@@ -149,12 +149,19 @@ func CreateRepo(c *gin.Context) {
149149 r .SetVisibility (input .GetVisibility ())
150150 }
151151
152+ // fields restricted to platform admins
153+ if u .GetAdmin () {
154+ // trusted default is false
155+ if input .GetTrusted () != r .GetTrusted () {
156+ r .SetTrusted (input .GetTrusted ())
157+ }
158+ }
159+
152160 // set default events if no events are passed in
153161 if ! input .GetAllowPull () && ! input .GetAllowPush () &&
154162 ! input .GetAllowDeploy () && ! input .GetAllowTag () &&
155163 ! input .GetAllowComment () {
156- // default events to push and pull_request
157- r .SetAllowPull (true )
164+ // default event to push
158165 r .SetAllowPush (true )
159166 } else {
160167 r .SetAllowComment (input .GetAllowComment ())
@@ -789,6 +796,14 @@ func UpdateRepo(c *gin.Context) {
789796 )
790797 }
791798
799+ // fields restricted to platform admins
800+ if u .GetAdmin () {
801+ // trusted
802+ if input .GetTrusted () != r .GetTrusted () {
803+ r .SetTrusted (input .GetTrusted ())
804+ }
805+ }
806+
792807 // send API call to update the repo
793808 err = database .FromContext (c ).UpdateRepo (r )
794809 if err != nil {
@@ -1044,11 +1059,12 @@ func ChownRepo(c *gin.Context) {
10441059}
10451060
10461061// checkAllowlist is a helper function to ensure only repos in the
1047- // allowlist are allowed to enable repos. If the allowlist is
1048- // empty then any repo can be enabled.
1062+ // allowlist are allowed to enable repos.
1063+ //
1064+ // a single entry of '*' allows any repo to be enabled.
10491065func checkAllowlist (r * library.Repo , allowlist []string ) bool {
1050- // if the allowlist is not set or empty allow any repo to be enabled
1051- if len (allowlist ) == 0 {
1066+ // check if all repos are allowed to be enabled
1067+ if len (allowlist ) == 1 && allowlist [ 0 ] == "*" {
10521068 return true
10531069 }
10541070
0 commit comments