mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
13272 Commits
17 Branches
Tree: fd7d83ace6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'fd7d83ace6'
${ noResults }
gitea/models/perm/access/repo_permission.go

repo_permission.go 13KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432 
  1. // Copyright 2018 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package access

  6. 

  7. import (

  8. 	"context"

  9. 	"fmt"

  10. 

  11. 	"code.gitea.io/gitea/models/db"

  12. 	"code.gitea.io/gitea/models/organization"

  13. 	perm_model "code.gitea.io/gitea/models/perm"

  14. 	repo_model "code.gitea.io/gitea/models/repo"

  15. 	"code.gitea.io/gitea/models/unit"

  16. 	user_model "code.gitea.io/gitea/models/user"

  17. 	"code.gitea.io/gitea/modules/log"

  18. )

  19. 

  20. // Permission contains all the permissions related variables to a repository for a user

  21. type Permission struct {

  22. 	AccessMode perm_model.AccessMode

  23. 	Units      []*repo_model.RepoUnit

  24. 	UnitsMode  map[unit.Type]perm_model.AccessMode

  25. }

  26. 

  27. // IsOwner returns true if current user is the owner of repository.

  28. func (p *Permission) IsOwner() bool {

  29. 	return p.AccessMode >= perm_model.AccessModeOwner

  30. }

  31. 

  32. // IsAdmin returns true if current user has admin or higher access of repository.

  33. func (p *Permission) IsAdmin() bool {

  34. 	return p.AccessMode >= perm_model.AccessModeAdmin

  35. }

  36. 

  37. // HasAccess returns true if the current user has at least read access to any unit of this repository

  38. func (p *Permission) HasAccess() bool {

  39. 	if p.UnitsMode == nil {

  40. 		return p.AccessMode >= perm_model.AccessModeRead

  41. 	}

  42. 	return len(p.UnitsMode) > 0

  43. }

  44. 

  45. // UnitAccessMode returns current user accessmode to the specify unit of the repository

  46. func (p *Permission) UnitAccessMode(unitType unit.Type) perm_model.AccessMode {

  47. 	if p.UnitsMode == nil {

  48. 		for _, u := range p.Units {

  49. 			if u.Type == unitType {

  50. 				return p.AccessMode

  51. 			}

  52. 		}

  53. 		return perm_model.AccessModeNone

  54. 	}

  55. 	return p.UnitsMode[unitType]

  56. }

  57. 

  58. // CanAccess returns true if user has mode access to the unit of the repository

  59. func (p *Permission) CanAccess(mode perm_model.AccessMode, unitType unit.Type) bool {

  60. 	return p.UnitAccessMode(unitType) >= mode

  61. }

  62. 

  63. // CanAccessAny returns true if user has mode access to any of the units of the repository

  64. func (p *Permission) CanAccessAny(mode perm_model.AccessMode, unitTypes ...unit.Type) bool {

  65. 	for _, u := range unitTypes {

  66. 		if p.CanAccess(mode, u) {

  67. 			return true

  68. 		}

  69. 	}

  70. 	return false

  71. }

  72. 

  73. // CanRead returns true if user could read to this unit

  74. func (p *Permission) CanRead(unitType unit.Type) bool {

  75. 	return p.CanAccess(perm_model.AccessModeRead, unitType)

  76. }

  77. 

  78. // CanReadAny returns true if user has read access to any of the units of the repository

  79. func (p *Permission) CanReadAny(unitTypes ...unit.Type) bool {

  80. 	return p.CanAccessAny(perm_model.AccessModeRead, unitTypes...)

  81. }

  82. 

  83. // CanReadIssuesOrPulls returns true if isPull is true and user could read pull requests and

  84. // returns true if isPull is false and user could read to issues

  85. func (p *Permission) CanReadIssuesOrPulls(isPull bool) bool {

  86. 	if isPull {

  87. 		return p.CanRead(unit.TypePullRequests)

  88. 	}

  89. 	return p.CanRead(unit.TypeIssues)

  90. }

  91. 

  92. // CanWrite returns true if user could write to this unit

  93. func (p *Permission) CanWrite(unitType unit.Type) bool {

  94. 	return p.CanAccess(perm_model.AccessModeWrite, unitType)

  95. }

  96. 

  97. // CanWriteIssuesOrPulls returns true if isPull is true and user could write to pull requests and

  98. // returns true if isPull is false and user could write to issues

  99. func (p *Permission) CanWriteIssuesOrPulls(isPull bool) bool {

  100. 	if isPull {

  101. 		return p.CanWrite(unit.TypePullRequests)

  102. 	}

  103. 	return p.CanWrite(unit.TypeIssues)

  104. }

  105. 

  106. // ColorFormat writes a colored string for these Permissions

  107. func (p *Permission) ColorFormat(s fmt.State) {

  108. 	noColor := log.ColorBytes(log.Reset)

  109. 

  110. 	format := "perm_model.AccessMode: %-v, %d Units, %d UnitsMode(s): [ "

  111. 	args := []interface{}{

  112. 		p.AccessMode,

  113. 		log.NewColoredValueBytes(len(p.Units), &noColor),

  114. 		log.NewColoredValueBytes(len(p.UnitsMode), &noColor),

  115. 	}

  116. 	if s.Flag('+') {

  117. 		for i, unit := range p.Units {

  118. 			config := ""

  119. 			if unit.Config != nil {

  120. 				configBytes, err := unit.Config.ToDB()

  121. 				config = string(configBytes)

  122. 				if err != nil {

  123. 					config = err.Error()

  124. 				}

  125. 			}

  126. 			format += "\nUnits[%d]: ID: %d RepoID: %d Type: %-v Config: %s"

  127. 			args = append(args,

  128. 				log.NewColoredValueBytes(i, &noColor),

  129. 				log.NewColoredIDValue(unit.ID),

  130. 				log.NewColoredIDValue(unit.RepoID),

  131. 				unit.Type,

  132. 				config)

  133. 		}

  134. 		for key, value := range p.UnitsMode {

  135. 			format += "\nUnitMode[%-v]: %-v"

  136. 			args = append(args,

  137. 				key,

  138. 				value)

  139. 		}

  140. 	} else {

  141. 		format += "..."

  142. 	}

  143. 	format += " ]"

  144. 	log.ColorFprintf(s, format, args...)

  145. }

  146. 

  147. // GetUserRepoPermission returns the user permissions to the repository

  148. func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (perm Permission, err error) {

  149. 	if log.IsTrace() {

  150. 		defer func() {

  151. 			if user == nil {

  152. 				log.Trace("Permission Loaded for anonymous user in %-v:\nPermissions: %-+v",

  153. 					repo,

  154. 					perm)

  155. 				return

  156. 			}

  157. 			log.Trace("Permission Loaded for %-v in %-v:\nPermissions: %-+v",

  158. 				user,

  159. 				repo,

  160. 				perm)

  161. 		}()

  162. 	}

  163. 

  164. 	// anonymous user visit private repo.

  165. 	// TODO: anonymous user visit public unit of private repo???

  166. 	if user == nil && repo.IsPrivate {

  167. 		perm.AccessMode = perm_model.AccessModeNone

  168. 		return

  169. 	}

  170. 

  171. 	var is bool

  172. 	if user != nil {

  173. 		is, err = repo_model.IsCollaborator(ctx, repo.ID, user.ID)

  174. 		if err != nil {

  175. 			return perm, err

  176. 		}

  177. 	}

  178. 

  179. 	if err = repo.GetOwner(ctx); err != nil {

  180. 		return

  181. 	}

  182. 

  183. 	// Prevent strangers from checking out public repo of private organization/users

  184. 	// Allow user if they are collaborator of a repo within a private user or a private organization but not a member of the organization itself

  185. 	if !organization.HasOrgOrUserVisible(ctx, repo.Owner, user) && !is {

  186. 		perm.AccessMode = perm_model.AccessModeNone

  187. 		return

  188. 	}

  189. 

  190. 	if err = repo.LoadUnits(ctx); err != nil {

  191. 		return

  192. 	}

  193. 

  194. 	perm.Units = repo.Units

  195. 

  196. 	// anonymous visit public repo

  197. 	if user == nil {

  198. 		perm.AccessMode = perm_model.AccessModeRead

  199. 		return

  200. 	}

  201. 

  202. 	// Admin or the owner has super access to the repository

  203. 	if user.IsAdmin || user.ID == repo.OwnerID {

  204. 		perm.AccessMode = perm_model.AccessModeOwner

  205. 		return

  206. 	}

  207. 

  208. 	// plain user

  209. 	perm.AccessMode, err = accessLevel(ctx, user, repo)

  210. 	if err != nil {

  211. 		return

  212. 	}

  213. 

  214. 	if err = repo.GetOwner(ctx); err != nil {

  215. 		return

  216. 	}

  217. 	if !repo.Owner.IsOrganization() {

  218. 		return

  219. 	}

  220. 

  221. 	perm.UnitsMode = make(map[unit.Type]perm_model.AccessMode)

  222. 

  223. 	// Collaborators on organization

  224. 	if is {

  225. 		for _, u := range repo.Units {

  226. 			perm.UnitsMode[u.Type] = perm.AccessMode

  227. 		}

  228. 	}

  229. 

  230. 	// get units mode from teams

  231. 	teams, err := organization.GetUserRepoTeams(ctx, repo.OwnerID, user.ID, repo.ID)

  232. 	if err != nil {

  233. 		return

  234. 	}

  235. 

  236. 	// if user in an owner team

  237. 	for _, team := range teams {

  238. 		if team.AccessMode >= perm_model.AccessModeAdmin {

  239. 			perm.AccessMode = perm_model.AccessModeOwner

  240. 			perm.UnitsMode = nil

  241. 			return

  242. 		}

  243. 	}

  244. 

  245. 	for _, u := range repo.Units {

  246. 		var found bool

  247. 		for _, team := range teams {

  248. 			teamMode := team.UnitAccessModeCtx(ctx, u.Type)

  249. 			if teamMode > perm_model.AccessModeNone {

  250. 				m := perm.UnitsMode[u.Type]

  251. 				if m < teamMode {

  252. 					perm.UnitsMode[u.Type] = teamMode

  253. 				}

  254. 				found = true

  255. 			}

  256. 		}

  257. 

  258. 		// for a public repo on an organization, a non-restricted user has read permission on non-team defined units.

  259. 		if !found && !repo.IsPrivate && !user.IsRestricted {

  260. 			if _, ok := perm.UnitsMode[u.Type]; !ok {

  261. 				perm.UnitsMode[u.Type] = perm_model.AccessModeRead

  262. 			}

  263. 		}

  264. 	}

  265. 

  266. 	// remove no permission units

  267. 	perm.Units = make([]*repo_model.RepoUnit, 0, len(repo.Units))

  268. 	for t := range perm.UnitsMode {

  269. 		for _, u := range repo.Units {

  270. 			if u.Type == t {

  271. 				perm.Units = append(perm.Units, u)

  272. 			}

  273. 		}

  274. 	}

  275. 

  276. 	return

  277. }

  278. 

  279. // IsUserRealRepoAdmin check if this user is real repo admin

  280. func IsUserRealRepoAdmin(repo *repo_model.Repository, user *user_model.User) (bool, error) {

  281. 	if repo.OwnerID == user.ID {

  282. 		return true, nil

  283. 	}

  284. 

  285. 	if err := repo.GetOwner(db.DefaultContext); err != nil {

  286. 		return false, err

  287. 	}

  288. 

  289. 	accessMode, err := accessLevel(db.DefaultContext, user, repo)

  290. 	if err != nil {

  291. 		return false, err

  292. 	}

  293. 

  294. 	return accessMode >= perm_model.AccessModeAdmin, nil

  295. }

  296. 

  297. // IsUserRepoAdmin return true if user has admin right of a repo

  298. func IsUserRepoAdmin(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (bool, error) {

  299. 	if user == nil || repo == nil {

  300. 		return false, nil

  301. 	}

  302. 	if user.IsAdmin {

  303. 		return true, nil

  304. 	}

  305. 

  306. 	mode, err := accessLevel(ctx, user, repo)

  307. 	if err != nil {

  308. 		return false, err

  309. 	}

  310. 	if mode >= perm_model.AccessModeAdmin {

  311. 		return true, nil

  312. 	}

  313. 

  314. 	teams, err := organization.GetUserRepoTeams(ctx, repo.OwnerID, user.ID, repo.ID)

  315. 	if err != nil {

  316. 		return false, err

  317. 	}

  318. 

  319. 	for _, team := range teams {

  320. 		if team.AccessMode >= perm_model.AccessModeAdmin {

  321. 			return true, nil

  322. 		}

  323. 	}

  324. 	return false, nil

  325. }

  326. 

  327. // AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the

  328. // user does not have access.

  329. func AccessLevel(user *user_model.User, repo *repo_model.Repository) (perm_model.AccessMode, error) { //nolint

  330. 	return AccessLevelUnit(user, repo, unit.TypeCode)

  331. }

  332. 

  333. // AccessLevelUnit returns the Access a user has to a repository's. Will return NoneAccess if the

  334. // user does not have access.

  335. func AccessLevelUnit(user *user_model.User, repo *repo_model.Repository, unitType unit.Type) (perm_model.AccessMode, error) { //nolint

  336. 	return accessLevelUnit(db.DefaultContext, user, repo, unitType)

  337. }

  338. 

  339. func accessLevelUnit(ctx context.Context, user *user_model.User, repo *repo_model.Repository, unitType unit.Type) (perm_model.AccessMode, error) {

  340. 	perm, err := GetUserRepoPermission(ctx, repo, user)

  341. 	if err != nil {

  342. 		return perm_model.AccessModeNone, err

  343. 	}

  344. 	return perm.UnitAccessMode(unitType), nil

  345. }

  346. 

  347. // HasAccessUnit returns true if user has testMode to the unit of the repository

  348. func HasAccessUnit(ctx context.Context, user *user_model.User, repo *repo_model.Repository, unitType unit.Type, testMode perm_model.AccessMode) (bool, error) {

  349. 	mode, err := accessLevelUnit(ctx, user, repo, unitType)

  350. 	return testMode <= mode, err

  351. }

  352. 

  353. // CanBeAssigned return true if user can be assigned to issue or pull requests in repo

  354. // Currently any write access (code, issues or pr's) is assignable, to match assignee list in user interface.

  355. // FIXME: user could send PullRequest also could be assigned???

  356. func CanBeAssigned(ctx context.Context, user *user_model.User, repo *repo_model.Repository, _ bool) (bool, error) {

  357. 	if user.IsOrganization() {

  358. 		return false, fmt.Errorf("Organization can't be added as assignee [user_id: %d, repo_id: %d]", user.ID, repo.ID)

  359. 	}

  360. 	perm, err := GetUserRepoPermission(ctx, repo, user)

  361. 	if err != nil {

  362. 		return false, err

  363. 	}

  364. 	return perm.CanAccessAny(perm_model.AccessModeWrite, unit.TypeCode, unit.TypeIssues, unit.TypePullRequests), nil

  365. }

  366. 

  367. // HasAccess returns true if user has access to repo

  368. func HasAccess(ctx context.Context, userID int64, repo *repo_model.Repository) (bool, error) {

  369. 	var user *user_model.User

  370. 	var err error

  371. 	if userID > 0 {

  372. 		user, err = user_model.GetUserByIDCtx(ctx, userID)

  373. 		if err != nil {

  374. 			return false, err

  375. 		}

  376. 	}

  377. 	perm, err := GetUserRepoPermission(ctx, repo, user)

  378. 	if err != nil {

  379. 		return false, err

  380. 	}

  381. 	return perm.HasAccess(), nil

  382. }

  383. 

  384. // getUsersWithAccessMode returns users that have at least given access mode to the repository.

  385. func getUsersWithAccessMode(ctx context.Context, repo *repo_model.Repository, mode perm_model.AccessMode) (_ []*user_model.User, err error) {

  386. 	if err = repo.GetOwner(ctx); err != nil {

  387. 		return nil, err

  388. 	}

  389. 

  390. 	e := db.GetEngine(ctx)

  391. 	accesses := make([]*Access, 0, 10)

  392. 	if err = e.Where("repo_id = ? AND mode >= ?", repo.ID, mode).Find(&accesses); err != nil {

  393. 		return nil, err

  394. 	}

  395. 

  396. 	// Leave a seat for owner itself to append later, but if owner is an organization

  397. 	// and just waste 1 unit is cheaper than re-allocate memory once.

  398. 	users := make([]*user_model.User, 0, len(accesses)+1)

  399. 	if len(accesses) > 0 {

  400. 		userIDs := make([]int64, len(accesses))

  401. 		for i := 0; i < len(accesses); i++ {

  402. 			userIDs[i] = accesses[i].UserID

  403. 		}

  404. 

  405. 		if err = e.In("id", userIDs).Find(&users); err != nil {

  406. 			return nil, err

  407. 		}

  408. 	}

  409. 	if !repo.Owner.IsOrganization() {

  410. 		users = append(users, repo.Owner)

  411. 	}

  412. 

  413. 	return users, nil

  414. }

  415. 

  416. // GetRepoReaders returns all users that have explicit read access or higher to the repository.

  417. func GetRepoReaders(repo *repo_model.Repository) (_ []*user_model.User, err error) {

  418. 	return getUsersWithAccessMode(db.DefaultContext, repo, perm_model.AccessModeRead)

  419. }

  420. 

  421. // GetRepoWriters returns all users that have write access to the repository.

  422. func GetRepoWriters(repo *repo_model.Repository) (_ []*user_model.User, err error) {

  423. 	return getUsersWithAccessMode(db.DefaultContext, repo, perm_model.AccessModeWrite)

  424. }

  425. 

  426. // IsRepoReader returns true if user has explicit read access or higher to the repository.

  427. func IsRepoReader(ctx context.Context, repo *repo_model.Repository, userID int64) (bool, error) {

  428. 	if repo.OwnerID == userID {

  429. 		return true, nil

  430. 	}

  431. 	return db.GetEngine(ctx).Where("repo_id = ? AND user_id = ? AND mode >= ?", repo.ID, userID, perm_model.AccessModeRead).Get(&Access{})

  432. }