[suggest] change merge strategy： do not check write access if user in merge white list (#10951)

* [suggest] change merge strategy： do not check write access if user in merge white list #10935 (cherry picked from commit ba74fc6389dfcad03c273441a49b54e4d38c86ee) * fix NPE * Fix cross compile (#10952) * Fix cross compile * Add test for cross compile * Fix drone * Fix drone * Also prevent CC environment not to generate Co-authored-by: zeripath <art27@cantab.net> * fix merge box icon color bug (#10974) that because need some space beturn ``text`` and color defines Signed-off-by: a1012112796 <1012112796@qq.com> * [skip ci] Updated translations via Crowdin * Allow X in addition to x in tasks (#10979) Signed-off-by: Andrew Thornton <art27@cantab.net> * remove api: merge reqRepoWriter Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 赵智超 <1012112796@qq.com> Co-authored-by: GiteaBot <teabot@gitea.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
author: j.yao.SUSE <everhopingandwaiting@users.noreply.github.com> 2020-04-08 19:26:50 +0800
committer: GitHub <noreply@github.com> 2020-04-08 14:26:50 +0300
commit: b40107c4164748873f89a9553ed24e8403999339 (patch)
tree: 49a37d8df27a08414f6dec9240a0926b9c6630a8
parent: 089b34858ce1ce3101b13fa8e14e4e56e0a02a90 (diff)
download: gitea-b40107c4164748873f89a9553ed24e8403999339.tar.gz
gitea-b40107c4164748873f89a9553ed24e8403999339.zip
3 files changed, 3 insertions, 7 deletions
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
index 8fc1eeefd1..150c073c91 100644
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@@ -788,7 +788,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 						m.Combo("").Get(repo.GetPullRequest).
 							Patch(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(api.EditPullRequestOption{}), repo.EditPullRequest)
 						m.Combo("/merge").Get(repo.IsPullRequestMerged).
-							Post(reqToken(), mustNotBeArchived, reqRepoWriter(models.UnitTypePullRequests), bind(auth.MergePullRequestForm{}), repo.MergePullRequest)
+							Post(reqToken(), mustNotBeArchived, bind(auth.MergePullRequestForm{}), repo.MergePullRequest)
 					})
 				}, mustAllowPulls, reqRepoReader(models.UnitTypeCode), context.ReferencesGitRepo(false))
 				m.Group("/statuses", func() {
diff --git a/routers/routes/routes.go b/routers/routes/routes.go
index 5f477a847e..2273cb4473 100644
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@@ -527,7 +527,6 @@ func RegisterRoutes(m *macaron.Macaron) {
 	reqRepoWikiWriter := context.RequireRepoWriter(models.UnitTypeWiki)
 	reqRepoIssueWriter := context.RequireRepoWriter(models.UnitTypeIssues)
 	reqRepoIssueReader := context.RequireRepoReader(models.UnitTypeIssues)
-	reqRepoPullsWriter := context.RequireRepoWriter(models.UnitTypePullRequests)
 	reqRepoPullsReader := context.RequireRepoReader(models.UnitTypePullRequests)
 	reqRepoIssuesOrPullsWriter := context.RequireRepoWriterOr(models.UnitTypeIssues, models.UnitTypePullRequests)
 	reqRepoIssuesOrPullsReader := context.RequireRepoReaderOr(models.UnitTypeIssues, models.UnitTypePullRequests)
@@ -887,7 +886,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Get(".diff", repo.DownloadPullDiff)
 			m.Get(".patch", repo.DownloadPullPatch)
 			m.Get("/commits", context.RepoRef(), repo.ViewPullCommits)
-			m.Post("/merge", context.RepoMustNotBeArchived(), reqRepoPullsWriter, bindIgnErr(auth.MergePullRequestForm{}), repo.MergePullRequest)
+			m.Post("/merge", context.RepoMustNotBeArchived(), bindIgnErr(auth.MergePullRequestForm{}), repo.MergePullRequest)
 			m.Post("/update", repo.UpdatePullRequest)
 			m.Post("/cleanup", context.RepoMustNotBeArchived(), context.RepoRef(), repo.CleanUpPullRequest)
 			m.Group("/files", func() {
diff --git a/services/pull/merge.go b/services/pull/merge.go
index 511f3dbfc4..b412e71896 100644
--- a/services/pull/merge.go
+++ b/services/pull/merge.go
@@ -531,16 +531,13 @@ func IsSignedIfRequired(pr *models.PullRequest, doer *models.User) (bool, error)
 
 // IsUserAllowedToMerge check if user is allowed to merge PR with given permissions and branch protections
 func IsUserAllowedToMerge(pr *models.PullRequest, p models.Permission, user *models.User) (bool, error) {
-	if !p.CanWrite(models.UnitTypeCode) {
-		return false, nil
-	}
 
 	err := pr.LoadProtectedBranch()
 	if err != nil {
 		return false, err
 	}
 
-	if pr.ProtectedBranch == nil || pr.ProtectedBranch.IsUserMergeWhitelisted(user.ID) {
+	if (p.CanWrite(models.UnitTypeCode) && pr.ProtectedBranch == nil) || (pr.ProtectedBranch != nil && pr.ProtectedBranch.IsUserMergeWhitelisted(user.ID)) {
 		return true, nil
 	}
author	j.yao.SUSE <everhopingandwaiting@users.noreply.github.com>	2020-04-08 19:26:50 +0800
committer	GitHub <noreply@github.com>	2020-04-08 14:26:50 +0300
commit	b40107c4164748873f89a9553ed24e8403999339 (patch)
tree	49a37d8df27a08414f6dec9240a0926b9c6630a8
parent	089b34858ce1ce3101b13fa8e14e4e56e0a02a90 (diff)
download	gitea-b40107c4164748873f89a9553ed24e8403999339.tar.gz gitea-b40107c4164748873f89a9553ed24e8403999339.zip