Merge pull request '[GITEA] Fix NPE in UsernameSubRoute' (#1981) from gusted/remove-magic into forgejo-dependency

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1981
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
This commit is contained in:
Gusted 2023-12-22 17:57:59 +00:00
commit b352893c93
2 changed files with 23 additions and 11 deletions

View file

@ -710,12 +710,15 @@ func UsernameSubRoute(ctx *context.Context) {
reloadParam := func(suffix string) (success bool) { reloadParam := func(suffix string) (success bool) {
ctx.SetParams("username", strings.TrimSuffix(username, suffix)) ctx.SetParams("username", strings.TrimSuffix(username, suffix))
context_service.UserAssignmentWeb()(ctx) context_service.UserAssignmentWeb()(ctx)
if ctx.Written() {
return false
}
// check view permissions // check view permissions
if !user_model.IsUserVisibleToViewer(ctx, ctx.ContextUser, ctx.Doer) { if !user_model.IsUserVisibleToViewer(ctx, ctx.ContextUser, ctx.Doer) {
ctx.NotFound("user", fmt.Errorf(ctx.ContextUser.Name)) ctx.NotFound("user", fmt.Errorf(ctx.ContextUser.Name))
return false return false
} }
return !ctx.Written() return true
} }
switch { switch {
case strings.HasSuffix(username, ".png"): case strings.HasSuffix(username, ".png"):

View file

@ -243,16 +243,25 @@ func testExportUserGPGKeys(t *testing.T, user, expected string) {
} }
func TestGetUserRss(t *testing.T) { func TestGetUserRss(t *testing.T) {
user34 := "the_34-user.with.all.allowedChars" defer tests.PrepareTestEnv(t)()
req := NewRequestf(t, "GET", "/%s.rss", user34)
resp := MakeRequest(t, req, http.StatusOK) t.Run("Normal", func(t *testing.T) {
if assert.EqualValues(t, "application/rss+xml;charset=utf-8", resp.Header().Get("Content-Type")) { user34 := "the_34-user.with.all.allowedChars"
rssDoc := NewHTMLParser(t, resp.Body).Find("channel") req := NewRequestf(t, "GET", "/%s.rss", user34)
title, _ := rssDoc.ChildrenFiltered("title").Html() resp := MakeRequest(t, req, http.StatusOK)
assert.EqualValues(t, "Feed of &#34;the_1-user.with.all.allowedChars&#34;", title) if assert.EqualValues(t, "application/rss+xml;charset=utf-8", resp.Header().Get("Content-Type")) {
description, _ := rssDoc.ChildrenFiltered("description").Html() rssDoc := NewHTMLParser(t, resp.Body).Find("channel")
assert.EqualValues(t, "&lt;p dir=&#34;auto&#34;&gt;some &lt;a href=&#34;https://commonmark.org/&#34; rel=&#34;nofollow&#34;&gt;commonmark&lt;/a&gt;!&lt;/p&gt;\n", description) title, _ := rssDoc.ChildrenFiltered("title").Html()
} assert.EqualValues(t, "Feed of &#34;the_1-user.with.all.allowedChars&#34;", title)
description, _ := rssDoc.ChildrenFiltered("description").Html()
assert.EqualValues(t, "&lt;p dir=&#34;auto&#34;&gt;some &lt;a href=&#34;https://commonmark.org/&#34; rel=&#34;nofollow&#34;&gt;commonmark&lt;/a&gt;!&lt;/p&gt;\n", description)
}
})
t.Run("Non-existent user", func(t *testing.T) {
session := loginUser(t, "user2")
req := NewRequestf(t, "GET", "/non-existent-user.rss")
session.MakeRequest(t, req, http.StatusNotFound)
})
} }
func TestListStopWatches(t *testing.T) { func TestListStopWatches(t *testing.T) {