Hi, we at Calckey tried assigning idsues to users who wanna work on stuff but arent part of our organisation, but that wasnt possible. Can this be fixed? I am sure that worked on github
Maybe propose org + repo members in the assignee dropdown as well as people who have participated in the issue discussion? And additionally allow entering every username by hand?
Hi,
I'd like to work on this.
Can someone assign it to me?
Yeah sure - as soon as the feature is implemented, I'll be able to assign you 😉
😄
Hi,
I am adding to the dropdown any user that have interacted with the specific issue (comments, pull request etc..).
Now, some of these users have absolutely no access rights to the repo.
If one of these extra users is assigned to the issue, it fails the validation, quite rightly so, here:
2024年02月01日 07:33:13 ...rs/web/repo/issue.go:2387:UpdateIssueAssignee() [E] canBeAssigned: user doesn't have access to repo [user_id: 3, repo_name: DevWork]
This checks that the user in question has write permission to the repo for Code, issue or Pull Request .
The question I have about this:
What does being assigned to an issue mean?
1 - Does it simply mean that the user getting assigned gets is name displayed as an assignee on the issue?
2 - Or does it mean that the user getting assigned gets automatically granted some kind of write access to the repo?
Option 2 is dangerous as it would bypass a lot the access setup by the repo owner.
Option 1, It think means amending the 'CanBeAssigned' , extending the meaning to also include users that have posted to the issue in some way:
// CanBeAssigned return true if user can be assigned to issue or pull requests in repo
// Currently any write access (code, issues or pr's) is assignable, to match assignee list in user interface.
// FIXME: user could send PullRequest also could be assigned???
func CanBeAssigned(ctx context.Context, user *user_model.User, repo *repo_model.Repository, _ bool) (bool, error) {
if user.IsOrganization() {
return false, fmt.Errorf("Organization can't be added as assignee [user_id: %d, repo_id: %d]", user.ID, repo.ID)
}
perm, err := GetUserRepoPermission(ctx, repo, user)
if err != nil {
return false, err
}
return perm.CanAccessAny(perm_model.AccessModeWrite, unit.TypeCode, unit.TypeIssues, unit.TypePullRequests), nil
}
What does being assigned to an issue mean?
1 - Does it simply mean that the user getting assigned gets is name displayed as an assignee on the issue?
2 - Or does it mean that the user getting assigned gets automatically granted some kind of write access to the repo?
It's an organizational thing. So it would only mean the user gets their name displayed as assignee, no extra rights are given to assignees.
Option 1, It think means amending the 'CanBeAssigned' , extending the meaning to also include users that have posted to the issue in some way:
That would be a fine approach.
Cheers.
PR #2283 is wrong. Way too many commits. There should only be one.
You'll need to rebase the branch regularly according to the current Forgejo workflow (which is likely subject to change).
You'll need two Git remotes configured for your local repo: Your fork and the Forgejo source. Then git fetch upstream (the Forgejo repo), and git rebase -i upstream/forgejo. This opens an interactive file where you replace "pick" with "drop" for all commits but those that are relevant for you. You can also see if it works without -i, but I doubt it.
In the end, you need to git push --force to your fork to update the PR.
Feel free to ask in the development matrix room if you need assistance. It's easy to get lost in all the commits :)
There is a draft PR at forgejo/forgejo#2283 which will be closed until @axd99 has time to work on it. It can be re-opened at any time.
No due date set.
No dependencies set.
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?