From 835c433ef1e816193d4c17fbb40077742f762061 Mon Sep 17 00:00:00 2001
From: Anton <anton@scinote.net>
Date: Fri, 25 Jul 2025 13:36:08 +0200
Subject: [PATCH] Add whitelist for appendable repositories [SCI-12030]

---
 app/models/repository.rb       | 2 +-
 config/initializers/extends.rb | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/app/models/repository.rb b/app/models/repository.rb
index 10c900a8b..d93e4960d 100644
--- a/app/models/repository.rb
+++ b/app/models/repository.rb
@@ -48,7 +48,7 @@ class Repository < RepositoryBase
   }
 
   scope :appendable_by_user, lambda { |user, teams = user.current_team|
-    readable_ids = with_granted_permissions(user, RepositoryPermissions::ROWS_CREATE).where(team: teams).pluck(:id)
+    readable_ids = with_granted_permissions(user, RepositoryPermissions::ROWS_CREATE).where(type: Extends::REPOSITORY_APPENDABLE_TYPES).where(team: teams).pluck(:id)
     shared_with_team_ids = joins(:team_shared_objects, :team).where(team_shared_objects: { team: teams, permission_level: :shared_write }).pluck(:id)
     globally_shared_ids =
       if column_names.include?('permission_level')
diff --git a/config/initializers/extends.rb b/config/initializers/extends.rb
index a1f5fd9c7..b4a2aef8b 100644
--- a/config/initializers/extends.rb
+++ b/config/initializers/extends.rb
@@ -55,6 +55,8 @@ class Extends
                             RepositoryStockValue: 12,
                             RepositoryStockConsumptionValue: 13 }
 
+  REPOSITORY_APPENDABLE_TYPES = %w(Repository)
+
   # Data types which can be imported to repository,
   # name should match record in REPOSITORY_DATA_TYPES
   REPOSITORY_IMPORTABLE_TYPES = %i(RepositoryTextValue RepositoryListValue RepositoryNumberValue