APIs: admin users

2015-12-05 17:13:13 -05:00 · 2015-12-05 17:13:13 -05:00 · 978dc00305
commit 978dc00305
parent bf26808fb3
8 changed files with 207 additions and 32 deletions
--- a/models/error.go
+++ b/models/error.go
@ -528,3 +528,23 @@ func IsErrAttachmentNotExist(err error) bool {
 func (err ErrAttachmentNotExist) Error() string {
 	return fmt.Sprintf("attachment does not exist [id: %d, uuid: %s]", err.ID, err.UUID)
 }
+
+//    _____          __  .__                   __  .__               __  .__
+//   /  _  \  __ ___/  |_|  |__   ____   _____/  |_|__| ____ _____ _/  |_|__| ____   ____
+//  /  /_\  \|  |  \   __\  |  \_/ __ \ /    \   __\  |/ ___\\__  \\   __\  |/  _ \ /    \
+// /    |    \  |  /|  | |   Y  \  ___/|   |  \  | |  \  \___ / __ \|  | |  (  <_> )   |  \
+// \____|__  /____/ |__| |___|  /\___  >___|  /__| |__|\___  >____  /__| |__|\____/|___|  /
+//         \/                 \/     \/     \/             \/     \/                    \/
+
+type ErrAuthenticationNotExist struct {
+	ID int64
+}
+
+func IsErrAuthenticationNotExist(err error) bool {
+	_, ok := err.(ErrAuthenticationNotExist)
+	return ok
+}
+
+func (err ErrAuthenticationNotExist) Error() string {
+	return fmt.Sprintf("Authentication does not exist [id: %d]", err.ID)
+}
--- a/models/login.go
+++ b/models/login.go
@ -36,7 +36,6 @@ const (

 var (
 	ErrAuthenticationAlreadyExist = errors.New("Authentication already exist")
-	ErrAuthenticationNotExist     = errors.New("Authentication does not exist")
 	ErrAuthenticationUserUsed     = errors.New("Authentication has been used by some users")
 )

@ -191,13 +190,14 @@ func LoginSources() ([]*LoginSource, error) {
 	return auths, x.Find(&auths)
 }

+// GetLoginSourceByID returns login source by given ID.
 func GetLoginSourceByID(id int64) (*LoginSource, error) {
 	source := new(LoginSource)
 	has, err := x.Id(id).Get(source)
 	if err != nil {
 		return nil, err
 	} else if !has {
-		return nil, ErrAuthenticationNotExist
+		return nil, ErrAuthenticationNotExist{id}
 	}
 	return source, nil
 }
--- a/models/publickey.go
+++ b/models/publickey.go
@ -460,7 +460,7 @@ func DeletePublicKey(doer *User, id int64) (err error) {
 	}

 	// Check if user has access to delete this key.
-	if doer.Id != key.OwnerID {
+	if !doer.IsAdmin && doer.Id != key.OwnerID {
 		return ErrKeyAccessDenied{doer.Id, key.ID, "public"}
 	}

@ -672,15 +672,17 @@ func DeleteDeployKey(doer *User, id int64) error {
 	}

 	// Check if user has access to delete this key.
-	repo, err := GetRepositoryByID(key.RepoID)
-	if err != nil {
-		return fmt.Errorf("GetRepositoryByID: %v", err)
-	}
-	yes, err := HasAccess(doer, repo, ACCESS_MODE_ADMIN)
-	if err != nil {
-		return fmt.Errorf("HasAccess: %v", err)
-	} else if !yes {
-		return ErrKeyAccessDenied{doer.Id, key.ID, "deploy"}
+	if !doer.IsAdmin {
+		repo, err := GetRepositoryByID(key.RepoID)
+		if err != nil {
+			return fmt.Errorf("GetRepositoryByID: %v", err)
+		}
+		yes, err := HasAccess(doer, repo, ACCESS_MODE_ADMIN)
+		if err != nil {
+			return fmt.Errorf("HasAccess: %v", err)
+		} else if !yes {
+			return ErrKeyAccessDenied{doer.Id, key.ID, "deploy"}
+		}
 	}

 	sess := x.NewSession()