Restrict permission check on repositories and fix some problems (#5314)

* fix units permission problems * fix some bugs and merge LoadUnits to repoAssignment * refactor permission struct and add some copyright heads * remove unused codes * fix routes units check * improve permission check * add unit tests for permission * fix typo * fix tests * fix some routes * fix api permission check * improve permission check * fix some permission check * fix tests * fix tests * improve some permission check * fix some permission check * refactor AccessLevel * fix bug * fix tests * fix tests * fix tests * fix AccessLevel * rename CanAccess * fix tests * fix comment * fix bug * add missing unit for test repos * fix bug * rename some functions * fix routes check
author: Lunny Xiao <xiaolunwen@gmail.com> 2018-11-28 19:26:14 +0800
committer: GitHub <noreply@github.com> 2018-11-28 19:26:14 +0800
commit: eabbddcd98717ef20d8475e819f403c50f4a9787 (patch)
tree: efc525e7ec60d56d3bec72019febfa088a128b89 /routers/api/v1/user
parent: 0222623be9fa4a56d870213f77b92139cefc2518 (diff)
download: gitea-eabbddcd98717ef20d8475e819f403c50f4a9787.tar.gz
gitea-eabbddcd98717ef20d8475e819f403c50f4a9787.zip
3 files changed, 12 insertions, 15 deletions
diff --git a/routers/api/v1/user/repo.go b/routers/api/v1/user/repo.go
index 5dccfac960..1ddb3bd57b 100644
--- a/routers/api/v1/user/repo.go
+++ b/routers/api/v1/user/repo.go
@@ -17,13 +17,10 @@ func listUserRepos(ctx *context.APIContext, u *models.User, private bool) {
 		ctx.Error(500, "GetUserRepositories", err)
 		return
 	}
+
 	apiRepos := make([]*api.Repository, 0, len(repos))
-	var ctxUserID int64
-	if ctx.User != nil {
-		ctxUserID = ctx.User.ID
-	}
 	for i := range repos {
-		access, err := models.AccessLevel(ctxUserID, repos[i])
+		access, err := models.AccessLevel(ctx.User, repos[i])
 		if err != nil {
 			ctx.Error(500, "AccessLevel", err)
 			return
diff --git a/routers/api/v1/user/star.go b/routers/api/v1/user/star.go
index 1cf4f5239c..b0016399c8 100644
--- a/routers/api/v1/user/star.go
+++ b/routers/api/v1/user/star.go
@@ -13,15 +13,15 @@ import (
 
 // getStarredRepos returns the repos that the user with the specified userID has
 // starred
-func getStarredRepos(userID int64, private bool) ([]*api.Repository, error) {
-	starredRepos, err := models.GetStarredRepos(userID, private)
+func getStarredRepos(user *models.User, private bool) ([]*api.Repository, error) {
+	starredRepos, err := models.GetStarredRepos(user.ID, private)
 	if err != nil {
 		return nil, err
 	}
 
 	repos := make([]*api.Repository, len(starredRepos))
 	for i, starred := range starredRepos {
-		access, err := models.AccessLevel(userID, starred)
+		access, err := models.AccessLevel(user, starred)
 		if err != nil {
 			return nil, err
 		}
@@ -48,7 +48,7 @@ func GetStarredRepos(ctx *context.APIContext) {
 	//     "$ref": "#/responses/RepositoryList"
 	user := GetUserByParams(ctx)
 	private := user.ID == ctx.User.ID
-	repos, err := getStarredRepos(user.ID, private)
+	repos, err := getStarredRepos(user, private)
 	if err != nil {
 		ctx.Error(500, "getStarredRepos", err)
 	}
@@ -65,7 +65,7 @@ func GetMyStarredRepos(ctx *context.APIContext) {
 	// responses:
 	//   "200":
 	//     "$ref": "#/responses/RepositoryList"
-	repos, err := getStarredRepos(ctx.User.ID, true)
+	repos, err := getStarredRepos(ctx.User, true)
 	if err != nil {
 		ctx.Error(500, "getStarredRepos", err)
 	}
diff --git a/routers/api/v1/user/watch.go b/routers/api/v1/user/watch.go
index 2971bf6869..4afa18be2a 100644
--- a/routers/api/v1/user/watch.go
+++ b/routers/api/v1/user/watch.go
@@ -14,15 +14,15 @@ import (
 
 // getWatchedRepos returns the repos that the user with the specified userID is
 // watching
-func getWatchedRepos(userID int64, private bool) ([]*api.Repository, error) {
-	watchedRepos, err := models.GetWatchedRepos(userID, private)
+func getWatchedRepos(user *models.User, private bool) ([]*api.Repository, error) {
+	watchedRepos, err := models.GetWatchedRepos(user.ID, private)
 	if err != nil {
 		return nil, err
 	}
 
 	repos := make([]*api.Repository, len(watchedRepos))
 	for i, watched := range watchedRepos {
-		access, err := models.AccessLevel(userID, watched)
+		access, err := models.AccessLevel(user, watched)
 		if err != nil {
 			return nil, err
 		}
@@ -49,7 +49,7 @@ func GetWatchedRepos(ctx *context.APIContext) {
 	//     "$ref": "#/responses/RepositoryList"
 	user := GetUserByParams(ctx)
 	private := user.ID == ctx.User.ID
-	repos, err := getWatchedRepos(user.ID, private)
+	repos, err := getWatchedRepos(user, private)
 	if err != nil {
 		ctx.Error(500, "getWatchedRepos", err)
 	}
@@ -66,7 +66,7 @@ func GetMyWatchedRepos(ctx *context.APIContext) {
 	// responses:
 	//   "200":
 	//     "$ref": "#/responses/RepositoryList"
-	repos, err := getWatchedRepos(ctx.User.ID, true)
+	repos, err := getWatchedRepos(ctx.User, true)
 	if err != nil {
 		ctx.Error(500, "getWatchedRepos", err)
 	}
author	Lunny Xiao <xiaolunwen@gmail.com>	2018-11-28 19:26:14 +0800
committer	GitHub <noreply@github.com>	2018-11-28 19:26:14 +0800
commit	eabbddcd98717ef20d8475e819f403c50f4a9787 (patch)
tree	efc525e7ec60d56d3bec72019febfa088a128b89 /routers/api/v1/user
parent	0222623be9fa4a56d870213f77b92139cefc2518 (diff)
download	gitea-eabbddcd98717ef20d8475e819f403c50f4a9787.tar.gz gitea-eabbddcd98717ef20d8475e819f403c50f4a9787.zip