Allow users with write permission to run actions (#32644)

--- I have a use case where I need a team to be able to run actions without admin access.
2024-12-02 15:04:57 +08:00 · 2024-11-28 04:18:23 -03:00 · 2024-11-28 04:18:23 -03:00 · 1b296ed1a4
commit 1b296ed1a4
parent 16a7d343d7
2 changed files with 3 additions and 3 deletions
--- a/routers/web/repo/actions/actions.go
+++ b/routers/web/repo/actions/actions.go
@ -168,8 +168,8 @@ func List(ctx *context.Context) {
 	actionsConfig := ctx.Repo.Repository.MustGetUnit(ctx, unit.TypeActions).ActionsConfig()
 	ctx.Data["ActionsConfig"] = actionsConfig
-	if len(workflowID) > 0 && ctx.Repo.IsAdmin() {
+	if len(workflowID) > 0 && ctx.Repo.CanWrite(unit.TypeActions) {
-		ctx.Data["AllowDisableOrEnableWorkflow"] = true
+		ctx.Data["AllowDisableOrEnableWorkflow"] = ctx.Repo.IsAdmin()
 		isWorkflowDisabled := actionsConfig.IsWorkflowDisabled(workflowID)
 		ctx.Data["CurWorkflowDisabled"] = isWorkflowDisabled
--- a/routers/web/web.go
+++ b/routers/web/web.go
@ -1406,7 +1406,7 @@ func registerRoutes(m *web.Router) {
 		m.Get("", actions.List)
 		m.Post("/disable", reqRepoAdmin, actions.DisableWorkflowFile)
 		m.Post("/enable", reqRepoAdmin, actions.EnableWorkflowFile)
-		m.Post("/run", reqRepoAdmin, actions.Run)
+		m.Post("/run", reqRepoActionsWriter, actions.Run)
 		m.Group("/runs/{run}", func() {
 			m.Combo("").