Fix more bugs when view migrating repository

Author: lunny

routers/web/user/task.go

@@ -8,13 +8,15 @@ import (
 	"strconv"
 
 	admin_model "code.gitea.io/gitea/models/admin"
+	access_model "code.gitea.io/gitea/models/perm/access"
+	"code.gitea.io/gitea/models/unit"
 	"code.gitea.io/gitea/modules/json"
 	"code.gitea.io/gitea/services/context"
 )
 
 // TaskStatus returns task's status
 func TaskStatus(ctx *context.Context) {
-	task, opts, err := admin_model.GetMigratingTaskByID(ctx, ctx.PathParamInt64("task"), ctx.Doer.ID)
+	task, _, err := admin_model.GetMigratingTaskByID(ctx, ctx.PathParamInt64("task"), 0)
 	if err != nil {
 		if admin_model.IsErrTaskDoesNotExist(err) {
 			ctx.JSON(http.StatusNotFound, map[string]any{
@@ -28,6 +30,27 @@ func TaskStatus(ctx *context.Context) {
 		return
 	}
 
+	if err := task.LoadRepo(ctx); err != nil {
+		ctx.JSON(http.StatusInternalServerError, map[string]any{
+			"err": err,
+		})
+		return
+	}
+
+	perm, err := access_model.GetUserRepoPermission(ctx, task.Repo, ctx.Doer)
+	if err != nil {
+		ctx.JSON(http.StatusInternalServerError, map[string]any{
+			"err": err,
+		})
+		return
+	}
+	if !perm.CanRead(unit.TypeCode) {
+		ctx.JSON(http.StatusForbidden, map[string]any{
+			"error": "you do not have access to this task",
+		})
+		return
+	}
+
 	message := task.Message
 
 	if task.Message != "" && task.Message[0] == '{' {
@@ -43,11 +66,7 @@ func TaskStatus(ctx *context.Context) {
 	}
 
 	ctx.JSON(http.StatusOK, map[string]any{
-		"status":    task.Status,
-		"message":   message,
-		"repo-id":   task.RepoID,
-		"repo-name": opts.RepoName,
-		"start":     task.StartTime,
-		"end":       task.EndTime,
+		"status":  task.Status,
+		"message": message,
 	})
 }

routers/web/web.go

@@ -669,7 +669,7 @@ func registerRoutes(m *web.Router) {
 		m.Get("/forgot_password", auth.ForgotPasswd)
 		m.Post("/forgot_password", auth.ForgotPasswdPost)
 		m.Post("/logout", auth.SignOut)
-		m.Get("/task/{task}", reqSignIn, user.TaskStatus)
+		m.Get("/task/{task}", user.TaskStatus)
 		m.Get("/stopwatches", reqSignIn, user.GetStopwatches)
 		m.Get("/search", ignExploreSignIn, user.Search)
 		m.Group("/oauth2", func() {

web_src/js/features/repo-migrate.ts

@@ -7,10 +7,7 @@ export function initRepoMigrationStatusChecker() {
   const repoMigrating = document.querySelector('#repo_migrating');
   if (!repoMigrating) return;
 
-  const retryBtn = document.querySelector('#repo_migrating_retry');
-  if (retryBtn) {
-    retryBtn.addEventListener('click', doMigrationRetry);
-  }
+  document.querySelector('#repo_migrating_retry')?.addEventListener('click', doMigrationRetry);
 
   const task = repoMigrating.getAttribute('data-migrating-task-id');