Add "Allow edits from maintainer" feature (#18002)
Adds a feature [like GitHub has](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork) (step 7). If you create a new PR from a forked repo, you can select (and change later, but only if you are the PR creator/poster) the "Allow edits from maintainers" option. Then users with write access to the base branch get more permissions on this branch: * use the update pull request button * push directly from the command line (`git push`) * edit/delete/upload files via web UI * use related API endpoints You can't merge PRs to this branch with this enabled, you'll need "full" code write permissions. This feature has a pretty big impact on the permission system. I might forgot changing some things or didn't find security vulnerabilities. In this case, please leave a review or comment on this PR. Closes #17728 Co-authored-by: 6543 <6543@obermui.de>tokarchuk/v1.17
parent
92dfbada37
commit
8eb1cd9264
@ -0,0 +1,18 @@ |
||||
// Copyright 2022 The Gitea Authors. All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package migrations |
||||
|
||||
import ( |
||||
"xorm.io/xorm" |
||||
) |
||||
|
||||
func addAllowMaintainerEdit(x *xorm.Engine) error { |
||||
// PullRequest represents relation between pull request and repositories.
|
||||
type PullRequest struct { |
||||
AllowMaintainerEdit bool `xorm:"NOT NULL DEFAULT false"` |
||||
} |
||||
|
||||
return x.Sync2(new(PullRequest)) |
||||
} |
@ -0,0 +1,40 @@ |
||||
// Copyright 2022 The Gitea Authors.
|
||||
// All rights reserved.
|
||||
// Use of this source code is governed by a MIT-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
package pull |
||||
|
||||
import ( |
||||
"context" |
||||
"errors" |
||||
|
||||
"code.gitea.io/gitea/models" |
||||
unit_model "code.gitea.io/gitea/models/unit" |
||||
user_model "code.gitea.io/gitea/models/user" |
||||
) |
||||
|
||||
var ErrUserHasNoPermissionForAction = errors.New("user not allowed to do this action") |
||||
|
||||
// SetAllowEdits allow edits from maintainers to PRs
|
||||
func SetAllowEdits(ctx context.Context, doer *user_model.User, pr *models.PullRequest, allow bool) error { |
||||
if doer == nil || !pr.Issue.IsPoster(doer.ID) { |
||||
return ErrUserHasNoPermissionForAction |
||||
} |
||||
|
||||
if err := pr.LoadHeadRepo(); err != nil { |
||||
return err |
||||
} |
||||
|
||||
permission, err := models.GetUserRepoPermission(ctx, pr.HeadRepo, doer) |
||||
if err != nil { |
||||
return err |
||||
} |
||||
|
||||
if !permission.CanWrite(unit_model.TypeCode) { |
||||
return ErrUserHasNoPermissionForAction |
||||
} |
||||
|
||||
pr.AllowMaintainerEdit = allow |
||||
return models.UpdateAllowEdits(ctx, pr) |
||||
} |
Loading…
Reference in new issue