ACCESS_MODE_* -> AccessMode*

tokarchuk/v1.17
Sandro Santilli 8 years ago
parent 0b62aeb495
commit f388661bda
  1. 14
      cmd/serve.go
  2. 38
      models/access.go
  3. 2
      models/issue.go
  4. 2
      models/org.go
  5. 2
      models/org_team.go
  6. 4
      models/repo.go
  7. 10
      models/repo_collaboration.go
  8. 6
      models/ssh_key.go
  9. 6
      models/user.go
  10. 2
      modules/context/org.go
  11. 12
      modules/context/repo.go
  12. 2
      routers/api/v1/api.go
  13. 4
      routers/api/v1/repo/repo.go
  14. 6
      routers/org/teams.go
  15. 8
      routers/repo/http.go

@ -64,9 +64,9 @@ func parseCmd(cmd string) (string, string) {
var ( var (
allowedCommands = map[string]models.AccessMode{ allowedCommands = map[string]models.AccessMode{
"git-upload-pack": models.ACCESS_MODE_READ, "git-upload-pack": models.AccessModeRead,
"git-upload-archive": models.ACCESS_MODE_READ, "git-upload-archive": models.AccessModeRead,
"git-receive-pack": models.ACCESS_MODE_WRITE, "git-receive-pack": models.AccessModeWrite,
} }
) )
@ -191,7 +191,7 @@ func runServ(c *cli.Context) error {
} }
// Prohibit push to mirror repositories. // Prohibit push to mirror repositories.
if requestedMode > models.ACCESS_MODE_READ && repo.IsMirror { if requestedMode > models.AccessModeRead && repo.IsMirror {
fail("mirror repository is read-only", "") fail("mirror repository is read-only", "")
} }
@ -200,7 +200,7 @@ func runServ(c *cli.Context) error {
keyID int64 keyID int64
user *models.User user *models.User
) )
if requestedMode == models.ACCESS_MODE_WRITE || repo.IsPrivate { if requestedMode == models.AccessModeWrite || repo.IsPrivate {
keys := strings.Split(c.Args()[0], "-") keys := strings.Split(c.Args()[0], "-")
if len(keys) != 2 { if len(keys) != 2 {
fail("Key ID format error", "Invalid key argument: %s", c.Args()[0]) fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
@ -243,7 +243,7 @@ func runServ(c *cli.Context) error {
fail("Internal error", "Fail to check access: %v", err) fail("Internal error", "Fail to check access: %v", err)
} else if mode < requestedMode { } else if mode < requestedMode {
clientMessage := accessDenied clientMessage := accessDenied
if mode >= models.ACCESS_MODE_READ { if mode >= models.AccessModeRead {
clientMessage = "You do not have sufficient authorization for this action" clientMessage = "You do not have sufficient authorization for this action"
} }
fail(clientMessage, fail(clientMessage,
@ -276,7 +276,7 @@ func runServ(c *cli.Context) error {
fail("Internal error", "Failed to execute git command: %v", err) fail("Internal error", "Failed to execute git command: %v", err)
} }
if requestedMode == models.ACCESS_MODE_WRITE { if requestedMode == models.AccessModeWrite {
handleUpdateTask(uuid, user, repoUser, reponame, isWiki) handleUpdateTask(uuid, user, repoUser, reponame, isWiki)
} }

@ -13,22 +13,22 @@ import (
type AccessMode int type AccessMode int
const ( const (
ACCESS_MODE_NONE AccessMode = iota // 0 AccessModeNone AccessMode = iota // 0
ACCESS_MODE_READ // 1 AccessModeRead // 1
ACCESS_MODE_WRITE // 2 AccessModeWrite // 2
ACCESS_MODE_ADMIN // 3 AccessModeAdmin // 3
ACCESS_MODE_OWNER // 4 AccessModeOwner // 4
) )
func (mode AccessMode) String() string { func (mode AccessMode) String() string {
switch mode { switch mode {
case ACCESS_MODE_READ: case AccessModeRead:
return "read" return "read"
case ACCESS_MODE_WRITE: case AccessModeWrite:
return "write" return "write"
case ACCESS_MODE_ADMIN: case AccessModeAdmin:
return "admin" return "admin"
case ACCESS_MODE_OWNER: case AccessModeOwner:
return "owner" return "owner"
default: default:
return "none" return "none"
@ -39,11 +39,11 @@ func (mode AccessMode) String() string {
func ParseAccessMode(permission string) AccessMode { func ParseAccessMode(permission string) AccessMode {
switch permission { switch permission {
case "write": case "write":
return ACCESS_MODE_WRITE return AccessModeWrite
case "admin": case "admin":
return ACCESS_MODE_ADMIN return AccessModeAdmin
default: default:
return ACCESS_MODE_READ return AccessModeRead
} }
} }
@ -58,9 +58,9 @@ type Access struct {
} }
func accessLevel(e Engine, u *User, repo *Repository) (AccessMode, error) { func accessLevel(e Engine, u *User, repo *Repository) (AccessMode, error) {
mode := ACCESS_MODE_NONE mode := AccessModeNone
if !repo.IsPrivate { if !repo.IsPrivate {
mode = ACCESS_MODE_READ mode = AccessModeRead
} }
if u == nil { if u == nil {
@ -68,7 +68,7 @@ func accessLevel(e Engine, u *User, repo *Repository) (AccessMode, error) {
} }
if u.ID == repo.OwnerID { if u.ID == repo.OwnerID {
return ACCESS_MODE_OWNER, nil return AccessModeOwner, nil
} }
a := &Access{UserID: u.ID, RepoID: repo.ID} a := &Access{UserID: u.ID, RepoID: repo.ID}
@ -135,7 +135,7 @@ func (user *User) GetAccessibleRepositories(limit int) (repos []*Repository, _ e
} }
func maxAccessMode(modes ...AccessMode) AccessMode { func maxAccessMode(modes ...AccessMode) AccessMode {
max := ACCESS_MODE_NONE max := AccessModeNone
for _, mode := range modes { for _, mode := range modes {
if mode > max { if mode > max {
max = mode max = mode
@ -146,9 +146,9 @@ func maxAccessMode(modes ...AccessMode) AccessMode {
// FIXME: do corss-comparison so reduce deletions and additions to the minimum? // FIXME: do corss-comparison so reduce deletions and additions to the minimum?
func (repo *Repository) refreshAccesses(e Engine, accessMap map[int64]AccessMode) (err error) { func (repo *Repository) refreshAccesses(e Engine, accessMap map[int64]AccessMode) (err error) {
minMode := ACCESS_MODE_READ minMode := AccessModeRead
if !repo.IsPrivate { if !repo.IsPrivate {
minMode = ACCESS_MODE_WRITE minMode = AccessModeWrite
} }
newAccesses := make([]Access, 0, len(accessMap)) newAccesses := make([]Access, 0, len(accessMap))
@ -212,7 +212,7 @@ func (repo *Repository) recalculateTeamAccesses(e Engine, ignTeamID int64) (err
// Owner team gets owner access, and skip for teams that do not // Owner team gets owner access, and skip for teams that do not
// have relations with repository. // have relations with repository.
if t.IsOwnerTeam() { if t.IsOwnerTeam() {
t.Authorize = ACCESS_MODE_OWNER t.Authorize = AccessModeOwner
} else if !t.hasRepository(e, repo.ID) { } else if !t.hasRepository(e, repo.ID) {
continue continue
} }

@ -624,7 +624,7 @@ func newIssue(e *xorm.Session, opts NewIssueOptions) (err error) {
// Assume assignee is invalid and drop silently. // Assume assignee is invalid and drop silently.
opts.Issue.AssigneeID = 0 opts.Issue.AssigneeID = 0
if assignee != nil { if assignee != nil {
valid, err := hasAccess(e, assignee, opts.Repo, ACCESS_MODE_WRITE) valid, err := hasAccess(e, assignee, opts.Repo, AccessModeWrite)
if err != nil { if err != nil {
return fmt.Errorf("hasAccess [user_id: %d, repo_id: %d]: %v", assignee.ID, opts.Repo.ID, err) return fmt.Errorf("hasAccess [user_id: %d, repo_id: %d]: %v", assignee.ID, opts.Repo.ID, err)
} }

@ -141,7 +141,7 @@ func CreateOrganization(org, owner *User) (err error) {
OrgID: org.ID, OrgID: org.ID,
LowerName: strings.ToLower(OWNER_TEAM), LowerName: strings.ToLower(OWNER_TEAM),
Name: OWNER_TEAM, Name: OWNER_TEAM,
Authorize: ACCESS_MODE_OWNER, Authorize: AccessModeOwner,
NumMembers: 1, NumMembers: 1,
} }
if _, err = sess.Insert(t); err != nil { if _, err = sess.Insert(t); err != nil {

@ -155,7 +155,7 @@ func (t *Team) removeRepository(e Engine, repo *Repository, recalculate bool) (e
return fmt.Errorf("get team members: %v", err) return fmt.Errorf("get team members: %v", err)
} }
for _, u := range t.Members { for _, u := range t.Members {
has, err := hasAccess(e, u, repo, ACCESS_MODE_READ) has, err := hasAccess(e, u, repo, AccessModeRead)
if err != nil { if err != nil {
return err return err
} else if has { } else if has {

@ -334,7 +334,7 @@ func (repo *Repository) getAssignees(e Engine) (_ []*User, err error) {
} }
accesses := make([]*Access, 0, 10) accesses := make([]*Access, 0, 10)
if err = e.Where("repo_id = ? AND mode >= ?", repo.ID, ACCESS_MODE_WRITE).Find(&accesses); err != nil { if err = e.Where("repo_id = ? AND mode >= ?", repo.ID, AccessModeWrite).Find(&accesses); err != nil {
return nil, err return nil, err
} }
@ -418,7 +418,7 @@ func (repo *Repository) ComposeCompareURL(oldCommitID, newCommitID string) strin
} }
func (repo *Repository) HasAccess(u *User) bool { func (repo *Repository) HasAccess(u *User) bool {
has, _ := HasAccess(u, repo, ACCESS_MODE_READ) has, _ := HasAccess(u, repo, AccessModeRead)
return has return has
} }

@ -18,11 +18,11 @@ type Collaboration struct {
func (c *Collaboration) ModeI18nKey() string { func (c *Collaboration) ModeI18nKey() string {
switch c.Mode { switch c.Mode {
case ACCESS_MODE_READ: case AccessModeRead:
return "repo.settings.collaboration.read" return "repo.settings.collaboration.read"
case ACCESS_MODE_WRITE: case AccessModeWrite:
return "repo.settings.collaboration.write" return "repo.settings.collaboration.write"
case ACCESS_MODE_ADMIN: case AccessModeAdmin:
return "repo.settings.collaboration.admin" return "repo.settings.collaboration.admin"
default: default:
return "repo.settings.collaboration.undefined" return "repo.settings.collaboration.undefined"
@ -42,7 +42,7 @@ func (repo *Repository) AddCollaborator(u *User) error {
} else if has { } else if has {
return nil return nil
} }
collaboration.Mode = ACCESS_MODE_WRITE collaboration.Mode = AccessModeWrite
sess := x.NewSession() sess := x.NewSession()
defer sessionRelease(sess) defer sessionRelease(sess)
@ -105,7 +105,7 @@ func (repo *Repository) GetCollaborators() ([]*Collaborator, error) {
// ChangeCollaborationAccessMode sets new access mode for the collaboration. // ChangeCollaborationAccessMode sets new access mode for the collaboration.
func (repo *Repository) ChangeCollaborationAccessMode(uid int64, mode AccessMode) error { func (repo *Repository) ChangeCollaborationAccessMode(uid int64, mode AccessMode) error {
// Discard invalid input // Discard invalid input
if mode <= ACCESS_MODE_NONE || mode > ACCESS_MODE_OWNER { if mode <= AccessModeNone || mode > AccessModeOwner {
return nil return nil
} }

@ -415,7 +415,7 @@ func AddPublicKey(ownerID int64, name, content string) (*PublicKey, error) {
OwnerID: ownerID, OwnerID: ownerID,
Name: name, Name: name,
Content: content, Content: content,
Mode: ACCESS_MODE_WRITE, Mode: AccessModeWrite,
Type: KEY_TYPE_USER, Type: KEY_TYPE_USER,
} }
if err = addKey(sess, key); err != nil { if err = addKey(sess, key); err != nil {
@ -642,7 +642,7 @@ func AddDeployKey(repoID int64, name, content string) (*DeployKey, error) {
pkey := &PublicKey{ pkey := &PublicKey{
Content: content, Content: content,
Mode: ACCESS_MODE_READ, Mode: AccessModeRead,
Type: KEY_TYPE_DEPLOY, Type: KEY_TYPE_DEPLOY,
} }
has, err := x.Get(pkey) has, err := x.Get(pkey)
@ -720,7 +720,7 @@ func DeleteDeployKey(doer *User, id int64) error {
if err != nil { if err != nil {
return fmt.Errorf("GetRepositoryByID: %v", err) return fmt.Errorf("GetRepositoryByID: %v", err)
} }
yes, err := HasAccess(doer, repo, ACCESS_MODE_ADMIN) yes, err := HasAccess(doer, repo, AccessModeAdmin)
if err != nil { if err != nil {
return fmt.Errorf("HasAccess: %v", err) return fmt.Errorf("HasAccess: %v", err)
} else if !yes { } else if !yes {

@ -375,7 +375,7 @@ func (u *User) DeleteAvatar() error {
// IsAdminOfRepo returns true if user has admin or higher access of repository. // IsAdminOfRepo returns true if user has admin or higher access of repository.
func (u *User) IsAdminOfRepo(repo *Repository) bool { func (u *User) IsAdminOfRepo(repo *Repository) bool {
has, err := HasAccess(u, repo, ACCESS_MODE_ADMIN) has, err := HasAccess(u, repo, AccessModeAdmin)
if err != nil { if err != nil {
log.Error(3, "HasAccess: %v", err) log.Error(3, "HasAccess: %v", err)
} }
@ -384,7 +384,7 @@ func (u *User) IsAdminOfRepo(repo *Repository) bool {
// IsWriterOfRepo returns true if user has write access to given repository. // IsWriterOfRepo returns true if user has write access to given repository.
func (u *User) IsWriterOfRepo(repo *Repository) bool { func (u *User) IsWriterOfRepo(repo *Repository) bool {
has, err := HasAccess(u, repo, ACCESS_MODE_WRITE) has, err := HasAccess(u, repo, AccessModeWrite)
if err != nil { if err != nil {
log.Error(3, "HasAccess: %v", err) log.Error(3, "HasAccess: %v", err)
} }
@ -886,7 +886,7 @@ func GetUserByID(id int64) (*User, error) {
// GetAssigneeByID returns the user with write access of repository by given ID. // GetAssigneeByID returns the user with write access of repository by given ID.
func GetAssigneeByID(repo *Repository, userID int64) (*User, error) { func GetAssigneeByID(repo *Repository, userID int64) (*User, error) {
has, err := HasAccess(&User{ID: userID}, repo, ACCESS_MODE_WRITE) has, err := HasAccess(&User{ID: userID}, repo, AccessModeWrite)
if err != nil { if err != nil {
return nil, err return nil, err
} else if !has { } else if !has {

@ -136,7 +136,7 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
return return
} }
ctx.Org.IsTeamAdmin = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.Authorize >= models.ACCESS_MODE_ADMIN ctx.Org.IsTeamAdmin = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.Authorize >= models.AccessModeAdmin
ctx.Data["IsTeamAdmin"] = ctx.Org.IsTeamAdmin ctx.Data["IsTeamAdmin"] = ctx.Org.IsTeamAdmin
if requireTeamAdmin && !ctx.Org.IsTeamAdmin { if requireTeamAdmin && !ctx.Org.IsTeamAdmin {
ctx.Handle(404, "OrgAssignment", err) ctx.Handle(404, "OrgAssignment", err)

@ -51,22 +51,22 @@ type Repository struct {
// IsOwner returns true if current user is the owner of repository. // IsOwner returns true if current user is the owner of repository.
func (r *Repository) IsOwner() bool { func (r *Repository) IsOwner() bool {
return r.AccessMode >= models.ACCESS_MODE_OWNER return r.AccessMode >= models.AccessModeOwner
} }
// IsAdmin returns true if current user has admin or higher access of repository. // IsAdmin returns true if current user has admin or higher access of repository.
func (r *Repository) IsAdmin() bool { func (r *Repository) IsAdmin() bool {
return r.AccessMode >= models.ACCESS_MODE_ADMIN return r.AccessMode >= models.AccessModeAdmin
} }
// IsWriter returns true if current user has write or higher access of repository. // IsWriter returns true if current user has write or higher access of repository.
func (r *Repository) IsWriter() bool { func (r *Repository) IsWriter() bool {
return r.AccessMode >= models.ACCESS_MODE_WRITE return r.AccessMode >= models.AccessModeWrite
} }
// HasAccess returns true if the current user has at least read access for this repository // HasAccess returns true if the current user has at least read access for this repository
func (r *Repository) HasAccess() bool { func (r *Repository) HasAccess() bool {
return r.AccessMode >= models.ACCESS_MODE_READ return r.AccessMode >= models.AccessModeRead
} }
// CanEnableEditor returns true if repository is editable and user has proper access level. // CanEnableEditor returns true if repository is editable and user has proper access level.
@ -192,7 +192,7 @@ func RepoAssignment(args ...bool) macaron.Handler {
// Admin has super access. // Admin has super access.
if ctx.IsSigned && ctx.User.IsAdmin { if ctx.IsSigned && ctx.User.IsAdmin {
ctx.Repo.AccessMode = models.ACCESS_MODE_OWNER ctx.Repo.AccessMode = models.AccessModeOwner
} else { } else {
mode, err := models.AccessLevel(ctx.User, repo) mode, err := models.AccessLevel(ctx.User, repo)
if err != nil { if err != nil {
@ -203,7 +203,7 @@ func RepoAssignment(args ...bool) macaron.Handler {
} }
// Check access. // Check access.
if ctx.Repo.AccessMode == models.ACCESS_MODE_NONE { if ctx.Repo.AccessMode == models.AccessModeNone {
if ctx.Query("go-get") == "1" { if ctx.Query("go-get") == "1" {
earlyResponseForGoGetMeta(ctx) earlyResponseForGoGetMeta(ctx)
return return

@ -63,7 +63,7 @@ func repoAssignment() macaron.Handler {
} }
if ctx.IsSigned && ctx.User.IsAdmin { if ctx.IsSigned && ctx.User.IsAdmin {
ctx.Repo.AccessMode = models.ACCESS_MODE_OWNER ctx.Repo.AccessMode = models.AccessModeOwner
} else { } else {
mode, err := models.AccessLevel(ctx.User, repo) mode, err := models.AccessLevel(ctx.User, repo)
if err != nil { if err != nil {

@ -99,8 +99,8 @@ func ListMyRepos(ctx *context.APIContext) {
for repo, access := range accessibleRepos { for repo, access := range accessibleRepos {
repos[i] = repo.APIFormat(&api.Permission{ repos[i] = repo.APIFormat(&api.Permission{
Admin: access >= models.ACCESS_MODE_ADMIN, Admin: access >= models.AccessModeAdmin,
Push: access >= models.ACCESS_MODE_WRITE, Push: access >= models.AccessModeWrite,
Pull: true, Pull: true,
}) })
i++ i++

@ -226,11 +226,11 @@ func EditTeamPost(ctx *context.Context, form auth.CreateTeamForm) {
var auth models.AccessMode var auth models.AccessMode
switch form.Permission { switch form.Permission {
case "read": case "read":
auth = models.ACCESS_MODE_READ auth = models.AccessModeRead
case "write": case "write":
auth = models.ACCESS_MODE_WRITE auth = models.AccessModeWrite
case "admin": case "admin":
auth = models.ACCESS_MODE_ADMIN auth = models.AccessModeAdmin
default: default:
ctx.Error(401) ctx.Error(401)
return return

@ -133,9 +133,9 @@ func HTTP(ctx *context.Context) {
} }
if !isPublicPull { if !isPublicPull {
var tp = models.ACCESS_MODE_WRITE var tp = models.AccessModeWrite
if isPull { if isPull {
tp = models.ACCESS_MODE_READ tp = models.AccessModeRead
} }
has, err := models.HasAccess(authUser, repo, tp) has, err := models.HasAccess(authUser, repo, tp)
@ -143,8 +143,8 @@ func HTTP(ctx *context.Context) {
ctx.Handle(http.StatusInternalServerError, "HasAccess", err) ctx.Handle(http.StatusInternalServerError, "HasAccess", err)
return return
} else if !has { } else if !has {
if tp == models.ACCESS_MODE_READ { if tp == models.AccessModeRead {
has, err = models.HasAccess(authUser, repo, models.ACCESS_MODE_WRITE) has, err = models.HasAccess(authUser, repo, models.AccessModeWrite)
if err != nil { if err != nil {
ctx.Handle(http.StatusInternalServerError, "HasAccess2", err) ctx.Handle(http.StatusInternalServerError, "HasAccess2", err)
return return

Loading…
Cancel
Save