From 97999318be96ce02be4e74a4ddde381b13475db4 Mon Sep 17 00:00:00 2001
From: Xavier Morel <xmo@odoo.com>
Date: Mon, 14 Oct 2019 10:07:41 +0200
Subject: [PATCH] [FIX] forwardport: don't use token field for tags update

Turns out tagging PRs requires a pretty significant level of ACLs
which we may not want to give to the forwardbot?

Anyway use the mergebot ACLs (which already include tagging) for this.
---
 forwardport/models/project.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/forwardport/models/project.py b/forwardport/models/project.py
index c39b2ed2..32ac1cbf 100644
--- a/forwardport/models/project.py
+++ b/forwardport/models/project.py
@@ -86,10 +86,9 @@ class Project(models.Model):
         to_remove = []
         for f in self.env['forwardport.tagging'].search([]):
             repo = f.repository
-            key = (repo, f.token_field)
-            gh = ghs.get(key)
+            gh = ghs.get(repo)
             if not gh:
-                gh = ghs[key] = repo.github(f.token_field)
+                gh = ghs[repo] = repo.github()
 
             try:
                 gh('POST', 'issues/{}/labels'.format(f.pull_request), json={
@@ -598,7 +597,6 @@ More info at https://github.com/odoo/odoo/wiki/Mergebot#forward-port
                 'repository': new_pr.repository.id,
                 'pull_request': new_pr.number,
                 'to_add': json.dumps(labels),
-                'token_field': 'fp_github_token',
             })
             # not great but we probably want to avoid the risk of the webhook
             # creating the PR from under us. There's still a "hole" between