diff options
| author | rubenwardy <rw@rubenwardy.com> | 2020-04-21 19:27:34 +0100 |
|---|---|---|
| committer | rubenwardy <rw@rubenwardy.com> | 2020-04-21 19:27:34 +0100 |
| commit | a678a61c23cd61f11d7c0a570f26e9d333bb9731 (patch) | |
| tree | aab17fbab1456f2d55ff5553f6161c0f05aa7985 | |
| parent | b5ce0a786a1fac846e3de4e7dfe8ea4a27d81f2b (diff) | |
| download | cheatdb-a678a61c23cd61f11d7c0a570f26e9d333bb9731.tar.xz | |
Correct documentation on users allowed to use webhooks
| -rw-r--r-- | app/blueprints/api/endpoints.py | 3 | ||||
| -rw-r--r-- | app/blueprints/github/__init__.py | 2 | ||||
| -rw-r--r-- | app/blueprints/gitlab/__init__.py | 2 | ||||
| -rw-r--r-- | app/flatpages/help/release_webhooks.md | 4 |
4 files changed, 5 insertions, 6 deletions
diff --git a/app/blueprints/api/endpoints.py b/app/blueprints/api/endpoints.py index 057cb7a..7c7a44a 100644 --- a/app/blueprints/api/endpoints.py +++ b/app/blueprints/api/endpoints.py @@ -140,6 +140,9 @@ def markdown(): @is_package_page @is_api_authd def create_release(token, package): + if not package.checkPerm(token.owner, Permission.APPROVE_RELEASE): + return error(403, "You do not have the permission to approve releases") + json = request.json if json is None: return error(400, "JSON post data is required") diff --git a/app/blueprints/github/__init__.py b/app/blueprints/github/__init__.py index a07920c..2eb4f64 100644 --- a/app/blueprints/github/__init__.py +++ b/app/blueprints/github/__init__.py @@ -124,7 +124,7 @@ def webhook(): return error(403, "Invalid authentication, couldn't validate API token") if not package.checkPerm(actual_token.owner, Permission.APPROVE_RELEASE): - return error(403, "Only trusted members can use webhooks") + return error(403, "You do not have the permission to approve releases") # # Check event diff --git a/app/blueprints/gitlab/__init__.py b/app/blueprints/gitlab/__init__.py index 45b4aa5..84061d7 100644 --- a/app/blueprints/gitlab/__init__.py +++ b/app/blueprints/gitlab/__init__.py @@ -44,7 +44,7 @@ def webhook(): return error(403, "Invalid authentication") if not package.checkPerm(token.owner, Permission.APPROVE_RELEASE): - return error(403, "Only trusted members can use webhooks") + return error(403, "You do not have the permission to approve releases") # # Check event diff --git a/app/flatpages/help/release_webhooks.md b/app/flatpages/help/release_webhooks.md index 2d751a5..438226e 100644 --- a/app/flatpages/help/release_webhooks.md +++ b/app/flatpages/help/release_webhooks.md @@ -17,10 +17,6 @@ The process is as follows: 3. The git host posts a webhook notification to ContentDB, using the API token assigned to it. 4. ContentDB checks the API token and issues a new release. -<p class="alert alert-info"> - This feature is in beta, and is only available for Trusted Members. -</p> - ## Setting up ### GitHub (automatic) |