|
|
@ -11,6 +11,7 @@ import ( |
|
|
|
"code.gitea.io/gitea/models/organization" |
|
|
|
"code.gitea.io/gitea/models/organization" |
|
|
|
packages_model "code.gitea.io/gitea/models/packages" |
|
|
|
packages_model "code.gitea.io/gitea/models/packages" |
|
|
|
"code.gitea.io/gitea/models/perm" |
|
|
|
"code.gitea.io/gitea/models/perm" |
|
|
|
|
|
|
|
"code.gitea.io/gitea/models/unit" |
|
|
|
user_model "code.gitea.io/gitea/models/user" |
|
|
|
user_model "code.gitea.io/gitea/models/user" |
|
|
|
"code.gitea.io/gitea/modules/structs" |
|
|
|
"code.gitea.io/gitea/modules/structs" |
|
|
|
) |
|
|
|
) |
|
|
@ -52,14 +53,30 @@ func packageAssignment(ctx *Context, errCb func(int, string, interface{})) { |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if ctx.Package.Owner.IsOrganization() { |
|
|
|
if ctx.Package.Owner.IsOrganization() { |
|
|
|
|
|
|
|
org := organization.OrgFromUser(ctx.Package.Owner) |
|
|
|
|
|
|
|
|
|
|
|
// 1. Get user max authorize level for the org (may be none, if user is not member of the org)
|
|
|
|
// 1. Get user max authorize level for the org (may be none, if user is not member of the org)
|
|
|
|
if ctx.Doer != nil { |
|
|
|
if ctx.Doer != nil { |
|
|
|
var err error |
|
|
|
var err error |
|
|
|
ctx.Package.AccessMode, err = organization.OrgFromUser(ctx.Package.Owner).GetOrgUserMaxAuthorizeLevel(ctx.Doer.ID) |
|
|
|
ctx.Package.AccessMode, err = org.GetOrgUserMaxAuthorizeLevel(ctx.Doer.ID) |
|
|
|
if err != nil { |
|
|
|
if err != nil { |
|
|
|
errCb(http.StatusInternalServerError, "GetOrgUserMaxAuthorizeLevel", err) |
|
|
|
errCb(http.StatusInternalServerError, "GetOrgUserMaxAuthorizeLevel", err) |
|
|
|
return |
|
|
|
return |
|
|
|
} |
|
|
|
} |
|
|
|
|
|
|
|
// If access mode is less than write check every team for more permissions
|
|
|
|
|
|
|
|
if ctx.Package.AccessMode < perm.AccessModeWrite { |
|
|
|
|
|
|
|
teams, err := organization.GetUserOrgTeams(ctx, org.ID, ctx.Doer.ID) |
|
|
|
|
|
|
|
if err != nil { |
|
|
|
|
|
|
|
errCb(http.StatusInternalServerError, "GetUserOrgTeams", err) |
|
|
|
|
|
|
|
return |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
for _, t := range teams { |
|
|
|
|
|
|
|
perm := t.UnitAccessModeCtx(ctx, unit.TypePackages) |
|
|
|
|
|
|
|
if ctx.Package.AccessMode < perm { |
|
|
|
|
|
|
|
ctx.Package.AccessMode = perm |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
|
|
|
|
} |
|
|
|
} |
|
|
|
} |
|
|
|
// 2. If authorize level is none, check if org is visible to user
|
|
|
|
// 2. If authorize level is none, check if org is visible to user
|
|
|
|
if ctx.Package.AccessMode == perm.AccessModeNone && organization.HasOrgOrUserVisible(ctx, ctx.Package.Owner, ctx.Doer) { |
|
|
|
if ctx.Package.AccessMode == perm.AccessModeNone && organization.HasOrgOrUserVisible(ctx, ctx.Package.Owner, ctx.Doer) { |
|
|
|