| |
@@ -331,7 +331,9 @@
|
| |
can_delete_branch = (
|
| |
pagure_config.get("ALLOW_DELETE_BRANCH", True)
|
| |
and not request.remote_git
|
| |
- and pagure.utils.is_repo_committer(request.project_from)
|
| |
+ and pagure.utils.is_repo_committer(
|
| |
+ request.project_from or request.project
|
| |
+ )
|
| |
)
|
| |
return flask.render_template(
|
| |
"repo_pull_request.html",
|
| |
@@ -1134,7 +1136,9 @@
|
| |
requestid=requestid,
|
| |
)
|
| |
)
|
| |
- if not pagure.utils.is_repo_committer(request.project_from):
|
| |
+ if not pagure.utils.is_repo_committer(
|
| |
+ request.project_from or request.project
|
| |
+ ):
|
| |
flask.flash(
|
| |
"You do not have permissions to delete the branch in the "
|
| |
"source repo",
|
| |
puiterwijk
commented 5 years ago
If the repository the PR is against is the same as the PR is from, "request.project_from"
is None, and we should check "request.project" to see whether the person has permission
to delete branches.
This was causing "repo_obj" in is_repo_committer to be None.
The reason this wasn't encountered by any admins is because is_repo_committer returns
True with "is_admin()" before it even gets to using repo_obj.
Signed-off-by: Patrick Uiterwijk patrick@puiterwijk.org