besaid.zone
oppi.li
+11
appview/pulls/pulls.go
+11
appview/pulls/pulls.go
···
7
"fmt"
8
"log"
9
"net/http"
10
"sort"
11
"strconv"
12
"strings"
···
24
"tangled.org/core/appview/xrpcclient"
25
"tangled.org/core/idresolver"
26
"tangled.org/core/patchutil"
27
"tangled.org/core/tid"
28
"tangled.org/core/types"
29
···
43
db *db.DB
44
config *config.Config
45
notifier notify.Notifier
46
}
47
48
func New(
···
53
db *db.DB,
54
config *config.Config,
55
notifier notify.Notifier,
56
) *Pulls {
57
return &Pulls{
58
oauth: oauth,
···
62
db: db,
63
config: config,
64
notifier: notifier,
65
}
66
}
67
···
326
branch = pull.PullSource.Branch
327
repo = pull.PullSource.Repo
328
} else {
329
return nil
330
}
331
···
7
"fmt"
8
"log"
9
"net/http"
10
+
"slices"
11
"sort"
12
"strconv"
13
"strings"
···
25
"tangled.org/core/appview/xrpcclient"
26
"tangled.org/core/idresolver"
27
"tangled.org/core/patchutil"
28
+
"tangled.org/core/rbac"
29
"tangled.org/core/tid"
30
"tangled.org/core/types"
31
···
45
db *db.DB
46
config *config.Config
47
notifier notify.Notifier
48
+
enforcer *rbac.Enforcer
49
}
50
51
func New(
···
56
db *db.DB,
57
config *config.Config,
58
notifier notify.Notifier,
59
+
enforcer *rbac.Enforcer,
60
) *Pulls {
61
return &Pulls{
62
oauth: oauth,
···
66
db: db,
67
config: config,
68
notifier: notifier,
69
+
enforcer: enforcer,
70
}
71
}
72
···
331
branch = pull.PullSource.Branch
332
repo = pull.PullSource.Repo
333
} else {
334
+
return nil
335
+
}
336
+
337
+
// user can only delete branch if they are a collaborator in the repo that the branch belongs to
338
+
perms := s.enforcer.GetPermissionsInRepo(user.Did, repo.Knot, repo.DidSlashRepo())
339
+
if !slices.Contains(perms, "repo:push") {
340
return nil
341
}
342
+1
-1
appview/state/router.go
+1
-1
appview/state/router.go