@ -824,12 +824,16 @@ func UsernameSubRoute(ctx *context.Context) {
|
||||
reloadParam := func(suffix string) (success bool) {
|
||||
ctx.SetParams("username", strings.TrimSuffix(username, suffix))
|
||||
context_service.UserAssignmentWeb()(ctx)
|
||||
if ctx.Written() {
|
||||
return false
|
||||
}
|
||||
|
||||
// check view permissions
|
||||
if !user_model.IsUserVisibleToViewer(ctx, ctx.ContextUser, ctx.Doer) {
|
||||
ctx.NotFound("user", fmt.Errorf(ctx.ContextUser.Name))
|
||||
return false
|
||||
}
|
||||
return !ctx.Written()
|
||||
return true
|
||||
}
|
||||
switch {
|
||||
case strings.HasSuffix(username, ".png"):
|
||||
@ -850,7 +854,6 @@ func UsernameSubRoute(ctx *context.Context) {
|
||||
return
|
||||
}
|
||||
if reloadParam(".rss") {
|
||||
context_service.UserAssignmentWeb()(ctx)
|
||||
feed.ShowUserFeedRSS(ctx)
|
||||
}
|
||||
case strings.HasSuffix(username, ".atom"):
|
||||
|
@ -243,6 +243,8 @@ func testExportUserGPGKeys(t *testing.T, user, expected string) {
|
||||
}
|
||||
|
||||
func TestGetUserRss(t *testing.T) {
|
||||
defer tests.PrepareTestEnv(t)()
|
||||
|
||||
user34 := "the_34-user.with.all.allowedChars"
|
||||
req := NewRequestf(t, "GET", "/%s.rss", user34)
|
||||
resp := MakeRequest(t, req, http.StatusOK)
|
||||
@ -253,6 +255,13 @@ func TestGetUserRss(t *testing.T) {
|
||||
description, _ := rssDoc.ChildrenFiltered("description").Html()
|
||||
assert.EqualValues(t, "<p dir="auto">some <a href="https://commonmark.org/" rel="nofollow">commonmark</a>!</p>\n", description)
|
||||
}
|
||||
|
||||
req = NewRequestf(t, "GET", "/non-existent-user.rss")
|
||||
MakeRequest(t, req, http.StatusNotFound)
|
||||
|
||||
session := loginUser(t, "user2")
|
||||
req = NewRequestf(t, "GET", "/non-existent-user.rss")
|
||||
session.MakeRequest(t, req, http.StatusNotFound)
|
||||
}
|
||||
|
||||
func TestListStopWatches(t *testing.T) {
|
||||
|
Reference in New Issue
Block a user