mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14393 Commits
17 Branches
Tree: 6fe3c8b398
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6fe3c8b398'
${ noResults }
gitea/modules/context/org.go

org.go 6.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2020 The Gitea Authors.

  3. // SPDX-License-Identifier: MIT

  4. 

  5. package context

  6. 

  7. import (

  8. 	"strings"

  9. 

  10. 	"code.gitea.io/gitea/models/organization"

  11. 	"code.gitea.io/gitea/models/perm"

  12. 	"code.gitea.io/gitea/models/unit"

  13. 	user_model "code.gitea.io/gitea/models/user"

  14. 	"code.gitea.io/gitea/modules/log"

  15. 	"code.gitea.io/gitea/modules/setting"

  16. 	"code.gitea.io/gitea/modules/structs"

  17. )

  18. 

  19. // Organization contains organization context

  20. type Organization struct {

  21. 	IsOwner          bool

  22. 	IsMember         bool

  23. 	IsTeamMember     bool // Is member of team.

  24. 	IsTeamAdmin      bool // In owner team or team that has admin permission level.

  25. 	Organization     *organization.Organization

  26. 	OrgLink          string

  27. 	CanCreateOrgRepo bool

  28. 

  29. 	Team  *organization.Team

  30. 	Teams []*organization.Team

  31. }

  32. 

  33. func (org *Organization) CanWriteUnit(ctx *Context, unitType unit.Type) bool {

  34. 	if ctx.Doer == nil {

  35. 		return false

  36. 	}

  37. 	return org.UnitPermission(ctx, ctx.Doer.ID, unitType) >= perm.AccessModeWrite

  38. }

  39. 

  40. func (org *Organization) UnitPermission(ctx *Context, doerID int64, unitType unit.Type) perm.AccessMode {

  41. 	if doerID > 0 {

  42. 		teams, err := organization.GetUserOrgTeams(ctx, org.Organization.ID, doerID)

  43. 		if err != nil {

  44. 			log.Error("GetUserOrgTeams: %v", err)

  45. 			return perm.AccessModeNone

  46. 		}

  47. 		if len(teams) > 0 {

  48. 			return teams.UnitMaxAccess(unitType)

  49. 		}

  50. 	}

  51. 

  52. 	if org.Organization.Visibility == structs.VisibleTypePublic {

  53. 		return perm.AccessModeRead

  54. 	}

  55. 

  56. 	return perm.AccessModeNone

  57. }

  58. 

  59. // HandleOrgAssignment handles organization assignment

  60. func HandleOrgAssignment(ctx *Context, args ...bool) {

  61. 	var (

  62. 		requireMember     bool

  63. 		requireOwner      bool

  64. 		requireTeamMember bool

  65. 		requireTeamAdmin  bool

  66. 	)

  67. 	if len(args) >= 1 {

  68. 		requireMember = args[0]

  69. 	}

  70. 	if len(args) >= 2 {

  71. 		requireOwner = args[1]

  72. 	}

  73. 	if len(args) >= 3 {

  74. 		requireTeamMember = args[2]

  75. 	}

  76. 	if len(args) >= 4 {

  77. 		requireTeamAdmin = args[3]

  78. 	}

  79. 

  80. 	orgName := ctx.Params(":org")

  81. 

  82. 	var err error

  83. 	ctx.Org.Organization, err = organization.GetOrgByName(orgName)

  84. 	if err != nil {

  85. 		if organization.IsErrOrgNotExist(err) {

  86. 			redirectUserID, err := user_model.LookupUserRedirect(orgName)

  87. 			if err == nil {

  88. 				RedirectToUser(ctx, orgName, redirectUserID)

  89. 			} else if user_model.IsErrUserRedirectNotExist(err) {

  90. 				ctx.NotFound("GetUserByName", err)

  91. 			} else {

  92. 				ctx.ServerError("LookupUserRedirect", err)

  93. 			}

  94. 		} else {

  95. 			ctx.ServerError("GetUserByName", err)

  96. 		}

  97. 		return

  98. 	}

  99. 	org := ctx.Org.Organization

  100. 

  101. 	// Handle Visibility

  102. 	if org.Visibility != structs.VisibleTypePublic && !ctx.IsSigned {

  103. 		// We must be signed in to see limited or private organizations

  104. 		ctx.NotFound("OrgAssignment", err)

  105. 		return

  106. 	}

  107. 

  108. 	if org.Visibility == structs.VisibleTypePrivate {

  109. 		requireMember = true

  110. 	} else if ctx.IsSigned && ctx.Doer.IsRestricted {

  111. 		requireMember = true

  112. 	}

  113. 

  114. 	ctx.ContextUser = org.AsUser()

  115. 	ctx.Data["Org"] = org

  116. 

  117. 	// Admin has super access.

  118. 	if ctx.IsSigned && ctx.Doer.IsAdmin {

  119. 		ctx.Org.IsOwner = true

  120. 		ctx.Org.IsMember = true

  121. 		ctx.Org.IsTeamMember = true

  122. 		ctx.Org.IsTeamAdmin = true

  123. 		ctx.Org.CanCreateOrgRepo = true

  124. 	} else if ctx.IsSigned {

  125. 		ctx.Org.IsOwner, err = org.IsOwnedBy(ctx.Doer.ID)

  126. 		if err != nil {

  127. 			ctx.ServerError("IsOwnedBy", err)

  128. 			return

  129. 		}

  130. 

  131. 		if ctx.Org.IsOwner {

  132. 			ctx.Org.IsMember = true

  133. 			ctx.Org.IsTeamMember = true

  134. 			ctx.Org.IsTeamAdmin = true

  135. 			ctx.Org.CanCreateOrgRepo = true

  136. 		} else {

  137. 			ctx.Org.IsMember, err = org.IsOrgMember(ctx.Doer.ID)

  138. 			if err != nil {

  139. 				ctx.ServerError("IsOrgMember", err)

  140. 				return

  141. 			}

  142. 			ctx.Org.CanCreateOrgRepo, err = org.CanCreateOrgRepo(ctx.Doer.ID)

  143. 			if err != nil {

  144. 				ctx.ServerError("CanCreateOrgRepo", err)

  145. 				return

  146. 			}

  147. 		}

  148. 	} else {

  149. 		// Fake data.

  150. 		ctx.Data["SignedUser"] = &user_model.User{}

  151. 	}

  152. 	if (requireMember && !ctx.Org.IsMember) ||

  153. 		(requireOwner && !ctx.Org.IsOwner) {

  154. 		ctx.NotFound("OrgAssignment", err)

  155. 		return

  156. 	}

  157. 	ctx.Data["IsOrganizationOwner"] = ctx.Org.IsOwner

  158. 	ctx.Data["IsOrganizationMember"] = ctx.Org.IsMember

  159. 	ctx.Data["IsPackageEnabled"] = setting.Packages.Enabled

  160. 	ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled

  161. 	ctx.Data["IsPublicMember"] = func(uid int64) bool {

  162. 		is, _ := organization.IsPublicMembership(ctx.Org.Organization.ID, uid)

  163. 		return is

  164. 	}

  165. 	ctx.Data["CanCreateOrgRepo"] = ctx.Org.CanCreateOrgRepo

  166. 

  167. 	ctx.Org.OrgLink = org.AsUser().OrganisationLink()

  168. 	ctx.Data["OrgLink"] = ctx.Org.OrgLink

  169. 

  170. 	// Team.

  171. 	if ctx.Org.IsMember {

  172. 		shouldSeeAllTeams := false

  173. 		if ctx.Org.IsOwner {

  174. 			shouldSeeAllTeams = true

  175. 		} else {

  176. 			teams, err := org.GetUserTeams(ctx.Doer.ID)

  177. 			if err != nil {

  178. 				ctx.ServerError("GetUserTeams", err)

  179. 				return

  180. 			}

  181. 			for _, team := range teams {

  182. 				if team.IncludesAllRepositories && team.AccessMode >= perm.AccessModeAdmin {

  183. 					shouldSeeAllTeams = true

  184. 					break

  185. 				}

  186. 			}

  187. 		}

  188. 		if shouldSeeAllTeams {

  189. 			ctx.Org.Teams, err = org.LoadTeams()

  190. 			if err != nil {

  191. 				ctx.ServerError("LoadTeams", err)

  192. 				return

  193. 			}

  194. 		} else {

  195. 			ctx.Org.Teams, err = org.GetUserTeams(ctx.Doer.ID)

  196. 			if err != nil {

  197. 				ctx.ServerError("GetUserTeams", err)

  198. 				return

  199. 			}

  200. 		}

  201. 	}

  202. 

  203. 	teamName := ctx.Params(":team")

  204. 	if len(teamName) > 0 {

  205. 		teamExists := false

  206. 		for _, team := range ctx.Org.Teams {

  207. 			if team.LowerName == strings.ToLower(teamName) {

  208. 				teamExists = true

  209. 				ctx.Org.Team = team

  210. 				ctx.Org.IsTeamMember = true

  211. 				ctx.Data["Team"] = ctx.Org.Team

  212. 				break

  213. 			}

  214. 		}

  215. 

  216. 		if !teamExists {

  217. 			ctx.NotFound("OrgAssignment", err)

  218. 			return

  219. 		}

  220. 

  221. 		ctx.Data["IsTeamMember"] = ctx.Org.IsTeamMember

  222. 		if requireTeamMember && !ctx.Org.IsTeamMember {

  223. 			ctx.NotFound("OrgAssignment", err)

  224. 			return

  225. 		}

  226. 

  227. 		ctx.Org.IsTeamAdmin = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.AccessMode >= perm.AccessModeAdmin

  228. 		ctx.Data["IsTeamAdmin"] = ctx.Org.IsTeamAdmin

  229. 		if requireTeamAdmin && !ctx.Org.IsTeamAdmin {

  230. 			ctx.NotFound("OrgAssignment", err)

  231. 			return

  232. 		}

  233. 	}

  234. }

  235. 

  236. // OrgAssignment returns a middleware to handle organization assignment

  237. func OrgAssignment(args ...bool) func(ctx *Context) {

  238. 	return func(ctx *Context) {

  239. 		HandleOrgAssignment(ctx, args...)

  240. 	}

  241. }