mirrors
/
gitea
镜像来自 https://github.com/go-gitea/gitea.git
關註 1
收藏 0
複製 0
程式碼 問題管理 0 版本發佈 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11345 Commit
17 分支
目錄樹: a67861b4dc
分支列表 標籤列表
${ item.name }
Create branch ${ searchTerm }
from 'a67861b4dc'
${ noResults }
gitea/models/org.go

org.go 24KB
原始文件 Blame 文件歷史

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package models

  7. 

  8. import (

  9. 	"fmt"

  10. 	"strings"

  11. 

  12. 	"code.gitea.io/gitea/modules/log"

  13. 	"code.gitea.io/gitea/modules/setting"

  14. 	"code.gitea.io/gitea/modules/storage"

  15. 	"code.gitea.io/gitea/modules/structs"

  16. 	"code.gitea.io/gitea/modules/util"

  17. 

  18. 	"xorm.io/builder"

  19. 	"xorm.io/xorm"

  20. )

  21. 

  22. // IsOwnedBy returns true if given user is in the owner team.

  23. func (org *User) IsOwnedBy(uid int64) (bool, error) {

  24. 	return IsOrganizationOwner(org.ID, uid)

  25. }

  26. 

  27. // IsOrgMember returns true if given user is member of organization.

  28. func (org *User) IsOrgMember(uid int64) (bool, error) {

  29. 	return IsOrganizationMember(org.ID, uid)

  30. }

  31. 

  32. // CanCreateOrgRepo returns true if given user can create repo in organization

  33. func (org *User) CanCreateOrgRepo(uid int64) (bool, error) {

  34. 	return CanCreateOrgRepo(org.ID, uid)

  35. }

  36. 

  37. func (org *User) getTeam(e Engine, name string) (*Team, error) {

  38. 	return getTeam(e, org.ID, name)

  39. }

  40. 

  41. // GetTeam returns named team of organization.

  42. func (org *User) GetTeam(name string) (*Team, error) {

  43. 	return org.getTeam(x, name)

  44. }

  45. 

  46. func (org *User) getOwnerTeam(e Engine) (*Team, error) {

  47. 	return org.getTeam(e, ownerTeamName)

  48. }

  49. 

  50. // GetOwnerTeam returns owner team of organization.

  51. func (org *User) GetOwnerTeam() (*Team, error) {

  52. 	return org.getOwnerTeam(x)

  53. }

  54. 

  55. func (org *User) getTeams(e Engine) error {

  56. 	if org.Teams != nil {

  57. 		return nil

  58. 	}

  59. 	return e.

  60. 		Where("org_id=?", org.ID).

  61. 		OrderBy("CASE WHEN name LIKE '" + ownerTeamName + "' THEN '' ELSE name END").

  62. 		Find(&org.Teams)

  63. }

  64. 

  65. // GetTeams returns paginated teams that belong to organization.

  66. func (org *User) GetTeams(opts *SearchTeamOptions) error {

  67. 	if opts.Page != 0 {

  68. 		return org.getTeams(opts.getPaginatedSession())

  69. 	}

  70. 

  71. 	return org.getTeams(x)

  72. }

  73. 

  74. // GetMembers returns all members of organization.

  75. func (org *User) GetMembers() (err error) {

  76. 	org.Members, org.MembersIsPublic, err = FindOrgMembers(&FindOrgMembersOpts{

  77. 		OrgID: org.ID,

  78. 	})

  79. 	return

  80. }

  81. 

  82. // FindOrgMembersOpts represensts find org members condtions

  83. type FindOrgMembersOpts struct {

  84. 	ListOptions

  85. 	OrgID      int64

  86. 	PublicOnly bool

  87. }

  88. 

  89. // CountOrgMembers counts the organization's members

  90. func CountOrgMembers(opts FindOrgMembersOpts) (int64, error) {

  91. 	sess := x.Where("org_id=?", opts.OrgID)

  92. 	if opts.PublicOnly {

  93. 		sess.And("is_public = ?", true)

  94. 	}

  95. 	return sess.Count(new(OrgUser))

  96. }

  97. 

  98. // FindOrgMembers loads organization members according conditions

  99. func FindOrgMembers(opts *FindOrgMembersOpts) (UserList, map[int64]bool, error) {

  100. 	ous, err := GetOrgUsersByOrgID(opts)

  101. 	if err != nil {

  102. 		return nil, nil, err

  103. 	}

  104. 

  105. 	ids := make([]int64, len(ous))

  106. 	idsIsPublic := make(map[int64]bool, len(ous))

  107. 	for i, ou := range ous {

  108. 		ids[i] = ou.UID

  109. 		idsIsPublic[ou.UID] = ou.IsPublic

  110. 	}

  111. 

  112. 	users, err := GetUsersByIDs(ids)

  113. 	if err != nil {

  114. 		return nil, nil, err

  115. 	}

  116. 	return users, idsIsPublic, nil

  117. }

  118. 

  119. // AddMember adds new member to organization.

  120. func (org *User) AddMember(uid int64) error {

  121. 	return AddOrgUser(org.ID, uid)

  122. }

  123. 

  124. // RemoveMember removes member from organization.

  125. func (org *User) RemoveMember(uid int64) error {

  126. 	return RemoveOrgUser(org.ID, uid)

  127. }

  128. 

  129. func (org *User) removeOrgRepo(e Engine, repoID int64) error {

  130. 	return removeOrgRepo(e, org.ID, repoID)

  131. }

  132. 

  133. // RemoveOrgRepo removes all team-repository relations of organization.

  134. func (org *User) RemoveOrgRepo(repoID int64) error {

  135. 	return org.removeOrgRepo(x, repoID)

  136. }

  137. 

  138. // CreateOrganization creates record of a new organization.

  139. func CreateOrganization(org, owner *User) (err error) {

  140. 	if !owner.CanCreateOrganization() {

  141. 		return ErrUserNotAllowedCreateOrg{}

  142. 	}

  143. 

  144. 	if err = IsUsableUsername(org.Name); err != nil {

  145. 		return err

  146. 	}

  147. 

  148. 	isExist, err := IsUserExist(0, org.Name)

  149. 	if err != nil {

  150. 		return err

  151. 	} else if isExist {

  152. 		return ErrUserAlreadyExist{org.Name}

  153. 	}

  154. 

  155. 	org.LowerName = strings.ToLower(org.Name)

  156. 	if org.Rands, err = GetUserSalt(); err != nil {

  157. 		return err

  158. 	}

  159. 	if org.Salt, err = GetUserSalt(); err != nil {

  160. 		return err

  161. 	}

  162. 	org.UseCustomAvatar = true

  163. 	org.MaxRepoCreation = -1

  164. 	org.NumTeams = 1

  165. 	org.NumMembers = 1

  166. 	org.Type = UserTypeOrganization

  167. 

  168. 	sess := x.NewSession()

  169. 	defer sess.Close()

  170. 	if err = sess.Begin(); err != nil {

  171. 		return err

  172. 	}

  173. 

  174. 	if err = deleteUserRedirect(sess, org.Name); err != nil {

  175. 		return err

  176. 	}

  177. 

  178. 	if _, err = sess.Insert(org); err != nil {

  179. 		return fmt.Errorf("insert organization: %v", err)

  180. 	}

  181. 	if err = org.generateRandomAvatar(sess); err != nil {

  182. 		return fmt.Errorf("generate random avatar: %v", err)

  183. 	}

  184. 

  185. 	// Add initial creator to organization and owner team.

  186. 	if _, err = sess.Insert(&OrgUser{

  187. 		UID:   owner.ID,

  188. 		OrgID: org.ID,

  189. 	}); err != nil {

  190. 		return fmt.Errorf("insert org-user relation: %v", err)

  191. 	}

  192. 

  193. 	// Create default owner team.

  194. 	t := &Team{

  195. 		OrgID:                   org.ID,

  196. 		LowerName:               strings.ToLower(ownerTeamName),

  197. 		Name:                    ownerTeamName,

  198. 		Authorize:               AccessModeOwner,

  199. 		NumMembers:              1,

  200. 		IncludesAllRepositories: true,

  201. 		CanCreateOrgRepo:        true,

  202. 	}

  203. 	if _, err = sess.Insert(t); err != nil {

  204. 		return fmt.Errorf("insert owner team: %v", err)

  205. 	}

  206. 

  207. 	// insert units for team

  208. 	units := make([]TeamUnit, 0, len(AllRepoUnitTypes))

  209. 	for _, tp := range AllRepoUnitTypes {

  210. 		units = append(units, TeamUnit{

  211. 			OrgID:  org.ID,

  212. 			TeamID: t.ID,

  213. 			Type:   tp,

  214. 		})

  215. 	}

  216. 

  217. 	if _, err = sess.Insert(&units); err != nil {

  218. 		if err := sess.Rollback(); err != nil {

  219. 			log.Error("CreateOrganization: sess.Rollback: %v", err)

  220. 		}

  221. 		return err

  222. 	}

  223. 

  224. 	if _, err = sess.Insert(&TeamUser{

  225. 		UID:    owner.ID,

  226. 		OrgID:  org.ID,

  227. 		TeamID: t.ID,

  228. 	}); err != nil {

  229. 		return fmt.Errorf("insert team-user relation: %v", err)

  230. 	}

  231. 

  232. 	return sess.Commit()

  233. }

  234. 

  235. // GetOrgByName returns organization by given name.

  236. func GetOrgByName(name string) (*User, error) {

  237. 	if len(name) == 0 {

  238. 		return nil, ErrOrgNotExist{0, name}

  239. 	}

  240. 	u := &User{

  241. 		LowerName: strings.ToLower(name),

  242. 		Type:      UserTypeOrganization,

  243. 	}

  244. 	has, err := x.Get(u)

  245. 	if err != nil {

  246. 		return nil, err

  247. 	} else if !has {

  248. 		return nil, ErrOrgNotExist{0, name}

  249. 	}

  250. 	return u, nil

  251. }

  252. 

  253. // CountOrganizations returns number of organizations.

  254. func CountOrganizations() int64 {

  255. 	count, _ := x.

  256. 		Where("type=1").

  257. 		Count(new(User))

  258. 	return count

  259. }

  260. 

  261. // DeleteOrganization completely and permanently deletes everything of organization.

  262. func DeleteOrganization(org *User) (err error) {

  263. 	if !org.IsOrganization() {

  264. 		return fmt.Errorf("%s is a user not an organization", org.Name)

  265. 	}

  266. 

  267. 	sess := x.NewSession()

  268. 	defer sess.Close()

  269. 

  270. 	if err = sess.Begin(); err != nil {

  271. 		return err

  272. 	}

  273. 

  274. 	if err = deleteOrg(sess, org); err != nil {

  275. 		if IsErrUserOwnRepos(err) {

  276. 			return err

  277. 		} else if err != nil {

  278. 			return fmt.Errorf("deleteOrg: %v", err)

  279. 		}

  280. 	}

  281. 

  282. 	return sess.Commit()

  283. }

  284. 

  285. func deleteOrg(e *xorm.Session, u *User) error {

  286. 	// Check ownership of repository.

  287. 	count, err := getRepositoryCount(e, u)

  288. 	if err != nil {

  289. 		return fmt.Errorf("GetRepositoryCount: %v", err)

  290. 	} else if count > 0 {

  291. 		return ErrUserOwnRepos{UID: u.ID}

  292. 	}

  293. 

  294. 	if err := deleteBeans(e,

  295. 		&Team{OrgID: u.ID},

  296. 		&OrgUser{OrgID: u.ID},

  297. 		&TeamUser{OrgID: u.ID},

  298. 		&TeamUnit{OrgID: u.ID},

  299. 	); err != nil {

  300. 		return fmt.Errorf("deleteBeans: %v", err)

  301. 	}

  302. 

  303. 	if _, err = e.ID(u.ID).Delete(new(User)); err != nil {

  304. 		return fmt.Errorf("Delete: %v", err)

  305. 	}

  306. 

  307. 	// FIXME: system notice

  308. 	// Note: There are something just cannot be roll back,

  309. 	//	so just keep error logs of those operations.

  310. 	path := UserPath(u.Name)

  311. 

  312. 	if err := util.RemoveAll(path); err != nil {

  313. 		return fmt.Errorf("Failed to RemoveAll %s: %v", path, err)

  314. 	}

  315. 

  316. 	if len(u.Avatar) > 0 {

  317. 		avatarPath := u.CustomAvatarRelativePath()

  318. 		if err := storage.Avatars.Delete(avatarPath); err != nil {

  319. 			return fmt.Errorf("Failed to remove %s: %v", avatarPath, err)

  320. 		}

  321. 	}

  322. 

  323. 	return nil

  324. }

  325. 

  326. // ________                ____ ___

  327. // \_____  \_______  ____ |    |   \______ ___________

  328. //  /   |   \_  __ \/ ___\|    |   /  ___// __ \_  __ \

  329. // /    |    \  | \/ /_/  >    |  /\___ \\  ___/|  | \/

  330. // \_______  /__|  \___  /|______//____  >\___  >__|

  331. //         \/     /_____/              \/     \/

  332. 

  333. // OrgUser represents an organization-user relation.

  334. type OrgUser struct {

  335. 	ID       int64 `xorm:"pk autoincr"`

  336. 	UID      int64 `xorm:"INDEX UNIQUE(s)"`

  337. 	OrgID    int64 `xorm:"INDEX UNIQUE(s)"`

  338. 	IsPublic bool  `xorm:"INDEX"`

  339. }

  340. 

  341. func isOrganizationOwner(e Engine, orgID, uid int64) (bool, error) {

  342. 	ownerTeam, err := getOwnerTeam(e, orgID)

  343. 	if err != nil {

  344. 		if IsErrTeamNotExist(err) {

  345. 			log.Error("Organization does not have owner team: %d", orgID)

  346. 			return false, nil

  347. 		}

  348. 		return false, err

  349. 	}

  350. 	return isTeamMember(e, orgID, ownerTeam.ID, uid)

  351. }

  352. 

  353. // IsOrganizationOwner returns true if given user is in the owner team.

  354. func IsOrganizationOwner(orgID, uid int64) (bool, error) {

  355. 	return isOrganizationOwner(x, orgID, uid)

  356. }

  357. 

  358. // IsOrganizationMember returns true if given user is member of organization.

  359. func IsOrganizationMember(orgID, uid int64) (bool, error) {

  360. 	return isOrganizationMember(x, orgID, uid)

  361. }

  362. 

  363. func isOrganizationMember(e Engine, orgID, uid int64) (bool, error) {

  364. 	return e.

  365. 		Where("uid=?", uid).

  366. 		And("org_id=?", orgID).

  367. 		Table("org_user").

  368. 		Exist()

  369. }

  370. 

  371. // IsPublicMembership returns true if given user public his/her membership.

  372. func IsPublicMembership(orgID, uid int64) (bool, error) {

  373. 	return x.

  374. 		Where("uid=?", uid).

  375. 		And("org_id=?", orgID).

  376. 		And("is_public=?", true).

  377. 		Table("org_user").

  378. 		Exist()

  379. }

  380. 

  381. // CanCreateOrgRepo returns true if user can create repo in organization

  382. func CanCreateOrgRepo(orgID, uid int64) (bool, error) {

  383. 	if owner, err := IsOrganizationOwner(orgID, uid); owner || err != nil {

  384. 		return owner, err

  385. 	}

  386. 	return x.

  387. 		Where(builder.Eq{"team.can_create_org_repo": true}).

  388. 		Join("INNER", "team_user", "team_user.team_id = team.id").

  389. 		And("team_user.uid = ?", uid).

  390. 		And("team_user.org_id = ?", orgID).

  391. 		Exist(new(Team))

  392. }

  393. 

  394. // GetUsersWhoCanCreateOrgRepo returns users which are able to create repo in organization

  395. func GetUsersWhoCanCreateOrgRepo(orgID int64) ([]*User, error) {

  396. 	return getUsersWhoCanCreateOrgRepo(x, orgID)

  397. }

  398. 

  399. func getUsersWhoCanCreateOrgRepo(e Engine, orgID int64) ([]*User, error) {

  400. 	users := make([]*User, 0, 10)

  401. 	return users, x.

  402. 		Join("INNER", "`team_user`", "`team_user`.uid=`user`.id").

  403. 		Join("INNER", "`team`", "`team`.id=`team_user`.team_id").

  404. 		Where(builder.Eq{"team.can_create_org_repo": true}.Or(builder.Eq{"team.authorize": AccessModeOwner})).

  405. 		And("team_user.org_id = ?", orgID).Asc("`user`.name").Find(&users)

  406. }

  407. 

  408. func getOrgsByUserID(sess *xorm.Session, userID int64, showAll bool) ([]*User, error) {

  409. 	orgs := make([]*User, 0, 10)

  410. 	if !showAll {

  411. 		sess.And("`org_user`.is_public=?", true)

  412. 	}

  413. 	return orgs, sess.

  414. 		And("`org_user`.uid=?", userID).

  415. 		Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").

  416. 		Asc("`user`.name").

  417. 		Find(&orgs)

  418. }

  419. 

  420. // GetOrgsByUserID returns a list of organizations that the given user ID

  421. // has joined.

  422. func GetOrgsByUserID(userID int64, showAll bool) ([]*User, error) {

  423. 	sess := x.NewSession()

  424. 	defer sess.Close()

  425. 	return getOrgsByUserID(sess, userID, showAll)

  426. }

  427. 

  428. func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {

  429. 	orgs := make([]*User, 0, 10)

  430. 	return orgs, sess.

  431. 		Join("INNER", "`team_user`", "`team_user`.org_id=`user`.id").

  432. 		Join("INNER", "`team`", "`team`.id=`team_user`.team_id").

  433. 		Where("`team_user`.uid=?", userID).

  434. 		And("`team`.authorize=?", AccessModeOwner).

  435. 		Asc("`user`.name").

  436. 		Find(&orgs)

  437. }

  438. 

  439. // HasOrgVisible tells if the given user can see the given org

  440. func HasOrgVisible(org, user *User) bool {

  441. 	return hasOrgVisible(x, org, user)

  442. }

  443. 

  444. func hasOrgVisible(e Engine, org, user *User) bool {

  445. 	// Not SignedUser

  446. 	if user == nil {

  447. 		return org.Visibility == structs.VisibleTypePublic

  448. 	}

  449. 

  450. 	if user.IsAdmin {

  451. 		return true

  452. 	}

  453. 

  454. 	if (org.Visibility == structs.VisibleTypePrivate || user.IsRestricted) && !org.hasMemberWithUserID(e, user.ID) {

  455. 		return false

  456. 	}

  457. 	return true

  458. }

  459. 

  460. // HasOrgsVisible tells if the given user can see at least one of the orgs provided

  461. func HasOrgsVisible(orgs []*User, user *User) bool {

  462. 	if len(orgs) == 0 {

  463. 		return false

  464. 	}

  465. 

  466. 	for _, org := range orgs {

  467. 		if HasOrgVisible(org, user) {

  468. 			return true

  469. 		}

  470. 	}

  471. 	return false

  472. }

  473. 

  474. // GetOwnedOrgsByUserID returns a list of organizations are owned by given user ID.

  475. func GetOwnedOrgsByUserID(userID int64) ([]*User, error) {

  476. 	sess := x.NewSession()

  477. 	defer sess.Close()

  478. 	return getOwnedOrgsByUserID(sess, userID)

  479. }

  480. 

  481. // GetOwnedOrgsByUserIDDesc returns a list of organizations are owned by

  482. // given user ID, ordered descending by the given condition.

  483. func GetOwnedOrgsByUserIDDesc(userID int64, desc string) ([]*User, error) {

  484. 	return getOwnedOrgsByUserID(x.Desc(desc), userID)

  485. }

  486. 

  487. // GetOrgsCanCreateRepoByUserID returns a list of organizations where given user ID

  488. // are allowed to create repos.

  489. func GetOrgsCanCreateRepoByUserID(userID int64) ([]*User, error) {

  490. 	orgs := make([]*User, 0, 10)

  491. 

  492. 	return orgs, x.Where(builder.In("id", builder.Select("`user`.id").From("`user`").

  493. 		Join("INNER", "`team_user`", "`team_user`.org_id = `user`.id").

  494. 		Join("INNER", "`team`", "`team`.id = `team_user`.team_id").

  495. 		Where(builder.Eq{"`team_user`.uid": userID}).

  496. 		And(builder.Eq{"`team`.authorize": AccessModeOwner}.Or(builder.Eq{"`team`.can_create_org_repo": true})))).

  497. 		Asc("`user`.name").

  498. 		Find(&orgs)

  499. }

  500. 

  501. // GetOrgUsersByUserID returns all organization-user relations by user ID.

  502. func GetOrgUsersByUserID(uid int64, opts *SearchOrganizationsOptions) ([]*OrgUser, error) {

  503. 	ous := make([]*OrgUser, 0, 10)

  504. 	sess := x.

  505. 		Join("LEFT", "`user`", "`org_user`.org_id=`user`.id").

  506. 		Where("`org_user`.uid=?", uid)

  507. 	if !opts.All {

  508. 		// Only show public organizations

  509. 		sess.And("is_public=?", true)

  510. 	}

  511. 

  512. 	if opts.PageSize != 0 {

  513. 		sess = opts.setSessionPagination(sess)

  514. 	}

  515. 

  516. 	err := sess.

  517. 		Asc("`user`.name").

  518. 		Find(&ous)

  519. 	return ous, err

  520. }

  521. 

  522. // GetOrgUsersByOrgID returns all organization-user relations by organization ID.

  523. func GetOrgUsersByOrgID(opts *FindOrgMembersOpts) ([]*OrgUser, error) {

  524. 	return getOrgUsersByOrgID(x, opts)

  525. }

  526. 

  527. func getOrgUsersByOrgID(e Engine, opts *FindOrgMembersOpts) ([]*OrgUser, error) {

  528. 	sess := e.Where("org_id=?", opts.OrgID)

  529. 	if opts.PublicOnly {

  530. 		sess.And("is_public = ?", true)

  531. 	}

  532. 	if opts.ListOptions.PageSize > 0 {

  533. 		sess = opts.setSessionPagination(sess)

  534. 

  535. 		ous := make([]*OrgUser, 0, opts.PageSize)

  536. 		return ous, sess.Find(&ous)

  537. 	}

  538. 

  539. 	var ous []*OrgUser

  540. 	return ous, sess.Find(&ous)

  541. }

  542. 

  543. // ChangeOrgUserStatus changes public or private membership status.

  544. func ChangeOrgUserStatus(orgID, uid int64, public bool) error {

  545. 	ou := new(OrgUser)

  546. 	has, err := x.

  547. 		Where("uid=?", uid).

  548. 		And("org_id=?", orgID).

  549. 		Get(ou)

  550. 	if err != nil {

  551. 		return err

  552. 	} else if !has {

  553. 		return nil

  554. 	}

  555. 

  556. 	ou.IsPublic = public

  557. 	_, err = x.ID(ou.ID).Cols("is_public").Update(ou)

  558. 	return err

  559. }

  560. 

  561. // AddOrgUser adds new user to given organization.

  562. func AddOrgUser(orgID, uid int64) error {

  563. 	isAlreadyMember, err := IsOrganizationMember(orgID, uid)

  564. 	if err != nil || isAlreadyMember {

  565. 		return err

  566. 	}

  567. 

  568. 	sess := x.NewSession()

  569. 	defer sess.Close()

  570. 	if err := sess.Begin(); err != nil {

  571. 		return err

  572. 	}

  573. 

  574. 	ou := &OrgUser{

  575. 		UID:      uid,

  576. 		OrgID:    orgID,

  577. 		IsPublic: setting.Service.DefaultOrgMemberVisible,

  578. 	}

  579. 

  580. 	if _, err := sess.Insert(ou); err != nil {

  581. 		if err := sess.Rollback(); err != nil {

  582. 			log.Error("AddOrgUser: sess.Rollback: %v", err)

  583. 		}

  584. 		return err

  585. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgID); err != nil {

  586. 		if err := sess.Rollback(); err != nil {

  587. 			log.Error("AddOrgUser: sess.Rollback: %v", err)

  588. 		}

  589. 		return err

  590. 	}

  591. 

  592. 	return sess.Commit()

  593. }

  594. 

  595. func removeOrgUser(sess *xorm.Session, orgID, userID int64) error {

  596. 	ou := new(OrgUser)

  597. 

  598. 	has, err := sess.

  599. 		Where("uid=?", userID).

  600. 		And("org_id=?", orgID).

  601. 		Get(ou)

  602. 	if err != nil {

  603. 		return fmt.Errorf("get org-user: %v", err)

  604. 	} else if !has {

  605. 		return nil

  606. 	}

  607. 

  608. 	org, err := getUserByID(sess, orgID)

  609. 	if err != nil {

  610. 		return fmt.Errorf("GetUserByID [%d]: %v", orgID, err)

  611. 	}

  612. 

  613. 	// Check if the user to delete is the last member in owner team.

  614. 	if isOwner, err := isOrganizationOwner(sess, orgID, userID); err != nil {

  615. 		return err

  616. 	} else if isOwner {

  617. 		t, err := org.getOwnerTeam(sess)

  618. 		if err != nil {

  619. 			return err

  620. 		}

  621. 		if t.NumMembers == 1 {

  622. 			if err := t.getMembers(sess); err != nil {

  623. 				return err

  624. 			}

  625. 			if t.Members[0].ID == userID {

  626. 				return ErrLastOrgOwner{UID: userID}

  627. 			}

  628. 		}

  629. 	}

  630. 

  631. 	if _, err := sess.ID(ou.ID).Delete(ou); err != nil {

  632. 		return err

  633. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members=num_members-1 WHERE id=?", orgID); err != nil {

  634. 		return err

  635. 	}

  636. 

  637. 	// Delete all repository accesses and unwatch them.

  638. 	env, err := org.accessibleReposEnv(sess, userID)

  639. 	if err != nil {

  640. 		return fmt.Errorf("AccessibleReposEnv: %v", err)

  641. 	}

  642. 	repoIDs, err := env.RepoIDs(1, org.NumRepos)

  643. 	if err != nil {

  644. 		return fmt.Errorf("GetUserRepositories [%d]: %v", userID, err)

  645. 	}

  646. 	for _, repoID := range repoIDs {

  647. 		if err = watchRepo(sess, userID, repoID, false); err != nil {

  648. 			return err

  649. 		}

  650. 	}

  651. 

  652. 	if len(repoIDs) > 0 {

  653. 		if _, err = sess.

  654. 			Where("user_id = ?", userID).

  655. 			In("repo_id", repoIDs).

  656. 			Delete(new(Access)); err != nil {

  657. 			return err

  658. 		}

  659. 	}

  660. 

  661. 	// Delete member in his/her teams.

  662. 	teams, err := getUserOrgTeams(sess, org.ID, userID)

  663. 	if err != nil {

  664. 		return err

  665. 	}

  666. 	for _, t := range teams {

  667. 		if err = removeTeamMember(sess, t, userID); err != nil {

  668. 			return err

  669. 		}

  670. 	}

  671. 

  672. 	return nil

  673. }

  674. 

  675. // RemoveOrgUser removes user from given organization.

  676. func RemoveOrgUser(orgID, userID int64) error {

  677. 	sess := x.NewSession()

  678. 	defer sess.Close()

  679. 	if err := sess.Begin(); err != nil {

  680. 		return err

  681. 	}

  682. 	if err := removeOrgUser(sess, orgID, userID); err != nil {

  683. 		return err

  684. 	}

  685. 	return sess.Commit()

  686. }

  687. 

  688. func removeOrgRepo(e Engine, orgID, repoID int64) error {

  689. 	teamRepos := make([]*TeamRepo, 0, 10)

  690. 	if err := e.Find(&teamRepos, &TeamRepo{OrgID: orgID, RepoID: repoID}); err != nil {

  691. 		return err

  692. 	}

  693. 

  694. 	if len(teamRepos) == 0 {

  695. 		return nil

  696. 	}

  697. 

  698. 	if _, err := e.Delete(&TeamRepo{

  699. 		OrgID:  orgID,

  700. 		RepoID: repoID,

  701. 	}); err != nil {

  702. 		return err

  703. 	}

  704. 

  705. 	teamIDs := make([]int64, len(teamRepos))

  706. 	for i, teamRepo := range teamRepos {

  707. 		teamIDs[i] = teamRepo.TeamID

  708. 	}

  709. 

  710. 	_, err := e.Decr("num_repos").In("id", teamIDs).Update(new(Team))

  711. 	return err

  712. }

  713. 

  714. func (org *User) getUserTeams(e Engine, userID int64, cols ...string) ([]*Team, error) {

  715. 	teams := make([]*Team, 0, org.NumTeams)

  716. 	return teams, e.

  717. 		Where("`team_user`.org_id = ?", org.ID).

  718. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  719. 		Join("INNER", "`user`", "`user`.id=team_user.uid").

  720. 		And("`team_user`.uid = ?", userID).

  721. 		Asc("`user`.name").

  722. 		Cols(cols...).

  723. 		Find(&teams)

  724. }

  725. 

  726. func (org *User) getUserTeamIDs(e Engine, userID int64) ([]int64, error) {

  727. 	teamIDs := make([]int64, 0, org.NumTeams)

  728. 	return teamIDs, e.

  729. 		Table("team").

  730. 		Cols("team.id").

  731. 		Where("`team_user`.org_id = ?", org.ID).

  732. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  733. 		And("`team_user`.uid = ?", userID).

  734. 		Find(&teamIDs)

  735. }

  736. 

  737. // TeamsWithAccessToRepo returns all teams that have given access level to the repository.

  738. func (org *User) TeamsWithAccessToRepo(repoID int64, mode AccessMode) ([]*Team, error) {

  739. 	return GetTeamsWithAccessToRepo(org.ID, repoID, mode)

  740. }

  741. 

  742. // GetUserTeamIDs returns of all team IDs of the organization that user is member of.

  743. func (org *User) GetUserTeamIDs(userID int64) ([]int64, error) {

  744. 	return org.getUserTeamIDs(x, userID)

  745. }

  746. 

  747. // GetUserTeams returns all teams that belong to user,

  748. // and that the user has joined.

  749. func (org *User) GetUserTeams(userID int64) ([]*Team, error) {

  750. 	return org.getUserTeams(x, userID)

  751. }

  752. 

  753. // AccessibleReposEnvironment operations involving the repositories that are

  754. // accessible to a particular user

  755. type AccessibleReposEnvironment interface {

  756. 	CountRepos() (int64, error)

  757. 	RepoIDs(page, pageSize int) ([]int64, error)

  758. 	Repos(page, pageSize int) ([]*Repository, error)

  759. 	MirrorRepos() ([]*Repository, error)

  760. 	AddKeyword(keyword string)

  761. 	SetSort(SearchOrderBy)

  762. }

  763. 

  764. type accessibleReposEnv struct {

  765. 	org     *User

  766. 	user    *User

  767. 	team    *Team

  768. 	teamIDs []int64

  769. 	e       Engine

  770. 	keyword string

  771. 	orderBy SearchOrderBy

  772. }

  773. 

  774. // AccessibleReposEnv builds an AccessibleReposEnvironment for the repositories in `org`

  775. // that are accessible to the specified user.

  776. func (org *User) AccessibleReposEnv(userID int64) (AccessibleReposEnvironment, error) {

  777. 	return org.accessibleReposEnv(x, userID)

  778. }

  779. 

  780. func (org *User) accessibleReposEnv(e Engine, userID int64) (AccessibleReposEnvironment, error) {

  781. 	var user *User

  782. 

  783. 	if userID > 0 {

  784. 		u, err := getUserByID(e, userID)

  785. 		if err != nil {

  786. 			return nil, err

  787. 		}

  788. 		user = u

  789. 	}

  790. 

  791. 	teamIDs, err := org.getUserTeamIDs(e, userID)

  792. 	if err != nil {

  793. 		return nil, err

  794. 	}

  795. 	return &accessibleReposEnv{

  796. 		org:     org,

  797. 		user:    user,

  798. 		teamIDs: teamIDs,

  799. 		e:       e,

  800. 		orderBy: SearchOrderByRecentUpdated,

  801. 	}, nil

  802. }

  803. 

  804. // AccessibleTeamReposEnv an AccessibleReposEnvironment for the repositories in `org`

  805. // that are accessible to the specified team.

  806. func (org *User) AccessibleTeamReposEnv(team *Team) AccessibleReposEnvironment {

  807. 	return &accessibleReposEnv{

  808. 		org:     org,

  809. 		team:    team,

  810. 		e:       x,

  811. 		orderBy: SearchOrderByRecentUpdated,

  812. 	}

  813. }

  814. 

  815. func (env *accessibleReposEnv) cond() builder.Cond {

  816. 	cond := builder.NewCond()

  817. 	if env.team != nil {

  818. 		cond = cond.And(builder.Eq{"team_repo.team_id": env.team.ID})

  819. 	} else {

  820. 		if env.user == nil || !env.user.IsRestricted {

  821. 			cond = cond.Or(builder.Eq{

  822. 				"`repository`.owner_id":   env.org.ID,

  823. 				"`repository`.is_private": false,

  824. 			})

  825. 		}

  826. 		if len(env.teamIDs) > 0 {

  827. 			cond = cond.Or(builder.In("team_repo.team_id", env.teamIDs))

  828. 		}

  829. 	}

  830. 	if env.keyword != "" {

  831. 		cond = cond.And(builder.Like{"`repository`.lower_name", strings.ToLower(env.keyword)})

  832. 	}

  833. 	return cond

  834. }

  835. 

  836. func (env *accessibleReposEnv) CountRepos() (int64, error) {

  837. 	repoCount, err := env.e.

  838. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").

  839. 		Where(env.cond()).

  840. 		Distinct("`repository`.id").

  841. 		Count(&Repository{})

  842. 	if err != nil {

  843. 		return 0, fmt.Errorf("count user repositories in organization: %v", err)

  844. 	}

  845. 	return repoCount, nil

  846. }

  847. 

  848. func (env *accessibleReposEnv) RepoIDs(page, pageSize int) ([]int64, error) {

  849. 	if page <= 0 {

  850. 		page = 1

  851. 	}

  852. 

  853. 	repoIDs := make([]int64, 0, pageSize)

  854. 	return repoIDs, env.e.

  855. 		Table("repository").

  856. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").

  857. 		Where(env.cond()).

  858. 		GroupBy("`repository`.id,`repository`."+strings.Fields(string(env.orderBy))[0]).

  859. 		OrderBy(string(env.orderBy)).

  860. 		Limit(pageSize, (page-1)*pageSize).

  861. 		Cols("`repository`.id").

  862. 		Find(&repoIDs)

  863. }

  864. 

  865. func (env *accessibleReposEnv) Repos(page, pageSize int) ([]*Repository, error) {

  866. 	repoIDs, err := env.RepoIDs(page, pageSize)

  867. 	if err != nil {

  868. 		return nil, fmt.Errorf("GetUserRepositoryIDs: %v", err)

  869. 	}

  870. 

  871. 	repos := make([]*Repository, 0, len(repoIDs))

  872. 	if len(repoIDs) == 0 {

  873. 		return repos, nil

  874. 	}

  875. 

  876. 	return repos, env.e.

  877. 		In("`repository`.id", repoIDs).

  878. 		OrderBy(string(env.orderBy)).

  879. 		Find(&repos)

  880. }

  881. 

  882. func (env *accessibleReposEnv) MirrorRepoIDs() ([]int64, error) {

  883. 	repoIDs := make([]int64, 0, 10)

  884. 	return repoIDs, env.e.

  885. 		Table("repository").

  886. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id AND `repository`.is_mirror=?", true).

  887. 		Where(env.cond()).

  888. 		GroupBy("`repository`.id, `repository`.updated_unix").

  889. 		OrderBy(string(env.orderBy)).

  890. 		Cols("`repository`.id").

  891. 		Find(&repoIDs)

  892. }

  893. 

  894. func (env *accessibleReposEnv) MirrorRepos() ([]*Repository, error) {

  895. 	repoIDs, err := env.MirrorRepoIDs()

  896. 	if err != nil {

  897. 		return nil, fmt.Errorf("MirrorRepoIDs: %v", err)

  898. 	}

  899. 

  900. 	repos := make([]*Repository, 0, len(repoIDs))

  901. 	if len(repoIDs) == 0 {

  902. 		return repos, nil

  903. 	}

  904. 

  905. 	return repos, env.e.

  906. 		In("`repository`.id", repoIDs).

  907. 		Find(&repos)

  908. }

  909. 

  910. func (env *accessibleReposEnv) AddKeyword(keyword string) {

  911. 	env.keyword = keyword

  912. }

  913. 

  914. func (env *accessibleReposEnv) SetSort(orderBy SearchOrderBy) {

  915. 	env.orderBy = orderBy

  916. }