forked from forgejo/forgejo
Add team option to grant rights for all organization repositories (#8688)
* Add field IsAllRepositories to team
* Add AllRepositories to team UI
* Manage team with access to all repositories
* Add field IsAllRepositories to team API
* put backticks around table/column names
* rename IsAllRepositories to IncludesAllRepositories
* do not reload slice if already loaded
* add repo to teams with access to all repositories when changing repo owner
* improve tests for teams with access to all repositories
* Merge branch 'master'
* Change code for adding all repositories
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* fmt after merge
* Change code in API EditTeam similar to EditTeamPost web interface
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* Clarify that all repositories will be added
Signed-off-by: David Svantesson <davidsvantesson@gmail.com>
* All repositories option under Permissions headline
* New setting group 'Repository access'
* Move check IncludeAllRepositories to removeRepository.
* Revert "Move check IncludeAllRepositories to removeRepository." and add comment instead.
This reverts commit 753b7d205b.
* Clarify help text what options do.
This commit is contained in:
David Svantesson
Lauris BH
parent
0109229928
commit
72aa5a20ec
17 changed files with 382 additions and 75 deletions
|
|
@ -22,17 +22,18 @@ const ownerTeamName = "Owners"
|
|||
|
||||
// Team represents a organization team.
|
||||
type Team struct {
|
||||
ID int64 `xorm:"pk autoincr"`
|
||||
OrgID int64 `xorm:"INDEX"`
|
||||
LowerName string
|
||||
Name string
|
||||
Description string
|
||||
Authorize AccessMode
|
||||
Repos []*Repository `xorm:"-"`
|
||||
Members []*User `xorm:"-"`
|
||||
NumRepos int
|
||||
NumMembers int
|
||||
Units []*TeamUnit `xorm:"-"`
|
||||
ID int64 `xorm:"pk autoincr"`
|
||||
OrgID int64 `xorm:"INDEX"`
|
||||
LowerName string
|
||||
Name string
|
||||
Description string
|
||||
Authorize AccessMode
|
||||
Repos []*Repository `xorm:"-"`
|
||||
Members []*User `xorm:"-"`
|
||||
NumRepos int
|
||||
NumMembers int
|
||||
Units []*TeamUnit `xorm:"-"`
|
||||
IncludesAllRepositories bool `xorm:"NOT NULL DEFAULT false"`
|
||||
}
|
||||
|
||||
// SearchTeamOptions holds the search options
|
||||
|
|
@ -149,6 +150,9 @@ func (t *Team) IsMember(userID int64) bool {
|
|||
}
|
||||
|
||||
func (t *Team) getRepositories(e Engine) error {
|
||||
if t.Repos != nil {
|
||||
return nil
|
||||
}
|
||||
return e.Join("INNER", "team_repo", "repository.id = team_repo.repo_id").
|
||||
Where("team_repo.team_id=?", t.ID).
|
||||
OrderBy("repository.name").
|
||||
|
|
@ -220,6 +224,25 @@ func (t *Team) addRepository(e Engine, repo *Repository) (err error) {
|
|||
return nil
|
||||
}
|
||||
|
||||
// addAllRepositories adds all repositories to the team.
|
||||
// If the team already has some repositories they will be left unchanged.
|
||||
func (t *Team) addAllRepositories(e Engine) error {
|
||||
var orgRepos []Repository
|
||||
if err := e.Where("owner_id = ?", t.OrgID).Find(&orgRepos); err != nil {
|
||||
return fmt.Errorf("get org repos: %v", err)
|
||||
}
|
||||
|
||||
for _, repo := range orgRepos {
|
||||
if !t.hasRepository(e, repo.ID) {
|
||||
if err := t.addRepository(e, &repo); err != nil {
|
||||
return fmt.Errorf("addRepository: %v", err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// AddRepository adds new repository to team of organization.
|
||||
func (t *Team) AddRepository(repo *Repository) (err error) {
|
||||
if repo.OwnerID != t.OrgID {
|
||||
|
|
@ -241,6 +264,8 @@ func (t *Team) AddRepository(repo *Repository) (err error) {
|
|||
return sess.Commit()
|
||||
}
|
||||
|
||||
// removeRepository removes a repository from a team and recalculates access
|
||||
// Note: Repository shall not be removed from team if it includes all repositories (unless the repository is deleted)
|
||||
func (t *Team) removeRepository(e Engine, repo *Repository, recalculate bool) (err error) {
|
||||
if err = removeTeamRepo(e, t.ID, repo.ID); err != nil {
|
||||
return err
|
||||
|
|
@ -284,11 +309,16 @@ func (t *Team) removeRepository(e Engine, repo *Repository, recalculate bool) (e
|
|||
}
|
||||
|
||||
// RemoveRepository removes repository from team of organization.
|
||||
// If the team shall include all repositories the request is ignored.
|
||||
func (t *Team) RemoveRepository(repoID int64) error {
|
||||
if !t.HasRepository(repoID) {
|
||||
return nil
|
||||
}
|
||||
|
||||
if t.IncludesAllRepositories {
|
||||
return nil
|
||||
}
|
||||
|
||||
repo, err := GetRepositoryByID(repoID)
|
||||
if err != nil {
|
||||
return err
|
||||
|
|
@ -394,6 +424,14 @@ func NewTeam(t *Team) (err error) {
|
|||
}
|
||||
}
|
||||
|
||||
// Add all repositories to the team if it has access to all of them.
|
||||
if t.IncludesAllRepositories {
|
||||
err = t.addAllRepositories(sess)
|
||||
if err != nil {
|
||||
return fmt.Errorf("addAllRepositories: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
// Update organization number of teams.
|
||||
if _, err = sess.Exec("UPDATE `user` SET num_teams=num_teams+1 WHERE id = ?", t.OrgID); err != nil {
|
||||
errRollback := sess.Rollback()
|
||||
|
|
@ -446,7 +484,7 @@ func GetTeamByID(teamID int64) (*Team, error) {
|
|||
}
|
||||
|
||||
// UpdateTeam updates information of team.
|
||||
func UpdateTeam(t *Team, authChanged bool) (err error) {
|
||||
func UpdateTeam(t *Team, authChanged bool, includeAllChanged bool) (err error) {
|
||||
if len(t.Name) == 0 {
|
||||
return errors.New("empty team name")
|
||||
}
|
||||
|
|
@ -511,6 +549,14 @@ func UpdateTeam(t *Team, authChanged bool) (err error) {
|
|||
}
|
||||
}
|
||||
|
||||
// Add all repositories to the team if it has access to all of them.
|
||||
if includeAllChanged && t.IncludesAllRepositories {
|
||||
err = t.addAllRepositories(sess)
|
||||
if err != nil {
|
||||
return fmt.Errorf("addAllRepositories: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
return sess.Commit()
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue