diff --git a/cmd/web.go b/cmd/web.go index 383940a04..a38b65104 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -350,11 +350,14 @@ func runWeb(ctx *cli.Context) { m.Get("/members/action/:action", org.MembersAction) m.Get("/teams", org.Teams) + }, middleware.OrgAssignment(true)) + + m.Group("/:org", func() { m.Get("/teams/:team", org.TeamMembers) m.Get("/teams/:team/repositories", org.TeamRepositories) m.Route("/teams/:team/action/:action", "GET,POST", org.TeamsAction) m.Route("/teams/:team/action/repo/:action", "GET,POST", org.TeamsRepoAction) - }, middleware.OrgAssignment(true)) + }, middleware.OrgAssignment(true, false, true)) m.Group("/:org", func() { m.Get("/teams/new", org.NewTeam) diff --git a/models/org.go b/models/org.go index 3de89e4bd..684444559 100644 --- a/models/org.go +++ b/models/org.go @@ -9,6 +9,7 @@ import ( "fmt" "os" "strings" + "strconv" "github.com/go-xorm/xorm" ) @@ -1048,3 +1049,59 @@ func removeOrgRepo(e Engine, orgID, repoID int64) error { func RemoveOrgRepo(orgID, repoID int64) error { return removeOrgRepo(x, orgID, repoID) } + +// GetUserRepositories gets all repositories of an organization, +// that the user with the given userID has access to. +func (org *User) GetUserRepositories(userID int64) (err error) { + teams := make([]*Team, 0, 10) + if err := x.Cols("`team`.id"). + Where("`team_user`.org_id=?", org.Id). + And("`team_user`.uid=?", userID). + Join("INNER", "`team_user`", "`team_user`.team_id=`team`.id"). + Find(&teams); err != nil { + return fmt.Errorf("getUserRepositories: get teams: %v", err) + } + + var teamIDs []string + for _, team := range teams { + teamIDs = append(teamIDs, strconv.FormatInt(team.ID, 10)) + } + if len(teamIDs) == 0 { + // user has no team but "IN ()" is invalid SQL + teamIDs = append(teamIDs, "-1") // there is no repo with id=-1 + } + + // Due to a bug in xorm using IN() together with OR() is impossible. + // As a workaround, we have to build the IN statement on our own, until this is fixed. + // https://github.com/go-xorm/xorm/issues/342 + + if err := x.Cols("`repository`.*"). + Join("INNER", "`team_repo`", "`team_repo`.repo_id=`repository`.id"). + Where("`repository`.owner_id=?", org.Id). + And("`repository`.is_private=?", false). + Or("`team_repo`.team_id=(?)", strings.Join(teamIDs, ",")). + GroupBy("`repository`.id"). + Find(&org.Repos); err != nil { + return fmt.Errorf("getUserRepositories: get repositories: %v", err) + } + + org.NumRepos = len(org.Repos) + + return +} + +// GetTeams returns all teams that belong to organization, +// and that the user has joined. +func (org *User) GetUserTeams(userID int64) (err error) { + if err := x.Cols("`team`.*"). + Where("`team_user`.org_id=?", org.Id). + And("`team_user`.uid=?", userID). + Join("INNER", "`team_user`", "`team_user`.team_id=`team`.id"). + Find(&org.Teams); err != nil { + return fmt.Errorf("getUserTeams: %v", err) + } + + org.NumTeams = len(org.Teams) + + return +} diff --git a/modules/middleware/context.go b/modules/middleware/context.go index d58967b89..cd11c08b1 100644 --- a/modules/middleware/context.go +++ b/modules/middleware/context.go @@ -65,7 +65,8 @@ type Context struct { Org struct { IsOwner bool IsMember bool - IsAdminTeam bool // In owner team or team that has admin permission level. + IsTeamMember bool // Is member of team. + IsTeamAdmin bool // In owner team or team that has admin permission level. Organization *models.User OrgLink string diff --git a/modules/middleware/org.go b/modules/middleware/org.go index 37ba4deb1..eb71020e6 100644 --- a/modules/middleware/org.go +++ b/modules/middleware/org.go @@ -5,6 +5,8 @@ package middleware import ( + "strings" + "gopkg.in/macaron.v1" "github.com/gogits/gogs/models" @@ -13,9 +15,10 @@ import ( func HandleOrgAssignment(ctx *Context, args ...bool) { var ( - requireMember bool - requireOwner bool - requireAdminTeam bool + requireMember bool + requireOwner bool + requireTeamMember bool + requireTeamAdmin bool ) if len(args) >= 1 { requireMember = args[0] @@ -24,7 +27,10 @@ func HandleOrgAssignment(ctx *Context, args ...bool) { requireOwner = args[1] } if len(args) >= 3 { - requireAdminTeam = args[2] + requireTeamMember = args[2] + } + if len(args) >= 4 { + requireTeamAdmin = args[3] } orgName := ctx.Params(":org") @@ -52,12 +58,14 @@ func HandleOrgAssignment(ctx *Context, args ...bool) { if ctx.IsSigned && ctx.User.IsAdmin { ctx.Org.IsOwner = true ctx.Org.IsMember = true - ctx.Org.IsAdminTeam = true + ctx.Org.IsTeamMember = true + ctx.Org.IsTeamAdmin = true } else if ctx.IsSigned { ctx.Org.IsOwner = org.IsOwnedBy(ctx.User.Id) if ctx.Org.IsOwner { ctx.Org.IsMember = true - ctx.Org.IsAdminTeam = true + ctx.Org.IsTeamMember = true + ctx.Org.IsTeamAdmin = true } else { if org.IsOrgMember(ctx.User.Id) { ctx.Org.IsMember = true @@ -79,24 +87,51 @@ func HandleOrgAssignment(ctx *Context, args ...bool) { ctx.Data["OrgLink"] = ctx.Org.OrgLink // Team. + if ctx.Org.IsMember { + if ctx.Org.IsOwner { + if err := org.GetTeams(); err != nil { + ctx.Handle(500, "GetUserTeams", err) + return + } + } else { + if err := org.GetUserTeams(ctx.User.Id); err != nil { + ctx.Handle(500, "GetUserTeams", err) + return + } + } + } + teamName := ctx.Params(":team") if len(teamName) > 0 { - ctx.Org.Team, err = org.GetTeam(teamName) - if err != nil { - if err == models.ErrTeamNotExist { - ctx.Handle(404, "GetTeam", err) - } else { - ctx.Handle(500, "GetTeam", err) + teamExists := false + for _, team := range org.Teams { + + if strings.ToLower(team.Name) == strings.ToLower(teamName) { + teamExists = true + ctx.Org.Team = team + ctx.Org.IsTeamMember = true + ctx.Data["Team"] = ctx.Org.Team + break } + } + + if !teamExists { + ctx.Handle(404, "OrgAssignment", err) + return + } + + ctx.Data["IsTeamMember"] = ctx.Org.IsTeamMember + if requireTeamMember && !ctx.Org.IsTeamMember { + ctx.Handle(404, "OrgAssignment", err) + return + } + + ctx.Org.IsTeamAdmin = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.Authorize >= models.ACCESS_MODE_ADMIN + ctx.Data["IsTeamAdmin"] = ctx.Org.IsTeamAdmin + if requireTeamAdmin && !ctx.Org.IsTeamAdmin { + ctx.Handle(404, "OrgAssignment", err) return } - ctx.Data["Team"] = ctx.Org.Team - ctx.Org.IsAdminTeam = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.Authorize >= models.ACCESS_MODE_ADMIN - } - ctx.Data["IsAdminTeam"] = ctx.Org.IsAdminTeam - if requireAdminTeam && !ctx.Org.IsAdminTeam { - ctx.Handle(404, "OrgAssignment", err) - return } } diff --git a/routers/org/teams.go b/routers/org/teams.go index b2128baab..e4a6afcf4 100644 --- a/routers/org/teams.go +++ b/routers/org/teams.go @@ -28,10 +28,6 @@ func Teams(ctx *middleware.Context) { ctx.Data["Title"] = org.FullName ctx.Data["PageIsOrgTeams"] = true - if err := org.GetTeams(); err != nil { - ctx.Handle(500, "GetTeams", err) - return - } for _, t := range org.Teams { if err := t.GetMembers(); err != nil { ctx.Handle(500, "GetMembers", err) diff --git a/routers/user/home.go b/routers/user/home.go index b5df5e367..61cda33be 100644 --- a/routers/user/home.go +++ b/routers/user/home.go @@ -183,11 +183,18 @@ func Issues(ctx *middleware.Context) { isShowClosed := ctx.Query("state") == "closed" // Get repositories. - repos, err := models.GetRepositories(ctxUser.Id, true) - if err != nil { - ctx.Handle(500, "GetRepositories", err) - return + if ctxUser.IsOrganization() { + if err := ctxUser.GetUserRepositories(ctx.User.Id); err != nil { + ctx.Handle(500, "GetRepositories", err) + return + } + } else { + if err := ctxUser.GetRepositories(); err != nil { + ctx.Handle(500, "GetRepositories", err) + return + } } + repos := ctxUser.Repos allCount := 0 repoIDs := make([]int64, 0, len(repos)) @@ -314,23 +321,27 @@ func showOrgProfile(ctx *middleware.Context) { org := ctx.Org.Organization ctx.Data["Title"] = org.FullName - repos, err := models.GetRepositories(org.Id, ctx.IsSigned && (ctx.User.IsAdmin || org.IsOrgMember(ctx.User.Id))) - if err != nil { - ctx.Handle(500, "GetRepositories", err) - return + if ctx.IsSigned { + if err := org.GetUserRepositories(ctx.User.Id); err != nil { + ctx.Handle(500, "GetUserRepositories", err) + return + } + ctx.Data["Repos"] = org.Repos + } else { + repos, err := models.GetRepositories(org.Id, false) + if err != nil { + ctx.Handle(500, "GetRepositories", err) + return + } + ctx.Data["Repos"] = repos } - ctx.Data["Repos"] = repos - if err = org.GetMembers(); err != nil { + if err := org.GetMembers(); err != nil { ctx.Handle(500, "GetMembers", err) return } ctx.Data["Members"] = org.Members - if err = org.GetTeams(); err != nil { - ctx.Handle(500, "GetTeams", err) - return - } ctx.Data["Teams"] = org.Teams ctx.HTML(200, ORG_HOME)