mirror of
https://github.com/go-gitea/gitea.git
synced 2025-12-09 22:08:49 +01:00
Add UnitCommitStatus
This commit is contained in:
Norbert Szulc
parent
35f68afdf6
commit
7c5cc63dc6
@ -33,6 +33,7 @@ const (
|
|||||||
TypeProjects // 8 Projects
|
TypeProjects // 8 Projects
|
||||||
TypePackages // 9 Packages
|
TypePackages // 9 Packages
|
||||||
TypeActions // 10 Actions
|
TypeActions // 10 Actions
|
||||||
|
TypeCommitStatus // 11 Commit Status
|
||||||
|
|
||||||
// FIXME: TEAM-UNIT-PERMISSION: the team unit "admin" permission's design is not right, when a new unit is added in the future,
|
// FIXME: TEAM-UNIT-PERMISSION: the team unit "admin" permission's design is not right, when a new unit is added in the future,
|
||||||
// admin team won't inherit the correct admin permission for the new unit, need to have a complete fix before adding any new unit.
|
// admin team won't inherit the correct admin permission for the new unit, need to have a complete fix before adding any new unit.
|
||||||
@ -65,6 +66,7 @@ var (
|
|||||||
TypeProjects,
|
TypeProjects,
|
||||||
TypePackages,
|
TypePackages,
|
||||||
TypeActions,
|
TypeActions,
|
||||||
|
TypeCommitStatus,
|
||||||
}
|
}
|
||||||
|
|
||||||
// DefaultRepoUnits contains the default unit types
|
// DefaultRepoUnits contains the default unit types
|
||||||
@ -77,8 +79,10 @@ var (
|
|||||||
TypeProjects,
|
TypeProjects,
|
||||||
TypePackages,
|
TypePackages,
|
||||||
TypeActions,
|
TypeActions,
|
||||||
|
TypeCommitStatus,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO(not7cd): Defaults that need TypeCommitStatus
|
||||||
// ForkRepoUnits contains the default unit types for forks
|
// ForkRepoUnits contains the default unit types for forks
|
||||||
DefaultForkRepoUnits = []Type{
|
DefaultForkRepoUnits = []Type{
|
||||||
TypeCode,
|
TypeCode,
|
||||||
@ -237,6 +241,7 @@ func (u Unit) MaxPerm() perm.AccessMode {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Enumerate all the units
|
// Enumerate all the units
|
||||||
|
// TODO(not7cd): Add TypeCommitStatus
|
||||||
var (
|
var (
|
||||||
UnitCode = Unit{
|
UnitCode = Unit{
|
||||||
TypeCode,
|
TypeCode,
|
||||||
@ -328,6 +333,16 @@ var (
|
|||||||
perm.AccessModeOwner,
|
perm.AccessModeOwner,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// TODO(not7cd): Just copied this
|
||||||
|
UnitCommitStatus = Unit{
|
||||||
|
TypeCommitStatus,
|
||||||
|
"repo.commitstatus",
|
||||||
|
"/statuses",
|
||||||
|
"commitstatus.unit.desc",
|
||||||
|
8,
|
||||||
|
perm.AccessModeOwner,
|
||||||
|
}
|
||||||
|
|
||||||
// Units contains all the units
|
// Units contains all the units
|
||||||
Units = map[Type]Unit{
|
Units = map[Type]Unit{
|
||||||
TypeCode: UnitCode,
|
TypeCode: UnitCode,
|
||||||
@ -340,6 +355,7 @@ var (
|
|||||||
TypeProjects: UnitProjects,
|
TypeProjects: UnitProjects,
|
||||||
TypePackages: UnitPackages,
|
TypePackages: UnitPackages,
|
||||||
TypeActions: UnitActions,
|
TypeActions: UnitActions,
|
||||||
|
TypeCommitStatus: UnitCommitStatus,
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|||||||
@ -455,28 +455,6 @@ func reqRepoWriter(unitTypes ...unit.Type) func(ctx *context.APIContext) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// reqRepoCommitStatusWriter user should have a permission to write to commit
|
|
||||||
// statuses, or write to a repo, or be a site admin
|
|
||||||
func reqRepoCommitStatusWriter(unitTypes ...unit.Type) func(ctx *context.APIContext) {
|
|
||||||
return func(ctx *context.APIContext) {
|
|
||||||
// TODO(not7cd)
|
|
||||||
if !ctx.IsUserRepoWriter(unitTypes) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() {
|
|
||||||
ctx.APIError(http.StatusForbidden, "user should have a permission to write to a repo")
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO(not7cd): do I need this?
|
|
||||||
// // reqRepoBranchWriter user should have a permission to write to a branch, or be a site admin
|
|
||||||
// func reqRepoBranchWriter(ctx *context.APIContext) {
|
|
||||||
// options, ok := web.GetForm(ctx).(api.FileOptionInterface)
|
|
||||||
// if !ok || (!ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, options.Branch()) && !ctx.IsUserSiteAdmin()) {
|
|
||||||
// ctx.APIError(http.StatusForbidden, "user should have a permission to write to this branch")
|
|
||||||
// return
|
|
||||||
// }
|
|
||||||
// }
|
|
||||||
|
|
||||||
// reqRepoReader user should have specific read permission or be a repo admin or a site admin
|
// reqRepoReader user should have specific read permission or be a repo admin or a site admin
|
||||||
func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) {
|
func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) {
|
||||||
return func(ctx *context.APIContext) {
|
return func(ctx *context.APIContext) {
|
||||||
@ -487,18 +465,6 @@ func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// reqRepoReader user should have specific commit status read permission, or
|
|
||||||
// repo read permission, or be a repo admin or a site admin
|
|
||||||
func reqRepoCommitStatusReader(unitType unit.Type) func(ctx *context.APIContext) {
|
|
||||||
return func(ctx *context.APIContext) {
|
|
||||||
// TODO(not7cd)
|
|
||||||
if !ctx.Repo.CanRead(unitType) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() {
|
|
||||||
ctx.APIError(http.StatusForbidden, "user should have specific read permission or be a repo admin or a site admin")
|
|
||||||
return
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// reqAnyRepoReader user should have any permission to read repository or permissions of site admin
|
// reqAnyRepoReader user should have any permission to read repository or permissions of site admin
|
||||||
func reqAnyRepoReader() func(ctx *context.APIContext) {
|
func reqAnyRepoReader() func(ctx *context.APIContext) {
|
||||||
return func(ctx *context.APIContext) {
|
return func(ctx *context.APIContext) {
|
||||||
@ -1433,8 +1399,8 @@ func Routes() *web.Router {
|
|||||||
}, mustAllowPulls, reqRepoReader(unit.TypeCode), context.ReferencesGitRepo())
|
}, mustAllowPulls, reqRepoReader(unit.TypeCode), context.ReferencesGitRepo())
|
||||||
m.Group("/statuses", func() {
|
m.Group("/statuses", func() {
|
||||||
m.Combo("/{sha}").Get(repo.GetCommitStatuses).
|
m.Combo("/{sha}").Get(repo.GetCommitStatuses).
|
||||||
Post(reqToken(), reqRepoCommitStatusWriter(unit.TypeCode), bind(api.CreateStatusOption{}), repo.NewCommitStatus)
|
Post(reqToken(), reqRepoWriter(unit.TypeCommitStatus), bind(api.CreateStatusOption{}), repo.NewCommitStatus)
|
||||||
}, reqRepoCommitStatusReader(unit.TypeCode))
|
}, reqRepoWriter(unit.TypeCommitStatus))
|
||||||
m.Group("/commits", func() {
|
m.Group("/commits", func() {
|
||||||
m.Get("", context.ReferencesGitRepo(), repo.GetAllCommits)
|
m.Get("", context.ReferencesGitRepo(), repo.GetAllCommits)
|
||||||
m.Group("/{ref}", func() {
|
m.Group("/{ref}", func() {
|
||||||
|
|||||||
@ -367,15 +367,3 @@ func (ctx *APIContext) IsUserRepoAdmin() bool {
|
|||||||
func (ctx *APIContext) IsUserRepoWriter(unitTypes []unit.Type) bool {
|
func (ctx *APIContext) IsUserRepoWriter(unitTypes []unit.Type) bool {
|
||||||
return slices.ContainsFunc(unitTypes, ctx.Repo.CanWrite)
|
return slices.ContainsFunc(unitTypes, ctx.Repo.CanWrite)
|
||||||
}
|
}
|
||||||
|
|
||||||
// IsUserRepoWriter returns true if current user has write commit status privilege in current repo
|
|
||||||
func (ctx *APIContext) IsUserCommitStatusWriter(unitTypes []unit.Type) bool {
|
|
||||||
for _, unitType := range unitTypes {
|
|
||||||
// TODO
|
|
||||||
if ctx.Repo.CanWrite(unitType) {
|
|
||||||
return true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user