diff --git a/src/main/scala/gitbucket/core/controller/IssuesController.scala b/src/main/scala/gitbucket/core/controller/IssuesController.scala
index 703dbef..a4b01f2 100644
--- a/src/main/scala/gitbucket/core/controller/IssuesController.scala
+++ b/src/main/scala/gitbucket/core/controller/IssuesController.scala
@@ -78,21 +78,22 @@
})
get("/:owner/:repository/issues/new")(readableUsersOnly { repository =>
- defining(repository.owner, repository.name){ case (owner, name) =>
- html.create(
- getAssignableUserNames(owner, name),
- getMilestones(owner, name),
- getLabels(owner, name),
- hasWritePermission(owner, name, context.loginAccount),
- repository)
- }
+ if(isEditable(repository)){ // TODO Should this check is provided by authenticator?
+ defining(repository.owner, repository.name){ case (owner, name) =>
+ html.create(
+ getAssignableUserNames(owner, name),
+ getMilestones(owner, name),
+ getLabels(owner, name),
+ hasWritePermission(owner, name, context.loginAccount),
+ repository)
+ }
+ } else Unauthorized()
})
post("/:owner/:repository/issues/new", issueCreateForm)(readableUsersOnly { (form, repository) =>
- defining(repository.owner, repository.name){ case (owner, name) =>
- val manageable = isManageable(repository)
- val editable = isEditable(repository)
- if(editable) {
+ if(isEditable(repository)){ // TODO Should this check is provided by authenticator?
+ defining(repository.owner, repository.name){ case (owner, name) =>
+ val manageable = isManageable(repository)
val userName = context.loginAccount.get.userName
// insert issue
@@ -129,8 +130,8 @@
}
redirect(s"/${owner}/${name}/issues/${issueId}")
- } else Unauthorized()
- }
+ }
+ } else Unauthorized()
})
ajaxPost("/:owner/:repository/issues/edit_title/:id", issueTitleEditForm)(readableUsersOnly { (title, repository) =>
diff --git a/src/main/scala/gitbucket/core/service/RepositoryService.scala b/src/main/scala/gitbucket/core/service/RepositoryService.scala
index 9fa8552..26fa159 100644
--- a/src/main/scala/gitbucket/core/service/RepositoryService.scala
+++ b/src/main/scala/gitbucket/core/service/RepositoryService.scala
@@ -38,7 +38,7 @@
parentUserName = parentUserName,
parentRepositoryName = parentRepositoryName,
options = RepositoryOptions(
- issuesOption = "PRIVATE", // TODO DISABLE for the forked repository?
+ issuesOption = "PUBLIC", // TODO DISABLE for the forked repository?
externalIssuesUrl = None,
wikiOption = "PUBLIC", // TODO DISABLE for the forked repository?
externalWikiUrl = None,
diff --git a/src/main/scala/gitbucket/core/util/Authenticator.scala b/src/main/scala/gitbucket/core/util/Authenticator.scala
index 57f3942..6d82508 100644
--- a/src/main/scala/gitbucket/core/util/Authenticator.scala
+++ b/src/main/scala/gitbucket/core/util/Authenticator.scala
@@ -90,6 +90,8 @@
/**
* Allows only collaborators and administrators.
+ *
+ * TODO This authenticator should be renamed.
*/
trait CollaboratorsAuthenticator { self: ControllerBase with RepositoryService with AccountService =>
protected def collaboratorsOnly(action: (RepositoryInfo) => Any) = { authenticate(action) }
diff --git a/src/main/twirl/gitbucket/core/issues/issue.scala.html b/src/main/twirl/gitbucket/core/issues/issue.scala.html
index 4691b83..4b494ad 100644
--- a/src/main/twirl/gitbucket/core/issues/issue.scala.html
+++ b/src/main/twirl/gitbucket/core/issues/issue.scala.html
@@ -15,7 +15,9 @@
@if(isManageable || context.loginAccount.map(_.userName == issue.openedUserName).getOrElse(false)){
Edit
}
- New issue
+ @if(isEditable){
+ New issue
+ }
}
}
-