You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

299 lines
7.6 KiB

  1. // Copyright 2017 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package org
  5. import (
  6. "fmt"
  7. api "code.gitea.io/sdk/gitea"
  8. "code.gitea.io/gitea/models"
  9. "code.gitea.io/gitea/modules/context"
  10. "code.gitea.io/gitea/modules/setting"
  11. "code.gitea.io/gitea/routers/api/v1/user"
  12. )
  13. // listMembers list an organization's members
  14. func listMembers(ctx *context.APIContext, publicOnly bool) {
  15. var members []*models.User
  16. if publicOnly {
  17. orgUsers, err := models.GetOrgUsersByOrgID(ctx.Org.Organization.ID)
  18. if err != nil {
  19. ctx.Error(500, "GetOrgUsersByOrgID", err)
  20. return
  21. }
  22. memberIDs := make([]int64, 0, len(orgUsers))
  23. for _, orgUser := range orgUsers {
  24. if orgUser.IsPublic {
  25. memberIDs = append(memberIDs, orgUser.UID)
  26. }
  27. }
  28. if members, err = models.GetUsersByIDs(memberIDs); err != nil {
  29. ctx.Error(500, "GetUsersByIDs", err)
  30. return
  31. }
  32. } else {
  33. if err := ctx.Org.Organization.GetMembers(); err != nil {
  34. ctx.Error(500, "GetMembers", err)
  35. return
  36. }
  37. members = ctx.Org.Organization.Members
  38. }
  39. apiMembers := make([]*api.User, len(members))
  40. for i, member := range members {
  41. apiMembers[i] = member.APIFormat()
  42. }
  43. ctx.JSON(200, apiMembers)
  44. }
  45. // ListMembers list an organization's members
  46. func ListMembers(ctx *context.APIContext) {
  47. // swagger:operation GET /orgs/{org}/members organization orgListMembers
  48. // ---
  49. // summary: List an organization's members
  50. // produces:
  51. // - application/json
  52. // parameters:
  53. // - name: org
  54. // in: path
  55. // description: name of the organization
  56. // type: string
  57. // required: true
  58. // responses:
  59. // "200":
  60. // "$ref": "#/responses/UserList"
  61. publicOnly := true
  62. if ctx.User != nil {
  63. isMember, err := ctx.Org.Organization.IsOrgMember(ctx.User.ID)
  64. if err != nil {
  65. ctx.Error(500, "IsOrgMember", err)
  66. return
  67. }
  68. publicOnly = !isMember
  69. }
  70. listMembers(ctx, publicOnly)
  71. }
  72. // ListPublicMembers list an organization's public members
  73. func ListPublicMembers(ctx *context.APIContext) {
  74. // swagger:operation GET /orgs/{org}/public_members organization orgListPublicMembers
  75. // ---
  76. // summary: List an organization's public members
  77. // parameters:
  78. // - name: org
  79. // in: path
  80. // description: name of the organization
  81. // type: string
  82. // required: true
  83. // produces:
  84. // - application/json
  85. // responses:
  86. // "200":
  87. // "$ref": "#/responses/UserList"
  88. listMembers(ctx, true)
  89. }
  90. // IsMember check if a user is a member of an organization
  91. func IsMember(ctx *context.APIContext) {
  92. // swagger:operation GET /orgs/{org}/members/{username} organization orgIsMember
  93. // ---
  94. // summary: Check if a user is a member of an organization
  95. // parameters:
  96. // - name: org
  97. // in: path
  98. // description: name of the organization
  99. // type: string
  100. // required: true
  101. // - name: username
  102. // in: path
  103. // description: username of the user
  104. // type: string
  105. // required: true
  106. // responses:
  107. // "204":
  108. // description: user is a member
  109. // schema:
  110. // "$ref": "#/responses/empty"
  111. // "404":
  112. // description: user is not a member
  113. // schema:
  114. // "$ref": "#/responses/empty"
  115. userToCheck := user.GetUserByParams(ctx)
  116. if ctx.Written() {
  117. return
  118. }
  119. if ctx.User != nil {
  120. userIsMember, err := ctx.Org.Organization.IsOrgMember(ctx.User.ID)
  121. if err != nil {
  122. ctx.Error(500, "IsOrgMember", err)
  123. return
  124. } else if userIsMember {
  125. userToCheckIsMember, err := ctx.Org.Organization.IsOrgMember(userToCheck.ID)
  126. if err != nil {
  127. ctx.Error(500, "IsOrgMember", err)
  128. } else if userToCheckIsMember {
  129. ctx.Status(204)
  130. } else {
  131. ctx.Status(404)
  132. }
  133. return
  134. } else if ctx.User.ID == userToCheck.ID {
  135. ctx.Status(404)
  136. return
  137. }
  138. }
  139. redirectURL := fmt.Sprintf("%sapi/v1/orgs/%s/public_members/%s",
  140. setting.AppURL, ctx.Org.Organization.Name, userToCheck.Name)
  141. ctx.Redirect(redirectURL, 302)
  142. }
  143. // IsPublicMember check if a user is a public member of an organization
  144. func IsPublicMember(ctx *context.APIContext) {
  145. // swagger:operation GET /orgs/{org}/public_members/{username} organization orgIsPublicMember
  146. // ---
  147. // summary: Check if a user is a public member of an organization
  148. // parameters:
  149. // - name: org
  150. // in: path
  151. // description: name of the organization
  152. // type: string
  153. // required: true
  154. // - name: username
  155. // in: path
  156. // description: username of the user
  157. // type: string
  158. // required: true
  159. // responses:
  160. // "204":
  161. // description: user is a public member
  162. // schema:
  163. // "$ref": "#/responses/empty"
  164. // "404":
  165. // description: user is not a public member
  166. // schema:
  167. // "$ref": "#/responses/empty"
  168. userToCheck := user.GetUserByParams(ctx)
  169. if ctx.Written() {
  170. return
  171. }
  172. if userToCheck.IsPublicMember(ctx.Org.Organization.ID) {
  173. ctx.Status(204)
  174. } else {
  175. ctx.Status(404)
  176. }
  177. }
  178. // PublicizeMember make a member's membership public
  179. func PublicizeMember(ctx *context.APIContext) {
  180. // swagger:operation PUT /orgs/{org}/public_members/{username} organization orgPublicizeMember
  181. // ---
  182. // summary: Publicize a user's membership
  183. // produces:
  184. // - application/json
  185. // parameters:
  186. // - name: org
  187. // in: path
  188. // description: name of the organization
  189. // type: string
  190. // required: true
  191. // - name: username
  192. // in: path
  193. // description: username of the user
  194. // type: string
  195. // required: true
  196. // responses:
  197. // "204":
  198. // description: membership publicized
  199. // schema:
  200. // "$ref": "#/responses/empty"
  201. userToPublicize := user.GetUserByParams(ctx)
  202. if ctx.Written() {
  203. return
  204. }
  205. if userToPublicize.ID != ctx.User.ID {
  206. ctx.Error(403, "", "Cannot publicize another member")
  207. return
  208. }
  209. err := models.ChangeOrgUserStatus(ctx.Org.Organization.ID, userToPublicize.ID, true)
  210. if err != nil {
  211. ctx.Error(500, "ChangeOrgUserStatus", err)
  212. return
  213. }
  214. ctx.Status(204)
  215. }
  216. // ConcealMember make a member's membership not public
  217. func ConcealMember(ctx *context.APIContext) {
  218. // swagger:operation DELETE /orgs/{org}/public_members/{username} organization orgConcealMember
  219. // ---
  220. // summary: Conceal a user's membership
  221. // produces:
  222. // - application/json
  223. // parameters:
  224. // - name: org
  225. // in: path
  226. // description: name of the organization
  227. // type: string
  228. // required: true
  229. // - name: username
  230. // in: path
  231. // description: username of the user
  232. // type: string
  233. // required: true
  234. // responses:
  235. // "204":
  236. // "$ref": "#/responses/empty"
  237. userToConceal := user.GetUserByParams(ctx)
  238. if ctx.Written() {
  239. return
  240. }
  241. if userToConceal.ID != ctx.User.ID {
  242. ctx.Error(403, "", "Cannot conceal another member")
  243. return
  244. }
  245. err := models.ChangeOrgUserStatus(ctx.Org.Organization.ID, userToConceal.ID, false)
  246. if err != nil {
  247. ctx.Error(500, "ChangeOrgUserStatus", err)
  248. return
  249. }
  250. ctx.Status(204)
  251. }
  252. // DeleteMember remove a member from an organization
  253. func DeleteMember(ctx *context.APIContext) {
  254. // swagger:operation DELETE /orgs/{org}/members/{username} organization orgDeleteMember
  255. // ---
  256. // summary: Remove a member from an organization
  257. // produces:
  258. // - application/json
  259. // parameters:
  260. // - name: org
  261. // in: path
  262. // description: name of the organization
  263. // type: string
  264. // required: true
  265. // - name: username
  266. // in: path
  267. // description: username of the user
  268. // type: string
  269. // required: true
  270. // responses:
  271. // "204":
  272. // description: member removed
  273. // schema:
  274. // "$ref": "#/responses/empty"
  275. member := user.GetUserByParams(ctx)
  276. if ctx.Written() {
  277. return
  278. }
  279. if err := ctx.Org.Organization.RemoveMember(member.ID); err != nil {
  280. ctx.Error(500, "RemoveMember", err)
  281. }
  282. ctx.Status(204)
  283. }