From 7e57f7ceb9ffc367630fce2be7fce6040cd5fe55 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=87=8E=E5=A3=B0?= Date: Sun, 29 Sep 2024 16:20:28 +0800 Subject: [PATCH] feat: create merge commit need admin role --- libs/octo-service/src/index.ts | 10 +--------- src/github/commands/pullRequests/index.ts | 23 ++++++++++++----------- 2 files changed, 13 insertions(+), 20 deletions(-) diff --git a/libs/octo-service/src/index.ts b/libs/octo-service/src/index.ts index 092887c..fdc31a8 100644 --- a/libs/octo-service/src/index.ts +++ b/libs/octo-service/src/index.ts @@ -778,7 +778,7 @@ export class GitHubService { owner: string, repo: string, username: string, - requestLevel: string, + requestLevel: 'write' | 'admin', ) { // Permission levels higher in the array have higher access to the repo. const perms = ['none', 'read', 'write', 'admin']; @@ -794,12 +794,4 @@ export class GitHubService { const userPermIndex = perms.indexOf(perm); return userPermIndex >= requestPermIndex; } - - async checkRepoWritePermission( - owner: string, - repo: string, - username: string, - ) { - return this.checkRepoPermission(owner, repo, username, 'write'); - } } diff --git a/src/github/commands/pullRequests/index.ts b/src/github/commands/pullRequests/index.ts index ed8c4be..d259b6a 100644 --- a/src/github/commands/pullRequests/index.ts +++ b/src/github/commands/pullRequests/index.ts @@ -5,11 +5,7 @@ import { } from '@/constants/opensumi'; import { StopError, removeCommandPrefix } from '@opensumi/bot-commander'; -import { - CommandContext, - GitHubCommandCenter, - IssueCommentEvent, -} from '../types'; +import { CommandContext, GitHubCommandCenter } from '../types'; export function extractTargetBranchNameFromCommand(str: string) { const text = removeCommandPrefix(str, kBackportKeyword); @@ -41,7 +37,10 @@ function constraintRepo(fullname: string, allowedRepo: Set) { } } -async function checkIsPullRequestAndUserHasPermission(ctx: CommandContext) { +async function checkIsPullRequestAndUserHasPermission( + ctx: CommandContext, + requestLevel: 'write' | 'admin', +) { const { app, payload } = ctx; const owner = payload.repository.owner.login; const repo = payload.repository.name; @@ -54,10 +53,11 @@ async function checkIsPullRequestAndUserHasPermission(ctx: CommandContext) { } const user = payload.sender.login; - const userHaveWritePerm = await app.octoService.checkRepoWritePermission( + const userHaveWritePerm = await app.octoService.checkRepoPermission( owner, repo, user, + requestLevel, ); if (!userHaveWritePerm) { @@ -76,7 +76,7 @@ export function registerPullRequestCommand(it: GitHubCommandCenter) { const { app, payload } = ctx; const { issue } = payload; constraintRepo(payload.repository.full_name, backportAllowedRepo); - await checkIsPullRequestAndUserHasPermission(ctx); + await checkIsPullRequestAndUserHasPermission(ctx, 'write'); const result = await app.octoService.getPrByNumber( payload.repository.owner.login, @@ -135,10 +135,11 @@ Please see: <${getActionsUrl(ActionsRepo.BACKPORT_PR_WORKFLOW)}>`, constraintRepo(fullname, nextAllowedRepo); const user = payload.sender.login; - let userHaveWritePerm = await app.octoService.checkRepoWritePermission( + let userHaveWritePerm = await app.octoService.checkRepoPermission( owner, repo, user, + 'write', ); if (!userHaveWritePerm) { if ( @@ -186,7 +187,7 @@ Please see: <${getActionsUrl(ActionsRepo.BACKPORT_PR_WORKFLOW)}>`, const { issue } = payload; const fullname = payload.repository.full_name; constraintRepo(fullname, updateLockfileAllowedRepo); - await checkIsPullRequestAndUserHasPermission(ctx); + await checkIsPullRequestAndUserHasPermission(ctx, 'write'); await app.opensumiOctoService.updateLockfileForPr({ pull_number: issue.number, @@ -198,7 +199,7 @@ Please see: <${getActionsUrl(ActionsRepo.BACKPORT_PR_WORKFLOW)}>`, const { issue } = payload; const fullname = payload.repository.full_name; constraintRepo(fullname, updateLockfileAllowedRepo); - await checkIsPullRequestAndUserHasPermission(ctx); + await checkIsPullRequestAndUserHasPermission(ctx, 'admin'); await app.opensumiOctoService.createMergeCommitForPr({ pull_number: issue.number,