diff options
author | Clint Byrum <clint@fewbar.com> | 2018-03-05 11:23:09 -0800 |
---|---|---|
committer | Clint Byrum <clint@fewbar.com> | 2018-03-05 11:23:09 -0800 |
commit | e24257cf1ded2d0916d6762459f78f3d6be01d1b (patch) | |
tree | 7c2425b5faa90f771033a373d6a46022335da548 /zuul/driver/github/githubmodel.py | |
parent | 8660c0662b00842b7fa82b26fe173f66fbdd7da5 (diff) | |
download | zuul-e24257cf1ded2d0916d6762459f78f3d6be01d1b.tar.gz |
Match github model of granting admins write
On github, if somebody has the 'admin' permission, they implicitly have
write access to the repo. So rather than a straight up string match,
we need to implicitly assume anybody who has 'admin' also has 'write'.
Change-Id: Idf159c6746757fb3c9ce55f1d0cae432d3f8e478
Diffstat (limited to 'zuul/driver/github/githubmodel.py')
-rw-r--r-- | zuul/driver/github/githubmodel.py | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/zuul/driver/github/githubmodel.py b/zuul/driver/github/githubmodel.py index 0731dd733..3b0618f96 100644 --- a/zuul/driver/github/githubmodel.py +++ b/zuul/driver/github/githubmodel.py @@ -110,10 +110,15 @@ class GithubCommonFilter(object): return False elif k == 'permission': # If permission is read, we've matched. You must have read - # to provide a review. Write or admin permission is different. + # to provide a review. if v != 'read': - if review['permission'] != v: - return False + # Admins have implicit write. + if v == 'write': + if review['permission'] not in ('write', 'admin'): + return False + elif v == 'admin': + if review['permission'] != 'admin': + return False return True def matchesReviews(self, change): |