diff options
| author | Lunny Xiao <xiaolunwen@gmail.com> | 2018-11-28 19:26:14 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-11-28 19:26:14 +0800 |
| commit | eabbddcd98717ef20d8475e819f403c50f4a9787 (patch) | |
| tree | efc525e7ec60d56d3bec72019febfa088a128b89 /modules/private | |
| parent | 0222623be9fa4a56d870213f77b92139cefc2518 (diff) | |
| download | gitea-eabbddcd98717ef20d8475e819f403c50f4a9787.tar.gz gitea-eabbddcd98717ef20d8475e819f403c50f4a9787.zip | |
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems
* fix some bugs and merge LoadUnits to repoAssignment
* refactor permission struct and add some copyright heads
* remove unused codes
* fix routes units check
* improve permission check
* add unit tests for permission
* fix typo
* fix tests
* fix some routes
* fix api permission check
* improve permission check
* fix some permission check
* fix tests
* fix tests
* improve some permission check
* fix some permission check
* refactor AccessLevel
* fix bug
* fix tests
* fix tests
* fix tests
* fix AccessLevel
* rename CanAccess
* fix tests
* fix comment
* fix bug
* add missing unit for test repos
* fix bug
* rename some functions
* fix routes check
Diffstat (limited to 'modules/private')
| -rw-r--r-- | modules/private/internal.go | 24 |
1 files changed, 3 insertions, 21 deletions
diff --git a/modules/private/internal.go b/modules/private/internal.go index f4ac1c515a..a230bc744c 100644 --- a/modules/private/internal.go +++ b/modules/private/internal.go @@ -51,27 +51,9 @@ func newInternalRequest(url, method string) *httplib.Request { } // CheckUnitUser check whether user could visit the unit of this repository -func CheckUnitUser(userID, repoID int64, isAdmin bool, unitType models.UnitType) (bool, error) { +func CheckUnitUser(userID, repoID int64, isAdmin bool, unitType models.UnitType) (*models.AccessMode, error) { reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/user/%d/checkunituser?isAdmin=%t&unitType=%d", repoID, userID, isAdmin, unitType) - log.GitLogger.Trace("AccessLevel: %s", reqURL) - - resp, err := newInternalRequest(reqURL, "GET").Response() - if err != nil { - return false, err - } - defer resp.Body.Close() - - if resp.StatusCode == 200 { - return true, nil - } - return false, nil -} - -// AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the -// user does not have access. -func AccessLevel(userID, repoID int64) (*models.AccessMode, error) { - reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/user/%d/accesslevel", repoID, userID) - log.GitLogger.Trace("AccessLevel: %s", reqURL) + log.GitLogger.Trace("CheckUnitUser: %s", reqURL) resp, err := newInternalRequest(reqURL, "GET").Response() if err != nil { @@ -80,7 +62,7 @@ func AccessLevel(userID, repoID int64) (*models.AccessMode, error) { defer resp.Body.Close() if resp.StatusCode != 200 { - return nil, fmt.Errorf("Failed to get user access level: %s", decodeJSONError(resp).Err) + return nil, fmt.Errorf("Failed to CheckUnitUser: %s", decodeJSONError(resp).Err) } var a models.AccessMode |