diff options
| author | a1012112796 <1012112796@qq.com> | 2024-12-28 02:17:01 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-12-27 18:17:01 +0000 |
| commit | a7b2707be9bd9845e965efbd85a4f38907bf3b5c (patch) | |
| tree | 3abef31683404327ee3353c6c9562eb189691f70 | |
| parent | 2d1a171dc7c4a350b40e0f64e0314e944dcc1472 (diff) | |
| download | gitea-a7b2707be9bd9845e965efbd85a4f38907bf3b5c.tar.gz gitea-a7b2707be9bd9845e965efbd85a4f38907bf3b5c.zip | |
Fix Agit pull request permission check (#32999)
user with read permission should also can create agit flow pull request.
looks this logic was broken in
https://github.com/go-gitea/gitea/pull/31033 this pull request try fix
it and add test code.
---------
Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
| -rw-r--r-- | services/pull/pull.go | 3 | ||||
| -rw-r--r-- | tests/integration/pull_create_test.go | 19 |
2 files changed, 21 insertions, 1 deletions
diff --git a/services/pull/pull.go b/services/pull/pull.go index ac91fd6409..85c36bb16a 100644 --- a/services/pull/pull.go +++ b/services/pull/pull.go @@ -64,7 +64,8 @@ func NewPullRequest(ctx context.Context, opts *NewPullRequestOptions) error { } // user should be a collaborator or a member of the organization for base repo - if !issue.Poster.IsAdmin { + canCreate := issue.Poster.IsAdmin || pr.Flow == issues_model.PullRequestFlowAGit + if !canCreate { canCreate, err := repo_model.IsOwnerMemberCollaborator(ctx, repo, issue.Poster.ID) if err != nil { return err diff --git a/tests/integration/pull_create_test.go b/tests/integration/pull_create_test.go index 9812d2073d..4bc2a1da9a 100644 --- a/tests/integration/pull_create_test.go +++ b/tests/integration/pull_create_test.go @@ -12,6 +12,7 @@ import ( "strings" "testing" + "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/test" "code.gitea.io/gitea/tests" @@ -226,3 +227,21 @@ func TestPullCreatePrFromBaseToFork(t *testing.T) { assert.Regexp(t, "^/user1/repo1/pulls/[0-9]*$", url) }) } + +func TestCreateAgitPullWithReadPermission(t *testing.T) { + onGiteaRun(t, func(t *testing.T, u *url.URL) { + dstPath := t.TempDir() + + u.Path = "user2/repo1.git" + u.User = url.UserPassword("user4", userPassword) + + t.Run("Clone", doGitClone(dstPath, u)) + + t.Run("add commit", doGitAddSomeCommits(dstPath, "master")) + + t.Run("do agit pull create", func(t *testing.T) { + err := git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master", "-o").AddDynamicArguments("topic=" + "test-topic").Run(&git.RunOpts{Dir: dstPath}) + assert.NoError(t, err) + }) + }) +} |