closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1881 Commits
2 Branches
178 MiB
Tree: 5ffeca35e7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '5ffeca35e7'
${ noResults }
gitea/models/org.go

1103 lines
25 KiB
Raw Normal View History

Add create organization
10 years ago
Organization settings page
10 years ago
Finish create organization team
10 years ago
Finish new edit team page, add member to team
10 years ago
Work on #274
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Organization settings page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Organization settings page
10 years ago
Finish create organization team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish create organization team
10 years ago
api: able to create repo and fix #726 - POST /user/repos - POST /org/:org/repos
10 years ago
Finish Teams page
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish delete organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish delete organization
10 years ago
Finish organization homepage
10 years ago
Finish new organization members and invitation page
10 years ago
fix #644
10 years ago
Organization settings page
10 years ago
fix #644
10 years ago
Organization settings page
10 years ago
Work on #274
10 years ago
Organization settings page
10 years ago
Finish new home page of organization
10 years ago
Organization settings page
10 years ago
Finish new edit team page, add member to team
10 years ago
Organization settings page
10 years ago
api: able to create repo and fix #726 - POST /user/repos - POST /org/:org/repos
10 years ago
Finish new admin dashboard
10 years ago
Continue working on new admin pages
10 years ago
Finish delete organization
10 years ago
Add create organization
10 years ago
Finish new organization members and invitation page
10 years ago
Add create organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add create organization
10 years ago
Finish Teams page
10 years ago
Fix spelling errors in comments.
10 years ago
Finish new organization members and invitation page
10 years ago
Add create organization
10 years ago
Work on create organization repo and #257
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Bug fix on organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish new organization members and invitation page
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finsih add/remove repo in organization
10 years ago
Prepare 0.5 release
10 years ago
Finsih add/remove repo in organization
10 years ago
Prepare 0.5 release
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Prepare 0.5 release
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add create organization
10 years ago
Work on create organization repo and #257
10 years ago
Finish Teams page
10 years ago
Work on create organization repo and #257
10 years ago
Fix #540
10 years ago
Fix #540
10 years ago
bug fixed for #540
10 years ago
Work on create organization repo and #257
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Fix spelling errors in comments.
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finsih add/remove repo in organization
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Prepare 0.5 release
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Prepare 0.5 release
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models
  6. 

  7. import (
  8. 	"errors"
  9. 	"fmt"
  10. 	"os"
  11. 	"path"
  12. 	"strings"
  13. 

  14. 	"github.com/Unknwon/com"
  15. 	"github.com/go-xorm/xorm"
  16. 

  17. 	"github.com/gogits/gogs/modules/base"
  18. )
  19. 

  20. var (
  21. 	ErrOrgNotExist      = errors.New("Organization does not exist")
  22. 	ErrTeamAlreadyExist = errors.New("Team already exist")
  23. 	ErrTeamNotExist     = errors.New("Team does not exist")
  24. 	ErrTeamNameIllegal  = errors.New("Team name contains illegal characters")
  25. 	ErrLastOrgOwner     = errors.New("The user to remove is the last member in owner team")
  26. )
  27. 

  28. // IsOwnedBy returns true if given user is in the owner team.

  29. func (org *User) IsOwnedBy(uid int64) bool {
  30. 	return IsOrganizationOwner(org.Id, uid)
  31. }
  32. 

  33. // IsOrgMember returns true if given user is member of organization.

  34. func (org *User) IsOrgMember(uid int64) bool {
  35. 	return IsOrganizationMember(org.Id, uid)
  36. }
  37. 

  38. // GetTeam returns named team of organization.

  39. func (org *User) GetTeam(name string) (*Team, error) {
  40. 	return GetTeam(org.Id, name)
  41. }
  42. 

  43. // GetOwnerTeam returns owner team of organization.

  44. func (org *User) GetOwnerTeam() (*Team, error) {
  45. 	return org.GetTeam(OWNER_TEAM)
  46. }
  47. 

  48. // GetTeams returns all teams that belong to organization.

  49. func (org *User) GetTeams() error {
  50. 	return x.Where("org_id=?", org.Id).Find(&org.Teams)
  51. }
  52. 

  53. // GetMembers returns all members of organization.

  54. func (org *User) GetMembers() error {
  55. 	ous, err := GetOrgUsersByOrgId(org.Id)
  56. 	if err != nil {
  57. 		return err
  58. 	}
  59. 

  60. 	org.Members = make([]*User, len(ous))
  61. 	for i, ou := range ous {
  62. 		org.Members[i], err = GetUserById(ou.Uid)
  63. 		if err != nil {
  64. 			return err
  65. 		}
  66. 	}
  67. 	return nil
  68. }
  69. 

  70. // AddMember adds new member to organization.

  71. func (org *User) AddMember(uid int64) error {
  72. 	return AddOrgUser(org.Id, uid)
  73. }
  74. 

  75. // RemoveMember removes member from organization.

  76. func (org *User) RemoveMember(uid int64) error {
  77. 	return RemoveOrgUser(org.Id, uid)
  78. }
  79. 

  80. // IsOrgEmailUsed returns true if the e-mail has been used in organization account.

  81. func IsOrgEmailUsed(email string) (bool, error) {
  82. 	if len(email) == 0 {
  83. 		return false, nil
  84. 	}
  85. 	return x.Get(&User{
  86. 		Email: email,
  87. 		Type:  ORGANIZATION,
  88. 	})
  89. }
  90. 

  91. // CreateOrganization creates record of a new organization.

  92. func CreateOrganization(org, owner *User) (*User, error) {
  93. 	if !IsLegalName(org.Name) {
  94. 		return nil, ErrUserNameIllegal
  95. 	}
  96. 

  97. 	isExist, err := IsUserExist(org.Name)
  98. 	if err != nil {
  99. 		return nil, err
  100. 	} else if isExist {
  101. 		return nil, ErrUserAlreadyExist
  102. 	}
  103. 

  104. 	isExist, err = IsOrgEmailUsed(org.Email)
  105. 	if err != nil {
  106. 		return nil, err
  107. 	} else if isExist {
  108. 		return nil, ErrEmailAlreadyUsed
  109. 	}
  110. 

  111. 	org.LowerName = strings.ToLower(org.Name)
  112. 	org.FullName = org.Name
  113. 	org.Avatar = base.EncodeMd5(org.Email)
  114. 	org.AvatarEmail = org.Email
  115. 	// No password for organization.

  116. 	org.NumTeams = 1
  117. 	org.NumMembers = 1
  118. 

  119. 	sess := x.NewSession()
  120. 	defer sess.Close()
  121. 	if err = sess.Begin(); err != nil {
  122. 		return nil, err
  123. 	}
  124. 

  125. 	if _, err = sess.Insert(org); err != nil {
  126. 		sess.Rollback()
  127. 		return nil, err
  128. 	}
  129. 

  130. 	if err = os.MkdirAll(UserPath(org.Name), os.ModePerm); err != nil {
  131. 		sess.Rollback()
  132. 		return nil, err
  133. 	}
  134. 

  135. 	// Create default owner team.

  136. 	t := &Team{
  137. 		OrgId:      org.Id,
  138. 		LowerName:  strings.ToLower(OWNER_TEAM),
  139. 		Name:       OWNER_TEAM,
  140. 		Authorize:  ORG_ADMIN,
  141. 		NumMembers: 1,
  142. 	}
  143. 	if _, err = sess.Insert(t); err != nil {
  144. 		sess.Rollback()
  145. 		return nil, err
  146. 	}
  147. 

  148. 	// Add initial creator to organization and owner team.

  149. 	ou := &OrgUser{
  150. 		Uid:      owner.Id,
  151. 		OrgId:    org.Id,
  152. 		IsOwner:  true,
  153. 		NumTeams: 1,
  154. 	}
  155. 	if _, err = sess.Insert(ou); err != nil {
  156. 		sess.Rollback()
  157. 		return nil, err
  158. 	}
  159. 

  160. 	tu := &TeamUser{
  161. 		Uid:    owner.Id,
  162. 		OrgId:  org.Id,
  163. 		TeamId: t.Id,
  164. 	}
  165. 	if _, err = sess.Insert(tu); err != nil {
  166. 		sess.Rollback()
  167. 		return nil, err
  168. 	}
  169. 

  170. 	return org, sess.Commit()
  171. }
  172. 

  173. // GetOrgByName returns organization by given name.

  174. func GetOrgByName(name string) (*User, error) {
  175. 	if len(name) == 0 {
  176. 		return nil, ErrOrgNotExist
  177. 	}
  178. 	u := &User{
  179. 		LowerName: strings.ToLower(name),
  180. 		Type:      ORGANIZATION,
  181. 	}
  182. 	has, err := x.Get(u)
  183. 	if err != nil {
  184. 		return nil, err
  185. 	} else if !has {
  186. 		return nil, ErrOrgNotExist
  187. 	}
  188. 	return u, nil
  189. }
  190. 

  191. // CountOrganizations returns number of organizations.

  192. func CountOrganizations() int64 {
  193. 	count, _ := x.Where("type=1").Count(new(User))
  194. 	return count
  195. }
  196. 

  197. // GetOrganizations returns given number of organizations with offset.

  198. func GetOrganizations(num, offset int) ([]*User, error) {
  199. 	orgs := make([]*User, 0, num)
  200. 	err := x.Limit(num, offset).Where("type=1").Asc("id").Find(&orgs)
  201. 	return orgs, err
  202. }
  203. 

  204. // TODO: need some kind of mechanism to record failure.

  205. // DeleteOrganization completely and permanently deletes everything of organization.

  206. func DeleteOrganization(org *User) (err error) {
  207. 	if err := DeleteUser(org); err != nil {
  208. 		return err
  209. 	}
  210. 

  211. 	sess := x.NewSession()
  212. 	defer sess.Close()
  213. 	if err = sess.Begin(); err != nil {
  214. 		return err
  215. 	}
  216. 

  217. 	if _, err = sess.Delete(&Team{OrgId: org.Id}); err != nil {
  218. 		sess.Rollback()
  219. 		return err
  220. 	}
  221. 	if _, err = sess.Delete(&OrgUser{OrgId: org.Id}); err != nil {
  222. 		sess.Rollback()
  223. 		return err
  224. 	}
  225. 	if _, err = sess.Delete(&TeamUser{OrgId: org.Id}); err != nil {
  226. 		sess.Rollback()
  227. 		return err
  228. 	}
  229. 	return sess.Commit()
  230. }
  231. 

  232. // ________                ____ ___

  233. // \_____  \_______  ____ |    |   \______ ___________

  234. //  /   |   \_  __ \/ ___\|    |   /  ___// __ \_  __ \

  235. // /    |    \  | \/ /_/  >    |  /\___ \\  ___/|  | \/

  236. // \_______  /__|  \___  /|______//____  >\___  >__|

  237. //         \/     /_____/              \/     \/

  238. 

  239. // OrgUser represents an organization-user relation.

  240. type OrgUser struct {
  241. 	Id       int64
  242. 	Uid      int64 `xorm:"INDEX UNIQUE(s)"`
  243. 	OrgId    int64 `xorm:"INDEX UNIQUE(s)"`
  244. 	IsPublic bool
  245. 	IsOwner  bool
  246. 	NumTeams int
  247. }
  248. 

  249. // IsOrganizationOwner returns true if given user is in the owner team.

  250. func IsOrganizationOwner(orgId, uid int64) bool {
  251. 	has, _ := x.Where("is_owner=?", true).And("uid=?", uid).And("org_id=?", orgId).Get(new(OrgUser))
  252. 	return has
  253. }
  254. 

  255. // IsOrganizationMember returns true if given user is member of organization.

  256. func IsOrganizationMember(orgId, uid int64) bool {
  257. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).Get(new(OrgUser))
  258. 	return has
  259. }
  260. 

  261. // IsPublicMembership returns true if given user public his/her membership.

  262. func IsPublicMembership(orgId, uid int64) bool {
  263. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).And("is_public=?", true).Get(new(OrgUser))
  264. 	return has
  265. }
  266. 

  267. // GetOrgUsersByUserId returns all organization-user relations by user ID.

  268. func GetOrgUsersByUserId(uid int64) ([]*OrgUser, error) {
  269. 	ous := make([]*OrgUser, 0, 10)
  270. 	err := x.Where("uid=?", uid).Find(&ous)
  271. 	return ous, err
  272. }
  273. 

  274. // GetOrgUsersByOrgId returns all organization-user relations by organization ID.

  275. func GetOrgUsersByOrgId(orgId int64) ([]*OrgUser, error) {
  276. 	ous := make([]*OrgUser, 0, 10)
  277. 	err := x.Where("org_id=?", orgId).Find(&ous)
  278. 	return ous, err
  279. }
  280. 

  281. // ChangeOrgUserStatus changes public or private membership status.

  282. func ChangeOrgUserStatus(orgId, uid int64, public bool) error {
  283. 	ou := new(OrgUser)
  284. 	has, err := x.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  285. 	if err != nil {
  286. 		return err
  287. 	} else if !has {
  288. 		return nil
  289. 	}
  290. 

  291. 	ou.IsPublic = public
  292. 	_, err = x.Id(ou.Id).AllCols().Update(ou)
  293. 	return err
  294. }
  295. 

  296. // AddOrgUser adds new user to given organization.

  297. func AddOrgUser(orgId, uid int64) error {
  298. 	if IsOrganizationMember(orgId, uid) {
  299. 		return nil
  300. 	}
  301. 

  302. 	sess := x.NewSession()
  303. 	defer sess.Close()
  304. 	if err := sess.Begin(); err != nil {
  305. 		return err
  306. 	}
  307. 

  308. 	ou := &OrgUser{
  309. 		Uid:   uid,
  310. 		OrgId: orgId,
  311. 	}
  312. 

  313. 	if _, err := sess.Insert(ou); err != nil {
  314. 		sess.Rollback()
  315. 		return err
  316. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgId); err != nil {
  317. 		sess.Rollback()
  318. 		return err
  319. 	}
  320. 

  321. 	return sess.Commit()
  322. }
  323. 

  324. // RemoveOrgUser removes user from given organization.

  325. func RemoveOrgUser(orgId, uid int64) error {
  326. 	ou := new(OrgUser)
  327. 

  328. 	has, err := x.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  329. 	if err != nil {
  330. 		return err
  331. 	} else if !has {
  332. 		return nil
  333. 	}
  334. 

  335. 	u, err := GetUserById(uid)
  336. 	if err != nil {
  337. 		return err
  338. 	}
  339. 	org, err := GetUserById(orgId)
  340. 	if err != nil {
  341. 		return err
  342. 	}
  343. 

  344. 	// Check if the user to delete is the last member in owner team.

  345. 	if IsOrganizationOwner(orgId, uid) {
  346. 		t, err := org.GetOwnerTeam()
  347. 		if err != nil {
  348. 			return err
  349. 		}
  350. 		if t.NumMembers == 1 {
  351. 			return ErrLastOrgOwner
  352. 		}
  353. 	}
  354. 

  355. 	sess := x.NewSession()
  356. 	defer sess.Close()
  357. 	if err := sess.Begin(); err != nil {
  358. 		return err
  359. 	}
  360. 

  361. 	if _, err := sess.Id(ou.Id).Delete(ou); err != nil {
  362. 		sess.Rollback()
  363. 		return err
  364. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members - 1 WHERE id = ?", orgId); err != nil {
  365. 		sess.Rollback()
  366. 		return err
  367. 	}
  368. 

  369. 	// Delete all repository accesses.

  370. 	if err = org.GetRepositories(); err != nil {
  371. 		sess.Rollback()
  372. 		return err
  373. 	}
  374. 	access := &Access{
  375. 		UserName: u.LowerName,
  376. 	}
  377. 	for _, repo := range org.Repos {
  378. 		access.RepoName = path.Join(org.LowerName, repo.LowerName)
  379. 		if _, err = sess.Delete(access); err != nil {
  380. 			sess.Rollback()
  381. 			return err
  382. 		} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  383. 			sess.Rollback()
  384. 			return err
  385. 		}
  386. 	}
  387. 

  388. 	// Delete member in his/her teams.

  389. 	ts, err := GetUserTeams(org.Id, u.Id)
  390. 	if err != nil {
  391. 		return err
  392. 	}
  393. 	for _, t := range ts {
  394. 		if err = removeTeamMemberWithSess(org.Id, t.Id, u.Id, sess); err != nil {
  395. 			return err
  396. 		}
  397. 	}
  398. 

  399. 	return sess.Commit()
  400. }
  401. 

  402. // ___________

  403. // \__    ___/___ _____    _____

  404. //   |    |_/ __ \\__  \  /     \

  405. //   |    |\  ___/ / __ \|  Y Y  \

  406. //   |____| \___  >____  /__|_|  /

  407. //              \/     \/      \/

  408. 

  409. type AuthorizeType int
  410. 

  411. const (
  412. 	ORG_READABLE AuthorizeType = iota + 1
  413. 	ORG_WRITABLE
  414. 	ORG_ADMIN
  415. )
  416. 

  417. func AuthorizeToAccessType(auth AuthorizeType) AccessType {
  418. 	if auth == ORG_READABLE {
  419. 		return READABLE
  420. 	}
  421. 	return WRITABLE
  422. }
  423. 

  424. const OWNER_TEAM = "Owners"
  425. 

  426. // Team represents a organization team.

  427. type Team struct {
  428. 	Id          int64
  429. 	OrgId       int64 `xorm:"INDEX"`
  430. 	LowerName   string
  431. 	Name        string
  432. 	Description string
  433. 	Authorize   AuthorizeType
  434. 	RepoIds     string        `xorm:"TEXT"`
  435. 	Repos       []*Repository `xorm:"-"`
  436. 	Members     []*User       `xorm:"-"`
  437. 	NumRepos    int
  438. 	NumMembers  int
  439. }
  440. 

  441. // IsOwnerTeam returns true if team is owner team.

  442. func (t *Team) IsOwnerTeam() bool {
  443. 	return t.Name == OWNER_TEAM
  444. }
  445. 

  446. // IsTeamMember returns true if given user is a member of team.

  447. func (t *Team) IsMember(uid int64) bool {
  448. 	return IsTeamMember(t.OrgId, t.Id, uid)
  449. }
  450. 

  451. // GetRepositories returns all repositories in team of organization.

  452. func (t *Team) GetRepositories() error {
  453. 	idStrs := strings.Split(t.RepoIds, "|")
  454. 	t.Repos = make([]*Repository, 0, len(idStrs))
  455. 	for _, str := range idStrs {
  456. 		if len(str) == 0 {
  457. 			continue
  458. 		}
  459. 		id := com.StrTo(str[1:]).MustInt64()
  460. 		if id == 0 {
  461. 			continue
  462. 		}
  463. 		repo, err := GetRepositoryById(id)
  464. 		if err != nil {
  465. 			return err
  466. 		}
  467. 		t.Repos = append(t.Repos, repo)
  468. 	}
  469. 	return nil
  470. }
  471. 

  472. // GetMembers returns all members in team of organization.

  473. func (t *Team) GetMembers() (err error) {
  474. 	t.Members, err = GetTeamMembers(t.OrgId, t.Id)
  475. 	return err
  476. }
  477. 

  478. // AddMember adds new member to team of organization.

  479. func (t *Team) AddMember(uid int64) error {
  480. 	return AddTeamMember(t.OrgId, t.Id, uid)
  481. }
  482. 

  483. // RemoveMember removes member from team of organization.

  484. func (t *Team) RemoveMember(uid int64) error {
  485. 	return RemoveTeamMember(t.OrgId, t.Id, uid)
  486. }
  487. 

  488. // addAccessWithAuthorize inserts or updates access with given mode.

  489. func addAccessWithAuthorize(sess *xorm.Session, access *Access, mode AccessType) error {
  490. 	has, err := x.Get(access)
  491. 	if err != nil {
  492. 		return fmt.Errorf("fail to get access: %v", err)
  493. 	}
  494. 	access.Mode = mode
  495. 	if has {
  496. 		if _, err = sess.Id(access.Id).Update(access); err != nil {
  497. 			return fmt.Errorf("fail to update access: %v", err)
  498. 		}
  499. 	} else {
  500. 		if _, err = sess.Insert(access); err != nil {
  501. 			return fmt.Errorf("fail to insert access: %v", err)
  502. 		}
  503. 	}
  504. 	return nil
  505. }
  506. 

  507. // AddRepository adds new repository to team of organization.

  508. func (t *Team) AddRepository(repo *Repository) (err error) {
  509. 	idStr := "$" + com.ToStr(repo.Id) + "|"
  510. 	if repo.OwnerId != t.OrgId {
  511. 		return errors.New("Repository not belong to organization")
  512. 	} else if strings.Contains(t.RepoIds, idStr) {
  513. 		return nil
  514. 	}
  515. 

  516. 	if err = repo.GetOwner(); err != nil {
  517. 		return err
  518. 	} else if err = t.GetMembers(); err != nil {
  519. 		return err
  520. 	}
  521. 

  522. 	sess := x.NewSession()
  523. 	defer sess.Close()
  524. 	if err = sess.Begin(); err != nil {
  525. 		return err
  526. 	}
  527. 

  528. 	t.NumRepos++
  529. 	t.RepoIds += idStr
  530. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  531. 		sess.Rollback()
  532. 		return err
  533. 	}
  534. 

  535. 	// Give access to team members.

  536. 	mode := AuthorizeToAccessType(t.Authorize)
  537. 

  538. 	for _, u := range t.Members {
  539. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
  540. 		if err != nil {
  541. 			sess.Rollback()
  542. 			return err
  543. 		}
  544. 

  545. 		access := &Access{
  546. 			UserName: u.LowerName,
  547. 			RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
  548. 		}
  549. 		if auth < t.Authorize {
  550. 			if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  551. 				sess.Rollback()
  552. 				return err
  553. 			}
  554. 		}
  555. 		if err = WatchRepo(u.Id, repo.Id, true); err != nil {
  556. 			sess.Rollback()
  557. 			return err
  558. 		}
  559. 	}
  560. 	return sess.Commit()
  561. }
  562. 

  563. // RemoveRepository removes repository from team of organization.

  564. func (t *Team) RemoveRepository(repoId int64) error {
  565. 	idStr := "$" + com.ToStr(repoId) + "|"
  566. 	if !strings.Contains(t.RepoIds, idStr) {
  567. 		return nil
  568. 	}
  569. 

  570. 	repo, err := GetRepositoryById(repoId)
  571. 	if err != nil {
  572. 		return err
  573. 	}
  574. 

  575. 	if err = repo.GetOwner(); err != nil {
  576. 		return err
  577. 	} else if err = t.GetMembers(); err != nil {
  578. 		return err
  579. 	}
  580. 

  581. 	sess := x.NewSession()
  582. 	defer sess.Close()
  583. 	if err = sess.Begin(); err != nil {
  584. 		return err
  585. 	}
  586. 

  587. 	t.NumRepos--
  588. 	t.RepoIds = strings.Replace(t.RepoIds, idStr, "", 1)
  589. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  590. 		sess.Rollback()
  591. 		return err
  592. 	}
  593. 

  594. 	// Remove access to team members.

  595. 	for _, u := range t.Members {
  596. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
  597. 		if err != nil {
  598. 			sess.Rollback()
  599. 			return err
  600. 		}
  601. 

  602. 		access := &Access{
  603. 			UserName: u.LowerName,
  604. 			RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
  605. 		}
  606. 		if auth == 0 {
  607. 			if _, err = sess.Delete(access); err != nil {
  608. 				sess.Rollback()
  609. 				return fmt.Errorf("fail to delete access: %v", err)
  610. 			} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  611. 				sess.Rollback()
  612. 				return err
  613. 			}
  614. 		} else if auth < t.Authorize {
  615. 			if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  616. 				sess.Rollback()
  617. 				return err
  618. 			}
  619. 		}
  620. 	}
  621. 

  622. 	return sess.Commit()
  623. }
  624. 

  625. // NewTeam creates a record of new team.

  626. // It's caller's responsibility to assign organization ID.

  627. func NewTeam(t *Team) error {
  628. 	if !IsLegalName(t.Name) {
  629. 		return ErrTeamNameIllegal
  630. 	}
  631. 

  632. 	has, err := x.Id(t.OrgId).Get(new(User))
  633. 	if err != nil {
  634. 		return err
  635. 	} else if !has {
  636. 		return ErrOrgNotExist
  637. 	}
  638. 

  639. 	t.LowerName = strings.ToLower(t.Name)
  640. 	has, err = x.Where("org_id=?", t.OrgId).And("lower_name=?", t.LowerName).Get(new(Team))
  641. 	if err != nil {
  642. 		return err
  643. 	} else if has {
  644. 		return ErrTeamAlreadyExist
  645. 	}
  646. 

  647. 	sess := x.NewSession()
  648. 	defer sess.Close()
  649. 	if err = sess.Begin(); err != nil {
  650. 		return err
  651. 	}
  652. 

  653. 	if _, err = sess.Insert(t); err != nil {
  654. 		sess.Rollback()
  655. 		return err
  656. 	}
  657. 

  658. 	// Update organization number of teams.

  659. 	if _, err = sess.Exec("UPDATE `user` SET num_teams = num_teams + 1 WHERE id = ?", t.OrgId); err != nil {
  660. 		sess.Rollback()
  661. 		return err
  662. 	}
  663. 	return sess.Commit()
  664. }
  665. 

  666. // GetTeam returns team by given team name and organization.

  667. func GetTeam(orgId int64, name string) (*Team, error) {
  668. 	t := &Team{
  669. 		OrgId:     orgId,
  670. 		LowerName: strings.ToLower(name),
  671. 	}
  672. 	has, err := x.Get(t)
  673. 	if err != nil {
  674. 		return nil, err
  675. 	} else if !has {
  676. 		return nil, ErrTeamNotExist
  677. 	}
  678. 	return t, nil
  679. }
  680. 

  681. // GetTeamById returns team by given ID.

  682. func GetTeamById(teamId int64) (*Team, error) {
  683. 	t := new(Team)
  684. 	has, err := x.Id(teamId).Get(t)
  685. 	if err != nil {
  686. 		return nil, err
  687. 	} else if !has {
  688. 		return nil, ErrTeamNotExist
  689. 	}
  690. 	return t, nil
  691. }
  692. 

  693. // GetHighestAuthorize returns highest repository authorize level for given user and team.

  694. func GetHighestAuthorize(orgId, uid, repoId, teamId int64) (AuthorizeType, error) {
  695. 	ts, err := GetUserTeams(orgId, uid)
  696. 	if err != nil {
  697. 		return 0, err
  698. 	}
  699. 

  700. 	var auth AuthorizeType = 0
  701. 	for _, t := range ts {
  702. 		// Not current team and has given repository.

  703. 		if t.Id != teamId && strings.Contains(t.RepoIds, "$"+com.ToStr(repoId)+"|") {
  704. 			// Fast return.

  705. 			if t.Authorize == ORG_WRITABLE {
  706. 				return ORG_WRITABLE, nil
  707. 			}
  708. 			if t.Authorize > auth {
  709. 				auth = t.Authorize
  710. 			}
  711. 		}
  712. 	}
  713. 

  714. 	return auth, nil
  715. }
  716. 

  717. // UpdateTeam updates information of team.

  718. func UpdateTeam(t *Team, authChanged bool) (err error) {
  719. 	if !IsLegalName(t.Name) {
  720. 		return ErrTeamNameIllegal
  721. 	}
  722. 

  723. 	if len(t.Description) > 255 {
  724. 		t.Description = t.Description[:255]
  725. 	}
  726. 

  727. 	sess := x.NewSession()
  728. 	defer sess.Close()
  729. 	if err = sess.Begin(); err != nil {
  730. 		return err
  731. 	}
  732. 

  733. 	// Update access for team members if needed.

  734. 	if authChanged && !t.IsOwnerTeam() {
  735. 		if err = t.GetRepositories(); err != nil {
  736. 			return err
  737. 		} else if err = t.GetMembers(); err != nil {
  738. 			return err
  739. 		}
  740. 

  741. 		// Get organization.

  742. 		org, err := GetUserById(t.OrgId)
  743. 		if err != nil {
  744. 			return err
  745. 		}
  746. 

  747. 		// Update access.

  748. 		mode := AuthorizeToAccessType(t.Authorize)
  749. 

  750. 		for _, repo := range t.Repos {
  751. 			for _, u := range t.Members {
  752. 				// ORG_WRITABLE is the highest authorize level for now.

  753. 				// Skip checking others if current team has this level.

  754. 				if t.Authorize < ORG_WRITABLE {
  755. 					auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
  756. 					if err != nil {
  757. 						sess.Rollback()
  758. 						return err
  759. 					}
  760. 					if auth >= t.Authorize {
  761. 						continue // Other team has higher or same authorize level.

  762. 					}
  763. 				}
  764. 

  765. 				access := &Access{
  766. 					UserName: u.LowerName,
  767. 					RepoName: path.Join(org.LowerName, repo.LowerName),
  768. 				}
  769. 				if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  770. 					sess.Rollback()
  771. 					return err
  772. 				}
  773. 			}
  774. 		}
  775. 	}
  776. 

  777. 	t.LowerName = strings.ToLower(t.Name)
  778. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  779. 		sess.Rollback()
  780. 		return err
  781. 	}
  782. 	return sess.Commit()
  783. }
  784. 

  785. // DeleteTeam deletes given team.

  786. // It's caller's responsibility to assign organization ID.

  787. func DeleteTeam(t *Team) error {
  788. 	if err := t.GetRepositories(); err != nil {
  789. 		return err
  790. 	} else if err = t.GetMembers(); err != nil {
  791. 		return err
  792. 	}
  793. 

  794. 	// Get organization.

  795. 	org, err := GetUserById(t.OrgId)
  796. 	if err != nil {
  797. 		return err
  798. 	}
  799. 

  800. 	sess := x.NewSession()
  801. 	defer sess.Close()
  802. 	if err = sess.Begin(); err != nil {
  803. 		return err
  804. 	}
  805. 

  806. 	// Delete all accesses.

  807. 	for _, repo := range t.Repos {
  808. 		for _, u := range t.Members {
  809. 			auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, t.Id)
  810. 			if err != nil {
  811. 				sess.Rollback()
  812. 				return err
  813. 			}
  814. 

  815. 			access := &Access{
  816. 				UserName: u.LowerName,
  817. 				RepoName: path.Join(org.LowerName, repo.LowerName),
  818. 			}
  819. 			if auth == 0 {
  820. 				if _, err = sess.Delete(access); err != nil {
  821. 					sess.Rollback()
  822. 					return fmt.Errorf("fail to delete access: %v", err)
  823. 				}
  824. 			} else if auth < t.Authorize {
  825. 				// Downgrade authorize level.

  826. 				if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  827. 					sess.Rollback()
  828. 					return err
  829. 				}
  830. 			}
  831. 		}
  832. 	}
  833. 

  834. 	// Delete team-user.

  835. 	if _, err = sess.Where("org_id=?", org.Id).Where("team_id=?", t.Id).Delete(new(TeamUser)); err != nil {
  836. 		sess.Rollback()
  837. 		return err
  838. 	}
  839. 

  840. 	// Delete team.

  841. 	if _, err = sess.Id(t.Id).Delete(new(Team)); err != nil {
  842. 		sess.Rollback()
  843. 		return err
  844. 	}
  845. 	// Update organization number of teams.

  846. 	if _, err = sess.Exec("UPDATE `user` SET num_teams = num_teams - 1 WHERE id = ?", t.OrgId); err != nil {
  847. 		sess.Rollback()
  848. 		return err
  849. 	}
  850. 

  851. 	return sess.Commit()
  852. }
  853. 

  854. // ___________                    ____ ___

  855. // \__    ___/___ _____    _____ |    |   \______ ___________

  856. //   |    |_/ __ \\__  \  /     \|    |   /  ___// __ \_  __ \

  857. //   |    |\  ___/ / __ \|  Y Y  \    |  /\___ \\  ___/|  | \/

  858. //   |____| \___  >____  /__|_|  /______//____  >\___  >__|

  859. //              \/     \/      \/             \/     \/

  860. 

  861. // TeamUser represents an team-user relation.

  862. type TeamUser struct {
  863. 	Id     int64
  864. 	Uid    int64
  865. 	OrgId  int64 `xorm:"INDEX"`
  866. 	TeamId int64
  867. }
  868. 

  869. // IsTeamMember returns true if given user is a member of team.

  870. func IsTeamMember(orgId, teamId, uid int64) bool {
  871. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).And("team_id=?", teamId).Get(new(TeamUser))
  872. 	return has
  873. }
  874. 

  875. // GetTeamMembers returns all members in given team of organization.

  876. func GetTeamMembers(orgId, teamId int64) ([]*User, error) {
  877. 	us := make([]*User, 0, 10)
  878. 	err := x.Sql("SELECT * FROM `user` JOIN `team_user` ON `team_user`.`team_id` = ? AND `team_user`.`uid` = `user`.`id`", teamId).Find(&us)
  879. 	return us, err
  880. }
  881. 

  882. // GetUserTeams returns all teams that user belongs to in given organization.

  883. func GetUserTeams(orgId, uid int64) ([]*Team, error) {
  884. 	tus := make([]*TeamUser, 0, 5)
  885. 	if err := x.Where("uid=?", uid).And("org_id=?", orgId).Find(&tus); err != nil {
  886. 		return nil, err
  887. 	}
  888. 

  889. 	ts := make([]*Team, len(tus))
  890. 	for i, tu := range tus {
  891. 		t := new(Team)
  892. 		has, err := x.Id(tu.TeamId).Get(t)
  893. 		if err != nil {
  894. 			return nil, err
  895. 		} else if !has {
  896. 			return nil, ErrTeamNotExist
  897. 		}
  898. 		ts[i] = t
  899. 	}
  900. 	return ts, nil
  901. }
  902. 

  903. // AddTeamMember adds new member to given team of given organization.

  904. func AddTeamMember(orgId, teamId, uid int64) error {
  905. 	if IsTeamMember(orgId, teamId, uid) {
  906. 		return nil
  907. 	}
  908. 

  909. 	if err := AddOrgUser(orgId, uid); err != nil {
  910. 		return err
  911. 	}
  912. 

  913. 	// Get team and its repositories.

  914. 	t, err := GetTeamById(teamId)
  915. 	if err != nil {
  916. 		return err
  917. 	}
  918. 	t.NumMembers++
  919. 

  920. 	if err = t.GetRepositories(); err != nil {
  921. 		return err
  922. 	}
  923. 

  924. 	// Get organization.

  925. 	org, err := GetUserById(orgId)
  926. 	if err != nil {
  927. 		return err
  928. 	}
  929. 

  930. 	// Get user.

  931. 	u, err := GetUserById(uid)
  932. 	if err != nil {
  933. 		return err
  934. 	}
  935. 

  936. 	sess := x.NewSession()
  937. 	defer sess.Close()
  938. 	if err = sess.Begin(); err != nil {
  939. 		return err
  940. 	}
  941. 

  942. 	tu := &TeamUser{
  943. 		Uid:    uid,
  944. 		OrgId:  orgId,
  945. 		TeamId: teamId,
  946. 	}
  947. 

  948. 	if _, err = sess.Insert(tu); err != nil {
  949. 		sess.Rollback()
  950. 		return err
  951. 	} else if _, err = sess.Id(t.Id).Update(t); err != nil {
  952. 		sess.Rollback()
  953. 		return err
  954. 	}
  955. 

  956. 	// Give access to team repositories.

  957. 	mode := AuthorizeToAccessType(t.Authorize)
  958. 	for _, repo := range t.Repos {
  959. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, teamId)
  960. 		if err != nil {
  961. 			sess.Rollback()
  962. 			return err
  963. 		}
  964. 

  965. 		access := &Access{
  966. 			UserName: u.LowerName,
  967. 			RepoName: path.Join(org.LowerName, repo.LowerName),
  968. 		}
  969. 		if auth < t.Authorize {
  970. 			if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  971. 				sess.Rollback()
  972. 				return err
  973. 			}
  974. 		}
  975. 	}
  976. 

  977. 	// We make sure it exists before.

  978. 	ou := new(OrgUser)
  979. 	_, err = sess.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  980. 	if err != nil {
  981. 		sess.Rollback()
  982. 		return err
  983. 	}
  984. 	ou.NumTeams++
  985. 	if t.IsOwnerTeam() {
  986. 		ou.IsOwner = true
  987. 	}
  988. 	if _, err = sess.Id(ou.Id).AllCols().Update(ou); err != nil {
  989. 		sess.Rollback()
  990. 		return err
  991. 	}
  992. 

  993. 	return sess.Commit()
  994. }
  995. 

  996. func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) error {
  997. 	if !IsTeamMember(orgId, teamId, uid) {
  998. 		return nil
  999. 	}
  1000. 

  1001. 	// Get team and its repositories.

  1002. 	t, err := GetTeamById(teamId)
  1003. 	if err != nil {
  1004. 		return err
  1005. 	}
  1006. 

  1007. 	// Check if the user to delete is the last member in owner team.

  1008. 	if t.IsOwnerTeam() && t.NumMembers == 1 {
  1009. 		return ErrLastOrgOwner
  1010. 	}
  1011. 

  1012. 	t.NumMembers--
  1013. 

  1014. 	if err = t.GetRepositories(); err != nil {
  1015. 		return err
  1016. 	}
  1017. 

  1018. 	// Get organization.

  1019. 	org, err := GetUserById(orgId)
  1020. 	if err != nil {
  1021. 		return err
  1022. 	}
  1023. 

  1024. 	// Get user.

  1025. 	u, err := GetUserById(uid)
  1026. 	if err != nil {
  1027. 		return err
  1028. 	}
  1029. 

  1030. 	tu := &TeamUser{
  1031. 		Uid:    uid,
  1032. 		OrgId:  orgId,
  1033. 		TeamId: teamId,
  1034. 	}
  1035. 

  1036. 	if _, err := sess.Delete(tu); err != nil {
  1037. 		sess.Rollback()
  1038. 		return err
  1039. 	} else if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  1040. 		sess.Rollback()
  1041. 		return err
  1042. 	}
  1043. 

  1044. 	// Delete access to team repositories.

  1045. 	for _, repo := range t.Repos {
  1046. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, repo.Id, teamId)
  1047. 		if err != nil {
  1048. 			sess.Rollback()
  1049. 			return err
  1050. 		}
  1051. 

  1052. 		access := &Access{
  1053. 			UserName: u.LowerName,
  1054. 			RepoName: path.Join(org.LowerName, repo.LowerName),
  1055. 		}
  1056. 		// Delete access if this is the last team user belongs to.

  1057. 		if auth == 0 {
  1058. 			if _, err = sess.Delete(access); err != nil {
  1059. 				sess.Rollback()
  1060. 				return fmt.Errorf("fail to delete access: %v", err)
  1061. 			} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  1062. 				sess.Rollback()
  1063. 				return err
  1064. 			}
  1065. 		} else if auth < t.Authorize {
  1066. 			// Downgrade authorize level.

  1067. 			if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  1068. 				sess.Rollback()
  1069. 				return err
  1070. 			}
  1071. 		}
  1072. 	}
  1073. 

  1074. 	// This must exist.

  1075. 	ou := new(OrgUser)
  1076. 	_, err = sess.Where("uid=?", uid).And("org_id=?", org.Id).Get(ou)
  1077. 	if err != nil {
  1078. 		sess.Rollback()
  1079. 		return err
  1080. 	}
  1081. 	ou.NumTeams--
  1082. 	if t.IsOwnerTeam() {
  1083. 		ou.IsOwner = false
  1084. 	}
  1085. 	if _, err = sess.Id(ou.Id).AllCols().Update(ou); err != nil {
  1086. 		sess.Rollback()
  1087. 		return err
  1088. 	}
  1089. 	return nil
  1090. }
  1091. 

  1092. // RemoveTeamMember removes member from given team of given organization.

  1093. func RemoveTeamMember(orgId, teamId, uid int64) error {
  1094. 	sess := x.NewSession()
  1095. 	defer sess.Close()
  1096. 	if err := sess.Begin(); err != nil {
  1097. 		return err
  1098. 	}
  1099. 	if err := removeTeamMemberWithSess(orgId, teamId, uid, sess); err != nil {
  1100. 		return err
  1101. 	}
  1102. 	return sess.Commit()
  1103. }