aboutsummaryrefslogtreecommitdiffstats
path: root/routers
diff options
context:
space:
mode:
Diffstat (limited to 'routers')
-rw-r--r--routers/api/v1/org/team.go93
-rw-r--r--routers/web/org/teams.go84
2 files changed, 122 insertions, 55 deletions
diff --git a/routers/api/v1/org/team.go b/routers/api/v1/org/team.go
index d39125b050..cc7a63af33 100644
--- a/routers/api/v1/org/team.go
+++ b/routers/api/v1/org/team.go
@@ -6,6 +6,7 @@
package org
import (
+ "errors"
"net/http"
"code.gitea.io/gitea/models"
@@ -50,7 +51,6 @@ func ListTeams(ctx *context.APIContext) {
ListOptions: utils.GetListOptions(ctx),
OrgID: ctx.Org.Organization.ID,
})
-
if err != nil {
ctx.Error(http.StatusInternalServerError, "LoadTeams", err)
return
@@ -112,6 +112,10 @@ func ListUserTeams(ctx *context.APIContext) {
apiOrg = convert.ToOrganization(org)
cache[teams[i].OrgID] = apiOrg
}
+ if err := teams[i].GetUnits(); err != nil {
+ ctx.Error(http.StatusInternalServerError, "teams[i].GetUnits()", err)
+ return
+ }
apiTeams[i] = convert.ToTeam(teams[i])
apiTeams[i].Organization = apiOrg
}
@@ -138,9 +142,45 @@ func GetTeam(ctx *context.APIContext) {
// "200":
// "$ref": "#/responses/Team"
+ if err := ctx.Org.Team.GetUnits(); err != nil {
+ ctx.Error(http.StatusInternalServerError, "team.GetUnits", err)
+ return
+ }
+
ctx.JSON(http.StatusOK, convert.ToTeam(ctx.Org.Team))
}
+func attachTeamUnits(team *models.Team, units []string) {
+ unitTypes := unit_model.FindUnitTypes(units...)
+ team.Units = make([]*models.TeamUnit, 0, len(units))
+ for _, tp := range unitTypes {
+ team.Units = append(team.Units, &models.TeamUnit{
+ OrgID: team.OrgID,
+ Type: tp,
+ AccessMode: team.AccessMode,
+ })
+ }
+}
+
+func convertUnitsMap(unitsMap map[string]string) map[unit_model.Type]perm.AccessMode {
+ res := make(map[unit_model.Type]perm.AccessMode, len(unitsMap))
+ for unitKey, p := range unitsMap {
+ res[unit_model.TypeFromKey(unitKey)] = perm.ParseAccessMode(p)
+ }
+ return res
+}
+
+func attachTeamUnitsMap(team *models.Team, unitsMap map[string]string) {
+ team.Units = make([]*models.TeamUnit, 0, len(unitsMap))
+ for unitKey, p := range unitsMap {
+ team.Units = append(team.Units, &models.TeamUnit{
+ OrgID: team.OrgID,
+ Type: unit_model.TypeFromKey(unitKey),
+ AccessMode: perm.ParseAccessMode(p),
+ })
+ }
+}
+
// CreateTeam api for create a team
func CreateTeam(ctx *context.APIContext) {
// swagger:operation POST /orgs/{org}/teams organization orgCreateTeam
@@ -166,26 +206,28 @@ func CreateTeam(ctx *context.APIContext) {
// "422":
// "$ref": "#/responses/validationError"
form := web.GetForm(ctx).(*api.CreateTeamOption)
+ p := perm.ParseAccessMode(form.Permission)
+ if p < perm.AccessModeAdmin && len(form.UnitsMap) > 0 {
+ p = unit_model.MinUnitAccessMode(convertUnitsMap(form.UnitsMap))
+ }
team := &models.Team{
OrgID: ctx.Org.Organization.ID,
Name: form.Name,
Description: form.Description,
IncludesAllRepositories: form.IncludesAllRepositories,
CanCreateOrgRepo: form.CanCreateOrgRepo,
- Authorize: perm.ParseAccessMode(form.Permission),
+ AccessMode: p,
}
- unitTypes := unit_model.FindUnitTypes(form.Units...)
-
- if team.Authorize < perm.AccessModeOwner {
- var units = make([]*models.TeamUnit, 0, len(form.Units))
- for _, tp := range unitTypes {
- units = append(units, &models.TeamUnit{
- OrgID: ctx.Org.Organization.ID,
- Type: tp,
- })
+ if team.AccessMode < perm.AccessModeAdmin {
+ if len(form.UnitsMap) > 0 {
+ attachTeamUnitsMap(team, form.UnitsMap)
+ } else if len(form.Units) > 0 {
+ attachTeamUnits(team, form.Units)
+ } else {
+ ctx.Error(http.StatusInternalServerError, "getTeamUnits", errors.New("units permission should not be empty"))
+ return
}
- team.Units = units
}
if err := models.NewTeam(team); err != nil {
@@ -224,7 +266,6 @@ func EditTeam(ctx *context.APIContext) {
// "$ref": "#/responses/Team"
form := web.GetForm(ctx).(*api.EditTeamOption)
-
team := ctx.Org.Team
if err := team.GetUnits(); err != nil {
ctx.InternalServerError(err)
@@ -247,11 +288,14 @@ func EditTeam(ctx *context.APIContext) {
isIncludeAllChanged := false
if !team.IsOwnerTeam() && len(form.Permission) != 0 {
// Validate permission level.
- auth := perm.ParseAccessMode(form.Permission)
+ p := perm.ParseAccessMode(form.Permission)
+ if p < perm.AccessModeAdmin && len(form.UnitsMap) > 0 {
+ p = unit_model.MinUnitAccessMode(convertUnitsMap(form.UnitsMap))
+ }
- if team.Authorize != auth {
+ if team.AccessMode != p {
isAuthChanged = true
- team.Authorize = auth
+ team.AccessMode = p
}
if form.IncludesAllRepositories != nil {
@@ -260,17 +304,11 @@ func EditTeam(ctx *context.APIContext) {
}
}
- if team.Authorize < perm.AccessModeOwner {
- if len(form.Units) > 0 {
- var units = make([]*models.TeamUnit, 0, len(form.Units))
- unitTypes := unit_model.FindUnitTypes(form.Units...)
- for _, tp := range unitTypes {
- units = append(units, &models.TeamUnit{
- OrgID: ctx.Org.Team.OrgID,
- Type: tp,
- })
- }
- team.Units = units
+ if team.AccessMode < perm.AccessModeAdmin {
+ if len(form.UnitsMap) > 0 {
+ attachTeamUnitsMap(team, form.UnitsMap)
+ } else if len(form.Units) > 0 {
+ attachTeamUnits(team, form.Units)
}
}
@@ -706,5 +744,4 @@ func SearchTeam(ctx *context.APIContext) {
"ok": true,
"data": apiTeams,
})
-
}
diff --git a/routers/web/org/teams.go b/routers/web/org/teams.go
index 40fba5cd09..732f24b22c 100644
--- a/routers/web/org/teams.go
+++ b/routers/web/org/teams.go
@@ -9,6 +9,7 @@ import (
"net/http"
"net/url"
"path"
+ "strconv"
"strings"
"code.gitea.io/gitea/models"
@@ -224,35 +225,57 @@ func NewTeam(ctx *context.Context) {
ctx.HTML(http.StatusOK, tplTeamNew)
}
+func getUnitPerms(forms url.Values) map[unit_model.Type]perm.AccessMode {
+ unitPerms := make(map[unit_model.Type]perm.AccessMode)
+ for k, v := range forms {
+ if strings.HasPrefix(k, "unit_") {
+ t, _ := strconv.Atoi(k[5:])
+ if t > 0 {
+ vv, _ := strconv.Atoi(v[0])
+ unitPerms[unit_model.Type(t)] = perm.AccessMode(vv)
+ }
+ }
+ }
+ return unitPerms
+}
+
// NewTeamPost response for create new team
func NewTeamPost(ctx *context.Context) {
form := web.GetForm(ctx).(*forms.CreateTeamForm)
- ctx.Data["Title"] = ctx.Org.Organization.FullName
- ctx.Data["PageIsOrgTeams"] = true
- ctx.Data["PageIsOrgTeamsNew"] = true
- ctx.Data["Units"] = unit_model.Units
- var includesAllRepositories = form.RepoAccess == "all"
+ includesAllRepositories := form.RepoAccess == "all"
+ unitPerms := getUnitPerms(ctx.Req.Form)
+ p := perm.ParseAccessMode(form.Permission)
+ if p < perm.AccessModeAdmin {
+ // if p is less than admin accessmode, then it should be general accessmode,
+ // so we should calculate the minial accessmode from units accessmodes.
+ p = unit_model.MinUnitAccessMode(unitPerms)
+ }
t := &models.Team{
OrgID: ctx.Org.Organization.ID,
Name: form.TeamName,
Description: form.Description,
- Authorize: perm.ParseAccessMode(form.Permission),
+ AccessMode: p,
IncludesAllRepositories: includesAllRepositories,
CanCreateOrgRepo: form.CanCreateOrgRepo,
}
- if t.Authorize < perm.AccessModeOwner {
- var units = make([]*models.TeamUnit, 0, len(form.Units))
- for _, tp := range form.Units {
+ if t.AccessMode < perm.AccessModeAdmin {
+ units := make([]*models.TeamUnit, 0, len(unitPerms))
+ for tp, perm := range unitPerms {
units = append(units, &models.TeamUnit{
- OrgID: ctx.Org.Organization.ID,
- Type: tp,
+ OrgID: ctx.Org.Organization.ID,
+ Type: tp,
+ AccessMode: perm,
})
}
t.Units = units
}
+ ctx.Data["Title"] = ctx.Org.Organization.FullName
+ ctx.Data["PageIsOrgTeams"] = true
+ ctx.Data["PageIsOrgTeamsNew"] = true
+ ctx.Data["Units"] = unit_model.Units
ctx.Data["Team"] = t
if ctx.HasError() {
@@ -260,7 +283,7 @@ func NewTeamPost(ctx *context.Context) {
return
}
- if t.Authorize < perm.AccessModeAdmin && len(form.Units) == 0 {
+ if t.AccessMode < perm.AccessModeAdmin && len(unitPerms) == 0 {
ctx.RenderWithErr(ctx.Tr("form.team_no_units_error"), tplTeamNew, &form)
return
}
@@ -317,22 +340,29 @@ func EditTeam(ctx *context.Context) {
func EditTeamPost(ctx *context.Context) {
form := web.GetForm(ctx).(*forms.CreateTeamForm)
t := ctx.Org.Team
+ unitPerms := getUnitPerms(ctx.Req.Form)
+ isAuthChanged := false
+ isIncludeAllChanged := false
+ includesAllRepositories := form.RepoAccess == "all"
+
ctx.Data["Title"] = ctx.Org.Organization.FullName
ctx.Data["PageIsOrgTeams"] = true
ctx.Data["Team"] = t
ctx.Data["Units"] = unit_model.Units
- isAuthChanged := false
- isIncludeAllChanged := false
- var includesAllRepositories = form.RepoAccess == "all"
if !t.IsOwnerTeam() {
// Validate permission level.
- auth := perm.ParseAccessMode(form.Permission)
+ newAccessMode := perm.ParseAccessMode(form.Permission)
+ if newAccessMode < perm.AccessModeAdmin {
+ // if p is less than admin accessmode, then it should be general accessmode,
+ // so we should calculate the minial accessmode from units accessmodes.
+ newAccessMode = unit_model.MinUnitAccessMode(unitPerms)
+ }
t.Name = form.TeamName
- if t.Authorize != auth {
+ if t.AccessMode != newAccessMode {
isAuthChanged = true
- t.Authorize = auth
+ t.AccessMode = newAccessMode
}
if t.IncludesAllRepositories != includesAllRepositories {
@@ -341,17 +371,17 @@ func EditTeamPost(ctx *context.Context) {
}
}
t.Description = form.Description
- if t.Authorize < perm.AccessModeOwner {
- var units = make([]models.TeamUnit, 0, len(form.Units))
- for _, tp := range form.Units {
+ if t.AccessMode < perm.AccessModeAdmin {
+ units := make([]models.TeamUnit, 0, len(unitPerms))
+ for tp, perm := range unitPerms {
units = append(units, models.TeamUnit{
- OrgID: t.OrgID,
- TeamID: t.ID,
- Type: tp,
+ OrgID: t.OrgID,
+ TeamID: t.ID,
+ Type: tp,
+ AccessMode: perm,
})
}
- err := models.UpdateTeamUnits(t, units)
- if err != nil {
+ if err := models.UpdateTeamUnits(t, units); err != nil {
ctx.Error(http.StatusInternalServerError, "LoadIssue", err.Error())
return
}
@@ -363,7 +393,7 @@ func EditTeamPost(ctx *context.Context) {
return
}
- if t.Authorize < perm.AccessModeAdmin && len(form.Units) == 0 {
+ if t.AccessMode < perm.AccessModeAdmin && len(unitPerms) == 0 {
ctx.RenderWithErr(ctx.Tr("form.team_no_units_error"), tplTeamNew, &form)
return
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-13 16:34:42 +0000