giving myself drone admin allowed me to access these but this sounds like something that should be accessible by git repository admins. am i misunderstanding something?
The ability to create / update / delete templates and organization secrets should only be available to organization admins.
However, the Gitea API does not return enough information to determine whether or not an individual has admin access to the organization [1]. Therefore, as a fallback to this missing information, Drone restricts the ability to create / update / delete templates and organization secrets to Drone admins.
The GitHub API does expose an individual user’s role in the organization, therefore, Drone is able to use the GitHub API to determine user access to templates and org secrets instead of restricting to Drone admins. If the Gitea API can be improved to more closely mirror the GitHub API [2] and to return the user role in the payload, we would be able to support using this information to govern access.
[1] https://try.gitea.io/api/swagger#/organization/orgIsMember
[2] https://docs.github.com/en/rest/orgs/members#get-organization-membership-for-a-user