From 7cb23b14f6483e6a924a3fcd9301e8caeead81ac Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Nov 17 2016 22:18:10 +0000
Subject: Only let admins edit the dependency tree of issues


Otherwise, the information are edited while the user does not have rights
to edit them, ie: does not have access to the form, which in practie
means that the information is removed.

Fixes https://pagure.io/pagure/issue/1551

---

diff --git a/pagure/ui/issues.py b/pagure/ui/issues.py
index 3ae3542..82f1a49 100644
--- a/pagure/ui/issues.py
+++ b/pagure/ui/issues.py
@@ -274,19 +274,19 @@ def update_issue(repo, issueid, username=None, namespace=None):
                             SESSION, issue, key, value)
                     )
 
-            # Update ticket this one depends on
-            messages.union(set(pagure.lib.update_dependency_issue(
-                SESSION, repo, issue, depends,
-                username=flask.g.fas_user.username,
-                ticketfolder=APP.config['TICKETS_FOLDER'],
-            )))
+                # Update ticket this one depends on
+                messages.union(set(pagure.lib.update_dependency_issue(
+                    SESSION, repo, issue, depends,
+                    username=flask.g.fas_user.username,
+                    ticketfolder=APP.config['TICKETS_FOLDER'],
+                )))
 
-            # Update ticket(s) depending on this one
-            messages.union(set(pagure.lib.update_blocked_issue(
-                SESSION, repo, issue, blocks,
-                username=flask.g.fas_user.username,
-                ticketfolder=APP.config['TICKETS_FOLDER'],
-            )))
+                # Update ticket(s) depending on this one
+                messages.union(set(pagure.lib.update_blocked_issue(
+                    SESSION, repo, issue, blocks,
+                    username=flask.g.fas_user.username,
+                    ticketfolder=APP.config['TICKETS_FOLDER'],
+                )))
 
             if not is_js:
                 for message in messages: