You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
repositories GET {url}/api/v1/users/{username}/{repos}
organizations GET {url}/api/v1/users/{username}/{orgs}
etc
should only return public data of that user. That isn't the fact if the {username} is the same user that owns the api-token, instead everything is returned.
This is what one can expect when issuing the GET {url}/api/v1/user/repos and similar requests for the authorized user.
Either must the documentation be changed to cover the differences or the code should actually return the public data within the scopes for public data.
Second one makes the most sense.... It would be convenient to actually have an method to get only public data, even for the authorized user, as the data returned for some requests (such as organizations) doesnt tell if this data is a private or public.
Gogs Version: 0.11.29.0727
The text was updated successfully, but these errors were encountered:
The documentation states that querying:
GET {url}/api/v1/users/{username}/{repos}
GET {url}/api/v1/users/{username}/{orgs}
should only return public data of that user. That isn't the fact if the
{username}
is the same user that owns the api-token, instead everything is returned.This is what one can expect when issuing the
GET {url}/api/v1/user/repos
and similar requests for the authorized user.Either must the documentation be changed to cover the differences or the code should actually return the public data within the scopes for public data.
Second one makes the most sense.... It would be convenient to actually have an method to get only public data, even for the authorized user, as the data returned for some requests (such as organizations) doesnt tell if this data is a private or public.
Gogs Version: 0.11.29.0727
The text was updated successfully, but these errors were encountered: