1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-27 09:11:53 -05:00
forgejo/routers/api/v1/repo/issue_comment.go

687 lines
18 KiB
Go
Raw Normal View History

// Copyright 2015 The Gogs Authors. All rights reserved.
API add/generalize pagination (#9452) * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
2020-01-24 14:00:29 -05:00
// Copyright 2020 The Gitea Authors.
// SPDX-License-Identifier: MIT
2016-11-24 02:04:31 -05:00
package repo
import (
stdCtx "context"
"errors"
"net/http"
issues_model "code.gitea.io/gitea/models/issues"
access_model "code.gitea.io/gitea/models/perm/access"
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unit"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/context"
api "code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/util"
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 10:36:53 -05:00
"code.gitea.io/gitea/modules/web"
"code.gitea.io/gitea/routers/api/v1/utils"
"code.gitea.io/gitea/services/convert"
issue_service "code.gitea.io/gitea/services/issue"
)
2016-11-24 02:04:31 -05:00
// ListIssueComments list all the comments of an issue
func ListIssueComments(ctx *context.APIContext) {
// swagger:operation GET /repos/{owner}/{repo}/issues/{index}/comments issue issueGetComments
// ---
// summary: List all comments on an issue
// produces:
// - application/json
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
// - name: index
// in: path
// description: index of the issue
// type: integer
// format: int64
// required: true
// - name: since
// in: query
// description: if provided, only comments updated since the specified time are returned.
// type: string
// format: date-time
// - name: before
// in: query
// description: if provided, only comments updated before the provided time are returned.
// type: string
// format: date-time
// responses:
// "200":
// "$ref": "#/responses/CommentList"
// "404":
// "$ref": "#/responses/notFound"
before, since, err := context.GetQueryBeforeSince(ctx.Base)
if err != nil {
2020-11-14 09:05:40 -05:00
ctx.Error(http.StatusUnprocessableEntity, "GetQueryBeforeSince", err)
return
2016-08-26 16:40:53 -04:00
}
issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
if err != nil {
ctx.Error(http.StatusInternalServerError, "GetRawIssueByIndex", err)
return
}
if !ctx.Repo.CanReadIssuesOrPulls(issue.IsPull) {
ctx.NotFound()
return
}
issue.Repo = ctx.Repo.Repository
opts := &issues_model.FindCommentsOptions{
IssueID: issue.ID,
Since: since,
Before: before,
Type: issues_model.CommentTypeComment,
}
comments, err := issues_model.FindComments(ctx, opts)
2016-08-26 16:40:53 -04:00
if err != nil {
ctx.Error(http.StatusInternalServerError, "FindComments", err)
2016-08-26 16:40:53 -04:00
return
}
totalCount, err := issues_model.CountComments(ctx, opts)
if err != nil {
ctx.InternalServerError(err)
return
}
if err := comments.LoadPosters(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadPosters", err)
return
}
if err := comments.LoadAttachments(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadAttachments", err)
return
}
apiComments := make([]*api.Comment, len(comments))
for i, comment := range comments {
comment.Issue = issue
apiComments[i] = convert.ToAPIComment(ctx, ctx.Repo.Repository, comments[i])
}
ctx.SetTotalCountHeader(totalCount)
ctx.JSON(http.StatusOK, &apiComments)
}
// ListIssueCommentsAndTimeline list all the comments and events of an issue
func ListIssueCommentsAndTimeline(ctx *context.APIContext) {
// swagger:operation GET /repos/{owner}/{repo}/issues/{index}/timeline issue issueGetCommentsAndTimeline
// ---
// summary: List all comments and events on an issue
// produces:
// - application/json
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
// - name: index
// in: path
// description: index of the issue
// type: integer
// format: int64
// required: true
// - name: since
// in: query
// description: if provided, only comments updated since the specified time are returned.
// type: string
// format: date-time
// - name: page
// in: query
// description: page number of results to return (1-based)
// type: integer
// - name: limit
// in: query
// description: page size of results
// type: integer
// - name: before
// in: query
// description: if provided, only comments updated before the provided time are returned.
// type: string
// format: date-time
// responses:
// "200":
// "$ref": "#/responses/TimelineList"
// "404":
// "$ref": "#/responses/notFound"
before, since, err := context.GetQueryBeforeSince(ctx.Base)
if err != nil {
ctx.Error(http.StatusUnprocessableEntity, "GetQueryBeforeSince", err)
return
}
issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
if err != nil {
ctx.Error(http.StatusInternalServerError, "GetRawIssueByIndex", err)
return
}
issue.Repo = ctx.Repo.Repository
opts := &issues_model.FindCommentsOptions{
ListOptions: utils.GetListOptions(ctx),
IssueID: issue.ID,
Since: since,
Before: before,
Type: issues_model.CommentTypeUndefined,
}
comments, err := issues_model.FindComments(ctx, opts)
if err != nil {
ctx.Error(http.StatusInternalServerError, "FindComments", err)
return
}
if err := comments.LoadPosters(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadPosters", err)
return
}
var apiComments []*api.TimelineComment
for _, comment := range comments {
if comment.Type != issues_model.CommentTypeCode && isXRefCommentAccessible(ctx, ctx.Doer, comment, issue.RepoID) {
comment.Issue = issue
apiComments = append(apiComments, convert.ToTimelineComment(ctx, issue.Repo, comment, ctx.Doer))
}
}
ctx.SetTotalCountHeader(int64(len(apiComments)))
ctx.JSON(http.StatusOK, &apiComments)
}
func isXRefCommentAccessible(ctx stdCtx.Context, user *user_model.User, c *issues_model.Comment, issueRepoID int64) bool {
// Remove comments that the user has no permissions to see
if issues_model.CommentTypeIsRef(c.Type) && c.RefRepoID != issueRepoID && c.RefRepoID != 0 {
var err error
// Set RefRepo for description in template
c.RefRepo, err = repo_model.GetRepositoryByID(ctx, c.RefRepoID)
if err != nil {
return false
}
perm, err := access_model.GetUserRepoPermission(ctx, c.RefRepo, user)
if err != nil {
return false
}
if !perm.CanReadIssuesOrPulls(c.RefIsPull) {
return false
}
}
return true
}
// ListRepoIssueComments returns all issue-comments for a repo
func ListRepoIssueComments(ctx *context.APIContext) {
// swagger:operation GET /repos/{owner}/{repo}/issues/comments issue issueGetRepoComments
// ---
// summary: List all comments in a repository
// produces:
// - application/json
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
// - name: since
// in: query
// description: if provided, only comments updated since the provided time are returned.
// type: string
// format: date-time
// - name: before
// in: query
// description: if provided, only comments updated before the provided time are returned.
// type: string
// format: date-time
API add/generalize pagination (#9452) * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
2020-01-24 14:00:29 -05:00
// - name: page
// in: query
// description: page number of results to return (1-based)
// type: integer
// - name: limit
// in: query
// description: page size of results
API add/generalize pagination (#9452) * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
2020-01-24 14:00:29 -05:00
// type: integer
// responses:
// "200":
// "$ref": "#/responses/CommentList"
// "404":
// "$ref": "#/responses/notFound"
before, since, err := context.GetQueryBeforeSince(ctx.Base)
if err != nil {
2020-11-14 09:05:40 -05:00
ctx.Error(http.StatusUnprocessableEntity, "GetQueryBeforeSince", err)
return
}
var isPull util.OptionalBool
canReadIssue := ctx.Repo.CanRead(unit.TypeIssues)
canReadPull := ctx.Repo.CanRead(unit.TypePullRequests)
if canReadIssue && canReadPull {
isPull = util.OptionalBoolNone
} else if canReadIssue {
isPull = util.OptionalBoolFalse
} else if canReadPull {
isPull = util.OptionalBoolTrue
} else {
ctx.NotFound()
return
}
opts := &issues_model.FindCommentsOptions{
API add/generalize pagination (#9452) * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
2020-01-24 14:00:29 -05:00
ListOptions: utils.GetListOptions(ctx),
RepoID: ctx.Repo.Repository.ID,
Type: issues_model.CommentTypeComment,
API add/generalize pagination (#9452) * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
2020-01-24 14:00:29 -05:00
Since: since,
Before: before,
IsPull: isPull,
}
comments, err := issues_model.FindComments(ctx, opts)
if err != nil {
ctx.Error(http.StatusInternalServerError, "FindComments", err)
return
}
totalCount, err := issues_model.CountComments(ctx, opts)
if err != nil {
ctx.InternalServerError(err)
return
}
if err = comments.LoadPosters(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadPosters", err)
return
}
apiComments := make([]*api.Comment, len(comments))
if err := comments.LoadIssues(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadIssues", err)
return
}
if err := comments.LoadPosters(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadPosters", err)
return
}
if err := comments.LoadAttachments(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadAttachments", err)
return
}
if _, err := comments.Issues().LoadRepositories(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadRepositories", err)
return
}
for i := range comments {
apiComments[i] = convert.ToAPIComment(ctx, ctx.Repo.Repository, comments[i])
}
ctx.SetTotalCountHeader(totalCount)
ctx.JSON(http.StatusOK, &apiComments)
}
2016-11-24 02:04:31 -05:00
// CreateIssueComment create a comment for an issue
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 10:36:53 -05:00
func CreateIssueComment(ctx *context.APIContext) {
// swagger:operation POST /repos/{owner}/{repo}/issues/{index}/comments issue issueCreateComment
// ---
// summary: Add a comment to an issue
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
// - name: index
// in: path
// description: index of the issue
// type: integer
// format: int64
// required: true
// - name: body
// in: body
// schema:
// "$ref": "#/definitions/CreateIssueCommentOption"
// responses:
// "201":
// "$ref": "#/responses/Comment"
// "403":
// "$ref": "#/responses/forbidden"
// "404":
// "$ref": "#/responses/notFound"
// "423":
// "$ref": "#/responses/repoArchivedError"
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 10:36:53 -05:00
form := web.GetForm(ctx).(*api.CreateIssueCommentOption)
issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
if err != nil {
ctx.Error(http.StatusInternalServerError, "GetIssueByIndex", err)
return
}
if !ctx.Repo.CanReadIssuesOrPulls(issue.IsPull) {
ctx.NotFound()
return
}
if issue.IsLocked && !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) && !ctx.Doer.IsAdmin {
ctx.Error(http.StatusForbidden, "CreateIssueComment", errors.New(ctx.Tr("repo.issues.comment_on_locked")))
return
}
[FEAT] allow setting the update date on issues and comments This field adds the possibility to set the update date when modifying an issue through the API. A 'NoAutoDate' in-memory field is added in the Issue struct. If the update_at field is set, NoAutoDate is set to true and the Issue's UpdatedUnix field is filled. That information is passed down to the functions that actually updates the database, which have been modified to not auto update dates if requested. A guard is added to the 'EditIssue' API call, to checks that the udpate_at date is between the issue's creation date and the current date (to avoid 'malicious' changes). It also limits the new feature to project's owners and admins. (cherry picked from commit c524d33402c76bc4cccea2806f289e08a009baae) Add a SetIssueUpdateDate() function in services/issue.go That function is used by some API calls to set the NoAutoDate and UpdatedUnix fields of an Issue if an updated_at date is provided. (cherry picked from commit f061caa6555e0c9e922ee1e73dd2e4337360e9fe) Add an updated_at field to the API calls related to Issue's Labels. The update date is applied to the issue's comment created to inform about the modification of the issue's labels. (cherry picked from commit ea36cf80f58f0ab20c565a8f5d063b90fd741f97) Add an updated_at field to the API call for issue's attachment creation The update date is applied to the issue's comment created to inform about the modification of the issue's content, and is set as the asset creation date. (cherry picked from commit 96150971ca31b97e97e84d5f5eb95a177cc44e2e) Checking Issue changes, with and without providing an updated_at date Those unit tests are added: - TestAPIEditIssueWithAutoDate - TestAPIEditIssueWithNoAutoDate - TestAPIAddIssueLabelsWithAutoDate - TestAPIAddIssueLabelsWithNoAutoDate - TestAPICreateIssueAttachmentWithAutoDate - TestAPICreateIssueAttachmentWithNoAutoDate (cherry picked from commit 4926a5d7a28581003545256632213bf4136b193d) Add an updated_at field to the API call for issue's comment creation The update date is used as the comment creation date, and is applied to the issue as the update creation date. (cherry picked from commit 76c8faecdc6cba48ca4fe07d1a916d1f1a4b37b4) Add an updated_at field to the API call for issue's comment edition The update date is used as the comment update date, and is applied to the issue as an update date. (cherry picked from commit cf787ad7fdb8e6273fdc35d7b5cc164b400207e9) Add an updated_at field to the API call for comment's attachment creation The update date is applied to the comment, and is set as the asset creation date. (cherry picked from commit 1e4ff424d39db7a4256cd9abf9c58b8d3e1b5c14) Checking Comment changes, with and without providing an updated_at date Those unit tests are added: - TestAPICreateCommentWithAutoDate - TestAPICreateCommentWithNoAutoDate - TestAPIEditCommentWithAutoDate - TestAPIEditCommentWithNoAutoDate - TestAPICreateCommentAttachmentWithAutoDate - TestAPICreateCommentAttachmentWithNoAutoDate (cherry picked from commit da932152f1deb3039a399516a51c8b6757059c91) Pettier code to set the update time of comments Now uses sess.AllCols().NoAutoToime().SetExpr("updated_unix", ...) XORM is smart enough to compose one single SQL UPDATE which all columns + updated_unix. (cherry picked from commit 1f6a42808dd739c0c2e49e6b7ae2967f120f43c2) Issue edition: Keep the max of the milestone and issue update dates. When editing an issue via the API, an updated_at date can be provided. If the EditIssue call changes the issue's milestone, the milestone's update date is to be changed accordingly, but only with a greater value. This ensures that a milestone's update date is the max of all issue's update dates. (cherry picked from commit 8f22ea182e6b49e933dc6534040160dd739ff18a) Rewrite the 'AutoDate' tests using subtests Also add a test to check the permissions to set a date, and a test to check update dates on milestones. The tests related to 'AutoDate' are: - TestAPIEditIssueAutoDate - TestAPIAddIssueLabelsAutoDate - TestAPIEditIssueMilestoneAutoDate - TestAPICreateIssueAttachmentAutoDate - TestAPICreateCommentAutoDate - TestAPIEditCommentWithDate - TestAPICreateCommentAttachmentAutoDate (cherry picked from commit 961fd13c551b3e50040acb7c914a00ead92de63f) (cherry picked from commit d52f4eea44692ee773010cb66a69a603663947d5) (cherry picked from commit 3540ea2a43155ca8cf5ab1a4a246babfb829db16) Conflicts: services/issue/issue.go https://codeberg.org/forgejo/forgejo/pulls/1415 (cherry picked from commit 56720ade008c09122d825959171aa5346d645987) Conflicts: routers/api/v1/repo/issue_label.go https://codeberg.org/forgejo/forgejo/pulls/1462 (cherry picked from commit 47c78927d6c7e7a50298fa67efad1e73723a0981) (cherry picked from commit 2030f3b965cde401976821083c3250b404954ecc) (cherry picked from commit f02aeb76981cd688ceaf6613f142a8a725be1437) Conflicts: routers/api/v1/repo/issue_attachment.go routers/api/v1/repo/issue_comment_attachment.go https://codeberg.org/forgejo/forgejo/pulls/1575 (cherry picked from commit d072525b35e44faf7ff87143c0e52b8ba8a625c8) (cherry picked from commit 8424d0ab3df75ac3ffa30f42d398e22995ada5e7) (cherry picked from commit 5cc62caec788b54afd9da5b9193ce06ee8ec562b) (cherry picked from commit d6300d5dcd01c7ddc65d8b0f326f9c19cb53b58e) [FEAT] allow setting the update date on issues and comments (squash) apply the 'update_at' value to the cross-ref comments (#1676) [this is a follow-up to PR #764] When a comment of issue A referencing issue B is added with a forced 'updated_at' date, that date has to be applied to the comment created in issue B. ----- Comment: While trying my 'RoundUp migration script', I found that this case was forgotten in PR #764 - my apologies... I'll try to write a functional test, base on models/issues/issue_xref_test.go Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1676 Co-authored-by: fluzz <fluzz@freedroid.org> Co-committed-by: fluzz <fluzz@freedroid.org> (cherry picked from commit ac4f727f63a2dd746dd84a31ebf7f70d5b5d7c52) (cherry picked from commit 5110476ee9010ba8cdca0e0f37f765f8800e9fe1) (cherry picked from commit 77ba6be1dab4f6f3678d79a394da56e6447ebbe1) (cherry picked from commit 9c8337b5c442cfd72d97597c2089e776f42828b7) (cherry picked from commit 1d689eb686f0f7df09c7861b3faf9d8683cb933b) (cherry picked from commit 511c519c875a4c4e65c02ef0c4e3b941f4da4371) (cherry picked from commit 2f0b4a8f610837d34844bb79cda1360ab23b6b1c) (cherry picked from commit fdd4da111c449322901a0acf6d0857eac4716581) [FEAT] allow setting the update date on issues and comments (squash) do not use token= query param See https://codeberg.org/forgejo/forgejo/commit/33439b733a (cherry picked from commit c5139a75b9e4af612a628171bd4f63a24860c272) (cherry picked from commit c7b572c35d3e9e22017fd74045bcdc1109bd06df) (cherry picked from commit aec7503ff6dd177980f3d9f367122ffc2fec8986) (cherry picked from commit 87c65f2a490faeccb85088fa0981dd50f7199eb8) (cherry picked from commit bd47ee33c20e53ae616a7e53d63c3b51809585fb) (cherry picked from commit f3dbd90a747c14fb1b5b4271db6c10abbf86d586)
2023-10-09 13:07:47 -04:00
err = issue_service.SetIssueUpdateDate(ctx, issue, form.Updated, ctx.Doer)
if err != nil {
ctx.Error(http.StatusForbidden, "SetIssueUpdateDate", err)
return
}
comment, err := issue_service.CreateIssueComment(ctx, ctx.Doer, ctx.Repo.Repository, issue, form.Body, nil)
if err != nil {
ctx.Error(http.StatusInternalServerError, "CreateIssueComment", err)
return
}
ctx.JSON(http.StatusCreated, convert.ToAPIComment(ctx, ctx.Repo.Repository, comment))
}
// GetIssueComment Get a comment by ID
func GetIssueComment(ctx *context.APIContext) {
// swagger:operation GET /repos/{owner}/{repo}/issues/comments/{id} issue issueGetComment
// ---
// summary: Get a comment
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
// - name: id
// in: path
// description: id of the comment
// type: integer
// format: int64
// required: true
// responses:
// "200":
// "$ref": "#/responses/Comment"
// "204":
// "$ref": "#/responses/empty"
// "403":
// "$ref": "#/responses/forbidden"
// "404":
// "$ref": "#/responses/notFound"
[GITEA] API commentAssignment() to verify the id belongs Instead of repeating the tests that verify the ID of a comment is related to the repository of the API endpoint, add the middleware function commentAssignment() to assign ctx.Comment if the ID of the comment is verified to be related to the repository. There already are integration tests for cases of potential unrelated comment IDs that cover some of the modified endpoints which covers the commentAssignment() function logic. * TestAPICommentReactions - GetIssueCommentReactions * TestAPICommentReactions - PostIssueCommentReaction * TestAPICommentReactions - DeleteIssueCommentReaction * TestAPIEditComment - EditIssueComment * TestAPIDeleteComment - DeleteIssueComment * TestAPIGetCommentAttachment - GetIssueCommentAttachment The other modified endpoints do not have tests to verify cases of potential unrelated comment IDs. They no longer need to because they no longer implement the logic to enforce this. They however all have integration tests that verify the commentAssignment() they now rely on does not introduce a regression. * TestAPIGetComment - GetIssueComment * TestAPIListCommentAttachments - ListIssueCommentAttachments * TestAPICreateCommentAttachment - CreateIssueCommentAttachment * TestAPIEditCommentAttachment - EditIssueCommentAttachment * TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment (cherry picked from commit d414376d749041da1be288c02fdaa24fddeafd5c) (cherry picked from commit 09db07aeaed167edc66cb832b0aa54b31d14f0d8) (cherry picked from commit f44830c3cba0b9416505a2b0b560cfa096ffeb7c) Conflicts: modules/context/api.go https://codeberg.org/forgejo/forgejo/pulls/2249 (cherry picked from commit 9d1bf7be15420ce4ca6e92a8bd048d483172de3b)
2024-01-11 05:54:16 -05:00
comment := ctx.Comment
if comment.Type != issues_model.CommentTypeComment {
ctx.Status(http.StatusNoContent)
return
}
if err := comment.LoadPoster(ctx); err != nil {
ctx.Error(http.StatusInternalServerError, "comment.LoadPoster", err)
return
}
ctx.JSON(http.StatusOK, convert.ToAPIComment(ctx, ctx.Repo.Repository, comment))
}
2016-11-24 02:04:31 -05:00
// EditIssueComment modify a comment of an issue
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 10:36:53 -05:00
func EditIssueComment(ctx *context.APIContext) {
2017-11-20 02:24:07 -05:00
// swagger:operation PATCH /repos/{owner}/{repo}/issues/comments/{id} issue issueEditComment
// ---
// summary: Edit a comment
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
// - name: id
// in: path
// description: id of the comment to edit
// type: integer
// format: int64
// required: true
// - name: body
// in: body
// schema:
// "$ref": "#/definitions/EditIssueCommentOption"
// responses:
// "200":
// "$ref": "#/responses/Comment"
// "204":
// "$ref": "#/responses/empty"
// "403":
// "$ref": "#/responses/forbidden"
// "404":
// "$ref": "#/responses/notFound"
// "423":
// "$ref": "#/responses/repoArchivedError"
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 10:36:53 -05:00
form := web.GetForm(ctx).(*api.EditIssueCommentOption)
editIssueComment(ctx, *form)
2017-11-20 02:24:07 -05:00
}
// EditIssueCommentDeprecated modify a comment of an issue
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 10:36:53 -05:00
func EditIssueCommentDeprecated(ctx *context.APIContext) {
2017-11-20 02:24:07 -05:00
// swagger:operation PATCH /repos/{owner}/{repo}/issues/{index}/comments/{id} issue issueEditCommentDeprecated
// ---
// summary: Edit a comment
// deprecated: true
// consumes:
// - application/json
// produces:
// - application/json
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
// - name: index
// in: path
// description: this parameter is ignored
// type: integer
// required: true
// - name: id
// in: path
// description: id of the comment to edit
// type: integer
// format: int64
2017-11-20 02:24:07 -05:00
// required: true
// - name: body
// in: body
// schema:
// "$ref": "#/definitions/EditIssueCommentOption"
// responses:
// "200":
// "$ref": "#/responses/Comment"
// "204":
// "$ref": "#/responses/empty"
// "403":
// "$ref": "#/responses/forbidden"
// "404":
// "$ref": "#/responses/notFound"
Move macaron to chi (#14293) Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR. - [x] Define `context.ResponseWriter` interface with an implementation `context.Response`. - [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before. - [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic . - [x] Use https://github.com/unrolled/render instead of macaron's internal render - [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip - [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK** - [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha - [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache - [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding - [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors - [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation` - [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle. - [x] Removed macaron log service because it's not need any more. **BREAK** - [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition. - [x] Move Git HTTP protocol implementation to use routers directly. - [x] Fix the problem that chi routes don't support trailing slash but macaron did. - [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. Notices: - Chi router don't support request with trailing slash - Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI. Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 10:36:53 -05:00
form := web.GetForm(ctx).(*api.EditIssueCommentOption)
editIssueComment(ctx, *form)
2017-11-20 02:24:07 -05:00
}
func editIssueComment(ctx *context.APIContext, form api.EditIssueCommentOption) {
[GITEA] API commentAssignment() to verify the id belongs Instead of repeating the tests that verify the ID of a comment is related to the repository of the API endpoint, add the middleware function commentAssignment() to assign ctx.Comment if the ID of the comment is verified to be related to the repository. There already are integration tests for cases of potential unrelated comment IDs that cover some of the modified endpoints which covers the commentAssignment() function logic. * TestAPICommentReactions - GetIssueCommentReactions * TestAPICommentReactions - PostIssueCommentReaction * TestAPICommentReactions - DeleteIssueCommentReaction * TestAPIEditComment - EditIssueComment * TestAPIDeleteComment - DeleteIssueComment * TestAPIGetCommentAttachment - GetIssueCommentAttachment The other modified endpoints do not have tests to verify cases of potential unrelated comment IDs. They no longer need to because they no longer implement the logic to enforce this. They however all have integration tests that verify the commentAssignment() they now rely on does not introduce a regression. * TestAPIGetComment - GetIssueComment * TestAPIListCommentAttachments - ListIssueCommentAttachments * TestAPICreateCommentAttachment - CreateIssueCommentAttachment * TestAPIEditCommentAttachment - EditIssueCommentAttachment * TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment (cherry picked from commit d414376d749041da1be288c02fdaa24fddeafd5c) (cherry picked from commit 09db07aeaed167edc66cb832b0aa54b31d14f0d8) (cherry picked from commit f44830c3cba0b9416505a2b0b560cfa096ffeb7c) Conflicts: modules/context/api.go https://codeberg.org/forgejo/forgejo/pulls/2249 (cherry picked from commit 9d1bf7be15420ce4ca6e92a8bd048d483172de3b)
2024-01-11 05:54:16 -05:00
comment := ctx.Comment
if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) {
ctx.Status(http.StatusForbidden)
return
}
if !comment.Type.HasContentSupport() {
ctx.Status(http.StatusNoContent)
return
}
[GITEA] API commentAssignment() to verify the id belongs Instead of repeating the tests that verify the ID of a comment is related to the repository of the API endpoint, add the middleware function commentAssignment() to assign ctx.Comment if the ID of the comment is verified to be related to the repository. There already are integration tests for cases of potential unrelated comment IDs that cover some of the modified endpoints which covers the commentAssignment() function logic. * TestAPICommentReactions - GetIssueCommentReactions * TestAPICommentReactions - PostIssueCommentReaction * TestAPICommentReactions - DeleteIssueCommentReaction * TestAPIEditComment - EditIssueComment * TestAPIDeleteComment - DeleteIssueComment * TestAPIGetCommentAttachment - GetIssueCommentAttachment The other modified endpoints do not have tests to verify cases of potential unrelated comment IDs. They no longer need to because they no longer implement the logic to enforce this. They however all have integration tests that verify the commentAssignment() they now rely on does not introduce a regression. * TestAPIGetComment - GetIssueComment * TestAPIListCommentAttachments - ListIssueCommentAttachments * TestAPICreateCommentAttachment - CreateIssueCommentAttachment * TestAPIEditCommentAttachment - EditIssueCommentAttachment * TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment (cherry picked from commit d414376d749041da1be288c02fdaa24fddeafd5c) (cherry picked from commit 09db07aeaed167edc66cb832b0aa54b31d14f0d8) (cherry picked from commit f44830c3cba0b9416505a2b0b560cfa096ffeb7c) Conflicts: modules/context/api.go https://codeberg.org/forgejo/forgejo/pulls/2249 (cherry picked from commit 9d1bf7be15420ce4ca6e92a8bd048d483172de3b)
2024-01-11 05:54:16 -05:00
err := comment.LoadIssue(ctx)
[FEAT] allow setting the update date on issues and comments This field adds the possibility to set the update date when modifying an issue through the API. A 'NoAutoDate' in-memory field is added in the Issue struct. If the update_at field is set, NoAutoDate is set to true and the Issue's UpdatedUnix field is filled. That information is passed down to the functions that actually updates the database, which have been modified to not auto update dates if requested. A guard is added to the 'EditIssue' API call, to checks that the udpate_at date is between the issue's creation date and the current date (to avoid 'malicious' changes). It also limits the new feature to project's owners and admins. (cherry picked from commit c524d33402c76bc4cccea2806f289e08a009baae) Add a SetIssueUpdateDate() function in services/issue.go That function is used by some API calls to set the NoAutoDate and UpdatedUnix fields of an Issue if an updated_at date is provided. (cherry picked from commit f061caa6555e0c9e922ee1e73dd2e4337360e9fe) Add an updated_at field to the API calls related to Issue's Labels. The update date is applied to the issue's comment created to inform about the modification of the issue's labels. (cherry picked from commit ea36cf80f58f0ab20c565a8f5d063b90fd741f97) Add an updated_at field to the API call for issue's attachment creation The update date is applied to the issue's comment created to inform about the modification of the issue's content, and is set as the asset creation date. (cherry picked from commit 96150971ca31b97e97e84d5f5eb95a177cc44e2e) Checking Issue changes, with and without providing an updated_at date Those unit tests are added: - TestAPIEditIssueWithAutoDate - TestAPIEditIssueWithNoAutoDate - TestAPIAddIssueLabelsWithAutoDate - TestAPIAddIssueLabelsWithNoAutoDate - TestAPICreateIssueAttachmentWithAutoDate - TestAPICreateIssueAttachmentWithNoAutoDate (cherry picked from commit 4926a5d7a28581003545256632213bf4136b193d) Add an updated_at field to the API call for issue's comment creation The update date is used as the comment creation date, and is applied to the issue as the update creation date. (cherry picked from commit 76c8faecdc6cba48ca4fe07d1a916d1f1a4b37b4) Add an updated_at field to the API call for issue's comment edition The update date is used as the comment update date, and is applied to the issue as an update date. (cherry picked from commit cf787ad7fdb8e6273fdc35d7b5cc164b400207e9) Add an updated_at field to the API call for comment's attachment creation The update date is applied to the comment, and is set as the asset creation date. (cherry picked from commit 1e4ff424d39db7a4256cd9abf9c58b8d3e1b5c14) Checking Comment changes, with and without providing an updated_at date Those unit tests are added: - TestAPICreateCommentWithAutoDate - TestAPICreateCommentWithNoAutoDate - TestAPIEditCommentWithAutoDate - TestAPIEditCommentWithNoAutoDate - TestAPICreateCommentAttachmentWithAutoDate - TestAPICreateCommentAttachmentWithNoAutoDate (cherry picked from commit da932152f1deb3039a399516a51c8b6757059c91) Pettier code to set the update time of comments Now uses sess.AllCols().NoAutoToime().SetExpr("updated_unix", ...) XORM is smart enough to compose one single SQL UPDATE which all columns + updated_unix. (cherry picked from commit 1f6a42808dd739c0c2e49e6b7ae2967f120f43c2) Issue edition: Keep the max of the milestone and issue update dates. When editing an issue via the API, an updated_at date can be provided. If the EditIssue call changes the issue's milestone, the milestone's update date is to be changed accordingly, but only with a greater value. This ensures that a milestone's update date is the max of all issue's update dates. (cherry picked from commit 8f22ea182e6b49e933dc6534040160dd739ff18a) Rewrite the 'AutoDate' tests using subtests Also add a test to check the permissions to set a date, and a test to check update dates on milestones. The tests related to 'AutoDate' are: - TestAPIEditIssueAutoDate - TestAPIAddIssueLabelsAutoDate - TestAPIEditIssueMilestoneAutoDate - TestAPICreateIssueAttachmentAutoDate - TestAPICreateCommentAutoDate - TestAPIEditCommentWithDate - TestAPICreateCommentAttachmentAutoDate (cherry picked from commit 961fd13c551b3e50040acb7c914a00ead92de63f) (cherry picked from commit d52f4eea44692ee773010cb66a69a603663947d5) (cherry picked from commit 3540ea2a43155ca8cf5ab1a4a246babfb829db16) Conflicts: services/issue/issue.go https://codeberg.org/forgejo/forgejo/pulls/1415 (cherry picked from commit 56720ade008c09122d825959171aa5346d645987) Conflicts: routers/api/v1/repo/issue_label.go https://codeberg.org/forgejo/forgejo/pulls/1462 (cherry picked from commit 47c78927d6c7e7a50298fa67efad1e73723a0981) (cherry picked from commit 2030f3b965cde401976821083c3250b404954ecc) (cherry picked from commit f02aeb76981cd688ceaf6613f142a8a725be1437) Conflicts: routers/api/v1/repo/issue_attachment.go routers/api/v1/repo/issue_comment_attachment.go https://codeberg.org/forgejo/forgejo/pulls/1575 (cherry picked from commit d072525b35e44faf7ff87143c0e52b8ba8a625c8) (cherry picked from commit 8424d0ab3df75ac3ffa30f42d398e22995ada5e7) (cherry picked from commit 5cc62caec788b54afd9da5b9193ce06ee8ec562b) (cherry picked from commit d6300d5dcd01c7ddc65d8b0f326f9c19cb53b58e) [FEAT] allow setting the update date on issues and comments (squash) apply the 'update_at' value to the cross-ref comments (#1676) [this is a follow-up to PR #764] When a comment of issue A referencing issue B is added with a forced 'updated_at' date, that date has to be applied to the comment created in issue B. ----- Comment: While trying my 'RoundUp migration script', I found that this case was forgotten in PR #764 - my apologies... I'll try to write a functional test, base on models/issues/issue_xref_test.go Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1676 Co-authored-by: fluzz <fluzz@freedroid.org> Co-committed-by: fluzz <fluzz@freedroid.org> (cherry picked from commit ac4f727f63a2dd746dd84a31ebf7f70d5b5d7c52) (cherry picked from commit 5110476ee9010ba8cdca0e0f37f765f8800e9fe1) (cherry picked from commit 77ba6be1dab4f6f3678d79a394da56e6447ebbe1) (cherry picked from commit 9c8337b5c442cfd72d97597c2089e776f42828b7) (cherry picked from commit 1d689eb686f0f7df09c7861b3faf9d8683cb933b) (cherry picked from commit 511c519c875a4c4e65c02ef0c4e3b941f4da4371) (cherry picked from commit 2f0b4a8f610837d34844bb79cda1360ab23b6b1c) (cherry picked from commit fdd4da111c449322901a0acf6d0857eac4716581) [FEAT] allow setting the update date on issues and comments (squash) do not use token= query param See https://codeberg.org/forgejo/forgejo/commit/33439b733a (cherry picked from commit c5139a75b9e4af612a628171bd4f63a24860c272) (cherry picked from commit c7b572c35d3e9e22017fd74045bcdc1109bd06df) (cherry picked from commit aec7503ff6dd177980f3d9f367122ffc2fec8986) (cherry picked from commit 87c65f2a490faeccb85088fa0981dd50f7199eb8) (cherry picked from commit bd47ee33c20e53ae616a7e53d63c3b51809585fb) (cherry picked from commit f3dbd90a747c14fb1b5b4271db6c10abbf86d586)
2023-10-09 13:07:47 -04:00
if err != nil {
ctx.Error(http.StatusInternalServerError, "LoadIssue", err)
return
}
err = issue_service.SetIssueUpdateDate(ctx, comment.Issue, form.Updated, ctx.Doer)
if err != nil {
ctx.Error(http.StatusForbidden, "SetIssueUpdateDate", err)
return
}
oldContent := comment.Content
comment.Content = form.Body
if err := issue_service.UpdateComment(ctx, comment, ctx.Doer, oldContent); err != nil {
ctx.Error(http.StatusInternalServerError, "UpdateComment", err)
return
}
ctx.JSON(http.StatusOK, convert.ToAPIComment(ctx, ctx.Repo.Repository, comment))
}
// DeleteIssueComment delete a comment from an issue
func DeleteIssueComment(ctx *context.APIContext) {
2017-11-20 02:24:07 -05:00
// swagger:operation DELETE /repos/{owner}/{repo}/issues/comments/{id} issue issueDeleteComment
// ---
// summary: Delete a comment
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
// - name: id
// in: path
// description: id of comment to delete
// type: integer
// format: int64
2017-11-20 02:24:07 -05:00
// required: true
// responses:
// "204":
// "$ref": "#/responses/empty"
// "403":
// "$ref": "#/responses/forbidden"
// "404":
// "$ref": "#/responses/notFound"
2017-11-20 02:24:07 -05:00
deleteIssueComment(ctx)
}
// DeleteIssueCommentDeprecated delete a comment from an issue
func DeleteIssueCommentDeprecated(ctx *context.APIContext) {
// swagger:operation DELETE /repos/{owner}/{repo}/issues/{index}/comments/{id} issue issueDeleteCommentDeprecated
// ---
// summary: Delete a comment
2017-11-20 02:24:07 -05:00
// deprecated: true
// parameters:
// - name: owner
// in: path
// description: owner of the repo
// type: string
// required: true
// - name: repo
// in: path
// description: name of the repo
// type: string
// required: true
2017-11-20 02:24:07 -05:00
// - name: index
// in: path
// description: this parameter is ignored
// type: integer
// required: true
// - name: id
// in: path
// description: id of comment to delete
// type: integer
// format: int64
// required: true
// responses:
// "204":
// "$ref": "#/responses/empty"
// "403":
// "$ref": "#/responses/forbidden"
// "404":
// "$ref": "#/responses/notFound"
2017-11-20 02:24:07 -05:00
deleteIssueComment(ctx)
}
func deleteIssueComment(ctx *context.APIContext) {
[GITEA] API commentAssignment() to verify the id belongs Instead of repeating the tests that verify the ID of a comment is related to the repository of the API endpoint, add the middleware function commentAssignment() to assign ctx.Comment if the ID of the comment is verified to be related to the repository. There already are integration tests for cases of potential unrelated comment IDs that cover some of the modified endpoints which covers the commentAssignment() function logic. * TestAPICommentReactions - GetIssueCommentReactions * TestAPICommentReactions - PostIssueCommentReaction * TestAPICommentReactions - DeleteIssueCommentReaction * TestAPIEditComment - EditIssueComment * TestAPIDeleteComment - DeleteIssueComment * TestAPIGetCommentAttachment - GetIssueCommentAttachment The other modified endpoints do not have tests to verify cases of potential unrelated comment IDs. They no longer need to because they no longer implement the logic to enforce this. They however all have integration tests that verify the commentAssignment() they now rely on does not introduce a regression. * TestAPIGetComment - GetIssueComment * TestAPIListCommentAttachments - ListIssueCommentAttachments * TestAPICreateCommentAttachment - CreateIssueCommentAttachment * TestAPIEditCommentAttachment - EditIssueCommentAttachment * TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment (cherry picked from commit d414376d749041da1be288c02fdaa24fddeafd5c) (cherry picked from commit 09db07aeaed167edc66cb832b0aa54b31d14f0d8) (cherry picked from commit f44830c3cba0b9416505a2b0b560cfa096ffeb7c) Conflicts: modules/context/api.go https://codeberg.org/forgejo/forgejo/pulls/2249 (cherry picked from commit 9d1bf7be15420ce4ca6e92a8bd048d483172de3b)
2024-01-11 05:54:16 -05:00
comment := ctx.Comment
if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) {
ctx.Status(http.StatusForbidden)
return
} else if comment.Type != issues_model.CommentTypeComment {
ctx.Status(http.StatusNoContent)
return
}
[GITEA] API commentAssignment() to verify the id belongs Instead of repeating the tests that verify the ID of a comment is related to the repository of the API endpoint, add the middleware function commentAssignment() to assign ctx.Comment if the ID of the comment is verified to be related to the repository. There already are integration tests for cases of potential unrelated comment IDs that cover some of the modified endpoints which covers the commentAssignment() function logic. * TestAPICommentReactions - GetIssueCommentReactions * TestAPICommentReactions - PostIssueCommentReaction * TestAPICommentReactions - DeleteIssueCommentReaction * TestAPIEditComment - EditIssueComment * TestAPIDeleteComment - DeleteIssueComment * TestAPIGetCommentAttachment - GetIssueCommentAttachment The other modified endpoints do not have tests to verify cases of potential unrelated comment IDs. They no longer need to because they no longer implement the logic to enforce this. They however all have integration tests that verify the commentAssignment() they now rely on does not introduce a regression. * TestAPIGetComment - GetIssueComment * TestAPIListCommentAttachments - ListIssueCommentAttachments * TestAPICreateCommentAttachment - CreateIssueCommentAttachment * TestAPIEditCommentAttachment - EditIssueCommentAttachment * TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment (cherry picked from commit d414376d749041da1be288c02fdaa24fddeafd5c) (cherry picked from commit 09db07aeaed167edc66cb832b0aa54b31d14f0d8) (cherry picked from commit f44830c3cba0b9416505a2b0b560cfa096ffeb7c) Conflicts: modules/context/api.go https://codeberg.org/forgejo/forgejo/pulls/2249 (cherry picked from commit 9d1bf7be15420ce4ca6e92a8bd048d483172de3b)
2024-01-11 05:54:16 -05:00
if err := issue_service.DeleteComment(ctx, ctx.Doer, comment); err != nil {
ctx.Error(http.StatusInternalServerError, "DeleteCommentByID", err)
return
}
ctx.Status(http.StatusNoContent)
}