From 1e76f7b5b7f51cf32fbdb85fe9ee2cc00595bc3a Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Sun, 6 Jun 2021 12:22:05 +0200 Subject: [PATCH] api: fix overly strict edit pr permissions (#15900) (#16081) Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Norwin Co-authored-by: zeripath Co-authored-by: Lunny Xiao --- routers/api/v1/api.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 9fed22113..2492c3b49 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -893,7 +893,7 @@ func Routes() *web.Route { Post(reqToken(), mustNotBeArchived, bind(api.CreatePullRequestOption{}), repo.CreatePullRequest) m.Group("/{index}", func() { m.Combo("").Get(repo.GetPullRequest). - Patch(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(api.EditPullRequestOption{}), repo.EditPullRequest) + Patch(reqToken(), bind(api.EditPullRequestOption{}), repo.EditPullRequest) m.Get(".diff", repo.DownloadPullDiff) m.Get(".patch", repo.DownloadPullPatch) m.Post("/update", reqToken(), repo.UpdatePullRequest)