fix: Allow direct commits for unprotected files with push restrictions (#37657) (#37756)

Backport #37657 by @bircni

Fixes an issue where users could not commit changes on a file which is
unprotected.

Fixes #37655

Co-authored-by: Nicolas <bircni@icloud.com>
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Giteabot
2026-05-17 23:11:19 -07:00
committed by GitHub
parent 86cc3e8783
commit 58597cc30a
2 changed files with 46 additions and 0 deletions
+10
View File
@@ -173,6 +173,16 @@ func PrepareCommitFormOptions(ctx *Context, doer *user_model.User, targetRepo *r
protectedBranch.Repo = targetRepo
canPushWithProtection = protectedBranch.CanUserPush(ctx, doer)
protectionRequireSigned = protectedBranch.RequireSignedCommits
// If branch-wide push is restricted, allow direct commit when the
// URL-derived tree path matches an unprotected file pattern. The
// pre-receive hook re-checks every path the commit actually touches
// (e.g. rename source and destination).
if !canPushWithProtection && ctx.Repo.TreePath != "" && protectedBranch.UnprotectedFilePatterns != "" {
globs := protectedBranch.GetUnprotectedFilePatterns()
if protectedBranch.IsUnprotectedFile(globs, ctx.Repo.TreePath) {
canPushWithProtection = true
}
}
}
targetGitRepo, closer, err := gitrepo.RepositoryFromContextOrOpen(ctx, targetRepo)