forked from gitea/gitea
Fix missing check (#28406)
This commit is contained in:
parent
aeb383025f
commit
9a99c17a14
|
@ -193,16 +193,30 @@ func SoftDeleteContentHistory(ctx *context.Context) {
|
|||
var comment *issues_model.Comment
|
||||
var history *issues_model.ContentHistory
|
||||
var err error
|
||||
|
||||
if history, err = issues_model.GetIssueContentHistoryByID(ctx, historyID); err != nil {
|
||||
log.Error("can not get issue content history %v. err=%v", historyID, err)
|
||||
return
|
||||
}
|
||||
if history.IssueID != issue.ID {
|
||||
ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{})
|
||||
return
|
||||
}
|
||||
if commentID != 0 {
|
||||
if history.CommentID != commentID {
|
||||
ctx.NotFound("CompareCommentID", issues_model.ErrCommentNotExist{})
|
||||
return
|
||||
}
|
||||
|
||||
if comment, err = issues_model.GetCommentByID(ctx, commentID); err != nil {
|
||||
log.Error("can not get comment for issue content history %v. err=%v", historyID, err)
|
||||
return
|
||||
}
|
||||
}
|
||||
if history, err = issues_model.GetIssueContentHistoryByID(ctx, historyID); err != nil {
|
||||
log.Error("can not get issue content history %v. err=%v", historyID, err)
|
||||
if comment.IssueID != issue.ID {
|
||||
ctx.NotFound("CompareIssueID", issues_model.ErrCommentNotExist{})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
canSoftDelete := canSoftDeleteContentHistory(ctx, issue, comment, history)
|
||||
if !canSoftDelete {
|
||||
|
|
|
@ -90,6 +90,12 @@ func IssuePinMove(ctx *context.Context) {
|
|||
return
|
||||
}
|
||||
|
||||
if issue.RepoID != ctx.Repo.Repository.ID {
|
||||
ctx.Status(http.StatusNotFound)
|
||||
log.Error("Issue does not belong to this repository")
|
||||
return
|
||||
}
|
||||
|
||||
err = issue.MovePin(ctx, form.Position)
|
||||
if err != nil {
|
||||
ctx.Status(http.StatusInternalServerError)
|
||||
|
|
Loading…
Reference in New Issue