afan
/
gitea
İzle 1
Yıldızla 0
Çatalla 0
Kod Sorunlar 0 Değişiklik İstekleri 0 Sürümler 0 Wiki Aktivite
gitea源码
3 İşlemeler
2 Dallar
Ağaç: 6d2efddf43
Dallar Biçim İmleri
${ item.name }
Branş ${ searchTerm } oluştur
'6d2efddf43'den
${ noResults }
gitea/routers/api/v1/org/member.go

member.go 9.0KB
Geçmiş Ham

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package org

  5. 

  6. import (

  7. 	"net/http"

  8. 	"net/url"

  9. 

  10. 	"code.gitea.io/gitea/models/organization"

  11. 	user_model "code.gitea.io/gitea/models/user"

  12. 	"code.gitea.io/gitea/modules/setting"

  13. 	api "code.gitea.io/gitea/modules/structs"

  14. 	"code.gitea.io/gitea/routers/api/v1/user"

  15. 	"code.gitea.io/gitea/routers/api/v1/utils"

  16. 	"code.gitea.io/gitea/services/context"

  17. 	"code.gitea.io/gitea/services/convert"

  18. 	org_service "code.gitea.io/gitea/services/org"

  19. )

  20. 

  21. // listMembers list an organization's members

  22. func listMembers(ctx *context.APIContext, isMember bool) {

  23. 	opts := &organization.FindOrgMembersOpts{

  24. 		Doer:         ctx.Doer,

  25. 		IsDoerMember: isMember,

  26. 		OrgID:        ctx.Org.Organization.ID,

  27. 		ListOptions:  utils.GetListOptions(ctx),

  28. 	}

  29. 

  30. 	count, err := organization.CountOrgMembers(ctx, opts)

  31. 	if err != nil {

  32. 		ctx.APIErrorInternal(err)

  33. 		return

  34. 	}

  35. 

  36. 	members, _, err := organization.FindOrgMembers(ctx, opts)

  37. 	if err != nil {

  38. 		ctx.APIErrorInternal(err)

  39. 		return

  40. 	}

  41. 

  42. 	apiMembers := make([]*api.User, len(members))

  43. 	for i, member := range members {

  44. 		apiMembers[i] = convert.ToUser(ctx, member, ctx.Doer)

  45. 	}

  46. 

  47. 	ctx.SetTotalCountHeader(count)

  48. 	ctx.JSON(http.StatusOK, apiMembers)

  49. }

  50. 

  51. // ListMembers list an organization's members

  52. func ListMembers(ctx *context.APIContext) {

  53. 	// swagger:operation GET /orgs/{org}/members organization orgListMembers

  54. 	// ---

  55. 	// summary: List an organization's members

  56. 	// produces:

  57. 	// - application/json

  58. 	// parameters:

  59. 	// - name: org

  60. 	//   in: path

  61. 	//   description: name of the organization

  62. 	//   type: string

  63. 	//   required: true

  64. 	// - name: page

  65. 	//   in: query

  66. 	//   description: page number of results to return (1-based)

  67. 	//   type: integer

  68. 	// - name: limit

  69. 	//   in: query

  70. 	//   description: page size of results

  71. 	//   type: integer

  72. 	// responses:

  73. 	//   "200":

  74. 	//     "$ref": "#/responses/UserList"

  75. 	//   "404":

  76. 	//     "$ref": "#/responses/notFound"

  77. 

  78. 	var (

  79. 		isMember bool

  80. 		err      error

  81. 	)

  82. 

  83. 	if ctx.Doer != nil {

  84. 		isMember, err = ctx.Org.Organization.IsOrgMember(ctx, ctx.Doer.ID)

  85. 		if err != nil {

  86. 			ctx.APIErrorInternal(err)

  87. 			return

  88. 		}

  89. 	}

  90. 	listMembers(ctx, isMember)

  91. }

  92. 

  93. // ListPublicMembers list an organization's public members

  94. func ListPublicMembers(ctx *context.APIContext) {

  95. 	// swagger:operation GET /orgs/{org}/public_members organization orgListPublicMembers

  96. 	// ---

  97. 	// summary: List an organization's public members

  98. 	// parameters:

  99. 	// - name: org

  100. 	//   in: path

  101. 	//   description: name of the organization

  102. 	//   type: string

  103. 	//   required: true

  104. 	// - name: page

  105. 	//   in: query

  106. 	//   description: page number of results to return (1-based)

  107. 	//   type: integer

  108. 	// - name: limit

  109. 	//   in: query

  110. 	//   description: page size of results

  111. 	//   type: integer

  112. 	// produces:

  113. 	// - application/json

  114. 	// responses:

  115. 	//   "200":

  116. 	//     "$ref": "#/responses/UserList"

  117. 	//   "404":

  118. 	//     "$ref": "#/responses/notFound"

  119. 

  120. 	listMembers(ctx, false)

  121. }

  122. 

  123. // IsMember check if a user is a member of an organization

  124. func IsMember(ctx *context.APIContext) {

  125. 	// swagger:operation GET /orgs/{org}/members/{username} organization orgIsMember

  126. 	// ---

  127. 	// summary: Check if a user is a member of an organization

  128. 	// parameters:

  129. 	// - name: org

  130. 	//   in: path

  131. 	//   description: name of the organization

  132. 	//   type: string

  133. 	//   required: true

  134. 	// - name: username

  135. 	//   in: path

  136. 	//   description: username of the user to check for an organization membership

  137. 	//   type: string

  138. 	//   required: true

  139. 	// responses:

  140. 	//   "204":

  141. 	//     description: user is a member

  142. 	//   "303":

  143. 	//     description: redirection to /orgs/{org}/public_members/{username}

  144. 	//   "404":

  145. 	//     description: user is not a member

  146. 

  147. 	userToCheck := user.GetContextUserByPathParam(ctx)

  148. 	if ctx.Written() {

  149. 		return

  150. 	}

  151. 	if ctx.Doer != nil {

  152. 		userIsMember, err := ctx.Org.Organization.IsOrgMember(ctx, ctx.Doer.ID)

  153. 		if err != nil {

  154. 			ctx.APIErrorInternal(err)

  155. 			return

  156. 		} else if userIsMember || ctx.Doer.IsAdmin {

  157. 			userToCheckIsMember, err := ctx.Org.Organization.IsOrgMember(ctx, userToCheck.ID)

  158. 			if err != nil {

  159. 				ctx.APIErrorInternal(err)

  160. 			} else if userToCheckIsMember {

  161. 				ctx.Status(http.StatusNoContent)

  162. 			} else {

  163. 				ctx.APIErrorNotFound()

  164. 			}

  165. 			return

  166. 		} else if ctx.Doer.ID == userToCheck.ID {

  167. 			ctx.APIErrorNotFound()

  168. 			return

  169. 		}

  170. 	}

  171. 

  172. 	redirectURL := setting.AppSubURL + "/api/v1/orgs/" + url.PathEscape(ctx.Org.Organization.Name) + "/public_members/" + url.PathEscape(userToCheck.Name)

  173. 	ctx.Redirect(redirectURL)

  174. }

  175. 

  176. // IsPublicMember check if a user is a public member of an organization

  177. func IsPublicMember(ctx *context.APIContext) {

  178. 	// swagger:operation GET /orgs/{org}/public_members/{username} organization orgIsPublicMember

  179. 	// ---

  180. 	// summary: Check if a user is a public member of an organization

  181. 	// parameters:

  182. 	// - name: org

  183. 	//   in: path

  184. 	//   description: name of the organization

  185. 	//   type: string

  186. 	//   required: true

  187. 	// - name: username

  188. 	//   in: path

  189. 	//   description: username of the user to check for a public organization membership

  190. 	//   type: string

  191. 	//   required: true

  192. 	// responses:

  193. 	//   "204":

  194. 	//     description: user is a public member

  195. 	//   "404":

  196. 	//     description: user is not a public member

  197. 

  198. 	userToCheck := user.GetContextUserByPathParam(ctx)

  199. 	if ctx.Written() {

  200. 		return

  201. 	}

  202. 	is, err := organization.IsPublicMembership(ctx, ctx.Org.Organization.ID, userToCheck.ID)

  203. 	if err != nil {

  204. 		ctx.APIErrorInternal(err)

  205. 		return

  206. 	}

  207. 	if is {

  208. 		ctx.Status(http.StatusNoContent)

  209. 	} else {

  210. 		ctx.APIErrorNotFound()

  211. 	}

  212. }

  213. 

  214. func checkCanChangeOrgUserStatus(ctx *context.APIContext, targetUser *user_model.User) {

  215. 	// allow user themselves to change their status, and allow admins to change any user

  216. 	if targetUser.ID == ctx.Doer.ID || ctx.Doer.IsAdmin {

  217. 		return

  218. 	}

  219. 	// allow org owners to change status of members

  220. 	isOwner, err := ctx.Org.Organization.IsOwnedBy(ctx, ctx.Doer.ID)

  221. 	if err != nil {

  222. 		ctx.APIError(http.StatusInternalServerError, err)

  223. 	} else if !isOwner {

  224. 		ctx.APIError(http.StatusForbidden, "Cannot change member visibility")

  225. 	}

  226. }

  227. 

  228. // PublicizeMember make a member's membership public

  229. func PublicizeMember(ctx *context.APIContext) {

  230. 	// swagger:operation PUT /orgs/{org}/public_members/{username} organization orgPublicizeMember

  231. 	// ---

  232. 	// summary: Publicize a user's membership

  233. 	// produces:

  234. 	// - application/json

  235. 	// parameters:

  236. 	// - name: org

  237. 	//   in: path

  238. 	//   description: name of the organization

  239. 	//   type: string

  240. 	//   required: true

  241. 	// - name: username

  242. 	//   in: path

  243. 	//   description: username of the user whose membership is to be publicized

  244. 	//   type: string

  245. 	//   required: true

  246. 	// responses:

  247. 	//   "204":

  248. 	//     description: membership publicized

  249. 	//   "403":

  250. 	//     "$ref": "#/responses/forbidden"

  251. 	//   "404":

  252. 	//     "$ref": "#/responses/notFound"

  253. 

  254. 	userToPublicize := user.GetContextUserByPathParam(ctx)

  255. 	if ctx.Written() {

  256. 		return

  257. 	}

  258. 	checkCanChangeOrgUserStatus(ctx, userToPublicize)

  259. 	if ctx.Written() {

  260. 		return

  261. 	}

  262. 	err := organization.ChangeOrgUserStatus(ctx, ctx.Org.Organization.ID, userToPublicize.ID, true)

  263. 	if err != nil {

  264. 		ctx.APIErrorInternal(err)

  265. 		return

  266. 	}

  267. 	ctx.Status(http.StatusNoContent)

  268. }

  269. 

  270. // ConcealMember make a member's membership not public

  271. func ConcealMember(ctx *context.APIContext) {

  272. 	// swagger:operation DELETE /orgs/{org}/public_members/{username} organization orgConcealMember

  273. 	// ---

  274. 	// summary: Conceal a user's membership

  275. 	// produces:

  276. 	// - application/json

  277. 	// parameters:

  278. 	// - name: org

  279. 	//   in: path

  280. 	//   description: name of the organization

  281. 	//   type: string

  282. 	//   required: true

  283. 	// - name: username

  284. 	//   in: path

  285. 	//   description: username of the user whose membership is to be concealed

  286. 	//   type: string

  287. 	//   required: true

  288. 	// responses:

  289. 	//   "204":

  290. 	//     "$ref": "#/responses/empty"

  291. 	//   "403":

  292. 	//     "$ref": "#/responses/forbidden"

  293. 	//   "404":

  294. 	//     "$ref": "#/responses/notFound"

  295. 

  296. 	userToConceal := user.GetContextUserByPathParam(ctx)

  297. 	if ctx.Written() {

  298. 		return

  299. 	}

  300. 	checkCanChangeOrgUserStatus(ctx, userToConceal)

  301. 	if ctx.Written() {

  302. 		return

  303. 	}

  304. 	err := organization.ChangeOrgUserStatus(ctx, ctx.Org.Organization.ID, userToConceal.ID, false)

  305. 	if err != nil {

  306. 		ctx.APIErrorInternal(err)

  307. 		return

  308. 	}

  309. 	ctx.Status(http.StatusNoContent)

  310. }

  311. 

  312. // DeleteMember remove a member from an organization

  313. func DeleteMember(ctx *context.APIContext) {

  314. 	// swagger:operation DELETE /orgs/{org}/members/{username} organization orgDeleteMember

  315. 	// ---

  316. 	// summary: Remove a member from an organization

  317. 	// produces:

  318. 	// - application/json

  319. 	// parameters:

  320. 	// - name: org

  321. 	//   in: path

  322. 	//   description: name of the organization

  323. 	//   type: string

  324. 	//   required: true

  325. 	// - name: username

  326. 	//   in: path

  327. 	//   description: username of the user to remove from the organization

  328. 	//   type: string

  329. 	//   required: true

  330. 	// responses:

  331. 	//   "204":

  332. 	//     description: member removed

  333. 	//   "404":

  334. 	//     "$ref": "#/responses/notFound"

  335. 

  336. 	member := user.GetContextUserByPathParam(ctx)

  337. 	if ctx.Written() {

  338. 		return

  339. 	}

  340. 	if err := org_service.RemoveOrgUser(ctx, ctx.Org.Organization, member); err != nil {

  341. 		ctx.APIErrorInternal(err)

  342. 	}

  343. 	ctx.Status(http.StatusNoContent)

  344. }