Merge branch 'access' of github.com:gogits/gogs into access

tokarchuk/v1.17
Unknwon 10 years ago
commit c7a042ef36
  1. 24
      models/access.go
  2. 6
      models/issue.go
  3. 109
      models/migrations/migrations.go
  4. 7
      models/models.go
  5. 99
      models/repo.go
  6. 21
      routers/api/v1/repo.go
  7. 10
      routers/repo/issue.go
  8. 51
      routers/repo/setting.go
  9. 14
      routers/user/home.go

@ -78,3 +78,27 @@ func HasAccess(uname, repoName string, mode AccessType) (bool, error) {
} }
return true, nil return true, nil
} }
// GetAccessibleRepositories finds all repositories where a user has access to,
// besides his own.
func (u *User) GetAccessibleRepositories() (map[*Repository]AccessType, error) {
accesses := make([]*Access, 0, 10)
if err := x.Find(&accesses, &Access{UserName: u.LowerName}); err != nil {
return nil, err
}
repos := make(map[*Repository]AccessType, len(accesses))
for _, access := range accesses {
repo, err := GetRepositoryByRef(access.RepoName)
if err != nil {
return nil, err
}
err = repo.GetOwner()
if err != nil {
return nil, err
}
repos[repo] = access.Mode
}
return repos, nil
}

@ -282,10 +282,10 @@ type IssueUser struct {
} }
// NewIssueUserPairs adds new issue-user pairs for new issue of repository. // NewIssueUserPairs adds new issue-user pairs for new issue of repository.
func NewIssueUserPairs(rid, iid, oid, pid, aid int64, repoName string) (err error) { func NewIssueUserPairs(repo *Repository, iid, oid, pid, aid int64) (err error) {
iu := &IssueUser{IssueId: iid, RepoId: rid} iu := &IssueUser{IssueId: iid, RepoId: repo.Id}
us, err := GetCollaborators(repoName) us, err := repo.GetCollaborators()
if err != nil { if err != nil {
return err return err
} }

@ -2,6 +2,9 @@ package migrations
import ( import (
"errors" "errors"
"strconv"
"strings"
"time"
"github.com/go-xorm/xorm" "github.com/go-xorm/xorm"
) )
@ -16,7 +19,9 @@ type Version struct {
// This is a sequence of migrations. Add new migrations to the bottom of the list. // This is a sequence of migrations. Add new migrations to the bottom of the list.
// If you want to "retire" a migration, replace it with "expiredMigration" // If you want to "retire" a migration, replace it with "expiredMigration"
var migrations = []migration{} var migrations = []migration{
accessToCollaboration,
}
// Migrate database to current version // Migrate database to current version
func Migrate(x *xorm.Engine) error { func Migrate(x *xorm.Engine) error {
@ -29,6 +34,21 @@ func Migrate(x *xorm.Engine) error {
if err != nil { if err != nil {
return err return err
} else if !has { } else if !has {
needsMigration, err := x.IsTableExist("user")
if err != nil {
return err
}
if needsMigration {
isEmpty, err := x.IsTableEmpty("user")
if err != nil {
return err
}
needsMigration = !isEmpty
}
if !needsMigration {
currentVersion.Version = int64(len(migrations))
}
if _, err = x.InsertOne(currentVersion); err != nil { if _, err = x.InsertOne(currentVersion); err != nil {
return err return err
} }
@ -51,3 +71,90 @@ func Migrate(x *xorm.Engine) error {
func expiredMigration(x *xorm.Engine) error { func expiredMigration(x *xorm.Engine) error {
return errors.New("You are migrating from a too old gogs version") return errors.New("You are migrating from a too old gogs version")
} }
func mustParseInt64(in []byte) int64 {
i, err := strconv.ParseInt(string(in), 10, 64)
if err != nil {
i = 0
}
return i
}
func accessToCollaboration(x *xorm.Engine) error {
type Collaboration struct {
ID int64 `xorm:"pk autoincr"`
RepoID int64 `xorm:"UNIQUE(s) INDEX NOT NULL"`
UserID int64 `xorm:"UNIQUE(s) INDEX NOT NULL"`
Created time.Time `xorm:"CREATED"`
}
x.Sync(new(Collaboration))
sql := `SELECT u.id AS uid, a.repo_name AS repo, a.mode AS mode, a.created as created FROM access a JOIN user u ON a.user_name=u.lower_name`
results, err := x.Query(sql)
if err != nil {
return err
}
for _, result := range results {
userID := mustParseInt64(result["uid"])
repoRefName := string(result["repo"])
mode := mustParseInt64(result["mode"])
created := result["created"]
//Collaborators must have write access
if mode < 2 {
continue
}
// find owner of repository
parts := strings.SplitN(repoRefName, "/", 2)
ownerName := parts[0]
repoName := parts[1]
sql = `SELECT u.id as uid, ou.uid as memberid FROM user u LEFT JOIN org_user ou ON ou.org_id=u.id WHERE u.lower_name=?`
results, err := x.Query(sql, ownerName)
if err != nil {
return err
}
if len(results) < 1 {
continue
}
ownerID := mustParseInt64(results[0]["uid"])
if ownerID == userID {
continue
}
// test if user is member of owning organization
isMember := false
for _, member := range results {
memberID := mustParseInt64(member["memberid"])
// We can skip all cases that a user is member of the owning organization
if memberID == userID {
isMember = true
}
}
if isMember {
continue
}
sql = `SELECT id FROM repository WHERE owner_id=? AND lower_name=?`
results, err = x.Query(sql, ownerID, repoName)
if err != nil {
return err
}
if len(results) < 1 {
continue
}
repoID := results[0]["id"]
sql = `INSERT INTO collaboration (user_id, repo_id, created) VALUES (?,?,?)`
_, err = x.Exec(sql, userID, repoID, created)
if err != nil {
return err
}
}
return nil
}

@ -12,6 +12,7 @@ import (
"strings" "strings"
_ "github.com/go-sql-driver/mysql" _ "github.com/go-sql-driver/mysql"
"github.com/go-xorm/core"
"github.com/go-xorm/xorm" "github.com/go-xorm/xorm"
_ "github.com/lib/pq" _ "github.com/lib/pq"
@ -46,7 +47,7 @@ func init() {
new(Issue), new(Comment), new(Attachment), new(IssueUser), new(Label), new(Milestone), new(Issue), new(Comment), new(Attachment), new(IssueUser), new(Label), new(Milestone),
new(Mirror), new(Release), new(LoginSource), new(Webhook), new(Mirror), new(Release), new(LoginSource), new(Webhook),
new(UpdateTask), new(HookTask), new(Team), new(OrgUser), new(TeamUser), new(UpdateTask), new(HookTask), new(Team), new(OrgUser), new(TeamUser),
new(Notice), new(EmailAddress)) new(Notice), new(EmailAddress), new(Collaboration))
} }
func LoadModelsConfig() { func LoadModelsConfig() {
@ -100,6 +101,7 @@ func NewTestEngine(x *xorm.Engine) (err error) {
return fmt.Errorf("connect to database: %v", err) return fmt.Errorf("connect to database: %v", err)
} }
x.SetMapper(core.GonicMapper{})
return x.Sync(tables...) return x.Sync(tables...)
} }
@ -109,6 +111,8 @@ func SetEngine() (err error) {
return fmt.Errorf("connect to database: %v", err) return fmt.Errorf("connect to database: %v", err)
} }
x.SetMapper(core.GonicMapper{})
// WARNING: for serv command, MUST remove the output to os.stdout, // WARNING: for serv command, MUST remove the output to os.stdout,
// so use log file to instead print to stdout. // so use log file to instead print to stdout.
logPath := path.Join(setting.LogRootPath, "xorm.log") logPath := path.Join(setting.LogRootPath, "xorm.log")
@ -140,6 +144,7 @@ func NewEngine() (err error) {
if err = x.StoreEngine("InnoDB").Sync2(tables...); err != nil { if err = x.StoreEngine("InnoDB").Sync2(tables...); err != nil {
return fmt.Errorf("sync database struct error: %v\n", err) return fmt.Errorf("sync database struct error: %v\n", err)
} }
return nil return nil
} }

@ -1060,71 +1060,74 @@ func GetRepositoryCount(user *User) (int64, error) {
return x.Count(&Repository{OwnerId: user.Id}) return x.Count(&Repository{OwnerId: user.Id})
} }
// GetCollaboratorNames returns a list of user name of repository's collaborators. // GetCollaborators returns the collaborators for a repository
func GetCollaboratorNames(repoName string) ([]string, error) { func (r *Repository) GetCollaborators() ([]*User, error) {
accesses := make([]*Access, 0, 10) collaborations := make([]*Collaboration, 0)
if err := x.Find(&accesses, &Access{RepoName: strings.ToLower(repoName)}); err != nil { if err := x.Find(&collaborations, &Collaboration{RepoID: r.Id}); err != nil {
return nil, err return nil, err
} }
names := make([]string, len(accesses)) users := make([]*User, len(collaborations))
for i := range accesses { for i, c := range collaborations {
names[i] = accesses[i].UserName user, err := GetUserById(c.UserID)
if err != nil {
return nil, err
} }
return names, nil users[i] = user
} }
return users, nil
// CollaborativeRepository represents a repository with collaborative information.
type CollaborativeRepository struct {
*Repository
CanPush bool
} }
// GetCollaborativeRepos returns a list of repositories that user is collaborator. // Add collaborator and accompanying access
func GetCollaborativeRepos(uname string) ([]*CollaborativeRepository, error) { func (r *Repository) AddCollaborator(u *User) error {
uname = strings.ToLower(uname) collaboration := &Collaboration{RepoID: r.Id, UserID: u.Id}
accesses := make([]*Access, 0, 10)
if err := x.Find(&accesses, &Access{UserName: uname}); err != nil {
return nil, err
}
repos := make([]*CollaborativeRepository, 0, 10) has, err := x.Get(collaboration)
for _, access := range accesses { if err != nil {
infos := strings.Split(access.RepoName, "/") return err
if infos[0] == uname { }
continue if has {
return nil
} }
u, err := GetUserByName(infos[0]) if _, err = x.InsertOne(collaboration); err != nil {
if err != nil { return err
return nil, err
} }
repo, err := GetRepositoryByName(u.Id, infos[1]) if err = r.GetOwner(); err != nil {
if err != nil { return err
return nil, err
} }
repo.Owner = u
repos = append(repos, &CollaborativeRepository{repo, access.Mode == WRITABLE}) return AddAccess(&Access{UserName: u.LowerName, RepoName: path.Join(r.Owner.LowerName, r.LowerName), Mode: WRITABLE})
} }
return repos, nil
// Delete collaborator and accompanying access
func (r *Repository) DeleteCollaborator(u *User) error {
collaboration := &Collaboration{RepoID: r.Id, UserID: u.Id}
if has, err := x.Delete(collaboration); err != nil || has == 0 {
return err
} }
// GetCollaborators returns a list of users of repository's collaborators. if err := r.GetOwner(); err != nil {
func GetCollaborators(repoName string) (us []*User, err error) { return err
accesses := make([]*Access, 0, 10)
if err = x.Find(&accesses, &Access{RepoName: strings.ToLower(repoName)}); err != nil {
return nil, err
} }
us = make([]*User, len(accesses)) needDelete := true
for i := range accesses { if r.Owner.IsOrganization() {
us[i], err = GetUserByName(accesses[i].UserName) auth, err := GetHighestAuthorize(r.Owner.Id, u.Id, r.Id, 0)
if err != nil { if err != nil {
return nil, err return err
}
if auth > 0 {
needDelete = false
} }
} }
return us, nil if needDelete {
return DeleteAccess(&Access{UserName: u.LowerName, RepoName: path.Join(r.Owner.LowerName, r.LowerName), Mode: WRITABLE})
}
return nil
} }
type SearchOption struct { type SearchOption struct {
@ -1554,3 +1557,11 @@ func ForkRepository(u *User, oldRepo *Repository, name, desc string) (*Repositor
return repo, nil return repo, nil
} }
// A Collaboration is a relation between an individual and a repository
type Collaboration struct {
ID int64 `xorm:"pk autoincr"`
RepoID int64 `xorm:"UNIQUE(s) INDEX NOT NULL"`
UserID int64 `xorm:"UNIQUE(s) INDEX NOT NULL"`
Created time.Time `xorm:"CREATED"`
}

@ -237,28 +237,31 @@ func ListMyRepos(ctx *middleware.Context) {
} }
numOwnRepos := len(ownRepos) numOwnRepos := len(ownRepos)
collaRepos, err := models.GetCollaborativeRepos(ctx.User.Name) accessibleRepos, err := ctx.User.GetAccessibleRepositories()
if err != nil { if err != nil {
ctx.JSON(500, &base.ApiJsonErr{"GetCollaborativeRepos: " + err.Error(), base.DOC_URL}) ctx.JSON(500, &base.ApiJsonErr{"GetAccessibleRepositories: " + err.Error(), base.DOC_URL})
return return
} }
repos := make([]*api.Repository, numOwnRepos+len(collaRepos)) repos := make([]*api.Repository, numOwnRepos+len(accessibleRepos))
for i := range ownRepos { for i := range ownRepos {
repos[i] = ToApiRepository(ctx.User, ownRepos[i], api.Permission{true, true, true}) repos[i] = ToApiRepository(ctx.User, ownRepos[i], api.Permission{true, true, true})
} }
for i := range collaRepos { i := numOwnRepos
if err = collaRepos[i].GetOwner(); err != nil {
for repo, access := range accessibleRepos {
if err = repo.GetOwner(); err != nil {
ctx.JSON(500, &base.ApiJsonErr{"GetOwner: " + err.Error(), base.DOC_URL}) ctx.JSON(500, &base.ApiJsonErr{"GetOwner: " + err.Error(), base.DOC_URL})
return return
} }
j := i + numOwnRepos
repos[j] = ToApiRepository(collaRepos[i].Owner, collaRepos[i].Repository, api.Permission{false, collaRepos[i].CanPush, true}) repos[i] = ToApiRepository(repo.Owner, repo, api.Permission{false, access >= models.WRITABLE, true})
// FIXME: cache result to reduce DB query? // FIXME: cache result to reduce DB query?
if collaRepos[i].Owner.IsOrganization() && collaRepos[i].Owner.IsOwnedBy(ctx.User.Id) { if repo.Owner.IsOrganization() && repo.Owner.IsOwnedBy(ctx.User.Id) {
repos[j].Permissions.Admin = true repos[i].Permissions.Admin = true
} }
i++
} }
ctx.JSON(200, &repos) ctx.JSON(200, &repos)

@ -174,7 +174,7 @@ func CreateIssue(ctx *middleware.Context) {
return return
} }
us, err := models.GetCollaborators(strings.TrimPrefix(ctx.Repo.RepoLink, "/")) us, err := ctx.Repo.Repository.GetCollaborators()
if err != nil { if err != nil {
ctx.Handle(500, "issue.CreateIssue(GetCollaborators)", err) ctx.Handle(500, "issue.CreateIssue(GetCollaborators)", err)
return return
@ -218,7 +218,7 @@ func CreateIssuePost(ctx *middleware.Context, form auth.CreateIssueForm) {
return return
} }
_, err = models.GetCollaborators(strings.TrimPrefix(ctx.Repo.RepoLink, "/")) _, err = ctx.Repo.Repository.GetCollaborators()
if err != nil { if err != nil {
send(500, nil, err) send(500, nil, err)
return return
@ -246,8 +246,8 @@ func CreateIssuePost(ctx *middleware.Context, form auth.CreateIssueForm) {
if err := models.NewIssue(issue); err != nil { if err := models.NewIssue(issue); err != nil {
send(500, nil, err) send(500, nil, err)
return return
} else if err := models.NewIssueUserPairs(issue.RepoId, issue.Id, ctx.Repo.Owner.Id, } else if err := models.NewIssueUserPairs(ctx.Repo.Repository, issue.Id, ctx.Repo.Owner.Id,
ctx.User.Id, form.AssigneeId, ctx.Repo.Repository.Name); err != nil { ctx.User.Id, form.AssigneeId); err != nil {
send(500, nil, err) send(500, nil, err)
return return
} }
@ -384,7 +384,7 @@ func ViewIssue(ctx *middleware.Context) {
} }
// Get all collaborators. // Get all collaborators.
ctx.Data["Collaborators"], err = models.GetCollaborators(strings.TrimPrefix(ctx.Repo.RepoLink, "/")) ctx.Data["Collaborators"], err = ctx.Repo.Repository.GetCollaborators()
if err != nil { if err != nil {
ctx.Handle(500, "issue.CreateIssue(GetCollaborators)", err) ctx.Handle(500, "issue.CreateIssue(GetCollaborators)", err)
return return

@ -10,7 +10,6 @@ import (
"fmt" "fmt"
"strings" "strings"
"time" "time"
"path"
"github.com/Unknwon/com" "github.com/Unknwon/com"
@ -170,22 +169,12 @@ func SettingsCollaboration(ctx *middleware.Context) {
ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["Title"] = ctx.Tr("repo.settings")
ctx.Data["PageIsSettingsCollaboration"] = true ctx.Data["PageIsSettingsCollaboration"] = true
repoLink := path.Join(ctx.Repo.Owner.LowerName, ctx.Repo.Repository.LowerName)
if ctx.Req.Method == "POST" { if ctx.Req.Method == "POST" {
name := strings.ToLower(ctx.Query("collaborator")) name := strings.ToLower(ctx.Query("collaborator"))
if len(name) == 0 || ctx.Repo.Owner.LowerName == name { if len(name) == 0 || ctx.Repo.Owner.LowerName == name {
ctx.Redirect(setting.AppSubUrl + ctx.Req.URL.Path) ctx.Redirect(setting.AppSubUrl + ctx.Req.URL.Path)
return return
} }
has, err := models.HasAccess(name, repoLink, models.WRITABLE)
if err != nil {
ctx.Handle(500, "HasAccess", err)
return
} else if has {
ctx.Redirect(setting.AppSubUrl + ctx.Req.URL.Path)
return
}
u, err := models.GetUserByName(name) u, err := models.GetUserByName(name)
if err != nil { if err != nil {
@ -205,9 +194,8 @@ func SettingsCollaboration(ctx *middleware.Context) {
return return
} }
if err = models.AddAccess(&models.Access{UserName: name, RepoName: repoLink, if err = ctx.Repo.Repository.AddCollaborator(u); err != nil {
Mode: models.WRITABLE}); err != nil { ctx.Handle(500, "AddCollaborator", err)
ctx.Handle(500, "AddAccess", err)
return return
} }
@ -226,50 +214,27 @@ func SettingsCollaboration(ctx *middleware.Context) {
// Delete collaborator. // Delete collaborator.
remove := strings.ToLower(ctx.Query("remove")) remove := strings.ToLower(ctx.Query("remove"))
if len(remove) > 0 && remove != ctx.Repo.Owner.LowerName { if len(remove) > 0 && remove != ctx.Repo.Owner.LowerName {
needDelete := true u, err := models.GetUserByName(remove)
if ctx.User.IsOrganization() {
// Check if user belongs to a team that has access to this repository.
auth, err := models.GetHighestAuthorize(ctx.Repo.Owner.Id, ctx.User.Id, ctx.Repo.Repository.Id, 0)
if err != nil { if err != nil {
ctx.Handle(500, "GetHighestAuthorize", err) ctx.Handle(500, "GetUserByName", err)
return return
} }
if auth > 0 { if err := ctx.Repo.Repository.DeleteCollaborator(u); err != nil {
needDelete = false ctx.Handle(500, "DeleteCollaborator", err)
}
}
if needDelete {
if err := models.DeleteAccess(&models.Access{UserName: remove, RepoName: repoLink}); err != nil {
ctx.Handle(500, "DeleteAccess", err)
return return
} }
}
ctx.Flash.Success(ctx.Tr("repo.settings.remove_collaborator_success")) ctx.Flash.Success(ctx.Tr("repo.settings.remove_collaborator_success"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings/collaboration") ctx.Redirect(ctx.Repo.RepoLink + "/settings/collaboration")
return return
} }
names, err := models.GetCollaboratorNames(repoLink) users, err := ctx.Repo.Repository.GetCollaborators()
if err != nil { if err != nil {
ctx.Handle(500, "GetCollaborators", err) ctx.Handle(500, "GetCollaborators", err)
return return
} }
collaborators := make([]*models.User, 0, len(names)) ctx.Data["Collaborators"] = users
for _, name := range names {
u, err := models.GetUserByName(name)
if err != nil {
ctx.Handle(500, "GetUserByName", err)
return
}
// Does not show organization members.
if ctx.Repo.Owner.IsOrganization() && ctx.Repo.Owner.IsOrgMember(u.Id) {
continue
}
collaborators = append(collaborators, u)
}
ctx.Data["Collaborators"] = collaborators
ctx.HTML(200, COLLABORATION) ctx.HTML(200, COLLABORATION)
} }

@ -49,13 +49,19 @@ func Dashboard(ctx *middleware.Context) {
} else { } else {
// Normal user. // Normal user.
ctxUser = ctx.User ctxUser = ctx.User
collaborates, err := models.GetCollaborativeRepos(ctxUser.Name) collaborates, err := ctx.User.GetAccessibleRepositories()
if err != nil { if err != nil {
ctx.Handle(500, "GetCollaborativeRepos", err) ctx.Handle(500, "GetAccessibleRepositories", err)
return return
} }
ctx.Data["CollaborateCount"] = len(collaborates)
ctx.Data["CollaborativeRepos"] = collaborates repositories := make([]*models.Repository, 0, len(collaborates))
for repo := range collaborates {
repositories = append(repositories, repo)
}
ctx.Data["CollaborateCount"] = len(repositories)
ctx.Data["CollaborativeRepos"] = repositories
} }
ctx.Data["ContextUser"] = ctxUser ctx.Data["ContextUser"] = ctxUser

Loading…
Cancel
Save