|
@@ -12,7 +12,6 @@ import (
|
|
|
"strings"
|
|
|
|
|
|
"github.com/Unknwon/com"
|
|
|
- "github.com/go-xorm/xorm"
|
|
|
|
|
|
"github.com/gogits/gogs/modules/base"
|
|
|
)
|
|
@@ -391,7 +390,7 @@ func RemoveOrgUser(orgId, uid int64) error {
|
|
|
return err
|
|
|
}
|
|
|
for _, t := range ts {
|
|
|
- if err = removeTeamMemberWithSess(org.Id, t.Id, u.Id, sess); err != nil {
|
|
|
+ if err = removeTeamMember(sess, org.Id, t.Id, u.Id); err != nil {
|
|
|
return err
|
|
|
}
|
|
|
}
|
|
@@ -486,18 +485,18 @@ func (t *Team) RemoveMember(uid int64) error {
|
|
|
}
|
|
|
|
|
|
// addAccessWithAuthorize inserts or updates access with given mode.
|
|
|
-func addAccessWithAuthorize(sess *xorm.Session, access *Access, mode AccessType) error {
|
|
|
- has, err := x.Get(access)
|
|
|
+func addAccessWithAuthorize(e Engine, access *Access, mode AccessType) error {
|
|
|
+ has, err := e.Get(access)
|
|
|
if err != nil {
|
|
|
return fmt.Errorf("fail to get access: %v", err)
|
|
|
}
|
|
|
access.Mode = mode
|
|
|
if has {
|
|
|
- if _, err = sess.Id(access.Id).Update(access); err != nil {
|
|
|
+ if _, err = e.Id(access.Id).Update(access); err != nil {
|
|
|
return fmt.Errorf("fail to update access: %v", err)
|
|
|
}
|
|
|
} else {
|
|
|
- if _, err = sess.Insert(access); err != nil {
|
|
|
+ if _, err = e.Insert(access); err != nil {
|
|
|
return fmt.Errorf("fail to insert access: %v", err)
|
|
|
}
|
|
|
}
|
|
@@ -536,7 +535,7 @@ func (t *Team) AddRepository(repo *Repository) (err error) {
|
|
|
mode := AuthorizeToAccessType(t.Authorize)
|
|
|
|
|
|
for _, u := range t.Members {
|
|
|
- auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
|
|
|
+ auth, err := getHighestAuthorize(sess, t.OrgId, u.Id, repo.Id, t.Id)
|
|
|
if err != nil {
|
|
|
sess.Rollback()
|
|
|
return err
|
|
@@ -552,7 +551,7 @@ func (t *Team) AddRepository(repo *Repository) (err error) {
|
|
|
return err
|
|
|
}
|
|
|
}
|
|
|
- if err = WatchRepo(u.Id, repo.Id, true); err != nil {
|
|
|
+ if err = watchRepo(sess, u.Id, repo.Id, true); err != nil {
|
|
|
sess.Rollback()
|
|
|
return err
|
|
|
}
|
|
@@ -593,7 +592,7 @@ func (t *Team) RemoveRepository(repoId int64) error {
|
|
|
|
|
|
// Remove access to team members.
|
|
|
for _, u := range t.Members {
|
|
|
- auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
|
|
|
+ auth, err := getHighestAuthorize(sess, t.OrgId, u.Id, repo.Id, t.Id)
|
|
|
if err != nil {
|
|
|
sess.Rollback()
|
|
|
return err
|
|
@@ -607,7 +606,7 @@ func (t *Team) RemoveRepository(repoId int64) error {
|
|
|
if _, err = sess.Delete(access); err != nil {
|
|
|
sess.Rollback()
|
|
|
return fmt.Errorf("fail to delete access: %v", err)
|
|
|
- } else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
|
|
|
+ } else if err = watchRepo(sess, u.Id, repo.Id, false); err != nil {
|
|
|
sess.Rollback()
|
|
|
return err
|
|
|
}
|
|
@@ -678,10 +677,9 @@ func GetTeam(orgId int64, name string) (*Team, error) {
|
|
|
return t, nil
|
|
|
}
|
|
|
|
|
|
-// GetTeamById returns team by given ID.
|
|
|
-func GetTeamById(teamId int64) (*Team, error) {
|
|
|
+func getTeamById(e Engine, teamId int64) (*Team, error) {
|
|
|
t := new(Team)
|
|
|
- has, err := x.Id(teamId).Get(t)
|
|
|
+ has, err := e.Id(teamId).Get(t)
|
|
|
if err != nil {
|
|
|
return nil, err
|
|
|
} else if !has {
|
|
@@ -690,9 +688,13 @@ func GetTeamById(teamId int64) (*Team, error) {
|
|
|
return t, nil
|
|
|
}
|
|
|
|
|
|
-// GetHighestAuthorize returns highest repository authorize level for given user and team.
|
|
|
-func GetHighestAuthorize(orgId, uid, repoId, teamId int64) (AuthorizeType, error) {
|
|
|
- ts, err := GetUserTeams(orgId, uid)
|
|
|
+// GetTeamById returns team by given ID.
|
|
|
+func GetTeamById(teamId int64) (*Team, error) {
|
|
|
+ return getTeamById(x, teamId)
|
|
|
+}
|
|
|
+
|
|
|
+func getHighestAuthorize(e Engine, orgId, uid, repoId, teamId int64) (AuthorizeType, error) {
|
|
|
+ ts, err := getUserTeams(e, orgId, uid)
|
|
|
if err != nil {
|
|
|
return 0, err
|
|
|
}
|
|
@@ -714,6 +716,11 @@ func GetHighestAuthorize(orgId, uid, repoId, teamId int64) (AuthorizeType, error
|
|
|
return auth, nil
|
|
|
}
|
|
|
|
|
|
+// GetHighestAuthorize returns highest repository authorize level for given user and team.
|
|
|
+func GetHighestAuthorize(orgId, uid, repoId, teamId int64) (AuthorizeType, error) {
|
|
|
+ return getHighestAuthorize(x, orgId, uid, repoId, teamId)
|
|
|
+}
|
|
|
+
|
|
|
// UpdateTeam updates information of team.
|
|
|
func UpdateTeam(t *Team, authChanged bool) (err error) {
|
|
|
if !IsLegalName(t.Name) {
|
|
@@ -866,10 +873,14 @@ type TeamUser struct {
|
|
|
TeamId int64
|
|
|
}
|
|
|
|
|
|
+func isTeamMember(e Engine, orgId, teamId, uid int64) bool {
|
|
|
+ has, _ := e.Where("uid=?", uid).And("org_id=?", orgId).And("team_id=?", teamId).Get(new(TeamUser))
|
|
|
+ return has
|
|
|
+}
|
|
|
+
|
|
|
// IsTeamMember returns true if given user is a member of team.
|
|
|
func IsTeamMember(orgId, teamId, uid int64) bool {
|
|
|
- has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).And("team_id=?", teamId).Get(new(TeamUser))
|
|
|
- return has
|
|
|
+ return isTeamMember(x, orgId, teamId, uid)
|
|
|
}
|
|
|
|
|
|
// GetTeamMembers returns all members in given team of organization.
|
|
@@ -879,17 +890,16 @@ func GetTeamMembers(orgId, teamId int64) ([]*User, error) {
|
|
|
return us, err
|
|
|
}
|
|
|
|
|
|
-// GetUserTeams returns all teams that user belongs to in given organization.
|
|
|
-func GetUserTeams(orgId, uid int64) ([]*Team, error) {
|
|
|
+func getUserTeams(e Engine, orgId, uid int64) ([]*Team, error) {
|
|
|
tus := make([]*TeamUser, 0, 5)
|
|
|
- if err := x.Where("uid=?", uid).And("org_id=?", orgId).Find(&tus); err != nil {
|
|
|
+ if err := e.Where("uid=?", uid).And("org_id=?", orgId).Find(&tus); err != nil {
|
|
|
return nil, err
|
|
|
}
|
|
|
|
|
|
ts := make([]*Team, len(tus))
|
|
|
for i, tu := range tus {
|
|
|
t := new(Team)
|
|
|
- has, err := x.Id(tu.TeamId).Get(t)
|
|
|
+ has, err := e.Id(tu.TeamId).Get(t)
|
|
|
if err != nil {
|
|
|
return nil, err
|
|
|
} else if !has {
|
|
@@ -900,6 +910,11 @@ func GetUserTeams(orgId, uid int64) ([]*Team, error) {
|
|
|
return ts, nil
|
|
|
}
|
|
|
|
|
|
+// GetUserTeams returns all teams that user belongs to in given organization.
|
|
|
+func GetUserTeams(orgId, uid int64) ([]*Team, error) {
|
|
|
+ return getUserTeams(x, orgId, uid)
|
|
|
+}
|
|
|
+
|
|
|
// AddTeamMember adds new member to given team of given organization.
|
|
|
func AddTeamMember(orgId, teamId, uid int64) error {
|
|
|
if IsTeamMember(orgId, teamId, uid) {
|
|
@@ -956,7 +971,7 @@ func AddTeamMember(orgId, teamId, uid int64) error {
|
|
|
// Give access to team repositories.
|
|
|
mode := AuthorizeToAccessType(t.Authorize)
|
|
|
for _, repo := range t.Repos {
|
|
|
- auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, teamId)
|
|
|
+ auth, err := getHighestAuthorize(sess, t.OrgId, u.Id, repo.Id, teamId)
|
|
|
if err != nil {
|
|
|
sess.Rollback()
|
|
|
return err
|
|
@@ -993,13 +1008,13 @@ func AddTeamMember(orgId, teamId, uid int64) error {
|
|
|
return sess.Commit()
|
|
|
}
|
|
|
|
|
|
-func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) error {
|
|
|
- if !IsTeamMember(orgId, teamId, uid) {
|
|
|
+func removeTeamMember(e Engine, orgId, teamId, uid int64) error {
|
|
|
+ if !isTeamMember(e, orgId, teamId, uid) {
|
|
|
return nil
|
|
|
}
|
|
|
|
|
|
// Get team and its repositories.
|
|
|
- t, err := GetTeamById(teamId)
|
|
|
+ t, err := getTeamById(e, teamId)
|
|
|
if err != nil {
|
|
|
return err
|
|
|
}
|
|
@@ -1033,19 +1048,16 @@ func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) erro
|
|
|
TeamId: teamId,
|
|
|
}
|
|
|
|
|
|
- if _, err := sess.Delete(tu); err != nil {
|
|
|
- sess.Rollback()
|
|
|
+ if _, err := e.Delete(tu); err != nil {
|
|
|
return err
|
|
|
- } else if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
|
|
|
- sess.Rollback()
|
|
|
+ } else if _, err = e.Id(t.Id).AllCols().Update(t); err != nil {
|
|
|
return err
|
|
|
}
|
|
|
|
|
|
// Delete access to team repositories.
|
|
|
for _, repo := range t.Repos {
|
|
|
- auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, teamId)
|
|
|
+ auth, err := getHighestAuthorize(e, t.OrgId, u.Id, repo.Id, teamId)
|
|
|
if err != nil {
|
|
|
- sess.Rollback()
|
|
|
return err
|
|
|
}
|
|
|
|
|
@@ -1055,17 +1067,14 @@ func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) erro
|
|
|
}
|
|
|
// Delete access if this is the last team user belongs to.
|
|
|
if auth == 0 {
|
|
|
- if _, err = sess.Delete(access); err != nil {
|
|
|
- sess.Rollback()
|
|
|
+ if _, err = e.Delete(access); err != nil {
|
|
|
return fmt.Errorf("fail to delete access: %v", err)
|
|
|
- } else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
|
|
|
- sess.Rollback()
|
|
|
+ } else if err = watchRepo(e, u.Id, repo.Id, false); err != nil {
|
|
|
return err
|
|
|
}
|
|
|
} else if auth < t.Authorize {
|
|
|
// Downgrade authorize level.
|
|
|
- if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
|
|
|
- sess.Rollback()
|
|
|
+ if err = addAccessWithAuthorize(e, access, AuthorizeToAccessType(auth)); err != nil {
|
|
|
return err
|
|
|
}
|
|
|
}
|
|
@@ -1073,17 +1082,15 @@ func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) erro
|
|
|
|
|
|
// This must exist.
|
|
|
ou := new(OrgUser)
|
|
|
- _, err = sess.Where("uid=?", uid).And("org_id=?", org.Id).Get(ou)
|
|
|
+ _, err = e.Where("uid=?", uid).And("org_id=?", org.Id).Get(ou)
|
|
|
if err != nil {
|
|
|
- sess.Rollback()
|
|
|
return err
|
|
|
}
|
|
|
ou.NumTeams--
|
|
|
if t.IsOwnerTeam() {
|
|
|
ou.IsOwner = false
|
|
|
}
|
|
|
- if _, err = sess.Id(ou.Id).AllCols().Update(ou); err != nil {
|
|
|
- sess.Rollback()
|
|
|
+ if _, err = e.Id(ou.Id).AllCols().Update(ou); err != nil {
|
|
|
return err
|
|
|
}
|
|
|
return nil
|
|
@@ -1096,7 +1103,8 @@ func RemoveTeamMember(orgId, teamId, uid int64) error {
|
|
|
if err := sess.Begin(); err != nil {
|
|
|
return err
|
|
|
}
|
|
|
- if err := removeTeamMemberWithSess(orgId, teamId, uid, sess); err != nil {
|
|
|
+ if err := removeTeamMember(sess, orgId, teamId, uid); err != nil {
|
|
|
+ sess.Rollback()
|
|
|
return err
|
|
|
}
|
|
|
return sess.Commit()
|