Refactoring of the Access Table

This commit does a lot of the work of refactoring the access table in a table with id's instead of strings.

The result does compile, but has not been tested. It may eat your kittens.

4 files changed, 17 insertions, 18 deletions

diff --git a/routers/api/v1/repo.go b/routers/api/v1/repo.go
index 469e4808fe..78c9f9a6a3 100644
--- a/routers/api/v1/repo.go
+++ b/routers/api/v1/repo.go
@@ -255,7 +255,7 @@ func ListMyRepos(ctx *middleware.Context) {
 			return
 		}
 
-		repos[i] = ToApiRepository(repo.Owner, repo, api.Permission{false, access >= models.WRITABLE, true})
+		repos[i] = ToApiRepository(repo.Owner, repo, api.Permission{false, access >= models.WriteAccess, true})
 
 		// FIXME: cache result to reduce DB query?
 		if repo.Owner.IsOrganization() && repo.Owner.IsOwnedBy(ctx.User.Id) {
diff --git a/routers/org/teams.go b/routers/org/teams.go
index 77a7b6e13c..4fef02c987 100644
--- a/routers/org/teams.go
+++ b/routers/org/teams.go
@@ -168,14 +168,14 @@ func NewTeamPost(ctx *middleware.Context, form auth.CreateTeamForm) {
 	}
 
 	// Validate permission level.
-	var auth models.AuthorizeType
+	var auth models.AccessMode
 	switch form.Permission {
 	case "read":
-		auth = models.ORG_READABLE
+		auth = models.ReadAccess
 	case "write":
-		auth = models.ORG_WRITABLE
+		auth = models.WriteAccess
 	case "admin":
-		auth = models.ORG_ADMIN
+		auth = models.AdminAccess
 	default:
 		ctx.Error(401)
 		return
@@ -249,14 +249,14 @@ func EditTeamPost(ctx *middleware.Context, form auth.CreateTeamForm) {
 	isAuthChanged := false
 	if !t.IsOwnerTeam() {
 		// Validate permission level.
-		var auth models.AuthorizeType
+		var auth models.AccessMode
 		switch form.Permission {
 		case "read":
-			auth = models.ORG_READABLE
+			auth = models.ReadAccess
 		case "write":
-			auth = models.ORG_WRITABLE
+			auth = models.WriteAccess
 		case "admin":
-			auth = models.ORG_ADMIN
+			auth = models.AdminAccess
 		default:
 			ctx.Error(401)
 			return
diff --git a/routers/repo/http.go b/routers/repo/http.go
index a5e01efc8f..716c71272a 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -115,18 +115,18 @@ func Http(ctx *middleware.Context) {
 		}
 
 		if !isPublicPull {
-			var tp = models.WRITABLE
+			var tp = models.WriteAccess
 			if isPull {
-				tp = models.READABLE
+				tp = models.ReadAccess
 			}
 
-			has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
+			has, err := models.HasAccess(authUser, repo, tp)
 			if err != nil {
 				ctx.Handle(401, "no basic auth and digit auth", nil)
 				return
 			} else if !has {
-				if tp == models.READABLE {
-					has, err = models.HasAccess(authUsername, username+"/"+reponame, models.WRITABLE)
+				if tp == models.ReadAccess {
+					has, err = models.HasAccess(authUser, repo, models.WriteAccess)
 					if err != nil || !has {
 						ctx.Handle(401, "no basic auth and digit auth", nil)
 						return
diff --git a/routers/user/home.go b/routers/user/home.go
index 5b02154c10..82325cb747 100644
--- a/routers/user/home.go
+++ b/routers/user/home.go
@@ -103,8 +103,7 @@ func Dashboard(ctx *middleware.Context) {
 	feeds := make([]*models.Action, 0, len(actions))
 	for _, act := range actions {
 		if act.IsPrivate {
-			if has, _ := models.HasAccess(ctx.User.Name, act.RepoUserName+"/"+act.RepoName,
-				models.READABLE); !has {
+			if has, _ := models.HasAccess(ctx.User, &models.Repository{Id: act.RepoId, IsPrivate: true}, models.ReadAccess); !has {
 				continue
 			}
 		}
@@ -211,8 +210,8 @@ func Profile(ctx *middleware.Context) {
 				if !ctx.IsSigned {
 					continue
 				}
-				if has, _ := models.HasAccess(ctx.User.Name, act.RepoUserName+"/"+act.RepoName,
-					models.READABLE); !has {
+				if has, _ := models.HasAccess(ctx.User, &models.Repository{Id: act.RepoId, IsPrivate: true},
+					models.ReadAccess); !has {
 					continue
 				}
 			}