9 years ago · e5b105e513
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -229,11 +229,14 @@ func runWeb(ctx *cli.Context) {
 
				 				Post(bind(api.CreateRepoOption{}), v1.CreateRepo)
			
 
				 			m.Post("/org/:org/repos", middleware.ApiReqToken(), bind(api.CreateRepoOption{}), v1.CreateOrgRepo)
			
 
				 
			
 
				-			// TODO: https://github.com/gogits/go-gogs-client/wiki
			
 
				 			m.Group("/repos", func() {
			
 
				 				m.Get("/search", v1.SearchRepos)
			
 
				-				m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), v1.MigrateRepo)
			
 
				 
			
 
				+				m.Group("", func() {
			
 
				+					m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), v1.MigrateRepo)
			
 
				+				}, middleware.ApiReqToken())
			
 
				+
			
 
				+				// TODO: https://github.com/gogits/go-gogs-client/wiki
			
 
				 				m.Group("/:username/:reponame", func() {
			
 
				 					m.Combo("/hooks").Get(v1.ListRepoHooks).
			
 
				 						Post(bind(api.CreateHookOption{}), v1.CreateRepoHook)
			
--- a/modules/auth/repo_form.go
+++ b/modules/auth/repo_form.go
@@ -35,10 +35,10 @@ type MigrateRepoForm struct {
 
				 	CloneAddr    string `binding:"Required"`
			
 
				 	AuthUsername string
			
 
				 	AuthPassword string
			
 
				-	Mirror       bool
			
 
				 	Uid          int64  `binding:"Required"`
			
 
				 	RepoName     string `binding:"Required;AlphaDashDot;MaxSize(100)"`
			
 
				 	Private      bool
			
 
				+	Mirror       bool
			
 
				 	Description  string `binding:"MaxSize(255)"`
			
 
				 }
			
 
				 
			
--- a/routers/api/v1/repo.go
+++ b/routers/api/v1/repo.go
@@ -192,23 +192,9 @@ func CreateOrgRepo(ctx *middleware.Context, opt api.CreateRepoOption) {
 
				 }
			
 
				 
			
 
				 func MigrateRepo(ctx *middleware.Context, form auth.MigrateRepoForm) {
			
 
				-	u, err := models.GetUserByName(ctx.Query("username"))
			
 
				-	if err != nil {
			
 
				-		if models.IsErrUserNotExist(err) {
			
 
				-			ctx.HandleAPI(422, err)
			
 
				-		} else {
			
 
				-			ctx.HandleAPI(500, err)
			
 
				-		}
			
 
				-		return
			
 
				-	}
			
 
				-	if !u.ValidatePassword(ctx.Query("password")) {
			
 
				-		ctx.HandleAPI(422, "Username or password is not correct.")
			
 
				-		return
			
 
				-	}
			
 
				-
			
 
				-	ctxUser := u
			
 
				+	ctxUser := ctx.User
			
 
				 	// Not equal means current user is an organization.
			
 
				-	if form.Uid != u.Id {
			
 
				+	if form.Uid != ctxUser.Id {
			
 
				 		org, err := models.GetUserByID(form.Uid)
			
 
				 		if err != nil {
			
 
				 			if models.IsErrUserNotExist(err) {
			
@@ -228,7 +214,7 @@ func MigrateRepo(ctx *middleware.Context, form auth.MigrateRepoForm) {
 
				 
			
 
				 	if ctxUser.IsOrganization() {
			
 
				 		// Check ownership of organization.
			
 
				-		if !ctxUser.IsOwnedBy(u.Id) {
			
 
				+		if !ctxUser.IsOwnedBy(ctx.User.Id) {
			
 
				 			ctx.HandleAPI(403, "Given user is not owner of organization.")
			
 
				 			return
			
 
				 		}