Fix bug that collaborators are able to modify settings of repository

author: Unknown <joe2010xtmf@163.com> 2014-07-04 01:25:06 -0400
committer: Unknown <joe2010xtmf@163.com> 2014-07-04 01:25:06 -0400
commit: 36292060d603452deaad03e5e686fae3f7c3f8a8 (patch)
tree: 6abb9c79c44c0014b9c6e80aea059de86e2091f6
parent: cdffdeddc90a69e88fab92487ff5ccf90eb47c08 (diff)
2 files changed, 3 insertions, 3 deletions
diff --git a/cmd/web.go b/cmd/web.go
index 90560295..2f552d86 100644
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -186,7 +186,7 @@ func runWeb(*cli.Context) {
 		m.Get("/template/**", dev.TemplatePreview)
 	}
 
-	reqOwner := middleware.RequireOwner()
+	reqTrueOwner := middleware.RequireTrueOwner()
 
 	m.Group("/org", func(r martini.Router) {
 		r.Get("/create", org.New)
@@ -218,7 +218,7 @@ func runWeb(*cli.Context) {
 			r.Get("/hooks/:id", repo.WebHooksEdit)
 			r.Post("/hooks/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost)
 		})
-	}, reqSignIn, middleware.RepoAssignment(true), reqOwner)
+	}, reqSignIn, middleware.RepoAssignment(true), reqTrueOwner)
 
 	m.Group("/:username/:reponame", func(r martini.Router) {
 		r.Get("/action/:action", repo.Action)
diff --git a/modules/middleware/repo.go b/modules/middleware/repo.go
index 1cfae0b7..8aa4a6a8 100644
--- a/modules/middleware/repo.go
+++ b/modules/middleware/repo.go
@@ -260,7 +260,7 @@ func RepoAssignment(redirect bool, args ...bool) martini.Handler {
 	}
 }
 
-func RequireOwner() martini.Handler {
+func RequireTrueOwner() martini.Handler {
 	return func(ctx *Context) {
 		if !ctx.Repo.IsTrueOwner {
 			if !ctx.IsSigned {
author	Unknown <joe2010xtmf@163.com>	2014-07-04 01:25:06 -0400
committer	Unknown <joe2010xtmf@163.com>	2014-07-04 01:25:06 -0400
commit	36292060d603452deaad03e5e686fae3f7c3f8a8 (patch)
tree	6abb9c79c44c0014b9c6e80aea059de86e2091f6
parent	cdffdeddc90a69e88fab92487ff5ccf90eb47c08 (diff)