github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-12 02:24:21 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

API: UserID is missing sometimes #6002

New Issue
Closed
opened 2025-11-02 06:42:30 -06:00 by GiteaMirror · 11 comments
GiteaMirror commented 2025-11-02 06:42:30 -06:00
Owner
Copy Link

Originally created by @6543 on GitHub (Sep 15, 2020).

sometimes UserID is missing!!

https://gitea.com/api/swagger#/repository/repoListPullReviews

example:

GET https://gitea.com/api/v1/repos/gitea/test_repo/pulls/7/reviews -> techknowlogick has ID 0 !!

Originally created by @6543 on GitHub (Sep 15, 2020). sometimes UserID is missing!! https://gitea.com/api/swagger#/repository/repoListPullReviews example: **GET** `https://gitea.com/api/v1/repos/gitea/test_repo/pulls/7/reviews` -> techknowlogick has ID 0 !!
GiteaMirror added the type/bugmodifies/api labels 2025-11-02 06:42:30 -06:00
GiteaMirror commented 2025-11-02 06:42:30 -06:00
Author
Owner
Copy Link

@a1012112796 commented on GitHub (Sep 15, 2020):

It's not a bug :)
08a905f614/modules/convert/convert.go (L347-L354)

@a1012112796 commented on GitHub (Sep 15, 2020): It's not a bug :) https://github.com/go-gitea/gitea/blob/08a905f614debd6481d7bda2913c596575e9a260/modules/convert/convert.go#L347-L354
GiteaMirror commented 2025-11-02 06:42:31 -06:00
Author
Owner
Copy Link

@6543 commented on GitHub (Sep 15, 2020):

other endpoint's return it and it is needed for migration - inconsistency is a bug

@6543 commented on GitHub (Sep 15, 2020): other endpoint's return it and it is needed for migration - inconsistency is a bug
GiteaMirror commented 2025-11-02 06:42:31 -06:00
Author
Owner
Copy Link

@6543 commented on GitHub (Sep 15, 2020):

I already know where the issue is - we have 2 differend function to convert a user into an api-user -> bad thing!!!

but didn't had time to refactor all of it

@6543 commented on GitHub (Sep 15, 2020): I already know where the issue is - we have 2 differend function to convert a user into an api-user -> bad thing!!! but didn't had time to refactor all of it
GiteaMirror commented 2025-11-02 06:42:31 -06:00
Author
Owner
Copy Link

@6543 commented on GitHub (Sep 15, 2020):

@a1012112796 just use https://gitea.com/api/swagger#/repository/repoListPullRequests and you have the ID (9)

@6543 commented on GitHub (Sep 15, 2020): @a1012112796 just use `https://gitea.com/api/swagger#/repository/repoListPullRequests` and you have the ID (9)
GiteaMirror commented 2025-11-02 06:42:31 -06:00
Author
Owner
Copy Link

@a1012112796 commented on GitHub (Sep 15, 2020):

Hmm, Maybe the id of user is not an secret message.

@a1012112796 commented on GitHub (Sep 15, 2020): Hmm, Maybe the id of user is not an secret message.
GiteaMirror commented 2025-11-02 06:42:31 -06:00
Author
Owner
Copy Link

@a1012112796 commented on GitHub (Sep 15, 2020):

found it :)
08a905f614/models/user.go (L241-L257)

@a1012112796 commented on GitHub (Sep 15, 2020): found it :) https://github.com/go-gitea/gitea/blob/08a905f614debd6481d7bda2913c596575e9a260/models/user.go#L241-L257
GiteaMirror commented 2025-11-02 06:42:32 -06:00
Author
Owner
Copy Link

@a1012112796 commented on GitHub (Sep 15, 2020):

So the main problem is whether the id of user should be protected?

@a1012112796 commented on GitHub (Sep 15, 2020): So the main problem is whether the id of user should be protected?
GiteaMirror commented 2025-11-02 06:42:32 -06:00
Author
Owner
Copy Link

@a1012112796 commented on GitHub (Sep 15, 2020):

Chage Idea:

diff --git a/models/user.go b/models/user.go
index c7b3f0981..08237b2cb 100644
--- a/models/user.go
+++ b/models/user.go
@@ -239,21 +239,34 @@ func (u *User) GetEmail() string {
 }
 
 // APIFormat converts a User to api.User
-func (u *User) APIFormat() *api.User {
+func (u *User) APIFormat(doer *User) *api.User {
 	if u == nil {
 		return nil
 	}
-	return &api.User{
-		ID:        u.ID,
+
+	result := &api.User{
 		UserName:  u.Name,
 		FullName:  u.FullName,
-		Email:     u.GetEmail(),
 		AvatarURL: u.AvatarLink(),
 		Language:  u.Language,
-		IsAdmin:   u.IsAdmin,
-		LastLogin: u.LastLoginUnix.AsTime(),
 		Created:   u.CreatedUnix.AsTime(),
 	}
+
+	signed := doer != nil
+	authed := doer != nil && (doer.IsAdmin || u.ID == doer.ID)
+
+	// hide primary email if API caller is anonymous or user keep email private
+	if signed && (!u.KeepEmailPrivate || authed) {
+		result.Email = u.Email
+	}
+	// only site admin will get these information and possibly user himself
+	if authed {
+		result.ID = u.ID
+		result.IsAdmin = u.IsAdmin
+		result.LastLogin = u.LastLoginUnix.AsTime()
+		result.Language = u.Language
+	}
+	return result
 }
 
 // IsLocal returns true if user login type is LoginPlain.

Then will face a big work :(
tmp

@a1012112796 commented on GitHub (Sep 15, 2020): Chage Idea: ```DIFF diff --git a/models/user.go b/models/user.go index c7b3f0981..08237b2cb 100644 --- a/models/user.go +++ b/models/user.go @@ -239,21 +239,34 @@ func (u *User) GetEmail() string { } // APIFormat converts a User to api.User -func (u *User) APIFormat() *api.User { +func (u *User) APIFormat(doer *User) *api.User { if u == nil { return nil } - return &api.User{ - ID: u.ID, + + result := &api.User{ UserName: u.Name, FullName: u.FullName, - Email: u.GetEmail(), AvatarURL: u.AvatarLink(), Language: u.Language, - IsAdmin: u.IsAdmin, - LastLogin: u.LastLoginUnix.AsTime(), Created: u.CreatedUnix.AsTime(), } + + signed := doer != nil + authed := doer != nil && (doer.IsAdmin || u.ID == doer.ID) + + // hide primary email if API caller is anonymous or user keep email private + if signed && (!u.KeepEmailPrivate || authed) { + result.Email = u.Email + } + // only site admin will get these information and possibly user himself + if authed { + result.ID = u.ID + result.IsAdmin = u.IsAdmin + result.LastLogin = u.LastLoginUnix.AsTime() + result.Language = u.Language + } + return result } // IsLocal returns true if user login type is LoginPlain. ``` Then will face a big work :( ![tmp](https://user-images.githubusercontent.com/25342410/93163233-2abe2880-f749-11ea-8804-a933b00590ea.jpg)
GiteaMirror commented 2025-11-02 06:42:32 -06:00
Author
Owner
Copy Link

@6543 commented on GitHub (Sep 15, 2020):

there are more .APIFormat() but only around 64 for user :D
and yes it has to be refactored to use convert package

@6543 commented on GitHub (Sep 15, 2020): there are more `.APIFormat()` but only around 64 for user :D and yes it has to be refactored to use convert package
GiteaMirror commented 2025-11-02 06:42:32 -06:00
Author
Owner
Copy Link

@6543 commented on GitHub (Sep 15, 2020):

@a1012112796 I have created #12855 to fix this issue

and #12856 witch wont get into v1.13 who will remove APIFormat ...

@6543 commented on GitHub (Sep 15, 2020): @a1012112796 I have created #12855 to fix this issue and #12856 witch wont get into v1.13 who will remove APIFormat ...
GiteaMirror commented 2025-11-02 06:42:33 -06:00
Author
Owner
Copy Link

@6543 commented on GitHub (Sep 27, 2020):

@a1012112796 the refactor for User -> API-User convert refactor is ready :)

-> #12856

@6543 commented on GitHub (Sep 27, 2020): @a1012112796 the refactor for User -> API-User convert refactor is ready :) -> #12856
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label modifies/api type/bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#6002
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?