} | } | ||||
protectBranch.MergeWhitelistUserIDs = whitelist | protectBranch.MergeWhitelistUserIDs = whitelist | ||||
whitelist, err = updateUserWhitelist(repo, protectBranch.ApprovalsWhitelistUserIDs, opts.ApprovalsUserIDs) | |||||
whitelist, err = updateApprovalWhitelist(repo, protectBranch.ApprovalsWhitelistUserIDs, opts.ApprovalsUserIDs) | |||||
if err != nil { | if err != nil { | ||||
return err | return err | ||||
} | } | ||||
return false, nil | return false, nil | ||||
} | } | ||||
// updateApprovalWhitelist checks whether the user whitelist changed and returns a whitelist with | |||||
// the users from newWhitelist which have explicit read or write access to the repo. | |||||
func updateApprovalWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) { | |||||
hasUsersChanged := !util.IsSliceInt64Eq(currentWhitelist, newWhitelist) | |||||
if !hasUsersChanged { | |||||
return currentWhitelist, nil | |||||
} | |||||
whitelist = make([]int64, 0, len(newWhitelist)) | |||||
for _, userID := range newWhitelist { | |||||
if reader, err := repo.IsReader(userID); err != nil { | |||||
return nil, err | |||||
} else if !reader { | |||||
continue | |||||
} | |||||
whitelist = append(whitelist, userID) | |||||
} | |||||
return | |||||
} | |||||
// updateUserWhitelist checks whether the user whitelist changed and returns a whitelist with | // updateUserWhitelist checks whether the user whitelist changed and returns a whitelist with | ||||
// the users from newWhitelist which have write access to the repo. | // the users from newWhitelist which have write access to the repo. | ||||
func updateUserWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) { | func updateUserWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) { |
return !repo.IsMirror | return !repo.IsMirror | ||||
} | } | ||||
// GetReaders returns all users that have explicit read access or higher to the repository. | |||||
func (repo *Repository) GetReaders() (_ []*User, err error) { | |||||
return repo.getUsersWithAccessMode(x, AccessModeRead) | |||||
} | |||||
// GetWriters returns all users that have write access to the repository. | // GetWriters returns all users that have write access to the repository. | ||||
func (repo *Repository) GetWriters() (_ []*User, err error) { | func (repo *Repository) GetWriters() (_ []*User, err error) { | ||||
return repo.getUsersWithAccessMode(x, AccessModeWrite) | return repo.getUsersWithAccessMode(x, AccessModeWrite) | ||||
} | } | ||||
// IsReader returns true if user has explicit read access or higher to the repository. | |||||
func (repo *Repository) IsReader(userID int64) (bool, error) { | |||||
if repo.OwnerID == userID { | |||||
return true, nil | |||||
} | |||||
return x.Where("repo_id = ? AND user_id = ? AND mode >= ?", repo.ID, userID, AccessModeRead).Get(&Access{}) | |||||
} | |||||
// getUsersWithAccessMode returns users that have at least given access mode to the repository. | // getUsersWithAccessMode returns users that have at least given access mode to the repository. | ||||
func (repo *Repository) getUsersWithAccessMode(e Engine, mode AccessMode) (_ []*User, err error) { | func (repo *Repository) getUsersWithAccessMode(e Engine, mode AccessMode) (_ []*User, err error) { | ||||
if err = repo.getOwner(e); err != nil { | if err = repo.getOwner(e); err != nil { |
} | } | ||||
} | } | ||||
users, err := c.Repo.Repository.GetWriters() | |||||
users, err := c.Repo.Repository.GetReaders() | |||||
if err != nil { | if err != nil { | ||||
c.ServerError("Repo.Repository.GetWriters", err) | |||||
c.ServerError("Repo.Repository.GetReaders", err) | |||||
return | return | ||||
} | } | ||||
c.Data["Users"] = users | c.Data["Users"] = users |