mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-24 08:57:03 -05:00
203fe2841d
Backport #25388 by @wolfogre The old code generates `structs.Repository.Permissions` with only `access.Permission.AccessMode`, however, it should check the units too, or the value could be incorrect. For example, `structs.Repository.Permissions.Push` could be false even the doer has write access to code unit. Should fix https://github.com/renovatebot/renovate/issues/14059#issuecomment-1047961128 (Not reported by it, I just found it when I was looking into this bug) --- Review tips: The major changes are - `modules/structs/repo.go` https://github.com/go-gitea/gitea/pull/25388/files#diff-870406f6857117f8b03611c43fca0ab9ed6d6e76a2d0069a7c1f17e8fa9092f7 - `services/convert/repository.go` https://github.com/go-gitea/gitea/pull/25388/files#diff-7736f6d2ae894c9edb7729a80ab89aa183b888a26a811a0c1fdebd18726a7101 And other changes are passive. Co-authored-by: Jason Song <i@wolfogre.com>
165 lines
4.6 KiB
Go
165 lines
4.6 KiB
Go
// Copyright 2017 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package user
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"code.gitea.io/gitea/models/perm"
|
|
access_model "code.gitea.io/gitea/models/perm/access"
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
|
unit_model "code.gitea.io/gitea/models/unit"
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
"code.gitea.io/gitea/modules/context"
|
|
api "code.gitea.io/gitea/modules/structs"
|
|
"code.gitea.io/gitea/routers/api/v1/utils"
|
|
"code.gitea.io/gitea/services/convert"
|
|
)
|
|
|
|
// listUserRepos - List the repositories owned by the given user.
|
|
func listUserRepos(ctx *context.APIContext, u *user_model.User, private bool) {
|
|
opts := utils.GetListOptions(ctx)
|
|
|
|
repos, count, err := repo_model.GetUserRepositories(&repo_model.SearchRepoOptions{
|
|
Actor: u,
|
|
Private: private,
|
|
ListOptions: opts,
|
|
OrderBy: "id ASC",
|
|
})
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetUserRepositories", err)
|
|
return
|
|
}
|
|
|
|
if err := repos.LoadAttributes(ctx); err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "RepositoryList.LoadAttributes", err)
|
|
return
|
|
}
|
|
|
|
apiRepos := make([]*api.Repository, 0, len(repos))
|
|
for i := range repos {
|
|
permission, err := access_model.GetUserRepoPermission(ctx, repos[i], ctx.Doer)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
|
|
return
|
|
}
|
|
if ctx.IsSigned && ctx.Doer.IsAdmin || permission.UnitAccessMode(unit_model.TypeCode) >= perm.AccessModeRead {
|
|
apiRepos = append(apiRepos, convert.ToRepo(ctx, repos[i], permission))
|
|
}
|
|
}
|
|
|
|
ctx.SetLinkHeader(int(count), opts.PageSize)
|
|
ctx.SetTotalCountHeader(count)
|
|
ctx.JSON(http.StatusOK, &apiRepos)
|
|
}
|
|
|
|
// ListUserRepos - list the repos owned by the given user.
|
|
func ListUserRepos(ctx *context.APIContext) {
|
|
// swagger:operation GET /users/{username}/repos user userListRepos
|
|
// ---
|
|
// summary: List the repos owned by the given user
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: username
|
|
// in: path
|
|
// description: username of user
|
|
// type: string
|
|
// required: true
|
|
// - name: page
|
|
// in: query
|
|
// description: page number of results to return (1-based)
|
|
// type: integer
|
|
// - name: limit
|
|
// in: query
|
|
// description: page size of results
|
|
// type: integer
|
|
// responses:
|
|
// "200":
|
|
// "$ref": "#/responses/RepositoryList"
|
|
|
|
private := ctx.IsSigned
|
|
listUserRepos(ctx, ctx.ContextUser, private)
|
|
}
|
|
|
|
// ListMyRepos - list the repositories you own or have access to.
|
|
func ListMyRepos(ctx *context.APIContext) {
|
|
// swagger:operation GET /user/repos user userCurrentListRepos
|
|
// ---
|
|
// summary: List the repos that the authenticated user owns
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: page
|
|
// in: query
|
|
// description: page number of results to return (1-based)
|
|
// type: integer
|
|
// - name: limit
|
|
// in: query
|
|
// description: page size of results
|
|
// type: integer
|
|
// responses:
|
|
// "200":
|
|
// "$ref": "#/responses/RepositoryList"
|
|
|
|
opts := &repo_model.SearchRepoOptions{
|
|
ListOptions: utils.GetListOptions(ctx),
|
|
Actor: ctx.Doer,
|
|
OwnerID: ctx.Doer.ID,
|
|
Private: ctx.IsSigned,
|
|
IncludeDescription: true,
|
|
}
|
|
|
|
var err error
|
|
repos, count, err := repo_model.SearchRepository(ctx, opts)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "SearchRepository", err)
|
|
return
|
|
}
|
|
|
|
results := make([]*api.Repository, len(repos))
|
|
for i, repo := range repos {
|
|
if err = repo.LoadOwner(ctx); err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "LoadOwner", err)
|
|
return
|
|
}
|
|
permission, err := access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
|
|
}
|
|
results[i] = convert.ToRepo(ctx, repo, permission)
|
|
}
|
|
|
|
ctx.SetLinkHeader(int(count), opts.ListOptions.PageSize)
|
|
ctx.SetTotalCountHeader(count)
|
|
ctx.JSON(http.StatusOK, &results)
|
|
}
|
|
|
|
// ListOrgRepos - list the repositories of an organization.
|
|
func ListOrgRepos(ctx *context.APIContext) {
|
|
// swagger:operation GET /orgs/{org}/repos organization orgListRepos
|
|
// ---
|
|
// summary: List an organization's repos
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: org
|
|
// in: path
|
|
// description: name of the organization
|
|
// type: string
|
|
// required: true
|
|
// - name: page
|
|
// in: query
|
|
// description: page number of results to return (1-based)
|
|
// type: integer
|
|
// - name: limit
|
|
// in: query
|
|
// description: page size of results
|
|
// type: integer
|
|
// responses:
|
|
// "200":
|
|
// "$ref": "#/responses/RepositoryList"
|
|
|
|
listUserRepos(ctx, ctx.Org.Organization.AsUser(), ctx.IsSigned)
|
|
}
|