aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPeter Smit <peter@smitmail.eu>2015-02-12 14:25:07 +0200
committerPeter Smit <peter@smitmail.eu>2015-02-12 14:25:07 +0200
commit6c1ee384f1a45ed97f39b085209bcb79cafd9145 (patch)
tree0798c98ff2fa93324edae6cfcb539cf51fc4b7fd
parent0a4cda0dd4d7c906668d9d2e283fbe9ebe2e1608 (diff)
parent0d158e569b0c19614b5e946849e8b7a8e4a75015 (diff)
downloadgitea-6c1ee384f1a45ed97f39b085209bcb79cafd9145.tar.gz
gitea-6c1ee384f1a45ed97f39b085209bcb79cafd9145.zip
Merge remote-tracking branch 'mine/access_refactor' into access_refactor
Conflicts: cmd/serve.go models/access.go models/migrations/migrations.go models/org.go models/repo.go models/user.go modules/middleware/org.go modules/middleware/repo.go routers/api/v1/repo.go routers/org/teams.go routers/repo/http.go routers/user/home.go
-rw-r--r--cmd/serve.go14
-rw-r--r--models/access.go24
-rw-r--r--models/org.go2
-rw-r--r--models/user.go1
-rw-r--r--modules/middleware/org.go2
-rw-r--r--modules/middleware/repo.go13
-rw-r--r--routers/api/v1/repo.go2
-rw-r--r--routers/org/teams.go12
-rw-r--r--routers/repo/http.go12
-rw-r--r--routers/user/home.go4
10 files changed, 44 insertions, 42 deletions
diff --git a/cmd/serve.go b/cmd/serve.go
index 62e5d14374..54b3714806 100644
--- a/cmd/serve.go
+++ b/cmd/serve.go
@@ -67,14 +67,14 @@ func parseCmd(cmd string) (string, string) {
var (
COMMANDS_READONLY = map[string]models.AccessMode{
- "git-upload-pack": models.WriteAccess,
- "git upload-pack": models.WriteAccess,
- "git-upload-archive": models.WriteAccess,
+ "git-upload-pack": models.ACCESS_MODE_WRITE,
+ "git upload-pack": models.ACCESS_MODE_WRITE,
+ "git-upload-archive": models.ACCESS_MODE_WRITE,
}
COMMANDS_WRITE = map[string]models.AccessMode{
- "git-receive-pack": models.ReadAccess,
- "git receive-pack": models.ReadAccess,
+ "git-receive-pack": models.ACCESS_MODE_READ,
+ "git receive-pack": models.ACCESS_MODE_READ,
}
)
@@ -155,7 +155,7 @@ func runServ(k *cli.Context) {
switch {
case isWrite:
- has, err := models.HasAccess(user, repo, models.WriteAccess)
+ has, err := models.HasAccess(user, repo, models.ACCESS_MODE_WRITE)
if err != nil {
println("Gogs: internal error:", err.Error())
log.GitLogger.Fatal(2, "Fail to check write access:", err)
@@ -168,7 +168,7 @@ func runServ(k *cli.Context) {
break
}
- has, err := models.HasAccess(user, repo, models.ReadAccess)
+ has, err := models.HasAccess(user, repo, models.ACCESS_MODE_READ)
if err != nil {
println("Gogs: internal error:", err.Error())
log.GitLogger.Fatal(2, "Fail to check read access:", err)
diff --git a/models/access.go b/models/access.go
index d85f24cd06..174aca987f 100644
--- a/models/access.go
+++ b/models/access.go
@@ -7,15 +7,15 @@ package models
type AccessMode int
const (
- NoAccess AccessMode = iota
- ReadAccess
- WriteAccess
- AdminAccess
- OwnerAccess
+ ACCESS_MODE_NONE AccessMode = iota
+ ACCESS_MODE_READ
+ ACCESS_MODE_WRITE
+ ACCESS_MODE_ADMIN
+ ACCESS_MODE_OWNER
)
func maxAccessMode(modes ...AccessMode) AccessMode {
- max := NoAccess
+ max := ACCESS_MODE_NONE
for _, mode := range modes {
if mode > max {
max = mode
@@ -43,14 +43,14 @@ func HasAccess(u *User, r *Repository, testMode AccessMode) (bool, error) {
// Return the Access a user has to a repository. Will return NoneAccess if the
// user does not have access. User can be nil!
func AccessLevel(u *User, r *Repository) (AccessMode, error) {
- mode := NoAccess
+ mode := ACCESS_MODE_NONE
if !r.IsPrivate {
- mode = ReadAccess
+ mode = ACCESS_MODE_READ
}
if u != nil {
if u.Id == r.OwnerId {
- return OwnerAccess, nil
+ return ACCESS_MODE_OWNER, nil
}
a := &Access{UserID: u.Id, RepoID: r.Id}
@@ -98,7 +98,7 @@ func (r *Repository) RecalcAccessSess() error {
return err
}
for _, c := range collaborators {
- accessMap[c.Id] = WriteAccess
+ accessMap[c.Id] = ACCESS_MODE_WRITE
}
if err := r.GetOwner(); err != nil {
@@ -123,9 +123,9 @@ func (r *Repository) RecalcAccessSess() error {
}
}
- minMode := ReadAccess
+ minMode := ACCESS_MODE_READ
if !r.IsPrivate {
- minMode = WriteAccess
+ minMode = ACCESS_MODE_WRITE
}
newAccesses := make([]Access, 0, len(accessMap))
diff --git a/models/org.go b/models/org.go
index 775caa8639..d667fb26dc 100644
--- a/models/org.go
+++ b/models/org.go
@@ -134,7 +134,7 @@ func CreateOrganization(org, owner *User) (*User, error) {
OrgId: org.Id,
LowerName: strings.ToLower(OWNER_TEAM),
Name: OWNER_TEAM,
- Authorize: OwnerAccess,
+ Authorize: ACCESS_MODE_OWNER,
NumMembers: 1,
}
if _, err = sess.Insert(t); err != nil {
diff --git a/models/user.go b/models/user.go
index 9a6f93a474..7e3dc260e5 100644
--- a/models/user.go
+++ b/models/user.go
@@ -395,6 +395,7 @@ func ChangeUserName(u *User, newUserName string) (err error) {
if !IsLegalName(newUserName) {
return ErrUserNameIllegal
}
+
return os.Rename(UserPath(u.LowerName), UserPath(newUserName))
}
diff --git a/modules/middleware/org.go b/modules/middleware/org.go
index cbce54860d..0e544fe4a2 100644
--- a/modules/middleware/org.go
+++ b/modules/middleware/org.go
@@ -87,7 +87,7 @@ func OrgAssignment(redirect bool, args ...bool) macaron.Handler {
return
}
ctx.Data["Team"] = ctx.Org.Team
- ctx.Org.IsAdminTeam = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.Authorize >= models.AdminAccess
+ ctx.Org.IsAdminTeam = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.Authorize >= models.ACCESS_MODE_ADMIN
}
ctx.Data["IsAdminTeam"] = ctx.Org.IsAdminTeam
if requireAdminTeam && !ctx.Org.IsAdminTeam {
diff --git a/modules/middleware/repo.go b/modules/middleware/repo.go
index 8cc6290460..8465af83ef 100644
--- a/modules/middleware/repo.go
+++ b/modules/middleware/repo.go
@@ -64,9 +64,10 @@ func ApiRepoAssignment() macaron.Handler {
ctx.JSON(500, &base.ApiJsonErr{"AccessLevel: " + err.Error(), base.DOC_URL})
return
}
- ctx.Repo.IsOwner = mode >= models.WriteAccess
- ctx.Repo.IsAdmin = mode >= models.ReadAccess
- ctx.Repo.IsTrueOwner = mode >= models.OwnerAccess
+
+ ctx.Repo.IsOwner = mode >= models.ACCESS_MODE_WRITE
+ ctx.Repo.IsAdmin = mode >= models.ACCESS_MODE_READ
+ ctx.Repo.IsTrueOwner = mode >= models.ACCESS_MODE_OWNER
}
// Check access.
@@ -244,9 +245,9 @@ func RepoAssignment(redirect bool, args ...bool) macaron.Handler {
ctx.JSON(500, &base.ApiJsonErr{"AccessLevel: " + err.Error(), base.DOC_URL})
return
}
- ctx.Repo.IsOwner = mode >= models.WriteAccess
- ctx.Repo.IsAdmin = mode >= models.ReadAccess
- ctx.Repo.IsTrueOwner = mode >= models.OwnerAccess
+ ctx.Repo.IsOwner = mode >= models.ACCESS_MODE_WRITE
+ ctx.Repo.IsAdmin = mode >= models.ACCESS_MODE_READ
+ ctx.Repo.IsTrueOwner = mode >= models.ACCESS_MODE_OWNER
}
// Check access.
diff --git a/routers/api/v1/repo.go b/routers/api/v1/repo.go
index 78c9f9a6a3..f5128e4746 100644
--- a/routers/api/v1/repo.go
+++ b/routers/api/v1/repo.go
@@ -255,7 +255,7 @@ func ListMyRepos(ctx *middleware.Context) {
return
}
- repos[i] = ToApiRepository(repo.Owner, repo, api.Permission{false, access >= models.WriteAccess, true})
+ repos[i] = ToApiRepository(repo.Owner, repo, api.Permission{false, access >= models.ACCESS_MODE_WRITE, true})
// FIXME: cache result to reduce DB query?
if repo.Owner.IsOrganization() && repo.Owner.IsOwnedBy(ctx.User.Id) {
diff --git a/routers/org/teams.go b/routers/org/teams.go
index f5f94be0f4..2fbb1480d1 100644
--- a/routers/org/teams.go
+++ b/routers/org/teams.go
@@ -168,11 +168,11 @@ func NewTeamPost(ctx *middleware.Context, form auth.CreateTeamForm) {
var auth models.AccessMode
switch form.Permission {
case "read":
- auth = models.ReadAccess
+ auth = models.ACCESS_MODE_READ
case "write":
- auth = models.WriteAccess
+ auth = models.ACCESS_MODE_WRITE
case "admin":
- auth = models.AdminAccess
+ auth = models.ACCESS_MODE_ADMIN
default:
ctx.Error(401)
return
@@ -249,11 +249,11 @@ func EditTeamPost(ctx *middleware.Context, form auth.CreateTeamForm) {
var auth models.AccessMode
switch form.Permission {
case "read":
- auth = models.ReadAccess
+ auth = models.ACCESS_MODE_READ
case "write":
- auth = models.WriteAccess
+ auth = models.ACCESS_MODE_WRITE
case "admin":
- auth = models.AdminAccess
+ auth = models.ACCESS_MODE_ADMIN
default:
ctx.Error(401)
return
diff --git a/routers/repo/http.go b/routers/repo/http.go
index c6742af3ec..a209c2b254 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -137,9 +137,9 @@ func Http(ctx *middleware.Context) {
}
if !isPublicPull {
- var tp = models.WriteAccess
+ var tp = models.ACCESS_MODE_WRITE
if isPull {
- tp = models.ReadAccess
+ tp = models.ACCESS_MODE_READ
}
has, err := models.HasAccess(authUser, repo, tp)
@@ -147,8 +147,8 @@ func Http(ctx *middleware.Context) {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
} else if !has {
- if tp == models.ReadAccess {
- has, err = models.HasAccess(authUser, repo, models.WriteAccess)
+ if tp == models.ACCESS_MODE_READ {
+ has, err = models.HasAccess(authUser, repo, models.ACCESS_MODE_WRITE)
if err != nil || !has {
ctx.Handle(401, "no basic auth and digit auth", nil)
return
@@ -288,7 +288,7 @@ func serviceRpc(rpc string, hr handler) {
access := hasAccess(r, hr.Config, dir, rpc, true)
if access == false {
- renderNoAccess(w)
+ renderACCESS_MODE_NONE(w)
return
}
@@ -515,7 +515,7 @@ func renderNotFound(w http.ResponseWriter) {
w.Write([]byte("Not Found"))
}
-func renderNoAccess(w http.ResponseWriter) {
+func renderACCESS_MODE_NONE(w http.ResponseWriter) {
w.WriteHeader(http.StatusForbidden)
w.Write([]byte("Forbidden"))
}
diff --git a/routers/user/home.go b/routers/user/home.go
index 82325cb747..ce82ae772c 100644
--- a/routers/user/home.go
+++ b/routers/user/home.go
@@ -103,7 +103,7 @@ func Dashboard(ctx *middleware.Context) {
feeds := make([]*models.Action, 0, len(actions))
for _, act := range actions {
if act.IsPrivate {
- if has, _ := models.HasAccess(ctx.User, &models.Repository{Id: act.RepoId, IsPrivate: true}, models.ReadAccess); !has {
+ if has, _ := models.HasAccess(ctx.User, &models.Repository{Id: act.RepoId, IsPrivate: true}, models.ACCESS_MODE_READ); !has {
continue
}
}
@@ -211,7 +211,7 @@ func Profile(ctx *middleware.Context) {
continue
}
if has, _ := models.HasAccess(ctx.User, &models.Repository{Id: act.RepoId, IsPrivate: true},
- models.ReadAccess); !has {
+ models.ACCESS_MODE_READ); !has {
continue
}
}