diff --git a/cmd/web.go b/cmd/web.go index 5bde3379679..c2658a5cee3 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -229,11 +229,14 @@ func runWeb(ctx *cli.Context) { Post(bind(api.CreateRepoOption{}), v1.CreateRepo) m.Post("/org/:org/repos", middleware.ApiReqToken(), bind(api.CreateRepoOption{}), v1.CreateOrgRepo) - // TODO: https://github.com/gogits/go-gogs-client/wiki m.Group("/repos", func() { m.Get("/search", v1.SearchRepos) - m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), v1.MigrateRepo) + m.Group("", func() { + m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), v1.MigrateRepo) + }, middleware.ApiReqToken()) + + // TODO: https://github.com/gogits/go-gogs-client/wiki m.Group("/:username/:reponame", func() { m.Combo("/hooks").Get(v1.ListRepoHooks). Post(bind(api.CreateHookOption{}), v1.CreateRepoHook) diff --git a/modules/auth/repo_form.go b/modules/auth/repo_form.go index 03dacbf88e0..4d90074386b 100644 --- a/modules/auth/repo_form.go +++ b/modules/auth/repo_form.go @@ -35,10 +35,10 @@ type MigrateRepoForm struct { CloneAddr string `binding:"Required"` AuthUsername string AuthPassword string - Mirror bool Uid int64 `binding:"Required"` RepoName string `binding:"Required;AlphaDashDot;MaxSize(100)"` Private bool + Mirror bool Description string `binding:"MaxSize(255)"` } diff --git a/routers/api/v1/repo.go b/routers/api/v1/repo.go index 6e883a2084e..07d836e5b39 100644 --- a/routers/api/v1/repo.go +++ b/routers/api/v1/repo.go @@ -192,23 +192,9 @@ func CreateOrgRepo(ctx *middleware.Context, opt api.CreateRepoOption) { } func MigrateRepo(ctx *middleware.Context, form auth.MigrateRepoForm) { - u, err := models.GetUserByName(ctx.Query("username")) - if err != nil { - if models.IsErrUserNotExist(err) { - ctx.HandleAPI(422, err) - } else { - ctx.HandleAPI(500, err) - } - return - } - if !u.ValidatePassword(ctx.Query("password")) { - ctx.HandleAPI(422, "Username or password is not correct.") - return - } - - ctxUser := u + ctxUser := ctx.User // Not equal means current user is an organization. - if form.Uid != u.Id { + if form.Uid != ctxUser.Id { org, err := models.GetUserByID(form.Uid) if err != nil { if models.IsErrUserNotExist(err) { @@ -228,7 +214,7 @@ func MigrateRepo(ctx *middleware.Context, form auth.MigrateRepoForm) { if ctxUser.IsOrganization() { // Check ownership of organization. - if !ctxUser.IsOwnedBy(u.Id) { + if !ctxUser.IsOwnedBy(ctx.User.Id) { ctx.HandleAPI(403, "Given user is not owner of organization.") return }