All organization members should be assignable as reviewer (#14262)

For public repos, all organization members should be assignable as reviewer

Co-authored-by: zeripath <art27@cantab.net>
tokarchuk/v1.17
Jimmy Praet 4 years ago committed by GitHub
parent 5de76965a1
commit 3e652860bb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 20
      models/repo.go

@ -593,15 +593,19 @@ func (repo *Repository) getReviewers(e Engine, doerID, posterID int64) ([]*User,
} }
// This is a "public" repository: // This is a "public" repository:
// Any user that has write access or who is a watcher can be requested to review // Any user that has read access, is a watcher or organization member can be requested to review
if err := e. if err := e.
SQL("SELECT * FROM `user` WHERE id IN ( "+ SQL("SELECT * FROM `user` WHERE id IN ( "+
"SELECT user_id FROM `access` WHERE repo_id = ? AND mode >= ? AND user_id NOT IN ( ?, ?) "+ "SELECT user_id FROM `access` WHERE repo_id = ? AND mode >= ? "+
"UNION "+ "UNION "+
"SELECT user_id FROM `watch` WHERE repo_id = ? AND user_id NOT IN ( ?, ?) AND mode IN (?, ?) "+ "SELECT user_id FROM `watch` WHERE repo_id = ? AND mode IN (?, ?) "+
") ORDER BY name", "UNION "+
repo.ID, AccessModeRead, doerID, posterID, "SELECT uid AS user_id FROM `org_user` WHERE org_id = ? "+
repo.ID, doerID, posterID, RepoWatchModeNormal, RepoWatchModeAuto). ") AND id NOT IN (?, ?) ORDER BY name",
repo.ID, AccessModeRead,
repo.ID, RepoWatchModeNormal, RepoWatchModeAuto,
repo.OwnerID,
doerID, posterID).
Find(&users); err != nil { Find(&users); err != nil {
return nil, err return nil, err
} }
@ -611,8 +615,8 @@ func (repo *Repository) getReviewers(e Engine, doerID, posterID int64) ([]*User,
// GetReviewers get all users can be requested to review: // GetReviewers get all users can be requested to review:
// * for private repositories this returns all users that have read access or higher to the repository. // * for private repositories this returns all users that have read access or higher to the repository.
// * for public repositories this returns all users that have write access or higher to the repository, // * for public repositories this returns all users that have read access or higher to the repository,
// and all repo watchers. // all repo watchers and all organization members.
// TODO: may be we should have a busy choice for users to block review request to them. // TODO: may be we should have a busy choice for users to block review request to them.
func (repo *Repository) GetReviewers(doerID, posterID int64) ([]*User, error) { func (repo *Repository) GetReviewers(doerID, posterID int64) ([]*User, error) {
return repo.getReviewers(x, doerID, posterID) return repo.getReviewers(x, doerID, posterID)

Loading…
Cancel
Save