Skip to content

db/repos: remove explicit authz bypass logic

Warren Gifford requested to merge jc/remove-db-repos-authz-bypass into master

Created by: unknwon

As a result of recent learning, if the ctx has an actor that is an admin, authzFilter bypass checks automatically. Therefore, there is no need to explicit bypass authorization again.

This PR then fixes the only exception method that did not go through authzFilter (i.e. db.Repos.GetByIDs).

We're back to the unified authz checking process!

Merge request reports

Loading