[suggest] change merge strategy： do not check write access if user in merge white list (#10951)

* [suggest] change merge strategy： do not check write access if user in merge white list #10935 (cherry picked from commit ba74fc6389dfcad03c273441a49b54e4d38c86ee) * fix NPE * Fix cross compile (#10952) * Fix cross compile * Add test for cross compile * Fix drone * Fix drone * Also prevent CC environment not to generate Co-authored-by: zeripath <art27@cantab.net> * fix merge box icon color bug (#10974) that because need some space beturn ``text`` and color defines Signed-off-by: a1012112796 <1012112796@qq.com> * [skip ci] Updated translations via Crowdin * Allow X in addition to x in tasks (#10979) Signed-off-by: Andrew Thornton <art27@cantab.net> * remove api: merge reqRepoWriter Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 赵智超 <1012112796@qq.com> Co-authored-by: GiteaBot <teabot@gitea.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago · b40107c416
parent 089b34858c
commit b40107c416
3 changed files with 3 additions and 7 deletions
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@ -788,7 +788,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 						m.Combo("").Get(repo.GetPullRequest).
 							Patch(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(api.EditPullRequestOption{}), repo.EditPullRequest)
 						m.Combo("/merge").Get(repo.IsPullRequestMerged).
-							Post(reqToken(), mustNotBeArchived, reqRepoWriter(models.UnitTypePullRequests), bind(auth.MergePullRequestForm{}), repo.MergePullRequest)
+							Post(reqToken(), mustNotBeArchived, bind(auth.MergePullRequestForm{}), repo.MergePullRequest)
 					})
 				}, mustAllowPulls, reqRepoReader(models.UnitTypeCode), context.ReferencesGitRepo(false))
 				m.Group("/statuses", func() {
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@ -527,7 +527,6 @@ func RegisterRoutes(m *macaron.Macaron) {
 	reqRepoWikiWriter := context.RequireRepoWriter(models.UnitTypeWiki)
 	reqRepoIssueWriter := context.RequireRepoWriter(models.UnitTypeIssues)
 	reqRepoIssueReader := context.RequireRepoReader(models.UnitTypeIssues)
-	reqRepoPullsWriter := context.RequireRepoWriter(models.UnitTypePullRequests)
 	reqRepoPullsReader := context.RequireRepoReader(models.UnitTypePullRequests)
 	reqRepoIssuesOrPullsWriter := context.RequireRepoWriterOr(models.UnitTypeIssues, models.UnitTypePullRequests)
 	reqRepoIssuesOrPullsReader := context.RequireRepoReaderOr(models.UnitTypeIssues, models.UnitTypePullRequests)
@ -887,7 +886,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Get(".diff", repo.DownloadPullDiff)
 			m.Get(".patch", repo.DownloadPullPatch)
 			m.Get("/commits", context.RepoRef(), repo.ViewPullCommits)
-			m.Post("/merge", context.RepoMustNotBeArchived(), reqRepoPullsWriter, bindIgnErr(auth.MergePullRequestForm{}), repo.MergePullRequest)
+			m.Post("/merge", context.RepoMustNotBeArchived(), bindIgnErr(auth.MergePullRequestForm{}), repo.MergePullRequest)
 			m.Post("/update", repo.UpdatePullRequest)
 			m.Post("/cleanup", context.RepoMustNotBeArchived(), context.RepoRef(), repo.CleanUpPullRequest)
 			m.Group("/files", func() {
--- a/services/pull/merge.go
+++ b/services/pull/merge.go
@ -531,16 +531,13 @@ func IsSignedIfRequired(pr *models.PullRequest, doer *models.User) (bool, error)

 // IsUserAllowedToMerge check if user is allowed to merge PR with given permissions and branch protections
 func IsUserAllowedToMerge(pr *models.PullRequest, p models.Permission, user *models.User) (bool, error) {
-	if !p.CanWrite(models.UnitTypeCode) {
-		return false, nil
-	}

 	err := pr.LoadProtectedBranch()
 	if err != nil {
 		return false, err
 	}

-	if pr.ProtectedBranch == nil || pr.ProtectedBranch.IsUserMergeWhitelisted(user.ID) {
+	if (p.CanWrite(models.UnitTypeCode) && pr.ProtectedBranch == nil) || (pr.ProtectedBranch != nil && pr.ProtectedBranch.IsUserMergeWhitelisted(user.ID)) {
 		return true, nil
 	}