Radish alpha
h
heartwood
Radicle Heartwood Protocol & Stack
Radicle
Git (anonymous pull)
Log in to clone via SSH
Commits
radicle: Authorize certain changes if no-op
cloudhead committed 2 years ago
commit 09f2befa58dc6057e052904b6947bdd17d3b0553
parent 0726754b0e112802dd1c942cebd7850d331ce483
2 files changed +24 -3
modified radicle/src/cob/issue.rs
@@ -329,7 +329,14 @@ impl Issue {
        let author: ActorId = *self.author().id().as_key();

        let outcome = match action {

            // Only delegate can assign someone to an issue.
- 
            Action::Assign { .. } => Authorization::Deny,
+ 
            Action::Assign { assignees } => {
+ 
                if assignees == &self.assignees {
+ 
                    // No-op is allowed for backwards compatibility.
+ 
                    Authorization::Allow
+ 
                } else {
+ 
                    Authorization::Deny
+ 
                }
+ 
            }

            // Issue authors can edit their own issues.

            Action::Edit { .. } => Authorization::from(*actor == author),

            // Issue authors can close or re-open their own issue.
@@ -338,7 +345,14 @@ impl Issue {
                State::Open => *actor == author,

            }),

            // Only delegate can label an issue.
- 
            Action::Label { .. } => Authorization::Deny,
+ 
            Action::Label { labels } => {
+ 
                if labels == &self.labels {
+ 
                    // No-op is allowed for backwards compatibility.
+ 
                    Authorization::Allow
+ 
                } else {
+ 
                    Authorization::Deny
+ 
                }
+ 
            }

            // All roles can comment on an issues

            Action::Comment { .. } => Authorization::Allow,

            // All roles can edit or redact their own comments.
modified radicle/src/cob/patch.rs
@@ -632,7 +632,14 @@ impl Patch {
                Lifecycle::Archived { .. } => actor == author,

            }),

            // Only delegates can carry out these actions.
- 
            Action::Label { .. } => Authorization::Deny,
+ 
            Action::Label { labels } => {
+ 
                if labels == &self.labels {
+ 
                    // No-op is allowed for backwards compatibility.
+ 
                    Authorization::Allow
+ 
                } else {
+ 
                    Authorization::Deny
+ 
                }
+ 
            }

            Action::Assign { .. } => Authorization::Deny,

            Action::Merge { .. } => match self.target() {

                MergeTarget::Delegates => Authorization::Deny,