From 8924d15dec7bfc988f97175547a06e8909785603 Mon Sep 17 00:00:00 2001 From: Earl Warren Date: Thu, 8 Jun 2023 13:50:38 +0200 Subject: [PATCH] [GITEA] silently ignore obsolete sudo scope Fixes: https://codeberg.org/forgejo/forgejo/issues/820 (cherry picked from commit 6a7022ebbb83bda162974028cff01ebcc7c574ec) (cherry picked from commit 764eac47b50688d76fe90aad4819a426444ddb4a) (cherry picked from commit 14480339f091ffbd5f8e9391e7472a60f52a2620) (cherry picked from commit fb930bd719a12cf51fa8f4d685b306caeb201e8a) (cherry picked from commit 97d1166ababd41491edee2da89f42d8f9df52e17) (cherry picked from commit 97b2abc767c4bc32794bbf51676ccfbab9e7e2e0) (cherry picked from commit 3854c9112fa29448802e97678fa919590f65ccf0) --- models/auth/token_scope.go | 2 +- models/auth/token_scope_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/models/auth/token_scope.go b/models/auth/token_scope.go index 61e684ea27..19d512dad4 100644 --- a/models/auth/token_scope.go +++ b/models/auth/token_scope.go @@ -250,7 +250,7 @@ func (s AccessTokenScope) parse() (accessTokenScopeBitmap, error) { remainingScopes = remainingScopes[i+1:] } singleScope := AccessTokenScope(v) - if singleScope == "" { + if singleScope == "" || singleScope == "sudo" { continue } if singleScope == AccessTokenScopeAll { diff --git a/models/auth/token_scope_test.go b/models/auth/token_scope_test.go index a6097e45d7..d11c5e6a3d 100644 --- a/models/auth/token_scope_test.go +++ b/models/auth/token_scope_test.go @@ -20,7 +20,7 @@ func TestAccessTokenScope_Normalize(t *testing.T) { tests := []scopeTestNormalize{ {"", "", nil}, {"write:misc,write:notification,read:package,write:notification,public-only", "public-only,write:misc,write:notification,read:package", nil}, - {"all", "all", nil}, + {"all,sudo", "all", nil}, {"write:activitypub,write:admin,write:misc,write:notification,write:organization,write:package,write:issue,write:repository,write:user", "all", nil}, {"write:activitypub,write:admin,write:misc,write:notification,write:organization,write:package,write:issue,write:repository,write:user,public-only", "public-only,all", nil}, }