You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

287 lines
7.3 KiB

  1. // Copyright 2017 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package org
  5. import (
  6. "fmt"
  7. api "code.gitea.io/gitea/modules/structs"
  8. "code.gitea.io/gitea/models"
  9. "code.gitea.io/gitea/modules/context"
  10. "code.gitea.io/gitea/modules/setting"
  11. "code.gitea.io/gitea/routers/api/v1/user"
  12. )
  13. // listMembers list an organization's members
  14. func listMembers(ctx *context.APIContext, publicOnly bool) {
  15. var members []*models.User
  16. if publicOnly {
  17. orgUsers, err := models.GetOrgUsersByOrgID(ctx.Org.Organization.ID)
  18. if err != nil {
  19. ctx.Error(500, "GetOrgUsersByOrgID", err)
  20. return
  21. }
  22. memberIDs := make([]int64, 0, len(orgUsers))
  23. for _, orgUser := range orgUsers {
  24. if orgUser.IsPublic {
  25. memberIDs = append(memberIDs, orgUser.UID)
  26. }
  27. }
  28. if members, err = models.GetUsersByIDs(memberIDs); err != nil {
  29. ctx.Error(500, "GetUsersByIDs", err)
  30. return
  31. }
  32. } else {
  33. if err := ctx.Org.Organization.GetMembers(); err != nil {
  34. ctx.Error(500, "GetMembers", err)
  35. return
  36. }
  37. members = ctx.Org.Organization.Members
  38. }
  39. apiMembers := make([]*api.User, len(members))
  40. for i, member := range members {
  41. apiMembers[i] = member.APIFormat()
  42. }
  43. ctx.JSON(200, apiMembers)
  44. }
  45. // ListMembers list an organization's members
  46. func ListMembers(ctx *context.APIContext) {
  47. // swagger:operation GET /orgs/{org}/members organization orgListMembers
  48. // ---
  49. // summary: List an organization's members
  50. // produces:
  51. // - application/json
  52. // parameters:
  53. // - name: org
  54. // in: path
  55. // description: name of the organization
  56. // type: string
  57. // required: true
  58. // responses:
  59. // "200":
  60. // "$ref": "#/responses/UserList"
  61. publicOnly := true
  62. if ctx.User != nil {
  63. isMember, err := ctx.Org.Organization.IsOrgMember(ctx.User.ID)
  64. if err != nil {
  65. ctx.Error(500, "IsOrgMember", err)
  66. return
  67. }
  68. publicOnly = !isMember
  69. }
  70. listMembers(ctx, publicOnly)
  71. }
  72. // ListPublicMembers list an organization's public members
  73. func ListPublicMembers(ctx *context.APIContext) {
  74. // swagger:operation GET /orgs/{org}/public_members organization orgListPublicMembers
  75. // ---
  76. // summary: List an organization's public members
  77. // parameters:
  78. // - name: org
  79. // in: path
  80. // description: name of the organization
  81. // type: string
  82. // required: true
  83. // produces:
  84. // - application/json
  85. // responses:
  86. // "200":
  87. // "$ref": "#/responses/UserList"
  88. listMembers(ctx, true)
  89. }
  90. // IsMember check if a user is a member of an organization
  91. func IsMember(ctx *context.APIContext) {
  92. // swagger:operation GET /orgs/{org}/members/{username} organization orgIsMember
  93. // ---
  94. // summary: Check if a user is a member of an organization
  95. // parameters:
  96. // - name: org
  97. // in: path
  98. // description: name of the organization
  99. // type: string
  100. // required: true
  101. // - name: username
  102. // in: path
  103. // description: username of the user
  104. // type: string
  105. // required: true
  106. // responses:
  107. // "204":
  108. // description: user is a member
  109. // "404":
  110. // description: user is not a member
  111. userToCheck := user.GetUserByParams(ctx)
  112. if ctx.Written() {
  113. return
  114. }
  115. if ctx.User != nil {
  116. userIsMember, err := ctx.Org.Organization.IsOrgMember(ctx.User.ID)
  117. if err != nil {
  118. ctx.Error(500, "IsOrgMember", err)
  119. return
  120. } else if userIsMember {
  121. userToCheckIsMember, err := ctx.Org.Organization.IsOrgMember(userToCheck.ID)
  122. if err != nil {
  123. ctx.Error(500, "IsOrgMember", err)
  124. } else if userToCheckIsMember {
  125. ctx.Status(204)
  126. } else {
  127. ctx.NotFound()
  128. }
  129. return
  130. } else if ctx.User.ID == userToCheck.ID {
  131. ctx.NotFound()
  132. return
  133. }
  134. }
  135. redirectURL := fmt.Sprintf("%sapi/v1/orgs/%s/public_members/%s",
  136. setting.AppURL, ctx.Org.Organization.Name, userToCheck.Name)
  137. ctx.Redirect(redirectURL, 302)
  138. }
  139. // IsPublicMember check if a user is a public member of an organization
  140. func IsPublicMember(ctx *context.APIContext) {
  141. // swagger:operation GET /orgs/{org}/public_members/{username} organization orgIsPublicMember
  142. // ---
  143. // summary: Check if a user is a public member of an organization
  144. // parameters:
  145. // - name: org
  146. // in: path
  147. // description: name of the organization
  148. // type: string
  149. // required: true
  150. // - name: username
  151. // in: path
  152. // description: username of the user
  153. // type: string
  154. // required: true
  155. // responses:
  156. // "204":
  157. // description: user is a public member
  158. // "404":
  159. // description: user is not a public member
  160. userToCheck := user.GetUserByParams(ctx)
  161. if ctx.Written() {
  162. return
  163. }
  164. if userToCheck.IsPublicMember(ctx.Org.Organization.ID) {
  165. ctx.Status(204)
  166. } else {
  167. ctx.NotFound()
  168. }
  169. }
  170. // PublicizeMember make a member's membership public
  171. func PublicizeMember(ctx *context.APIContext) {
  172. // swagger:operation PUT /orgs/{org}/public_members/{username} organization orgPublicizeMember
  173. // ---
  174. // summary: Publicize a user's membership
  175. // produces:
  176. // - application/json
  177. // parameters:
  178. // - name: org
  179. // in: path
  180. // description: name of the organization
  181. // type: string
  182. // required: true
  183. // - name: username
  184. // in: path
  185. // description: username of the user
  186. // type: string
  187. // required: true
  188. // responses:
  189. // "204":
  190. // description: membership publicized
  191. userToPublicize := user.GetUserByParams(ctx)
  192. if ctx.Written() {
  193. return
  194. }
  195. if userToPublicize.ID != ctx.User.ID {
  196. ctx.Error(403, "", "Cannot publicize another member")
  197. return
  198. }
  199. err := models.ChangeOrgUserStatus(ctx.Org.Organization.ID, userToPublicize.ID, true)
  200. if err != nil {
  201. ctx.Error(500, "ChangeOrgUserStatus", err)
  202. return
  203. }
  204. ctx.Status(204)
  205. }
  206. // ConcealMember make a member's membership not public
  207. func ConcealMember(ctx *context.APIContext) {
  208. // swagger:operation DELETE /orgs/{org}/public_members/{username} organization orgConcealMember
  209. // ---
  210. // summary: Conceal a user's membership
  211. // produces:
  212. // - application/json
  213. // parameters:
  214. // - name: org
  215. // in: path
  216. // description: name of the organization
  217. // type: string
  218. // required: true
  219. // - name: username
  220. // in: path
  221. // description: username of the user
  222. // type: string
  223. // required: true
  224. // responses:
  225. // "204":
  226. // "$ref": "#/responses/empty"
  227. userToConceal := user.GetUserByParams(ctx)
  228. if ctx.Written() {
  229. return
  230. }
  231. if userToConceal.ID != ctx.User.ID {
  232. ctx.Error(403, "", "Cannot conceal another member")
  233. return
  234. }
  235. err := models.ChangeOrgUserStatus(ctx.Org.Organization.ID, userToConceal.ID, false)
  236. if err != nil {
  237. ctx.Error(500, "ChangeOrgUserStatus", err)
  238. return
  239. }
  240. ctx.Status(204)
  241. }
  242. // DeleteMember remove a member from an organization
  243. func DeleteMember(ctx *context.APIContext) {
  244. // swagger:operation DELETE /orgs/{org}/members/{username} organization orgDeleteMember
  245. // ---
  246. // summary: Remove a member from an organization
  247. // produces:
  248. // - application/json
  249. // parameters:
  250. // - name: org
  251. // in: path
  252. // description: name of the organization
  253. // type: string
  254. // required: true
  255. // - name: username
  256. // in: path
  257. // description: username of the user
  258. // type: string
  259. // required: true
  260. // responses:
  261. // "204":
  262. // description: member removed
  263. member := user.GetUserByParams(ctx)
  264. if ctx.Written() {
  265. return
  266. }
  267. if err := ctx.Org.Organization.RemoveMember(member.ID); err != nil {
  268. ctx.Error(500, "RemoveMember", err)
  269. }
  270. ctx.Status(204)
  271. }