forked from forgejo/forgejo
Refactoring of the Access Table
This commit does a lot of the work of refactoring the access table in a table with id's instead of strings. The result does compile, but has not been tested. It may eat your kittens.
This commit is contained in:
Peter Smit
parent
03af37554e
commit
4e79adf6b5
12 changed files with 236 additions and 682 deletions
41
cmd/serve.go
41
cmd/serve.go
|
|
@ -8,7 +8,6 @@ import (
|
|||
"fmt"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"time"
|
||||
|
|
@ -59,19 +58,19 @@ func parseCmd(cmd string) (string, string) {
|
|||
}
|
||||
|
||||
var (
|
||||
COMMANDS_READONLY = map[string]models.AccessType{
|
||||
"git-upload-pack": models.WRITABLE,
|
||||
"git upload-pack": models.WRITABLE,
|
||||
"git-upload-archive": models.WRITABLE,
|
||||
COMMANDS_READONLY = map[string]models.AccessMode{
|
||||
"git-upload-pack": models.WriteAccess,
|
||||
"git upload-pack": models.WriteAccess,
|
||||
"git-upload-archive": models.WriteAccess,
|
||||
}
|
||||
|
||||
COMMANDS_WRITE = map[string]models.AccessType{
|
||||
"git-receive-pack": models.READABLE,
|
||||
"git receive-pack": models.READABLE,
|
||||
COMMANDS_WRITE = map[string]models.AccessMode{
|
||||
"git-receive-pack": models.ReadAccess,
|
||||
"git receive-pack": models.ReadAccess,
|
||||
}
|
||||
)
|
||||
|
||||
func In(b string, sl map[string]models.AccessType) bool {
|
||||
func In(b string, sl map[string]models.AccessMode) bool {
|
||||
_, e := sl[b]
|
||||
return e
|
||||
}
|
||||
|
|
@ -130,9 +129,19 @@ func runServ(k *cli.Context) {
|
|||
}
|
||||
|
||||
// Access check.
|
||||
repo, err := models.GetRepositoryByName(repoUser.Id, repoName)
|
||||
if err != nil {
|
||||
if err == models.ErrRepoNotExist {
|
||||
println("Gogs: given repository does not exist")
|
||||
log.GitLogger.Fatal(2, "Repository does not exist: %s/%s", repoUser.Name, repoName)
|
||||
}
|
||||
println("Gogs: internal error:", err.Error())
|
||||
log.GitLogger.Fatal(2, "Fail to get repository: %v", err)
|
||||
}
|
||||
|
||||
switch {
|
||||
case isWrite:
|
||||
has, err := models.HasAccess(user.Name, path.Join(repoUserName, repoName), models.WRITABLE)
|
||||
has, err := models.HasAccess(user, repo, models.WriteAccess)
|
||||
if err != nil {
|
||||
println("Gogs: internal error:", err.Error())
|
||||
log.GitLogger.Fatal(2, "Fail to check write access:", err)
|
||||
|
|
@ -141,21 +150,11 @@ func runServ(k *cli.Context) {
|
|||
log.GitLogger.Fatal(2, "User %s has no right to write repository %s", user.Name, repoPath)
|
||||
}
|
||||
case isRead:
|
||||
repo, err := models.GetRepositoryByName(repoUser.Id, repoName)
|
||||
if err != nil {
|
||||
if err == models.ErrRepoNotExist {
|
||||
println("Gogs: given repository does not exist")
|
||||
log.GitLogger.Fatal(2, "Repository does not exist: %s/%s", repoUser.Name, repoName)
|
||||
}
|
||||
println("Gogs: internal error:", err.Error())
|
||||
log.GitLogger.Fatal(2, "Fail to get repository: %v", err)
|
||||
}
|
||||
|
||||
if !repo.IsPrivate {
|
||||
break
|
||||
}
|
||||
|
||||
has, err := models.HasAccess(user.Name, path.Join(repoUserName, repoName), models.READABLE)
|
||||
has, err := models.HasAccess(user, repo, models.ReadAccess)
|
||||
if err != nil {
|
||||
println("Gogs: internal error:", err.Error())
|
||||
log.GitLogger.Fatal(2, "Fail to check read access:", err)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue