From f3882d45533bbfce234b3f127a33c19b8a7165ca Mon Sep 17 00:00:00 2001 From: Stefan Date: Fri, 18 Apr 2025 19:17:03 +0000 Subject: [PATCH] fix: allow user with actions write permission to run a workflow from the web UI (#7245) Users with permissions actions write can reschedule a workflow or start a new one over the API. But if the user try to use workflow dispatch on the web GUI it fails with 404 error. Debug log says ``` router: completed POST ///actions/manual for , 404 Not Found in 21.6ms @ context/permission.go:17(web.registerRoutes.RequireRepoAdmin) ``` I think this is not correct, users with permissons action write should also be able to run a new workflow over the GUI. This can be fixed with this little change. ## Testing - Create a repository in an organization with [a manual workflow](https://forgejo.org/docs/next/user/actions/#onworkflow_dispatch) - Create a user and assign it action write permissions for this repository in a team - Login as the user and verify they are allowed to run the workflow via the web UI ## Release notes - User Interface bug fixes - [PR](https://codeberg.org/forgejo/forgejo/pulls/7245): allow user with actions write permission to run a workflow from the web UI Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7245 Reviewed-by: Earl Warren Co-authored-by: Stefan Co-committed-by: Stefan --- routers/web/web.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/routers/web/web.go b/routers/web/web.go index 443a998248..d7b34d3a86 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -1393,7 +1393,7 @@ func registerRoutes(m *web.Route) { m.Get("", actions.List) m.Post("/disable", reqRepoAdmin, actions.DisableWorkflowFile) m.Post("/enable", reqRepoAdmin, actions.EnableWorkflowFile) - m.Post("/manual", reqRepoAdmin, actions.ManualRunWorkflow) + m.Post("/manual", reqRepoActionsWriter, actions.ManualRunWorkflow) m.Group("/runs", func() { m.Get("/latest", actions.ViewLatest)