gitea/routers/api/v1
qwerty287 8eb1cd9264
Add "Allow edits from maintainer" feature (#18002)
Adds a feature [like GitHub has](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/creating-a-pull-request-from-a-fork) (step 7).
If you create a new PR from a forked repo, you can select (and change later, but only if you are the PR creator/poster) the "Allow edits from maintainers" option.
Then users with write access to the base branch get more permissions on this branch:
* use the update pull request button
* push directly from the command line (`git push`)
* edit/delete/upload files via web UI
* use related API endpoints

You can't merge PRs to this branch with this enabled, you'll need "full" code write permissions.

This feature has a pretty big impact on the permission system. I might forgot changing some things or didn't find security vulnerabilities. In this case, please leave a review or comment on this PR.

Closes #17728

Co-authored-by: 6543 <6543@obermui.de>
2022-04-28 17:45:33 +02:00
..
admin Add Package Registry (#16510) 2022-03-30 16:42:47 +08:00
misc Remove dependent on session auth for api/v1 routers (#19321) 2022-04-08 06:22:10 +02:00
notify Never use /api/v1 from Gitea UI Pages (#19318) 2022-04-07 20:59:56 +02:00
org Fix panic in team repos API (#19431) 2022-04-20 18:43:26 +08:00
packages Add Helm Chart registry (#19406) 2022-04-19 12:55:35 -04:00
repo Add "Allow edits from maintainer" feature (#18002) 2022-04-28 17:45:33 +02:00
settings Make mirror feature more configurable (#16957) 2021-09-07 17:49:36 +02:00
swagger Add Package Registry (#16510) 2022-03-30 16:42:47 +08:00
user Fix DELETE request for non-existent public key (#19443) 2022-04-21 03:08:30 +02:00
utils Never use /api/v1 from Gitea UI Pages (#19318) 2022-04-07 20:59:56 +02:00
api.go Add "Allow edits from maintainer" feature (#18002) 2022-04-28 17:45:33 +02:00
auth_windows.go Let web and API routes have different auth methods group (#19168) 2022-03-28 12:46:28 +08:00
auth.go Let web and API routes have different auth methods group (#19168) 2022-03-28 12:46:28 +08:00