fix(hook): instance admins wrongly restricted by permissions checks

This exception existed for both instance admins and repo admins
before ApplyToAdmins was introduced in
79b7089360.

It should have been kept for instance admins only because they are not
subject to permission checks.

(cherry picked from commit 05f0007437)
This commit is contained in:
Earl Warren 2024-06-01 10:41:10 +02:00
parent bad8e72bcd
commit baec3dc6b9
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00

View file

@ -398,6 +398,11 @@ func preReceiveBranch(ctx *preReceiveContext, oldCommitID, newCommitID string, r
return
}
// If we're an admin for the instance, we can ignore checks
if ctx.user.IsAdmin {
return
}
// It's not allowed t overwrite protected files. Unless if the user is an
// admin and the protected branch rule doesn't apply to admins.
if changedProtectedfiles && (!ctx.user.IsAdmin || protectBranch.ApplyToAdmins) {