--- 9.0.3	2024-12-12 08:06:13.000000000 +0100
+++ aneksajo	2024-12-16 08:23:15.000000000 +0100
@@ -81,12 +81,14 @@
 	ownerName := ctx.Params(":owner")
 	repoName := ctx.Params(":repo")
 	mode := perm.AccessMode(ctx.FormInt("mode"))
+	verbs := ctx.FormStrings("verb")
 
 	// Set the basic parts of the results to return
 	results := private.ServCommandResults{
 		RepoName:  repoName,
 		OwnerName: ownerName,
 		KeyID:     keyID,
+		UserMode:  perm.AccessModeNone,
 	}
 
 	// Now because we're not translating things properly let's just default some English strings here
@@ -287,8 +289,10 @@
 			repo.IsPrivate ||
 			owner.Visibility.IsPrivate() ||
 			(user != nil && user.IsRestricted) || // user will be nil if the key is a deploykey
+			(setting.Annex.Enabled && len(verbs) > 0 && verbs[0] == "git-annex-shell") || // git-annex has its own permission enforcement, for which we expose results.UserMode
 			setting.Service.RequireSignInView) {
 		if key.Type == asymkey_model.KeyTypeDeploy {
+			results.UserMode = deployKey.Mode
 			if deployKey.Mode < mode {
 				ctx.JSON(http.StatusUnauthorized, private.Response{
 					UserMsg: fmt.Sprintf("Deploy Key: %d:%s is not authorized to %s %s/%s.", key.ID, key.Name, modeString, results.OwnerName, results.RepoName),
@@ -310,9 +314,9 @@
 				return
 			}
 
-			userMode := perm.UnitAccessMode(unitType)
+			results.UserMode = perm.UnitAccessMode(unitType)
 
-			if userMode < mode {
+			if results.UserMode < mode {
 				log.Warn("Failed authentication attempt for %s with key %s (not authorized to %s %s/%s) from %s", user.Name, key.Name, modeString, ownerName, repoName, ctx.RemoteAddr())
 				ctx.JSON(http.StatusUnauthorized, private.Response{
 					UserMsg: fmt.Sprintf("User: %d:%s with Key: %d:%s is not authorized to %s %s/%s.", user.ID, user.Name, key.ID, key.Name, modeString, ownerName, repoName),
@@ -353,6 +357,7 @@
 			})
 			return
 		}
+		results.UserMode = perm.AccessModeWrite
 		results.RepoID = repo.ID
 	}
 
@@ -381,13 +386,14 @@
 			return
 		}
 	}
-	log.Debug("Serv Results:\nIsWiki: %t\nDeployKeyID: %d\nKeyID: %d\tKeyName: %s\nUserName: %s\nUserID: %d\nOwnerName: %s\nRepoName: %s\nRepoID: %d",
+	log.Debug("Serv Results:\nIsWiki: %t\nDeployKeyID: %d\nKeyID: %d\tKeyName: %s\nUserName: %s\nUserID: %d\nUserMode: %d\nOwnerName: %s\nRepoName: %s\nRepoID: %d",
 		results.IsWiki,
 		results.DeployKeyID,
 		results.KeyID,
 		results.KeyName,
 		results.UserName,
 		results.UserID,
+		results.UserMode,
 		results.OwnerName,
 		results.RepoName,
 		results.RepoID)