org/members: display 2FA members states + optimize sql requests (#7621)
* org/members: display 2FA state * fix comment typo * lay down UserList bases * add basic test for previous methods * add comment for UserList type * add valid two-fa account * test new UserList methods * optimize MembersIsPublic by side loading info on GetMembers + fix integrations tests * respect fmt rules * use map for data * Optimize GetTwoFaStatus * rewrite by using existing sub func * Optimize IsUserOrgOwner * remove un-used code * tests: cover empty org + fix import order * tests: add ErrTeamNotExist path * tests: fix wrong expected resulttokarchuk/v1.17
parent
3566d2c860
commit
76408d50fb
@ -0,0 +1,9 @@ |
|||||||
|
- |
||||||
|
id: 1 |
||||||
|
uid: 24 |
||||||
|
secret: KlDporn6Ile4vFcKI8z7Z6sqK1Scj2Qp0ovtUzCZO6jVbRW2lAoT7UDxDPtrab8d2B9zKOocBRdBJnS8orsrUNrsyETY+jJHb79M82uZRioKbRUz15sfOpmJmEzkFeSg6S4LicUBQos= |
||||||
|
scratch_salt: Qb5bq2DyR2 |
||||||
|
scratch_hash: 068eb9b8746e0bcfe332fac4457693df1bda55800eb0f6894d14ebb736ae6a24e0fc8fc5333c19f57f81599788f0b8e51ec1 |
||||||
|
last_used_passcode: |
||||||
|
created_unix: 1564253724 |
||||||
|
updated_unix: 1564253724 |
@ -0,0 +1,95 @@ |
|||||||
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package models |
||||||
|
|
||||||
|
import ( |
||||||
|
"fmt" |
||||||
|
|
||||||
|
"code.gitea.io/gitea/modules/log" |
||||||
|
) |
||||||
|
|
||||||
|
//UserList is a list of user.
|
||||||
|
// This type provide valuable methods to retrieve information for a group of users efficiently.
|
||||||
|
type UserList []*User |
||||||
|
|
||||||
|
func (users UserList) getUserIDs() []int64 { |
||||||
|
userIDs := make([]int64, len(users)) |
||||||
|
for _, user := range users { |
||||||
|
userIDs = append(userIDs, user.ID) //Considering that user id are unique in the list
|
||||||
|
} |
||||||
|
return userIDs |
||||||
|
} |
||||||
|
|
||||||
|
// IsUserOrgOwner returns true if user is in the owner team of given organization.
|
||||||
|
func (users UserList) IsUserOrgOwner(orgID int64) map[int64]bool { |
||||||
|
results := make(map[int64]bool, len(users)) |
||||||
|
for _, user := range users { |
||||||
|
results[user.ID] = false //Set default to false
|
||||||
|
} |
||||||
|
ownerMaps, err := users.loadOrganizationOwners(x, orgID) |
||||||
|
if err == nil { |
||||||
|
for _, owner := range ownerMaps { |
||||||
|
results[owner.UID] = true |
||||||
|
} |
||||||
|
} |
||||||
|
return results |
||||||
|
} |
||||||
|
|
||||||
|
func (users UserList) loadOrganizationOwners(e Engine, orgID int64) (map[int64]*TeamUser, error) { |
||||||
|
if len(users) == 0 { |
||||||
|
return nil, nil |
||||||
|
} |
||||||
|
ownerTeam, err := getOwnerTeam(e, orgID) |
||||||
|
if err != nil { |
||||||
|
if err == ErrTeamNotExist { |
||||||
|
log.Error("Organization does not have owner team: %d", orgID) |
||||||
|
return nil, nil |
||||||
|
} |
||||||
|
return nil, err |
||||||
|
} |
||||||
|
|
||||||
|
userIDs := users.getUserIDs() |
||||||
|
ownerMaps := make(map[int64]*TeamUser) |
||||||
|
err = e.In("uid", userIDs). |
||||||
|
And("org_id=?", orgID). |
||||||
|
And("team_id=?", ownerTeam.ID). |
||||||
|
Find(&ownerMaps) |
||||||
|
if err != nil { |
||||||
|
return nil, fmt.Errorf("find team users: %v", err) |
||||||
|
} |
||||||
|
return ownerMaps, nil |
||||||
|
} |
||||||
|
|
||||||
|
// GetTwoFaStatus return state of 2FA enrollement
|
||||||
|
func (users UserList) GetTwoFaStatus() map[int64]bool { |
||||||
|
results := make(map[int64]bool, len(users)) |
||||||
|
for _, user := range users { |
||||||
|
results[user.ID] = false //Set default to false
|
||||||
|
} |
||||||
|
tokenMaps, err := users.loadTwoFactorStatus(x) |
||||||
|
if err == nil { |
||||||
|
for _, token := range tokenMaps { |
||||||
|
results[token.UID] = true |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
return results |
||||||
|
} |
||||||
|
|
||||||
|
func (users UserList) loadTwoFactorStatus(e Engine) (map[int64]*TwoFactor, error) { |
||||||
|
if len(users) == 0 { |
||||||
|
return nil, nil |
||||||
|
} |
||||||
|
|
||||||
|
userIDs := users.getUserIDs() |
||||||
|
tokenMaps := make(map[int64]*TwoFactor, len(userIDs)) |
||||||
|
err := e. |
||||||
|
In("uid", userIDs). |
||||||
|
Find(&tokenMaps) |
||||||
|
if err != nil { |
||||||
|
return nil, fmt.Errorf("find two factor: %v", err) |
||||||
|
} |
||||||
|
return tokenMaps, nil |
||||||
|
} |
@ -0,0 +1,90 @@ |
|||||||
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package models |
||||||
|
|
||||||
|
import ( |
||||||
|
"fmt" |
||||||
|
"testing" |
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert" |
||||||
|
) |
||||||
|
|
||||||
|
func TestUserListIsPublicMember(t *testing.T) { |
||||||
|
assert.NoError(t, PrepareTestDatabase()) |
||||||
|
tt := []struct { |
||||||
|
orgid int64 |
||||||
|
expected map[int64]bool |
||||||
|
}{ |
||||||
|
{3, map[int64]bool{2: true, 4: false}}, |
||||||
|
{6, map[int64]bool{5: true}}, |
||||||
|
{7, map[int64]bool{5: false}}, |
||||||
|
{25, map[int64]bool{24: true}}, |
||||||
|
{22, map[int64]bool{}}, |
||||||
|
} |
||||||
|
for _, v := range tt { |
||||||
|
t.Run(fmt.Sprintf("IsPublicMemberOfOrdIg%d", v.orgid), func(t *testing.T) { |
||||||
|
testUserListIsPublicMember(t, v.orgid, v.expected) |
||||||
|
}) |
||||||
|
} |
||||||
|
} |
||||||
|
func testUserListIsPublicMember(t *testing.T, orgID int64, expected map[int64]bool) { |
||||||
|
org, err := GetUserByID(orgID) |
||||||
|
assert.NoError(t, err) |
||||||
|
assert.NoError(t, org.GetMembers()) |
||||||
|
assert.Equal(t, expected, org.MembersIsPublic) |
||||||
|
|
||||||
|
} |
||||||
|
|
||||||
|
func TestUserListIsUserOrgOwner(t *testing.T) { |
||||||
|
assert.NoError(t, PrepareTestDatabase()) |
||||||
|
tt := []struct { |
||||||
|
orgid int64 |
||||||
|
expected map[int64]bool |
||||||
|
}{ |
||||||
|
{3, map[int64]bool{2: true, 4: false}}, |
||||||
|
{6, map[int64]bool{5: true}}, |
||||||
|
{7, map[int64]bool{5: true}}, |
||||||
|
{25, map[int64]bool{24: false}}, // ErrTeamNotExist
|
||||||
|
{22, map[int64]bool{}}, // No member
|
||||||
|
} |
||||||
|
for _, v := range tt { |
||||||
|
t.Run(fmt.Sprintf("IsUserOrgOwnerOfOrdIg%d", v.orgid), func(t *testing.T) { |
||||||
|
testUserListIsUserOrgOwner(t, v.orgid, v.expected) |
||||||
|
}) |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
func testUserListIsUserOrgOwner(t *testing.T, orgID int64, expected map[int64]bool) { |
||||||
|
org, err := GetUserByID(orgID) |
||||||
|
assert.NoError(t, err) |
||||||
|
assert.NoError(t, org.GetMembers()) |
||||||
|
assert.Equal(t, expected, org.Members.IsUserOrgOwner(orgID)) |
||||||
|
} |
||||||
|
|
||||||
|
func TestUserListIsTwoFaEnrolled(t *testing.T) { |
||||||
|
assert.NoError(t, PrepareTestDatabase()) |
||||||
|
tt := []struct { |
||||||
|
orgid int64 |
||||||
|
expected map[int64]bool |
||||||
|
}{ |
||||||
|
{3, map[int64]bool{2: false, 4: false}}, |
||||||
|
{6, map[int64]bool{5: false}}, |
||||||
|
{7, map[int64]bool{5: false}}, |
||||||
|
{25, map[int64]bool{24: true}}, |
||||||
|
{22, map[int64]bool{}}, |
||||||
|
} |
||||||
|
for _, v := range tt { |
||||||
|
t.Run(fmt.Sprintf("IsTwoFaEnrolledOfOrdIg%d", v.orgid), func(t *testing.T) { |
||||||
|
testUserListIsTwoFaEnrolled(t, v.orgid, v.expected) |
||||||
|
}) |
||||||
|
} |
||||||
|
} |
||||||
|
|
||||||
|
func testUserListIsTwoFaEnrolled(t *testing.T, orgID int64, expected map[int64]bool) { |
||||||
|
org, err := GetUserByID(orgID) |
||||||
|
assert.NoError(t, err) |
||||||
|
assert.NoError(t, org.GetMembers()) |
||||||
|
assert.Equal(t, expected, org.Members.GetTwoFaStatus()) |
||||||
|
} |
Loading…
Reference in new issue