web/forgejo
10
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4

Finsih add/remove repo in organization

Browse source
This commit is contained in:
Unknwon 2014-08-26 18:11:15 +08:00
parent f2c263c54f
commit 74b31566cf
19 changed files with 485 additions and 107 deletions
Download patch file Download diff file Expand all files Collapse all files

230
models/org.go
View file

@ -369,6 +369,13 @@ const (
ORG_ADMIN
)
func AuthorizeToAccessType(auth AuthorizeType) AccessType {
if auth == ORG_READABLE {
return READABLE
}
return WRITABLE
}
const OWNER_TEAM = "Owners"
// Team represents a organization team.
@ -433,6 +440,142 @@ func (t *Team) RemoveMember(uid int64) error {
return RemoveTeamMember(t.OrgId, t.Id, uid)
}
// addAccessWithAuthorize inserts or updates access with given mode.
func addAccessWithAuthorize(sess *xorm.Session, access *Access, mode AccessType) error {
has, err := x.Get(access)
if err != nil {
return fmt.Errorf("fail to get access: %v", err)
}
access.Mode = mode
if has {
if _, err = sess.Id(access.Id).Update(access); err != nil {
return fmt.Errorf("fail to update access: %v", err)
}
} else {
if _, err = sess.Insert(access); err != nil {
return fmt.Errorf("fail to insert access: %v", err)
}
}
return nil
}
// AddRepository adds new repository to team of organization.
func (t *Team) AddRepository(repo *Repository) (err error) {
idStr := "$" + com.ToStr(repo.Id) + "|"
if repo.OwnerId != t.OrgId {
return errors.New("Repository not belong to organization")
} else if strings.Contains(t.RepoIds, idStr) {
return nil
}
if err = repo.GetOwner(); err != nil {
return err
} else if err = t.GetMembers(); err != nil {
return err
}
sess := x.NewSession()
defer sess.Close()
if err = sess.Begin(); err != nil {
return err
}
t.NumRepos++
t.RepoIds += idStr
if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
sess.Rollback()
return err
}
// Give access to team members.
mode := AuthorizeToAccessType(t.Authorize)
for _, u := range t.Members {
auth, err := GetHighestAuthorize(t.OrgId, u.Id, t.Id, repo.Id)
if err != nil {
sess.Rollback()
return err
}
access := &Access{
UserName: u.LowerName,
RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
}
if auth == 0 {
access.Mode = mode
if _, err = sess.Insert(access); err != nil {
sess.Rollback()
return fmt.Errorf("fail to insert access: %v", err)
}
} else if auth < t.Authorize {
if err = addAccessWithAuthorize(sess, access, mode); err != nil {
sess.Rollback()
return err
}
}
}
return sess.Commit()
}
// RemoveRepository removes repository from team of organization.
func (t *Team) RemoveRepository(repoId int64) error {
idStr := "$" + com.ToStr(repoId) + "|"
if !strings.Contains(t.RepoIds, idStr) {
return nil
}
repo, err := GetRepositoryById(repoId)
if err != nil {
return err
}
if err = repo.GetOwner(); err != nil {
return err
} else if err = t.GetMembers(); err != nil {
return err
}
sess := x.NewSession()
defer sess.Close()
if err = sess.Begin(); err != nil {
return err
}
t.NumRepos--
t.RepoIds = strings.Replace(t.RepoIds, idStr, "", 1)
if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
sess.Rollback()
return err
}
// Remove access to team members.
for _, u := range t.Members {
auth, err := GetHighestAuthorize(t.OrgId, u.Id, t.Id, repo.Id)
if err != nil {
sess.Rollback()
return err
}
access := &Access{
UserName: u.LowerName,
RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
}
if auth == 0 {
if _, err = sess.Delete(access); err != nil {
sess.Rollback()
return fmt.Errorf("fail to delete access: %v", err)
}
} else if auth < t.Authorize {
if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
sess.Rollback()
return err
}
}
}
return sess.Commit()
}
// NewTeam creates a record of new team.
// It's caller's responsibility to assign organization ID.
func NewTeam(t *Team) error {
@ -554,16 +697,10 @@ func UpdateTeam(t *Team, authChanged bool) (err error) {
return err
}
mode := READABLE
if t.Authorize > ORG_READABLE {
mode = WRITABLE
}
access := &Access{
Mode: mode,
}
// Update access.
mode := AuthorizeToAccessType(t.Authorize)
for _, repo := range t.Repos {
access.RepoName = path.Join(org.LowerName, repo.LowerName)
for _, u := range t.Members {
// ORG_WRITABLE is the highest authorize level for now.
// Skip checking others if current team has this level.
@ -578,8 +715,11 @@ func UpdateTeam(t *Team, authChanged bool) (err error) {
}
}
access.UserName = u.LowerName
if _, err = sess.Update(access); err != nil {
access := &Access{
UserName: u.LowerName,
RepoName: path.Join(org.LowerName, repo.LowerName),
}
if err = addAccessWithAuthorize(sess, access, mode); err != nil {
sess.Rollback()
return err
}
@ -617,36 +757,26 @@ func DeleteTeam(t *Team) error {
}
// Delete all accesses.
mode := READABLE
if t.Authorize > ORG_READABLE {
mode = WRITABLE
}
access := new(Access)
for _, repo := range t.Repos {
access.RepoName = path.Join(org.LowerName, repo.LowerName)
for _, u := range t.Members {
access.UserName = u.LowerName
access.Mode = mode
auth, err := GetHighestAuthorize(org.Id, u.Id, t.Id, repo.Id)
if err != nil {
sess.Rollback()
return err
}
access := &Access{
UserName: u.LowerName,
RepoName: path.Join(org.LowerName, repo.LowerName),
}
if auth == 0 {
if _, err = sess.Delete(access); err != nil {
sess.Rollback()
return err
return fmt.Errorf("fail to delete access: %v", err)
}
} else if auth < t.Authorize {
// Downgrade authorize level.
mode := READABLE
if auth > ORG_READABLE {
mode = WRITABLE
}
access.Mode = mode
if _, err = sess.Update(access); err != nil {
if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
sess.Rollback()
return err
}
@ -779,15 +909,6 @@ func AddTeamMember(orgId, teamId, uid int64) error {
TeamId: teamId,
}
mode := READABLE
if t.Authorize > ORG_READABLE {
mode = WRITABLE
}
access := &Access{
UserName: u.LowerName,
Mode: mode,
}
if _, err = sess.Insert(tu); err != nil {
sess.Rollback()
return err
@ -797,6 +918,7 @@ func AddTeamMember(orgId, teamId, uid int64) error {
}
// Give access to team repositories.
mode := AuthorizeToAccessType(t.Authorize)
for _, repo := range t.Repos {
auth, err := GetHighestAuthorize(orgId, uid, teamId, repo.Id)
if err != nil {
@ -804,22 +926,24 @@ func AddTeamMember(orgId, teamId, uid int64) error {
return err
}
access.Id = 0
access.RepoName = path.Join(org.LowerName, repo.LowerName)
access := &Access{
UserName: u.LowerName,
RepoName: path.Join(org.LowerName, repo.LowerName),
}
// Equal 0 means given access doesn't exist.
if auth == 0 {
access.Mode = mode
if _, err = sess.Insert(access); err != nil {
sess.Rollback()
return err
return fmt.Errorf("fail to insert access: %v", err)
}
} else if auth < t.Authorize {
if _, err = sess.Update(access); err != nil {
if err = addAccessWithAuthorize(sess, access, mode); err != nil {
sess.Rollback()
return err
}
}
}
fmt.Println("kao")
// We make sure it exists before.
ou := new(OrgUser)
@ -889,10 +1013,6 @@ func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) erro
}
// Delete access to team repositories.
access := &Access{
UserName: u.LowerName,
}
for _, repo := range t.Repos {
auth, err := GetHighestAuthorize(orgId, uid, teamId, repo.Id)
if err != nil {
@ -900,22 +1020,22 @@ func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) erro
return err
}
access := &Access{
UserName: u.LowerName,
RepoName: path.Join(org.LowerName, repo.LowerName),
}
// Delete access if this is the last team user belongs to.
if auth == 0 {
access.RepoName = path.Join(org.LowerName, repo.LowerName)
_, err = sess.Delete(access)
if _, err = sess.Delete(access); err != nil {
sess.Rollback()
return fmt.Errorf("fail to delete access: %v", err)
}
} else if auth < t.Authorize {
// Downgrade authorize level.
mode := READABLE
if auth > ORG_READABLE {
mode = WRITABLE
if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
sess.Rollback()
return err
}
access.Mode = mode
_, err = sess.Update(access)
}
if err != nil {
sess.Rollback()
return err
}
}