mirror of
1
Fork 0
forgejo/routers/api/v1
Gusted 618eb8e72a security: add permission check to 'delete branch after merge'
- Add a permission check that the doer has write permissions to the head
repository if the the 'delete branch after merge' is enabled when
merging a pull request.
- Unify the checks in the web and API router to `DeleteBranchAfterMerge`.
- Added integration tests.

(cherry picked from commit 266e0b2ce9)
2024-10-28 06:04:45 +00:00
..
activitypub activitypub: Implement an instance-wide actor 2024-08-05 10:50:26 +02:00
admin fix(api): Correct descriptions for quota calls 2024-08-12 22:05:56 +02:00
misc Port "Fix wrong test usage of AppSubURL" 2024-03-06 21:47:44 +01:00
notify drop log.Error in ReadRepoNotifications 2024-03-24 07:12:31 +01:00
org Fix bug when a token is given public only 2024-10-11 05:24:23 +03:00
packages remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
repo security: add permission check to 'delete branch after merge' 2024-10-28 06:04:45 +00:00
settings Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
shared feat(quota): Humble beginnings of a quota engine 2024-08-02 11:10:34 +02:00
swagger feat(quota): Humble beginnings of a quota engine 2024-08-02 11:10:34 +02:00
user Fix bug when a token is given public only 2024-10-11 05:24:23 +03:00
utils Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
api.go Fix bug when a token is given public only 2024-10-11 05:24:23 +03:00