forgejo/models/access.go

// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package models

import "fmt"

// AccessMode specifies the users access mode
type AccessMode int

const (
	// AccessModeNone no access
	AccessModeNone AccessMode = iota // 0
	// AccessModeRead read access
	AccessModeRead // 1
	// AccessModeWrite write access
	AccessModeWrite // 2
	// AccessModeAdmin admin access
	AccessModeAdmin // 3
	// AccessModeOwner owner access
	AccessModeOwner // 4
)

func (mode AccessMode) String() string {
	switch mode {
	case AccessModeRead:
		return "read"
	case AccessModeWrite:
		return "write"
	case AccessModeAdmin:
		return "admin"
	case AccessModeOwner:
		return "owner"
	default:
		return "none"
	}
}

// ParseAccessMode returns corresponding access mode to given permission string.
func ParseAccessMode(permission string) AccessMode {
	switch permission {
	case "write":
		return AccessModeWrite
	case "admin":
		return AccessModeAdmin
	default:
		return AccessModeRead
	}
}

// Access represents the highest access level of a user to the repository. The only access type
// that is not in this table is the real owner of a repository. In case of an organization
// repository, the members of the owners team are in this table.
type Access struct {
	ID     int64 `xorm:"pk autoincr"`
	UserID int64 `xorm:"UNIQUE(s)"`
	RepoID int64 `xorm:"UNIQUE(s)"`
	Mode   AccessMode
}

func accessLevel(e Engine, userID int64, repo *Repository) (AccessMode, error) {
	mode := AccessModeNone
	if !repo.IsPrivate {
		mode = AccessModeRead
	}

	if userID == 0 {
		return mode, nil
	}

	if userID == repo.OwnerID {
		return AccessModeOwner, nil
	}

	a := &Access{UserID: userID, RepoID: repo.ID}
	if has, err := e.Get(a); !has || err != nil {
		return mode, err
	}
	return a.Mode, nil
}

type repoAccess struct {
	Access     `xorm:"extends"`
	Repository `xorm:"extends"`
}

func (repoAccess) TableName() string {
	return "access"
}

// GetRepositoryAccesses finds all repositories with their access mode where a user has access but does not own.
func (user *User) GetRepositoryAccesses() (map[*Repository]AccessMode, error) {
	rows, err := x.
		Join("INNER", "repository", "repository.id = access.repo_id").
		Where("access.user_id = ?", user.ID).
		And("repository.owner_id <> ?", user.ID).
		Rows(new(repoAccess))
	if err != nil {
		return nil, err
	}
	defer rows.Close()

	var repos = make(map[*Repository]AccessMode, 10)
	var ownerCache = make(map[int64]*User, 10)
	for rows.Next() {
		var repo repoAccess
		err = rows.Scan(&repo)
		if err != nil {
			return nil, err
		}

		var ok bool
		if repo.Owner, ok = ownerCache[repo.OwnerID]; !ok {
			if err = repo.GetOwner(); err != nil {
				return nil, err
			}
			ownerCache[repo.OwnerID] = repo.Owner
		}

		repos[&repo.Repository] = repo.Access.Mode
	}
	return repos, nil
}

// GetAccessibleRepositories finds repositories which the user has access but does not own.
// If limit is smaller than 1 means returns all found results.
func (user *User) GetAccessibleRepositories(limit int) (repos []*Repository, _ error) {
	sess := x.
		Where("owner_id !=? ", user.ID).
		Desc("updated_unix")
	if limit > 0 {
		sess.Limit(limit)
		repos = make([]*Repository, 0, limit)
	} else {
		repos = make([]*Repository, 0, 10)
	}
	return repos, sess.
		Join("INNER", "access", "access.user_id = ? AND access.repo_id = repository.id", user.ID).
		Find(&repos)
}

func maxAccessMode(modes ...AccessMode) AccessMode {
	max := AccessModeNone
	for _, mode := range modes {
		if mode > max {
			max = mode
		}
	}
	return max
}

// FIXME: do cross-comparison so reduce deletions and additions to the minimum?
func (repo *Repository) refreshAccesses(e Engine, accessMap map[int64]AccessMode) (err error) {
	minMode := AccessModeRead
	if !repo.IsPrivate {
		minMode = AccessModeWrite
	}

	newAccesses := make([]Access, 0, len(accessMap))
	for userID, mode := range accessMap {
		if mode < minMode {
			continue
		}
		newAccesses = append(newAccesses, Access{
			UserID: userID,
			RepoID: repo.ID,
			Mode:   mode,
		})
	}

	// Delete old accesses and insert new ones for repository.
	if _, err = e.Delete(&Access{RepoID: repo.ID}); err != nil {
		return fmt.Errorf("delete old accesses: %v", err)
	} else if _, err = e.Insert(newAccesses); err != nil {
		return fmt.Errorf("insert new accesses: %v", err)
	}
	return nil
}

// refreshCollaboratorAccesses retrieves repository collaborations with their access modes.
func (repo *Repository) refreshCollaboratorAccesses(e Engine, accessMap map[int64]AccessMode) error {
	collaborations, err := repo.getCollaborations(e)
	if err != nil {
		return fmt.Errorf("getCollaborations: %v", err)
	}
	for _, c := range collaborations {
		accessMap[c.UserID] = c.Mode
	}
	return nil
}

// recalculateTeamAccesses recalculates new accesses for teams of an organization
// except the team whose ID is given. It is used to assign a team ID when
// remove repository from that team.
func (repo *Repository) recalculateTeamAccesses(e Engine, ignTeamID int64) (err error) {
	accessMap := make(map[int64]AccessMode, 20)

	if err = repo.getOwner(e); err != nil {
		return err
	} else if !repo.Owner.IsOrganization() {
		return fmt.Errorf("owner is not an organization: %d", repo.OwnerID)
	}

	if err = repo.refreshCollaboratorAccesses(e, accessMap); err != nil {
		return fmt.Errorf("refreshCollaboratorAccesses: %v", err)
	}

	if err = repo.Owner.getTeams(e); err != nil {
		return err
	}

	for _, t := range repo.Owner.Teams {
		if t.ID == ignTeamID {
			continue
		}

		// Owner team gets owner access, and skip for teams that do not
		// have relations with repository.
		if t.IsOwnerTeam() {
			t.Authorize = AccessModeOwner
		} else if !t.hasRepository(e, repo.ID) {
			continue
		}

		if err = t.getMembers(e); err != nil {
			return fmt.Errorf("getMembers '%d': %v", t.ID, err)
		}
		for _, m := range t.Members {
			accessMap[m.ID] = maxAccessMode(accessMap[m.ID], t.Authorize)
		}
	}

	return repo.refreshAccesses(e, accessMap)
}

func (repo *Repository) recalculateAccesses(e Engine) error {
	if repo.Owner.IsOrganization() {
		return repo.recalculateTeamAccesses(e, 0)
	}

	accessMap := make(map[int64]AccessMode, 20)
	if err := repo.refreshCollaboratorAccesses(e, accessMap); err != nil {
		return fmt.Errorf("refreshCollaboratorAccesses: %v", err)
	}
	return repo.refreshAccesses(e, accessMap)
}

// RecalculateAccesses recalculates all accesses for repository.
func (repo *Repository) RecalculateAccesses() error {
	return repo.recalculateAccesses(x)
}
Add UI for register user 2014-02-17 18:38:50 -05:00			`// Copyright 2014 The Gogs Authors. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

add publickey & access 2014-02-17 23:57:23 +08:00			`package models`

Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00			`import "fmt"`
models: fix issue with transfer repository README: fix typo 2015-02-24 00:27:22 -05:00
Lint models/access.go 2016-11-26 01:07:57 +01:00			`// AccessMode specifies the users access mode`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`type AccessMode int`
Add create organization 2014-06-25 00:44:48 -04:00
add publickey & access 2014-02-17 23:57:23 +08:00			`const (`
Lint models/access.go 2016-11-26 01:07:57 +01:00			`// AccessModeNone no access`
			`AccessModeNone AccessMode = iota // 0`
			`// AccessModeRead read access`
			`AccessModeRead // 1`
			`// AccessModeWrite write access`
			`AccessModeWrite // 2`
			`// AccessModeAdmin admin access`
			`AccessModeAdmin // 3`
			`// AccessModeOwner owner access`
			`AccessModeOwner // 4`
add publickey & access 2014-02-17 23:57:23 +08:00			`)`

#1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00			`func (mode AccessMode) String() string {`
			`switch mode {`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`case AccessModeRead:`
#1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00			`return "read"`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`case AccessModeWrite:`
#1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00			`return "write"`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`case AccessModeAdmin:`
#1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00			`return "admin"`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`case AccessModeOwner:`
#1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00			`return "owner"`
			`default:`
			`return "none"`
			`}`
			`}`

			`// ParseAccessMode returns corresponding access mode to given permission string.`
			`func ParseAccessMode(permission string) AccessMode {`
			`switch permission {`
			`case "write":`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`return AccessModeWrite`
#1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00			`case "admin":`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`return AccessModeAdmin`
#1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00			`default:`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`return AccessModeRead`
#1692 api: admin list and create team under organization 2016-03-21 12:47:54 -04:00			`}`
			`}`

Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`// Access represents the highest access level of a user to the repository. The only access type`
			`// that is not in this table is the real owner of a repository. In case of an organization`
			`// repository, the members of the owners team are in this table.`
			`type Access struct {`
			ID int64 `xorm:"pk autoincr"`
			UserID int64 `xorm:"UNIQUE(s)"`
			RepoID int64 `xorm:"UNIQUE(s)"`
			`Mode AccessMode`
add publickey & access 2014-02-17 23:57:23 +08:00			`}`

Refactor and fix incorrect comment (#1247) 2017-03-14 20:51:46 -04:00			`func accessLevel(e Engine, userID int64, repo *Repository) (AccessMode, error) {`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`mode := AccessModeNone`
v4 migration, merge 'dev', clean code and mirror fix 2015-02-23 02:15:53 -05:00			`if !repo.IsPrivate {`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`mode = AccessModeRead`
first pass work on migration #925 2015-02-11 21:58:37 -05:00			`}`
Collaborator 2014-05-01 11:32:12 -04:00
Refactor and fix incorrect comment (#1247) 2017-03-14 20:51:46 -04:00			`if userID == 0 {`
fix #1997 2015-11-19 11:40:00 -05:00			`return mode, nil`
			`}`
Use session for rolling back 2014-04-04 18:55:17 -04:00
Refactor and fix incorrect comment (#1247) 2017-03-14 20:51:46 -04:00			`if userID == repo.OwnerID {`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`return AccessModeOwner, nil`
Support private repo 2014-04-11 21:47:39 -04:00			`}`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00
Refactor and fix incorrect comment (#1247) 2017-03-14 20:51:46 -04:00			`a := &Access{UserID: userID, RepoID: repo.ID}`
fix #1997 2015-11-19 11:40:00 -05:00			`if has, err := e.Get(a); !has \|\| err != nil {`
			`return mode, err`
			`}`
			`return a.Mode, nil`
add publickey & access 2014-02-17 23:57:23 +08:00			`}`
Introducing Collaboration Struct 2015-01-23 09:54:16 +02:00
Fix SQL bug in models/access (#583) Previously got a 'relation repo_access does not exist' error in User_GetRepositoryAccesses 2017-01-04 19:57:54 -05:00			`type repoAccess struct {`
			Access `xorm:"extends"`
			Repository `xorm:"extends"`
			`}`

			`func (repoAccess) TableName() string {`
			`return "access"`
			`}`

fix #1302 2015-11-13 17:37:02 -05:00			`// GetRepositoryAccesses finds all repositories with their access mode where a user has access but does not own.`
Lint models/access.go 2016-11-26 01:07:57 +01:00			`func (user User) GetRepositoryAccesses() (map[Repository]AccessMode, error) {`
Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00			`rows, err := x.`
Fix SQL bug in models/access (#583) Previously got a 'relation repo_access does not exist' error in User_GetRepositoryAccesses 2017-01-04 19:57:54 -05:00			`Join("INNER", "repository", "repository.id = access.repo_id").`
Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00			`Where("access.user_id = ?", user.ID).`
			`And("repository.owner_id <> ?", user.ID).`
Fix SQL bug in models/access (#583) Previously got a 'relation repo_access does not exist' error in User_GetRepositoryAccesses 2017-01-04 19:57:54 -05:00			`Rows(new(repoAccess))`
Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00			`if err != nil {`
Introducing Collaboration Struct 2015-01-23 09:54:16 +02:00			`return nil, err`
			`}`
Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00			`defer rows.Close()`
Introducing Collaboration Struct 2015-01-23 09:54:16 +02:00
Fix SQL bug in models/access (#583) Previously got a 'relation repo_access does not exist' error in User_GetRepositoryAccesses 2017-01-04 19:57:54 -05:00			`var repos = make(map[*Repository]AccessMode, 10)`
			`var ownerCache = make(map[int64]*User, 10)`
Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00			`for rows.Next() {`
Fix SQL bug in models/access (#583) Previously got a 'relation repo_access does not exist' error in User_GetRepositoryAccesses 2017-01-04 19:57:54 -05:00			`var repo repoAccess`
Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00			`err = rows.Scan(&repo)`
Introducing Collaboration Struct 2015-01-23 09:54:16 +02:00			`if err != nil {`
			`return nil, err`
			`}`
Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00
			`var ok bool`
			`if repo.Owner, ok = ownerCache[repo.OwnerID]; !ok {`
			`if err = repo.GetOwner(); err != nil {`
			`return nil, err`
			`}`
			`ownerCache[repo.OwnerID] = repo.Owner`
Fix dashboard issue after collaboration migration 2015-02-04 16:08:55 +02:00			`}`
Optimization for user.GetRepositoryAccesses to reduce db query times (#495) * optimization for user.GetRepositoryAccesses to reduce db query times * fix missing cache 2016-12-28 09:34:35 +08:00
			`repos[&repo.Repository] = repo.Access.Mode`
Introducing Collaboration Struct 2015-01-23 09:54:16 +02:00			`}`
			`return repos, nil`
			`}`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00
#1384 add pagination for repositories 2016-07-24 14:32:46 +08:00			`// GetAccessibleRepositories finds repositories which the user has access but does not own.`
			`// If limit is smaller than 1 means returns all found results.`
			`func (user User) GetAccessibleRepositories(limit int) (repos []Repository, _ error) {`
Rewrite XORM queries 2016-11-10 16:16:32 +01:00			`sess := x.`
			`Where("owner_id !=? ", user.ID).`
			`Desc("updated_unix")`
#1384 add pagination for repositories 2016-07-24 14:32:46 +08:00			`if limit > 0 {`
			`sess.Limit(limit)`
			`repos = make([]*Repository, 0, limit)`
			`} else {`
			`repos = make([]*Repository, 0, 10)`
fix #1302 2015-11-13 17:37:02 -05:00			`}`
Rewrite XORM queries 2016-11-10 16:16:32 +01:00			`return repos, sess.`
			`Join("INNER", "access", "access.user_id = ? AND access.repo_id = repository.id", user.ID).`
			`Find(&repos)`
fix #1302 2015-11-13 17:37:02 -05:00			`}`

code fix #941 caution: undertest 2015-02-13 00:58:46 -05:00			`func maxAccessMode(modes ...AccessMode) AccessMode {`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`max := AccessModeNone`
code fix #941 caution: undertest 2015-02-13 00:58:46 -05:00			`for _, mode := range modes {`
			`if mode > max {`
			`max = mode`
			`}`
			`}`
			`return max`
			`}`

Fix typos in models/ (#576) 2017-01-04 19:50:34 -05:00			`// FIXME: do cross-comparison so reduce deletions and additions to the minimum?`
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`func (repo *Repository) refreshAccesses(e Engine, accessMap map[int64]AccessMode) (err error) {`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`minMode := AccessModeRead`
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`if !repo.IsPrivate {`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`minMode = AccessModeWrite`
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`}`

			`newAccesses := make([]Access, 0, len(accessMap))`
			`for userID, mode := range accessMap {`
			`if mode < minMode {`
			`continue`
			`}`
			`newAccesses = append(newAccesses, Access{`
			`UserID: userID,`
WIP: create PR - choose branch 2015-08-08 22:43:14 +08:00			`RepoID: repo.ID,`
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`Mode: mode,`
			`})`
			`}`
some fixes, but not done yet! 2015-02-13 02:56:42 -05:00
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`// Delete old accesses and insert new ones for repository.`
WIP: create PR - choose branch 2015-08-08 22:43:14 +08:00			`if _, err = e.Delete(&Access{RepoID: repo.ID}); err != nil {`
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`return fmt.Errorf("delete old accesses: %v", err)`
			`} else if _, err = e.Insert(newAccesses); err != nil {`
			`return fmt.Errorf("insert new accesses: %v", err)`
			`}`
some fixes, but not done yet! 2015-02-13 02:56:42 -05:00			`return nil`
			`}`

#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin. 2016-03-05 18:08:42 -05:00			`// refreshCollaboratorAccesses retrieves repository collaborations with their access modes.`
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`func (repo *Repository) refreshCollaboratorAccesses(e Engine, accessMap map[int64]AccessMode) error {`
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin. 2016-03-05 18:08:42 -05:00			`collaborations, err := repo.getCollaborations(e)`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`if err != nil {`
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin. 2016-03-05 18:08:42 -05:00			`return fmt.Errorf("getCollaborations: %v", err)`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`}`
#1146 finsih UI work for access mode of collaborators Collaborators have write access as default, and can be changed via repository collaboration settings page to change between read, write and admin. 2016-03-05 18:08:42 -05:00			`for _, c := range collaborations {`
			`accessMap[c.UserID] = c.Mode`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`}`
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`return nil`
			`}`

			`// recalculateTeamAccesses recalculates new accesses for teams of an organization`
			`// except the team whose ID is given. It is used to assign a team ID when`
			`// remove repository from that team.`
			`func (repo *Repository) recalculateTeamAccesses(e Engine, ignTeamID int64) (err error) {`
			`accessMap := make(map[int64]AccessMode, 20)`

			`if err = repo.getOwner(e); err != nil {`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`return err`
#1458: Authorities were messed up when using mysql database 2015-08-28 13:51:15 +08:00			`} else if !repo.Owner.IsOrganization() {`
			`return fmt.Errorf("owner is not an organization: %d", repo.OwnerID)`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`}`
#1458: Authorities were messed up when using mysql database 2015-08-28 13:51:15 +08:00
#1369: nil pointer when add repo to team 2015-07-24 16:52:01 +08:00			`if err = repo.refreshCollaboratorAccesses(e, accessMap); err != nil {`
			`return fmt.Errorf("refreshCollaboratorAccesses: %v", err)`
			`}`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00
#1458: Authorities were messed up when using mysql database 2015-08-28 13:51:15 +08:00			`if err = repo.Owner.getTeams(e); err != nil {`
			`return err`
			`}`
#1143 Team member access lost when adding repository collaborator - fix bug when add a repo to team, all other team members gets access as well 2015-03-24 18:14:04 -04:00
#1458: Authorities were messed up when using mysql database 2015-08-28 13:51:15 +08:00			`for _, t := range repo.Owner.Teams {`
			`if t.ID == ignTeamID {`
			`continue`
			`}`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00
#1458: Authorities were messed up when using mysql database 2015-08-28 13:51:15 +08:00			`// Owner team gets owner access, and skip for teams that do not`
			`// have relations with repository.`
			`if t.IsOwnerTeam() {`
ACCESS_MODE_* -> AccessMode* 2016-11-07 17:20:37 +01:00			`t.Authorize = AccessModeOwner`
#1458: Authorities were messed up when using mysql database 2015-08-28 13:51:15 +08:00			`} else if !t.hasRepository(e, repo.ID) {`
			`continue`
			`}`

			`if err = t.getMembers(e); err != nil {`
			`return fmt.Errorf("getMembers '%d': %v", t.ID, err)`
			`}`
			`for _, m := range t.Members {`
Refactor User.Id to User.ID 2016-07-24 01:08:22 +08:00			`accessMap[m.ID] = maxAccessMode(accessMap[m.ID], t.Authorize)`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`}`
			`}`

models: done testing on new access system 2015-02-28 21:44:09 -05:00			`return repo.refreshAccesses(e, accessMap)`
			`}`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`func (repo *Repository) recalculateAccesses(e Engine) error {`
#1458: Authorities were messed up when using mysql database 2015-08-28 13:51:15 +08:00			`if repo.Owner.IsOrganization() {`
			`return repo.recalculateTeamAccesses(e, 0)`
			`}`

models: done testing on new access system 2015-02-28 21:44:09 -05:00			`accessMap := make(map[int64]AccessMode, 20)`
			`if err := repo.refreshCollaboratorAccesses(e, accessMap); err != nil {`
			`return fmt.Errorf("refreshCollaboratorAccesses: %v", err)`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`}`
models: done testing on new access system 2015-02-28 21:44:09 -05:00			`return repo.refreshAccesses(e, accessMap)`
code fix #941 caution: undertest 2015-02-13 00:58:46 -05:00			`}`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00
code fix #941 caution: undertest 2015-02-13 00:58:46 -05:00			`// RecalculateAccesses recalculates all accesses for repository.`
Lint models/access.go 2016-11-26 01:07:57 +01:00			`func (repo *Repository) RecalculateAccesses() error {`
			`return repo.recalculateAccesses(x)`
Refactoring of the Access Table This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens. 2015-02-05 15:29:08 +02:00			`}`