afan
/
gitea
關注 1
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 0 Wiki 活動
gitea源码
3 提交
2 分支
目錄樹: 6d2efddf43
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
from '6d2efddf43'
${ noResults }
gitea/routers/api/v1/repo/collaborators.go

collaborators.go 10KB
歷史記錄 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372 
  1. // Copyright 2016 The Gogs Authors. All rights reserved.

  2. // Copyright 2018 The Gitea Authors. All rights reserved.

  3. // SPDX-License-Identifier: MIT

  4. 

  5. package repo

  6. 

  7. import (

  8. 	"errors"

  9. 	"net/http"

  10. 	"strings"

  11. 

  12. 	"code.gitea.io/gitea/models/perm"

  13. 	access_model "code.gitea.io/gitea/models/perm/access"

  14. 	repo_model "code.gitea.io/gitea/models/repo"

  15. 	user_model "code.gitea.io/gitea/models/user"

  16. 	api "code.gitea.io/gitea/modules/structs"

  17. 	"code.gitea.io/gitea/modules/web"

  18. 	"code.gitea.io/gitea/routers/api/v1/utils"

  19. 	"code.gitea.io/gitea/services/context"

  20. 	"code.gitea.io/gitea/services/convert"

  21. 	issue_service "code.gitea.io/gitea/services/issue"

  22. 	pull_service "code.gitea.io/gitea/services/pull"

  23. 	repo_service "code.gitea.io/gitea/services/repository"

  24. )

  25. 

  26. // ListCollaborators list a repository's collaborators

  27. func ListCollaborators(ctx *context.APIContext) {

  28. 	// swagger:operation GET /repos/{owner}/{repo}/collaborators repository repoListCollaborators

  29. 	// ---

  30. 	// summary: List a repository's collaborators

  31. 	// produces:

  32. 	// - application/json

  33. 	// parameters:

  34. 	// - name: owner

  35. 	//   in: path

  36. 	//   description: owner of the repo

  37. 	//   type: string

  38. 	//   required: true

  39. 	// - name: repo

  40. 	//   in: path

  41. 	//   description: name of the repo

  42. 	//   type: string

  43. 	//   required: true

  44. 	// - name: page

  45. 	//   in: query

  46. 	//   description: page number of results to return (1-based)

  47. 	//   type: integer

  48. 	// - name: limit

  49. 	//   in: query

  50. 	//   description: page size of results

  51. 	//   type: integer

  52. 	// responses:

  53. 	//   "200":

  54. 	//     "$ref": "#/responses/UserList"

  55. 	//   "404":

  56. 	//     "$ref": "#/responses/notFound"

  57. 

  58. 	collaborators, total, err := repo_model.GetCollaborators(ctx, &repo_model.FindCollaborationOptions{

  59. 		ListOptions: utils.GetListOptions(ctx),

  60. 		RepoID:      ctx.Repo.Repository.ID,

  61. 	})

  62. 	if err != nil {

  63. 		ctx.APIErrorInternal(err)

  64. 		return

  65. 	}

  66. 

  67. 	users := make([]*api.User, len(collaborators))

  68. 	for i, collaborator := range collaborators {

  69. 		users[i] = convert.ToUser(ctx, collaborator.User, ctx.Doer)

  70. 	}

  71. 

  72. 	ctx.SetTotalCountHeader(total)

  73. 	ctx.JSON(http.StatusOK, users)

  74. }

  75. 

  76. // IsCollaborator check if a user is a collaborator of a repository

  77. func IsCollaborator(ctx *context.APIContext) {

  78. 	// swagger:operation GET /repos/{owner}/{repo}/collaborators/{collaborator} repository repoCheckCollaborator

  79. 	// ---

  80. 	// summary: Check if a user is a collaborator of a repository

  81. 	// produces:

  82. 	// - application/json

  83. 	// parameters:

  84. 	// - name: owner

  85. 	//   in: path

  86. 	//   description: owner of the repo

  87. 	//   type: string

  88. 	//   required: true

  89. 	// - name: repo

  90. 	//   in: path

  91. 	//   description: name of the repo

  92. 	//   type: string

  93. 	//   required: true

  94. 	// - name: collaborator

  95. 	//   in: path

  96. 	//   description: username of the user to check for being a collaborator

  97. 	//   type: string

  98. 	//   required: true

  99. 	// responses:

  100. 	//   "204":

  101. 	//     "$ref": "#/responses/empty"

  102. 	//   "404":

  103. 	//     "$ref": "#/responses/notFound"

  104. 	//   "422":

  105. 	//     "$ref": "#/responses/validationError"

  106. 

  107. 	user, err := user_model.GetUserByName(ctx, ctx.PathParam("collaborator"))

  108. 	if err != nil {

  109. 		if user_model.IsErrUserNotExist(err) {

  110. 			ctx.APIError(http.StatusUnprocessableEntity, err)

  111. 		} else {

  112. 			ctx.APIErrorInternal(err)

  113. 		}

  114. 		return

  115. 	}

  116. 	isColab, err := repo_model.IsCollaborator(ctx, ctx.Repo.Repository.ID, user.ID)

  117. 	if err != nil {

  118. 		ctx.APIErrorInternal(err)

  119. 		return

  120. 	}

  121. 	if isColab {

  122. 		ctx.Status(http.StatusNoContent)

  123. 	} else {

  124. 		ctx.APIErrorNotFound()

  125. 	}

  126. }

  127. 

  128. // AddOrUpdateCollaborator add or update a collaborator to a repository

  129. func AddOrUpdateCollaborator(ctx *context.APIContext) {

  130. 	// swagger:operation PUT /repos/{owner}/{repo}/collaborators/{collaborator} repository repoAddCollaborator

  131. 	// ---

  132. 	// summary: Add or Update a collaborator to a repository

  133. 	// produces:

  134. 	// - application/json

  135. 	// parameters:

  136. 	// - name: owner

  137. 	//   in: path

  138. 	//   description: owner of the repo

  139. 	//   type: string

  140. 	//   required: true

  141. 	// - name: repo

  142. 	//   in: path

  143. 	//   description: name of the repo

  144. 	//   type: string

  145. 	//   required: true

  146. 	// - name: collaborator

  147. 	//   in: path

  148. 	//   description: username of the user to add or update as a collaborator

  149. 	//   type: string

  150. 	//   required: true

  151. 	// - name: body

  152. 	//   in: body

  153. 	//   schema:

  154. 	//     "$ref": "#/definitions/AddCollaboratorOption"

  155. 	// responses:

  156. 	//   "204":

  157. 	//     "$ref": "#/responses/empty"

  158. 	//   "403":

  159. 	//     "$ref": "#/responses/forbidden"

  160. 	//   "404":

  161. 	//     "$ref": "#/responses/notFound"

  162. 	//   "422":

  163. 	//     "$ref": "#/responses/validationError"

  164. 

  165. 	form := web.GetForm(ctx).(*api.AddCollaboratorOption)

  166. 

  167. 	collaborator, err := user_model.GetUserByName(ctx, ctx.PathParam("collaborator"))

  168. 	if err != nil {

  169. 		if user_model.IsErrUserNotExist(err) {

  170. 			ctx.APIError(http.StatusUnprocessableEntity, err)

  171. 		} else {

  172. 			ctx.APIErrorInternal(err)

  173. 		}

  174. 		return

  175. 	}

  176. 

  177. 	if !collaborator.IsActive {

  178. 		ctx.APIErrorInternal(errors.New("collaborator's account is inactive"))

  179. 		return

  180. 	}

  181. 

  182. 	p := perm.AccessModeWrite

  183. 	if form.Permission != nil {

  184. 		p = perm.ParseAccessMode(*form.Permission, perm.AccessModeRead, perm.AccessModeWrite, perm.AccessModeAdmin)

  185. 	}

  186. 

  187. 	if err := repo_service.AddOrUpdateCollaborator(ctx, ctx.Repo.Repository, collaborator, p); err != nil {

  188. 		if errors.Is(err, user_model.ErrBlockedUser) {

  189. 			ctx.APIError(http.StatusForbidden, err)

  190. 		} else {

  191. 			ctx.APIErrorInternal(err)

  192. 		}

  193. 		return

  194. 	}

  195. 

  196. 	ctx.Status(http.StatusNoContent)

  197. }

  198. 

  199. // DeleteCollaborator delete a collaborator from a repository

  200. func DeleteCollaborator(ctx *context.APIContext) {

  201. 	// swagger:operation DELETE /repos/{owner}/{repo}/collaborators/{collaborator} repository repoDeleteCollaborator

  202. 	// ---

  203. 	// summary: Delete a collaborator from a repository

  204. 	// produces:

  205. 	// - application/json

  206. 	// parameters:

  207. 	// - name: owner

  208. 	//   in: path

  209. 	//   description: owner of the repo

  210. 	//   type: string

  211. 	//   required: true

  212. 	// - name: repo

  213. 	//   in: path

  214. 	//   description: name of the repo

  215. 	//   type: string

  216. 	//   required: true

  217. 	// - name: collaborator

  218. 	//   in: path

  219. 	//   description: username of the collaborator to delete

  220. 	//   type: string

  221. 	//   required: true

  222. 	// responses:

  223. 	//   "204":

  224. 	//     "$ref": "#/responses/empty"

  225. 	//   "404":

  226. 	//     "$ref": "#/responses/notFound"

  227. 	//   "422":

  228. 	//     "$ref": "#/responses/validationError"

  229. 

  230. 	collaborator, err := user_model.GetUserByName(ctx, ctx.PathParam("collaborator"))

  231. 	if err != nil {

  232. 		if user_model.IsErrUserNotExist(err) {

  233. 			ctx.APIError(http.StatusUnprocessableEntity, err)

  234. 		} else {

  235. 			ctx.APIErrorInternal(err)

  236. 		}

  237. 		return

  238. 	}

  239. 

  240. 	if err := repo_service.DeleteCollaboration(ctx, ctx.Repo.Repository, collaborator); err != nil {

  241. 		ctx.APIErrorInternal(err)

  242. 		return

  243. 	}

  244. 	ctx.Status(http.StatusNoContent)

  245. }

  246. 

  247. // GetRepoPermissions gets repository permissions for a user

  248. func GetRepoPermissions(ctx *context.APIContext) {

  249. 	// swagger:operation GET /repos/{owner}/{repo}/collaborators/{collaborator}/permission repository repoGetRepoPermissions

  250. 	// ---

  251. 	// summary: Get repository permissions for a user

  252. 	// produces:

  253. 	// - application/json

  254. 	// parameters:

  255. 	// - name: owner

  256. 	//   in: path

  257. 	//   description: owner of the repo

  258. 	//   type: string

  259. 	//   required: true

  260. 	// - name: repo

  261. 	//   in: path

  262. 	//   description: name of the repo

  263. 	//   type: string

  264. 	//   required: true

  265. 	// - name: collaborator

  266. 	//   in: path

  267. 	//   description: username of the collaborator whose permissions are to be obtained

  268. 	//   type: string

  269. 	//   required: true

  270. 	// responses:

  271. 	//   "200":

  272. 	//     "$ref": "#/responses/RepoCollaboratorPermission"

  273. 	//   "404":

  274. 	//     "$ref": "#/responses/notFound"

  275. 	//   "403":

  276. 	//     "$ref": "#/responses/forbidden"

  277. 

  278. 	collaboratorUsername := ctx.PathParam("collaborator")

  279. 	if !ctx.Doer.IsAdmin && !strings.EqualFold(ctx.Doer.LowerName, collaboratorUsername) && !ctx.IsUserRepoAdmin() {

  280. 		ctx.APIError(http.StatusForbidden, "Only admins can query all permissions, repo admins can query all repo permissions, collaborators can query only their own")

  281. 		return

  282. 	}

  283. 

  284. 	collaborator, err := user_model.GetUserByName(ctx, collaboratorUsername)

  285. 	if err != nil {

  286. 		if user_model.IsErrUserNotExist(err) {

  287. 			ctx.APIError(http.StatusNotFound, err)

  288. 		} else {

  289. 			ctx.APIErrorInternal(err)

  290. 		}

  291. 		return

  292. 	}

  293. 

  294. 	permission, err := access_model.GetUserRepoPermission(ctx, ctx.Repo.Repository, collaborator)

  295. 	if err != nil {

  296. 		ctx.APIErrorInternal(err)

  297. 		return

  298. 	}

  299. 

  300. 	ctx.JSON(http.StatusOK, convert.ToUserAndPermission(ctx, collaborator, ctx.ContextUser, permission.AccessMode))

  301. }

  302. 

  303. // GetReviewers return all users that can be requested to review in this repo

  304. func GetReviewers(ctx *context.APIContext) {

  305. 	// swagger:operation GET /repos/{owner}/{repo}/reviewers repository repoGetReviewers

  306. 	// ---

  307. 	// summary: Return all users that can be requested to review in this repo

  308. 	// produces:

  309. 	// - application/json

  310. 	// parameters:

  311. 	// - name: owner

  312. 	//   in: path

  313. 	//   description: owner of the repo

  314. 	//   type: string

  315. 	//   required: true

  316. 	// - name: repo

  317. 	//   in: path

  318. 	//   description: name of the repo

  319. 	//   type: string

  320. 	//   required: true

  321. 	// responses:

  322. 	//   "200":

  323. 	//     "$ref": "#/responses/UserList"

  324. 	//   "404":

  325. 	//     "$ref": "#/responses/notFound"

  326. 

  327. 	canChooseReviewer := issue_service.CanDoerChangeReviewRequests(ctx, ctx.Doer, ctx.Repo.Repository, 0)

  328. 	if !canChooseReviewer {

  329. 		ctx.APIError(http.StatusForbidden, errors.New("doer has no permission to get reviewers"))

  330. 		return

  331. 	}

  332. 

  333. 	reviewers, err := pull_service.GetReviewers(ctx, ctx.Repo.Repository, ctx.Doer.ID, 0)

  334. 	if err != nil {

  335. 		ctx.APIErrorInternal(err)

  336. 		return

  337. 	}

  338. 	ctx.JSON(http.StatusOK, convert.ToUsers(ctx, ctx.Doer, reviewers))

  339. }

  340. 

  341. // GetAssignees return all users that have write access and can be assigned to issues

  342. func GetAssignees(ctx *context.APIContext) {

  343. 	// swagger:operation GET /repos/{owner}/{repo}/assignees repository repoGetAssignees

  344. 	// ---

  345. 	// summary: Return all users that have write access and can be assigned to issues

  346. 	// produces:

  347. 	// - application/json

  348. 	// parameters:

  349. 	// - name: owner

  350. 	//   in: path

  351. 	//   description: owner of the repo

  352. 	//   type: string

  353. 	//   required: true

  354. 	// - name: repo

  355. 	//   in: path

  356. 	//   description: name of the repo

  357. 	//   type: string

  358. 	//   required: true

  359. 	// responses:

  360. 	//   "200":

  361. 	//     "$ref": "#/responses/UserList"

  362. 	//   "404":

  363. 	//     "$ref": "#/responses/notFound"

  364. 

  365. 	assignees, err := repo_model.GetRepoAssignees(ctx, ctx.Repo.Repository)

  366. 	if err != nil {

  367. 		ctx.APIErrorInternal(err)

  368. 		return

  369. 	}

  370. 	ctx.JSON(http.StatusOK, convert.ToUsers(ctx, ctx.Doer, assignees))

  371. }