forked from Shiloh/githaven
26a0cd7143
Fixes https://github.com/go-gitea/gitea/issues/23934 We need to check `AccessModeAdmin` in `CanUserDelete` instead of `AccessModeOwner`
33 lines
795 B
Go
33 lines
795 B
Go
// Copyright 2022 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package repository
|
|
|
|
import (
|
|
"code.gitea.io/gitea/models/db"
|
|
"code.gitea.io/gitea/models/organization"
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
)
|
|
|
|
// CanUserDelete returns true if user could delete the repository
|
|
func CanUserDelete(repo *repo_model.Repository, user *user_model.User) (bool, error) {
|
|
if user.IsAdmin || user.ID == repo.OwnerID {
|
|
return true, nil
|
|
}
|
|
|
|
if err := repo.LoadOwner(db.DefaultContext); err != nil {
|
|
return false, err
|
|
}
|
|
|
|
if repo.Owner.IsOrganization() {
|
|
isAdmin, err := organization.OrgFromUser(repo.Owner).IsOrgAdmin(user.ID)
|
|
if err != nil {
|
|
return false, err
|
|
}
|
|
return isAdmin, nil
|
|
}
|
|
|
|
return false, nil
|
|
}
|