Team permission to create repository in organization (#8312)

* Add team permission setting to allow creating repo in organization. Signed-off-by: David Svantesson <davidsvantesson@gmail.com> * Add test case for creating repo when have team creation access. Signed-off-by: David Svantesson <davidsvantesson@gmail.com> * build error: should omit comparison to bool constant Signed-off-by: David Svantesson <davidsvantesson@gmail.com> * Add comment on exported functions * Fix fixture consistency, fix existing unit tests * Fix boolean comparison in xorm query. * addCollaborator and changeCollaborationAccessMode separate steps More clear to use different if-cases. * Create and commit xorm session * fix * Add information of create repo permission in team sidebar * Add migration step * Clarify that repository creator will be administrator. * Fix some things after merge * Fix language text that use html * migrations file * Create repository permission -> Create repositories * fix merge * fix review comments
author: David Svantesson <davidsvantesson@gmail.com> 2019-11-20 12:27:49 +0100
committer: Lunny Xiao <xiaolunwen@gmail.com> 2019-11-20 19:27:49 +0800
commit: 69a255defbf2747b066b2aeee66ba76cdd37104d (patch)
tree: 8cc6f166c06ff9ac334b3f5f69476fa4394ae6a2 /routers
parent: 35c3ea952a6eb558e69de55fc94d301676feb935 (diff)
download: gitea-69a255defbf2747b066b2aeee66ba76cdd37104d.tar.gz
gitea-69a255defbf2747b066b2aeee66ba76cdd37104d.zip
4 files changed, 13 insertions, 9 deletions
diff --git a/routers/api/v1/org/team.go b/routers/api/v1/org/team.go
index b2b5fe6dad..c14742e3a4 100644
--- a/routers/api/v1/org/team.go
+++ b/routers/api/v1/org/team.go
@@ -132,6 +132,7 @@ func CreateTeam(ctx *context.APIContext, form api.CreateTeamOption) {
 		Name:                    form.Name,
 		Description:             form.Description,
 		IncludesAllRepositories: form.IncludesAllRepositories,
+		CanCreateOrgRepo:        form.CanCreateOrgRepo,
 		Authorize:               models.ParseAccessMode(form.Permission),
 	}
 
@@ -185,6 +186,7 @@ func EditTeam(ctx *context.APIContext, form api.EditTeamOption) {
 	team := ctx.Org.Team
 	team.Description = form.Description
 	unitTypes := models.FindUnitTypes(form.Units...)
+	team.CanCreateOrgRepo = form.CanCreateOrgRepo
 
 	isAuthChanged := false
 	isIncludeAllChanged := false
diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go
index 05ab9cb38b..e2a3bfc873 100644
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@@ -322,12 +322,12 @@ func CreateOrgRepo(ctx *context.APIContext, opt api.CreateRepoOption) {
 	}
 
 	if !ctx.User.IsAdmin {
-		isOwner, err := org.IsOwnedBy(ctx.User.ID)
+		canCreate, err := org.CanCreateOrgRepo(ctx.User.ID)
 		if err != nil {
-			ctx.ServerError("IsOwnedBy", err)
+			ctx.ServerError("CanCreateOrgRepo", err)
 			return
-		} else if !isOwner {
-			ctx.Error(403, "", "Given user is not owner of organization.")
+		} else if !canCreate {
+			ctx.Error(403, "", "Given user is not allowed to create repository in organization.")
 			return
 		}
 	}
diff --git a/routers/org/teams.go b/routers/org/teams.go
index 873265803f..2aa69f5e93 100644
--- a/routers/org/teams.go
+++ b/routers/org/teams.go
@@ -201,6 +201,7 @@ func NewTeamPost(ctx *context.Context, form auth.CreateTeamForm) {
 		Description:             form.Description,
 		Authorize:               models.ParseAccessMode(form.Permission),
 		IncludesAllRepositories: includesAllRepositories,
+		CanCreateOrgRepo:        form.CanCreateOrgRepo,
 	}
 
 	if t.Authorize < models.AccessModeOwner {
@@ -316,6 +317,7 @@ func EditTeamPost(ctx *context.Context, form auth.CreateTeamForm) {
 			return
 		}
 	}
+	t.CanCreateOrgRepo = form.CanCreateOrgRepo
 
 	if ctx.HasError() {
 		ctx.HTML(200, tplTeamNew)
diff --git a/routers/repo/repo.go b/routers/repo/repo.go
index cb4e483333..b78dd5376e 100644
--- a/routers/repo/repo.go
+++ b/routers/repo/repo.go
@@ -53,9 +53,9 @@ func MustBeAbleToUpload(ctx *context.Context) {
 }
 
 func checkContextUser(ctx *context.Context, uid int64) *models.User {
-	orgs, err := models.GetOwnedOrgsByUserIDDesc(ctx.User.ID, "updated_unix")
+	orgs, err := models.GetOrgsCanCreateRepoByUserID(ctx.User.ID)
 	if err != nil {
-		ctx.ServerError("GetOwnedOrgsByUserIDDesc", err)
+		ctx.ServerError("GetOrgsCanCreateRepoByUserID", err)
 		return nil
 	}
 	ctx.Data["Orgs"] = orgs
@@ -81,11 +81,11 @@ func checkContextUser(ctx *context.Context, uid int64) *models.User {
 		return nil
 	}
 	if !ctx.User.IsAdmin {
-		isOwner, err := org.IsOwnedBy(ctx.User.ID)
+		canCreate, err := org.CanCreateOrgRepo(ctx.User.ID)
 		if err != nil {
-			ctx.ServerError("IsOwnedBy", err)
+			ctx.ServerError("CanCreateOrgRepo", err)
 			return nil
-		} else if !isOwner {
+		} else if !canCreate {
 			ctx.Error(403)
 			return nil
 		}
author	David Svantesson <davidsvantesson@gmail.com>	2019-11-20 12:27:49 +0100
committer	Lunny Xiao <xiaolunwen@gmail.com>	2019-11-20 19:27:49 +0800
commit	69a255defbf2747b066b2aeee66ba76cdd37104d (patch)
tree	8cc6f166c06ff9ac334b3f5f69476fa4394ae6a2 /routers
parent	35c3ea952a6eb558e69de55fc94d301676feb935 (diff)
download	gitea-69a255defbf2747b066b2aeee66ba76cdd37104d.tar.gz gitea-69a255defbf2747b066b2aeee66ba76cdd37104d.zip