# HG changeset patch
# User Mads Kiilerich <mads@kiilerich.com>
# Date 2023-05-07 16:19:38
# Node ID e27ff6a900767f4ef9edbc21c22388b4c9d2b06d
# Parent  511b20a6475dfbaa711931ec85487530f640e31b

auth: always consider the repo group owner an admin when computing it's permissions

When computing repo group permissions in repository_group_permissions(), always
give admin permissions to the group owner.

That is similar to how repository_permissions() gives admin permissions to the
repo owner.

The extra computation shouldn't cause any extra database hits or make the
computation more complex or expensive, so that should be fine for stable.

Note: This will leave behind some (automaticly added) explicit permissions. I
consider this a very minor glitch, not worth addressing.

diff --git a/kallithea/lib/auth.py b/kallithea/lib/auth.py
--- a/kallithea/lib/auth.py
+++ b/kallithea/lib/auth.py
@@ -262,7 +262,10 @@ class AuthUser(object):
             # on given group
             for perm in default_repo_groups_perms:
                 rg_k = perm.group.group_name
-                p = perm.permission.permission_name
+                if perm.group.owner_id == self.user_id:
+                    p = 'group.admin'
+                else:
+                    p = perm.permission.permission_name
                 repository_group_permissions[rg_k] = p
 
             # user group for repo groups permissions