1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-21 12:44:49 -05:00

Bug fixes for repo permissions in API

Also move duplicated code into repo.APIFormat(..)
This commit is contained in:
Ethan Koenig 2016-12-05 18:48:51 -05:00 committed by Kim "BKC" Carlbäcker
parent 08b9af9ad8
commit 04b9a7e7a2
7 changed files with 45 additions and 26 deletions

View file

@ -539,7 +539,7 @@ func CommitRepoAction(opts CommitRepoActionOptions) error {
}() }()
apiPusher := pusher.APIFormat() apiPusher := pusher.APIFormat()
apiRepo := repo.APIFormat(nil) apiRepo := repo.APIFormat(AccessModeNone)
var shaSum string var shaSum string
switch opType { switch opType {

View file

@ -265,7 +265,7 @@ func (issue *Issue) sendLabelUpdatedWebhook(doer *User) {
Action: api.HookIssueLabelUpdated, Action: api.HookIssueLabelUpdated,
Index: issue.Index, Index: issue.Index,
PullRequest: issue.PullRequest.APIFormat(), PullRequest: issue.PullRequest.APIFormat(),
Repository: issue.Repo.APIFormat(nil), Repository: issue.Repo.APIFormat(AccessModeNone),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
}) })
} }
@ -371,7 +371,7 @@ func (issue *Issue) ClearLabels(doer *User) (err error) {
Action: api.HookIssueLabelCleared, Action: api.HookIssueLabelCleared,
Index: issue.Index, Index: issue.Index,
PullRequest: issue.PullRequest.APIFormat(), PullRequest: issue.PullRequest.APIFormat(),
Repository: issue.Repo.APIFormat(nil), Repository: issue.Repo.APIFormat(AccessModeNone),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
}) })
} }
@ -493,7 +493,7 @@ func (issue *Issue) ChangeStatus(doer *User, repo *Repository, isClosed bool) (e
apiPullRequest := &api.PullRequestPayload{ apiPullRequest := &api.PullRequestPayload{
Index: issue.Index, Index: issue.Index,
PullRequest: issue.PullRequest.APIFormat(), PullRequest: issue.PullRequest.APIFormat(),
Repository: repo.APIFormat(nil), Repository: repo.APIFormat(AccessModeNone),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
} }
if isClosed { if isClosed {
@ -531,7 +531,7 @@ func (issue *Issue) ChangeTitle(doer *User, title string) (err error) {
}, },
}, },
PullRequest: issue.PullRequest.APIFormat(), PullRequest: issue.PullRequest.APIFormat(),
Repository: issue.Repo.APIFormat(nil), Repository: issue.Repo.APIFormat(AccessModeNone),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
}) })
} }
@ -563,7 +563,7 @@ func (issue *Issue) ChangeContent(doer *User, content string) (err error) {
}, },
}, },
PullRequest: issue.PullRequest.APIFormat(), PullRequest: issue.PullRequest.APIFormat(),
Repository: issue.Repo.APIFormat(nil), Repository: issue.Repo.APIFormat(AccessModeNone),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
}) })
} }
@ -596,7 +596,7 @@ func (issue *Issue) ChangeAssignee(doer *User, assigneeID int64) (err error) {
apiPullRequest := &api.PullRequestPayload{ apiPullRequest := &api.PullRequestPayload{
Index: issue.Index, Index: issue.Index,
PullRequest: issue.PullRequest.APIFormat(), PullRequest: issue.PullRequest.APIFormat(),
Repository: issue.Repo.APIFormat(nil), Repository: issue.Repo.APIFormat(AccessModeNone),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
} }
if isRemoveAssignee { if isRemoveAssignee {

View file

@ -160,14 +160,14 @@ func (pr *PullRequest) APIFormat() *api.PullRequest {
Ref: pr.BaseBranch, Ref: pr.BaseBranch,
Sha: baseCommit.ID.String(), Sha: baseCommit.ID.String(),
RepoID: pr.BaseRepoID, RepoID: pr.BaseRepoID,
Repository: pr.BaseRepo.APIFormat(nil), Repository: pr.BaseRepo.APIFormat(AccessModeNone),
} }
apiHeadBranchInfo := &api.PRBranchInfo{ apiHeadBranchInfo := &api.PRBranchInfo{
Name: pr.HeadBranch, Name: pr.HeadBranch,
Ref: pr.HeadBranch, Ref: pr.HeadBranch,
Sha: headCommit.ID.String(), Sha: headCommit.ID.String(),
RepoID: pr.HeadRepoID, RepoID: pr.HeadRepoID,
Repository: pr.HeadRepo.APIFormat(nil), Repository: pr.HeadRepo.APIFormat(AccessModeNone),
} }
apiPullRequest := &api.PullRequest{ apiPullRequest := &api.PullRequest{
ID: pr.ID, ID: pr.ID,
@ -355,7 +355,7 @@ func (pr *PullRequest) Merge(doer *User, baseGitRepo *git.Repository) (err error
Action: api.HookIssueClosed, Action: api.HookIssueClosed,
Index: pr.Index, Index: pr.Index,
PullRequest: pr.APIFormat(), PullRequest: pr.APIFormat(),
Repository: pr.Issue.Repo.APIFormat(nil), Repository: pr.Issue.Repo.APIFormat(AccessModeNone),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
}); err != nil { }); err != nil {
log.Error(4, "PrepareWebhooks: %v", err) log.Error(4, "PrepareWebhooks: %v", err)
@ -385,7 +385,7 @@ func (pr *PullRequest) Merge(doer *User, baseGitRepo *git.Repository) (err error
After: pr.MergedCommitID, After: pr.MergedCommitID,
CompareURL: setting.AppURL + pr.BaseRepo.ComposeCompareURL(pr.MergeBase, pr.MergedCommitID), CompareURL: setting.AppURL + pr.BaseRepo.ComposeCompareURL(pr.MergeBase, pr.MergedCommitID),
Commits: ListToPushCommits(l).ToAPIPayloadCommits(pr.BaseRepo.HTMLURL()), Commits: ListToPushCommits(l).ToAPIPayloadCommits(pr.BaseRepo.HTMLURL()),
Repo: pr.BaseRepo.APIFormat(nil), Repo: pr.BaseRepo.APIFormat(AccessModeNone),
Pusher: pr.HeadRepo.MustOwner().APIFormat(), Pusher: pr.HeadRepo.MustOwner().APIFormat(),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
} }
@ -514,7 +514,7 @@ func NewPullRequest(repo *Repository, pull *Issue, labelIDs []int64, uuids []str
Action: api.HookIssueOpened, Action: api.HookIssueOpened,
Index: pull.Index, Index: pull.Index,
PullRequest: pr.APIFormat(), PullRequest: pr.APIFormat(),
Repository: repo.APIFormat(nil), Repository: repo.APIFormat(AccessModeNone),
Sender: pull.Poster.APIFormat(), Sender: pull.Poster.APIFormat(),
}); err != nil { }); err != nil {
log.Error(4, "PrepareWebhooks: %v", err) log.Error(4, "PrepareWebhooks: %v", err)
@ -840,7 +840,7 @@ func AddTestPullRequestTask(doer *User, repoID int64, branch string, isSync bool
Action: api.HookIssueSynchronized, Action: api.HookIssueSynchronized,
Index: pr.Issue.Index, Index: pr.Issue.Index,
PullRequest: pr.Issue.PullRequest.APIFormat(), PullRequest: pr.Issue.PullRequest.APIFormat(),
Repository: pr.Issue.Repo.APIFormat(nil), Repository: pr.Issue.Repo.APIFormat(AccessModeNone),
Sender: doer.APIFormat(), Sender: doer.APIFormat(),
}); err != nil { }); err != nil {
log.Error(4, "PrepareWebhooks [pull_id: %v]: %v", pr.ID, err) log.Error(4, "PrepareWebhooks [pull_id: %v]: %v", pr.ID, err)

View file

@ -277,8 +277,13 @@ func (repo *Repository) HTMLURL() string {
// APIFormat converts a Repository to api.Repository // APIFormat converts a Repository to api.Repository
// Arguments that are allowed to be nil: permission // Arguments that are allowed to be nil: permission
func (repo *Repository) APIFormat(permission *api.Permission) *api.Repository { func (repo *Repository) APIFormat(mode AccessMode) *api.Repository {
cloneLink := repo.CloneLink() cloneLink := repo.CloneLink()
permission := &api.Permission{
Admin: mode >= AccessModeAdmin,
Push: mode >= AccessModeWrite,
Pull: mode >= AccessModeRead,
}
return &api.Repository{ return &api.Repository{
ID: repo.ID, ID: repo.ID,
Owner: repo.Owner.APIFormat(), Owner: repo.Owner.APIFormat(),

View file

@ -95,16 +95,12 @@ func ListMyRepos(ctx *context.APIContext) {
repos := make([]*api.Repository, numOwnRepos+len(accessibleRepos)) repos := make([]*api.Repository, numOwnRepos+len(accessibleRepos))
for i := range ownRepos { for i := range ownRepos {
repos[i] = ownRepos[i].APIFormat(&api.Permission{true, true, true}) repos[i] = ownRepos[i].APIFormat(models.AccessModeOwner)
} }
i := numOwnRepos i := numOwnRepos
for repo, access := range accessibleRepos { for repo, access := range accessibleRepos {
repos[i] = repo.APIFormat(&api.Permission{ repos[i] = repo.APIFormat(access)
Admin: access >= models.AccessModeAdmin,
Push: access >= models.AccessModeWrite,
Pull: true,
})
i++ i++
} }
@ -138,7 +134,7 @@ func CreateUserRepo(ctx *context.APIContext, owner *models.User, opt api.CreateR
return return
} }
ctx.JSON(201, repo.APIFormat(&api.Permission{true, true, true})) ctx.JSON(201, repo.APIFormat(models.AccessModeOwner))
} }
// Create one repository of mine // Create one repository of mine
@ -241,14 +237,19 @@ func Migrate(ctx *context.APIContext, form auth.MigrateRepoForm) {
} }
log.Trace("Repository migrated: %s/%s", ctxUser.Name, form.RepoName) log.Trace("Repository migrated: %s/%s", ctxUser.Name, form.RepoName)
ctx.JSON(201, repo.APIFormat(&api.Permission{true, true, true})) ctx.JSON(201, repo.APIFormat(models.AccessModeAdmin))
} }
// Get one repository // Get one repository
// see https://github.com/gogits/go-gogs-client/wiki/Repositories#get // see https://github.com/gogits/go-gogs-client/wiki/Repositories#get
func Get(ctx *context.APIContext) { func Get(ctx *context.APIContext) {
repo := ctx.Repo.Repository repo := ctx.Repo.Repository
ctx.JSON(200, repo.APIFormat(&api.Permission{true, true, true})) access, err := models.AccessLevel(ctx.User, repo)
if err != nil {
ctx.Error(500, "GetRepository", err)
return
}
ctx.JSON(200, repo.APIFormat(access))
} }
// GetByID returns a single Repository // GetByID returns a single Repository
@ -263,7 +264,12 @@ func GetByID(ctx *context.APIContext) {
return return
} }
ctx.JSON(200, repo.APIFormat(&api.Permission{true, true, true})) access, err := models.AccessLevel(ctx.User, repo)
if err != nil {
ctx.Error(500, "GetRepositoryByID", err)
return
}
ctx.JSON(200, repo.APIFormat(access))
} }
// Delete one repository // Delete one repository

View file

@ -18,9 +18,17 @@ func getStarredRepos(userID int64, private bool) ([]*api.Repository, error) {
if err != nil { if err != nil {
return nil, err return nil, err
} }
user, err := models.GetUserByID(userID)
if err != nil {
return nil, err
}
repos := make([]*api.Repository, len(starredRepos)) repos := make([]*api.Repository, len(starredRepos))
for i, starred := range starredRepos { for i, starred := range starredRepos {
repos[i] = starred.APIFormat(&api.Permission{true, true, true}) access, err := models.AccessLevel(user, starred)
if err != nil {
return nil, err
}
repos[i] = starred.APIFormat(access)
} }
return repos, nil return repos, nil
} }

View file

@ -388,7 +388,7 @@ func TestWebhook(ctx *context.Context) {
}, },
}, },
}, },
Repo: ctx.Repo.Repository.APIFormat(nil), Repo: ctx.Repo.Repository.APIFormat(models.AccessModeNone),
Pusher: apiUser, Pusher: apiUser,
Sender: apiUser, Sender: apiUser,
} }