Bug fixes for repo permissions in API

Also move duplicated code into repo.APIFormat(..)
2016-12-05 18:48:51 -05:00 · 2016-12-05 18:48:51 -05:00 · 04b9a7e7a2
commit 04b9a7e7a2
parent 08b9af9ad8
7 changed files with 45 additions and 26 deletions
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@ -95,16 +95,12 @@ func ListMyRepos(ctx *context.APIContext) {

 	repos := make([]*api.Repository, numOwnRepos+len(accessibleRepos))
 	for i := range ownRepos {
-		repos[i] = ownRepos[i].APIFormat(&api.Permission{true, true, true})
+		repos[i] = ownRepos[i].APIFormat(models.AccessModeOwner)
 	}
 	i := numOwnRepos

 	for repo, access := range accessibleRepos {
-		repos[i] = repo.APIFormat(&api.Permission{
-			Admin: access >= models.AccessModeAdmin,
-			Push:  access >= models.AccessModeWrite,
-			Pull:  true,
-		})
+		repos[i] = repo.APIFormat(access)
 		i++
 	}

@ -138,7 +134,7 @@ func CreateUserRepo(ctx *context.APIContext, owner *models.User, opt api.CreateR
 		return
 	}

-	ctx.JSON(201, repo.APIFormat(&api.Permission{true, true, true}))
+	ctx.JSON(201, repo.APIFormat(models.AccessModeOwner))
 }

 // Create one repository of mine
@ -241,14 +237,19 @@ func Migrate(ctx *context.APIContext, form auth.MigrateRepoForm) {
 	}

 	log.Trace("Repository migrated: %s/%s", ctxUser.Name, form.RepoName)
-	ctx.JSON(201, repo.APIFormat(&api.Permission{true, true, true}))
+	ctx.JSON(201, repo.APIFormat(models.AccessModeAdmin))
 }

 // Get one repository
 // see https://github.com/gogits/go-gogs-client/wiki/Repositories#get
 func Get(ctx *context.APIContext) {
 	repo := ctx.Repo.Repository
-	ctx.JSON(200, repo.APIFormat(&api.Permission{true, true, true}))
+	access, err := models.AccessLevel(ctx.User, repo)
+	if err != nil {
+		ctx.Error(500, "GetRepository", err)
+		return
+	}
+	ctx.JSON(200, repo.APIFormat(access))
 }

 // GetByID returns a single Repository
@ -263,7 +264,12 @@ func GetByID(ctx *context.APIContext) {
 		return
 	}

-	ctx.JSON(200, repo.APIFormat(&api.Permission{true, true, true}))
+	access, err := models.AccessLevel(ctx.User, repo)
+	if err != nil {
+		ctx.Error(500, "GetRepositoryByID", err)
+		return
+	}
+	ctx.JSON(200, repo.APIFormat(access))
 }

 // Delete one repository
--- a/routers/api/v1/user/star.go
+++ b/routers/api/v1/user/star.go
@ -18,9 +18,17 @@ func getStarredRepos(userID int64, private bool) ([]*api.Repository, error) {
 	if err != nil {
 		return nil, err
 	}
+	user, err := models.GetUserByID(userID)
+	if err != nil {
+		return nil, err
+	}
 	repos := make([]*api.Repository, len(starredRepos))
 	for i, starred := range starredRepos {
-		repos[i] = starred.APIFormat(&api.Permission{true, true, true})
+		access, err := models.AccessLevel(user, starred)
+		if err != nil {
+			return nil, err
+		}
+		repos[i] = starred.APIFormat(access)
 	}
 	return repos, nil
 }
--- a/routers/repo/webhook.go
+++ b/routers/repo/webhook.go
@ -388,7 +388,7 @@ func TestWebhook(ctx *context.Context) {
 				},
 			},
 		},
-		Repo:   ctx.Repo.Repository.APIFormat(nil),
+		Repo:   ctx.Repo.Repository.APIFormat(models.AccessModeNone),
 		Pusher: apiUser,
 		Sender: apiUser,
 	}