mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11885 Commits
17 Branches
Tree: 2289580bb7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2289580bb7'
${ noResults }
gitea/models/org.go

org.go 24KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package models

  7. 

  8. import (

  9. 	"fmt"

  10. 	"strings"

  11. 

  12. 	"code.gitea.io/gitea/modules/log"

  13. 	"code.gitea.io/gitea/modules/setting"

  14. 	"code.gitea.io/gitea/modules/storage"

  15. 	"code.gitea.io/gitea/modules/structs"

  16. 	"code.gitea.io/gitea/modules/util"

  17. 

  18. 	"xorm.io/builder"

  19. 	"xorm.io/xorm"

  20. )

  21. 

  22. // IsOwnedBy returns true if given user is in the owner team.

  23. func (org *User) IsOwnedBy(uid int64) (bool, error) {

  24. 	return IsOrganizationOwner(org.ID, uid)

  25. }

  26. 

  27. // IsOrgMember returns true if given user is member of organization.

  28. func (org *User) IsOrgMember(uid int64) (bool, error) {

  29. 	return IsOrganizationMember(org.ID, uid)

  30. }

  31. 

  32. // CanCreateOrgRepo returns true if given user can create repo in organization

  33. func (org *User) CanCreateOrgRepo(uid int64) (bool, error) {

  34. 	return CanCreateOrgRepo(org.ID, uid)

  35. }

  36. 

  37. func (org *User) getTeam(e Engine, name string) (*Team, error) {

  38. 	return getTeam(e, org.ID, name)

  39. }

  40. 

  41. // GetTeam returns named team of organization.

  42. func (org *User) GetTeam(name string) (*Team, error) {

  43. 	return org.getTeam(x, name)

  44. }

  45. 

  46. func (org *User) getOwnerTeam(e Engine) (*Team, error) {

  47. 	return org.getTeam(e, ownerTeamName)

  48. }

  49. 

  50. // GetOwnerTeam returns owner team of organization.

  51. func (org *User) GetOwnerTeam() (*Team, error) {

  52. 	return org.getOwnerTeam(x)

  53. }

  54. 

  55. func (org *User) loadTeams(e Engine) error {

  56. 	if org.Teams != nil {

  57. 		return nil

  58. 	}

  59. 	return e.

  60. 		Where("org_id=?", org.ID).

  61. 		OrderBy("CASE WHEN name LIKE '" + ownerTeamName + "' THEN '' ELSE name END").

  62. 		Find(&org.Teams)

  63. }

  64. 

  65. // LoadTeams load teams if not loaded.

  66. func (org *User) LoadTeams() error {

  67. 	return org.loadTeams(x)

  68. }

  69. 

  70. // GetMembers returns all members of organization.

  71. func (org *User) GetMembers() (err error) {

  72. 	org.Members, org.MembersIsPublic, err = FindOrgMembers(&FindOrgMembersOpts{

  73. 		OrgID: org.ID,

  74. 	})

  75. 	return

  76. }

  77. 

  78. // FindOrgMembersOpts represensts find org members conditions

  79. type FindOrgMembersOpts struct {

  80. 	ListOptions

  81. 	OrgID      int64

  82. 	PublicOnly bool

  83. }

  84. 

  85. // CountOrgMembers counts the organization's members

  86. func CountOrgMembers(opts *FindOrgMembersOpts) (int64, error) {

  87. 	sess := x.Where("org_id=?", opts.OrgID)

  88. 	if opts.PublicOnly {

  89. 		sess.And("is_public = ?", true)

  90. 	}

  91. 	return sess.Count(new(OrgUser))

  92. }

  93. 

  94. // FindOrgMembers loads organization members according conditions

  95. func FindOrgMembers(opts *FindOrgMembersOpts) (UserList, map[int64]bool, error) {

  96. 	ous, err := GetOrgUsersByOrgID(opts)

  97. 	if err != nil {

  98. 		return nil, nil, err

  99. 	}

  100. 

  101. 	ids := make([]int64, len(ous))

  102. 	idsIsPublic := make(map[int64]bool, len(ous))

  103. 	for i, ou := range ous {

  104. 		ids[i] = ou.UID

  105. 		idsIsPublic[ou.UID] = ou.IsPublic

  106. 	}

  107. 

  108. 	users, err := GetUsersByIDs(ids)

  109. 	if err != nil {

  110. 		return nil, nil, err

  111. 	}

  112. 	return users, idsIsPublic, nil

  113. }

  114. 

  115. // AddMember adds new member to organization.

  116. func (org *User) AddMember(uid int64) error {

  117. 	return AddOrgUser(org.ID, uid)

  118. }

  119. 

  120. // RemoveMember removes member from organization.

  121. func (org *User) RemoveMember(uid int64) error {

  122. 	return RemoveOrgUser(org.ID, uid)

  123. }

  124. 

  125. func (org *User) removeOrgRepo(e Engine, repoID int64) error {

  126. 	return removeOrgRepo(e, org.ID, repoID)

  127. }

  128. 

  129. // RemoveOrgRepo removes all team-repository relations of organization.

  130. func (org *User) RemoveOrgRepo(repoID int64) error {

  131. 	return org.removeOrgRepo(x, repoID)

  132. }

  133. 

  134. // CreateOrganization creates record of a new organization.

  135. func CreateOrganization(org, owner *User) (err error) {

  136. 	if !owner.CanCreateOrganization() {

  137. 		return ErrUserNotAllowedCreateOrg{}

  138. 	}

  139. 

  140. 	if err = IsUsableUsername(org.Name); err != nil {

  141. 		return err

  142. 	}

  143. 

  144. 	isExist, err := IsUserExist(0, org.Name)

  145. 	if err != nil {

  146. 		return err

  147. 	} else if isExist {

  148. 		return ErrUserAlreadyExist{org.Name}

  149. 	}

  150. 

  151. 	org.LowerName = strings.ToLower(org.Name)

  152. 	if org.Rands, err = GetUserSalt(); err != nil {

  153. 		return err

  154. 	}

  155. 	if org.Salt, err = GetUserSalt(); err != nil {

  156. 		return err

  157. 	}

  158. 	org.UseCustomAvatar = true

  159. 	org.MaxRepoCreation = -1

  160. 	org.NumTeams = 1

  161. 	org.NumMembers = 1

  162. 	org.Type = UserTypeOrganization

  163. 

  164. 	sess := x.NewSession()

  165. 	defer sess.Close()

  166. 	if err = sess.Begin(); err != nil {

  167. 		return err

  168. 	}

  169. 

  170. 	if err = deleteUserRedirect(sess, org.Name); err != nil {

  171. 		return err

  172. 	}

  173. 

  174. 	if _, err = sess.Insert(org); err != nil {

  175. 		return fmt.Errorf("insert organization: %v", err)

  176. 	}

  177. 	if err = org.generateRandomAvatar(sess); err != nil {

  178. 		return fmt.Errorf("generate random avatar: %v", err)

  179. 	}

  180. 

  181. 	// Add initial creator to organization and owner team.

  182. 	if _, err = sess.Insert(&OrgUser{

  183. 		UID:   owner.ID,

  184. 		OrgID: org.ID,

  185. 	}); err != nil {

  186. 		return fmt.Errorf("insert org-user relation: %v", err)

  187. 	}

  188. 

  189. 	// Create default owner team.

  190. 	t := &Team{

  191. 		OrgID:                   org.ID,

  192. 		LowerName:               strings.ToLower(ownerTeamName),

  193. 		Name:                    ownerTeamName,

  194. 		Authorize:               AccessModeOwner,

  195. 		NumMembers:              1,

  196. 		IncludesAllRepositories: true,

  197. 		CanCreateOrgRepo:        true,

  198. 	}

  199. 	if _, err = sess.Insert(t); err != nil {

  200. 		return fmt.Errorf("insert owner team: %v", err)

  201. 	}

  202. 

  203. 	// insert units for team

  204. 	units := make([]TeamUnit, 0, len(AllRepoUnitTypes))

  205. 	for _, tp := range AllRepoUnitTypes {

  206. 		units = append(units, TeamUnit{

  207. 			OrgID:  org.ID,

  208. 			TeamID: t.ID,

  209. 			Type:   tp,

  210. 		})

  211. 	}

  212. 

  213. 	if _, err = sess.Insert(&units); err != nil {

  214. 		if err := sess.Rollback(); err != nil {

  215. 			log.Error("CreateOrganization: sess.Rollback: %v", err)

  216. 		}

  217. 		return err

  218. 	}

  219. 

  220. 	if _, err = sess.Insert(&TeamUser{

  221. 		UID:    owner.ID,

  222. 		OrgID:  org.ID,

  223. 		TeamID: t.ID,

  224. 	}); err != nil {

  225. 		return fmt.Errorf("insert team-user relation: %v", err)

  226. 	}

  227. 

  228. 	return sess.Commit()

  229. }

  230. 

  231. // GetOrgByName returns organization by given name.

  232. func GetOrgByName(name string) (*User, error) {

  233. 	if len(name) == 0 {

  234. 		return nil, ErrOrgNotExist{0, name}

  235. 	}

  236. 	u := &User{

  237. 		LowerName: strings.ToLower(name),

  238. 		Type:      UserTypeOrganization,

  239. 	}

  240. 	has, err := x.Get(u)

  241. 	if err != nil {

  242. 		return nil, err

  243. 	} else if !has {

  244. 		return nil, ErrOrgNotExist{0, name}

  245. 	}

  246. 	return u, nil

  247. }

  248. 

  249. // CountOrganizations returns number of organizations.

  250. func CountOrganizations() int64 {

  251. 	count, _ := x.

  252. 		Where("type=1").

  253. 		Count(new(User))

  254. 	return count

  255. }

  256. 

  257. // DeleteOrganization completely and permanently deletes everything of organization.

  258. func DeleteOrganization(org *User) (err error) {

  259. 	if !org.IsOrganization() {

  260. 		return fmt.Errorf("%s is a user not an organization", org.Name)

  261. 	}

  262. 

  263. 	sess := x.NewSession()

  264. 	defer sess.Close()

  265. 

  266. 	if err = sess.Begin(); err != nil {

  267. 		return err

  268. 	}

  269. 

  270. 	if err = deleteOrg(sess, org); err != nil {

  271. 		if IsErrUserOwnRepos(err) {

  272. 			return err

  273. 		} else if err != nil {

  274. 			return fmt.Errorf("deleteOrg: %v", err)

  275. 		}

  276. 	}

  277. 

  278. 	return sess.Commit()

  279. }

  280. 

  281. func deleteOrg(e *xorm.Session, u *User) error {

  282. 	// Check ownership of repository.

  283. 	count, err := getRepositoryCount(e, u)

  284. 	if err != nil {

  285. 		return fmt.Errorf("GetRepositoryCount: %v", err)

  286. 	} else if count > 0 {

  287. 		return ErrUserOwnRepos{UID: u.ID}

  288. 	}

  289. 

  290. 	if err := deleteBeans(e,

  291. 		&Team{OrgID: u.ID},

  292. 		&OrgUser{OrgID: u.ID},

  293. 		&TeamUser{OrgID: u.ID},

  294. 		&TeamUnit{OrgID: u.ID},

  295. 	); err != nil {

  296. 		return fmt.Errorf("deleteBeans: %v", err)

  297. 	}

  298. 

  299. 	if _, err = e.ID(u.ID).Delete(new(User)); err != nil {

  300. 		return fmt.Errorf("Delete: %v", err)

  301. 	}

  302. 

  303. 	// FIXME: system notice

  304. 	// Note: There are something just cannot be roll back,

  305. 	//	so just keep error logs of those operations.

  306. 	path := UserPath(u.Name)

  307. 

  308. 	if err := util.RemoveAll(path); err != nil {

  309. 		return fmt.Errorf("Failed to RemoveAll %s: %v", path, err)

  310. 	}

  311. 

  312. 	if len(u.Avatar) > 0 {

  313. 		avatarPath := u.CustomAvatarRelativePath()

  314. 		if err := storage.Avatars.Delete(avatarPath); err != nil {

  315. 			return fmt.Errorf("Failed to remove %s: %v", avatarPath, err)

  316. 		}

  317. 	}

  318. 

  319. 	return nil

  320. }

  321. 

  322. // ________                ____ ___

  323. // \_____  \_______  ____ |    |   \______ ___________

  324. //  /   |   \_  __ \/ ___\|    |   /  ___// __ \_  __ \

  325. // /    |    \  | \/ /_/  >    |  /\___ \\  ___/|  | \/

  326. // \_______  /__|  \___  /|______//____  >\___  >__|

  327. //         \/     /_____/              \/     \/

  328. 

  329. // OrgUser represents an organization-user relation.

  330. type OrgUser struct {

  331. 	ID       int64 `xorm:"pk autoincr"`

  332. 	UID      int64 `xorm:"INDEX UNIQUE(s)"`

  333. 	OrgID    int64 `xorm:"INDEX UNIQUE(s)"`

  334. 	IsPublic bool  `xorm:"INDEX"`

  335. }

  336. 

  337. func isOrganizationOwner(e Engine, orgID, uid int64) (bool, error) {

  338. 	ownerTeam, err := getOwnerTeam(e, orgID)

  339. 	if err != nil {

  340. 		if IsErrTeamNotExist(err) {

  341. 			log.Error("Organization does not have owner team: %d", orgID)

  342. 			return false, nil

  343. 		}

  344. 		return false, err

  345. 	}

  346. 	return isTeamMember(e, orgID, ownerTeam.ID, uid)

  347. }

  348. 

  349. // IsOrganizationOwner returns true if given user is in the owner team.

  350. func IsOrganizationOwner(orgID, uid int64) (bool, error) {

  351. 	return isOrganizationOwner(x, orgID, uid)

  352. }

  353. 

  354. // IsOrganizationMember returns true if given user is member of organization.

  355. func IsOrganizationMember(orgID, uid int64) (bool, error) {

  356. 	return isOrganizationMember(x, orgID, uid)

  357. }

  358. 

  359. func isOrganizationMember(e Engine, orgID, uid int64) (bool, error) {

  360. 	return e.

  361. 		Where("uid=?", uid).

  362. 		And("org_id=?", orgID).

  363. 		Table("org_user").

  364. 		Exist()

  365. }

  366. 

  367. // IsPublicMembership returns true if given user public his/her membership.

  368. func IsPublicMembership(orgID, uid int64) (bool, error) {

  369. 	return x.

  370. 		Where("uid=?", uid).

  371. 		And("org_id=?", orgID).

  372. 		And("is_public=?", true).

  373. 		Table("org_user").

  374. 		Exist()

  375. }

  376. 

  377. // CanCreateOrgRepo returns true if user can create repo in organization

  378. func CanCreateOrgRepo(orgID, uid int64) (bool, error) {

  379. 	if owner, err := IsOrganizationOwner(orgID, uid); owner || err != nil {

  380. 		return owner, err

  381. 	}

  382. 	return x.

  383. 		Where(builder.Eq{"team.can_create_org_repo": true}).

  384. 		Join("INNER", "team_user", "team_user.team_id = team.id").

  385. 		And("team_user.uid = ?", uid).

  386. 		And("team_user.org_id = ?", orgID).

  387. 		Exist(new(Team))

  388. }

  389. 

  390. // GetUsersWhoCanCreateOrgRepo returns users which are able to create repo in organization

  391. func GetUsersWhoCanCreateOrgRepo(orgID int64) ([]*User, error) {

  392. 	return getUsersWhoCanCreateOrgRepo(x, orgID)

  393. }

  394. 

  395. func getUsersWhoCanCreateOrgRepo(e Engine, orgID int64) ([]*User, error) {

  396. 	users := make([]*User, 0, 10)

  397. 	return users, x.

  398. 		Join("INNER", "`team_user`", "`team_user`.uid=`user`.id").

  399. 		Join("INNER", "`team`", "`team`.id=`team_user`.team_id").

  400. 		Where(builder.Eq{"team.can_create_org_repo": true}.Or(builder.Eq{"team.authorize": AccessModeOwner})).

  401. 		And("team_user.org_id = ?", orgID).Asc("`user`.name").Find(&users)

  402. }

  403. 

  404. func getOrgsByUserID(sess *xorm.Session, userID int64, showAll bool) ([]*User, error) {

  405. 	orgs := make([]*User, 0, 10)

  406. 	if !showAll {

  407. 		sess.And("`org_user`.is_public=?", true)

  408. 	}

  409. 	return orgs, sess.

  410. 		And("`org_user`.uid=?", userID).

  411. 		Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").

  412. 		Asc("`user`.name").

  413. 		Find(&orgs)

  414. }

  415. 

  416. // GetOrgsByUserID returns a list of organizations that the given user ID

  417. // has joined.

  418. func GetOrgsByUserID(userID int64, showAll bool) ([]*User, error) {

  419. 	sess := x.NewSession()

  420. 	defer sess.Close()

  421. 	return getOrgsByUserID(sess, userID, showAll)

  422. }

  423. 

  424. // queryUserOrgIDs returns a condition to return user's organization id

  425. func queryUserOrgIDs(uid int64) *builder.Builder {

  426. 	return builder.Select("team.org_id").

  427. 		From("team_user").InnerJoin("team", "team.id = team_user.team_id").

  428. 		Where(builder.Eq{"team_user.uid": uid})

  429. }

  430. 

  431. // MinimalOrg represents a simple orgnization with only needed columns

  432. type MinimalOrg = User

  433. 

  434. // GetUserOrgsList returns one user's all orgs list

  435. func GetUserOrgsList(uid int64) ([]*MinimalOrg, error) {

  436. 	var orgs = make([]*MinimalOrg, 0, 20)

  437. 	return orgs, x.Select("id, name, full_name, visibility, avatar, avatar_email, use_custom_avatar").

  438. 		Table("user").

  439. 		In("id", queryUserOrgIDs(uid)).

  440. 		Find(&orgs)

  441. }

  442. 

  443. func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {

  444. 	orgs := make([]*User, 0, 10)

  445. 	return orgs, sess.

  446. 		Join("INNER", "`team_user`", "`team_user`.org_id=`user`.id").

  447. 		Join("INNER", "`team`", "`team`.id=`team_user`.team_id").

  448. 		Where("`team_user`.uid=?", userID).

  449. 		And("`team`.authorize=?", AccessModeOwner).

  450. 		Asc("`user`.name").

  451. 		Find(&orgs)

  452. }

  453. 

  454. // HasOrgOrUserVisible tells if the given user can see the given org or user

  455. func HasOrgOrUserVisible(org, user *User) bool {

  456. 	return hasOrgOrUserVisible(x, org, user)

  457. }

  458. 

  459. func hasOrgOrUserVisible(e Engine, orgOrUser, user *User) bool {

  460. 	// Not SignedUser

  461. 	if user == nil {

  462. 		return orgOrUser.Visibility == structs.VisibleTypePublic

  463. 	}

  464. 

  465. 	if user.IsAdmin || orgOrUser.ID == user.ID {

  466. 		return true

  467. 	}

  468. 

  469. 	if (orgOrUser.Visibility == structs.VisibleTypePrivate || user.IsRestricted) && !orgOrUser.hasMemberWithUserID(e, user.ID) {

  470. 		return false

  471. 	}

  472. 	return true

  473. }

  474. 

  475. // HasOrgsVisible tells if the given user can see at least one of the orgs provided

  476. func HasOrgsVisible(orgs []*User, user *User) bool {

  477. 	if len(orgs) == 0 {

  478. 		return false

  479. 	}

  480. 

  481. 	for _, org := range orgs {

  482. 		if HasOrgOrUserVisible(org, user) {

  483. 			return true

  484. 		}

  485. 	}

  486. 	return false

  487. }

  488. 

  489. // GetOwnedOrgsByUserID returns a list of organizations are owned by given user ID.

  490. func GetOwnedOrgsByUserID(userID int64) ([]*User, error) {

  491. 	sess := x.NewSession()

  492. 	defer sess.Close()

  493. 	return getOwnedOrgsByUserID(sess, userID)

  494. }

  495. 

  496. // GetOwnedOrgsByUserIDDesc returns a list of organizations are owned by

  497. // given user ID, ordered descending by the given condition.

  498. func GetOwnedOrgsByUserIDDesc(userID int64, desc string) ([]*User, error) {

  499. 	return getOwnedOrgsByUserID(x.Desc(desc), userID)

  500. }

  501. 

  502. // GetOrgsCanCreateRepoByUserID returns a list of organizations where given user ID

  503. // are allowed to create repos.

  504. func GetOrgsCanCreateRepoByUserID(userID int64) ([]*User, error) {

  505. 	orgs := make([]*User, 0, 10)

  506. 

  507. 	return orgs, x.Where(builder.In("id", builder.Select("`user`.id").From("`user`").

  508. 		Join("INNER", "`team_user`", "`team_user`.org_id = `user`.id").

  509. 		Join("INNER", "`team`", "`team`.id = `team_user`.team_id").

  510. 		Where(builder.Eq{"`team_user`.uid": userID}).

  511. 		And(builder.Eq{"`team`.authorize": AccessModeOwner}.Or(builder.Eq{"`team`.can_create_org_repo": true})))).

  512. 		Asc("`user`.name").

  513. 		Find(&orgs)

  514. }

  515. 

  516. // GetOrgUsersByUserID returns all organization-user relations by user ID.

  517. func GetOrgUsersByUserID(uid int64, opts *SearchOrganizationsOptions) ([]*OrgUser, error) {

  518. 	ous := make([]*OrgUser, 0, 10)

  519. 	sess := x.

  520. 		Join("LEFT", "`user`", "`org_user`.org_id=`user`.id").

  521. 		Where("`org_user`.uid=?", uid)

  522. 	if !opts.All {

  523. 		// Only show public organizations

  524. 		sess.And("is_public=?", true)

  525. 	}

  526. 

  527. 	if opts.PageSize != 0 {

  528. 		sess = opts.setSessionPagination(sess)

  529. 	}

  530. 

  531. 	err := sess.

  532. 		Asc("`user`.name").

  533. 		Find(&ous)

  534. 	return ous, err

  535. }

  536. 

  537. // GetOrgUsersByOrgID returns all organization-user relations by organization ID.

  538. func GetOrgUsersByOrgID(opts *FindOrgMembersOpts) ([]*OrgUser, error) {

  539. 	return getOrgUsersByOrgID(x, opts)

  540. }

  541. 

  542. func getOrgUsersByOrgID(e Engine, opts *FindOrgMembersOpts) ([]*OrgUser, error) {

  543. 	sess := e.Where("org_id=?", opts.OrgID)

  544. 	if opts.PublicOnly {

  545. 		sess.And("is_public = ?", true)

  546. 	}

  547. 	if opts.ListOptions.PageSize > 0 {

  548. 		sess = opts.setSessionPagination(sess)

  549. 

  550. 		ous := make([]*OrgUser, 0, opts.PageSize)

  551. 		return ous, sess.Find(&ous)

  552. 	}

  553. 

  554. 	var ous []*OrgUser

  555. 	return ous, sess.Find(&ous)

  556. }

  557. 

  558. // ChangeOrgUserStatus changes public or private membership status.

  559. func ChangeOrgUserStatus(orgID, uid int64, public bool) error {

  560. 	ou := new(OrgUser)

  561. 	has, err := x.

  562. 		Where("uid=?", uid).

  563. 		And("org_id=?", orgID).

  564. 		Get(ou)

  565. 	if err != nil {

  566. 		return err

  567. 	} else if !has {

  568. 		return nil

  569. 	}

  570. 

  571. 	ou.IsPublic = public

  572. 	_, err = x.ID(ou.ID).Cols("is_public").Update(ou)

  573. 	return err

  574. }

  575. 

  576. // AddOrgUser adds new user to given organization.

  577. func AddOrgUser(orgID, uid int64) error {

  578. 	isAlreadyMember, err := IsOrganizationMember(orgID, uid)

  579. 	if err != nil || isAlreadyMember {

  580. 		return err

  581. 	}

  582. 

  583. 	sess := x.NewSession()

  584. 	defer sess.Close()

  585. 	if err := sess.Begin(); err != nil {

  586. 		return err

  587. 	}

  588. 

  589. 	ou := &OrgUser{

  590. 		UID:      uid,

  591. 		OrgID:    orgID,

  592. 		IsPublic: setting.Service.DefaultOrgMemberVisible,

  593. 	}

  594. 

  595. 	if _, err := sess.Insert(ou); err != nil {

  596. 		if err := sess.Rollback(); err != nil {

  597. 			log.Error("AddOrgUser: sess.Rollback: %v", err)

  598. 		}

  599. 		return err

  600. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgID); err != nil {

  601. 		if err := sess.Rollback(); err != nil {

  602. 			log.Error("AddOrgUser: sess.Rollback: %v", err)

  603. 		}

  604. 		return err

  605. 	}

  606. 

  607. 	return sess.Commit()

  608. }

  609. 

  610. func removeOrgUser(sess *xorm.Session, orgID, userID int64) error {

  611. 	ou := new(OrgUser)

  612. 

  613. 	has, err := sess.

  614. 		Where("uid=?", userID).

  615. 		And("org_id=?", orgID).

  616. 		Get(ou)

  617. 	if err != nil {

  618. 		return fmt.Errorf("get org-user: %v", err)

  619. 	} else if !has {

  620. 		return nil

  621. 	}

  622. 

  623. 	org, err := getUserByID(sess, orgID)

  624. 	if err != nil {

  625. 		return fmt.Errorf("GetUserByID [%d]: %v", orgID, err)

  626. 	}

  627. 

  628. 	// Check if the user to delete is the last member in owner team.

  629. 	if isOwner, err := isOrganizationOwner(sess, orgID, userID); err != nil {

  630. 		return err

  631. 	} else if isOwner {

  632. 		t, err := org.getOwnerTeam(sess)

  633. 		if err != nil {

  634. 			return err

  635. 		}

  636. 		if t.NumMembers == 1 {

  637. 			if err := t.getMembers(sess); err != nil {

  638. 				return err

  639. 			}

  640. 			if t.Members[0].ID == userID {

  641. 				return ErrLastOrgOwner{UID: userID}

  642. 			}

  643. 		}

  644. 	}

  645. 

  646. 	if _, err := sess.ID(ou.ID).Delete(ou); err != nil {

  647. 		return err

  648. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members=num_members-1 WHERE id=?", orgID); err != nil {

  649. 		return err

  650. 	}

  651. 

  652. 	// Delete all repository accesses and unwatch them.

  653. 	env, err := org.accessibleReposEnv(sess, userID)

  654. 	if err != nil {

  655. 		return fmt.Errorf("AccessibleReposEnv: %v", err)

  656. 	}

  657. 	repoIDs, err := env.RepoIDs(1, org.NumRepos)

  658. 	if err != nil {

  659. 		return fmt.Errorf("GetUserRepositories [%d]: %v", userID, err)

  660. 	}

  661. 	for _, repoID := range repoIDs {

  662. 		if err = watchRepo(sess, userID, repoID, false); err != nil {

  663. 			return err

  664. 		}

  665. 	}

  666. 

  667. 	if len(repoIDs) > 0 {

  668. 		if _, err = sess.

  669. 			Where("user_id = ?", userID).

  670. 			In("repo_id", repoIDs).

  671. 			Delete(new(Access)); err != nil {

  672. 			return err

  673. 		}

  674. 	}

  675. 

  676. 	// Delete member in his/her teams.

  677. 	teams, err := getUserOrgTeams(sess, org.ID, userID)

  678. 	if err != nil {

  679. 		return err

  680. 	}

  681. 	for _, t := range teams {

  682. 		if err = removeTeamMember(sess, t, userID); err != nil {

  683. 			return err

  684. 		}

  685. 	}

  686. 

  687. 	return nil

  688. }

  689. 

  690. // RemoveOrgUser removes user from given organization.

  691. func RemoveOrgUser(orgID, userID int64) error {

  692. 	sess := x.NewSession()

  693. 	defer sess.Close()

  694. 	if err := sess.Begin(); err != nil {

  695. 		return err

  696. 	}

  697. 	if err := removeOrgUser(sess, orgID, userID); err != nil {

  698. 		return err

  699. 	}

  700. 	return sess.Commit()

  701. }

  702. 

  703. func removeOrgRepo(e Engine, orgID, repoID int64) error {

  704. 	teamRepos := make([]*TeamRepo, 0, 10)

  705. 	if err := e.Find(&teamRepos, &TeamRepo{OrgID: orgID, RepoID: repoID}); err != nil {

  706. 		return err

  707. 	}

  708. 

  709. 	if len(teamRepos) == 0 {

  710. 		return nil

  711. 	}

  712. 

  713. 	if _, err := e.Delete(&TeamRepo{

  714. 		OrgID:  orgID,

  715. 		RepoID: repoID,

  716. 	}); err != nil {

  717. 		return err

  718. 	}

  719. 

  720. 	teamIDs := make([]int64, len(teamRepos))

  721. 	for i, teamRepo := range teamRepos {

  722. 		teamIDs[i] = teamRepo.TeamID

  723. 	}

  724. 

  725. 	_, err := e.Decr("num_repos").In("id", teamIDs).Update(new(Team))

  726. 	return err

  727. }

  728. 

  729. func (org *User) getUserTeams(e Engine, userID int64, cols ...string) ([]*Team, error) {

  730. 	teams := make([]*Team, 0, org.NumTeams)

  731. 	return teams, e.

  732. 		Where("`team_user`.org_id = ?", org.ID).

  733. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  734. 		Join("INNER", "`user`", "`user`.id=team_user.uid").

  735. 		And("`team_user`.uid = ?", userID).

  736. 		Asc("`user`.name").

  737. 		Cols(cols...).

  738. 		Find(&teams)

  739. }

  740. 

  741. func (org *User) getUserTeamIDs(e Engine, userID int64) ([]int64, error) {

  742. 	teamIDs := make([]int64, 0, org.NumTeams)

  743. 	return teamIDs, e.

  744. 		Table("team").

  745. 		Cols("team.id").

  746. 		Where("`team_user`.org_id = ?", org.ID).

  747. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  748. 		And("`team_user`.uid = ?", userID).

  749. 		Find(&teamIDs)

  750. }

  751. 

  752. // TeamsWithAccessToRepo returns all teams that have given access level to the repository.

  753. func (org *User) TeamsWithAccessToRepo(repoID int64, mode AccessMode) ([]*Team, error) {

  754. 	return GetTeamsWithAccessToRepo(org.ID, repoID, mode)

  755. }

  756. 

  757. // GetUserTeamIDs returns of all team IDs of the organization that user is member of.

  758. func (org *User) GetUserTeamIDs(userID int64) ([]int64, error) {

  759. 	return org.getUserTeamIDs(x, userID)

  760. }

  761. 

  762. // GetUserTeams returns all teams that belong to user,

  763. // and that the user has joined.

  764. func (org *User) GetUserTeams(userID int64) ([]*Team, error) {

  765. 	return org.getUserTeams(x, userID)

  766. }

  767. 

  768. // AccessibleReposEnvironment operations involving the repositories that are

  769. // accessible to a particular user

  770. type AccessibleReposEnvironment interface {

  771. 	CountRepos() (int64, error)

  772. 	RepoIDs(page, pageSize int) ([]int64, error)

  773. 	Repos(page, pageSize int) ([]*Repository, error)

  774. 	MirrorRepos() ([]*Repository, error)

  775. 	AddKeyword(keyword string)

  776. 	SetSort(SearchOrderBy)

  777. }

  778. 

  779. type accessibleReposEnv struct {

  780. 	org     *User

  781. 	user    *User

  782. 	team    *Team

  783. 	teamIDs []int64

  784. 	e       Engine

  785. 	keyword string

  786. 	orderBy SearchOrderBy

  787. }

  788. 

  789. // AccessibleReposEnv builds an AccessibleReposEnvironment for the repositories in `org`

  790. // that are accessible to the specified user.

  791. func (org *User) AccessibleReposEnv(userID int64) (AccessibleReposEnvironment, error) {

  792. 	return org.accessibleReposEnv(x, userID)

  793. }

  794. 

  795. func (org *User) accessibleReposEnv(e Engine, userID int64) (AccessibleReposEnvironment, error) {

  796. 	var user *User

  797. 

  798. 	if userID > 0 {

  799. 		u, err := getUserByID(e, userID)

  800. 		if err != nil {

  801. 			return nil, err

  802. 		}

  803. 		user = u

  804. 	}

  805. 

  806. 	teamIDs, err := org.getUserTeamIDs(e, userID)

  807. 	if err != nil {

  808. 		return nil, err

  809. 	}

  810. 	return &accessibleReposEnv{

  811. 		org:     org,

  812. 		user:    user,

  813. 		teamIDs: teamIDs,

  814. 		e:       e,

  815. 		orderBy: SearchOrderByRecentUpdated,

  816. 	}, nil

  817. }

  818. 

  819. // AccessibleTeamReposEnv an AccessibleReposEnvironment for the repositories in `org`

  820. // that are accessible to the specified team.

  821. func (org *User) AccessibleTeamReposEnv(team *Team) AccessibleReposEnvironment {

  822. 	return &accessibleReposEnv{

  823. 		org:     org,

  824. 		team:    team,

  825. 		e:       x,

  826. 		orderBy: SearchOrderByRecentUpdated,

  827. 	}

  828. }

  829. 

  830. func (env *accessibleReposEnv) cond() builder.Cond {

  831. 	cond := builder.NewCond()

  832. 	if env.team != nil {

  833. 		cond = cond.And(builder.Eq{"team_repo.team_id": env.team.ID})

  834. 	} else {

  835. 		if env.user == nil || !env.user.IsRestricted {

  836. 			cond = cond.Or(builder.Eq{

  837. 				"`repository`.owner_id":   env.org.ID,

  838. 				"`repository`.is_private": false,

  839. 			})

  840. 		}

  841. 		if len(env.teamIDs) > 0 {

  842. 			cond = cond.Or(builder.In("team_repo.team_id", env.teamIDs))

  843. 		}

  844. 	}

  845. 	if env.keyword != "" {

  846. 		cond = cond.And(builder.Like{"`repository`.lower_name", strings.ToLower(env.keyword)})

  847. 	}

  848. 	return cond

  849. }

  850. 

  851. func (env *accessibleReposEnv) CountRepos() (int64, error) {

  852. 	repoCount, err := env.e.

  853. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").

  854. 		Where(env.cond()).

  855. 		Distinct("`repository`.id").

  856. 		Count(&Repository{})

  857. 	if err != nil {

  858. 		return 0, fmt.Errorf("count user repositories in organization: %v", err)

  859. 	}

  860. 	return repoCount, nil

  861. }

  862. 

  863. func (env *accessibleReposEnv) RepoIDs(page, pageSize int) ([]int64, error) {

  864. 	if page <= 0 {

  865. 		page = 1

  866. 	}

  867. 

  868. 	repoIDs := make([]int64, 0, pageSize)

  869. 	return repoIDs, env.e.

  870. 		Table("repository").

  871. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").

  872. 		Where(env.cond()).

  873. 		GroupBy("`repository`.id,`repository`."+strings.Fields(string(env.orderBy))[0]).

  874. 		OrderBy(string(env.orderBy)).

  875. 		Limit(pageSize, (page-1)*pageSize).

  876. 		Cols("`repository`.id").

  877. 		Find(&repoIDs)

  878. }

  879. 

  880. func (env *accessibleReposEnv) Repos(page, pageSize int) ([]*Repository, error) {

  881. 	repoIDs, err := env.RepoIDs(page, pageSize)

  882. 	if err != nil {

  883. 		return nil, fmt.Errorf("GetUserRepositoryIDs: %v", err)

  884. 	}

  885. 

  886. 	repos := make([]*Repository, 0, len(repoIDs))

  887. 	if len(repoIDs) == 0 {

  888. 		return repos, nil

  889. 	}

  890. 

  891. 	return repos, env.e.

  892. 		In("`repository`.id", repoIDs).

  893. 		OrderBy(string(env.orderBy)).

  894. 		Find(&repos)

  895. }

  896. 

  897. func (env *accessibleReposEnv) MirrorRepoIDs() ([]int64, error) {

  898. 	repoIDs := make([]int64, 0, 10)

  899. 	return repoIDs, env.e.

  900. 		Table("repository").

  901. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id AND `repository`.is_mirror=?", true).

  902. 		Where(env.cond()).

  903. 		GroupBy("`repository`.id, `repository`.updated_unix").

  904. 		OrderBy(string(env.orderBy)).

  905. 		Cols("`repository`.id").

  906. 		Find(&repoIDs)

  907. }

  908. 

  909. func (env *accessibleReposEnv) MirrorRepos() ([]*Repository, error) {

  910. 	repoIDs, err := env.MirrorRepoIDs()

  911. 	if err != nil {

  912. 		return nil, fmt.Errorf("MirrorRepoIDs: %v", err)

  913. 	}

  914. 

  915. 	repos := make([]*Repository, 0, len(repoIDs))

  916. 	if len(repoIDs) == 0 {

  917. 		return repos, nil

  918. 	}

  919. 

  920. 	return repos, env.e.

  921. 		In("`repository`.id", repoIDs).

  922. 		Find(&repos)

  923. }

  924. 

  925. func (env *accessibleReposEnv) AddKeyword(keyword string) {

  926. 	env.keyword = keyword

  927. }

  928. 

  929. func (env *accessibleReposEnv) SetSort(orderBy SearchOrderBy) {

  930. 	env.orderBy = orderBy

  931. }