Thomas Boerger
GitHub
commit
93d527a0a4
1 changed files with 26 additions and 20 deletions
|
|
@ -10,14 +10,20 @@ import (
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
// AccessMode specifies the users access mode
|
||||||
type AccessMode int
|
type AccessMode int
|
||||||
|
|
||||||
const (
|
const (
|
||||||
AccessModeNone AccessMode = iota // 0
|
// AccessModeNone no access
|
||||||
AccessModeRead // 1
|
AccessModeNone AccessMode = iota // 0
|
||||||
AccessModeWrite // 2
|
// AccessModeRead read access
|
||||||
AccessModeAdmin // 3
|
AccessModeRead // 1
|
||||||
AccessModeOwner // 4
|
// AccessModeWrite write access
|
||||||
|
AccessModeWrite // 2
|
||||||
|
// AccessModeAdmin admin access
|
||||||
|
AccessModeAdmin // 3
|
||||||
|
// AccessModeOwner owner access
|
||||||
|
AccessModeOwner // 4
|
||||||
)
|
)
|
||||||
|
|
||||||
func (mode AccessMode) String() string {
|
func (mode AccessMode) String() string {
|
||||||
|
|
@ -57,21 +63,21 @@ type Access struct {
|
||||||
Mode AccessMode
|
Mode AccessMode
|
||||||
}
|
}
|
||||||
|
|
||||||
func accessLevel(e Engine, u *User, repo *Repository) (AccessMode, error) {
|
func accessLevel(e Engine, user *User, repo *Repository) (AccessMode, error) {
|
||||||
mode := AccessModeNone
|
mode := AccessModeNone
|
||||||
if !repo.IsPrivate {
|
if !repo.IsPrivate {
|
||||||
mode = AccessModeRead
|
mode = AccessModeRead
|
||||||
}
|
}
|
||||||
|
|
||||||
if u == nil {
|
if user == nil {
|
||||||
return mode, nil
|
return mode, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
if u.ID == repo.OwnerID {
|
if user.ID == repo.OwnerID {
|
||||||
return AccessModeOwner, nil
|
return AccessModeOwner, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
a := &Access{UserID: u.ID, RepoID: repo.ID}
|
a := &Access{UserID: user.ID, RepoID: repo.ID}
|
||||||
if has, err := e.Get(a); !has || err != nil {
|
if has, err := e.Get(a); !has || err != nil {
|
||||||
return mode, err
|
return mode, err
|
||||||
}
|
}
|
||||||
|
|
@ -80,24 +86,24 @@ func accessLevel(e Engine, u *User, repo *Repository) (AccessMode, error) {
|
||||||
|
|
||||||
// AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the
|
// AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the
|
||||||
// user does not have access. User can be nil!
|
// user does not have access. User can be nil!
|
||||||
func AccessLevel(u *User, repo *Repository) (AccessMode, error) {
|
func AccessLevel(user *User, repo *Repository) (AccessMode, error) {
|
||||||
return accessLevel(x, u, repo)
|
return accessLevel(x, user, repo)
|
||||||
}
|
}
|
||||||
|
|
||||||
func hasAccess(e Engine, u *User, repo *Repository, testMode AccessMode) (bool, error) {
|
func hasAccess(e Engine, user *User, repo *Repository, testMode AccessMode) (bool, error) {
|
||||||
mode, err := accessLevel(e, u, repo)
|
mode, err := accessLevel(e, user, repo)
|
||||||
return testMode <= mode, err
|
return testMode <= mode, err
|
||||||
}
|
}
|
||||||
|
|
||||||
// HasAccess returns true if someone has the request access level. User can be nil!
|
// HasAccess returns true if someone has the request access level. User can be nil!
|
||||||
func HasAccess(u *User, repo *Repository, testMode AccessMode) (bool, error) {
|
func HasAccess(user *User, repo *Repository, testMode AccessMode) (bool, error) {
|
||||||
return hasAccess(x, u, repo, testMode)
|
return hasAccess(x, user, repo, testMode)
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetRepositoryAccesses finds all repositories with their access mode where a user has access but does not own.
|
// GetRepositoryAccesses finds all repositories with their access mode where a user has access but does not own.
|
||||||
func (u *User) GetRepositoryAccesses() (map[*Repository]AccessMode, error) {
|
func (user *User) GetRepositoryAccesses() (map[*Repository]AccessMode, error) {
|
||||||
accesses := make([]*Access, 0, 10)
|
accesses := make([]*Access, 0, 10)
|
||||||
if err := x.Find(&accesses, &Access{UserID: u.ID}); err != nil {
|
if err := x.Find(&accesses, &Access{UserID: user.ID}); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -113,7 +119,7 @@ func (u *User) GetRepositoryAccesses() (map[*Repository]AccessMode, error) {
|
||||||
}
|
}
|
||||||
if err = repo.GetOwner(); err != nil {
|
if err = repo.GetOwner(); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
} else if repo.OwnerID == u.ID {
|
} else if repo.OwnerID == user.ID {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
repos[repo] = access.Mode
|
repos[repo] = access.Mode
|
||||||
|
|
@ -245,6 +251,6 @@ func (repo *Repository) recalculateAccesses(e Engine) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// RecalculateAccesses recalculates all accesses for repository.
|
// RecalculateAccesses recalculates all accesses for repository.
|
||||||
func (r *Repository) RecalculateAccesses() error {
|
func (repo *Repository) RecalculateAccesses() error {
|
||||||
return r.recalculateAccesses(x)
|
return repo.recalculateAccesses(x)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue