From b40107c4164748873f89a9553ed24e8403999339 Mon Sep 17 00:00:00 2001 From: "j.yao.SUSE" Date: Wed, 8 Apr 2020 19:26:50 +0800 Subject: [PATCH] =?UTF-8?q?[suggest]=20change=20merge=20strategy=EF=BC=9A?= =?UTF-8?q?=20do=20not=20check=20write=20access=20if=20user=20in=20merge?= =?UTF-8?q?=20white=20list=20(#10951)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * [suggest] change merge strategy: do not check write access if user in merge white list #10935 (cherry picked from commit ba74fc6389dfcad03c273441a49b54e4d38c86ee) * fix NPE * Fix cross compile (#10952) * Fix cross compile * Add test for cross compile * Fix drone * Fix drone * Also prevent CC environment not to generate Co-authored-by: zeripath * fix merge box icon color bug (#10974) that because need some space beturn ``text`` and color defines Signed-off-by: a1012112796 <1012112796@qq.com> * [skip ci] Updated translations via Crowdin * Allow X in addition to x in tasks (#10979) Signed-off-by: Andrew Thornton * remove api: merge reqRepoWriter Co-authored-by: zeripath Co-authored-by: Lunny Xiao Co-authored-by: 赵智超 <1012112796@qq.com> Co-authored-by: GiteaBot Co-authored-by: techknowlogick Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> --- routers/api/v1/api.go | 2 +- routers/routes/routes.go | 3 +-- services/pull/merge.go | 5 +---- 3 files changed, 3 insertions(+), 7 deletions(-) diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 8fc1eeefd1c1..150c073c9185 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -788,7 +788,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Combo("").Get(repo.GetPullRequest). Patch(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(api.EditPullRequestOption{}), repo.EditPullRequest) m.Combo("/merge").Get(repo.IsPullRequestMerged). - Post(reqToken(), mustNotBeArchived, reqRepoWriter(models.UnitTypePullRequests), bind(auth.MergePullRequestForm{}), repo.MergePullRequest) + Post(reqToken(), mustNotBeArchived, bind(auth.MergePullRequestForm{}), repo.MergePullRequest) }) }, mustAllowPulls, reqRepoReader(models.UnitTypeCode), context.ReferencesGitRepo(false)) m.Group("/statuses", func() { diff --git a/routers/routes/routes.go b/routers/routes/routes.go index 5f477a847ef9..2273cb447353 100644 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -527,7 +527,6 @@ func RegisterRoutes(m *macaron.Macaron) { reqRepoWikiWriter := context.RequireRepoWriter(models.UnitTypeWiki) reqRepoIssueWriter := context.RequireRepoWriter(models.UnitTypeIssues) reqRepoIssueReader := context.RequireRepoReader(models.UnitTypeIssues) - reqRepoPullsWriter := context.RequireRepoWriter(models.UnitTypePullRequests) reqRepoPullsReader := context.RequireRepoReader(models.UnitTypePullRequests) reqRepoIssuesOrPullsWriter := context.RequireRepoWriterOr(models.UnitTypeIssues, models.UnitTypePullRequests) reqRepoIssuesOrPullsReader := context.RequireRepoReaderOr(models.UnitTypeIssues, models.UnitTypePullRequests) @@ -887,7 +886,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Get(".diff", repo.DownloadPullDiff) m.Get(".patch", repo.DownloadPullPatch) m.Get("/commits", context.RepoRef(), repo.ViewPullCommits) - m.Post("/merge", context.RepoMustNotBeArchived(), reqRepoPullsWriter, bindIgnErr(auth.MergePullRequestForm{}), repo.MergePullRequest) + m.Post("/merge", context.RepoMustNotBeArchived(), bindIgnErr(auth.MergePullRequestForm{}), repo.MergePullRequest) m.Post("/update", repo.UpdatePullRequest) m.Post("/cleanup", context.RepoMustNotBeArchived(), context.RepoRef(), repo.CleanUpPullRequest) m.Group("/files", func() { diff --git a/services/pull/merge.go b/services/pull/merge.go index 511f3dbfc494..b412e71896db 100644 --- a/services/pull/merge.go +++ b/services/pull/merge.go @@ -531,16 +531,13 @@ func IsSignedIfRequired(pr *models.PullRequest, doer *models.User) (bool, error) // IsUserAllowedToMerge check if user is allowed to merge PR with given permissions and branch protections func IsUserAllowedToMerge(pr *models.PullRequest, p models.Permission, user *models.User) (bool, error) { - if !p.CanWrite(models.UnitTypeCode) { - return false, nil - } err := pr.LoadProtectedBranch() if err != nil { return false, err } - if pr.ProtectedBranch == nil || pr.ProtectedBranch.IsUserMergeWhitelisted(user.ID) { + if (p.CanWrite(models.UnitTypeCode) && pr.ProtectedBranch == nil) || (pr.ProtectedBranch != nil && pr.ProtectedBranch.IsUserMergeWhitelisted(user.ID)) { return true, nil }