From f984f61024fd40925a2fb191320cd8e25abcb9ba Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Wed, 19 Aug 2020 15:41:59 +0100 Subject: [PATCH] Default empty merger list to those with write permissions Signed-off-by: Andrew Thornton --- models/branches.go | 5 +++-- modules/convert/convert.go | 6 +++++- services/pull/merge.go | 2 +- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/models/branches.go b/models/branches.go index fc3c783b3a996..38aa79d2dc75a 100644 --- a/models/branches.go +++ b/models/branches.go @@ -98,9 +98,10 @@ func (protectBranch *ProtectedBranch) CanUserPush(userID int64) bool { } // IsUserMergeWhitelisted checks if some user is whitelisted to merge to this branch -func (protectBranch *ProtectedBranch) IsUserMergeWhitelisted(userID int64) bool { +func (protectBranch *ProtectedBranch) IsUserMergeWhitelisted(userID int64, permissionInRepo Permission) bool { if !protectBranch.EnableMergeWhitelist { - return true + // Then we need to fall back on whether the user has write permission + return permissionInRepo.CanWrite(UnitTypeCode) } if base.Int64sContains(protectBranch.MergeWhitelistUserIDs, userID) { diff --git a/modules/convert/convert.go b/modules/convert/convert.go index ec18b130567fe..94ecdd11503b6 100644 --- a/modules/convert/convert.go +++ b/modules/convert/convert.go @@ -67,8 +67,12 @@ func ToBranch(repo *models.Repository, b *git.Branch, c *git.Commit, bp *models. } if user != nil { + permission, err := models.GetUserRepoPermission(repo, user) + if err != nil { + return nil, err + } branch.UserCanPush = bp.CanUserPush(user.ID) - branch.UserCanMerge = bp.IsUserMergeWhitelisted(user.ID) + branch.UserCanMerge = bp.IsUserMergeWhitelisted(user.ID, permission) } return branch, nil diff --git a/services/pull/merge.go b/services/pull/merge.go index 47521ce14770a..27689384a58aa 100644 --- a/services/pull/merge.go +++ b/services/pull/merge.go @@ -544,7 +544,7 @@ func IsUserAllowedToMerge(pr *models.PullRequest, p models.Permission, user *mod return false, err } - if (p.CanWrite(models.UnitTypeCode) && pr.ProtectedBranch == nil) || (pr.ProtectedBranch != nil && pr.ProtectedBranch.IsUserMergeWhitelisted(user.ID)) { + if (p.CanWrite(models.UnitTypeCode) && pr.ProtectedBranch == nil) || (pr.ProtectedBranch != nil && pr.ProtectedBranch.IsUserMergeWhitelisted(user.ID, p)) { return true, nil }