Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ensure that restricted users can access repos for which they are members #17460

Merged
merged 3 commits into from
Oct 28, 2021
Merged

Ensure that restricted users can access repos for which they are members #17460

merged 3 commits into from
Oct 28, 2021

Commits on Oct 27, 2021

  1. Ensure that restricted users can access repos for which they are members 

    There is a small bug in the way that repo access is checked in
repoAssignment: Accessibility is checked by checking if the user has a
marked access to the repository instead of checking if the user has any
team granted access.

This PR changes this permissions check to use HasAccess() which does the
correct test. There is also a fix in the release api ListReleases where
it should return draft releases if the user is a member of a team with
write access to the releases.

The PR also adds a testcase.

Signed-off-by: Andrew Thornton <art27@cantab.net>
    @zeripath
    zeripath committed Oct 27, 2021
    Configuration menu
    Copy the full SHA
    96ffa73 View commit details
    Browse the repository at this point in the history

Commits on Oct 28, 2021

  1. Merge branch 'main' into fix-17003-restricted-user-access-repos

    @zeripath
    zeripath authored Oct 28, 2021
    Configuration menu
    Copy the full SHA
    b747c1a View commit details
    Browse the repository at this point in the history

  2. Merge branch 'main' into fix-17003-restricted-user-access-repos

    @zeripath
    zeripath authored Oct 28, 2021
    Configuration menu
    Copy the full SHA
    006c2f7 View commit details
    Browse the repository at this point in the history