feat(API): add secret deletion functionality for repository #26808
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
GiteaBot
added
the
lgtm/need 2
pull-request-size
bot
added
the
size/L
appleboy
added
modifies/api
wolfogre
approved these changes
Aug 30, 2023
GiteaBot
added
lgtm/need 1
- Modify the `CreateOrUpdateSecret` function in `api.go` to include a `Delete` operation for the secret - Modify the `DeleteOrgSecret` function in `action.go` to include a `DeleteSecret` operation for the organization - Modify the `DeleteSecret` function in `action.go` to include a `DeleteSecret` operation for the repository - Modify the `v1_json.tmpl` template file to update the `operationId` and `summary` for the `deleteSecret` operation in both the organization and repository sections Signed-off-by: Bo-Yi Wu <[email protected]>
- Change the swagger operation ID from `deleteSecret` to `deleteOrgSecret` in `routers/api/v1/org/action.go` - Change the swagger operation ID from `deleteSecret` to `deleteRepoSecret` in `routers/api/v1/repo/action.go` - Change the swagger operation ID from `deleteSecret` to `deleteOrgSecret` in `templates/swagger/v1_json.tmpl` - Change the swagger operation ID from `deleteSecret` to `deleteRepoSecret` in `templates/swagger/v1_json.tmpl` Signed-off-by: Bo-Yi Wu <[email protected]>
pull-request-size
bot
added
the
size/L
KN4CK3R
reviewed
Aug 30, 2023
| @@ -151,6 +151,10 @@ func DeleteOrgSecret(ctx *context.APIContext) { | |||
| // "403": | |||
| // "$ref": "#/responses/forbidden" | |||
| secretName := ctx.Params(":secretname") | |||
| if err := actions.NameRegexMatch(secretName); err != nil { | |||
There was a problem hiding this comment.
Do we need that check when deleting a secret? If the name is invalid, the secret should not exists, so the not found error will be returned.
There was a problem hiding this comment.
Let's check the input type before executing the model layer.
There was a problem hiding this comment.
I agree with KN4CK3R , since the result is the same, this check is a no-op.
I can't understand what's the meaning of "Let's check the input type before executing the model layer."
Do you mean "this is right and I don't want to change", or do you mean "I will make some other changes"?
There was a problem hiding this comment.
I think the intent is to not bother the database if there could be no result.
There was a problem hiding this comment.
I personally believe that all parameter validation should be done within the API layer, rather than validating parameters at the DB layer.
wxiaoguang
approved these changes
Sep 1, 2023
GiteaBot
added
lgtm/done
|
I will extract shared methods like I did for the web routes. Noticed the split when there were no audit events using the api. |
KN4CK3R
approved these changes
Sep 1, 2023
zjjhot
added a commit
to zjjhot/gitea
that referenced
this pull request
Sep 1, 2023
* giteaoffical/main: (22 commits) Use case-insensitive regex for all webpack assets (go-gitea#26867) restrict certificate type for builtin SSH server (go-gitea#26789) feat(API): add secret deletion functionality for repository (go-gitea#26808) Avoid double-unescaping of form value (go-gitea#26853) Move web/api context related testing function into a separate package (go-gitea#26859) Remove some unused CSS styles (go-gitea#26852) [skip ci] Updated translations via Crowdin Minor dashboard tweaks, fix flex-list margins (go-gitea#26829) Update team invitation email link (go-gitea#26550) Redirect from `{repo}/issues/new` to `{repo}/issues/new/choose` when blank issues are disabled (go-gitea#26813) Remove "TODO" tasks from CSS file (go-gitea#26835) User details page (go-gitea#26713) Render code blocks in repo description (go-gitea#26830) Remove joinPaths function (go-gitea#26833) Remove polluted `.ui.right` (go-gitea#26825) Sync tags when adopting repos (go-gitea#26816) rm comment about hugo (go-gitea#26832) Fix filename for .spectral.yaml (go-gitea#26828) [skip ci] Updated translations via Crowdin Check blocklist for emails when adding them to account (go-gitea#26812) ...
|
Routes for user secrets are missing. |
|
@KN4CK3R Yes. move to new PR for user secrets. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
CreateOrUpdateSecretfunction inapi.goto include aDeleteoperation for the secretDeleteOrgSecretfunction inaction.goto include aDeleteSecretoperation for the organizationDeleteSecretfunction inaction.goto include aDeleteSecretoperation for the repositoryv1_json.tmpltemplate file to update theoperationIdandsummaryfor thedeleteSecretoperation in both the organization and repository sections