Insufficient privileges when changing settings on my own project

[ghost]

Component

server

Describe the bug

Using Gitea and the latest Woodpecker, I added some projects and am able to run CI jobs on them. However, whenever I change settings, like the timeout, it says I have insufficient privileges. I only have the one user.

System Info

{"source":"https://github.com/woodpecker-ci/woodpecker","version":"next-4891f104"}

Additional context

Thank you!

Validations

• [X] Read the Contributing Guidelines.
• [X] Read the docs.
• [X] Check that there isn't already an issue that reports the same bug to avoid creating a duplicate.
• [X] Check that this is a concrete bug. For Q&A join our Discord Chat Server.

[HerHde]

Confirming with same setup here, Woodpecker from master with Gitea.

Additional info: You don't even need to change the settings, just saving them (PATCH https://<woodpecker>/api/repos/<org>/<repo>) returns a 403 with the body Insufficient privileges.

[anbraten]

This bug was maybe introduced by #513

[6543]

@sometato can you tell us what username you use on gitea (login) & the config you use start woodpecker server

if you dont want to tell the username please replace it with "sometato" or so

[6543]

ok found the issue - if you are no woodpecker-admin and do change IsTrusted or Timeout ... it will fail due to permission

https://github.com/woodpecker-ci/woodpecker/blob/5e6b38e0e701e25b3a7cfd5dade3df0e16c7781d/server/api/repo.go#L111-L114

I'll create a "hotfix" but we need to address this with different anlages:

• disable with hint in UI if it need instance-admin permissions
• make these values configurable (not as now just hard coded)

[ghost]

Awesome! Thank you so much!

Is there a woodpecker-server image I can use to test this out with?

[anbraten]

Awesome! Thank you so much!

Is there a woodpecker-server image I can use to test this out with?

You can test the latest master with :next

[ghost]

You can test the latest master with :next

It works, thank you!