fix: allow members with git providers permission to create/delete their own providers#4713
Merged
Merged
Conversation
… their own The canAccessToGitProviders legacy override only granted read access, so members with the Git Providers toggle enabled could not add providers — the create/delete endpoints require gitProviders.create / gitProviders.delete. This mirrors how the SSH Keys toggle already grants read/create/delete. The git-provider remove endpoint now restricts non owner/admin roles to deleting only their own providers (matching the ownership model used for visibility and sharing), while owner/admin can still delete any provider in the organization. Closes #4695
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
Closes #4695
In the free / self-hosted permission model, the Git Providers toggle (
canAccessToGitProviders) only grantedreadaccess. A member with that toggle enabled could not add a git provider, because the create/delete endpoints requiregitProviders.create/gitProviders.delete, and the frontend hides the "Add" buttons whenpermissions.gitProviders.createisfalse.This was inconsistent with the SSH Keys toggle (
canAccessToSSHKeys), which already grantsread+create+deletefrom a single switch with the same "access to the … section" wording.Changes
gitProviderslegacy override now grantsread,createanddeletewhen the toggle is on, matching SSH Keys.gitProvider.removeendpoint now restricts non owner/admin roles to deleting only their own providers (consistent with the existing ownership model used for visibility and sharing). Owner/admin can still delete any provider in the organization.check-permissionandresolve-permissionscovering create/delete via the toggle and the off case.