fedi/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-15 02:45:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(hook): instance admins wrongly restricted by permissions checks

Browse source 
This exception existed for both instance admins and repo admins
before ApplyToAdmins was introduced in
79b7089360.

It should have been kept for instance admins only because they are not
subject to permission checks.

(cherry picked from commit 05f0007437)
This commit is contained in:
Earl Warren 2024-06-01 10:41:10 +02:00
parent bad8e72bcd
commit baec3dc6b9
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
routers/private/hook_pre_receive.go
View file

@ -398,6 +398,11 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r
return
}
// If we're an admin for the instance, we can ignore checks
if ctx.user.IsAdmin {
return
}
// It's not allowed t overwrite protected files. Unless if the user is an
// admin and the protected branch rule doesn't apply to admins.
if changedProtectedfiles && (!ctx.user.IsAdmin || protectBranch.ApplyToAdmins) {