diff options
Diffstat (limited to 'models/access.go')
-rw-r--r-- | models/access.go | 37 |
1 files changed, 23 insertions, 14 deletions
diff --git a/models/access.go b/models/access.go index 1e1c0114ed..29d1a730b7 100644 --- a/models/access.go +++ b/models/access.go @@ -24,21 +24,19 @@ type Access struct { Mode AccessMode } -// Return the Access a user has to a repository. Will return NoneAccess if the -// user does not have access. User can be nil! -func AccessLevel(u *User, r *Repository) (AccessMode, error) { +func accessLevel(e Engine, u *User, repo *Repository) (AccessMode, error) { mode := ACCESS_MODE_NONE - if !r.IsPrivate { + if !repo.IsPrivate { mode = ACCESS_MODE_READ } if u != nil { - if u.Id == r.OwnerId { + if u.Id == repo.OwnerId { return ACCESS_MODE_OWNER, nil } - a := &Access{UserID: u.Id, RepoID: r.Id} - if has, err := x.Get(a); !has || err != nil { + a := &Access{UserID: u.Id, RepoID: repo.Id} + if has, err := e.Get(a); !has || err != nil { return mode, err } return a.Mode, nil @@ -47,12 +45,22 @@ func AccessLevel(u *User, r *Repository) (AccessMode, error) { return mode, nil } -// HasAccess returns true if someone has the request access level. User can be nil! -func HasAccess(u *User, r *Repository, testMode AccessMode) (bool, error) { - mode, err := AccessLevel(u, r) +// AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the +// user does not have access. User can be nil! +func AccessLevel(u *User, repo *Repository) (AccessMode, error) { + return accessLevel(x, u, repo) +} + +func hasAccess(e Engine, u *User, repo *Repository, testMode AccessMode) (bool, error) { + mode, err := accessLevel(e, u, repo) return testMode <= mode, err } +// HasAccess returns true if someone has the request access level. User can be nil! +func HasAccess(u *User, repo *Repository, testMode AccessMode) (bool, error) { + return hasAccess(x, u, repo, testMode) +} + // GetAccessibleRepositories finds all repositories where a user has access to, // besides his own. func (u *User) GetAccessibleRepositories() (map[*Repository]AccessMode, error) { @@ -96,7 +104,8 @@ func (repo *Repository) recalculateTeamAccesses(e Engine, mode AccessMode) error func (repo *Repository) recalculateAccesses(e Engine) error { accessMap := make(map[int64]AccessMode, 20) - // Give all collaborators write access + // FIXME: should be able to have read-only access. + // Give all collaborators write access. collaborators, err := repo.getCollaborators(e) if err != nil { return err @@ -114,9 +123,7 @@ func (repo *Repository) recalculateAccesses(e Engine) error { } for _, team := range repo.Owner.Teams { - if !(team.IsOwnerTeam() || team.HasRepository(repo)) { - continue - } else if team.IsOwnerTeam() { + if team.IsOwnerTeam() { team.Authorize = ACCESS_MODE_OWNER } @@ -129,6 +136,8 @@ func (repo *Repository) recalculateAccesses(e Engine) error { } } + // FIXME: do corss-comparison so reduce deletions and additions to the minimum? + minMode := ACCESS_MODE_READ if !repo.IsPrivate { minMode = ACCESS_MODE_WRITE |