
··· 95 95 &actions_model.ActionRunner{OwnerID: u.ID}, 96 96 &user_model.BlockedUser{BlockID: u.ID}, 97 97 &user_model.BlockedUser{UserID: u.ID}, 98 + &actions_model.ActionRunnerToken{OwnerID: u.ID}, 98 99 ); err != nil { 99 100 return fmt.Errorf("deleteBeans: %w", err) 100 101 }