[GITEA] Fix NPE in UsernameSubRoute
- When the user is not found in `reloadparam`, early return when the user is not found to avoid calling `IsUserVisibleToViewer` which in turn avoids causing a NPE. - This fixes the case that a 500 error and 404 error is shown on the same page. - Add integration test for non-existant user RSS. - Regression byc6366089df
(cherry picked from commitf0e0696278
) (cherry picked from commit75d8066908
) (cherry picked from commit4d0a1e0637
) (cherry picked from commit5f40a485da
)
This commit is contained in:
parent
cbecdd618d
commit
c4cb7812e3
2 changed files with 23 additions and 11 deletions
|
@ -715,12 +715,15 @@ func UsernameSubRoute(ctx *context.Context) {
|
||||||
reloadParam := func(suffix string) (success bool) {
|
reloadParam := func(suffix string) (success bool) {
|
||||||
ctx.SetParams("username", strings.TrimSuffix(username, suffix))
|
ctx.SetParams("username", strings.TrimSuffix(username, suffix))
|
||||||
context_service.UserAssignmentWeb()(ctx)
|
context_service.UserAssignmentWeb()(ctx)
|
||||||
|
if ctx.Written() {
|
||||||
|
return false
|
||||||
|
}
|
||||||
// check view permissions
|
// check view permissions
|
||||||
if !user_model.IsUserVisibleToViewer(ctx, ctx.ContextUser, ctx.Doer) {
|
if !user_model.IsUserVisibleToViewer(ctx, ctx.ContextUser, ctx.Doer) {
|
||||||
ctx.NotFound("user", fmt.Errorf(ctx.ContextUser.Name))
|
ctx.NotFound("user", fmt.Errorf(ctx.ContextUser.Name))
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
return !ctx.Written()
|
return true
|
||||||
}
|
}
|
||||||
switch {
|
switch {
|
||||||
case strings.HasSuffix(username, ".png"):
|
case strings.HasSuffix(username, ".png"):
|
||||||
|
|
|
@ -243,6 +243,9 @@ func testExportUserGPGKeys(t *testing.T, user, expected string) {
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestGetUserRss(t *testing.T) {
|
func TestGetUserRss(t *testing.T) {
|
||||||
|
defer tests.PrepareTestEnv(t)()
|
||||||
|
|
||||||
|
t.Run("Normal", func(t *testing.T) {
|
||||||
user34 := "the_34-user.with.all.allowedChars"
|
user34 := "the_34-user.with.all.allowedChars"
|
||||||
req := NewRequestf(t, "GET", "/%s.rss", user34)
|
req := NewRequestf(t, "GET", "/%s.rss", user34)
|
||||||
resp := MakeRequest(t, req, http.StatusOK)
|
resp := MakeRequest(t, req, http.StatusOK)
|
||||||
|
@ -253,6 +256,12 @@ func TestGetUserRss(t *testing.T) {
|
||||||
description, _ := rssDoc.ChildrenFiltered("description").Html()
|
description, _ := rssDoc.ChildrenFiltered("description").Html()
|
||||||
assert.EqualValues(t, "<p dir="auto">some <a href="https://commonmark.org/" rel="nofollow">commonmark</a>!</p>\n", description)
|
assert.EqualValues(t, "<p dir="auto">some <a href="https://commonmark.org/" rel="nofollow">commonmark</a>!</p>\n", description)
|
||||||
}
|
}
|
||||||
|
})
|
||||||
|
t.Run("Non-existent user", func(t *testing.T) {
|
||||||
|
session := loginUser(t, "user2")
|
||||||
|
req := NewRequestf(t, "GET", "/non-existent-user.rss")
|
||||||
|
session.MakeRequest(t, req, http.StatusNotFound)
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestListStopWatches(t *testing.T) {
|
func TestListStopWatches(t *testing.T) {
|
||||||
|
|
Loading…
Reference in a new issue