Add UnitCommitStatus

2025-12-09 17:53:50 +01:00 · 2025-08-30 11:49:03 +00:00 · 2025-08-30 11:49:03 +00:00 · 7c5cc63dc6
commit 7c5cc63dc6
parent 35f68afdf6
3 changed files with 18 additions and 48 deletions
--- a/models/unit/unit.go
+++ b/models/unit/unit.go
@ -33,6 +33,7 @@ const (
 	TypeProjects        // 8 Projects
 	TypePackages        // 9 Packages
 	TypeActions         // 10 Actions
+	TypeCommitStatus    // 11 Commit Status

 	// FIXME: TEAM-UNIT-PERMISSION: the team unit "admin" permission's design is not right, when a new unit is added in the future,
 	// admin team won't inherit the correct admin permission for the new unit, need to have a complete fix before adding any new unit.
@ -65,6 +66,7 @@ var (
 		TypeProjects,
 		TypePackages,
 		TypeActions,
+		TypeCommitStatus,
 	}

 	// DefaultRepoUnits contains the default unit types
@ -77,8 +79,10 @@ var (
 		TypeProjects,
 		TypePackages,
 		TypeActions,
+		TypeCommitStatus,
 	}

+	// TODO(not7cd): Defaults that need TypeCommitStatus
 	// ForkRepoUnits contains the default unit types for forks
 	DefaultForkRepoUnits = []Type{
 		TypeCode,
@ -237,6 +241,7 @@ func (u Unit) MaxPerm() perm.AccessMode {
 }

 // Enumerate all the units
+// TODO(not7cd): Add TypeCommitStatus
 var (
 	UnitCode = Unit{
 		TypeCode,
@ -328,6 +333,16 @@ var (
 		perm.AccessModeOwner,
 	}

+	// TODO(not7cd): Just copied this
+	UnitCommitStatus = Unit{
+		TypeCommitStatus,
+		"repo.commitstatus",
+		"/statuses",
+		"commitstatus.unit.desc",
+		8,
+		perm.AccessModeOwner,
+	}
+
 	// Units contains all the units
 	Units = map[Type]Unit{
 		TypeCode:            UnitCode,
@ -340,6 +355,7 @@ var (
 		TypeProjects:        UnitProjects,
 		TypePackages:        UnitPackages,
 		TypeActions:         UnitActions,
+		TypeCommitStatus:    UnitCommitStatus,
 	}
 )

--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@ -455,28 +455,6 @@ func reqRepoWriter(unitTypes ...unit.Type) func(ctx *context.APIContext) {
 	}
 }

-// reqRepoCommitStatusWriter user should have a permission to write to commit
-// statuses, or write to a repo, or be a site admin
-func reqRepoCommitStatusWriter(unitTypes ...unit.Type) func(ctx *context.APIContext) {
-	return func(ctx *context.APIContext) {
-		// TODO(not7cd)
-		if !ctx.IsUserRepoWriter(unitTypes) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() {
-			ctx.APIError(http.StatusForbidden, "user should have a permission to write to a repo")
-			return
-		}
-	}
-}
-
-// TODO(not7cd): do I need this?
-// // reqRepoBranchWriter user should have a permission to write to a branch, or be a site admin
-// func reqRepoBranchWriter(ctx *context.APIContext) {
-// 	options, ok := web.GetForm(ctx).(api.FileOptionInterface)
-// 	if !ok || (!ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, options.Branch()) && !ctx.IsUserSiteAdmin()) {
-// 		ctx.APIError(http.StatusForbidden, "user should have a permission to write to this branch")
-// 		return
-// 	}
-// }
-
 // reqRepoReader user should have specific read permission or be a repo admin or a site admin
 func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) {
 	return func(ctx *context.APIContext) {
@ -487,18 +465,6 @@ func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) {
 	}
 }

-// reqRepoReader user should have specific commit status read permission, or
-// repo read permission, or be a repo admin or a site admin
-func reqRepoCommitStatusReader(unitType unit.Type) func(ctx *context.APIContext) {
-	return func(ctx *context.APIContext) {
-		// TODO(not7cd)
-		if !ctx.Repo.CanRead(unitType) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() {
-			ctx.APIError(http.StatusForbidden, "user should have specific read permission or be a repo admin or a site admin")
-			return
-		}
-	}
-}
-
 // reqAnyRepoReader user should have any permission to read repository or permissions of site admin
 func reqAnyRepoReader() func(ctx *context.APIContext) {
 	return func(ctx *context.APIContext) {
@ -1433,8 +1399,8 @@ func Routes() *web.Router {
 				}, mustAllowPulls, reqRepoReader(unit.TypeCode), context.ReferencesGitRepo())
 				m.Group("/statuses", func() {
 					m.Combo("/{sha}").Get(repo.GetCommitStatuses).
-						Post(reqToken(), reqRepoCommitStatusWriter(unit.TypeCode), bind(api.CreateStatusOption{}), repo.NewCommitStatus)
-				}, reqRepoCommitStatusReader(unit.TypeCode))
+						Post(reqToken(), reqRepoWriter(unit.TypeCommitStatus), bind(api.CreateStatusOption{}), repo.NewCommitStatus)
+				}, reqRepoWriter(unit.TypeCommitStatus))
 				m.Group("/commits", func() {
 					m.Get("", context.ReferencesGitRepo(), repo.GetAllCommits)
 					m.Group("/{ref}", func() {
--- a/services/context/api.go
+++ b/services/context/api.go
@ -367,15 +367,3 @@ func (ctx *APIContext) IsUserRepoAdmin() bool {
 func (ctx *APIContext) IsUserRepoWriter(unitTypes []unit.Type) bool {
 	return slices.ContainsFunc(unitTypes, ctx.Repo.CanWrite)
 }
-
-// IsUserRepoWriter returns true if current user has write commit status privilege in current repo
-func (ctx *APIContext) IsUserCommitStatusWriter(unitTypes []unit.Type) bool {
-	for _, unitType := range unitTypes {
-		// TODO
-		if ctx.Repo.CanWrite(unitType) {
-			return true
-		}
-	}
-
-	return false
-}