Merge 046151ef90 into 821d2fc2a3

Fix #30921

modules/structs/repo.go

@@ -217,7 +217,7 @@ type EditRepoOption struct {
 	Archived *bool `json:"archived,omitempty"`
 	// set to a string like `8h30m0s` to set the mirror interval time
 	MirrorInterval *string `json:"mirror_interval,omitempty"`
-	// enable prune - remove obsolete remote-tracking references
+	// enable prune - remove obsolete remote-tracking references when mirroring
 	EnablePrune *bool `json:"enable_prune,omitempty"`
 }
 

routers/api/v1/org/member.go

@@ -236,9 +236,16 @@ func PublicizeMember(ctx *context.APIContext) {
 	if ctx.Written() {
 		return
 	}
-	if userToPublicize.ID != ctx.Doer.ID {
-		ctx.Error(http.StatusForbidden, "", "Cannot publicize another member")
-		return
+	if userToPublicize.ID != ctx.Doer.ID && !ctx.Doer.IsAdmin {
+		isOwner, err := ctx.Org.Organization.IsOwnedBy(ctx, ctx.Doer.ID)
+		if err != nil {
+			ctx.Error(http.StatusInternalServerError, "IsOwnedBy", err)
+			return
+		}
+		if !isOwner {
+			ctx.Error(http.StatusForbidden, "", "Cannot publicize another member")
+			return
+		}
 	}
 	err := organization.ChangeOrgUserStatus(ctx, ctx.Org.Organization.ID, userToPublicize.ID, true)
 	if err != nil {
@@ -278,9 +285,16 @@ func ConcealMember(ctx *context.APIContext) {
 	if ctx.Written() {
 		return
 	}
-	if userToConceal.ID != ctx.Doer.ID {
-		ctx.Error(http.StatusForbidden, "", "Cannot conceal another member")
-		return
+	if userToConceal.ID != ctx.Doer.ID && !ctx.Doer.IsAdmin {
+		isOwner, err := ctx.Org.Organization.IsOwnedBy(ctx, ctx.Doer.ID)
+		if err != nil {
+			ctx.Error(http.StatusInternalServerError, "IsOwnedBy", err)
+			return
+		}
+		if !isOwner {
+			ctx.Error(http.StatusForbidden, "", "Cannot conceal another member")
+			return
+		}
 	}
 	err := organization.ChangeOrgUserStatus(ctx, ctx.Org.Organization.ID, userToConceal.ID, false)
 	if err != nil {

routers/api/v1/repo/repo.go

@@ -1062,16 +1062,10 @@ func updateRepoArchivedState(ctx *context.APIContext, opts api.EditRepoOption) e
 func updateMirror(ctx *context.APIContext, opts api.EditRepoOption) error {
 	repo := ctx.Repo.Repository
 
-	// only update mirror if interval or enable prune are provided
-	if opts.MirrorInterval == nil && opts.EnablePrune == nil {
-		return nil
-	}
-
-	// these values only make sense if the repo is a mirror
+	// Skip this update if the repo is not a mirror, do not return error.
+	// Because reporting errors only makes the logic more complex&fragile, it doesn't really help end users.
 	if !repo.IsMirror {
-		err := fmt.Errorf("repo is not a mirror, can not change mirror interval")
-		ctx.Error(http.StatusUnprocessableEntity, err.Error(), err)
-		return err
+		return nil
 	}
 
 	// get the mirror from the repo

templates/swagger/v1_json.tmpl

@@ -20753,7 +20753,7 @@
           "x-go-name": "Description"
         },
         "enable_prune": {
-          "description": "enable prune - remove obsolete remote-tracking references",
+          "description": "enable prune - remove obsolete remote-tracking references when mirroring",
           "type": "boolean",
           "x-go-name": "EnablePrune"
         },