afan
/
gitea
關注 1
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 0 Wiki 活動
gitea源码
2 提交
2 分支
目錄樹: f5d5e77162
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
from 'f5d5e77162'
${ noResults }
gitea/services/issue/assignee.go

assignee.go 9.6KB
歷史記錄 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329 
  1. // Copyright 2019 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package issue

  5. 

  6. import (

  7. 	"context"

  8. 

  9. 	issues_model "code.gitea.io/gitea/models/issues"

  10. 	"code.gitea.io/gitea/models/organization"

  11. 	"code.gitea.io/gitea/models/perm"

  12. 	access_model "code.gitea.io/gitea/models/perm/access"

  13. 	repo_model "code.gitea.io/gitea/models/repo"

  14. 	"code.gitea.io/gitea/models/unit"

  15. 	user_model "code.gitea.io/gitea/models/user"

  16. 	"code.gitea.io/gitea/modules/log"

  17. 	notify_service "code.gitea.io/gitea/services/notify"

  18. )

  19. 

  20. // DeleteNotPassedAssignee deletes all assignees who aren't passed via the "assignees" array

  21. func DeleteNotPassedAssignee(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, assignees []*user_model.User) (err error) {

  22. 	var found bool

  23. 	oriAssignes := make([]*user_model.User, len(issue.Assignees))

  24. 	_ = copy(oriAssignes, issue.Assignees)

  25. 

  26. 	for _, assignee := range oriAssignes {

  27. 		found = false

  28. 		for _, alreadyAssignee := range assignees {

  29. 			if assignee.ID == alreadyAssignee.ID {

  30. 				found = true

  31. 				break

  32. 			}

  33. 		}

  34. 

  35. 		if !found {

  36. 			// This function also does comments and hooks, which is why we call it separately instead of directly removing the assignees here

  37. 			if _, _, err := ToggleAssigneeWithNotify(ctx, issue, doer, assignee.ID); err != nil {

  38. 				return err

  39. 			}

  40. 		}

  41. 	}

  42. 

  43. 	return nil

  44. }

  45. 

  46. // ToggleAssigneeWithNoNotify changes a user between assigned and not assigned for this issue, and make issue comment for it.

  47. func ToggleAssigneeWithNotify(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, assigneeID int64) (removed bool, comment *issues_model.Comment, err error) {

  48. 	removed, comment, err = issues_model.ToggleIssueAssignee(ctx, issue, doer, assigneeID)

  49. 	if err != nil {

  50. 		return false, nil, err

  51. 	}

  52. 

  53. 	assignee, err := user_model.GetUserByID(ctx, assigneeID)

  54. 	if err != nil {

  55. 		return false, nil, err

  56. 	}

  57. 	issue.AssigneeID = assigneeID

  58. 	issue.Assignee = assignee

  59. 

  60. 	notify_service.IssueChangeAssignee(ctx, doer, issue, assignee, removed, comment)

  61. 

  62. 	return removed, comment, err

  63. }

  64. 

  65. // ReviewRequest add or remove a review request from a user for this PR, and make comment for it.

  66. func ReviewRequest(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, permDoer *access_model.Permission, reviewer *user_model.User, isAdd bool) (comment *issues_model.Comment, err error) {

  67. 	err = isValidReviewRequest(ctx, reviewer, doer, isAdd, issue, permDoer)

  68. 	if err != nil {

  69. 		return nil, err

  70. 	}

  71. 

  72. 	if isAdd {

  73. 		comment, err = issues_model.AddReviewRequest(ctx, issue, reviewer, doer)

  74. 	} else {

  75. 		comment, err = issues_model.RemoveReviewRequest(ctx, issue, reviewer, doer)

  76. 	}

  77. 

  78. 	if err != nil {

  79. 		return nil, err

  80. 	}

  81. 

  82. 	if comment != nil {

  83. 		notify_service.PullRequestReviewRequest(ctx, doer, issue, reviewer, isAdd, comment)

  84. 	}

  85. 

  86. 	return comment, err

  87. }

  88. 

  89. // isValidReviewRequest Check permission for ReviewRequest

  90. func isValidReviewRequest(ctx context.Context, reviewer, doer *user_model.User, isAdd bool, issue *issues_model.Issue, permDoer *access_model.Permission) error {

  91. 	if reviewer.IsOrganization() {

  92. 		return issues_model.ErrNotValidReviewRequest{

  93. 			Reason: "Organization can't be added as reviewer",

  94. 			UserID: doer.ID,

  95. 			RepoID: issue.Repo.ID,

  96. 		}

  97. 	}

  98. 	if doer.IsOrganization() {

  99. 		return issues_model.ErrNotValidReviewRequest{

  100. 			Reason: "Organization can't be doer to add reviewer",

  101. 			UserID: doer.ID,

  102. 			RepoID: issue.Repo.ID,

  103. 		}

  104. 	}

  105. 

  106. 	permReviewer, err := access_model.GetUserRepoPermission(ctx, issue.Repo, reviewer)

  107. 	if err != nil {

  108. 		return err

  109. 	}

  110. 

  111. 	if permDoer == nil {

  112. 		permDoer = new(access_model.Permission)

  113. 		*permDoer, err = access_model.GetUserRepoPermission(ctx, issue.Repo, doer)

  114. 		if err != nil {

  115. 			return err

  116. 		}

  117. 	}

  118. 

  119. 	lastReview, err := issues_model.GetReviewByIssueIDAndUserID(ctx, issue.ID, reviewer.ID)

  120. 	if err != nil && !issues_model.IsErrReviewNotExist(err) {

  121. 		return err

  122. 	}

  123. 

  124. 	canDoerChangeReviewRequests := CanDoerChangeReviewRequests(ctx, doer, issue.Repo, issue.PosterID)

  125. 

  126. 	if isAdd {

  127. 		if !permReviewer.CanAccessAny(perm.AccessModeRead, unit.TypePullRequests) {

  128. 			return issues_model.ErrNotValidReviewRequest{

  129. 				Reason: "Reviewer can't read",

  130. 				UserID: doer.ID,

  131. 				RepoID: issue.Repo.ID,

  132. 			}

  133. 		}

  134. 

  135. 		if reviewer.ID == issue.PosterID && issue.OriginalAuthorID == 0 {

  136. 			return issues_model.ErrNotValidReviewRequest{

  137. 				Reason: "poster of pr can't be reviewer",

  138. 				UserID: doer.ID,

  139. 				RepoID: issue.Repo.ID,

  140. 			}

  141. 		}

  142. 

  143. 		if canDoerChangeReviewRequests {

  144. 			return nil

  145. 		}

  146. 

  147. 		if doer.ID == issue.PosterID && issue.OriginalAuthorID == 0 && lastReview != nil && lastReview.Type != issues_model.ReviewTypeRequest {

  148. 			return nil

  149. 		}

  150. 

  151. 		return issues_model.ErrNotValidReviewRequest{

  152. 			Reason: "Doer can't choose reviewer",

  153. 			UserID: doer.ID,

  154. 			RepoID: issue.Repo.ID,

  155. 		}

  156. 	}

  157. 

  158. 	if canDoerChangeReviewRequests {

  159. 		return nil

  160. 	}

  161. 

  162. 	if lastReview != nil && lastReview.Type == issues_model.ReviewTypeRequest && lastReview.ReviewerID == doer.ID {

  163. 		return nil

  164. 	}

  165. 

  166. 	return issues_model.ErrNotValidReviewRequest{

  167. 		Reason: "Doer can't remove reviewer",

  168. 		UserID: doer.ID,

  169. 		RepoID: issue.Repo.ID,

  170. 	}

  171. }

  172. 

  173. // isValidTeamReviewRequest Check permission for ReviewRequest Team

  174. func isValidTeamReviewRequest(ctx context.Context, reviewer *organization.Team, doer *user_model.User, isAdd bool, issue *issues_model.Issue) error {

  175. 	if doer.IsOrganization() {

  176. 		return issues_model.ErrNotValidReviewRequest{

  177. 			Reason: "Organization can't be doer to add reviewer",

  178. 			UserID: doer.ID,

  179. 			RepoID: issue.Repo.ID,

  180. 		}

  181. 	}

  182. 

  183. 	canDoerChangeReviewRequests := CanDoerChangeReviewRequests(ctx, doer, issue.Repo, issue.PosterID)

  184. 

  185. 	if isAdd {

  186. 		if issue.Repo.IsPrivate {

  187. 			hasTeam := organization.HasTeamRepo(ctx, reviewer.OrgID, reviewer.ID, issue.RepoID)

  188. 

  189. 			if !hasTeam {

  190. 				return issues_model.ErrNotValidReviewRequest{

  191. 					Reason: "Reviewing team can't read repo",

  192. 					UserID: doer.ID,

  193. 					RepoID: issue.Repo.ID,

  194. 				}

  195. 			}

  196. 		}

  197. 

  198. 		if canDoerChangeReviewRequests {

  199. 			return nil

  200. 		}

  201. 

  202. 		return issues_model.ErrNotValidReviewRequest{

  203. 			Reason: "Doer can't choose reviewer",

  204. 			UserID: doer.ID,

  205. 			RepoID: issue.Repo.ID,

  206. 		}

  207. 	}

  208. 

  209. 	if canDoerChangeReviewRequests {

  210. 		return nil

  211. 	}

  212. 

  213. 	return issues_model.ErrNotValidReviewRequest{

  214. 		Reason: "Doer can't remove reviewer",

  215. 		UserID: doer.ID,

  216. 		RepoID: issue.Repo.ID,

  217. 	}

  218. }

  219. 

  220. // TeamReviewRequest add or remove a review request from a team for this PR, and make comment for it.

  221. func TeamReviewRequest(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, reviewer *organization.Team, isAdd bool) (comment *issues_model.Comment, err error) {

  222. 	err = isValidTeamReviewRequest(ctx, reviewer, doer, isAdd, issue)

  223. 	if err != nil {

  224. 		return nil, err

  225. 	}

  226. 	if isAdd {

  227. 		comment, err = issues_model.AddTeamReviewRequest(ctx, issue, reviewer, doer)

  228. 	} else {

  229. 		comment, err = issues_model.RemoveTeamReviewRequest(ctx, issue, reviewer, doer)

  230. 	}

  231. 

  232. 	if err != nil {

  233. 		return nil, err

  234. 	}

  235. 

  236. 	if comment == nil || !isAdd {

  237. 		return nil, nil

  238. 	}

  239. 

  240. 	return comment, teamReviewRequestNotify(ctx, issue, doer, reviewer, isAdd, comment)

  241. }

  242. 

  243. func ReviewRequestNotify(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, reviewNotifiers []*ReviewRequestNotifier) {

  244. 	for _, reviewNotifier := range reviewNotifiers {

  245. 		if reviewNotifier.Reviewer != nil {

  246. 			notify_service.PullRequestReviewRequest(ctx, issue.Poster, issue, reviewNotifier.Reviewer, reviewNotifier.IsAdd, reviewNotifier.Comment)

  247. 		} else if reviewNotifier.ReviewTeam != nil {

  248. 			if err := teamReviewRequestNotify(ctx, issue, issue.Poster, reviewNotifier.ReviewTeam, reviewNotifier.IsAdd, reviewNotifier.Comment); err != nil {

  249. 				log.Error("teamReviewRequestNotify: %v", err)

  250. 			}

  251. 		}

  252. 	}

  253. }

  254. 

  255. // teamReviewRequestNotify notify all user in this team

  256. func teamReviewRequestNotify(ctx context.Context, issue *issues_model.Issue, doer *user_model.User, reviewer *organization.Team, isAdd bool, comment *issues_model.Comment) error {

  257. 	// notify all user in this team

  258. 	if err := comment.LoadIssue(ctx); err != nil {

  259. 		return err

  260. 	}

  261. 

  262. 	members, err := organization.GetTeamMembers(ctx, &organization.SearchMembersOptions{

  263. 		TeamID: reviewer.ID,

  264. 	})

  265. 	if err != nil {

  266. 		return err

  267. 	}

  268. 

  269. 	for _, member := range members {

  270. 		if member.ID == comment.Issue.PosterID {

  271. 			continue

  272. 		}

  273. 		comment.AssigneeID = member.ID

  274. 		notify_service.PullRequestReviewRequest(ctx, doer, issue, member, isAdd, comment)

  275. 	}

  276. 

  277. 	return err

  278. }

  279. 

  280. // CanDoerChangeReviewRequests returns if the doer can add/remove review requests of a PR

  281. func CanDoerChangeReviewRequests(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, posterID int64) bool {

  282. 	if repo.IsArchived {

  283. 		return false

  284. 	}

  285. 	// The poster of the PR can change the reviewers

  286. 	if doer.ID == posterID {

  287. 		return true

  288. 	}

  289. 

  290. 	// The owner of the repo can change the reviewers

  291. 	if doer.ID == repo.OwnerID {

  292. 		return true

  293. 	}

  294. 

  295. 	// Collaborators of the repo can change the reviewers

  296. 	isCollaborator, err := repo_model.IsCollaborator(ctx, repo.ID, doer.ID)

  297. 	if err != nil {

  298. 		log.Error("IsCollaborator: %v", err)

  299. 		return false

  300. 	}

  301. 	if isCollaborator {

  302. 		return true

  303. 	}

  304. 

  305. 	// If the repo's owner is an organization, members of teams with read permission on pull requests can change reviewers

  306. 	if repo.Owner.IsOrganization() {

  307. 		teams, err := organization.GetTeamsWithAccessToAnyRepoUnit(ctx, repo.OwnerID, repo.ID, perm.AccessModeRead, unit.TypePullRequests)

  308. 		if err != nil {

  309. 			log.Error("GetTeamsWithAccessToRepo: %v", err)

  310. 			return false

  311. 		}

  312. 		for _, team := range teams {

  313. 			if !team.UnitEnabled(ctx, unit.TypePullRequests) {

  314. 				continue

  315. 			}

  316. 			isMember, err := organization.IsTeamMember(ctx, repo.OwnerID, team.ID, doer.ID)

  317. 			if err != nil {

  318. 				log.Error("IsTeamMember: %v", err)

  319. 				continue

  320. 			}

  321. 			if isMember {

  322. 				return true

  323. 			}

  324. 		}

  325. 	}

  326. 

  327. 	return false

  328. }