tech-debt: Refactor permission checking across codebase #311

New Issue

Open

opened 2026-05-31 14:10:31 +00:00 by jmiller · 0 comments

jmiller commented 2026-05-31 14:10:31 +00:00

Owner

Copy Link

Copy Source

Summary

Permission checking is scattered and inconsistent with multiple TODO/FIXME markers.

Locations

• models/perm/access/repo_permission.go:50 - most calls should use HasAnyUnitAccessOrPublicAccess
• models/perm/access/repo_permission.go:430 - rename to IsOwnerVisibleToDoer
• models/perm/access/repo_permission.go:448 - should only check collaborator access mode
• models/repo/repo.go:638 - most CanEnableEditor calls should be CanContentChange
• routers/api/v1/api.go:734 - mustNotBeArchived vs mustEnableEditor inconsistency
• routers/web/web.go:1319,1394,1420 - pulls/issues endpoint permission mixing

Action Required

Consolidate permission checks into clear, well-named methods. Replace scattered checks with canonical implementations.

---

Created by Claude Opus 4.6

## Summary Permission checking is scattered and inconsistent with multiple TODO/FIXME markers. ## Locations - `models/perm/access/repo_permission.go:50` - most calls should use HasAnyUnitAccessOrPublicAccess - `models/perm/access/repo_permission.go:430` - rename to IsOwnerVisibleToDoer - `models/perm/access/repo_permission.go:448` - should only check collaborator access mode - `models/repo/repo.go:638` - most CanEnableEditor calls should be CanContentChange - `routers/api/v1/api.go:734` - mustNotBeArchived vs mustEnableEditor inconsistency - `routers/web/web.go:1319,1394,1420` - pulls/issues endpoint permission mixing ## Action Required Consolidate permission checks into clear, well-named methods. Replace scattered checks with canonical implementations. --- *Created by Claude Opus 4.6*

jmiller added the tech-debtupstream labels 2026-05-31 14:10:31 +00:00

jmiller referenced this issue from a commit 2026-05-31 15:50:47 +00:00

fix: resolve tech-debt batch 2 — dropdown validation, editor cleanup, rename

jmiller referenced this issue 2026-05-31 15:51:29 +00:00

fix: tech-debt batch 2 — dropdown validation, editor cleanup, rename #350

jmiller referenced this issue from a commit 2026-05-31 16:04:36 +00:00

fix: resolve tech-debt batch 3 — remove deprecated functions, use stdlib

jmiller referenced this issue 2026-05-31 16:05:02 +00:00

fix: tech-debt batch 3 — remove deprecated functions, use stdlib #357

Sign in to join this conversation.

Labels

Clear labels

breaking-change

Breaking API or behavior change

ci-cd

CI/CD pipeline changes

config

Configuration changes

dependencies

Dependency updates

deploy-failure

Deployment failed

docker

Docker/container changes

documentation

Documentation changes

good first issue

Good for newcomers

health-check

Repo health check result

help wanted

Extra attention needed

mokostandards

Related to MokoStandards framework

pending: testing

Feature implemented but not yet tested with documented proof

priority: critical

Must fix immediately

priority: high

Important, fix soon

priority: low

Nice to have

priority: medium

Normal priority

push-failure

Git push operation failed

security

Security vulnerability or hardening

size/l

200-500 lines changed

size/m

50-200 lines changed

size/s

10-50 lines changed

size/xl

500+ lines changed

size/xs

< 10 lines changed

standards-drift

Deviates from MokoStandards

standards-update

MokoStandards compliance update

status: blocked

Blocked by dependency or decision

status: in-progress

Actively being worked on

status: needs-review

Awaiting code review

status: on-hold

Paused intentionally

status: wontfix

Will not be addressed

sync-failure

Sync or mirror failed

tech-debt

Technical debt and TODO/FIXME items

type: bug

Something isn't working

type: bug

type: chore

Maintenance, dependencies, cleanup

type: enhancement

Improvement to existing feature

type: feature

New functionality

type: refactor

Code restructuring without behavior change

type: version

Version bump or release

upstream

upstream

Inherited from upstream Gitea

work-in-progress

Draft or incomplete work

bug

Something is not working

chore

Maintenance and housekeeping

documentation

Documentation improvements

enhancement

Improvement to existing functionality

feature

New feature or request

pending: dependency

Blocked by another issue or external dependency

pending: deployment

Tested and approved, awaiting deployment to production

pending: design

Needs UI/UX or architecture design before implementation

pending: documentation

Feature works, needs documentation/wiki update

pending: feedback

Awaiting feedback or decision from stakeholder

pending: review

Implementation complete, awaiting code review

pending: testing

Feature implemented but not yet tested

priority: critical

Must fix immediately

priority: high

Should fix soon

priority: low

Nice to have

priority: medium

Fix when convenient

refactor

Code restructuring without behavior change

roadmap

Planned feature or enhancement tracked on the roadmap

scope: client

Client-specific work

scope: dolibarr

Dolibarr modules and customizations

scope: infrastructure

Server, CI, backups, monitoring

scope: joomla

Joomla templates and extensions

scope: waas

MokoWaaS platform

security

Security vulnerability or hardening

status: blocked

Waiting on external dependency

status: duplicate

Duplicate of another issue

status: in-progress

Being worked on

status: needs-review

Ready for review

status: wontfix

Will not be addressed

No labels tech-debt upstream

Milestone

No items

No Milestone

Assignees

Clear assignees

jmiller (Jonathan Miller) moko-deploy (Moko Deploy Bot)

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: MokoConsulting/MokoGitea#311