closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1641 Commits
2 Branches
178 MiB
Tree: 3ffa17c49a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3ffa17c49a'
${ noResults }
gitea/models/org.go

1085 lines
25 KiB
Raw Normal View History

Add create organization
10 years ago
Organization settings page
10 years ago
Finish create organization team
10 years ago
Finish new edit team page, add member to team
10 years ago
Work on #274
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Organization settings page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Organization settings page
10 years ago
Finish create organization team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish create organization team
10 years ago
Finish Teams page
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish delete organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish delete organization
10 years ago
Finish organization homepage
10 years ago
Finish new organization members and invitation page
10 years ago
Organization settings page
10 years ago
Work on #274
10 years ago
Organization settings page
10 years ago
Finish new home page of organization
10 years ago
Organization settings page
10 years ago
Finish new edit team page, add member to team
10 years ago
Organization settings page
10 years ago
Finish new admin dashboard
10 years ago
Continue working on new admin pages
10 years ago
Finish delete organization
10 years ago
Add create organization
10 years ago
Finish new organization members and invitation page
10 years ago
Add create organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add create organization
10 years ago
Finish Teams page
10 years ago
Finish new organization members and invitation page
10 years ago
Add create organization
10 years ago
Work on create organization repo and #257
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Bug fix on organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish new organization members and invitation page
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finsih add/remove repo in organization
10 years ago
Prepare 0.5 release
10 years ago
Finsih add/remove repo in organization
10 years ago
Prepare 0.5 release
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Prepare 0.5 release
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add create organization
10 years ago
Work on create organization repo and #257
10 years ago
Finish Teams page
10 years ago
Work on create organization repo and #257
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finsih add/remove repo in organization
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Prepare 0.5 release
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models
  6. 

  7. import (
  8. 	"errors"
  9. 	"fmt"
  10. 	"os"
  11. 	"path"
  12. 	"strings"
  13. 

  14. 	"github.com/Unknwon/com"
  15. 	"github.com/go-xorm/xorm"
  16. 

  17. 	"github.com/gogits/gogs/modules/base"
  18. )
  19. 

  20. var (
  21. 	ErrOrgNotExist      = errors.New("Organization does not exist")
  22. 	ErrTeamAlreadyExist = errors.New("Team already exist")
  23. 	ErrTeamNotExist     = errors.New("Team does not exist")
  24. 	ErrTeamNameIllegal  = errors.New("Team name contains illegal characters")
  25. 	ErrLastOrgOwner     = errors.New("The user to remove is the last member in owner team")
  26. )
  27. 

  28. // IsOrgOwner returns true if given user is in the owner team.

  29. func (org *User) IsOrgOwner(uid int64) bool {
  30. 	return IsOrganizationOwner(org.Id, uid)
  31. }
  32. 

  33. // IsOrgMember returns true if given user is member of organization.

  34. func (org *User) IsOrgMember(uid int64) bool {
  35. 	return IsOrganizationMember(org.Id, uid)
  36. }
  37. 

  38. // GetTeam returns named team of organization.

  39. func (org *User) GetTeam(name string) (*Team, error) {
  40. 	return GetTeam(org.Id, name)
  41. }
  42. 

  43. // GetOwnerTeam returns owner team of organization.

  44. func (org *User) GetOwnerTeam() (*Team, error) {
  45. 	return org.GetTeam(OWNER_TEAM)
  46. }
  47. 

  48. // GetTeams returns all teams that belong to organization.

  49. func (org *User) GetTeams() error {
  50. 	return x.Where("org_id=?", org.Id).Find(&org.Teams)
  51. }
  52. 

  53. // GetMembers returns all members of organization.

  54. func (org *User) GetMembers() error {
  55. 	ous, err := GetOrgUsersByOrgId(org.Id)
  56. 	if err != nil {
  57. 		return err
  58. 	}
  59. 

  60. 	org.Members = make([]*User, len(ous))
  61. 	for i, ou := range ous {
  62. 		org.Members[i], err = GetUserById(ou.Uid)
  63. 		if err != nil {
  64. 			return err
  65. 		}
  66. 	}
  67. 	return nil
  68. }
  69. 

  70. // AddMember adds new member to organization.

  71. func (org *User) AddMember(uid int64) error {
  72. 	return AddOrgUser(org.Id, uid)
  73. }
  74. 

  75. // RemoveMember removes member from organization.

  76. func (org *User) RemoveMember(uid int64) error {
  77. 	return RemoveOrgUser(org.Id, uid)
  78. }
  79. 

  80. // CreateOrganization creates record of a new organization.

  81. func CreateOrganization(org, owner *User) (*User, error) {
  82. 	if !IsLegalName(org.Name) {
  83. 		return nil, ErrUserNameIllegal
  84. 	}
  85. 

  86. 	isExist, err := IsUserExist(org.Name)
  87. 	if err != nil {
  88. 		return nil, err
  89. 	} else if isExist {
  90. 		return nil, ErrUserAlreadyExist
  91. 	}
  92. 

  93. 	isExist, err = IsEmailUsed(org.Email)
  94. 	if err != nil {
  95. 		return nil, err
  96. 	} else if isExist {
  97. 		return nil, ErrEmailAlreadyUsed
  98. 	}
  99. 

  100. 	org.LowerName = strings.ToLower(org.Name)
  101. 	org.FullName = org.Name
  102. 	org.Avatar = base.EncodeMd5(org.Email)
  103. 	org.AvatarEmail = org.Email
  104. 	// No password for organization.

  105. 	org.NumTeams = 1
  106. 	org.NumMembers = 1
  107. 

  108. 	sess := x.NewSession()
  109. 	defer sess.Close()
  110. 	if err = sess.Begin(); err != nil {
  111. 		return nil, err
  112. 	}
  113. 

  114. 	if _, err = sess.Insert(org); err != nil {
  115. 		sess.Rollback()
  116. 		return nil, err
  117. 	}
  118. 

  119. 	if err = os.MkdirAll(UserPath(org.Name), os.ModePerm); err != nil {
  120. 		sess.Rollback()
  121. 		return nil, err
  122. 	}
  123. 

  124. 	// Create default owner team.

  125. 	t := &Team{
  126. 		OrgId:      org.Id,
  127. 		LowerName:  strings.ToLower(OWNER_TEAM),
  128. 		Name:       OWNER_TEAM,
  129. 		Authorize:  ORG_ADMIN,
  130. 		NumMembers: 1,
  131. 	}
  132. 	if _, err = sess.Insert(t); err != nil {
  133. 		sess.Rollback()
  134. 		return nil, err
  135. 	}
  136. 

  137. 	// Add initial creator to organization and owner team.

  138. 	ou := &OrgUser{
  139. 		Uid:      owner.Id,
  140. 		OrgId:    org.Id,
  141. 		IsOwner:  true,
  142. 		NumTeams: 1,
  143. 	}
  144. 	if _, err = sess.Insert(ou); err != nil {
  145. 		sess.Rollback()
  146. 		return nil, err
  147. 	}
  148. 

  149. 	tu := &TeamUser{
  150. 		Uid:    owner.Id,
  151. 		OrgId:  org.Id,
  152. 		TeamId: t.Id,
  153. 	}
  154. 	if _, err = sess.Insert(tu); err != nil {
  155. 		sess.Rollback()
  156. 		return nil, err
  157. 	}
  158. 

  159. 	return org, sess.Commit()
  160. }
  161. 

  162. // CountOrganizations returns number of organizations.

  163. func CountOrganizations() int64 {
  164. 	count, _ := x.Where("type=1").Count(new(User))
  165. 	return count
  166. }
  167. 

  168. // GetOrganizations returns given number of organizations with offset.

  169. func GetOrganizations(num, offset int) ([]*User, error) {
  170. 	orgs := make([]*User, 0, num)
  171. 	err := x.Limit(num, offset).Where("type=1").Asc("id").Find(&orgs)
  172. 	return orgs, err
  173. }
  174. 

  175. // TODO: need some kind of mechanism to record failure.

  176. // DeleteOrganization completely and permanently deletes everything of organization.

  177. func DeleteOrganization(org *User) (err error) {
  178. 	if err := DeleteUser(org); err != nil {
  179. 		return err
  180. 	}
  181. 

  182. 	sess := x.NewSession()
  183. 	defer sess.Close()
  184. 	if err = sess.Begin(); err != nil {
  185. 		return err
  186. 	}
  187. 

  188. 	if _, err = sess.Delete(&Team{OrgId: org.Id}); err != nil {
  189. 		sess.Rollback()
  190. 		return err
  191. 	}
  192. 	if _, err = sess.Delete(&OrgUser{OrgId: org.Id}); err != nil {
  193. 		sess.Rollback()
  194. 		return err
  195. 	}
  196. 	if _, err = sess.Delete(&TeamUser{OrgId: org.Id}); err != nil {
  197. 		sess.Rollback()
  198. 		return err
  199. 	}
  200. 	return sess.Commit()
  201. }
  202. 

  203. // ________                ____ ___

  204. // \_____  \_______  ____ |    |   \______ ___________

  205. //  /   |   \_  __ \/ ___\|    |   /  ___// __ \_  __ \

  206. // /    |    \  | \/ /_/  >    |  /\___ \\  ___/|  | \/

  207. // \_______  /__|  \___  /|______//____  >\___  >__|

  208. //         \/     /_____/              \/     \/

  209. 

  210. // OrgUser represents an organization-user relation.

  211. type OrgUser struct {
  212. 	Id       int64
  213. 	Uid      int64 `xorm:"INDEX UNIQUE(s)"`
  214. 	OrgId    int64 `xorm:"INDEX UNIQUE(s)"`
  215. 	IsPublic bool
  216. 	IsOwner  bool
  217. 	NumTeams int
  218. }
  219. 

  220. // IsOrganizationOwner returns true if given user is in the owner team.

  221. func IsOrganizationOwner(orgId, uid int64) bool {
  222. 	has, _ := x.Where("is_owner=?", true).And("uid=?", uid).And("org_id=?", orgId).Get(new(OrgUser))
  223. 	return has
  224. }
  225. 

  226. // IsOrganizationMember returns true if given user is member of organization.

  227. func IsOrganizationMember(orgId, uid int64) bool {
  228. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).Get(new(OrgUser))
  229. 	return has
  230. }
  231. 

  232. // IsPublicMembership returns ture if given user public his/her membership.

  233. func IsPublicMembership(orgId, uid int64) bool {
  234. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).And("is_public=?", true).Get(new(OrgUser))
  235. 	return has
  236. }
  237. 

  238. // GetOrgUsersByUserId returns all organization-user relations by user ID.

  239. func GetOrgUsersByUserId(uid int64) ([]*OrgUser, error) {
  240. 	ous := make([]*OrgUser, 0, 10)
  241. 	err := x.Where("uid=?", uid).Find(&ous)
  242. 	return ous, err
  243. }
  244. 

  245. // GetOrgUsersByOrgId returns all organization-user relations by organization ID.

  246. func GetOrgUsersByOrgId(orgId int64) ([]*OrgUser, error) {
  247. 	ous := make([]*OrgUser, 0, 10)
  248. 	err := x.Where("org_id=?", orgId).Find(&ous)
  249. 	return ous, err
  250. }
  251. 

  252. // ChangeOrgUserStatus changes public or private membership status.

  253. func ChangeOrgUserStatus(orgId, uid int64, public bool) error {
  254. 	ou := new(OrgUser)
  255. 	has, err := x.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  256. 	if err != nil {
  257. 		return err
  258. 	} else if !has {
  259. 		return nil
  260. 	}
  261. 

  262. 	ou.IsPublic = public
  263. 	_, err = x.Id(ou.Id).AllCols().Update(ou)
  264. 	return err
  265. }
  266. 

  267. // AddOrgUser adds new user to given organization.

  268. func AddOrgUser(orgId, uid int64) error {
  269. 	if IsOrganizationMember(orgId, uid) {
  270. 		return nil
  271. 	}
  272. 

  273. 	sess := x.NewSession()
  274. 	defer sess.Close()
  275. 	if err := sess.Begin(); err != nil {
  276. 		return err
  277. 	}
  278. 

  279. 	ou := &OrgUser{
  280. 		Uid:   uid,
  281. 		OrgId: orgId,
  282. 	}
  283. 

  284. 	if _, err := sess.Insert(ou); err != nil {
  285. 		sess.Rollback()
  286. 		return err
  287. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgId); err != nil {
  288. 		sess.Rollback()
  289. 		return err
  290. 	}
  291. 

  292. 	return sess.Commit()
  293. }
  294. 

  295. // RemoveOrgUser removes user from given organization.

  296. func RemoveOrgUser(orgId, uid int64) error {
  297. 	ou := new(OrgUser)
  298. 

  299. 	has, err := x.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  300. 	if err != nil {
  301. 		return err
  302. 	} else if !has {
  303. 		return nil
  304. 	}
  305. 

  306. 	u, err := GetUserById(uid)
  307. 	if err != nil {
  308. 		return err
  309. 	}
  310. 	org, err := GetUserById(orgId)
  311. 	if err != nil {
  312. 		return err
  313. 	}
  314. 

  315. 	// Check if the user to delete is the last member in owner team.

  316. 	if IsOrganizationOwner(orgId, uid) {
  317. 		t, err := org.GetOwnerTeam()
  318. 		if err != nil {
  319. 			return err
  320. 		}
  321. 		if t.NumMembers == 1 {
  322. 			return ErrLastOrgOwner
  323. 		}
  324. 	}
  325. 

  326. 	sess := x.NewSession()
  327. 	defer sess.Close()
  328. 	if err := sess.Begin(); err != nil {
  329. 		return err
  330. 	}
  331. 

  332. 	if _, err := sess.Id(ou.Id).Delete(ou); err != nil {
  333. 		sess.Rollback()
  334. 		return err
  335. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members - 1 WHERE id = ?", orgId); err != nil {
  336. 		sess.Rollback()
  337. 		return err
  338. 	}
  339. 

  340. 	// Delete all repository accesses.

  341. 	if err = org.GetRepositories(); err != nil {
  342. 		sess.Rollback()
  343. 		return err
  344. 	}
  345. 	access := &Access{
  346. 		UserName: u.LowerName,
  347. 	}
  348. 	for _, repo := range org.Repos {
  349. 		access.RepoName = path.Join(org.LowerName, repo.LowerName)
  350. 		if _, err = sess.Delete(access); err != nil {
  351. 			sess.Rollback()
  352. 			return err
  353. 		} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  354. 			sess.Rollback()
  355. 			return err
  356. 		}
  357. 	}
  358. 

  359. 	// Delete member in his/her teams.

  360. 	ts, err := GetUserTeams(org.Id, u.Id)
  361. 	if err != nil {
  362. 		return err
  363. 	}
  364. 	for _, t := range ts {
  365. 		if err = removeTeamMemberWithSess(org.Id, t.Id, u.Id, sess); err != nil {
  366. 			return err
  367. 		}
  368. 	}
  369. 

  370. 	return sess.Commit()
  371. }
  372. 

  373. // ___________

  374. // \__    ___/___ _____    _____

  375. //   |    |_/ __ \\__  \  /     \

  376. //   |    |\  ___/ / __ \|  Y Y  \

  377. //   |____| \___  >____  /__|_|  /

  378. //              \/     \/      \/

  379. 

  380. type AuthorizeType int
  381. 

  382. const (
  383. 	ORG_READABLE AuthorizeType = iota + 1
  384. 	ORG_WRITABLE
  385. 	ORG_ADMIN
  386. )
  387. 

  388. func AuthorizeToAccessType(auth AuthorizeType) AccessType {
  389. 	if auth == ORG_READABLE {
  390. 		return READABLE
  391. 	}
  392. 	return WRITABLE
  393. }
  394. 

  395. const OWNER_TEAM = "Owners"
  396. 

  397. // Team represents a organization team.

  398. type Team struct {
  399. 	Id          int64
  400. 	OrgId       int64 `xorm:"INDEX"`
  401. 	LowerName   string
  402. 	Name        string
  403. 	Description string
  404. 	Authorize   AuthorizeType
  405. 	RepoIds     string        `xorm:"TEXT"`
  406. 	Repos       []*Repository `xorm:"-"`
  407. 	Members     []*User       `xorm:"-"`
  408. 	NumRepos    int
  409. 	NumMembers  int
  410. }
  411. 

  412. // IsOwnerTeam returns true if team is owner team.

  413. func (t *Team) IsOwnerTeam() bool {
  414. 	return t.Name == OWNER_TEAM
  415. }
  416. 

  417. // IsTeamMember returns true if given user is a member of team.

  418. func (t *Team) IsMember(uid int64) bool {
  419. 	return IsTeamMember(t.OrgId, t.Id, uid)
  420. }
  421. 

  422. // GetRepositories returns all repositories in team of organization.

  423. func (t *Team) GetRepositories() error {
  424. 	idStrs := strings.Split(t.RepoIds, "|")
  425. 	t.Repos = make([]*Repository, 0, len(idStrs))
  426. 	for _, str := range idStrs {
  427. 		if len(str) == 0 {
  428. 			continue
  429. 		}
  430. 		id := com.StrTo(str[1:]).MustInt64()
  431. 		if id == 0 {
  432. 			continue
  433. 		}
  434. 		repo, err := GetRepositoryById(id)
  435. 		if err != nil {
  436. 			return err
  437. 		}
  438. 		t.Repos = append(t.Repos, repo)
  439. 	}
  440. 	return nil
  441. }
  442. 

  443. // GetMembers returns all members in team of organization.

  444. func (t *Team) GetMembers() (err error) {
  445. 	t.Members, err = GetTeamMembers(t.OrgId, t.Id)
  446. 	return err
  447. }
  448. 

  449. // AddMember adds new member to team of organization.

  450. func (t *Team) AddMember(uid int64) error {
  451. 	return AddTeamMember(t.OrgId, t.Id, uid)
  452. }
  453. 

  454. // RemoveMember removes member from team of organization.

  455. func (t *Team) RemoveMember(uid int64) error {
  456. 	return RemoveTeamMember(t.OrgId, t.Id, uid)
  457. }
  458. 

  459. // addAccessWithAuthorize inserts or updates access with given mode.

  460. func addAccessWithAuthorize(sess *xorm.Session, access *Access, mode AccessType) error {
  461. 	has, err := x.Get(access)
  462. 	if err != nil {
  463. 		return fmt.Errorf("fail to get access: %v", err)
  464. 	}
  465. 	access.Mode = mode
  466. 	if has {
  467. 		if _, err = sess.Id(access.Id).Update(access); err != nil {
  468. 			return fmt.Errorf("fail to update access: %v", err)
  469. 		}
  470. 	} else {
  471. 		if _, err = sess.Insert(access); err != nil {
  472. 			return fmt.Errorf("fail to insert access: %v", err)
  473. 		}
  474. 	}
  475. 	return nil
  476. }
  477. 

  478. // AddRepository adds new repository to team of organization.

  479. func (t *Team) AddRepository(repo *Repository) (err error) {
  480. 	idStr := "$" + com.ToStr(repo.Id) + "|"
  481. 	if repo.OwnerId != t.OrgId {
  482. 		return errors.New("Repository not belong to organization")
  483. 	} else if strings.Contains(t.RepoIds, idStr) {
  484. 		return nil
  485. 	}
  486. 

  487. 	if err = repo.GetOwner(); err != nil {
  488. 		return err
  489. 	} else if err = t.GetMembers(); err != nil {
  490. 		return err
  491. 	}
  492. 

  493. 	sess := x.NewSession()
  494. 	defer sess.Close()
  495. 	if err = sess.Begin(); err != nil {
  496. 		return err
  497. 	}
  498. 

  499. 	t.NumRepos++
  500. 	t.RepoIds += idStr
  501. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  502. 		sess.Rollback()
  503. 		return err
  504. 	}
  505. 

  506. 	// Give access to team members.

  507. 	mode := AuthorizeToAccessType(t.Authorize)
  508. 

  509. 	for _, u := range t.Members {
  510. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
  511. 		if err != nil {
  512. 			sess.Rollback()
  513. 			return err
  514. 		}
  515. 

  516. 		access := &Access{
  517. 			UserName: u.LowerName,
  518. 			RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
  519. 		}
  520. 		if auth < t.Authorize {
  521. 			if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  522. 				sess.Rollback()
  523. 				return err
  524. 			}
  525. 		}
  526. 		if err = WatchRepo(u.Id, repo.Id, true); err != nil {
  527. 			sess.Rollback()
  528. 			return err
  529. 		}
  530. 	}
  531. 	return sess.Commit()
  532. }
  533. 

  534. // RemoveRepository removes repository from team of organization.

  535. func (t *Team) RemoveRepository(repoId int64) error {
  536. 	idStr := "$" + com.ToStr(repoId) + "|"
  537. 	if !strings.Contains(t.RepoIds, idStr) {
  538. 		return nil
  539. 	}
  540. 

  541. 	repo, err := GetRepositoryById(repoId)
  542. 	if err != nil {
  543. 		return err
  544. 	}
  545. 

  546. 	if err = repo.GetOwner(); err != nil {
  547. 		return err
  548. 	} else if err = t.GetMembers(); err != nil {
  549. 		return err
  550. 	}
  551. 

  552. 	sess := x.NewSession()
  553. 	defer sess.Close()
  554. 	if err = sess.Begin(); err != nil {
  555. 		return err
  556. 	}
  557. 

  558. 	t.NumRepos--
  559. 	t.RepoIds = strings.Replace(t.RepoIds, idStr, "", 1)
  560. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  561. 		sess.Rollback()
  562. 		return err
  563. 	}
  564. 

  565. 	// Remove access to team members.

  566. 	for _, u := range t.Members {
  567. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
  568. 		if err != nil {
  569. 			sess.Rollback()
  570. 			return err
  571. 		}
  572. 

  573. 		access := &Access{
  574. 			UserName: u.LowerName,
  575. 			RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
  576. 		}
  577. 		if auth == 0 {
  578. 			if _, err = sess.Delete(access); err != nil {
  579. 				sess.Rollback()
  580. 				return fmt.Errorf("fail to delete access: %v", err)
  581. 			} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  582. 				sess.Rollback()
  583. 				return err
  584. 			}
  585. 		} else if auth < t.Authorize {
  586. 			if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  587. 				sess.Rollback()
  588. 				return err
  589. 			}
  590. 		}
  591. 	}
  592. 

  593. 	return sess.Commit()
  594. }
  595. 

  596. // NewTeam creates a record of new team.

  597. // It's caller's responsibility to assign organization ID.

  598. func NewTeam(t *Team) error {
  599. 	if !IsLegalName(t.Name) {
  600. 		return ErrTeamNameIllegal
  601. 	}
  602. 

  603. 	has, err := x.Id(t.OrgId).Get(new(User))
  604. 	if err != nil {
  605. 		return err
  606. 	} else if !has {
  607. 		return ErrOrgNotExist
  608. 	}
  609. 

  610. 	t.LowerName = strings.ToLower(t.Name)
  611. 	has, err = x.Where("org_id=?", t.OrgId).And("lower_name=?", t.LowerName).Get(new(Team))
  612. 	if err != nil {
  613. 		return err
  614. 	} else if has {
  615. 		return ErrTeamAlreadyExist
  616. 	}
  617. 

  618. 	sess := x.NewSession()
  619. 	defer sess.Close()
  620. 	if err = sess.Begin(); err != nil {
  621. 		return err
  622. 	}
  623. 

  624. 	if _, err = sess.Insert(t); err != nil {
  625. 		sess.Rollback()
  626. 		return err
  627. 	}
  628. 

  629. 	// Update organization number of teams.

  630. 	if _, err = sess.Exec("UPDATE `user` SET num_teams = num_teams + 1 WHERE id = ?", t.OrgId); err != nil {
  631. 		sess.Rollback()
  632. 		return err
  633. 	}
  634. 	return sess.Commit()
  635. }
  636. 

  637. // GetTeam returns team by given team name and organization.

  638. func GetTeam(orgId int64, name string) (*Team, error) {
  639. 	t := &Team{
  640. 		OrgId:     orgId,
  641. 		LowerName: strings.ToLower(name),
  642. 	}
  643. 	has, err := x.Get(t)
  644. 	if err != nil {
  645. 		return nil, err
  646. 	} else if !has {
  647. 		return nil, ErrTeamNotExist
  648. 	}
  649. 	return t, nil
  650. }
  651. 

  652. // GetTeamById returns team by given ID.

  653. func GetTeamById(teamId int64) (*Team, error) {
  654. 	t := new(Team)
  655. 	has, err := x.Id(teamId).Get(t)
  656. 	if err != nil {
  657. 		return nil, err
  658. 	} else if !has {
  659. 		return nil, ErrTeamNotExist
  660. 	}
  661. 	return t, nil
  662. }
  663. 

  664. // GetHighestAuthorize returns highest repository authorize level for given user and team.

  665. func GetHighestAuthorize(orgId, uid, repoId, teamId int64) (AuthorizeType, error) {
  666. 	ts, err := GetUserTeams(orgId, uid)
  667. 	if err != nil {
  668. 		return 0, err
  669. 	}
  670. 

  671. 	var auth AuthorizeType = 0
  672. 	for _, t := range ts {
  673. 		// Not current team and has given repository.

  674. 		if t.Id != teamId && strings.Contains(t.RepoIds, "$"+com.ToStr(repoId)+"|") {
  675. 			// Fast return.

  676. 			if t.Authorize == ORG_WRITABLE {
  677. 				return ORG_WRITABLE, nil
  678. 			}
  679. 			if t.Authorize > auth {
  680. 				auth = t.Authorize
  681. 			}
  682. 		}
  683. 	}
  684. 

  685. 	return auth, nil
  686. }
  687. 

  688. // UpdateTeam updates information of team.

  689. func UpdateTeam(t *Team, authChanged bool) (err error) {
  690. 	if !IsLegalName(t.Name) {
  691. 		return ErrTeamNameIllegal
  692. 	}
  693. 

  694. 	if len(t.Description) > 255 {
  695. 		t.Description = t.Description[:255]
  696. 	}
  697. 

  698. 	sess := x.NewSession()
  699. 	defer sess.Close()
  700. 	if err = sess.Begin(); err != nil {
  701. 		return err
  702. 	}
  703. 

  704. 	// Update access for team members if needed.

  705. 	if authChanged && !t.IsOwnerTeam() {
  706. 		if err = t.GetRepositories(); err != nil {
  707. 			return err
  708. 		} else if err = t.GetMembers(); err != nil {
  709. 			return err
  710. 		}
  711. 

  712. 		// Get organization.

  713. 		org, err := GetUserById(t.OrgId)
  714. 		if err != nil {
  715. 			return err
  716. 		}
  717. 

  718. 		// Update access.

  719. 		mode := AuthorizeToAccessType(t.Authorize)
  720. 

  721. 		for _, repo := range t.Repos {
  722. 			for _, u := range t.Members {
  723. 				// ORG_WRITABLE is the highest authorize level for now.

  724. 				// Skip checking others if current team has this level.

  725. 				if t.Authorize < ORG_WRITABLE {
  726. 					auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
  727. 					if err != nil {
  728. 						sess.Rollback()
  729. 						return err
  730. 					}
  731. 					if auth >= t.Authorize {
  732. 						continue // Other team has higher or same authorize level.

  733. 					}
  734. 				}
  735. 

  736. 				access := &Access{
  737. 					UserName: u.LowerName,
  738. 					RepoName: path.Join(org.LowerName, repo.LowerName),
  739. 				}
  740. 				if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  741. 					sess.Rollback()
  742. 					return err
  743. 				}
  744. 			}
  745. 		}
  746. 	}
  747. 

  748. 	t.LowerName = strings.ToLower(t.Name)
  749. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  750. 		sess.Rollback()
  751. 		return err
  752. 	}
  753. 	return sess.Commit()
  754. }
  755. 

  756. // DeleteTeam deletes given team.

  757. // It's caller's responsibility to assign organization ID.

  758. func DeleteTeam(t *Team) error {
  759. 	if err := t.GetRepositories(); err != nil {
  760. 		return err
  761. 	} else if err = t.GetMembers(); err != nil {
  762. 		return err
  763. 	}
  764. 

  765. 	// Get organization.

  766. 	org, err := GetUserById(t.OrgId)
  767. 	if err != nil {
  768. 		return err
  769. 	}
  770. 

  771. 	sess := x.NewSession()
  772. 	defer sess.Close()
  773. 	if err = sess.Begin(); err != nil {
  774. 		return err
  775. 	}
  776. 

  777. 	// Delete all accesses.

  778. 	for _, repo := range t.Repos {
  779. 		for _, u := range t.Members {
  780. 			auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
  781. 			if err != nil {
  782. 				sess.Rollback()
  783. 				return err
  784. 			}
  785. 

  786. 			access := &Access{
  787. 				UserName: u.LowerName,
  788. 				RepoName: path.Join(org.LowerName, repo.LowerName),
  789. 			}
  790. 			if auth == 0 {
  791. 				if _, err = sess.Delete(access); err != nil {
  792. 					sess.Rollback()
  793. 					return fmt.Errorf("fail to delete access: %v", err)
  794. 				}
  795. 			} else if auth < t.Authorize {
  796. 				// Downgrade authorize level.

  797. 				if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  798. 					sess.Rollback()
  799. 					return err
  800. 				}
  801. 			}
  802. 		}
  803. 	}
  804. 

  805. 	// Delete team-user.

  806. 	if _, err = sess.Where("org_id=?", org.Id).Where("team_id=?", t.Id).Delete(new(TeamUser)); err != nil {
  807. 		sess.Rollback()
  808. 		return err
  809. 	}
  810. 

  811. 	// Delete team.

  812. 	if _, err = sess.Id(t.Id).Delete(new(Team)); err != nil {
  813. 		sess.Rollback()
  814. 		return err
  815. 	}
  816. 	// Update organization number of teams.

  817. 	if _, err = sess.Exec("UPDATE `user` SET num_teams = num_teams - 1 WHERE id = ?", t.OrgId); err != nil {
  818. 		sess.Rollback()
  819. 		return err
  820. 	}
  821. 

  822. 	return sess.Commit()
  823. }
  824. 

  825. // ___________                    ____ ___

  826. // \__    ___/___ _____    _____ |    |   \______ ___________

  827. //   |    |_/ __ \\__  \  /     \|    |   /  ___// __ \_  __ \

  828. //   |    |\  ___/ / __ \|  Y Y  \    |  /\___ \\  ___/|  | \/

  829. //   |____| \___  >____  /__|_|  /______//____  >\___  >__|

  830. //              \/     \/      \/             \/     \/

  831. 

  832. // TeamUser represents an team-user relation.

  833. type TeamUser struct {
  834. 	Id     int64
  835. 	Uid    int64
  836. 	OrgId  int64 `xorm:"INDEX"`
  837. 	TeamId int64
  838. }
  839. 

  840. // IsTeamMember returns true if given user is a member of team.

  841. func IsTeamMember(orgId, teamId, uid int64) bool {
  842. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).And("team_id=?", teamId).Get(new(TeamUser))
  843. 	return has
  844. }
  845. 

  846. // GetTeamMembers returns all members in given team of organization.

  847. func GetTeamMembers(orgId, teamId int64) ([]*User, error) {
  848. 	tus := make([]*TeamUser, 0, 10)
  849. 	err := x.Where("org_id=?", orgId).And("team_id=?", teamId).Find(&tus)
  850. 	if err != nil {
  851. 		return nil, err
  852. 	}
  853. 

  854. 	us := make([]*User, len(tus))
  855. 	for i, tu := range tus {
  856. 		us[i], err = GetUserById(tu.Uid)
  857. 		if err != nil {
  858. 			return nil, err
  859. 		}
  860. 	}
  861. 	return us, nil
  862. }
  863. 

  864. // GetUserTeams returns all teams that user belongs to in given origanization.

  865. func GetUserTeams(orgId, uid int64) ([]*Team, error) {
  866. 	tus := make([]*TeamUser, 0, 5)
  867. 	if err := x.Where("uid=?", uid).And("org_id=?", orgId).Find(&tus); err != nil {
  868. 		return nil, err
  869. 	}
  870. 

  871. 	ts := make([]*Team, len(tus))
  872. 	for i, tu := range tus {
  873. 		t := new(Team)
  874. 		has, err := x.Id(tu.TeamId).Get(t)
  875. 		if err != nil {
  876. 			return nil, err
  877. 		} else if !has {
  878. 			return nil, ErrTeamNotExist
  879. 		}
  880. 		ts[i] = t
  881. 	}
  882. 	return ts, nil
  883. }
  884. 

  885. // AddTeamMember adds new member to given team of given organization.

  886. func AddTeamMember(orgId, teamId, uid int64) error {
  887. 	if IsTeamMember(orgId, teamId, uid) {
  888. 		return nil
  889. 	}
  890. 

  891. 	if err := AddOrgUser(orgId, uid); err != nil {
  892. 		return err
  893. 	}
  894. 

  895. 	// Get team and its repositories.

  896. 	t, err := GetTeamById(teamId)
  897. 	if err != nil {
  898. 		return err
  899. 	}
  900. 	t.NumMembers++
  901. 

  902. 	if err = t.GetRepositories(); err != nil {
  903. 		return err
  904. 	}
  905. 

  906. 	// Get organization.

  907. 	org, err := GetUserById(orgId)
  908. 	if err != nil {
  909. 		return err
  910. 	}
  911. 

  912. 	// Get user.

  913. 	u, err := GetUserById(uid)
  914. 	if err != nil {
  915. 		return err
  916. 	}
  917. 

  918. 	sess := x.NewSession()
  919. 	defer sess.Close()
  920. 	if err = sess.Begin(); err != nil {
  921. 		return err
  922. 	}
  923. 

  924. 	tu := &TeamUser{
  925. 		Uid:    uid,
  926. 		OrgId:  orgId,
  927. 		TeamId: teamId,
  928. 	}
  929. 

  930. 	if _, err = sess.Insert(tu); err != nil {
  931. 		sess.Rollback()
  932. 		return err
  933. 	} else if _, err = sess.Id(t.Id).Update(t); err != nil {
  934. 		sess.Rollback()
  935. 		return err
  936. 	}
  937. 

  938. 	// Give access to team repositories.

  939. 	mode := AuthorizeToAccessType(t.Authorize)
  940. 	for _, repo := range t.Repos {
  941. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, teamId)
  942. 		if err != nil {
  943. 			sess.Rollback()
  944. 			return err
  945. 		}
  946. 

  947. 		access := &Access{
  948. 			UserName: u.LowerName,
  949. 			RepoName: path.Join(org.LowerName, repo.LowerName),
  950. 		}
  951. 		if auth < t.Authorize {
  952. 			if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  953. 				sess.Rollback()
  954. 				return err
  955. 			}
  956. 		}
  957. 	}
  958. 

  959. 	// We make sure it exists before.

  960. 	ou := new(OrgUser)
  961. 	_, err = sess.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  962. 	if err != nil {
  963. 		sess.Rollback()
  964. 		return err
  965. 	}
  966. 	ou.NumTeams++
  967. 	if t.IsOwnerTeam() {
  968. 		ou.IsOwner = true
  969. 	}
  970. 	if _, err = sess.Id(ou.Id).AllCols().Update(ou); err != nil {
  971. 		sess.Rollback()
  972. 		return err
  973. 	}
  974. 

  975. 	return sess.Commit()
  976. }
  977. 

  978. func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) error {
  979. 	if !IsTeamMember(orgId, teamId, uid) {
  980. 		return nil
  981. 	}
  982. 

  983. 	// Get team and its repositories.

  984. 	t, err := GetTeamById(teamId)
  985. 	if err != nil {
  986. 		return err
  987. 	}
  988. 

  989. 	// Check if the user to delete is the last member in owner team.

  990. 	if t.IsOwnerTeam() && t.NumMembers == 1 {
  991. 		return ErrLastOrgOwner
  992. 	}
  993. 

  994. 	t.NumMembers--
  995. 

  996. 	if err = t.GetRepositories(); err != nil {
  997. 		return err
  998. 	}
  999. 

  1000. 	// Get organization.

  1001. 	org, err := GetUserById(orgId)
  1002. 	if err != nil {
  1003. 		return err
  1004. 	}
  1005. 

  1006. 	// Get user.

  1007. 	u, err := GetUserById(uid)
  1008. 	if err != nil {
  1009. 		return err
  1010. 	}
  1011. 

  1012. 	tu := &TeamUser{
  1013. 		Uid:    uid,
  1014. 		OrgId:  orgId,
  1015. 		TeamId: teamId,
  1016. 	}
  1017. 

  1018. 	if _, err := sess.Delete(tu); err != nil {
  1019. 		sess.Rollback()
  1020. 		return err
  1021. 	} else if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  1022. 		sess.Rollback()
  1023. 		return err
  1024. 	}
  1025. 

  1026. 	// Delete access to team repositories.

  1027. 	for _, repo := range t.Repos {
  1028. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, teamId)
  1029. 		if err != nil {
  1030. 			sess.Rollback()
  1031. 			return err
  1032. 		}
  1033. 

  1034. 		access := &Access{
  1035. 			UserName: u.LowerName,
  1036. 			RepoName: path.Join(org.LowerName, repo.LowerName),
  1037. 		}
  1038. 		// Delete access if this is the last team user belongs to.

  1039. 		if auth == 0 {
  1040. 			if _, err = sess.Delete(access); err != nil {
  1041. 				sess.Rollback()
  1042. 				return fmt.Errorf("fail to delete access: %v", err)
  1043. 			} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  1044. 				sess.Rollback()
  1045. 				return err
  1046. 			}
  1047. 		} else if auth < t.Authorize {
  1048. 			// Downgrade authorize level.

  1049. 			if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  1050. 				sess.Rollback()
  1051. 				return err
  1052. 			}
  1053. 		}
  1054. 	}
  1055. 

  1056. 	// This must exist.

  1057. 	ou := new(OrgUser)
  1058. 	_, err = sess.Where("uid=?", uid).And("org_id=?", org.Id).Get(ou)
  1059. 	if err != nil {
  1060. 		sess.Rollback()
  1061. 		return err
  1062. 	}
  1063. 	ou.NumTeams--
  1064. 	if t.IsOwnerTeam() {
  1065. 		ou.IsOwner = false
  1066. 	}
  1067. 	if _, err = sess.Id(ou.Id).AllCols().Update(ou); err != nil {
  1068. 		sess.Rollback()
  1069. 		return err
  1070. 	}
  1071. 	return nil
  1072. }
  1073. 

  1074. // RemoveTeamMember removes member from given team of given organization.

  1075. func RemoveTeamMember(orgId, teamId, uid int64) error {
  1076. 	sess := x.NewSession()
  1077. 	defer sess.Close()
  1078. 	if err := sess.Begin(); err != nil {
  1079. 		return err
  1080. 	}
  1081. 	if err := removeTeamMemberWithSess(orgId, teamId, uid, sess); err != nil {
  1082. 		return err
  1083. 	}
  1084. 	return sess.Commit()
  1085. }