Fix session in list duplication & routes

2020-12-23 01:54:11 +01:00 · 2020-12-23 01:54:11 +01:00 · a7326252a2
parent 1921f80a4a
commit a7326252a2
3 changed files with 10 additions and 2 deletions
--- a/pkg/models/list_duplicate.go
+++ b/pkg/models/list_duplicate.go
@ -39,7 +39,7 @@ type ListDuplicate struct {
 }

 // CanCreate checks if a user has the right to duplicate a list
-func (ld *ListDuplicate) CanCreate(a web.Auth, s *xorm.Session) (canCreate bool, err error) {
+func (ld *ListDuplicate) CanCreate(s *xorm.Session, a web.Auth) (canCreate bool, err error) {
 	// List Exists + user has read access to list
 	ld.List = &List{ID: ld.ListID}
 	canRead, _, err := ld.List.CanRead(s, a)
--- a/pkg/models/list_duplicate_test.go
+++ b/pkg/models/list_duplicate_test.go
@ -39,7 +39,7 @@ func TestListDuplicate(t *testing.T) {
 		ListID:      1,
 		NamespaceID: 1,
 	}
-	can, err := l.CanCreate(u, s)
+	can, err := l.CanCreate(s, u)
 	assert.NoError(t, err)
 	assert.True(t, can)
 	err = l.Create(s, u)
--- a/pkg/routes/routes.go
+++ b/pkg/routes/routes.go
@ -601,11 +601,19 @@ func caldavBasicAuth(username, password string, c echo.Context) (bool, error) {
 		Username: username,
 		Password: password,
 	}
+	s := db.NewSession()
+	defer s.Close()
 	u, err := user.CheckUserCredentials(s, creds)
 	if err != nil {
+		_ = s.Rollback()
 		log.Errorf("Error during basic auth for caldav: %v", err)
 		return false, nil
 	}
+
+	if err := s.Commit(); err != nil {
+		return false, err
+	}
+
 	// Save the user in echo context for later use
 	c.Set("userBasicAuth", u)
 	return true, nil