MokoConsulting/MokoGitea
1
0
Fork 0
Code Issues 164 Pull Requests Actions Packages Licenses 2 Releases 68 Wiki Activity

fix(licenses): remove repo unit requirement from licenses routes
Universal: PR Check / Branch Policy (pull_request) Successful in 13s
Details
Branch Policy Check / Verify merge target (pull_request) Successful in 14s
Details
Branch Cleanup / Delete merged branch (pull_request) Successful in 7s
Details
PR RC Release / Build RC Release (pull_request) Successful in 15s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 22s
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details

Browse Source 
The licenses feature is gated by org-level LicensingEnabled config,
not by per-repo unit enablement. Requiring TypeLicenses unit on repos
caused 404s since it wasn't in DefaultRepoUnits.

Write permissions are still enforced in handlers via
CanWrite(TypeLicenses). Org routes retain reqUnitAccess for
team-level permission control.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jonathan Miller
2026-05-31 09:47:51 -05:00
parent 80be67b2ef
commit 1bf51f3aa5
1 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files
routers/web/web.go
+12 -12
View File
@@ -1522,20 +1522,20 @@ func registerWebRoutes(m *web.Router, webAuth *AuthMiddleware) {
// end "/{username}/{reponame}": update server
// "/{username}/{reponame}": licenses page
// Note: page visibility is controlled by LicensingEnabled (org config).
// Write permissions are checked in handlers via CanWrite(TypeLicenses).
m.Group("/{username}/{reponame}/licenses", func() {
m.Get("", repo.Licenses)
m.Group("", func() {
m.Post("/packages", repo.LicensesCreatePackage)
m.Get("/packages/{id}/edit", repo.LicensesEditPackage)
m.Post("/packages/{id}/edit", repo.LicensesEditPackagePost)
m.Post("/packages/{id}/delete", repo.LicensesDeletePackage)
m.Post("/keys/generate", repo.LicensesGenerateKey)
m.Get("/keys/{id}/edit", repo.LicensesEditKey)
m.Post("/keys/{id}/edit", repo.LicensesEditKeyPost)
m.Post("/keys/{id}/revoke", repo.LicensesRevokeKey)
m.Post("/keys/{id}/renew", repo.LicensesRenewKey)
}, context.RequireUnitWriter(unit.TypeLicenses))
}, optSignIn, context.RepoAssignment, context.RequireUnitReader(unit.TypeLicenses))
m.Post("/packages", repo.LicensesCreatePackage)
m.Get("/packages/{id}/edit", repo.LicensesEditPackage)
m.Post("/packages/{id}/edit", repo.LicensesEditPackagePost)
m.Post("/packages/{id}/delete", repo.LicensesDeletePackage)
m.Post("/keys/generate", repo.LicensesGenerateKey)
m.Get("/keys/{id}/edit", repo.LicensesEditKey)
m.Post("/keys/{id}/edit", repo.LicensesEditKeyPost)
m.Post("/keys/{id}/revoke", repo.LicensesRevokeKey)
m.Post("/keys/{id}/renew", repo.LicensesRenewKey)
}, optSignIn, context.RepoAssignment)
// end "/{username}/{reponame}": licenses
m.Group("/{username}/{reponame}", func() { // to maintain compatibility with old attachments