org/members: display 2FA members states + optimize sql requests (#7621)
* org/members: display 2FA state * fix comment typo * lay down UserList bases * add basic test for previous methods * add comment for UserList type * add valid two-fa account * test new UserList methods * optimize MembersIsPublic by side loading info on GetMembers + fix integrations tests * respect fmt rules * use map for data * Optimize GetTwoFaStatus * rewrite by using existing sub func * Optimize IsUserOrgOwner * remove un-used code * tests: cover empty org + fix import order * tests: add ErrTeamNotExist path * tests: fix wrong expected resultrelease/v1.10
parent
3566d2c860
commit
76408d50fb
@ -0,0 +1,9 @@
|
|||||||
|
-
|
||||||
|
id: 1
|
||||||
|
uid: 24
|
||||||
|
secret: KlDporn6Ile4vFcKI8z7Z6sqK1Scj2Qp0ovtUzCZO6jVbRW2lAoT7UDxDPtrab8d2B9zKOocBRdBJnS8orsrUNrsyETY+jJHb79M82uZRioKbRUz15sfOpmJmEzkFeSg6S4LicUBQos=
|
||||||
|
scratch_salt: Qb5bq2DyR2
|
||||||
|
scratch_hash: 068eb9b8746e0bcfe332fac4457693df1bda55800eb0f6894d14ebb736ae6a24e0fc8fc5333c19f57f81599788f0b8e51ec1
|
||||||
|
last_used_passcode:
|
||||||
|
created_unix: 1564253724
|
||||||
|
updated_unix: 1564253724
|
@ -0,0 +1,95 @@
|
|||||||
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package models
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/modules/log"
|
||||||
|
)
|
||||||
|
|
||||||
|
//UserList is a list of user.
|
||||||
|
// This type provide valuable methods to retrieve information for a group of users efficiently.
|
||||||
|
type UserList []*User
|
||||||
|
|
||||||
|
func (users UserList) getUserIDs() []int64 {
|
||||||
|
userIDs := make([]int64, len(users))
|
||||||
|
for _, user := range users {
|
||||||
|
userIDs = append(userIDs, user.ID) //Considering that user id are unique in the list
|
||||||
|
}
|
||||||
|
return userIDs
|
||||||
|
}
|
||||||
|
|
||||||
|
// IsUserOrgOwner returns true if user is in the owner team of given organization.
|
||||||
|
func (users UserList) IsUserOrgOwner(orgID int64) map[int64]bool {
|
||||||
|
results := make(map[int64]bool, len(users))
|
||||||
|
for _, user := range users {
|
||||||
|
results[user.ID] = false //Set default to false
|
||||||
|
}
|
||||||
|
ownerMaps, err := users.loadOrganizationOwners(x, orgID)
|
||||||
|
if err == nil {
|
||||||
|
for _, owner := range ownerMaps {
|
||||||
|
results[owner.UID] = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return results
|
||||||
|
}
|
||||||
|
|
||||||
|
func (users UserList) loadOrganizationOwners(e Engine, orgID int64) (map[int64]*TeamUser, error) {
|
||||||
|
if len(users) == 0 {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
ownerTeam, err := getOwnerTeam(e, orgID)
|
||||||
|
if err != nil {
|
||||||
|
if err == ErrTeamNotExist {
|
||||||
|
log.Error("Organization does not have owner team: %d", orgID)
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
userIDs := users.getUserIDs()
|
||||||
|
ownerMaps := make(map[int64]*TeamUser)
|
||||||
|
err = e.In("uid", userIDs).
|
||||||
|
And("org_id=?", orgID).
|
||||||
|
And("team_id=?", ownerTeam.ID).
|
||||||
|
Find(&ownerMaps)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("find team users: %v", err)
|
||||||
|
}
|
||||||
|
return ownerMaps, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetTwoFaStatus return state of 2FA enrollement
|
||||||
|
func (users UserList) GetTwoFaStatus() map[int64]bool {
|
||||||
|
results := make(map[int64]bool, len(users))
|
||||||
|
for _, user := range users {
|
||||||
|
results[user.ID] = false //Set default to false
|
||||||
|
}
|
||||||
|
tokenMaps, err := users.loadTwoFactorStatus(x)
|
||||||
|
if err == nil {
|
||||||
|
for _, token := range tokenMaps {
|
||||||
|
results[token.UID] = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return results
|
||||||
|
}
|
||||||
|
|
||||||
|
func (users UserList) loadTwoFactorStatus(e Engine) (map[int64]*TwoFactor, error) {
|
||||||
|
if len(users) == 0 {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
userIDs := users.getUserIDs()
|
||||||
|
tokenMaps := make(map[int64]*TwoFactor, len(userIDs))
|
||||||
|
err := e.
|
||||||
|
In("uid", userIDs).
|
||||||
|
Find(&tokenMaps)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("find two factor: %v", err)
|
||||||
|
}
|
||||||
|
return tokenMaps, nil
|
||||||
|
}
|
@ -0,0 +1,90 @@
|
|||||||
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package models
|
||||||
|
|
||||||
|
import (
|
||||||
|
"fmt"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func TestUserListIsPublicMember(t *testing.T) {
|
||||||
|
assert.NoError(t, PrepareTestDatabase())
|
||||||
|
tt := []struct {
|
||||||
|
orgid int64
|
||||||
|
expected map[int64]bool
|
||||||
|
}{
|
||||||
|
{3, map[int64]bool{2: true, 4: false}},
|
||||||
|
{6, map[int64]bool{5: true}},
|
||||||
|
{7, map[int64]bool{5: false}},
|
||||||
|
{25, map[int64]bool{24: true}},
|
||||||
|
{22, map[int64]bool{}},
|
||||||
|
}
|
||||||
|
for _, v := range tt {
|
||||||
|
t.Run(fmt.Sprintf("IsPublicMemberOfOrdIg%d", v.orgid), func(t *testing.T) {
|
||||||
|
testUserListIsPublicMember(t, v.orgid, v.expected)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
func testUserListIsPublicMember(t *testing.T, orgID int64, expected map[int64]bool) {
|
||||||
|
org, err := GetUserByID(orgID)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.NoError(t, org.GetMembers())
|
||||||
|
assert.Equal(t, expected, org.MembersIsPublic)
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestUserListIsUserOrgOwner(t *testing.T) {
|
||||||
|
assert.NoError(t, PrepareTestDatabase())
|
||||||
|
tt := []struct {
|
||||||
|
orgid int64
|
||||||
|
expected map[int64]bool
|
||||||
|
}{
|
||||||
|
{3, map[int64]bool{2: true, 4: false}},
|
||||||
|
{6, map[int64]bool{5: true}},
|
||||||
|
{7, map[int64]bool{5: true}},
|
||||||
|
{25, map[int64]bool{24: false}}, // ErrTeamNotExist
|
||||||
|
{22, map[int64]bool{}}, // No member
|
||||||
|
}
|
||||||
|
for _, v := range tt {
|
||||||
|
t.Run(fmt.Sprintf("IsUserOrgOwnerOfOrdIg%d", v.orgid), func(t *testing.T) {
|
||||||
|
testUserListIsUserOrgOwner(t, v.orgid, v.expected)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func testUserListIsUserOrgOwner(t *testing.T, orgID int64, expected map[int64]bool) {
|
||||||
|
org, err := GetUserByID(orgID)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.NoError(t, org.GetMembers())
|
||||||
|
assert.Equal(t, expected, org.Members.IsUserOrgOwner(orgID))
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestUserListIsTwoFaEnrolled(t *testing.T) {
|
||||||
|
assert.NoError(t, PrepareTestDatabase())
|
||||||
|
tt := []struct {
|
||||||
|
orgid int64
|
||||||
|
expected map[int64]bool
|
||||||
|
}{
|
||||||
|
{3, map[int64]bool{2: false, 4: false}},
|
||||||
|
{6, map[int64]bool{5: false}},
|
||||||
|
{7, map[int64]bool{5: false}},
|
||||||
|
{25, map[int64]bool{24: true}},
|
||||||
|
{22, map[int64]bool{}},
|
||||||
|
}
|
||||||
|
for _, v := range tt {
|
||||||
|
t.Run(fmt.Sprintf("IsTwoFaEnrolledOfOrdIg%d", v.orgid), func(t *testing.T) {
|
||||||
|
testUserListIsTwoFaEnrolled(t, v.orgid, v.expected)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func testUserListIsTwoFaEnrolled(t *testing.T, orgID int64, expected map[int64]bool) {
|
||||||
|
org, err := GetUserByID(orgID)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.NoError(t, org.GetMembers())
|
||||||
|
assert.Equal(t, expected, org.Members.GetTwoFaStatus())
|
||||||
|
}
|
Loading…
Reference in new issue