oppi.li / perf-test
loading up the forgejo repo on tangled to test page performance
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Fixes an visual bug where the info box to dispatch a workflow is shown even for users that lack permissions to actualy run the workflow. (#4305)

Example: Visit https://v8.next.forgejo.org/Mai-Lapyst/test/actions?workflow=dispatch.yaml&actor=0&status=0 without being logged in.

![image](/attachments/98e74104-4d60-4f7f-b17c-7e76467cd397)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4305
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>

authored by

Mai-Lapyst
Mai-Lapyst and committed by
Earl Warren 98c8d45f c49afdf0

+13 -2
+3 -1
routers/web/repo/actions/actions.go
··· 95 95 allRunnerLabels.AddMultiple(r.AgentLabels...) 96 96 } 97 97 98 + canRun := ctx.Repo.CanWrite(unit.TypeActions) 99 + 98 100 workflows = make([]Workflow, 0, len(entries)) 99 101 for _, entry := range entries { 100 102 workflow := Workflow{Entry: *entry} ··· 146 148 } 147 149 workflows = append(workflows, workflow) 148 150 149 - if workflow.Entry.Name() == curWorkflow { 151 + if canRun && workflow.Entry.Name() == curWorkflow { 150 152 config := wf.WorkflowDispatchConfig() 151 153 if config != nil { 152 154 keys := util.KeysOfMap(config.Inputs)
+10 -1
tests/e2e/actions.test.e2e.js
··· 6 6 await login_user(browser, workerInfo, 'user2'); 7 7 }); 8 8 9 + const workflow_trigger_notification_text = 'This workflow has a workflow_dispatch event trigger.'; 10 + 9 11 test('Test workflow dispatch present', async ({browser}, workerInfo) => { 10 12 const context = await load_logged_in_context(browser, workerInfo, 'user2'); 11 13 /** @type {import('@playwright/test').Page} */ ··· 13 15 14 16 await page.goto('/user2/test_workflows/actions?workflow=test-dispatch.yml&actor=0&status=0'); 15 17 16 - await expect(page.getByText('This workflow has a workflow_dispatch event trigger.')).toBeVisible(); 18 + await expect(page.getByText(workflow_trigger_notification_text)).toBeVisible(); 17 19 18 20 const run_workflow_btn = page.locator('#workflow_dispatch_dropdown>button'); 19 21 await expect(run_workflow_btn).toBeVisible(); ··· 72 74 73 75 await expect(page.locator('.run-list>:first-child .run-list-meta', {hasText: 'now'})).toBeVisible(); 74 76 }); 77 + 78 + test('Test workflow dispatch box not available for unauthenticated users', async ({page}) => { 79 + await page.goto('/user2/test_workflows/actions?workflow=test-dispatch.yml&actor=0&status=0'); 80 + await page.waitForLoadState('networkidle'); 81 + 82 + await expect(page.locator('body')).not.toContainText(workflow_trigger_notification_text); 83 + });