closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1476 Commits
2 Branches
178 MiB
Tree: 7df0794e14
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7df0794e14'
${ noResults }
gitea/models/org.go

1097 lines
25 KiB
Raw Normal View History

Add create organization
10 years ago
Organization settings page
10 years ago
Finish create organization team
10 years ago
Finish new edit team page, add member to team
10 years ago
Work on #274
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Organization settings page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Organization settings page
10 years ago
Finish create organization team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish create organization team
10 years ago
Finish Teams page
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish delete organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish delete organization
10 years ago
Finish organization homepage
10 years ago
Finish new organization members and invitation page
10 years ago
Organization settings page
10 years ago
Work on #274
10 years ago
Organization settings page
10 years ago
Finish new home page of organization
10 years ago
Organization settings page
10 years ago
Finish new edit team page, add member to team
10 years ago
Organization settings page
10 years ago
Finish new admin dashboard
10 years ago
Continue working on new admin pages
10 years ago
Finish delete organization
10 years ago
Add create organization
10 years ago
Finish new organization members and invitation page
10 years ago
Add create organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add create organization
10 years ago
Finish Teams page
10 years ago
Finish new organization members and invitation page
10 years ago
Add create organization
10 years ago
Work on create organization repo and #257
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new organization members and invitation page
10 years ago
Finish new edit team page, add member to team
10 years ago
Bug fix on organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish new organization members and invitation page
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add create organization
10 years ago
Work on create organization repo and #257
10 years ago
Finish Teams page
10 years ago
Work on create organization repo and #257
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finsih add/remove repo in organization
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Bug fix on organization
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Finsih add/remove repo in organization
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Add/remove member need add/remove access to repositories as well
10 years ago
Finish new edit team page, add member to team
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models
  6. 

  7. import (
  8. 	"errors"
  9. 	"fmt"
  10. 	"os"
  11. 	"path"
  12. 	"strings"
  13. 

  14. 	"github.com/Unknwon/com"
  15. 	"github.com/go-xorm/xorm"
  16. 

  17. 	"github.com/gogits/gogs/modules/base"
  18. )
  19. 

  20. var (
  21. 	ErrOrgNotExist      = errors.New("Organization does not exist")
  22. 	ErrTeamAlreadyExist = errors.New("Team already exist")
  23. 	ErrTeamNotExist     = errors.New("Team does not exist")
  24. 	ErrTeamNameIllegal  = errors.New("Team name contains illegal characters")
  25. 	ErrLastOrgOwner     = errors.New("The user to remove is the last member in owner team")
  26. )
  27. 

  28. // IsOrgOwner returns true if given user is in the owner team.

  29. func (org *User) IsOrgOwner(uid int64) bool {
  30. 	return IsOrganizationOwner(org.Id, uid)
  31. }
  32. 

  33. // IsOrgMember returns true if given user is member of organization.

  34. func (org *User) IsOrgMember(uid int64) bool {
  35. 	return IsOrganizationMember(org.Id, uid)
  36. }
  37. 

  38. // GetTeam returns named team of organization.

  39. func (org *User) GetTeam(name string) (*Team, error) {
  40. 	return GetTeam(org.Id, name)
  41. }
  42. 

  43. // GetOwnerTeam returns owner team of organization.

  44. func (org *User) GetOwnerTeam() (*Team, error) {
  45. 	return org.GetTeam(OWNER_TEAM)
  46. }
  47. 

  48. // GetTeams returns all teams that belong to organization.

  49. func (org *User) GetTeams() error {
  50. 	return x.Where("org_id=?", org.Id).Find(&org.Teams)
  51. }
  52. 

  53. // GetMembers returns all members of organization.

  54. func (org *User) GetMembers() error {
  55. 	ous, err := GetOrgUsersByOrgId(org.Id)
  56. 	if err != nil {
  57. 		return err
  58. 	}
  59. 

  60. 	org.Members = make([]*User, len(ous))
  61. 	for i, ou := range ous {
  62. 		org.Members[i], err = GetUserById(ou.Uid)
  63. 		if err != nil {
  64. 			return err
  65. 		}
  66. 	}
  67. 	return nil
  68. }
  69. 

  70. // AddMember adds new member to organization.

  71. func (org *User) AddMember(uid int64) error {
  72. 	return AddOrgUser(org.Id, uid)
  73. }
  74. 

  75. // RemoveMember removes member from organization.

  76. func (org *User) RemoveMember(uid int64) error {
  77. 	return RemoveOrgUser(org.Id, uid)
  78. }
  79. 

  80. // CreateOrganization creates record of a new organization.

  81. func CreateOrganization(org, owner *User) (*User, error) {
  82. 	if !IsLegalName(org.Name) {
  83. 		return nil, ErrUserNameIllegal
  84. 	}
  85. 

  86. 	isExist, err := IsUserExist(org.Name)
  87. 	if err != nil {
  88. 		return nil, err
  89. 	} else if isExist {
  90. 		return nil, ErrUserAlreadyExist
  91. 	}
  92. 

  93. 	isExist, err = IsEmailUsed(org.Email)
  94. 	if err != nil {
  95. 		return nil, err
  96. 	} else if isExist {
  97. 		return nil, ErrEmailAlreadyUsed
  98. 	}
  99. 

  100. 	org.LowerName = strings.ToLower(org.Name)
  101. 	org.FullName = org.Name
  102. 	org.Avatar = base.EncodeMd5(org.Email)
  103. 	org.AvatarEmail = org.Email
  104. 	// No password for organization.

  105. 	org.NumTeams = 1
  106. 	org.NumMembers = 1
  107. 

  108. 	sess := x.NewSession()
  109. 	defer sess.Close()
  110. 	if err = sess.Begin(); err != nil {
  111. 		return nil, err
  112. 	}
  113. 

  114. 	if _, err = sess.Insert(org); err != nil {
  115. 		sess.Rollback()
  116. 		return nil, err
  117. 	}
  118. 

  119. 	if err = os.MkdirAll(UserPath(org.Name), os.ModePerm); err != nil {
  120. 		sess.Rollback()
  121. 		return nil, err
  122. 	}
  123. 

  124. 	// Create default owner team.

  125. 	t := &Team{
  126. 		OrgId:      org.Id,
  127. 		LowerName:  strings.ToLower(OWNER_TEAM),
  128. 		Name:       OWNER_TEAM,
  129. 		Authorize:  ORG_ADMIN,
  130. 		NumMembers: 1,
  131. 	}
  132. 	if _, err = sess.Insert(t); err != nil {
  133. 		sess.Rollback()
  134. 		return nil, err
  135. 	}
  136. 

  137. 	// Add initial creator to organization and owner team.

  138. 	ou := &OrgUser{
  139. 		Uid:      owner.Id,
  140. 		OrgId:    org.Id,
  141. 		IsOwner:  true,
  142. 		NumTeams: 1,
  143. 	}
  144. 	if _, err = sess.Insert(ou); err != nil {
  145. 		sess.Rollback()
  146. 		return nil, err
  147. 	}
  148. 

  149. 	tu := &TeamUser{
  150. 		Uid:    owner.Id,
  151. 		OrgId:  org.Id,
  152. 		TeamId: t.Id,
  153. 	}
  154. 	if _, err = sess.Insert(tu); err != nil {
  155. 		sess.Rollback()
  156. 		return nil, err
  157. 	}
  158. 

  159. 	return org, sess.Commit()
  160. }
  161. 

  162. // CountOrganizations returns number of organizations.

  163. func CountOrganizations() int64 {
  164. 	count, _ := x.Where("type=1").Count(new(User))
  165. 	return count
  166. }
  167. 

  168. // GetOrganizations returns given number of organizations with offset.

  169. func GetOrganizations(num, offset int) ([]*User, error) {
  170. 	orgs := make([]*User, 0, num)
  171. 	err := x.Limit(num, offset).Where("type=1").Asc("id").Find(&orgs)
  172. 	return orgs, err
  173. }
  174. 

  175. // TODO: need some kind of mechanism to record failure.

  176. // DeleteOrganization completely and permanently deletes everything of organization.

  177. func DeleteOrganization(org *User) (err error) {
  178. 	if err := DeleteUser(org); err != nil {
  179. 		return err
  180. 	}
  181. 

  182. 	sess := x.NewSession()
  183. 	defer sess.Close()
  184. 	if err = sess.Begin(); err != nil {
  185. 		return err
  186. 	}
  187. 

  188. 	if _, err = sess.Delete(&Team{OrgId: org.Id}); err != nil {
  189. 		sess.Rollback()
  190. 		return err
  191. 	}
  192. 	if _, err = sess.Delete(&OrgUser{OrgId: org.Id}); err != nil {
  193. 		sess.Rollback()
  194. 		return err
  195. 	}
  196. 	if _, err = sess.Delete(&TeamUser{OrgId: org.Id}); err != nil {
  197. 		sess.Rollback()
  198. 		return err
  199. 	}
  200. 	return sess.Commit()
  201. }
  202. 

  203. // ________                ____ ___

  204. // \_____  \_______  ____ |    |   \______ ___________

  205. //  /   |   \_  __ \/ ___\|    |   /  ___// __ \_  __ \

  206. // /    |    \  | \/ /_/  >    |  /\___ \\  ___/|  | \/

  207. // \_______  /__|  \___  /|______//____  >\___  >__|

  208. //         \/     /_____/              \/     \/

  209. 

  210. // OrgUser represents an organization-user relation.

  211. type OrgUser struct {
  212. 	Id       int64
  213. 	Uid      int64 `xorm:"INDEX UNIQUE(s)"`
  214. 	OrgId    int64 `xorm:"INDEX UNIQUE(s)"`
  215. 	IsPublic bool
  216. 	IsOwner  bool
  217. 	NumTeams int
  218. }
  219. 

  220. // IsOrganizationOwner returns true if given user is in the owner team.

  221. func IsOrganizationOwner(orgId, uid int64) bool {
  222. 	has, _ := x.Where("is_owner=?", true).And("uid=?", uid).And("org_id=?", orgId).Get(new(OrgUser))
  223. 	return has
  224. }
  225. 

  226. // IsOrganizationMember returns true if given user is member of organization.

  227. func IsOrganizationMember(orgId, uid int64) bool {
  228. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).Get(new(OrgUser))
  229. 	return has
  230. }
  231. 

  232. // IsPublicMembership returns ture if given user public his/her membership.

  233. func IsPublicMembership(orgId, uid int64) bool {
  234. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).And("is_public=?", true).Get(new(OrgUser))
  235. 	return has
  236. }
  237. 

  238. // GetOrgUsersByUserId returns all organization-user relations by user ID.

  239. func GetOrgUsersByUserId(uid int64) ([]*OrgUser, error) {
  240. 	ous := make([]*OrgUser, 0, 10)
  241. 	err := x.Where("uid=?", uid).Find(&ous)
  242. 	return ous, err
  243. }
  244. 

  245. // GetOrgUsersByOrgId returns all organization-user relations by organization ID.

  246. func GetOrgUsersByOrgId(orgId int64) ([]*OrgUser, error) {
  247. 	ous := make([]*OrgUser, 0, 10)
  248. 	err := x.Where("org_id=?", orgId).Find(&ous)
  249. 	return ous, err
  250. }
  251. 

  252. // ChangeOrgUserStatus changes public or private membership status.

  253. func ChangeOrgUserStatus(orgId, uid int64, public bool) error {
  254. 	ou := new(OrgUser)
  255. 	has, err := x.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  256. 	if err != nil {
  257. 		return err
  258. 	} else if !has {
  259. 		return nil
  260. 	}
  261. 

  262. 	ou.IsPublic = public
  263. 	_, err = x.Id(ou.Id).AllCols().Update(ou)
  264. 	return err
  265. }
  266. 

  267. // AddOrgUser adds new user to given organization.

  268. func AddOrgUser(orgId, uid int64) error {
  269. 	if IsOrganizationMember(orgId, uid) {
  270. 		return nil
  271. 	}
  272. 

  273. 	sess := x.NewSession()
  274. 	defer sess.Close()
  275. 	if err := sess.Begin(); err != nil {
  276. 		return err
  277. 	}
  278. 

  279. 	ou := &OrgUser{
  280. 		Uid:   uid,
  281. 		OrgId: orgId,
  282. 	}
  283. 

  284. 	if _, err := sess.Insert(ou); err != nil {
  285. 		sess.Rollback()
  286. 		return err
  287. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members + 1 WHERE id = ?", orgId); err != nil {
  288. 		sess.Rollback()
  289. 		return err
  290. 	}
  291. 

  292. 	return sess.Commit()
  293. }
  294. 

  295. // RemoveOrgUser removes user from given organization.

  296. func RemoveOrgUser(orgId, uid int64) error {
  297. 	ou := new(OrgUser)
  298. 

  299. 	has, err := x.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  300. 	if err != nil {
  301. 		return err
  302. 	} else if !has {
  303. 		return nil
  304. 	}
  305. 

  306. 	u, err := GetUserById(uid)
  307. 	if err != nil {
  308. 		return err
  309. 	}
  310. 	org, err := GetUserById(orgId)
  311. 	if err != nil {
  312. 		return err
  313. 	}
  314. 

  315. 	// Check if the user to delete is the last member in owner team.

  316. 	if IsOrganizationOwner(orgId, uid) {
  317. 		t, err := org.GetOwnerTeam()
  318. 		if err != nil {
  319. 			return err
  320. 		}
  321. 		if t.NumMembers == 1 {
  322. 			return ErrLastOrgOwner
  323. 		}
  324. 	}
  325. 

  326. 	sess := x.NewSession()
  327. 	defer sess.Close()
  328. 	if err := sess.Begin(); err != nil {
  329. 		return err
  330. 	}
  331. 

  332. 	if _, err := sess.Id(ou.Id).Delete(ou); err != nil {
  333. 		sess.Rollback()
  334. 		return err
  335. 	} else if _, err = sess.Exec("UPDATE `user` SET num_members = num_members - 1 WHERE id = ?", orgId); err != nil {
  336. 		sess.Rollback()
  337. 		return err
  338. 	}
  339. 

  340. 	// Delete all repository accesses.

  341. 	if err = org.GetRepositories(); err != nil {
  342. 		sess.Rollback()
  343. 		return err
  344. 	}
  345. 	access := &Access{
  346. 		UserName: u.LowerName,
  347. 	}
  348. 	for _, repo := range org.Repos {
  349. 		access.RepoName = path.Join(org.LowerName, repo.LowerName)
  350. 		if _, err = sess.Delete(access); err != nil {
  351. 			sess.Rollback()
  352. 			return err
  353. 		} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  354. 			sess.Rollback()
  355. 			return err
  356. 		}
  357. 	}
  358. 

  359. 	// Delete member in his/her teams.

  360. 	ts, err := GetUserTeams(org.Id, u.Id)
  361. 	if err != nil {
  362. 		return err
  363. 	}
  364. 	for _, t := range ts {
  365. 		if err = removeTeamMemberWithSess(org.Id, t.Id, u.Id, sess); err != nil {
  366. 			return err
  367. 		}
  368. 	}
  369. 

  370. 	return sess.Commit()
  371. }
  372. 

  373. // ___________

  374. // \__    ___/___ _____    _____

  375. //   |    |_/ __ \\__  \  /     \

  376. //   |    |\  ___/ / __ \|  Y Y  \

  377. //   |____| \___  >____  /__|_|  /

  378. //              \/     \/      \/

  379. 

  380. type AuthorizeType int
  381. 

  382. const (
  383. 	ORG_READABLE AuthorizeType = iota + 1
  384. 	ORG_WRITABLE
  385. 	ORG_ADMIN
  386. )
  387. 

  388. func AuthorizeToAccessType(auth AuthorizeType) AccessType {
  389. 	if auth == ORG_READABLE {
  390. 		return READABLE
  391. 	}
  392. 	return WRITABLE
  393. }
  394. 

  395. const OWNER_TEAM = "Owners"
  396. 

  397. // Team represents a organization team.

  398. type Team struct {
  399. 	Id          int64
  400. 	OrgId       int64 `xorm:"INDEX"`
  401. 	LowerName   string
  402. 	Name        string
  403. 	Description string
  404. 	Authorize   AuthorizeType
  405. 	RepoIds     string        `xorm:"TEXT"`
  406. 	Repos       []*Repository `xorm:"-"`
  407. 	Members     []*User       `xorm:"-"`
  408. 	NumRepos    int
  409. 	NumMembers  int
  410. }
  411. 

  412. // IsOwnerTeam returns true if team is owner team.

  413. func (t *Team) IsOwnerTeam() bool {
  414. 	return t.Name == OWNER_TEAM
  415. }
  416. 

  417. // IsTeamMember returns true if given user is a member of team.

  418. func (t *Team) IsMember(uid int64) bool {
  419. 	return IsTeamMember(t.OrgId, t.Id, uid)
  420. }
  421. 

  422. // GetRepositories returns all repositories in team of organization.

  423. func (t *Team) GetRepositories() error {
  424. 	idStrs := strings.Split(t.RepoIds, "|")
  425. 	t.Repos = make([]*Repository, 0, len(idStrs))
  426. 	for _, str := range idStrs {
  427. 		if len(str) == 0 {
  428. 			continue
  429. 		}
  430. 		id := com.StrTo(str[1:]).MustInt64()
  431. 		if id == 0 {
  432. 			continue
  433. 		}
  434. 		repo, err := GetRepositoryById(id)
  435. 		if err != nil {
  436. 			return err
  437. 		}
  438. 		t.Repos = append(t.Repos, repo)
  439. 	}
  440. 	return nil
  441. }
  442. 

  443. // GetMembers returns all members in team of organization.

  444. func (t *Team) GetMembers() (err error) {
  445. 	t.Members, err = GetTeamMembers(t.OrgId, t.Id)
  446. 	return err
  447. }
  448. 

  449. // AddMember adds new member to team of organization.

  450. func (t *Team) AddMember(uid int64) error {
  451. 	return AddTeamMember(t.OrgId, t.Id, uid)
  452. }
  453. 

  454. // RemoveMember removes member from team of organization.

  455. func (t *Team) RemoveMember(uid int64) error {
  456. 	return RemoveTeamMember(t.OrgId, t.Id, uid)
  457. }
  458. 

  459. // addAccessWithAuthorize inserts or updates access with given mode.

  460. func addAccessWithAuthorize(sess *xorm.Session, access *Access, mode AccessType) error {
  461. 	has, err := x.Get(access)
  462. 	if err != nil {
  463. 		return fmt.Errorf("fail to get access: %v", err)
  464. 	}
  465. 	access.Mode = mode
  466. 	if has {
  467. 		if _, err = sess.Id(access.Id).Update(access); err != nil {
  468. 			return fmt.Errorf("fail to update access: %v", err)
  469. 		}
  470. 	} else {
  471. 		if _, err = sess.Insert(access); err != nil {
  472. 			return fmt.Errorf("fail to insert access: %v", err)
  473. 		}
  474. 	}
  475. 	return nil
  476. }
  477. 

  478. // AddRepository adds new repository to team of organization.

  479. func (t *Team) AddRepository(repo *Repository) (err error) {
  480. 	idStr := "$" + com.ToStr(repo.Id) + "|"
  481. 	if repo.OwnerId != t.OrgId {
  482. 		return errors.New("Repository not belong to organization")
  483. 	} else if strings.Contains(t.RepoIds, idStr) {
  484. 		return nil
  485. 	}
  486. 

  487. 	if err = repo.GetOwner(); err != nil {
  488. 		return err
  489. 	} else if err = t.GetMembers(); err != nil {
  490. 		return err
  491. 	}
  492. 

  493. 	sess := x.NewSession()
  494. 	defer sess.Close()
  495. 	if err = sess.Begin(); err != nil {
  496. 		return err
  497. 	}
  498. 

  499. 	t.NumRepos++
  500. 	t.RepoIds += idStr
  501. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  502. 		sess.Rollback()
  503. 		return err
  504. 	}
  505. 

  506. 	// Give access to team members.

  507. 	mode := AuthorizeToAccessType(t.Authorize)
  508. 

  509. 	for _, u := range t.Members {
  510. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, t.Id, repo.Id)
  511. 		if err != nil {
  512. 			sess.Rollback()
  513. 			return err
  514. 		}
  515. 

  516. 		access := &Access{
  517. 			UserName: u.LowerName,
  518. 			RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
  519. 		}
  520. 		if auth == 0 {
  521. 			access.Mode = mode
  522. 			if _, err = sess.Insert(access); err != nil {
  523. 				sess.Rollback()
  524. 				return fmt.Errorf("fail to insert access: %v", err)
  525. 			}
  526. 		} else if auth < t.Authorize {
  527. 			if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  528. 				sess.Rollback()
  529. 				return err
  530. 			}
  531. 		}
  532. 		if err = WatchRepo(u.Id, repo.Id, true); err != nil {
  533. 			sess.Rollback()
  534. 			return err
  535. 		}
  536. 	}
  537. 	return sess.Commit()
  538. }
  539. 

  540. // RemoveRepository removes repository from team of organization.

  541. func (t *Team) RemoveRepository(repoId int64) error {
  542. 	idStr := "$" + com.ToStr(repoId) + "|"
  543. 	if !strings.Contains(t.RepoIds, idStr) {
  544. 		return nil
  545. 	}
  546. 

  547. 	repo, err := GetRepositoryById(repoId)
  548. 	if err != nil {
  549. 		return err
  550. 	}
  551. 

  552. 	if err = repo.GetOwner(); err != nil {
  553. 		return err
  554. 	} else if err = t.GetMembers(); err != nil {
  555. 		return err
  556. 	}
  557. 

  558. 	sess := x.NewSession()
  559. 	defer sess.Close()
  560. 	if err = sess.Begin(); err != nil {
  561. 		return err
  562. 	}
  563. 

  564. 	t.NumRepos--
  565. 	t.RepoIds = strings.Replace(t.RepoIds, idStr, "", 1)
  566. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  567. 		sess.Rollback()
  568. 		return err
  569. 	}
  570. 

  571. 	// Remove access to team members.

  572. 	for _, u := range t.Members {
  573. 		auth, err := GetHighestAuthorize(t.OrgId, u.Id, t.Id, repo.Id)
  574. 		if err != nil {
  575. 			sess.Rollback()
  576. 			return err
  577. 		}
  578. 

  579. 		access := &Access{
  580. 			UserName: u.LowerName,
  581. 			RepoName: path.Join(repo.Owner.LowerName, repo.LowerName),
  582. 		}
  583. 		if auth == 0 {
  584. 			if _, err = sess.Delete(access); err != nil {
  585. 				sess.Rollback()
  586. 				return fmt.Errorf("fail to delete access: %v", err)
  587. 			} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  588. 				sess.Rollback()
  589. 				return err
  590. 			}
  591. 		} else if auth < t.Authorize {
  592. 			if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  593. 				sess.Rollback()
  594. 				return err
  595. 			}
  596. 		}
  597. 	}
  598. 

  599. 	return sess.Commit()
  600. }
  601. 

  602. // NewTeam creates a record of new team.

  603. // It's caller's responsibility to assign organization ID.

  604. func NewTeam(t *Team) error {
  605. 	if !IsLegalName(t.Name) {
  606. 		return ErrTeamNameIllegal
  607. 	}
  608. 

  609. 	has, err := x.Id(t.OrgId).Get(new(User))
  610. 	if err != nil {
  611. 		return err
  612. 	} else if !has {
  613. 		return ErrOrgNotExist
  614. 	}
  615. 

  616. 	t.LowerName = strings.ToLower(t.Name)
  617. 	has, err = x.Where("org_id=?", t.OrgId).And("lower_name=?", t.LowerName).Get(new(Team))
  618. 	if err != nil {
  619. 		return err
  620. 	} else if has {
  621. 		return ErrTeamAlreadyExist
  622. 	}
  623. 

  624. 	sess := x.NewSession()
  625. 	defer sess.Close()
  626. 	if err = sess.Begin(); err != nil {
  627. 		return err
  628. 	}
  629. 

  630. 	if _, err = sess.Insert(t); err != nil {
  631. 		sess.Rollback()
  632. 		return err
  633. 	}
  634. 

  635. 	// Update organization number of teams.

  636. 	if _, err = sess.Exec("UPDATE `user` SET num_teams = num_teams + 1 WHERE id = ?", t.OrgId); err != nil {
  637. 		sess.Rollback()
  638. 		return err
  639. 	}
  640. 	return sess.Commit()
  641. }
  642. 

  643. // GetTeam returns team by given team name and organization.

  644. func GetTeam(orgId int64, name string) (*Team, error) {
  645. 	t := &Team{
  646. 		OrgId:     orgId,
  647. 		LowerName: strings.ToLower(name),
  648. 	}
  649. 	has, err := x.Get(t)
  650. 	if err != nil {
  651. 		return nil, err
  652. 	} else if !has {
  653. 		return nil, ErrTeamNotExist
  654. 	}
  655. 	return t, nil
  656. }
  657. 

  658. // GetTeamById returns team by given ID.

  659. func GetTeamById(teamId int64) (*Team, error) {
  660. 	t := new(Team)
  661. 	has, err := x.Id(teamId).Get(t)
  662. 	if err != nil {
  663. 		return nil, err
  664. 	} else if !has {
  665. 		return nil, ErrTeamNotExist
  666. 	}
  667. 	return t, nil
  668. }
  669. 

  670. // GetHighestAuthorize returns highest repository authorize level for given user and team.

  671. func GetHighestAuthorize(orgId, uid, teamId, repoId int64) (AuthorizeType, error) {
  672. 	ts, err := GetUserTeams(orgId, uid)
  673. 	if err != nil {
  674. 		return 0, err
  675. 	}
  676. 

  677. 	var auth AuthorizeType = 0
  678. 	for _, t := range ts {
  679. 		// Not current team and has given repository.

  680. 		if t.Id != teamId && strings.Contains(t.RepoIds, "$"+com.ToStr(repoId)+"|") {
  681. 			// Fast return.

  682. 			if t.Authorize == ORG_WRITABLE {
  683. 				return ORG_WRITABLE, nil
  684. 			}
  685. 			if t.Authorize > auth {
  686. 				auth = t.Authorize
  687. 			}
  688. 		}
  689. 	}
  690. 	return auth, nil
  691. }
  692. 

  693. // UpdateTeam updates information of team.

  694. func UpdateTeam(t *Team, authChanged bool) (err error) {
  695. 	if !IsLegalName(t.Name) {
  696. 		return ErrTeamNameIllegal
  697. 	}
  698. 

  699. 	if len(t.Description) > 255 {
  700. 		t.Description = t.Description[:255]
  701. 	}
  702. 

  703. 	sess := x.NewSession()
  704. 	defer sess.Close()
  705. 	if err = sess.Begin(); err != nil {
  706. 		return err
  707. 	}
  708. 

  709. 	// Update access for team members if needed.

  710. 	if authChanged && !t.IsOwnerTeam() {
  711. 		if err = t.GetRepositories(); err != nil {
  712. 			return err
  713. 		} else if err = t.GetMembers(); err != nil {
  714. 			return err
  715. 		}
  716. 

  717. 		// Get organization.

  718. 		org, err := GetUserById(t.OrgId)
  719. 		if err != nil {
  720. 			return err
  721. 		}
  722. 

  723. 		// Update access.

  724. 		mode := AuthorizeToAccessType(t.Authorize)
  725. 

  726. 		for _, repo := range t.Repos {
  727. 			for _, u := range t.Members {
  728. 				// ORG_WRITABLE is the highest authorize level for now.

  729. 				// Skip checking others if current team has this level.

  730. 				if t.Authorize < ORG_WRITABLE {
  731. 					auth, err := GetHighestAuthorize(org.Id, u.Id, t.Id, repo.Id)
  732. 					if err != nil {
  733. 						sess.Rollback()
  734. 						return err
  735. 					}
  736. 					if auth >= t.Authorize {
  737. 						continue // Other team has higher or same authorize level.

  738. 					}
  739. 				}
  740. 

  741. 				access := &Access{
  742. 					UserName: u.LowerName,
  743. 					RepoName: path.Join(org.LowerName, repo.LowerName),
  744. 				}
  745. 				if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  746. 					sess.Rollback()
  747. 					return err
  748. 				}
  749. 			}
  750. 		}
  751. 	}
  752. 

  753. 	t.LowerName = strings.ToLower(t.Name)
  754. 	if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  755. 		sess.Rollback()
  756. 		return err
  757. 	}
  758. 	return sess.Commit()
  759. }
  760. 

  761. // DeleteTeam deletes given team.

  762. // It's caller's responsibility to assign organization ID.

  763. func DeleteTeam(t *Team) error {
  764. 	if err := t.GetRepositories(); err != nil {
  765. 		return err
  766. 	} else if err = t.GetMembers(); err != nil {
  767. 		return err
  768. 	}
  769. 

  770. 	// Get organization.

  771. 	org, err := GetUserById(t.OrgId)
  772. 	if err != nil {
  773. 		return err
  774. 	}
  775. 

  776. 	sess := x.NewSession()
  777. 	defer sess.Close()
  778. 	if err = sess.Begin(); err != nil {
  779. 		return err
  780. 	}
  781. 

  782. 	// Delete all accesses.

  783. 	for _, repo := range t.Repos {
  784. 		for _, u := range t.Members {
  785. 			auth, err := GetHighestAuthorize(org.Id, u.Id, t.Id, repo.Id)
  786. 			if err != nil {
  787. 				sess.Rollback()
  788. 				return err
  789. 			}
  790. 

  791. 			access := &Access{
  792. 				UserName: u.LowerName,
  793. 				RepoName: path.Join(org.LowerName, repo.LowerName),
  794. 			}
  795. 			if auth == 0 {
  796. 				if _, err = sess.Delete(access); err != nil {
  797. 					sess.Rollback()
  798. 					return fmt.Errorf("fail to delete access: %v", err)
  799. 				}
  800. 			} else if auth < t.Authorize {
  801. 				// Downgrade authorize level.

  802. 				if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  803. 					sess.Rollback()
  804. 					return err
  805. 				}
  806. 			}
  807. 		}
  808. 	}
  809. 

  810. 	// Delete team-user.

  811. 	if _, err = sess.Where("org_id=?", org.Id).Where("team_id=?", t.Id).Delete(new(TeamUser)); err != nil {
  812. 		sess.Rollback()
  813. 		return err
  814. 	}
  815. 

  816. 	// Delete team.

  817. 	if _, err = sess.Id(t.Id).Delete(new(Team)); err != nil {
  818. 		sess.Rollback()
  819. 		return err
  820. 	}
  821. 	// Update organization number of teams.

  822. 	if _, err = sess.Exec("UPDATE `user` SET num_teams = num_teams - 1 WHERE id = ?", t.OrgId); err != nil {
  823. 		sess.Rollback()
  824. 		return err
  825. 	}
  826. 

  827. 	return sess.Commit()
  828. }
  829. 

  830. // ___________                    ____ ___

  831. // \__    ___/___ _____    _____ |    |   \______ ___________

  832. //   |    |_/ __ \\__  \  /     \|    |   /  ___// __ \_  __ \

  833. //   |    |\  ___/ / __ \|  Y Y  \    |  /\___ \\  ___/|  | \/

  834. //   |____| \___  >____  /__|_|  /______//____  >\___  >__|

  835. //              \/     \/      \/             \/     \/

  836. 

  837. // TeamUser represents an team-user relation.

  838. type TeamUser struct {
  839. 	Id     int64
  840. 	Uid    int64
  841. 	OrgId  int64 `xorm:"INDEX"`
  842. 	TeamId int64
  843. }
  844. 

  845. // IsTeamMember returns true if given user is a member of team.

  846. func IsTeamMember(orgId, teamId, uid int64) bool {
  847. 	has, _ := x.Where("uid=?", uid).And("org_id=?", orgId).And("team_id=?", teamId).Get(new(TeamUser))
  848. 	return has
  849. }
  850. 

  851. // GetTeamMembers returns all members in given team of organization.

  852. func GetTeamMembers(orgId, teamId int64) ([]*User, error) {
  853. 	tus := make([]*TeamUser, 0, 10)
  854. 	err := x.Where("org_id=?", orgId).And("team_id=?", teamId).Find(&tus)
  855. 	if err != nil {
  856. 		return nil, err
  857. 	}
  858. 

  859. 	us := make([]*User, len(tus))
  860. 	for i, tu := range tus {
  861. 		us[i], err = GetUserById(tu.Uid)
  862. 		if err != nil {
  863. 			return nil, err
  864. 		}
  865. 	}
  866. 	return us, nil
  867. }
  868. 

  869. // GetUserTeams returns all teams that user belongs to in given origanization.

  870. func GetUserTeams(orgId, uid int64) ([]*Team, error) {
  871. 	tus := make([]*TeamUser, 0, 5)
  872. 	if err := x.Where("uid=?", uid).And("org_id=?", orgId).Find(&tus); err != nil {
  873. 		return nil, err
  874. 	}
  875. 

  876. 	ts := make([]*Team, len(tus))
  877. 	for i, tu := range tus {
  878. 		t := new(Team)
  879. 		has, err := x.Id(tu.TeamId).Get(t)
  880. 		if err != nil {
  881. 			return nil, err
  882. 		} else if !has {
  883. 			return nil, ErrTeamNotExist
  884. 		}
  885. 		ts[i] = t
  886. 	}
  887. 	return ts, nil
  888. }
  889. 

  890. // AddTeamMember adds new member to given team of given organization.

  891. func AddTeamMember(orgId, teamId, uid int64) error {
  892. 	if IsTeamMember(orgId, teamId, uid) {
  893. 		return nil
  894. 	}
  895. 

  896. 	if err := AddOrgUser(orgId, uid); err != nil {
  897. 		return err
  898. 	}
  899. 

  900. 	// Get team and its repositories.

  901. 	t, err := GetTeamById(teamId)
  902. 	if err != nil {
  903. 		return err
  904. 	}
  905. 	t.NumMembers++
  906. 

  907. 	if err = t.GetRepositories(); err != nil {
  908. 		return err
  909. 	}
  910. 

  911. 	// Get organization.

  912. 	org, err := GetUserById(orgId)
  913. 	if err != nil {
  914. 		return err
  915. 	}
  916. 

  917. 	// Get user.

  918. 	u, err := GetUserById(uid)
  919. 	if err != nil {
  920. 		return err
  921. 	}
  922. 

  923. 	sess := x.NewSession()
  924. 	defer sess.Close()
  925. 	if err = sess.Begin(); err != nil {
  926. 		return err
  927. 	}
  928. 

  929. 	tu := &TeamUser{
  930. 		Uid:    uid,
  931. 		OrgId:  orgId,
  932. 		TeamId: teamId,
  933. 	}
  934. 

  935. 	if _, err = sess.Insert(tu); err != nil {
  936. 		sess.Rollback()
  937. 		return err
  938. 	} else if _, err = sess.Id(t.Id).Update(t); err != nil {
  939. 		sess.Rollback()
  940. 		return err
  941. 	}
  942. 

  943. 	// Give access to team repositories.

  944. 	mode := AuthorizeToAccessType(t.Authorize)
  945. 	for _, repo := range t.Repos {
  946. 		auth, err := GetHighestAuthorize(orgId, uid, teamId, repo.Id)
  947. 		if err != nil {
  948. 			sess.Rollback()
  949. 			return err
  950. 		}
  951. 

  952. 		access := &Access{
  953. 			UserName: u.LowerName,
  954. 			RepoName: path.Join(org.LowerName, repo.LowerName),
  955. 		}
  956. 		// Equal 0 means given access doesn't exist.

  957. 		if auth == 0 {
  958. 			access.Mode = mode
  959. 			if _, err = sess.Insert(access); err != nil {
  960. 				sess.Rollback()
  961. 				return fmt.Errorf("fail to insert access: %v", err)
  962. 			}
  963. 		} else if auth < t.Authorize {
  964. 			if err = addAccessWithAuthorize(sess, access, mode); err != nil {
  965. 				sess.Rollback()
  966. 				return err
  967. 			}
  968. 		}
  969. 	}
  970. 

  971. 	// We make sure it exists before.

  972. 	ou := new(OrgUser)
  973. 	_, err = sess.Where("uid=?", uid).And("org_id=?", orgId).Get(ou)
  974. 	if err != nil {
  975. 		sess.Rollback()
  976. 		return err
  977. 	}
  978. 	ou.NumTeams++
  979. 	if t.IsOwnerTeam() {
  980. 		ou.IsOwner = true
  981. 	}
  982. 	if _, err = sess.Id(ou.Id).AllCols().Update(ou); err != nil {
  983. 		sess.Rollback()
  984. 		return err
  985. 	}
  986. 

  987. 	return sess.Commit()
  988. }
  989. 

  990. func removeTeamMemberWithSess(orgId, teamId, uid int64, sess *xorm.Session) error {
  991. 	if !IsTeamMember(orgId, teamId, uid) {
  992. 		return nil
  993. 	}
  994. 

  995. 	// Get team and its repositories.

  996. 	t, err := GetTeamById(teamId)
  997. 	if err != nil {
  998. 		return err
  999. 	}
  1000. 

  1001. 	// Check if the user to delete is the last member in owner team.

  1002. 	if t.IsOwnerTeam() && t.NumMembers == 1 {
  1003. 		return ErrLastOrgOwner
  1004. 	}
  1005. 

  1006. 	t.NumMembers--
  1007. 

  1008. 	if err = t.GetRepositories(); err != nil {
  1009. 		return err
  1010. 	}
  1011. 

  1012. 	// Get organization.

  1013. 	org, err := GetUserById(orgId)
  1014. 	if err != nil {
  1015. 		return err
  1016. 	}
  1017. 

  1018. 	// Get user.

  1019. 	u, err := GetUserById(uid)
  1020. 	if err != nil {
  1021. 		return err
  1022. 	}
  1023. 

  1024. 	tu := &TeamUser{
  1025. 		Uid:    uid,
  1026. 		OrgId:  orgId,
  1027. 		TeamId: teamId,
  1028. 	}
  1029. 

  1030. 	if _, err := sess.Delete(tu); err != nil {
  1031. 		sess.Rollback()
  1032. 		return err
  1033. 	} else if _, err = sess.Id(t.Id).AllCols().Update(t); err != nil {
  1034. 		sess.Rollback()
  1035. 		return err
  1036. 	}
  1037. 

  1038. 	// Delete access to team repositories.

  1039. 	for _, repo := range t.Repos {
  1040. 		auth, err := GetHighestAuthorize(orgId, uid, teamId, repo.Id)
  1041. 		if err != nil {
  1042. 			sess.Rollback()
  1043. 			return err
  1044. 		}
  1045. 

  1046. 		access := &Access{
  1047. 			UserName: u.LowerName,
  1048. 			RepoName: path.Join(org.LowerName, repo.LowerName),
  1049. 		}
  1050. 		// Delete access if this is the last team user belongs to.

  1051. 		if auth == 0 {
  1052. 			if _, err = sess.Delete(access); err != nil {
  1053. 				sess.Rollback()
  1054. 				return fmt.Errorf("fail to delete access: %v", err)
  1055. 			} else if err = WatchRepo(u.Id, repo.Id, false); err != nil {
  1056. 				sess.Rollback()
  1057. 				return err
  1058. 			}
  1059. 		} else if auth < t.Authorize {
  1060. 			// Downgrade authorize level.

  1061. 			if err = addAccessWithAuthorize(sess, access, AuthorizeToAccessType(auth)); err != nil {
  1062. 				sess.Rollback()
  1063. 				return err
  1064. 			}
  1065. 		}
  1066. 	}
  1067. 

  1068. 	// This must exist.

  1069. 	ou := new(OrgUser)
  1070. 	_, err = sess.Where("uid=?", uid).And("org_id=?", org.Id).Get(ou)
  1071. 	if err != nil {
  1072. 		sess.Rollback()
  1073. 		return err
  1074. 	}
  1075. 	ou.NumTeams--
  1076. 	if t.IsOwnerTeam() {
  1077. 		ou.IsOwner = false
  1078. 	}
  1079. 	if _, err = sess.Id(ou.Id).AllCols().Update(ou); err != nil {
  1080. 		sess.Rollback()
  1081. 		return err
  1082. 	}
  1083. 	return nil
  1084. }
  1085. 

  1086. // RemoveTeamMember removes member from given team of given organization.

  1087. func RemoveTeamMember(orgId, teamId, uid int64) error {
  1088. 	sess := x.NewSession()
  1089. 	defer sess.Close()
  1090. 	if err := sess.Begin(); err != nil {
  1091. 		return err
  1092. 	}
  1093. 	if err := removeTeamMemberWithSess(orgId, teamId, uid, sess); err != nil {
  1094. 		return err
  1095. 	}
  1096. 	return sess.Commit()
  1097. }