Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor and fix incorrect comment #1247

Merged
merged 1 commit into from
Mar 15, 2017
Merged

Refactor and fix incorrect comment #1247

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion cmd/serv.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,7 @@ func runServ(c *cli.Context) error {
fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
}

mode, err := models.AccessLevel(user, repo)
mode, err := models.AccessLevel(user.ID, repo)
if err != nil {
fail("Internal error", "Failed to check access: %v", err)
} else if mode < requestedMode {
Expand Down
24 changes: 12 additions & 12 deletions models/access.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -59,41 +59,41 @@ type Access struct {
Mode AccessMode
}

func accessLevel(e Engine, user *User, repo *Repository) (AccessMode, error) {
func accessLevel(e Engine, userID int64, repo *Repository) (AccessMode, error) {
mode := AccessModeNone
if !repo.IsPrivate {
mode = AccessModeRead
}

if user == nil {
if userID == 0 {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if userID == 0 ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added back.

return mode, nil
}

if user.ID == repo.OwnerID {
if userID == repo.OwnerID {
return AccessModeOwner, nil
}

a := &Access{UserID: user.ID, RepoID: repo.ID}
a := &Access{UserID: userID, RepoID: repo.ID}
if has, err := e.Get(a); !has || err != nil {
return mode, err
}
return a.Mode, nil
}

// AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the
// user does not have access. User can be nil!
func AccessLevel(user *User, repo *Repository) (AccessMode, error) {
return accessLevel(x, user, repo)
// user does not have access.
func AccessLevel(userID int64, repo *Repository) (AccessMode, error) {
return accessLevel(x, userID, repo)
}

func hasAccess(e Engine, user *User, repo *Repository, testMode AccessMode) (bool, error) {
mode, err := accessLevel(e, user, repo)
func hasAccess(e Engine, userID int64, repo *Repository, testMode AccessMode) (bool, error) {
mode, err := accessLevel(e, userID, repo)
return testMode <= mode, err
}

// HasAccess returns true if someone has the request access level. User can be nil!
func HasAccess(user *User, repo *Repository, testMode AccessMode) (bool, error) {
return hasAccess(x, user, repo, testMode)
// HasAccess returns true if user has access to repo
func HasAccess(userID int64, repo *Repository, testMode AccessMode) (bool, error) {
return hasAccess(x, userID, repo, testMode)
}

type repoAccess struct {
Expand Down
16 changes: 8 additions & 8 deletions models/access_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,19 +25,19 @@ func TestAccessLevel(t *testing.T) {
repo1 := AssertExistsAndLoadBean(t, &Repository{OwnerID: 2, IsPrivate: false}).(*Repository)
repo2 := AssertExistsAndLoadBean(t, &Repository{OwnerID: 3, IsPrivate: true}).(*Repository)

level, err := AccessLevel(user1, repo1)
level, err := AccessLevel(user1.ID, repo1)
assert.NoError(t, err)
assert.Equal(t, AccessModeOwner, level)

level, err = AccessLevel(user1, repo2)
level, err = AccessLevel(user1.ID, repo2)
assert.NoError(t, err)
assert.Equal(t, AccessModeWrite, level)

level, err = AccessLevel(user2, repo1)
level, err = AccessLevel(user2.ID, repo1)
assert.NoError(t, err)
assert.Equal(t, AccessModeRead, level)

level, err = AccessLevel(user2, repo2)
level, err = AccessLevel(user2.ID, repo2)
assert.NoError(t, err)
assert.Equal(t, AccessModeNone, level)
}
Expand All @@ -51,19 +51,19 @@ func TestHasAccess(t *testing.T) {
repo2 := AssertExistsAndLoadBean(t, &Repository{OwnerID: 3, IsPrivate: true}).(*Repository)

for _, accessMode := range accessModes {
has, err := HasAccess(user1, repo1, accessMode)
has, err := HasAccess(user1.ID, repo1, accessMode)
assert.NoError(t, err)
assert.True(t, has)

has, err = HasAccess(user1, repo2, accessMode)
has, err = HasAccess(user1.ID, repo2, accessMode)
assert.NoError(t, err)
assert.Equal(t, accessMode <= AccessModeWrite, has)

has, err = HasAccess(user2, repo1, accessMode)
has, err = HasAccess(user2.ID, repo1, accessMode)
assert.NoError(t, err)
assert.Equal(t, accessMode <= AccessModeRead, has)

has, err = HasAccess(user2, repo2, accessMode)
has, err = HasAccess(user2.ID, repo2, accessMode)
assert.NoError(t, err)
assert.Equal(t, accessMode <= AccessModeNone, has)
}
Expand Down
27 changes: 9 additions & 18 deletions models/issue.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -374,7 +374,7 @@ func (issue *Issue) RemoveLabel(doer *User, label *Label) error {
return err
}

if has, err := HasAccess(doer, issue.Repo, AccessModeWrite); err != nil {
if has, err := HasAccess(doer.ID, issue.Repo, AccessModeWrite); err != nil {
return err
} else if !has {
return ErrLabelNotExist{}
Expand Down Expand Up @@ -415,7 +415,7 @@ func (issue *Issue) ClearLabels(doer *User) (err error) {
return err
}

if has, err := hasAccess(sess, doer, issue.Repo, AccessModeWrite); err != nil {
if has, err := hasAccess(sess, doer.ID, issue.Repo, AccessModeWrite); err != nil {
return err
} else if !has {
return ErrLabelNotExist{}
Expand Down Expand Up @@ -809,23 +809,14 @@ func newIssue(e *xorm.Session, doer *User, opts NewIssueOptions) (err error) {
}
}

if opts.Issue.AssigneeID > 0 {
assignee, err := getUserByID(e, opts.Issue.AssigneeID)
if err != nil && !IsErrUserNotExist(err) {
return fmt.Errorf("getUserByID: %v", err)
if assigneeID := opts.Issue.AssigneeID; assigneeID > 0 {
valid, err := hasAccess(e, assigneeID, opts.Repo, AccessModeWrite)
if err != nil {
return fmt.Errorf("hasAccess [user_id: %d, repo_id: %d]: %v", assigneeID, opts.Repo.ID, err)
}

// Assume assignee is invalid and drop silently.
opts.Issue.AssigneeID = 0
if assignee != nil {
valid, err := hasAccess(e, assignee, opts.Repo, AccessModeWrite)
if err != nil {
return fmt.Errorf("hasAccess [user_id: %d, repo_id: %d]: %v", assignee.ID, opts.Repo.ID, err)
}
if valid {
opts.Issue.AssigneeID = assignee.ID
opts.Issue.Assignee = assignee
}
if !valid {
opts.Issue.AssigneeID = 0
opts.Issue.Assignee = nil
}
}

Expand Down
34 changes: 20 additions & 14 deletions models/org_team.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -139,18 +139,19 @@ func (t *Team) removeRepository(e Engine, repo *Repository, recalculate bool) (e
}
}

if err = t.getMembers(e); err != nil {
return fmt.Errorf("get team members: %v", err)
teamUsers, err := getTeamUsersByTeamID(e, t.ID)
if err != nil {
return fmt.Errorf("getTeamUsersByTeamID: %v", err)
}
for _, u := range t.Members {
has, err := hasAccess(e, u, repo, AccessModeRead)
for _, teamUser:= range teamUsers {
has, err := hasAccess(e, teamUser.UID, repo, AccessModeRead)
if err != nil {
return err
} else if has {
continue
}

if err = watchRepo(e, u.ID, repo.ID, false); err != nil {
if err = watchRepo(e, teamUser.UID, repo.ID, false); err != nil {
return err
}
}
Expand Down Expand Up @@ -399,20 +400,25 @@ func IsTeamMember(orgID, teamID, userID int64) bool {
return isTeamMember(x, orgID, teamID, userID)
}

func getTeamMembers(e Engine, teamID int64) (_ []*User, err error) {
func getTeamUsersByTeamID(e Engine, teamID int64) ([]*TeamUser, error) {
teamUsers := make([]*TeamUser, 0, 10)
if err = e.
return teamUsers, e.
Where("team_id=?", teamID).
Find(&teamUsers); err != nil {
Find(&teamUsers)
}

func getTeamMembers(e Engine, teamID int64) (_ []*User, err error) {
teamUsers, err := getTeamUsersByTeamID(e, teamID)
if err != nil {
return nil, fmt.Errorf("get team-users: %v", err)
}
members := make([]*User, 0, len(teamUsers))
for i := range teamUsers {
member := new(User)
if _, err = e.Id(teamUsers[i].UID).Get(member); err != nil {
return nil, fmt.Errorf("get user '%d': %v", teamUsers[i].UID, err)
members := make([]*User, len(teamUsers))
for i, teamUser := range teamUsers {
member, err := getUserByID(e, teamUser.UID)
if err != nil {
return nil, fmt.Errorf("get user '%d': %v", teamUser.UID, err)
}
members = append(members, member)
members[i] = member
}
return members, nil
}
Expand Down
2 changes: 1 addition & 1 deletion models/org_team_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -243,7 +243,7 @@ func TestDeleteTeam(t *testing.T) {
// check that team members don't have "leftover" access to repos
user := AssertExistsAndLoadBean(t, &User{ID: 4}).(*User)
repo := AssertExistsAndLoadBean(t, &Repository{ID: 3}).(*Repository)
accessMode, err := AccessLevel(user, repo)
accessMode, err := AccessLevel(user.ID, repo)
assert.NoError(t, err)
assert.True(t, accessMode < AccessModeWrite)
}
Expand Down
2 changes: 1 addition & 1 deletion models/release.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -365,7 +365,7 @@ func DeleteReleaseByID(id int64, u *User, delTag bool) error {
return fmt.Errorf("GetRepositoryByID: %v", err)
}

has, err := HasAccess(u, repo, AccessModeWrite)
has, err := HasAccess(u.ID, repo, AccessModeWrite)
if err != nil {
return fmt.Errorf("HasAccess: %v", err)
} else if !has {
Expand Down
2 changes: 1 addition & 1 deletion models/repo.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -531,7 +531,7 @@ func (repo *Repository) ComposeCompareURL(oldCommitID, newCommitID string) strin

// HasAccess returns true when user has access to this repository
func (repo *Repository) HasAccess(u *User) bool {
has, _ := HasAccess(u, repo, AccessModeRead)
has, _ := HasAccess(u.ID, repo, AccessModeRead)
return has
}

Expand Down
2 changes: 1 addition & 1 deletion models/ssh_key.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -794,7 +794,7 @@ func DeleteDeployKey(doer *User, id int64) error {
if err != nil {
return fmt.Errorf("GetRepositoryByID: %v", err)
}
yes, err := HasAccess(doer, repo, AccessModeAdmin)
yes, err := HasAccess(doer.ID, repo, AccessModeAdmin)
if err != nil {
return fmt.Errorf("HasAccess: %v", err)
} else if !yes {
Expand Down
6 changes: 3 additions & 3 deletions models/user.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -478,7 +478,7 @@ func (u *User) DeleteAvatar() error {

// IsAdminOfRepo returns true if user has admin or higher access of repository.
func (u *User) IsAdminOfRepo(repo *Repository) bool {
has, err := HasAccess(u, repo, AccessModeAdmin)
has, err := HasAccess(u.ID, repo, AccessModeAdmin)
if err != nil {
log.Error(3, "HasAccess: %v", err)
}
Expand All @@ -487,7 +487,7 @@ func (u *User) IsAdminOfRepo(repo *Repository) bool {

// IsWriterOfRepo returns true if user has write access to given repository.
func (u *User) IsWriterOfRepo(repo *Repository) bool {
has, err := HasAccess(u, repo, AccessModeWrite)
has, err := HasAccess(u.ID, repo, AccessModeWrite)
if err != nil {
log.Error(3, "HasAccess: %v", err)
}
Expand Down Expand Up @@ -1103,7 +1103,7 @@ func GetUserByID(id int64) (*User, error) {

// GetAssigneeByID returns the user with write access of repository by given ID.
func GetAssigneeByID(repo *Repository, userID int64) (*User, error) {
has, err := HasAccess(&User{ID: userID}, repo, AccessModeWrite)
has, err := HasAccess(userID, repo, AccessModeWrite)
if err != nil {
return nil, err
} else if !has {
Expand Down
2 changes: 1 addition & 1 deletion modules/context/repo.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -219,7 +219,7 @@ func RepoAssignment(args ...bool) macaron.Handler {
if ctx.IsSigned && ctx.User.IsAdmin {
ctx.Repo.AccessMode = models.AccessModeOwner
} else {
mode, err := models.AccessLevel(ctx.User, repo)
mode, err := models.AccessLevel(ctx.User.ID, repo)
if err != nil {
ctx.Handle(500, "AccessLevel", err)
return
Expand Down
4 changes: 2 additions & 2 deletions modules/lfs/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -463,7 +463,7 @@ func authenticate(ctx *context.Context, repository *models.Repository, authoriza
}

if ctx.IsSigned {
accessCheck, _ := models.HasAccess(ctx.User, repository, accessMode)
accessCheck, _ := models.HasAccess(ctx.User.ID, repository, accessMode)
return accessCheck
}

Expand Down Expand Up @@ -499,7 +499,7 @@ func authenticate(ctx *context.Context, repository *models.Repository, authoriza
return false
}

accessCheck, _ := models.HasAccess(userModel, repository, accessMode)
accessCheck, _ := models.HasAccess(userModel.ID, repository, accessMode)
return accessCheck
}

Expand Down
2 changes: 1 addition & 1 deletion routers/api/v1/api.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ func repoAssignment() macaron.Handler {
if ctx.IsSigned && ctx.User.IsAdmin {
ctx.Repo.AccessMode = models.AccessModeOwner
} else {
mode, err := models.AccessLevel(ctx.User, repo)
mode, err := models.AccessLevel(ctx.User.ID, repo)
if err != nil {
ctx.Error(500, "AccessLevel", err)
return
Expand Down
6 changes: 3 additions & 3 deletions routers/api/v1/org/team.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ func GetTeamRepos(ctx *context.APIContext) {
}
repos := make([]*api.Repository, len(team.Repos))
for i, repo := range team.Repos {
access, err := models.AccessLevel(ctx.User, repo)
access, err := models.AccessLevel(ctx.User.ID, repo)
if err != nil {
ctx.Error(500, "GetTeamRepos", err)
return
Expand Down Expand Up @@ -161,7 +161,7 @@ func AddTeamRepository(ctx *context.APIContext) {
if ctx.Written() {
return
}
if access, err := models.AccessLevel(ctx.User, repo); err != nil {
if access, err := models.AccessLevel(ctx.User.ID, repo); err != nil {
ctx.Error(500, "AccessLevel", err)
return
} else if access < models.AccessModeAdmin {
Expand All @@ -181,7 +181,7 @@ func RemoveTeamRepository(ctx *context.APIContext) {
if ctx.Written() {
return
}
if access, err := models.AccessLevel(ctx.User, repo); err != nil {
if access, err := models.AccessLevel(ctx.User.ID, repo); err != nil {
ctx.Error(500, "AccessLevel", err)
return
} else if access < models.AccessModeAdmin {
Expand Down
2 changes: 1 addition & 1 deletion routers/api/v1/repo/fork.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ func ListForks(ctx *context.APIContext) {
}
apiForks := make([]*api.Repository, len(forks))
for i, fork := range forks {
access, err := models.AccessLevel(ctx.User, fork)
access, err := models.AccessLevel(ctx.User.ID, fork)
if err != nil {
ctx.Error(500, "AccessLevel", err)
return
Expand Down
2 changes: 1 addition & 1 deletion routers/api/v1/repo/release.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ func ListReleases(ctx *context.APIContext) {
return
}
rels := make([]*api.Release, len(releases))
access, err := models.AccessLevel(ctx.User, ctx.Repo.Repository)
access, err := models.AccessLevel(ctx.User.ID, ctx.Repo.Repository)
if err != nil {
ctx.Error(500, "AccessLevel", err)
return
Expand Down
6 changes: 3 additions & 3 deletions routers/api/v1/repo/repo.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,7 @@ func Search(ctx *context.APIContext) {
})
return
}
accessMode, err := models.AccessLevel(ctx.User, repo)
accessMode, err := models.AccessLevel(ctx.User.ID, repo)
if err != nil {
ctx.JSON(500, map[string]interface{}{
"ok": false,
Expand Down Expand Up @@ -218,7 +218,7 @@ func Migrate(ctx *context.APIContext, form auth.MigrateRepoForm) {
// see https://github.com/gogits/go-gogs-client/wiki/Repositories#get
func Get(ctx *context.APIContext) {
repo := ctx.Repo.Repository
access, err := models.AccessLevel(ctx.User, repo)
access, err := models.AccessLevel(ctx.User.ID, repo)
if err != nil {
ctx.Error(500, "GetRepository", err)
return
Expand All @@ -238,7 +238,7 @@ func GetByID(ctx *context.APIContext) {
return
}

access, err := models.AccessLevel(ctx.User, repo)
access, err := models.AccessLevel(ctx.User.ID, repo)
if err != nil {
ctx.Error(500, "GetRepositoryByID", err)
return
Expand Down
Loading