Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[API] Convert User expose ID each time #12855

Merged
merged 13 commits into from Sep 17, 2020
Merged

[API] Convert User expose ID each time #12855

merged 13 commits into from Sep 17, 2020

Conversation

6543
Copy link
Member

@6543 6543 commented Sep 15, 2020

fix #12846

@6543 6543 added backport/v1.12 modifies/api This PR adds API routes or modifies them type/bug labels Sep 15, 2020
@6543 6543 added this to the 1.13.0 milestone Sep 15, 2020
This was referenced Sep 15, 2020
Merged
Closed
@codecov-commenter
Copy link

codecov-commenter commented Sep 15, 2020
edited

Codecov Report

Merging #12855 into master will increase coverage by 0.00%.
The diff coverage is 100.00%.

Impacted file tree graph

@@           Coverage Diff           @@
##           master   #12855   +/-   ##
=======================================
  Coverage   43.09%   43.10%           
=======================================
  Files         655      656    +1     
  Lines       72347    72348    +1     
=======================================
+ Hits        31181    31183    +2     
+ Misses      36115    36113    -2     
- Partials     5051     5052    +1
Impacted Files Coverage Δ
modules/convert/convert.go 75.37% <ø> (-1.24%) ⬇️
modules/convert/user.go 100.00% <100.00%> (ø)
modules/util/timer.go 42.85% <0.00%> (-42.86%) ⬇️
services/pull/pull.go 40.78% <0.00%> (-0.50%) ⬇️
modules/log/event.go 57.54% <0.00%> (+0.94%) ⬆️
modules/charset/charset.go 73.03% <0.00%> (+4.49%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update afea4fa...0f50a05. Read the comment docs.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Sep 15, 2020
zeripath
zeripath approved these changes Sep 15, 2020
View reviewed changes
Copy link
Contributor

@zeripath zeripath left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really wish we weren't exposing these IDs at all but given we are...

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Sep 15, 2020
techknowlogick
techknowlogick approved these changes Sep 17, 2020
View reviewed changes
Copy link
Member

@techknowlogick techknowlogick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1 to what @zeripath has said, but as also said we already do... 🤷

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Sep 17, 2020
@jolheiser jolheiser merged commit 06480af into go-gitea:master Sep 17, 2020
@jolheiser
Copy link
Member

I really wish we weren't exposing these IDs at all but given we are...

I thought the general consensus was that STO was somewhat outdated?

@6543 6543 deleted the fix-user-2-apiformat_12846 branch September 17, 2020 21:36
@6543
Copy link
Member Author

6543 commented Sep 17, 2020

STO?

In the end lot of api endpoint's need the UserID to filter etc things
and so we have to expos it

@jolheiser
Copy link
Member

Security Through Obscurity, e.g. hiding user IDs

@6543
Copy link
Member Author

6543 commented Sep 17, 2020

@jolheiser this makes no sence for user IDs they can be easely guessed on smal incatnces (this are no uuid's just db id's)

so we would have to redesign lot's of things

@6543
Copy link
Member Author

6543 commented Sep 17, 2020

this can be done when moving toward APIv2 - witch is not near at that point

6543 added a commit to 6543-forks/gitea that referenced this pull request Sep 17, 2020
@6543
Convert User expose ID each time (go-gitea#12855)
c5e8460 
* git blame tells me a lot of gitea things happen here around 2018, add header

* move user code int its own file

* expose user id

* adopt things from APIFormat

* fix test

* CI.restart()
@6543 6543 mentioned this pull request Sep 17, 2020
Merged
@6543
Copy link
Member Author

6543 commented Sep 17, 2020

Backport: #12883

@6543 6543 added the backport/done All backports for this PR have been created label Sep 17, 2020
techknowlogick pushed a commit that referenced this pull request Sep 18, 2020
@6543 @lunny
Convert User expose ID each time (#12855) (#12883)
a98bf03 
* Convert User expose ID each time (#12855)

* git blame tells me a lot of gitea things happen here around 2018, add header

* move user code int its own file

* expose user id

* adopt things from APIFormat

* fix test

* CI.restart()

* No Refactor

* CI.restart()

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
@go-gitea go-gitea locked and limited conversation to collaborators Nov 24, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@techknowlogick techknowlogick techknowlogick approved these changes

@zeripath zeripath zeripath approved these changes

Assignees
No one assigned
Labels
backport/done All backports for this PR have been created lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/api This PR adds API routes or modifies them type/bug
Projects
None yet
Milestone
1.13.0
Development

Successfully merging this pull request may close these issues.

API: UserID is missing sometimes
6 participants
@6543 @codecov-commenter @jolheiser @techknowlogick @zeripath @GiteaBot