diff --git a/models/repo_permission.go b/models/repo_permission.go index 7768bb6257..138613b2e9 100644 --- a/models/repo_permission.go +++ b/models/repo_permission.go @@ -271,6 +271,27 @@ func getUserRepoPermission(e Engine, repo *Repository, user *User) (perm Permiss return } +// IsUserRealRepoAdmin check if this user is real repo admin +func IsUserRealRepoAdmin(repo *Repository, user *User) (bool, error) { + if repo.OwnerID == user.ID { + return true, nil + } + + sess := x.NewSession() + defer sess.Close() + + if err := repo.getOwner(sess); err != nil { + return false, err + } + + accessMode, err := accessLevel(sess, user, repo) + if err != nil { + return false, err + } + + return accessMode >= AccessModeAdmin, nil +} + // IsUserRepoAdmin return true if user has admin right of a repo func IsUserRepoAdmin(repo *Repository, user *User) (bool, error) { return isUserRepoAdmin(x, repo, user) diff --git a/routers/repo/issue.go b/routers/repo/issue.go index cbedde5760..3792a44a8d 100644 --- a/routers/repo/issue.go +++ b/routers/repo/issue.go @@ -979,8 +979,27 @@ func commentTag(repo *models.Repository, poster *models.User, issue *models.Issu return models.CommentTagNone, err } if perm.IsOwner() { - return models.CommentTagOwner, nil - } else if perm.CanWrite(models.UnitTypeCode) { + if !poster.IsAdmin { + return models.CommentTagOwner, nil + } + + ok, err := models.IsUserRealRepoAdmin(repo, poster) + if err != nil { + return models.CommentTagNone, err + } + + if ok { + return models.CommentTagOwner, nil + } + + if ok, err = repo.IsCollaborator(poster.ID); ok && err == nil { + return models.CommentTagWriter, nil + } + + return models.CommentTagNone, err + } + + if perm.CanWrite(models.UnitTypeCode) { return models.CommentTagWriter, nil } diff --git a/templates/repo/issue/view_content/comments.tmpl b/templates/repo/issue/view_content/comments.tmpl index e3fc076b74..2e4a6681cd 100644 --- a/templates/repo/issue/view_content/comments.tmpl +++ b/templates/repo/issue/view_content/comments.tmpl @@ -29,7 +29,7 @@