Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-07-19 23:38:29 +02:00
Code Issues Activity

Also consider actions user when evaluating push privileges on protected branch

Browse Source
This commit is contained in:
Naxdy 2025-07-12 11:17:40 +02:00
parent 6599efb3b1
commit 1a9ab86a15
No known key found for this signature in database
GPG Key ID: CC15075846BCE91B
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
routers/private/hook_pre_receive.go
View File

@ -253,7 +253,7 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r
// 5. Check if the doer is allowed to push (and force-push if the incoming push is a force-push) // 5. Check if the doer is allowed to push (and force-push if the incoming push is a force-push)
var canPush bool var canPush bool
if ctx.opts.DeployKeyID != 0 { if ctx.opts.DeployKeyID != 0 || ctx.user.ID == user_model.ActionsUserID {
// This flag is only ever true if protectBranch.CanForcePush is true // This flag is only ever true if protectBranch.CanForcePush is true
if isForcePush { if isForcePush {
canPush = !changedProtectedfiles && protectBranch.CanPush && (!protectBranch.EnableForcePushAllowlist || protectBranch.ForcePushAllowlistDeployKeys) canPush = !changedProtectedfiles && protectBranch.CanPush && (!protectBranch.EnableForcePushAllowlist || protectBranch.ForcePushAllowlistDeployKeys)