RFR: 1903: Verify User's repository access when processing backport command [v3]
Erik Joelsson
erikj at openjdk.org
Tue May 9 22:42:03 UTC 2023
On Tue, 9 May 2023 22:13:31 GMT, Zhao Song <zsong at openjdk.org> wrote:
>> bots/pr/src/main/java/org/openjdk/skara/bots/pr/BackportCommand.java line 393:
>>
>>> 391: }
>>> 392:
>>> 393: private boolean verifyGroupMembership(HostedRepository targetRepo, HostUser user, PrintWriter reply) {
>>
>> The name of this method is misleading as we aren't actually checking group membership, in this patch we are checking write access, which may or may not be indicative of group membership. What actually matters is that the right access is available though.
>
> Will change the name to `checkWriteAccess`. Thanks!
Thinking some more on this, I think it should be something like `canCreatePullRequest`. Write access implies being able to push to the repo, something we disable through various means most of the time.
-------------
PR Review Comment: https://git.openjdk.org/skara/pull/1516#discussion_r1189194138
More information about the skara-dev
mailing list