aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--models/org.go32
-rw-r--r--modules/middleware/repo.go2
-rw-r--r--routers/org/teams.go4
-rw-r--r--routers/repo/setting.go2
4 files changed, 14 insertions, 26 deletions
diff --git a/models/org.go b/models/org.go
index ce50670582..31db8e3643 100644
--- a/models/org.go
+++ b/models/org.go
@@ -507,7 +507,7 @@ func (t *Team) AddRepository(repo *Repository) (err error) {
mode := AuthorizeToAccessType(t.Authorize)
for _, u := range t.Members {
- auth, err := GetHighestAuthorize(t.OrgId, u.Id, t.Id, repo.Id)
+ auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
if err != nil {
sess.Rollback()
return err
@@ -517,13 +517,7 @@ func (t *Team) AddRepository(repo *Repository) (err error) {
UserName: u.LowerName,
RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
}
- if auth == 0 {
- access.Mode = mode
- if _, err = sess.Insert(access); err != nil {
- sess.Rollback()
- return fmt.Errorf("fail to insert access: %v", err)
- }
- } else if auth < t.Authorize {
+ if auth < t.Authorize {
if err = addAccessWithAuthorize(sess, access, mode); err != nil {
sess.Rollback()
return err
@@ -570,7 +564,7 @@ func (t *Team) RemoveRepository(repoId int64) error {
// Remove access to team members.
for _, u := range t.Members {
- auth, err := GetHighestAuthorize(t.OrgId, u.Id, t.Id, repo.Id)
+ auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
if err != nil {
sess.Rollback()
return err
@@ -668,7 +662,7 @@ func GetTeamById(teamId int64) (*Team, error) {
}
// GetHighestAuthorize returns highest repository authorize level for given user and team.
-func GetHighestAuthorize(orgId, uid, teamId, repoId int64) (AuthorizeType, error) {
+func GetHighestAuthorize(orgId, uid, repoId, teamId int64) (AuthorizeType, error) {
ts, err := GetUserTeams(orgId, uid)
if err != nil {
return 0, err
@@ -687,6 +681,7 @@ func GetHighestAuthorize(orgId, uid, teamId, repoId int64) (AuthorizeType, error
}
}
}
+
return auth, nil
}
@@ -728,7 +723,7 @@ func UpdateTeam(t *Team, authChanged bool) (err error) {
// ORG_WRITABLE is the highest authorize level for now.
// Skip checking others if current team has this level.
if t.Authorize < ORG_WRITABLE {
- auth, err := GetHighestAuthorize(org.Id, u.Id, t.Id, repo.Id)
+ auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
if err != nil {
sess.Rollback()
return err
@@ -782,7 +777,7 @@ func DeleteTeam(t *Team) error {
// Delete all accesses.
for _, repo := range t.Repos {
for _, u := range t.Members {
- auth, err := GetHighestAuthorize(org.Id, u.Id, t.Id, repo.Id)
+ auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
if err != nil {
sess.Rollback()
return err
@@ -943,7 +938,7 @@ func AddTeamMember(orgId, teamId, uid int64) error {
// Give access to team repositories.
mode := AuthorizeToAccessType(t.Authorize)
for _, repo := range t.Repos {
- auth, err := GetHighestAuthorize(orgId, uid, teamId, repo.Id)
+ auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, teamId)
if err != nil {
sess.Rollback()
return err
@@ -953,14 +948,7 @@ func AddTeamMember(orgId, teamId, uid int64) error {
UserName: u.LowerName,
RepoName: path.Join(org.LowerName, repo.LowerName),
}
- // Equal 0 means given access doesn't exist.
- if auth == 0 {
- access.Mode = mode
- if _, err = sess.Insert(access); err != nil {
- sess.Rollback()
- return fmt.Errorf("fail to insert access: %v", err)
- }
- } else if auth < t.Authorize {
+ if auth < t.Authorize {
if err = addAccessWithAuthorize(sess, access, mode); err != nil {
sess.Rollback()
return err
@@ -1037,7 +1025,7 @@ func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) erro
// Delete access to team repositories.
for _, repo := range t.Repos {
- auth, err := GetHighestAuthorize(orgId, uid, teamId, repo.Id)
+ auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, teamId)
if err != nil {
sess.Rollback()
return err
diff --git a/modules/middleware/repo.go b/modules/middleware/repo.go
index 68a9a2d7fb..82ef3c799e 100644
--- a/modules/middleware/repo.go
+++ b/modules/middleware/repo.go
@@ -109,7 +109,7 @@ func RepoAssignment(redirect bool, args ...bool) macaron.Handler {
}
// Check if current user has admin permission to repository.
if u.IsOrganization() {
- auth, err := models.GetHighestAuthorize(u.Id, ctx.User.Id, 0, repo.Id)
+ auth, err := models.GetHighestAuthorize(u.Id, ctx.User.Id, repo.Id, 0)
if err != nil {
ctx.Handle(500, "GetHighestAuthorize", err)
return
diff --git a/routers/org/teams.go b/routers/org/teams.go
index b0a69da76e..9aa8e50214 100644
--- a/routers/org/teams.go
+++ b/routers/org/teams.go
@@ -94,7 +94,7 @@ func TeamsAction(ctx *middleware.Context) {
if err == models.ErrLastOrgOwner {
ctx.Flash.Error(ctx.Tr("form.last_org_owner"))
} else {
- log.Error(4, "Action(%s): %v", ctx.Params(":action"), err)
+ log.Error(3, "Action(%s): %v", ctx.Params(":action"), err)
ctx.JSON(200, map[string]interface{}{
"ok": false,
"err": err.Error(),
@@ -133,7 +133,7 @@ func TeamsRepoAction(ctx *middleware.Context) {
}
if err != nil {
- log.Error(4, "Action(%s): %v", ctx.Params(":action"), err)
+ log.Error(3, "Action(%s): %v", ctx.Params(":action"), err)
ctx.JSON(200, map[string]interface{}{
"ok": false,
"err": err.Error(),
diff --git a/routers/repo/setting.go b/routers/repo/setting.go
index 2354fbc13f..b30de91a3a 100644
--- a/routers/repo/setting.go
+++ b/routers/repo/setting.go
@@ -213,7 +213,7 @@ func SettingsCollaboration(ctx *middleware.Context) {
needDelete := true
if ctx.User.IsOrganization() {
// Check if user belongs to a team that has access to this repository.
- auth, err := models.GetHighestAuthorize(ctx.Repo.Owner.Id, ctx.User.Id, 0, ctx.Repo.Repository.Id)
+ auth, err := models.GetHighestAuthorize(ctx.Repo.Owner.Id, ctx.User.Id, ctx.Repo.Repository.Id, 0)
if err != nil {
ctx.Handle(500, "GetHighestAuthorize", err)
return