mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10355 Commits
17 Branches
Tree: v1.15.0-rc
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'v1.15.0-rc'
${ noResults }
gitea/models/org.go

org.go 24KB
Raw Permalink Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package models

  7. 

  8. import (

  9. 	"fmt"

  10. 	"strings"

  11. 

  12. 	"code.gitea.io/gitea/modules/log"

  13. 	"code.gitea.io/gitea/modules/setting"

  14. 	"code.gitea.io/gitea/modules/storage"

  15. 	"code.gitea.io/gitea/modules/structs"

  16. 	"code.gitea.io/gitea/modules/util"

  17. 

  18. 	"xorm.io/builder"

  19. 	"xorm.io/xorm"

  20. )

  21. 

  22. // IsOwnedBy returns true if given user is in the owner team.

  23. func (org *User) IsOwnedBy(uid int64) (bool, error) {

  24. 	return IsOrganizationOwner(org.ID, uid)

  25. }

  26. 

  27. // IsOrgMember returns true if given user is member of organization.

  28. func (org *User) IsOrgMember(uid int64) (bool, error) {

  29. 	return IsOrganizationMember(org.ID, uid)

  30. }

  31. 

  32. // CanCreateOrgRepo returns true if given user can create repo in organization

  33. func (org *User) CanCreateOrgRepo(uid int64) (bool, error) {

  34. 	return CanCreateOrgRepo(org.ID, uid)

  35. }

  36. 

  37. func (org *User) getTeam(e Engine, name string) (*Team, error) {

  38. 	return getTeam(e, org.ID, name)

  39. }

  40. 

  41. // GetTeam returns named team of organization.

  42. func (org *User) GetTeam(name string) (*Team, error) {

  43. 	return org.getTeam(x, name)

  44. }

  45. 

  46. func (org *User) getOwnerTeam(e Engine) (*Team, error) {

  47. 	return org.getTeam(e, ownerTeamName)

  48. }

  49. 

  50. // GetOwnerTeam returns owner team of organization.

  51. func (org *User) GetOwnerTeam() (*Team, error) {

  52. 	return org.getOwnerTeam(x)

  53. }

  54. 

  55. func (org *User) getTeams(e Engine) error {

  56. 	if org.Teams != nil {

  57. 		return nil

  58. 	}

  59. 	return e.

  60. 		Where("org_id=?", org.ID).

  61. 		OrderBy("CASE WHEN name LIKE '" + ownerTeamName + "' THEN '' ELSE name END").

  62. 		Find(&org.Teams)

  63. }

  64. 

  65. // GetTeams returns paginated teams that belong to organization.

  66. func (org *User) GetTeams(opts *SearchTeamOptions) error {

  67. 	if opts.Page != 0 {

  68. 		return org.getTeams(opts.getPaginatedSession())

  69. 	}

  70. 

  71. 	return org.getTeams(x)

  72. }

  73. 

  74. // GetMembers returns all members of organization.

  75. func (org *User) GetMembers() (err error) {

  76. 	org.Members, org.MembersIsPublic, err = FindOrgMembers(&FindOrgMembersOpts{

  77. 		OrgID: org.ID,

  78. 	})

  79. 	return

  80. }

  81. 

  82. // FindOrgMembersOpts represensts find org members conditions

  83. type FindOrgMembersOpts struct {

  84. 	ListOptions

  85. 	OrgID      int64

  86. 	PublicOnly bool

  87. }

  88. 

  89. // CountOrgMembers counts the organization's members

  90. func CountOrgMembers(opts FindOrgMembersOpts) (int64, error) {

  91. 	sess := x.Where("org_id=?", opts.OrgID)

  92. 	if opts.PublicOnly {

  93. 		sess.And("is_public = ?", true)

  94. 	}

  95. 	return sess.Count(new(OrgUser))

  96. }

  97. 

  98. // FindOrgMembers loads organization members according conditions

  99. func FindOrgMembers(opts *FindOrgMembersOpts) (UserList, map[int64]bool, error) {

  100. 	ous, err := GetOrgUsersByOrgID(opts)

  101. 	if err != nil {

  102. 		return nil, nil, err

  103. 	}

  104. 

  105. 	ids := make([]int64, len(ous))

  106. 	idsIsPublic := make(map[int64]bool, len(ous))

  107. 	for i, ou := range ous {

  108. 		ids[i] = ou.UID

  109. 		idsIsPublic[ou.UID] = ou.IsPublic

  110. 	}

  111. 

  112. 	users, err := GetUsersByIDs(ids)

  113. 	if err != nil {

  114. 		return nil, nil, err

  115. 	}

  116. 	return users, idsIsPublic, nil

  117. }

  118. 

  119. // AddMember adds new member to organization.

  120. func (org *User) AddMember(uid int64) error {

  121. 	return AddOrgUser(org.ID, uid)

  122. }

  123. 

  124. // RemoveMember removes member from organization.

  125. func (org *User) RemoveMember(uid int64) error {

  126. 	return RemoveOrgUser(org.ID, uid)

  127. }

  128. 

  129. func (org *User) removeOrgRepo(e Engine, repoID int64) error {

  130. 	return removeOrgRepo(e, org.ID, repoID)

  131. }

  132. 

  133. // RemoveOrgRepo removes all team-repository relations of organization.

  134. func (org *User) RemoveOrgRepo(repoID int64) error {

  135. 	return org.removeOrgRepo(x, repoID)

  136. }

  137. 

  138. // CreateOrganization creates record of a new organization.

  139. func CreateOrganization(org, owner *User) (err error) {

  140. 	if !owner.CanCreateOrganization() {

  141. 		return ErrUserNotAllowedCreateOrg{}

  142. 	}

  143. 

  144. 	if err = IsUsableUsername(org.Name); err != nil {

  145. 		return err

  146. 	}

  147. 

  148. 	isExist, err := IsUserExist(0, org.Name)

  149. 	if err != nil {

  150. 		return err

  151. 	} else if isExist {

  152. 		return ErrUserAlreadyExist{org.Name}

  153. 	}

  154. 

  155. 	org.LowerName = strings.ToLower(org.Name)

  156. 	if org.Rands, err = GetUserSalt(); err != nil {

  157. 		return err

  158. 	}

  159. 	if org.Salt, err = GetUserSalt(); err != nil {

  160. 		return err

  161. 	}

  162. 	org.UseCustomAvatar = true

  163. 	org.MaxRepoCreation = -1

  164. 	org.NumTeams = 1

  165. 	org.NumMembers = 1

  166. 	org.Type = UserTypeOrganization

  167. 

  168. 	sess := x.NewSession()

  169. 	defer sess.Close()

  170. 	if err = sess.Begin(); err != nil {

  171. 		return err

  172. 	}

  173. 

  174. 	if err = deleteUserRedirect(sess, org.Name); err != nil {

  175. 		return err

  176. 	}

  177. 

  178. 	if _, err = sess.Insert(org); err != nil {

  179. 		return fmt.Errorf("insert organization: %v", err)

  180. 	}

  181. 	if err = org.generateRandomAvatar(sess); err != nil {

  182. 		return fmt.Errorf("generate random avatar: %v", err)

  183. 	}

  184. 

  185. 	// Add initial creator to organization and owner team.

  186. 	if _, err = sess.Insert(&OrgUser{

  187. 		UID:   owner.ID,

  188. 		OrgID: org.ID,

  189. 	}); err != nil {

  190. 		return fmt.Errorf("insert org-user relation: %v", err)

  191. 	}

  192. 

  193. 	// Create default owner team.

  194. 	t := &Team{

  195. 		OrgID:                   org.ID,

  196. 		LowerName:               strings.ToLower(ownerTeamName),

  197. 		Name:                    ownerTeamName,

  198. 		Authorize:               AccessModeOwner,

  199. 		NumMembers:              1,

  200. 		IncludesAllRepositories: true,

  201. 		CanCreateOrgRepo:        true,

  202. 	}

  203. 	if _, err = sess.Insert(t); err != nil {

  204. 		return fmt.Errorf("insert owner team: %v", err)

  205. 	}

  206. 

  207. 	// insert units for team

  208. 	units := make([]TeamUnit, 0, len(AllRepoUnitTypes))

  209. 	for _, tp := range AllRepoUnitTypes {

  210. 		units = append(units, TeamUnit{

  211. 			OrgID:  org.ID,

  212. 			TeamID: t.ID,

  213. 			Type:   tp,

  214. 		})

  215. 	}

  216. 

  217. 	if _, err = sess.Insert(&units); err != nil {

  218. 		if err := sess.Rollback(); err != nil {

  219. 			log.Error("CreateOrganization: sess.Rollback: %v", err)

  220. 		}

  221. 		return err

  222. 	}

  223. 

  224. 	if _, err = sess.Insert(&TeamUser{

  225. 		UID:    owner.ID,

  226. 		OrgID:  org.ID,

  227. 		TeamID: t.ID,

  228. 	}); err != nil {

  229. 		return fmt.Errorf("insert team-user relation: %v", err)

  230. 	}

  231. 

  232. 	return sess.Commit()

  233. }

  234. 

  235. // GetOrgByName returns organization by given name.

  236. func GetOrgByName(name string) (*User, error) {

  237. 	if len(name) == 0 {

  238. 		return nil, ErrOrgNotExist{0, name}

  239. 	}

  240. 	u := &User{

  241. 		LowerName: strings.ToLower(name),

  242. 		Type:      UserTypeOrganization,

  243. 	}

  244. 	has, err := x.Get(u)

  245. 	if err != nil {

  246. 		return nil, err

  247. 	} else if !has {

  248. 		return nil, ErrOrgNotExist{0, name}

  249. 	}

  250. 	return u, nil

  251. }

  252. 

  253. // CountOrganizations returns number of organizations.

  254. func CountOrganizations() int64 {

  255. 	count, _ := x.

  256. 		Where("type=1").

  257. 		Count(new(User))

  258. 	return count

  259. }

  260. 

  261. // DeleteOrganization completely and permanently deletes everything of organization.

  262. func DeleteOrganization(org *User) (err error) {

  263. 	if !org.IsOrganization() {

  264. 		return fmt.Errorf("%s is a user not an organization", org.Name)

  265. 	}

  266. 

  267. 	sess := x.NewSession()

  268. 	defer sess.Close()

  269. 

  270. 	if err = sess.Begin(); err != nil {

  271. 		return err

  272. 	}

  273. 

  274. 	if err = deleteOrg(sess, org); err != nil {

  275. 		if IsErrUserOwnRepos(err) {

  276. 			return err

  277. 		} else if err != nil {

  278. 			return fmt.Errorf("deleteOrg: %v", err)

  279. 		}

  280. 	}

  281. 

  282. 	return sess.Commit()

  283. }

  284. 

  285. func deleteOrg(e *xorm.Session, u *User) error {

  286. 	// Check ownership of repository.

  287. 	count, err := getRepositoryCount(e, u)

  288. 	if err != nil {

  289. 		return fmt.Errorf("GetRepositoryCount: %v", err)

  290. 	} else if count > 0 {

  291. 		return ErrUserOwnRepos{UID: u.ID}

  292. 	}

  293. 

  294. 	if err := deleteBeans(e,

  295. 		&Team{OrgID: u.ID},

  296. 		&OrgUser{OrgID: u.ID},

  297. 		&TeamUser{OrgID: u.ID},

  298. 		&TeamUnit{OrgID: u.ID},

  299. 	); err != nil {

  300. 		return fmt.Errorf("deleteBeans: %v", err)

  301. 	}

  302. 

  303. 	if _, err = e.ID(u.ID).Delete(new(User)); err != nil {

  304. 		return fmt.Errorf("Delete: %v", err)

  305. 	}

  306. 

  307. 	// FIXME: system notice

  308. 	// Note: There are something just cannot be roll back,

  309. 	//	so just keep error logs of those operations.

  310. 	path := UserPath(u.Name)

  311. 

  312. 	if err := util.RemoveAll(path); err != nil {

  313. 		return fmt.Errorf("Failed to RemoveAll %s: %v", path, err)

  314. 	}

  315. 

  316. 	if len(u.Avatar) > 0 {

  317. 		avatarPath := u.CustomAvatarRelativePath()

  318. 		if err := storage.Avatars.Delete(avatarPath); err != nil {

  319. 			return fmt.Errorf("Failed to remove %s: %v", avatarPath, err)

  320. 		}

  321. 	}

  322. 

  323. 	return nil

  324. }

  325. 

  326. // ________                ____ ___

  327. // \_____  \_______  ____ |    |   \______ ___________

  328. //  /   |   \_  __ \/ ___\|    |   /  ___// __ \_  __ \

  329. // /    |    \  | \/ /_/  >    |  /\___ \\  ___/|  | \/

  330. // \_______  /__|  \___  /|______//____  >\___  >__|

  331. //         \/     /_____/              \/     \/

  332. 

  333. // OrgUser represents an organization-user relation.

  334. type OrgUser struct {

  335. 	ID       int64 `xorm:"pk autoincr"`

  336. 	UID      int64 `xorm:"INDEX UNIQUE(s)"`

  337. 	OrgID    int64 `xorm:"INDEX UNIQUE(s)"`

  338. 	IsPublic bool  `xorm:"INDEX"`

  339. }

  340. 

  341. func isOrganizationOwner(e Engine, orgID, uid int64) (bool, error) {

  342. 	ownerTeam, err := getOwnerTeam(e, orgID)

  343. 	if err != nil {

  344. 		if IsErrTeamNotExist(err) {

  345. 			log.Error("Organization does not have owner team: %d", orgID)

  346. 			return false, nil

  347. 		}

  348. 		return false, err

  349. 	}

  350. 	return isTeamMember(e, orgID, ownerTeam.ID, uid)

  351. }

  352. 

  353. // IsOrganizationOwner returns true if given user is in the owner team.

  354. func IsOrganizationOwner(orgID, uid int64) (bool, error) {

  355. 	return isOrganizationOwner(x, orgID, uid)

  356. }

  357. 

  358. // IsOrganizationMember returns true if given user is member of organization.

  359. func IsOrganizationMember(orgID, uid int64) (bool, error) {

  360. 	return isOrganizationMember(x, orgID, uid)

  361. }

  362. 

  363. func isOrganizationMember(e Engine, orgID, uid int64) (bool, error) {

  364. 	return e.

  365. 		Where("uid=?", uid).

  366. 		And("org_id=?", orgID).

  367. 		Table("org_user").

  368. 		Exist()

  369. }

  370. 

  371. // IsPublicMembership returns true if given user public his/her membership.

  372. func IsPublicMembership(orgID, uid int64) (bool, error) {

  373. 	return x.

  374. 		Where("uid=?", uid).

  375. 		And("org_id=?", orgID).

  376. 		And("is_public=?", true).

  377. 		Table("org_user").

  378. 		Exist()

  379. }

  380. 

  381. // CanCreateOrgRepo returns true if user can create repo in organization

  382. func CanCreateOrgRepo(orgID, uid int64) (bool, error) {

  383. 	if owner, err := IsOrganizationOwner(orgID, uid); owner || err != nil {

  384. 		return owner, err

  385. 	}

  386. 	return x.

  387. 		Where(builder.Eq{"team.can_create_org_repo": true}).

  388. 		Join("INNER", "team_user", "team_user.team_id = team.id").

  389. 		And("team_user.uid = ?", uid).

  390. 		And("team_user.org_id = ?", orgID).

  391. 		Exist(new(Team))

  392. }

  393. 

  394. // GetUsersWhoCanCreateOrgRepo returns users which are able to create repo in organization

  395. func GetUsersWhoCanCreateOrgRepo(orgID int64) ([]*User, error) {

  396. 	return getUsersWhoCanCreateOrgRepo(x, orgID)

  397. }

  398. 

  399. func getUsersWhoCanCreateOrgRepo(e Engine, orgID int64) ([]*User, error) {

  400. 	users := make([]*User, 0, 10)

  401. 	return users, x.

  402. 		Join("INNER", "`team_user`", "`team_user`.uid=`user`.id").

  403. 		Join("INNER", "`team`", "`team`.id=`team_user`.team_id").

  404. 		Where(builder.Eq{"team.can_create_org_repo": true}.Or(builder.Eq{"team.authorize": AccessModeOwner})).

  405. 		And("team_user.org_id = ?", orgID).Asc("`user`.name").Find(&users)

  406. }

  407. 

  408. func getOrgsByUserID(sess *xorm.Session, userID int64, showAll bool) ([]*User, error) {

  409. 	orgs := make([]*User, 0, 10)

  410. 	if !showAll {

  411. 		sess.And("`org_user`.is_public=?", true)

  412. 	}

  413. 	return orgs, sess.

  414. 		And("`org_user`.uid=?", userID).

  415. 		Join("INNER", "`org_user`", "`org_user`.org_id=`user`.id").

  416. 		Asc("`user`.name").

  417. 		Find(&orgs)

  418. }

  419. 

  420. // GetOrgsByUserID returns a list of organizations that the given user ID

  421. // has joined.

  422. func GetOrgsByUserID(userID int64, showAll bool) ([]*User, error) {

  423. 	sess := x.NewSession()

  424. 	defer sess.Close()

  425. 	return getOrgsByUserID(sess, userID, showAll)

  426. }

  427. 

  428. // queryUserOrgIDs returns a condition to return user's organization id

  429. func queryUserOrgIDs(uid int64) *builder.Builder {

  430. 	return builder.Select("team.org_id").

  431. 		From("team_user").InnerJoin("team", "team.id = team_user.team_id").

  432. 		Where(builder.Eq{"team_user.uid": uid})

  433. }

  434. 

  435. // MinimalOrg represents a simple orgnization with only needed columns

  436. type MinimalOrg = User

  437. 

  438. // GetUserOrgsList returns one user's all orgs list

  439. func GetUserOrgsList(uid int64) ([]*MinimalOrg, error) {

  440. 	var orgs = make([]*MinimalOrg, 0, 20)

  441. 	return orgs, x.Select("id, name, full_name, visibility, avatar, avatar_email, use_custom_avatar").

  442. 		Table("user").

  443. 		In("id", queryUserOrgIDs(uid)).

  444. 		Find(&orgs)

  445. }

  446. 

  447. func getOwnedOrgsByUserID(sess *xorm.Session, userID int64) ([]*User, error) {

  448. 	orgs := make([]*User, 0, 10)

  449. 	return orgs, sess.

  450. 		Join("INNER", "`team_user`", "`team_user`.org_id=`user`.id").

  451. 		Join("INNER", "`team`", "`team`.id=`team_user`.team_id").

  452. 		Where("`team_user`.uid=?", userID).

  453. 		And("`team`.authorize=?", AccessModeOwner).

  454. 		Asc("`user`.name").

  455. 		Find(&orgs)

  456. }

  457. 

  458. // HasOrgOrUserVisible tells if the given user can see the given org or user

  459. func HasOrgOrUserVisible(org, user *User) bool {

  460. 	return hasOrgOrUserVisible(x, org, user)

  461. }

  462. 

  463. func hasOrgOrUserVisible(e Engine, orgOrUser, user *User) bool {

  464. 	// Not SignedUser

  465. 	if user == nil {

  466. 		return orgOrUser.Visibility == structs.VisibleTypePublic

  467. 	}

  468. 

  469. 	if user.IsAdmin || orgOrUser.ID == user.ID {

  470. 		return true

  471. 	}

  472. 

  473. 	if (orgOrUser.Visibility == structs.VisibleTypePrivate || user.IsRestricted) && !orgOrUser.hasMemberWithUserID(e, user.ID) {

  474. 		return false

  475. 	}

  476. 	return true

  477. }

  478. 

  479. // HasOrgsVisible tells if the given user can see at least one of the orgs provided

  480. func HasOrgsVisible(orgs []*User, user *User) bool {

  481. 	if len(orgs) == 0 {

  482. 		return false

  483. 	}

  484. 

  485. 	for _, org := range orgs {

  486. 		if HasOrgOrUserVisible(org, user) {

  487. 			return true

  488. 		}

  489. 	}

  490. 	return false

  491. }

  492. 

  493. // GetOwnedOrgsByUserID returns a list of organizations are owned by given user ID.

  494. func GetOwnedOrgsByUserID(userID int64) ([]*User, error) {

  495. 	sess := x.NewSession()

  496. 	defer sess.Close()

  497. 	return getOwnedOrgsByUserID(sess, userID)

  498. }

  499. 

  500. // GetOwnedOrgsByUserIDDesc returns a list of organizations are owned by

  501. // given user ID, ordered descending by the given condition.

  502. func GetOwnedOrgsByUserIDDesc(userID int64, desc string) ([]*User, error) {

  503. 	return getOwnedOrgsByUserID(x.Desc(desc), userID)

  504. }

  505. 

  506. // GetOrgsCanCreateRepoByUserID returns a list of organizations where given user ID

  507. // are allowed to create repos.

  508. func GetOrgsCanCreateRepoByUserID(userID int64) ([]*User, error) {

  509. 	orgs := make([]*User, 0, 10)

  510. 

  511. 	return orgs, x.Where(builder.In("id", builder.Select("`user`.id").From("`user`").

  512. 		Join("INNER", "`team_user`", "`team_user`.org_id = `user`.id").

  513. 		Join("INNER", "`team`", "`team`.id = `team_user`.team_id").

  514. 		Where(builder.Eq{"`team_user`.uid": userID}).

  515. 		And(builder.Eq{"`team`.authorize": AccessModeOwner}.Or(builder.Eq{"`team`.can_create_org_repo": true})))).

  516. 		Asc("`user`.name").

  517. 		Find(&orgs)

  518. }

  519. 

  520. // GetOrgUsersByUserID returns all organization-user relations by user ID.

  521. func GetOrgUsersByUserID(uid int64, opts *SearchOrganizationsOptions) ([]*OrgUser, error) {

  522. 	ous := make([]*OrgUser, 0, 10)

  523. 	sess := x.

  524. 		Join("LEFT", "`user`", "`org_user`.org_id=`user`.id").

  525. 		Where("`org_user`.uid=?", uid)

  526. 	if !opts.All {

  527. 		// Only show public organizations

  528. 		sess.And("is_public=?", true)

  529. 	}

  530. 

  531. 	if opts.PageSize != 0 {

  532. 		sess = opts.setSessionPagination(sess)

  533. 	}

  534. 

  535. 	err := sess.

  536. 		Asc("`user`.name").

  537. 		Find(&ous)

  538. 	return ous, err

  539. }

  540. 

  541. // GetOrgUsersByOrgID returns all organization-user relations by organization ID.

  542. func GetOrgUsersByOrgID(opts *FindOrgMembersOpts) ([]*OrgUser, error) {

  543. 	return getOrgUsersByOrgID(x, opts)

  544. }

  545. 

  546. func getOrgUsersByOrgID(e Engine, opts *FindOrgMembersOpts) ([]*OrgUser, error) {

  547. 	sess := e.Where("org_id=?", opts.OrgID)

  548. 	if opts.PublicOnly {

  549. 		sess.And("is_public = ?", true)

  550. 	}

  551. 	if opts.ListOptions.PageSize > 0 {

  552. 		sess = opts.setSessionPagination(sess)

  553. 

  554. 		ous := make([]*OrgUser, 0, opts.PageSize)

  555. 		return ous, sess.Find(&ous)

  556. 	}

  557. 

  558. 	var ous []*OrgUser

  559. 	return ous, sess.Find(&ous)

  560. }

  561. 

  562. // ChangeOrgUserStatus changes public or private membership status.

  563. func ChangeOrgUserStatus(orgID, uid int64, public bool) error {

  564. 	ou := new(OrgUser)

  565. 	has, err := x.

  566. 		Where("uid=?", uid).

  567. 		And("org_id=?", orgID).

  568. 		Get(ou)

  569. 	if err != nil {

  570. 		return err

  571. 	} else if !has {

  572. 		return nil

  573. 	}

  574. 

  575. 	ou.IsPublic = public

  576. 	_, err = x.ID(ou.ID).Cols("is_public").Update(ou)

  577. 	return err

  578. }

  579. 

  580. // AddOrgUser adds new user to given organization.

  581. func AddOrgUser(orgID, uid int64) error {

  582. 	isAlreadyMember, err := IsOrganizationMember(orgID, uid)

  583. 	if err != nil || isAlreadyMember {

  584. 		return err

  585. 	}

  586. 

  587. 	sess := x.NewSession()

  588. 	defer sess.Close()

  589. 	if err := sess.Begin(); err != nil {

  590. 		return err

  591. 	}

  592. 

  593. 	ou := &OrgUser{

  594. 		UID:      uid,

  595. 		OrgID:    orgID,

  596. 		IsPublic: setting.Service.DefaultOrgMemberVisible,

  597. 	}

  598. 

  599. 	if _, err := sess.Insert(ou); err != nil {

  600. 		if err := sess.Rollback(); err != nil {

  601. 			log.Error("AddOrgUser: sess.Rollback: %v", err)

  602. 		}

  603. 		return err

  604. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgID); err != nil {

  605. 		if err := sess.Rollback(); err != nil {

  606. 			log.Error("AddOrgUser: sess.Rollback: %v", err)

  607. 		}

  608. 		return err

  609. 	}

  610. 

  611. 	return sess.Commit()

  612. }

  613. 

  614. func removeOrgUser(sess *xorm.Session, orgID, userID int64) error {

  615. 	ou := new(OrgUser)

  616. 

  617. 	has, err := sess.

  618. 		Where("uid=?", userID).

  619. 		And("org_id=?", orgID).

  620. 		Get(ou)

  621. 	if err != nil {

  622. 		return fmt.Errorf("get org-user: %v", err)

  623. 	} else if !has {

  624. 		return nil

  625. 	}

  626. 

  627. 	org, err := getUserByID(sess, orgID)

  628. 	if err != nil {

  629. 		return fmt.Errorf("GetUserByID [%d]: %v", orgID, err)

  630. 	}

  631. 

  632. 	// Check if the user to delete is the last member in owner team.

  633. 	if isOwner, err := isOrganizationOwner(sess, orgID, userID); err != nil {

  634. 		return err

  635. 	} else if isOwner {

  636. 		t, err := org.getOwnerTeam(sess)

  637. 		if err != nil {

  638. 			return err

  639. 		}

  640. 		if t.NumMembers == 1 {

  641. 			if err := t.getMembers(sess); err != nil {

  642. 				return err

  643. 			}

  644. 			if t.Members[0].ID == userID {

  645. 				return ErrLastOrgOwner{UID: userID}

  646. 			}

  647. 		}

  648. 	}

  649. 

  650. 	if _, err := sess.ID(ou.ID).Delete(ou); err != nil {

  651. 		return err

  652. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members=num_members-1 WHERE id=?", orgID); err != nil {

  653. 		return err

  654. 	}

  655. 

  656. 	// Delete all repository accesses and unwatch them.

  657. 	env, err := org.accessibleReposEnv(sess, userID)

  658. 	if err != nil {

  659. 		return fmt.Errorf("AccessibleReposEnv: %v", err)

  660. 	}

  661. 	repoIDs, err := env.RepoIDs(1, org.NumRepos)

  662. 	if err != nil {

  663. 		return fmt.Errorf("GetUserRepositories [%d]: %v", userID, err)

  664. 	}

  665. 	for _, repoID := range repoIDs {

  666. 		if err = watchRepo(sess, userID, repoID, false); err != nil {

  667. 			return err

  668. 		}

  669. 	}

  670. 

  671. 	if len(repoIDs) > 0 {

  672. 		if _, err = sess.

  673. 			Where("user_id = ?", userID).

  674. 			In("repo_id", repoIDs).

  675. 			Delete(new(Access)); err != nil {

  676. 			return err

  677. 		}

  678. 	}

  679. 

  680. 	// Delete member in his/her teams.

  681. 	teams, err := getUserOrgTeams(sess, org.ID, userID)

  682. 	if err != nil {

  683. 		return err

  684. 	}

  685. 	for _, t := range teams {

  686. 		if err = removeTeamMember(sess, t, userID); err != nil {

  687. 			return err

  688. 		}

  689. 	}

  690. 

  691. 	return nil

  692. }

  693. 

  694. // RemoveOrgUser removes user from given organization.

  695. func RemoveOrgUser(orgID, userID int64) error {

  696. 	sess := x.NewSession()

  697. 	defer sess.Close()

  698. 	if err := sess.Begin(); err != nil {

  699. 		return err

  700. 	}

  701. 	if err := removeOrgUser(sess, orgID, userID); err != nil {

  702. 		return err

  703. 	}

  704. 	return sess.Commit()

  705. }

  706. 

  707. func removeOrgRepo(e Engine, orgID, repoID int64) error {

  708. 	teamRepos := make([]*TeamRepo, 0, 10)

  709. 	if err := e.Find(&teamRepos, &TeamRepo{OrgID: orgID, RepoID: repoID}); err != nil {

  710. 		return err

  711. 	}

  712. 

  713. 	if len(teamRepos) == 0 {

  714. 		return nil

  715. 	}

  716. 

  717. 	if _, err := e.Delete(&TeamRepo{

  718. 		OrgID:  orgID,

  719. 		RepoID: repoID,

  720. 	}); err != nil {

  721. 		return err

  722. 	}

  723. 

  724. 	teamIDs := make([]int64, len(teamRepos))

  725. 	for i, teamRepo := range teamRepos {

  726. 		teamIDs[i] = teamRepo.TeamID

  727. 	}

  728. 

  729. 	_, err := e.Decr("num_repos").In("id", teamIDs).Update(new(Team))

  730. 	return err

  731. }

  732. 

  733. func (org *User) getUserTeams(e Engine, userID int64, cols ...string) ([]*Team, error) {

  734. 	teams := make([]*Team, 0, org.NumTeams)

  735. 	return teams, e.

  736. 		Where("`team_user`.org_id = ?", org.ID).

  737. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  738. 		Join("INNER", "`user`", "`user`.id=team_user.uid").

  739. 		And("`team_user`.uid = ?", userID).

  740. 		Asc("`user`.name").

  741. 		Cols(cols...).

  742. 		Find(&teams)

  743. }

  744. 

  745. func (org *User) getUserTeamIDs(e Engine, userID int64) ([]int64, error) {

  746. 	teamIDs := make([]int64, 0, org.NumTeams)

  747. 	return teamIDs, e.

  748. 		Table("team").

  749. 		Cols("team.id").

  750. 		Where("`team_user`.org_id = ?", org.ID).

  751. 		Join("INNER", "team_user", "`team_user`.team_id = team.id").

  752. 		And("`team_user`.uid = ?", userID).

  753. 		Find(&teamIDs)

  754. }

  755. 

  756. // TeamsWithAccessToRepo returns all teams that have given access level to the repository.

  757. func (org *User) TeamsWithAccessToRepo(repoID int64, mode AccessMode) ([]*Team, error) {

  758. 	return GetTeamsWithAccessToRepo(org.ID, repoID, mode)

  759. }

  760. 

  761. // GetUserTeamIDs returns of all team IDs of the organization that user is member of.

  762. func (org *User) GetUserTeamIDs(userID int64) ([]int64, error) {

  763. 	return org.getUserTeamIDs(x, userID)

  764. }

  765. 

  766. // GetUserTeams returns all teams that belong to user,

  767. // and that the user has joined.

  768. func (org *User) GetUserTeams(userID int64) ([]*Team, error) {

  769. 	return org.getUserTeams(x, userID)

  770. }

  771. 

  772. // AccessibleReposEnvironment operations involving the repositories that are

  773. // accessible to a particular user

  774. type AccessibleReposEnvironment interface {

  775. 	CountRepos() (int64, error)

  776. 	RepoIDs(page, pageSize int) ([]int64, error)

  777. 	Repos(page, pageSize int) ([]*Repository, error)

  778. 	MirrorRepos() ([]*Repository, error)

  779. 	AddKeyword(keyword string)

  780. 	SetSort(SearchOrderBy)

  781. }

  782. 

  783. type accessibleReposEnv struct {

  784. 	org     *User

  785. 	user    *User

  786. 	team    *Team

  787. 	teamIDs []int64

  788. 	e       Engine

  789. 	keyword string

  790. 	orderBy SearchOrderBy

  791. }

  792. 

  793. // AccessibleReposEnv builds an AccessibleReposEnvironment for the repositories in `org`

  794. // that are accessible to the specified user.

  795. func (org *User) AccessibleReposEnv(userID int64) (AccessibleReposEnvironment, error) {

  796. 	return org.accessibleReposEnv(x, userID)

  797. }

  798. 

  799. func (org *User) accessibleReposEnv(e Engine, userID int64) (AccessibleReposEnvironment, error) {

  800. 	var user *User

  801. 

  802. 	if userID > 0 {

  803. 		u, err := getUserByID(e, userID)

  804. 		if err != nil {

  805. 			return nil, err

  806. 		}

  807. 		user = u

  808. 	}

  809. 

  810. 	teamIDs, err := org.getUserTeamIDs(e, userID)

  811. 	if err != nil {

  812. 		return nil, err

  813. 	}

  814. 	return &accessibleReposEnv{

  815. 		org:     org,

  816. 		user:    user,

  817. 		teamIDs: teamIDs,

  818. 		e:       e,

  819. 		orderBy: SearchOrderByRecentUpdated,

  820. 	}, nil

  821. }

  822. 

  823. // AccessibleTeamReposEnv an AccessibleReposEnvironment for the repositories in `org`

  824. // that are accessible to the specified team.

  825. func (org *User) AccessibleTeamReposEnv(team *Team) AccessibleReposEnvironment {

  826. 	return &accessibleReposEnv{

  827. 		org:     org,

  828. 		team:    team,

  829. 		e:       x,

  830. 		orderBy: SearchOrderByRecentUpdated,

  831. 	}

  832. }

  833. 

  834. func (env *accessibleReposEnv) cond() builder.Cond {

  835. 	cond := builder.NewCond()

  836. 	if env.team != nil {

  837. 		cond = cond.And(builder.Eq{"team_repo.team_id": env.team.ID})

  838. 	} else {

  839. 		if env.user == nil || !env.user.IsRestricted {

  840. 			cond = cond.Or(builder.Eq{

  841. 				"`repository`.owner_id":   env.org.ID,

  842. 				"`repository`.is_private": false,

  843. 			})

  844. 		}

  845. 		if len(env.teamIDs) > 0 {

  846. 			cond = cond.Or(builder.In("team_repo.team_id", env.teamIDs))

  847. 		}

  848. 	}

  849. 	if env.keyword != "" {

  850. 		cond = cond.And(builder.Like{"`repository`.lower_name", strings.ToLower(env.keyword)})

  851. 	}

  852. 	return cond

  853. }

  854. 

  855. func (env *accessibleReposEnv) CountRepos() (int64, error) {

  856. 	repoCount, err := env.e.

  857. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").

  858. 		Where(env.cond()).

  859. 		Distinct("`repository`.id").

  860. 		Count(&Repository{})

  861. 	if err != nil {

  862. 		return 0, fmt.Errorf("count user repositories in organization: %v", err)

  863. 	}

  864. 	return repoCount, nil

  865. }

  866. 

  867. func (env *accessibleReposEnv) RepoIDs(page, pageSize int) ([]int64, error) {

  868. 	if page <= 0 {

  869. 		page = 1

  870. 	}

  871. 

  872. 	repoIDs := make([]int64, 0, pageSize)

  873. 	return repoIDs, env.e.

  874. 		Table("repository").

  875. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id").

  876. 		Where(env.cond()).

  877. 		GroupBy("`repository`.id,`repository`."+strings.Fields(string(env.orderBy))[0]).

  878. 		OrderBy(string(env.orderBy)).

  879. 		Limit(pageSize, (page-1)*pageSize).

  880. 		Cols("`repository`.id").

  881. 		Find(&repoIDs)

  882. }

  883. 

  884. func (env *accessibleReposEnv) Repos(page, pageSize int) ([]*Repository, error) {

  885. 	repoIDs, err := env.RepoIDs(page, pageSize)

  886. 	if err != nil {

  887. 		return nil, fmt.Errorf("GetUserRepositoryIDs: %v", err)

  888. 	}

  889. 

  890. 	repos := make([]*Repository, 0, len(repoIDs))

  891. 	if len(repoIDs) == 0 {

  892. 		return repos, nil

  893. 	}

  894. 

  895. 	return repos, env.e.

  896. 		In("`repository`.id", repoIDs).

  897. 		OrderBy(string(env.orderBy)).

  898. 		Find(&repos)

  899. }

  900. 

  901. func (env *accessibleReposEnv) MirrorRepoIDs() ([]int64, error) {

  902. 	repoIDs := make([]int64, 0, 10)

  903. 	return repoIDs, env.e.

  904. 		Table("repository").

  905. 		Join("INNER", "team_repo", "`team_repo`.repo_id=`repository`.id AND `repository`.is_mirror=?", true).

  906. 		Where(env.cond()).

  907. 		GroupBy("`repository`.id, `repository`.updated_unix").

  908. 		OrderBy(string(env.orderBy)).

  909. 		Cols("`repository`.id").

  910. 		Find(&repoIDs)

  911. }

  912. 

  913. func (env *accessibleReposEnv) MirrorRepos() ([]*Repository, error) {

  914. 	repoIDs, err := env.MirrorRepoIDs()

  915. 	if err != nil {

  916. 		return nil, fmt.Errorf("MirrorRepoIDs: %v", err)

  917. 	}

  918. 

  919. 	repos := make([]*Repository, 0, len(repoIDs))

  920. 	if len(repoIDs) == 0 {

  921. 		return repos, nil

  922. 	}

  923. 

  924. 	return repos, env.e.

  925. 		In("`repository`.id", repoIDs).

  926. 		Find(&repos)

  927. }

  928. 

  929. func (env *accessibleReposEnv) AddKeyword(keyword string) {

  930. 	env.keyword = keyword

  931. }

  932. 

  933. func (env *accessibleReposEnv) SetSort(orderBy SearchOrderBy) {

  934. 	env.orderBy = orderBy

  935. }