mirror of
				https://codeberg.org/forgejo/forgejo.git
				synced 2025-10-25 11:33:11 +00:00 
			
		
		
		
	The old code generates `structs.Repository.Permissions` with only `access.Permission.AccessMode`, however, it should check the units too, or the value could be incorrect. For example, `structs.Repository.Permissions.Push` could be false even the doer has write access to code unit. Should fix https://github.com/renovatebot/renovate/issues/14059#issuecomment-1047961128 (Not reported by it, I just found it when I was looking into this bug) --- Review tips: The major changes are - `modules/structs/repo.go` https://github.com/go-gitea/gitea/pull/25388/files#diff-870406f6857117f8b03611c43fca0ab9ed6d6e76a2d0069a7c1f17e8fa9092f7 - `services/convert/repository.go` https://github.com/go-gitea/gitea/pull/25388/files#diff-7736f6d2ae894c9edb7729a80ab89aa183b888a26a811a0c1fdebd18726a7101 And other changes are passive.
		
			
				
	
	
		
			165 lines
		
	
	
	
		
			4.6 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			165 lines
		
	
	
	
		
			4.6 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Copyright 2017 The Gitea Authors. All rights reserved.
 | |
| // SPDX-License-Identifier: MIT
 | |
| 
 | |
| package user
 | |
| 
 | |
| import (
 | |
| 	"net/http"
 | |
| 
 | |
| 	"code.gitea.io/gitea/models/perm"
 | |
| 	access_model "code.gitea.io/gitea/models/perm/access"
 | |
| 	repo_model "code.gitea.io/gitea/models/repo"
 | |
| 	unit_model "code.gitea.io/gitea/models/unit"
 | |
| 	user_model "code.gitea.io/gitea/models/user"
 | |
| 	"code.gitea.io/gitea/modules/context"
 | |
| 	api "code.gitea.io/gitea/modules/structs"
 | |
| 	"code.gitea.io/gitea/routers/api/v1/utils"
 | |
| 	"code.gitea.io/gitea/services/convert"
 | |
| )
 | |
| 
 | |
| // listUserRepos - List the repositories owned by the given user.
 | |
| func listUserRepos(ctx *context.APIContext, u *user_model.User, private bool) {
 | |
| 	opts := utils.GetListOptions(ctx)
 | |
| 
 | |
| 	repos, count, err := repo_model.GetUserRepositories(&repo_model.SearchRepoOptions{
 | |
| 		Actor:       u,
 | |
| 		Private:     private,
 | |
| 		ListOptions: opts,
 | |
| 		OrderBy:     "id ASC",
 | |
| 	})
 | |
| 	if err != nil {
 | |
| 		ctx.Error(http.StatusInternalServerError, "GetUserRepositories", err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	if err := repos.LoadAttributes(ctx); err != nil {
 | |
| 		ctx.Error(http.StatusInternalServerError, "RepositoryList.LoadAttributes", err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	apiRepos := make([]*api.Repository, 0, len(repos))
 | |
| 	for i := range repos {
 | |
| 		permission, err := access_model.GetUserRepoPermission(ctx, repos[i], ctx.Doer)
 | |
| 		if err != nil {
 | |
| 			ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
 | |
| 			return
 | |
| 		}
 | |
| 		if ctx.IsSigned && ctx.Doer.IsAdmin || permission.UnitAccessMode(unit_model.TypeCode) >= perm.AccessModeRead {
 | |
| 			apiRepos = append(apiRepos, convert.ToRepo(ctx, repos[i], permission))
 | |
| 		}
 | |
| 	}
 | |
| 
 | |
| 	ctx.SetLinkHeader(int(count), opts.PageSize)
 | |
| 	ctx.SetTotalCountHeader(count)
 | |
| 	ctx.JSON(http.StatusOK, &apiRepos)
 | |
| }
 | |
| 
 | |
| // ListUserRepos - list the repos owned by the given user.
 | |
| func ListUserRepos(ctx *context.APIContext) {
 | |
| 	// swagger:operation GET /users/{username}/repos user userListRepos
 | |
| 	// ---
 | |
| 	// summary: List the repos owned by the given user
 | |
| 	// produces:
 | |
| 	// - application/json
 | |
| 	// parameters:
 | |
| 	// - name: username
 | |
| 	//   in: path
 | |
| 	//   description: username of user
 | |
| 	//   type: string
 | |
| 	//   required: true
 | |
| 	// - name: page
 | |
| 	//   in: query
 | |
| 	//   description: page number of results to return (1-based)
 | |
| 	//   type: integer
 | |
| 	// - name: limit
 | |
| 	//   in: query
 | |
| 	//   description: page size of results
 | |
| 	//   type: integer
 | |
| 	// responses:
 | |
| 	//   "200":
 | |
| 	//     "$ref": "#/responses/RepositoryList"
 | |
| 
 | |
| 	private := ctx.IsSigned
 | |
| 	listUserRepos(ctx, ctx.ContextUser, private)
 | |
| }
 | |
| 
 | |
| // ListMyRepos - list the repositories you own or have access to.
 | |
| func ListMyRepos(ctx *context.APIContext) {
 | |
| 	// swagger:operation GET /user/repos user userCurrentListRepos
 | |
| 	// ---
 | |
| 	// summary: List the repos that the authenticated user owns
 | |
| 	// produces:
 | |
| 	// - application/json
 | |
| 	// parameters:
 | |
| 	// - name: page
 | |
| 	//   in: query
 | |
| 	//   description: page number of results to return (1-based)
 | |
| 	//   type: integer
 | |
| 	// - name: limit
 | |
| 	//   in: query
 | |
| 	//   description: page size of results
 | |
| 	//   type: integer
 | |
| 	// responses:
 | |
| 	//   "200":
 | |
| 	//     "$ref": "#/responses/RepositoryList"
 | |
| 
 | |
| 	opts := &repo_model.SearchRepoOptions{
 | |
| 		ListOptions:        utils.GetListOptions(ctx),
 | |
| 		Actor:              ctx.Doer,
 | |
| 		OwnerID:            ctx.Doer.ID,
 | |
| 		Private:            ctx.IsSigned,
 | |
| 		IncludeDescription: true,
 | |
| 	}
 | |
| 
 | |
| 	var err error
 | |
| 	repos, count, err := repo_model.SearchRepository(ctx, opts)
 | |
| 	if err != nil {
 | |
| 		ctx.Error(http.StatusInternalServerError, "SearchRepository", err)
 | |
| 		return
 | |
| 	}
 | |
| 
 | |
| 	results := make([]*api.Repository, len(repos))
 | |
| 	for i, repo := range repos {
 | |
| 		if err = repo.LoadOwner(ctx); err != nil {
 | |
| 			ctx.Error(http.StatusInternalServerError, "LoadOwner", err)
 | |
| 			return
 | |
| 		}
 | |
| 		permission, err := access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
 | |
| 		if err != nil {
 | |
| 			ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
 | |
| 		}
 | |
| 		results[i] = convert.ToRepo(ctx, repo, permission)
 | |
| 	}
 | |
| 
 | |
| 	ctx.SetLinkHeader(int(count), opts.ListOptions.PageSize)
 | |
| 	ctx.SetTotalCountHeader(count)
 | |
| 	ctx.JSON(http.StatusOK, &results)
 | |
| }
 | |
| 
 | |
| // ListOrgRepos - list the repositories of an organization.
 | |
| func ListOrgRepos(ctx *context.APIContext) {
 | |
| 	// swagger:operation GET /orgs/{org}/repos organization orgListRepos
 | |
| 	// ---
 | |
| 	// summary: List an organization's repos
 | |
| 	// produces:
 | |
| 	// - application/json
 | |
| 	// parameters:
 | |
| 	// - name: org
 | |
| 	//   in: path
 | |
| 	//   description: name of the organization
 | |
| 	//   type: string
 | |
| 	//   required: true
 | |
| 	// - name: page
 | |
| 	//   in: query
 | |
| 	//   description: page number of results to return (1-based)
 | |
| 	//   type: integer
 | |
| 	// - name: limit
 | |
| 	//   in: query
 | |
| 	//   description: page size of results
 | |
| 	//   type: integer
 | |
| 	// responses:
 | |
| 	//   "200":
 | |
| 	//     "$ref": "#/responses/RepositoryList"
 | |
| 
 | |
| 	listUserRepos(ctx, ctx.Org.Organization.AsUser(), ctx.IsSigned)
 | |
| }
 |