mirrors
/
gitea
spogulis no https://github.com/go-gitea/gitea.git
Vērot 1
Pievienot zvaigznīti 0
Atdalīts 0
Kods Problēmas 0 Laidieni 211 Vikivietne Aktivitāte
Nevar pievienot vairāk kā 25 tēmas Tēmai ir jāsākas ar burtu vai ciparu, tā var saturēt domu zīmes ('-') un var būt līdz 35 simboliem gara.
10398 Revīzijas
17 Atzari
Koks: c40df54e28
Atzari Tagi
${ item.name }
Izveidot atzaru ${ searchTerm }
no 'c40df54e28'
${ noResults }
gitea/models/org.go

org.go 22KB
Neapstrādāts Vainot Vēsture

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package models

  7. 

  8. import (

  9. 	"fmt"

  10. 	"strings"

  11. 

  12. 	"code.gitea.io/gitea/modules/log"

  13. 	"code.gitea.io/gitea/modules/setting"

  14. 	"code.gitea.io/gitea/modules/storage"

  15. 	"code.gitea.io/gitea/modules/structs"

  16. 	"code.gitea.io/gitea/modules/util"

  17. 

  18. 	"xorm.io/builder"

  19. 	"xorm.io/xorm"

  20. )

  21. 

  22. // IsOwnedBy returns true if given user is in the owner team.

  23. func (org *User) IsOwnedBy(uid int64) (bool, error) {

  24. 	return IsOrganizationOwner(org.ID, uid)

  25. }

  26. 

  27. // IsOrgMember returns true if given user is member of organization.

  28. func (org *User) IsOrgMember(uid int64) (bool, error) {

  29. 	return IsOrganizationMember(org.ID, uid)

  30. }

  31. 

  32. // CanCreateOrgRepo returns true if given user can create repo in organization

  33. func (org *User) CanCreateOrgRepo(uid int64) (bool, error) {

  34. 	return CanCreateOrgRepo(org.ID, uid)

  35. }

  36. 

  37. func (org *User) getTeam(e Engine, name string) (*Team, error) {

  38. 	return getTeam(e, org.ID, name)

  39. }

  40. 

  41. // GetTeam returns named team of organization.

  42. func (org *User) GetTeam(name string) (*Team, error) {

  43. 	return org.getTeam(x, name)

  44. }

  45. 

  46. func (org *User) getOwnerTeam(e Engine) (*Team, error) {

  47. 	return org.getTeam(e, ownerTeamName)

  48. }

  49. 

  50. // GetOwnerTeam returns owner team of organization.

  51. func (org *User) GetOwnerTeam() (*Team, error) {

  52. 	return org.getOwnerTeam(x)

  53. }

  54. 

  55. func (org *User) getTeams(e Engine) error {

  56. 	if org.Teams != nil {

  57. 		return nil

  58. 	}

  59. 	return e.

  60. 		Where("org_id=?", org.ID).

  61. 		OrderBy("CASE WHEN name LIKE '" + ownerTeamName + "' THEN '' ELSE name END").

  62. 		Find(&org.Teams)

  63. }

  64. 

  65. // GetTeams returns paginated teams that belong to organization.

  66. func (org *User) GetTeams(opts *SearchTeamOptions) error {

  67. 	if opts.Page != 0 {

  68. 		return org.getTeams(opts.getPaginatedSession())

  69. 	}

  70. 

  71. 	return org.getTeams(x)

  72. }

  73. 

  74. // GetMembers returns all members of organization.

  75. func (org *User) GetMembers() (err error) {

  76. 	org.Members, org.MembersIsPublic, err = FindOrgMembers(&FindOrgMembersOpts{

  77. 		OrgID: org.ID,

  78. 	})

  79. 	return

  80. }

  81. 

  82. // FindOrgMembersOpts represensts find org members condtions

  83. type FindOrgMembersOpts struct {

  84. 	ListOptions

  85. 	OrgID      int64

  86. 	PublicOnly bool

  87. }

  88. 

  89. // CountOrgMembers counts the organization's members

  90. func CountOrgMembers(opts FindOrgMembersOpts) (int64, error) {

  91. 	sess := x.Where("org_id=?", opts.OrgID)

  92. 	if opts.PublicOnly {

  93. 		sess.And("is_public = ?", true)

  94. 	}

  95. 	return sess.Count(new(OrgUser))

  96. }

  97. 

  98. // FindOrgMembers loads organization members according conditions

  99. func FindOrgMembers(opts *FindOrgMembersOpts) (UserList, map[int64]bool, error) {

  100. 	ous, err := GetOrgUsersByOrgID(opts)

  101. 	if err != nil {

  102. 		return nil, nil, err

  103. 	}

  104. 

  105. 	var ids = make([]int64, len(ous))

  106. 	var idsIsPublic = make(map[int64]bool, len(ous))

  107. 	for i, ou := range ous {

  108. 		ids[i] = ou.UID

  109. 		idsIsPublic[ou.UID] = ou.IsPublic

  110. 	}

  111. 

  112. 	users, err := GetUsersByIDs(ids)

  113. 	if err != nil {

  114. 		return nil, nil, err

  115. 	}

  116. 	return users, idsIsPublic, nil

  117. }

  118. 

  119. // AddMember adds new member to organization.

  120. func (org *User) AddMember(uid int64) error {

  121. 	return AddOrgUser(org.ID, uid)

  122. }

  123. 

  124. // RemoveMember removes member from organization.

  125. func (org *User) RemoveMember(uid int64) error {

  126. 	return RemoveOrgUser(org.ID, uid)

  127. }

  128. 

  129. func (org *User) removeOrgRepo(e Engine, repoID int64) error {

  130. 	return removeOrgRepo(e, org.ID, repoID)

  131. }

  132. 

  133. // RemoveOrgRepo removes all team-repository relations of organization.

  134. func (org *User) RemoveOrgRepo(repoID int64) error {

  135. 	return org.removeOrgRepo(x, repoID)

  136. }

  137. 

  138. // CreateOrganization creates record of a new organization.

  139. func CreateOrganization(org, owner *User) (err error) {

  140. 	if !owner.CanCreateOrganization() {

  141. 		return ErrUserNotAllowedCreateOrg{}

  142. 	}

  143. 

  144. 	if err = IsUsableUsername(org.Name); err != nil {

  145. 		return err

  146. 	}

  147. 

  148. 	isExist, err := IsUserExist(0, org.Name)

  149. 	if err != nil {

  150. 		return err

  151. 	} else if isExist {

  152. 		return ErrUserAlreadyExist{org.Name}

  153. 	}

  154. 

  155. 	org.LowerName = strings.ToLower(org.Name)

  156. 	if org.Rands, err = GetUserSalt(); err != nil {

  157. 		return err

  158. 	}

  159. 	if org.Salt, err = GetUserSalt(); err != nil {

  160. 		return err

  161. 	}

  162. 	org.UseCustomAvatar = true

  163. 	org.MaxRepoCreation = -1

  164. 	org.NumTeams = 1

  165. 	org.NumMembers = 1

  166. 	org.Type = UserTypeOrganization

  167. 

  168. 	sess := x.NewSession()

  169. 	defer sess.Close()

  170. 	if err = sess.Begin(); err != nil {

  171. 		return err

  172. 	}

  173. 

  174. 	if _, err = sess.Insert(org); err != nil {

  175. 		return fmt.Errorf("insert organization: %v", err)

  176. 	}

  177. 	if err = org.generateRandomAvatar(sess); err != nil {

  178. 		return fmt.Errorf("generate random avatar: %v", err)

  179. 	}

  180. 

  181. 	// Add initial creator to organization and owner team.

  182. 	if _, err = sess.Insert(&OrgUser{

  183. 		UID:   owner.ID,

  184. 		OrgID: org.ID,

  185. 	}); err != nil {

  186. 		return fmt.Errorf("insert org-user relation: %v", err)

  187. 	}

  188. 

  189. 	// Create default owner team.

  190. 	t := &Team{

  191. 		OrgID:                   org.ID,

  192. 		LowerName:               strings.ToLower(ownerTeamName),

  193. 		Name:                    ownerTeamName,

  194. 		Authorize:               AccessModeOwner,

  195. 		NumMembers:              1,

  196. 		IncludesAllRepositories: true,

  197. 		CanCreateOrgRepo:        true,

  198. 	}

  199. 	if _, err = sess.Insert(t); err != nil {

  200. 		return fmt.Errorf("insert owner team: %v", err)

  201. 	}

  202. 

  203. 	// insert units for team

  204. 	var units = make([]TeamUnit, 0, len(AllRepoUnitTypes))

  205. 	for _, tp := range AllRepoUnitTypes {

  206. 		units = append(units, TeamUnit{

  207. 			OrgID:  org.ID,

  208. 			TeamID: t.ID,

  209. 			Type:   tp,

  210. 		})

  211. 	}

  212. 

  213. 	if _, err = sess.Insert(&units); err != nil {

  214. 		if err := sess.Rollback(); err != nil {

  215. 			log.Error("CreateOrganization: sess.Rollback: %v", err)

  216. 		}

  217. 		return err

  218. 	}

  219. 

  220. 	if _, err = sess.Insert(&TeamUser{

  221. 		UID:    owner.ID,

  222. 		OrgID:  org.ID,

  223. 		TeamID: t.ID,

  224. 	}); err != nil {

  225. 		return fmt.Errorf("insert team-user relation: %v", err)

  226. 	}

  227. 

  228. 	return sess.Commit()

  229. }

  230. 

  231. // GetOrgByName returns organization by given name.

  232. func GetOrgByName(name string) (*User, error) {

  233. 	if len(name) == 0 {

  234. 		return nil, ErrOrgNotExist{0, name}

  235. 	}

  236. 	u := &User{

  237. 		LowerName: strings.ToLower(name),

  238. 		Type:      UserTypeOrganization,

  239. 	}

  240. 	has, err := x.Get(u)

  241. 	if err != nil {

  242. 		return nil, err

  243. 	} else if !has {

  244. 		return nil, ErrOrgNotExist{0, name}

  245. 	}

  246. 	return u, nil

  247. }

  248. 

  249. // CountOrganizations returns number of organizations.

  250. func CountOrganizations() int64 {

  251. 	count, _ := x.

  252. 		Where("type=1").

  253. 		Count(new(User))

  254. 	return count

  255. }

  256. 

  257. // DeleteOrganization completely and permanently deletes everything of organization.

  258. func DeleteOrganization(org *User) (err error) {

  259. 	if !org.IsOrganization() {

  260. 		return fmt.Errorf("%s is a user not an organization", org.Name)

  261. 	}

  262. 

  263. 	sess := x.NewSession()

  264. 	defer sess.Close()

  265. 

  266. 	if err = sess.Begin(); err != nil {

  267. 		return err

  268. 	}

  269. 

  270. 	if err = deleteOrg(sess, org); err != nil {

  271. 		if IsErrUserOwnRepos(err) {

  272. 			return err

  273. 		} else if err != nil {

  274. 			return fmt.Errorf("deleteOrg: %v", err)

  275. 		}

  276. 	}

  277. 

  278. 	return sess.Commit()

  279. }

  280. 

  281. func deleteOrg(e *xorm.Session, u *User) error {

  282. 	// Check ownership of repository.

  283. 	count, err := getRepositoryCount(e, u)

  284. 	if err != nil {

  285. 		return fmt.Errorf("GetRepositoryCount: %v", err)

  286. 	} else if count > 0 {

  287. 		return ErrUserOwnRepos{UID: u.ID}

  288. 	}

  289. 

  290. 	if err := deleteBeans(e,

  291. 		&Team{OrgID: u.ID},

  292. 		&OrgUser{OrgID: u.ID},

  293. 		&TeamUser{OrgID: u.ID},

  294. 		&TeamUnit{OrgID: u.ID},

  295. 	); err != nil {

  296. 		return fmt.Errorf("deleteBeans: %v", err)

  297. 	}

  298. 

  299. 	if _, err = e.ID(u.ID).Delete(new(User)); err != nil {

  300. 		return fmt.Errorf("Delete: %v", err)

  301. 	}

  302. 

  303. 	// FIXME: system notice

  304. 	// Note: There are something just cannot be roll back,

  305. 	//	so just keep error logs of those operations.

  306. 	path := UserPath(u.Name)

  307. 

  308. 	if err := util.RemoveAll(path); err != nil {

  309. 		return fmt.Errorf("Failed to RemoveAll %s: %v", path, err)

  310. 	}

  311. 

  312. 	if len(u.Avatar) > 0 {

  313. 		avatarPath := u.CustomAvatarRelativePath()

  314. 		if err := storage.Avatars.Delete(avatarPath); err != nil {

  315. 			return fmt.Errorf("Failed to remove %s: %v", avatarPath, err)

  316. 		}

  317. 	}

  318. 

  319. 	return nil

  320. }

  321. 

  322. // ________                ____ ___

  323. // \_____  \_______  ____ |    |   \______ ___________

  324. //  /   |   \_  __ \/ ___\|    |   /  ___// __ \_  __ \

  325. // /    |    \  | \/ /_/  >    |  /\___ \\  ___/|  | \/

  326. // \_______  /__|  \___  /|______//____  >\___  >__|

  327. //         \/     /_____/              \/     \/

  328. 

  329. // OrgUser represents an organization-user relation.

  330. type OrgUser struct {

  331. 	ID       int64 `xorm:"pk autoincr"`

  332. 	UID      int64 `xorm:"INDEX UNIQUE(s)"`

  333. 	OrgID    int64 `xorm:"INDEX UNIQUE(s)"`

  334. 	IsPublic bool  `xorm:"INDEX"`

  335. }

  336. 

  337. func isOrganizationOwner(e Engine, orgID, uid int64) (bool, error) {

  338. 	ownerTeam, err := getOwnerTeam(e, orgID)

  339. 	if err != nil {

  340. 		if IsErrTeamNotExist(err) {

  341. 			log.Error("Organization does not have owner team: %d", orgID)

  342. 			return false, nil

  343. 		}

  344. 		return false, err

  345. 	}

  346. 	return isTeamMember(e, orgID, ownerTeam.ID, uid)

  347. }

  348. 

  349. // IsOrganizationOwner returns true if given user is in the owner team.

  350. func IsOrganizationOwner(orgID, uid int64) (bool, error) {

  351. 	return isOrganizationOwner(x, orgID, uid)

  352. }

  353. 

  354. // IsOrganizationMember returns true if given user is member of organization.

  355. func IsOrganizationMember(orgID, uid int64) (bool, error) {

  356. 	return isOrganizationMember(x, orgID, uid)

  357. }

  358. 

  359. func isOrganizationMember(e Engine, orgID, uid int64) (bool, error) {

  360. 	return e.

  361. 		Where("uid=?", uid).

  362. 		And("org_id=?", orgID).

  363. 		Table("org_user").

  364. 		Exist()

  365. }

  366. 

  367. // IsPublicMembership returns true if given user public his/her membership.

  368. func IsPublicMembership(orgID, uid int64) (bool, error) {

  369. 	return x.

  370. 		Where("uid=?", uid).

  371. 		And("org_id=?", orgID).

  372. 		And("is_public=?", true).

  373. 		Table("org_user").

  374. 		Exist()

  375. }

  376. 

  377. // CanCreateOrgRepo returns true if user can create repo in organization

  378. func CanCreateOrgRepo(orgID, uid int64) (bool, error) {

  379. 	if owner, err := IsOrganizationOwner(orgID, uid); owner || err != nil {

  380. 		return owner, err

  381. 	}

  382. 	return x.

  383. 		Where(builder.Eq{"team.can_create_org_repo": true}).

  384. 		Join("INNER", "team_user", "team_user.team_id = team.id").

  385. 		And("team_user.uid = ?", uid).

  386. 		And("team_user.org_id = ?", orgID).

  387. 		Exist(new(Team))

  388. }

  389. 

  390. func getOrgsByUserID(sess *xorm.Session, userID int64, showAll bool) ([]*User, error) {

  391. 	orgs := make([]*User, 0, 10)

  392. 	if !showAll {

  393. 		sess.And("`org_user`.is_public=?", true)

  394. 	}

  395. 	return orgs, sess.

  396. 		And("`org_user`.uid=?", userID).

  397. 		Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").

  398. 		Asc("`user`.name").

  399. 		Find(&orgs)

  400. }

  401. 

  402. // GetOrgsByUserID returns a list of organizations that the given user ID

  403. // has joined.

  404. func GetOrgsByUserID(userID int64, showAll bool) ([]*User, error) {

  405. 	sess := x.NewSession()

  406. 	defer sess.Close()

  407. 	return getOrgsByUserID(sess, userID, showAll)

  408. }

  409. 

  410. func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {

  411. 	orgs := make([]*User, 0, 10)

  412. 	return orgs, sess.

  413. 		Join("INNER", "`team_user`", "`team_user`.org_id=`user`.id").

  414. 		Join("INNER", "`team`", "`team`.id=`team_user`.team_id").

  415. 		Where("`team_user`.uid=?", userID).

  416. 		And("`team`.authorize=?", AccessModeOwner).

  417. 		Asc("`user`.name").

  418. 		Find(&orgs)

  419. }

  420. 

  421. // HasOrgVisible tells if the given user can see the given org

  422. func HasOrgVisible(org *User, user *User) bool {

  423. 	return hasOrgVisible(x, org, user)

  424. }

  425. 

  426. func hasOrgVisible(e Engine, org *User, user *User) bool {

  427. 	// Not SignedUser

  428. 	if user == nil {

  429. 		return org.Visibility == structs.VisibleTypePublic

  430. 	}

  431. 

  432. 	if user.IsAdmin {

  433. 		return true

  434. 	}

  435. 

  436. 	if (org.Visibility == structs.VisibleTypePrivate || user.IsRestricted) && !org.hasMemberWithUserID(e, user.ID) {

  437. 		return false

  438. 	}

  439. 	return true

  440. }

  441. 

  442. // HasOrgsVisible tells if the given user can see at least one of the orgs provided

  443. func HasOrgsVisible(orgs []*User, user *User) bool {

  444. 	if len(orgs) == 0 {

  445. 		return false

  446. 	}

  447. 

  448. 	for _, org := range orgs {

  449. 		if HasOrgVisible(org, user) {

  450. 			return true

  451. 		}

  452. 	}

  453. 	return false

  454. }

  455. 

  456. // GetOwnedOrgsByUserID returns a list of organizations are owned by given user ID.

  457. func GetOwnedOrgsByUserID(userID int64) ([]*User, error) {

  458. 	sess := x.NewSession()

  459. 	defer sess.Close()

  460. 	return getOwnedOrgsByUserID(sess, userID)

  461. }

  462. 

  463. // GetOwnedOrgsByUserIDDesc returns a list of organizations are owned by

  464. // given user ID, ordered descending by the given condition.

  465. func GetOwnedOrgsByUserIDDesc(userID int64, desc string) ([]*User, error) {

  466. 	return getOwnedOrgsByUserID(x.Desc(desc), userID)

  467. }

  468. 

  469. // GetOrgsCanCreateRepoByUserID returns a list of organizations where given user ID

  470. // are allowed to create repos.

  471. func GetOrgsCanCreateRepoByUserID(userID int64) ([]*User, error) {

  472. 	orgs := make([]*User, 0, 10)

  473. 

  474. 	return orgs, x.Where(builder.In("id", builder.Select("`user`.id").From("`user`").

  475. 		Join("INNER", "`team_user`", "`team_user`.org_id = `user`.id").

  476. 		Join("INNER", "`team`", "`team`.id = `team_user`.team_id").

  477. 		Where(builder.Eq{"`team_user`.uid": userID}).

  478. 		And(builder.Eq{"`team`.authorize": AccessModeOwner}.Or(builder.Eq{"`team`.can_create_org_repo": true})))).

  479. 		Asc("`user`.name").

  480. 		Find(&orgs)

  481. }

  482. 

  483. // GetOrgUsersByUserID returns all organization-user relations by user ID.

  484. func GetOrgUsersByUserID(uid int64, opts *SearchOrganizationsOptions) ([]*OrgUser, error) {

  485. 	ous := make([]*OrgUser, 0, 10)

  486. 	sess := x.

  487. 		Join("LEFT", "`user`", "`org_user`.org_id=`user`.id").

  488. 		Where("`org_user`.uid=?", uid)

  489. 	if !opts.All {

  490. 		// Only show public organizations

  491. 		sess.And("is_public=?", true)

  492. 	}

  493. 

  494. 	if opts.PageSize != 0 {

  495. 		sess = opts.setSessionPagination(sess)

  496. 	}

  497. 

  498. 	err := sess.

  499. 		Asc("`user`.name").

  500. 		Find(&ous)

  501. 	return ous, err

  502. }

  503. 

  504. // GetOrgUsersByOrgID returns all organization-user relations by organization ID.

  505. func GetOrgUsersByOrgID(opts *FindOrgMembersOpts) ([]*OrgUser, error) {

  506. 	return getOrgUsersByOrgID(x, opts)

  507. }

  508. 

  509. func getOrgUsersByOrgID(e Engine, opts *FindOrgMembersOpts) ([]*OrgUser, error) {

  510. 	sess := e.Where("org_id=?", opts.OrgID)

  511. 	if opts.PublicOnly {

  512. 		sess.And("is_public = ?", true)

  513. 	}

  514. 	if opts.ListOptions.PageSize > 0 {

  515. 		sess = opts.setSessionPagination(sess)

  516. 

  517. 		ous := make([]*OrgUser, 0, opts.PageSize)

  518. 		return ous, sess.Find(&ous)

  519. 	}

  520. 

  521. 	var ous []*OrgUser

  522. 	return ous, sess.Find(&ous)

  523. }

  524. 

  525. // ChangeOrgUserStatus changes public or private membership status.

  526. func ChangeOrgUserStatus(orgID, uid int64, public bool) error {

  527. 	ou := new(OrgUser)

  528. 	has, err := x.

  529. 		Where("uid=?", uid).

  530. 		And("org_id=?", orgID).

  531. 		Get(ou)

  532. 	if err != nil {

  533. 		return err

  534. 	} else if !has {

  535. 		return nil

  536. 	}

  537. 

  538. 	ou.IsPublic = public

  539. 	_, err = x.ID(ou.ID).Cols("is_public").Update(ou)

  540. 	return err

  541. }

  542. 

  543. // AddOrgUser adds new user to given organization.

  544. func AddOrgUser(orgID, uid int64) error {

  545. 	isAlreadyMember, err := IsOrganizationMember(orgID, uid)

  546. 	if err != nil || isAlreadyMember {

  547. 		return err

  548. 	}

  549. 

  550. 	sess := x.NewSession()

  551. 	defer sess.Close()

  552. 	if err := sess.Begin(); err != nil {

  553. 		return err

  554. 	}

  555. 

  556. 	ou := &OrgUser{

  557. 		UID:      uid,

  558. 		OrgID:    orgID,

  559. 		IsPublic: setting.Service.DefaultOrgMemberVisible,

  560. 	}

  561. 

  562. 	if _, err := sess.Insert(ou); err != nil {

  563. 		if err := sess.Rollback(); err != nil {

  564. 			log.Error("AddOrgUser: sess.Rollback: %v", err)

  565. 		}

  566. 		return err

  567. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgID); err != nil {

  568. 		if err := sess.Rollback(); err != nil {

  569. 			log.Error("AddOrgUser: sess.Rollback: %v", err)

  570. 		}

  571. 		return err

  572. 	}

  573. 

  574. 	return sess.Commit()

  575. }

  576. 

  577. func removeOrgUser(sess *xorm.Session, orgID, userID int64) error {

  578. 	ou := new(OrgUser)

  579. 

  580. 	has, err := sess.

  581. 		Where("uid=?", userID).

  582. 		And("org_id=?", orgID).

  583. 		Get(ou)

  584. 	if err != nil {

  585. 		return fmt.Errorf("get org-user: %v", err)

  586. 	} else if !has {

  587. 		return nil

  588. 	}

  589. 

  590. 	org, err := getUserByID(sess, orgID)

  591. 	if err != nil {

  592. 		return fmt.Errorf("GetUserByID [%d]: %v", orgID, err)

  593. 	}

  594. 

  595. 	// Check if the user to delete is the last member in owner team.

  596. 	if isOwner, err := isOrganizationOwner(sess, orgID, userID); err != nil {

  597. 		return err

  598. 	} else if isOwner {

  599. 		t, err := org.getOwnerTeam(sess)

  600. 		if err != nil {

  601. 			return err

  602. 		}

  603. 		if t.NumMembers == 1 {

  604. 			if err := t.getMembers(sess); err != nil {

  605. 				return err

  606. 			}

  607. 			if t.Members[0].ID == userID {

  608. 				return ErrLastOrgOwner{UID: userID}

  609. 			}

  610. 		}

  611. 	}

  612. 

  613. 	if _, err := sess.ID(ou.ID).Delete(ou); err != nil {

  614. 		return err

  615. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members=num_members-1 WHERE id=?", orgID); err != nil {

  616. 		return err

  617. 	}

  618. 

  619. 	// Delete all repository accesses and unwatch them.

  620. 	env, err := org.accessibleReposEnv(sess, userID)

  621. 	if err != nil {

  622. 		return fmt.Errorf("AccessibleReposEnv: %v", err)

  623. 	}

  624. 	repoIDs, err := env.RepoIDs(1, org.NumRepos)

  625. 	if err != nil {

  626. 		return fmt.Errorf("GetUserRepositories [%d]: %v", userID, err)

  627. 	}

  628. 	for _, repoID := range repoIDs {

  629. 		if err = watchRepo(sess, userID, repoID, false); err != nil {

  630. 			return err

  631. 		}

  632. 	}

  633. 

  634. 	if len(repoIDs) > 0 {

  635. 		if _, err = sess.

  636. 			Where("user_id = ?", userID).

  637. 			In("repo_id", repoIDs).

  638. 			Delete(new(Access)); err != nil {

  639. 			return err

  640. 		}

  641. 	}

  642. 

  643. 	// Delete member in his/her teams.

  644. 	teams, err := getUserOrgTeams(sess, org.ID, userID)

  645. 	if err != nil {

  646. 		return err

  647. 	}

  648. 	for _, t := range teams {

  649. 		if err = removeTeamMember(sess, t, userID); err != nil {

  650. 			return err

  651. 		}

  652. 	}

  653. 

  654. 	return nil

  655. }

  656. 

  657. // RemoveOrgUser removes user from given organization.

  658. func RemoveOrgUser(orgID, userID int64) error {

  659. 	sess := x.NewSession()

  660. 	defer sess.Close()

  661. 	if err := sess.Begin(); err != nil {

  662. 		return err

  663. 	}

  664. 	if err := removeOrgUser(sess, orgID, userID); err != nil {

  665. 		return err

  666. 	}

  667. 	return sess.Commit()

  668. }

  669. 

  670. func removeOrgRepo(e Engine, orgID, repoID int64) error {

  671. 	teamRepos := make([]*TeamRepo, 0, 10)

  672. 	if err := e.Find(&teamRepos, &TeamRepo{OrgID: orgID, RepoID: repoID}); err != nil {

  673. 		return err

  674. 	}

  675. 

  676. 	if len(teamRepos) == 0 {

  677. 		return nil

  678. 	}

  679. 

  680. 	if _, err := e.Delete(&TeamRepo{

  681. 		OrgID:  orgID,

  682. 		RepoID: repoID,

  683. 	}); err != nil {

  684. 		return err

  685. 	}

  686. 

  687. 	teamIDs := make([]int64, len(teamRepos))

  688. 	for i, teamRepo := range teamRepos {

  689. 		teamIDs[i] = teamRepo.TeamID

  690. 	}

  691. 

  692. 	_, err := e.Decr("num_repos").In("id", teamIDs).Update(new(Team))

  693. 	return err

  694. }

  695. 

  696. func (org *User) getUserTeams(e Engine, userID int64, cols ...string) ([]*Team, error) {

  697. 	teams := make([]*Team, 0, org.NumTeams)

  698. 	return teams, e.

  699. 		Where("`team_user`.org_id = ?", org.ID).

  700. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  701. 		Join("INNER", "`user`", "`user`.id=team_user.uid").

  702. 		And("`team_user`.uid = ?", userID).

  703. 		Asc("`user`.name").

  704. 		Cols(cols...).

  705. 		Find(&teams)

  706. }

  707. 

  708. func (org *User) getUserTeamIDs(e Engine, userID int64) ([]int64, error) {

  709. 	teamIDs := make([]int64, 0, org.NumTeams)

  710. 	return teamIDs, e.

  711. 		Table("team").

  712. 		Cols("team.id").

  713. 		Where("`team_user`.org_id = ?", org.ID).

  714. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  715. 		And("`team_user`.uid = ?", userID).

  716. 		Find(&teamIDs)

  717. }

  718. 

  719. // TeamsWithAccessToRepo returns all teams that have given access level to the repository.

  720. func (org *User) TeamsWithAccessToRepo(repoID int64, mode AccessMode) ([]*Team, error) {

  721. 	return GetTeamsWithAccessToRepo(org.ID, repoID, mode)

  722. }

  723. 

  724. // GetUserTeamIDs returns of all team IDs of the organization that user is member of.

  725. func (org *User) GetUserTeamIDs(userID int64) ([]int64, error) {

  726. 	return org.getUserTeamIDs(x, userID)

  727. }

  728. 

  729. // GetUserTeams returns all teams that belong to user,

  730. // and that the user has joined.

  731. func (org *User) GetUserTeams(userID int64) ([]*Team, error) {

  732. 	return org.getUserTeams(x, userID)

  733. }

  734. 

  735. // AccessibleReposEnvironment operations involving the repositories that are

  736. // accessible to a particular user

  737. type AccessibleReposEnvironment interface {

  738. 	CountRepos() (int64, error)

  739. 	RepoIDs(page, pageSize int) ([]int64, error)

  740. 	Repos(page, pageSize int) ([]*Repository, error)

  741. 	MirrorRepos() ([]*Repository, error)

  742. 	AddKeyword(keyword string)

  743. 	SetSort(SearchOrderBy)

  744. }

  745. 

  746. type accessibleReposEnv struct {

  747. 	org     *User

  748. 	user    *User

  749. 	teamIDs []int64

  750. 	e       Engine

  751. 	keyword string

  752. 	orderBy SearchOrderBy

  753. }

  754. 

  755. // AccessibleReposEnv an AccessibleReposEnvironment for the repositories in `org`

  756. // that are accessible to the specified user.

  757. func (org *User) AccessibleReposEnv(userID int64) (AccessibleReposEnvironment, error) {

  758. 	return org.accessibleReposEnv(x, userID)

  759. }

  760. 

  761. func (org *User) accessibleReposEnv(e Engine, userID int64) (AccessibleReposEnvironment, error) {

  762. 	var user *User

  763. 

  764. 	if userID > 0 {

  765. 		u, err := getUserByID(e, userID)

  766. 		if err != nil {

  767. 			return nil, err

  768. 		}

  769. 		user = u

  770. 	}

  771. 

  772. 	teamIDs, err := org.getUserTeamIDs(e, userID)

  773. 	if err != nil {

  774. 		return nil, err

  775. 	}

  776. 	return &accessibleReposEnv{

  777. 		org:     org,

  778. 		user:    user,

  779. 		teamIDs: teamIDs,

  780. 		e:       e,

  781. 		orderBy: SearchOrderByRecentUpdated,

  782. 	}, nil

  783. }

  784. 

  785. func (env *accessibleReposEnv) cond() builder.Cond {

  786. 	var cond = builder.NewCond()

  787. 	if env.user == nil || !env.user.IsRestricted {

  788. 		cond = cond.Or(builder.Eq{

  789. 			"`repository`.owner_id":   env.org.ID,

  790. 			"`repository`.is_private": false,

  791. 		})

  792. 	}

  793. 	if len(env.teamIDs) > 0 {

  794. 		cond = cond.Or(builder.In("team_repo.team_id", env.teamIDs))

  795. 	}

  796. 	if env.keyword != "" {

  797. 		cond = cond.And(builder.Like{"`repository`.lower_name", strings.ToLower(env.keyword)})

  798. 	}

  799. 	return cond

  800. }

  801. 

  802. func (env *accessibleReposEnv) CountRepos() (int64, error) {

  803. 	repoCount, err := env.e.

  804. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").

  805. 		Where(env.cond()).

  806. 		Distinct("`repository`.id").

  807. 		Count(&Repository{})

  808. 	if err != nil {

  809. 		return 0, fmt.Errorf("count user repositories in organization: %v", err)

  810. 	}

  811. 	return repoCount, nil

  812. }

  813. 

  814. func (env *accessibleReposEnv) RepoIDs(page, pageSize int) ([]int64, error) {

  815. 	if page <= 0 {

  816. 		page = 1

  817. 	}

  818. 

  819. 	repoIDs := make([]int64, 0, pageSize)

  820. 	return repoIDs, env.e.

  821. 		Table("repository").

  822. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").

  823. 		Where(env.cond()).

  824. 		GroupBy("`repository`.id,`repository`."+strings.Fields(string(env.orderBy))[0]).

  825. 		OrderBy(string(env.orderBy)).

  826. 		Limit(pageSize, (page-1)*pageSize).

  827. 		Cols("`repository`.id").

  828. 		Find(&repoIDs)

  829. }

  830. 

  831. func (env *accessibleReposEnv) Repos(page, pageSize int) ([]*Repository, error) {

  832. 	repoIDs, err := env.RepoIDs(page, pageSize)

  833. 	if err != nil {

  834. 		return nil, fmt.Errorf("GetUserRepositoryIDs: %v", err)

  835. 	}

  836. 

  837. 	repos := make([]*Repository, 0, len(repoIDs))

  838. 	if len(repoIDs) == 0 {

  839. 		return repos, nil

  840. 	}

  841. 

  842. 	return repos, env.e.

  843. 		In("`repository`.id", repoIDs).

  844. 		OrderBy(string(env.orderBy)).

  845. 		Find(&repos)

  846. }

  847. 

  848. func (env *accessibleReposEnv) MirrorRepoIDs() ([]int64, error) {

  849. 	repoIDs := make([]int64, 0, 10)

  850. 	return repoIDs, env.e.

  851. 		Table("repository").

  852. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id AND `repository`.is_mirror=?", true).

  853. 		Where(env.cond()).

  854. 		GroupBy("`repository`.id, `repository`.updated_unix").

  855. 		OrderBy(string(env.orderBy)).

  856. 		Cols("`repository`.id").

  857. 		Find(&repoIDs)

  858. }

  859. 

  860. func (env *accessibleReposEnv) MirrorRepos() ([]*Repository, error) {

  861. 	repoIDs, err := env.MirrorRepoIDs()

  862. 	if err != nil {

  863. 		return nil, fmt.Errorf("MirrorRepoIDs: %v", err)

  864. 	}

  865. 

  866. 	repos := make([]*Repository, 0, len(repoIDs))

  867. 	if len(repoIDs) == 0 {

  868. 		return repos, nil

  869. 	}

  870. 

  871. 	return repos, env.e.

  872. 		In("`repository`.id", repoIDs).

  873. 		Find(&repos)

  874. }

  875. 

  876. func (env *accessibleReposEnv) AddKeyword(keyword string) {

  877. 	env.keyword = keyword

  878. }

  879. 

  880. func (env *accessibleReposEnv) SetSort(orderBy SearchOrderBy) {

  881. 	env.orderBy = orderBy

  882. }