From 1bf51f3aa5c73c7e0c869d6bc678eb8a2aa3aaf7 Mon Sep 17 00:00:00 2001
From: Jonathan Miller <jmiller-moko@noreply.git.mokoconsulting.tech>
Date: Sun, 31 May 2026 09:47:51 -0500
Subject: [PATCH] fix(licenses): remove repo unit requirement from licenses
 routes

The licenses feature is gated by org-level LicensingEnabled config,
not by per-repo unit enablement. Requiring TypeLicenses unit on repos
caused 404s since it wasn't in DefaultRepoUnits.

Write permissions are still enforced in handlers via
CanWrite(TypeLicenses). Org routes retain reqUnitAccess for
team-level permission control.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 routers/web/web.go | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/routers/web/web.go b/routers/web/web.go
index 6c2ce3907c..64675d081a 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -1522,20 +1522,20 @@ func registerWebRoutes(m *web.Router, webAuth *AuthMiddleware) {
 	// end "/{username}/{reponame}": update server
 
 	// "/{username}/{reponame}": licenses page
+	// Note: page visibility is controlled by LicensingEnabled (org config).
+	// Write permissions are checked in handlers via CanWrite(TypeLicenses).
 	m.Group("/{username}/{reponame}/licenses", func() {
 		m.Get("", repo.Licenses)
-		m.Group("", func() {
-			m.Post("/packages", repo.LicensesCreatePackage)
-			m.Get("/packages/{id}/edit", repo.LicensesEditPackage)
-			m.Post("/packages/{id}/edit", repo.LicensesEditPackagePost)
-			m.Post("/packages/{id}/delete", repo.LicensesDeletePackage)
-			m.Post("/keys/generate", repo.LicensesGenerateKey)
-			m.Get("/keys/{id}/edit", repo.LicensesEditKey)
-			m.Post("/keys/{id}/edit", repo.LicensesEditKeyPost)
-			m.Post("/keys/{id}/revoke", repo.LicensesRevokeKey)
-			m.Post("/keys/{id}/renew", repo.LicensesRenewKey)
-		}, context.RequireUnitWriter(unit.TypeLicenses))
-	}, optSignIn, context.RepoAssignment, context.RequireUnitReader(unit.TypeLicenses))
+		m.Post("/packages", repo.LicensesCreatePackage)
+		m.Get("/packages/{id}/edit", repo.LicensesEditPackage)
+		m.Post("/packages/{id}/edit", repo.LicensesEditPackagePost)
+		m.Post("/packages/{id}/delete", repo.LicensesDeletePackage)
+		m.Post("/keys/generate", repo.LicensesGenerateKey)
+		m.Get("/keys/{id}/edit", repo.LicensesEditKey)
+		m.Post("/keys/{id}/edit", repo.LicensesEditKeyPost)
+		m.Post("/keys/{id}/revoke", repo.LicensesRevokeKey)
+		m.Post("/keys/{id}/renew", repo.LicensesRenewKey)
+	}, optSignIn, context.RepoAssignment)
 	// end "/{username}/{reponame}": licenses
 
 	m.Group("/{username}/{reponame}", func() { // to maintain compatibility with old attachments