Fix ignored errors when checking if organization, team member (#3177)
This commit is contained in:
Ethan Koenig
Lauris BH
parent
529482135c
commit
515cdaa85d
16 changed files with 281 additions and 144 deletions
|
|
@ -177,7 +177,10 @@ func reqOrgMembership() macaron.Handler {
|
|||
return
|
||||
}
|
||||
|
||||
if !models.IsOrganizationMember(orgID, ctx.User.ID) {
|
||||
if isMember, err := models.IsOrganizationMember(orgID, ctx.User.ID); err != nil {
|
||||
ctx.Error(500, "IsOrganizationMember", err)
|
||||
return
|
||||
} else if !isMember {
|
||||
if ctx.Org.Organization != nil {
|
||||
ctx.Error(403, "", "Must be an organization member")
|
||||
} else {
|
||||
|
|
@ -200,7 +203,10 @@ func reqOrgOwnership() macaron.Handler {
|
|||
return
|
||||
}
|
||||
|
||||
if !models.IsOrganizationOwner(orgID, ctx.User.ID) {
|
||||
isOwner, err := models.IsOrganizationOwner(orgID, ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Error(500, "IsOrganizationOwner", err)
|
||||
} else if !isOwner {
|
||||
if ctx.Org.Organization != nil {
|
||||
ctx.Error(403, "", "Must be an organization owner")
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -67,7 +67,15 @@ func ListMembers(ctx *context.APIContext) {
|
|||
// responses:
|
||||
// "200":
|
||||
// "$ref": "#/responses/UserList"
|
||||
publicOnly := ctx.User == nil || !ctx.Org.Organization.IsOrgMember(ctx.User.ID)
|
||||
publicOnly := true
|
||||
if ctx.User != nil {
|
||||
isMember, err := ctx.Org.Organization.IsOrgMember(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Error(500, "IsOrgMember", err)
|
||||
return
|
||||
}
|
||||
publicOnly = !isMember
|
||||
}
|
||||
listMembers(ctx, publicOnly)
|
||||
}
|
||||
|
||||
|
|
@ -119,19 +127,30 @@ func IsMember(ctx *context.APIContext) {
|
|||
if ctx.Written() {
|
||||
return
|
||||
}
|
||||
if ctx.User != nil && ctx.Org.Organization.IsOrgMember(ctx.User.ID) {
|
||||
if ctx.Org.Organization.IsOrgMember(userToCheck.ID) {
|
||||
ctx.Status(204)
|
||||
} else {
|
||||
if ctx.User != nil {
|
||||
userIsMember, err := ctx.Org.Organization.IsOrgMember(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Error(500, "IsOrgMember", err)
|
||||
return
|
||||
} else if userIsMember {
|
||||
userToCheckIsMember, err := ctx.Org.Organization.IsOrgMember(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Error(500, "IsOrgMember", err)
|
||||
} else if userToCheckIsMember {
|
||||
ctx.Status(204)
|
||||
} else {
|
||||
ctx.Status(404)
|
||||
}
|
||||
return
|
||||
} else if ctx.User.ID == userToCheck.ID {
|
||||
ctx.Status(404)
|
||||
return
|
||||
}
|
||||
} else if ctx.User != nil && ctx.User.ID == userToCheck.ID {
|
||||
ctx.Status(404)
|
||||
} else {
|
||||
redirectURL := fmt.Sprintf("%sapi/v1/orgs/%s/public_members/%s",
|
||||
setting.AppURL, ctx.Org.Organization.Name, userToCheck.Name)
|
||||
ctx.Redirect(redirectURL, 302)
|
||||
}
|
||||
|
||||
redirectURL := fmt.Sprintf("%sapi/v1/orgs/%s/public_members/%s",
|
||||
setting.AppURL, ctx.Org.Organization.Name, userToCheck.Name)
|
||||
ctx.Redirect(redirectURL, 302)
|
||||
}
|
||||
|
||||
// IsPublicMember check if a user is a public member of an organization
|
||||
|
|
|
|||
|
|
@ -176,7 +176,11 @@ func GetTeamMembers(ctx *context.APIContext) {
|
|||
// responses:
|
||||
// "200":
|
||||
// "$ref": "#/responses/UserList"
|
||||
if !models.IsOrganizationMember(ctx.Org.Team.OrgID, ctx.User.ID) {
|
||||
isMember, err := models.IsOrganizationMember(ctx.Org.Team.OrgID, ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Error(500, "IsOrganizationMember", err)
|
||||
return
|
||||
} else if !isMember {
|
||||
ctx.Status(404)
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -89,7 +89,11 @@ func CreateFork(ctx *context.APIContext, form api.CreateForkOption) {
|
|||
}
|
||||
return
|
||||
}
|
||||
if !org.IsOrgMember(ctx.User.ID) {
|
||||
isMember, err := org.IsOrgMember(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "IsOrgMember", err)
|
||||
return
|
||||
} else if !isMember {
|
||||
ctx.Status(403)
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -108,8 +108,19 @@ func Search(ctx *context.APIContext) {
|
|||
}
|
||||
|
||||
// Check visibility.
|
||||
if ctx.IsSigned && (ctx.User.ID == repoOwner.ID || (repoOwner.IsOrganization() && repoOwner.IsOwnedBy(ctx.User.ID))) {
|
||||
opts.Private = true
|
||||
if ctx.IsSigned {
|
||||
if ctx.User.ID == repoOwner.ID {
|
||||
opts.Private = true
|
||||
} else if repoOwner.IsOrganization() {
|
||||
opts.Private, err = repoOwner.IsOwnedBy(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.JSON(500, api.SearchError{
|
||||
OK: false,
|
||||
Error: err.Error(),
|
||||
})
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -245,7 +256,11 @@ func CreateOrgRepo(ctx *context.APIContext, opt api.CreateRepoOption) {
|
|||
return
|
||||
}
|
||||
|
||||
if !org.IsOwnedBy(ctx.User.ID) {
|
||||
isOwner, err := org.IsOwnedBy(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "IsOwnedBy", err)
|
||||
return
|
||||
} else if !isOwner {
|
||||
ctx.Error(403, "", "Given user is not owner of organization.")
|
||||
return
|
||||
}
|
||||
|
|
@ -292,7 +307,11 @@ func Migrate(ctx *context.APIContext, form auth.MigrateRepoForm) {
|
|||
|
||||
if ctxUser.IsOrganization() && !ctx.User.IsAdmin {
|
||||
// Check ownership of organization.
|
||||
if !ctxUser.IsOwnedBy(ctx.User.ID) {
|
||||
isOwner, err := ctxUser.IsOwnedBy(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Error(500, "IsOwnedBy", err)
|
||||
return
|
||||
} else if !isOwner {
|
||||
ctx.Error(403, "", "Given user is not owner of organization.")
|
||||
return
|
||||
}
|
||||
|
|
@ -431,9 +450,15 @@ func Delete(ctx *context.APIContext) {
|
|||
owner := ctx.Repo.Owner
|
||||
repo := ctx.Repo.Repository
|
||||
|
||||
if owner.IsOrganization() && !owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(403, "", "Given user is not owner of organization.")
|
||||
return
|
||||
if owner.IsOrganization() {
|
||||
isOwner, err := owner.IsOwnedBy(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Error(500, "IsOwnedBy", err)
|
||||
return
|
||||
} else if !isOwner {
|
||||
ctx.Error(403, "", "Given user is not owner of organization.")
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if err := models.DeleteRepository(ctx.User, owner.ID, repo.ID); err != nil {
|
||||
|
|
|
|||
|
|
@ -475,6 +475,26 @@ func NewIssuePost(ctx *context.Context, form auth.CreateIssueForm) {
|
|||
ctx.Redirect(ctx.Repo.RepoLink + "/issues/" + com.ToStr(issue.Index))
|
||||
}
|
||||
|
||||
// commentTag returns the CommentTag for a comment in/with the given repo, poster and issue
|
||||
func commentTag(repo *models.Repository, poster *models.User, issue *models.Issue) (models.CommentTag, error) {
|
||||
if repo.IsOwnedBy(poster.ID) {
|
||||
return models.CommentTagOwner, nil
|
||||
} else if repo.Owner.IsOrganization() {
|
||||
isOwner, err := repo.Owner.IsOwnedBy(poster.ID)
|
||||
if err != nil {
|
||||
return models.CommentTagNone, err
|
||||
} else if isOwner {
|
||||
return models.CommentTagOwner, nil
|
||||
}
|
||||
}
|
||||
if poster.IsWriterOfRepo(repo) {
|
||||
return models.CommentTagWriter, nil
|
||||
} else if poster.ID == issue.PosterID {
|
||||
return models.CommentTagPoster, nil
|
||||
}
|
||||
return models.CommentTagNone, nil
|
||||
}
|
||||
|
||||
// ViewIssue render issue view page
|
||||
func ViewIssue(ctx *context.Context) {
|
||||
ctx.Data["RequireHighlightJS"] = true
|
||||
|
|
@ -644,15 +664,11 @@ func ViewIssue(ctx *context.Context) {
|
|||
continue
|
||||
}
|
||||
|
||||
if repo.IsOwnedBy(comment.PosterID) ||
|
||||
(repo.Owner.IsOrganization() && repo.Owner.IsOwnedBy(comment.PosterID)) {
|
||||
comment.ShowTag = models.CommentTagOwner
|
||||
} else if comment.Poster.IsWriterOfRepo(repo) {
|
||||
comment.ShowTag = models.CommentTagWriter
|
||||
} else if comment.PosterID == issue.PosterID {
|
||||
comment.ShowTag = models.CommentTagPoster
|
||||
comment.ShowTag, err = commentTag(repo, comment.Poster, issue)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "commentTag", err)
|
||||
return
|
||||
}
|
||||
|
||||
marked[comment.PosterID] = comment.ShowTag
|
||||
|
||||
isAdded := false
|
||||
|
|
|
|||
|
|
@ -173,7 +173,11 @@ func ForkPost(ctx *context.Context, form auth.CreateRepoForm) {
|
|||
|
||||
// Check ownership of organization.
|
||||
if ctxUser.IsOrganization() {
|
||||
if !ctxUser.IsOwnedBy(ctx.User.ID) {
|
||||
isOwner, err := ctxUser.IsOwnedBy(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "IsOwnedBy", err)
|
||||
return
|
||||
} else if !isOwner {
|
||||
ctx.Error(403)
|
||||
return
|
||||
}
|
||||
|
|
|
|||
|
|
@ -74,10 +74,20 @@ func checkContextUser(ctx *context.Context, uid int64) *models.User {
|
|||
}
|
||||
|
||||
// Check ownership of organization.
|
||||
if !org.IsOrganization() || !(ctx.User.IsAdmin || org.IsOwnedBy(ctx.User.ID)) {
|
||||
if !org.IsOrganization() {
|
||||
ctx.Error(403)
|
||||
return nil
|
||||
}
|
||||
if !ctx.User.IsAdmin {
|
||||
isOwner, err := org.IsOwnedBy(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "IsOwnedBy", err)
|
||||
return nil
|
||||
} else if !isOwner {
|
||||
ctx.Error(403)
|
||||
return nil
|
||||
}
|
||||
}
|
||||
return org
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -234,13 +234,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
|
|||
return
|
||||
}
|
||||
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(404)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if !repo.IsMirror {
|
||||
ctx.Error(404)
|
||||
return
|
||||
|
|
@ -268,13 +261,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
|
|||
return
|
||||
}
|
||||
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(404)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
newOwner := ctx.Query("new_owner_name")
|
||||
isExist, err := models.IsUserExist(0, newOwner)
|
||||
if err != nil {
|
||||
|
|
@ -307,13 +293,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
|
|||
return
|
||||
}
|
||||
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(404)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if err := models.DeleteRepository(ctx.User, ctx.Repo.Owner.ID, repo.ID); err != nil {
|
||||
ctx.Handle(500, "DeleteRepository", err)
|
||||
return
|
||||
|
|
@ -333,13 +312,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
|
|||
return
|
||||
}
|
||||
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(404)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
repo.DeleteWiki()
|
||||
log.Trace("Repository wiki deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
|
||||
|
||||
|
|
@ -393,10 +365,16 @@ func CollaborationPost(ctx *context.Context) {
|
|||
}
|
||||
|
||||
// Check if user is organization member.
|
||||
if ctx.Repo.Owner.IsOrganization() && ctx.Repo.Owner.IsOrgMember(u.ID) {
|
||||
ctx.Flash.Info(ctx.Tr("repo.settings.user_is_org_member"))
|
||||
ctx.Redirect(ctx.Repo.RepoLink + "/settings/collaboration")
|
||||
return
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
isMember, err := ctx.Repo.Owner.IsOrgMember(u.ID)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "IsOrgMember", err)
|
||||
return
|
||||
} else if isMember {
|
||||
ctx.Flash.Info(ctx.Tr("repo.settings.user_is_org_member"))
|
||||
ctx.Redirect(ctx.Repo.RepoLink + "/settings/collaboration")
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if err = ctx.Repo.Repository.AddCollaborator(u); err != nil {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue