# HG changeset patch
# User Mads Kiilerich <mads@kiilerich.com>
# Date 1583510327 -3600
# Node ID b10adac1ab7cd93f4a035bb5847ee6d1b7701c00
# Parent  5b1f430276623640752c1a0f932f8151f2fac7a1
auth: make it explicit that _check_permission only use the less strict pull checking for actual pull actions

diff -r 5b1f43027662 -r b10adac1ab7c kallithea/lib/base.py
--- a/kallithea/lib/base.py	Tue Mar 10 15:08:46 2020 +0100
+++ b/kallithea/lib/base.py	Fri Mar 06 16:58:47 2020 +0100
@@ -278,11 +278,8 @@
 
     def _check_permission(self, action, authuser, repo_name):
         """
-        Checks permissions using action (push/pull) user and repository
-        name
-
-        :param action: 'push' or 'pull' action
-        :param user: `User` instance
+        :param action: 'push' or 'pull'
+        :param user: `AuthUser` instance
         :param repo_name: repository name
         """
         if action == 'push':
@@ -291,7 +288,7 @@
                                                                   repo_name):
                 return False
 
-        else:
+        elif action == 'pull':
             #any other action need at least read permission
             if not HasPermissionAnyMiddleware('repository.read',
                                               'repository.write',
@@ -299,6 +296,9 @@
                                                                   repo_name):
                 return False
 
+        else:
+            assert False, action
+
         return True
 
     def _get_ip_addr(self, environ):