From 2a0d4d6f45ce3427c50191dfa23d4c91446edf37 Mon Sep 17 00:00:00 2001 From: xxq250 Date: Mon, 21 Apr 2025 12:02:01 +0800 Subject: [PATCH] =?UTF-8?q?fixed=20=E6=B5=81=E6=B0=B4=E7=BA=BF=E6=B2=A1?= =?UTF-8?q?=E6=9C=89=E6=9F=A5=E7=9C=8B=E7=BB=84=E7=BB=87=E7=9A=84=E6=9D=83?= =?UTF-8?q?=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/controllers/api/pm/pipelines_controller.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/app/controllers/api/pm/pipelines_controller.rb b/app/controllers/api/pm/pipelines_controller.rb index cafb43a4d..f8f073c96 100644 --- a/app/controllers/api/pm/pipelines_controller.rb +++ b/app/controllers/api/pm/pipelines_controller.rb @@ -1,10 +1,12 @@ class Api::Pm::PipelinesController < Api::Pm::BaseController include RepositoriesHelper - before_action :require_operate_above, except: [:upload_results, :run_results] def index @owner = Owner.find_by(login: params[:owner_id].to_s) || Owner.find_by(id: params[:owner_id].to_s) tip_exception('组织未找到') if @owner.blank? + unless @owner.is_a?(Organization) && @owner.is_member?(current_user.id) + tip_exception('没有查看组织的权限') + end @project_ids = @owner.projects.ids project_gpids = @owner.projects.pluck(:gpid) action_runs = Gitea::ActionRun.where(owner_id: @owner.gitea_uid)