1
1
mirror of https://github.com/go-gitea/gitea synced 2025-07-23 10:48:37 +00:00

Add "Allow edits from maintainer" feature (#18002)

Adds a feature [like GitHub has](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork) (step 7).
If you create a new PR from a forked repo, you can select (and change later, but only if you are the PR creator/poster) the "Allow edits from maintainers" option.
Then users with write access to the base branch get more permissions on this branch:
* use the update pull request button
* push directly from the command line (`git push`)
* edit/delete/upload files via web UI
* use related API endpoints

You can't merge PRs to this branch with this enabled, you'll need "full" code write permissions.

This feature has a pretty big impact on the permission system. I might forgot changing some things or didn't find security vulnerabilities. In this case, please leave a review or comment on this PR.

Closes #17728

Co-authored-by: 6543 <6543@obermui.de>
This commit is contained in:
qwerty287
2022-04-28 17:45:33 +02:00
committed by GitHub
parent 92dfbada37
commit 8eb1cd9264
29 changed files with 359 additions and 60 deletions

View File

@@ -1529,7 +1529,7 @@ func ViewIssue(ctx *context.Context) {
if ctx.IsSigned {
if err := pull.LoadHeadRepoCtx(ctx); err != nil {
log.Error("LoadHeadRepo: %v", err)
} else if pull.HeadRepo != nil && pull.HeadBranch != pull.HeadRepo.DefaultBranch {
} else if pull.HeadRepo != nil {
perm, err := models.GetUserRepoPermission(ctx, pull.HeadRepo, ctx.Doer)
if err != nil {
ctx.ServerError("GetUserRepoPermission", err)
@@ -1537,12 +1537,15 @@ func ViewIssue(ctx *context.Context) {
}
if perm.CanWrite(unit.TypeCode) {
// Check if branch is not protected
if protected, err := models.IsProtectedBranch(pull.HeadRepo.ID, pull.HeadBranch); err != nil {
log.Error("IsProtectedBranch: %v", err)
} else if !protected {
canDelete = true
ctx.Data["DeleteBranchLink"] = issue.Link() + "/cleanup"
if pull.HeadBranch != pull.HeadRepo.DefaultBranch {
if protected, err := models.IsProtectedBranch(pull.HeadRepo.ID, pull.HeadBranch); err != nil {
log.Error("IsProtectedBranch: %v", err)
} else if !protected {
canDelete = true
ctx.Data["DeleteBranchLink"] = issue.Link() + "/cleanup"
}
}
ctx.Data["CanWriteToHeadRepo"] = true
}
}