domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Remove GetByBean method because sometimes it's danger when query condition parameter is zero and also introduce new generic methods (#28220)

Browse source 
The function `GetByBean` has an obvious defect that when the fields are
empty values, it will be ignored. Then users will get a wrong result
which is possibly used to make a security problem.

To avoid the possibility, this PR removed function `GetByBean` and all
references.
And some new generic functions have been introduced to be used.

The recommand usage like below.

```go
// if query an object according id
obj, err := db.GetByID[Object](ctx, id)
// query with other conditions
obj, err := db.Get[Object](ctx, builder.Eq{"a": a, "b":b})
```
This commit is contained in:
Lunny Xiao 2023-12-07 15:27:36 +08:00 committed by GitHub
parent beb71f5ef6
commit dd30d9d5c0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
28 changed files with 189 additions and 174 deletions
Download patch file Download diff file Expand all files Collapse all files

9
models/webhook/hooktask.go
View file

@ -16,6 +16,7 @@ import (
webhook_module "code.gitea.io/gitea/modules/webhook"
gouuid "github.com/google/uuid"
"xorm.io/builder"
)
// ___ ___ __ ___________ __
@ -150,14 +151,10 @@ func UpdateHookTask(ctx context.Context, t *HookTask) error {
// ReplayHookTask copies a hook task to get re-delivered
func ReplayHookTask(ctx context.Context, hookID int64, uuid string) (*HookTask, error) {
task := &HookTask{
HookID: hookID,
UUID: uuid,
}
has, err := db.GetByBean(ctx, task)
task, exist, err := db.Get[HookTask](ctx, builder.Eq{"hook_id": hookID, "uuid": uuid})
if err != nil {
return nil, err
} else if !has {
} else if !exist {
return nil, ErrHookTaskNotExist{
HookID: hookID,
UUID: uuid,