From 266586e8667705822acd136e4e566b4d19a54d73 Mon Sep 17 00:00:00 2001 From: Unknwon Date: Fri, 17 Feb 2017 22:17:27 -0500 Subject: [PATCH] repo: assignee can be anyone who has read access (#3739) --- gogs.go | 2 +- models/access.go | 8 -------- models/issue.go | 2 +- models/repo.go | 3 ++- models/repo_collaboration.go | 22 +++++++++++++++++++--- models/user.go | 2 +- public/js/gogs.js | 2 +- routers/repo/setting.go | 5 ++++- templates/.VERSION | 2 +- 9 files changed, 30 insertions(+), 18 deletions(-) diff --git a/gogs.go b/gogs.go index be68464b7..701e06a57 100644 --- a/gogs.go +++ b/gogs.go @@ -16,7 +16,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.9.155.0217" +const APP_VER = "0.9.156.0217" func init() { setting.AppVer = APP_VER diff --git a/models/access.go b/models/access.go index 0b114376f..e780c3d08 100644 --- a/models/access.go +++ b/models/access.go @@ -146,16 +146,8 @@ func maxAccessMode(modes ...AccessMode) AccessMode { // FIXME: do corss-comparison so reduce deletions and additions to the minimum? func (repo *Repository) refreshAccesses(e Engine, accessMap map[int64]AccessMode) (err error) { - minMode := ACCESS_MODE_READ - if !repo.IsPrivate { - minMode = ACCESS_MODE_WRITE - } - newAccesses := make([]Access, 0, len(accessMap)) for userID, mode := range accessMap { - if mode < minMode { - continue - } newAccesses = append(newAccesses, Access{ UserID: userID, RepoID: repo.ID, diff --git a/models/issue.go b/models/issue.go index caaabe425..76032668e 100644 --- a/models/issue.go +++ b/models/issue.go @@ -618,7 +618,7 @@ func newIssue(e *xorm.Session, opts NewIssueOptions) (err error) { // Assume assignee is invalid and drop silently. opts.Issue.AssigneeID = 0 if assignee != nil { - valid, err := hasAccess(e, assignee, opts.Repo, ACCESS_MODE_WRITE) + valid, err := hasAccess(e, assignee, opts.Repo, ACCESS_MODE_READ) if err != nil { return fmt.Errorf("hasAccess [user_id: %d, repo_id: %d]: %v", assignee.ID, opts.Repo.ID, err) } diff --git a/models/repo.go b/models/repo.go index 71bc2b443..c788611d7 100644 --- a/models/repo.go +++ b/models/repo.go @@ -328,13 +328,14 @@ func (repo *Repository) DeleteWiki() { } } +// getAssignees returns a list of users who can be assigned to issues in this repository. func (repo *Repository) getAssignees(e Engine) (_ []*User, err error) { if err = repo.getOwner(e); err != nil { return nil, err } accesses := make([]*Access, 0, 10) - if err = e.Where("repo_id = ? AND mode >= ?", repo.ID, ACCESS_MODE_WRITE).Find(&accesses); err != nil { + if err = e.Where("repo_id = ? AND mode >= ?", repo.ID, ACCESS_MODE_READ).Find(&accesses); err != nil { return nil, err } diff --git a/models/repo_collaboration.go b/models/repo_collaboration.go index 73ec7ada3..889ff4ce0 100644 --- a/models/repo_collaboration.go +++ b/models/repo_collaboration.go @@ -126,7 +126,7 @@ func (repo *Repository) GetCollaborators() ([]*Collaborator, error) { } // ChangeCollaborationAccessMode sets new access mode for the collaboration. -func (repo *Repository) ChangeCollaborationAccessMode(uid int64, mode AccessMode) error { +func (repo *Repository) ChangeCollaborationAccessMode(userID int64, mode AccessMode) error { // Discard invalid input if mode <= ACCESS_MODE_NONE || mode > ACCESS_MODE_OWNER { return nil @@ -134,7 +134,7 @@ func (repo *Repository) ChangeCollaborationAccessMode(uid int64, mode AccessMode collaboration := &Collaboration{ RepoID: repo.ID, - UserID: uid, + UserID: userID, } has, err := x.Get(collaboration) if err != nil { @@ -156,7 +156,23 @@ func (repo *Repository) ChangeCollaborationAccessMode(uid int64, mode AccessMode if _, err = sess.Id(collaboration.ID).AllCols().Update(collaboration); err != nil { return fmt.Errorf("update collaboration: %v", err) - } else if _, err = sess.Exec("UPDATE access SET mode = ? WHERE user_id = ? AND repo_id = ?", mode, uid, repo.ID); err != nil { + } + + access := Access{ + UserID: userID, + RepoID: repo.ID, + } + has, err = sess.Get(access) + if err != nil { + return fmt.Errorf("get access record: %v", err) + } + if has { + _, err = sess.Exec("UPDATE access SET mode = ? WHERE user_id = ? AND repo_id = ?", mode, userID, repo.ID) + } else { + access.Mode = mode + _, err = sess.Insert(access) + } + if err != nil { return fmt.Errorf("update access table: %v", err) } diff --git a/models/user.go b/models/user.go index f6697e386..a5b1f9f5c 100644 --- a/models/user.go +++ b/models/user.go @@ -911,7 +911,7 @@ func GetUserByID(id int64) (*User, error) { // GetAssigneeByID returns the user with write access of repository by given ID. func GetAssigneeByID(repo *Repository, userID int64) (*User, error) { - has, err := HasAccess(&User{ID: userID}, repo, ACCESS_MODE_WRITE) + has, err := HasAccess(&User{ID: userID}, repo, ACCESS_MODE_READ) if err != nil { return nil, err } else if !has { diff --git a/public/js/gogs.js b/public/js/gogs.js index 58fed2cce..b77b11044 100644 --- a/public/js/gogs.js +++ b/public/js/gogs.js @@ -1153,7 +1153,7 @@ function searchRepositories() { if (response.ok && response.data.length) { var html = ''; $.each(response.data, function (i, item) { - html += '
' + item.full_name + '
'; + html += '
' + item.full_name + '
'; }); $results.html(html); $this.find('.results .item').click(function () { diff --git a/routers/repo/setting.go b/routers/repo/setting.go index 1f3a18cf0..240cb3c19 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -351,8 +351,11 @@ func ChangeCollaborationAccessMode(ctx *context.Context) { if err := ctx.Repo.Repository.ChangeCollaborationAccessMode( ctx.QueryInt64("uid"), models.AccessMode(ctx.QueryInt("mode"))); err != nil { - log.Error(4, "ChangeCollaborationAccessMode: %v", err) + log.Error(2, "ChangeCollaborationAccessMode: %v", err) + return } + + ctx.Status(204) } func DeleteCollaboration(ctx *context.Context) { diff --git a/templates/.VERSION b/templates/.VERSION index 8633bb346..b7e7fa156 100644 --- a/templates/.VERSION +++ b/templates/.VERSION @@ -1 +1 @@ -0.9.155.0217 \ No newline at end of file +0.9.156.0217 \ No newline at end of file