From fb0cce0ebc38e8b074256ec7cfaf1e8098f69db9 Mon Sep 17 00:00:00 2001
From: Julen Landa Alustiza <jlanda@fedoraproject.org>
Date: Nov 13 2019 16:47:11 +0000
Subject: api/fork: fix authorization conditionals


---

diff --git a/pagure/api/fork.py b/pagure/api/fork.py
index 37ee2b1..0165fcc 100644
--- a/pagure/api/fork.py
+++ b/pagure/api/fork.py
@@ -685,12 +685,18 @@ def api_pull_request_rebase(repo, requestid, username=None, namespace=None):
     _check_token(repo, project_token=False)
     request = _get_request(repo, requestid)
 
-    if not is_repo_committer(repo):
-        raise pagure.exceptions.APIError(403, error_code=APIERROR.ENOPRCLOSE)
+    can_rebase = (
+        not request.remote_git
+        and request.project_from
+        and is_repo_committer(request.project_from)
+    )
 
-    if not request.allow_rebase:
+    if not ((is_repo_committer(repo) and request.allow_rebase) or can_rebase):
         raise pagure.exceptions.APIError(
-            403, error_code=APIERROR.EREBASENOTALLOWED
+            403,
+            error_code=APIERROR.EREBASENOTALLOWED
+            if not request.allow_rebase
+            else APIERROR.ENOPRCLOSE,
         )
 
     task = pagure.lib.tasks.rebase_pull_request.delay(