Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-06-17 20:27:10 +02:00
Code Issues Activity

Merge 8f7c155a98a71c43ec2a15504380acb47b3a5fc7 into c68925152b1b6c8f92806cdbda9c4672dcc1608f

Browse Source
This commit is contained in:
Ross Golder 2026-06-18 01:01:31 +09:00 committed by GitHub
commit bc7d3abb75
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 35 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
models/perm/access/access.go
View File

@ -231,10 +231,7 @@ func RecalculateTeamAccesses(ctx context.Context, repo *repo_model.Repository, i
// RecalculateUserAccess recalculates new access for a single user
// Usable if we know access only affected one user
func RecalculateUserAccess(ctx context.Context, repo *repo_model.Repository, uid int64) (err error) {
minMode := perm.AccessModeRead
if !repo.IsPrivate {
minMode = perm.AccessModeWrite
}
minMode := perm.AccessModeNone
accessMode := perm.AccessModeNone
e := db.GetEngine(ctx)
@ -270,7 +267,7 @@ func RecalculateUserAccess(ctx context.Context, repo *repo_model.Repository, uid
// Delete old user accesses and insert new one for repository.
if _, err = e.Delete(&Access{RepoID: repo.ID, UserID: uid}); err != nil {
return fmt.Errorf("delete old user accesses: %w", err)
} else if accessMode >= minMode {
} else if accessMode > minMode {
if err = db.Insert(ctx, &Access{RepoID: repo.ID, UserID: uid, Mode: accessMode}); err != nil {
return fmt.Errorf("insert new user accesses: %w", err)
}

33
models/perm/access/access_test.go
View File

@ -26,6 +26,7 @@ func TestAccess(t *testing.T) {
t.Run("RecalculateAccesses2", testRecalculateAccesses2)
t.Run("RecalculateAccessesUpdateMode", testRecalculateAccessesUpdateMode)
t.Run("RecalculateAccessesRemoveAccess", testRecalculateAccessesRemoveAccess)
t.Run("RecalculateUserAccess", testRecalculateUserAccess)
}
func testAccessLevel(t *testing.T) {
@ -201,3 +202,35 @@ func testRecalculateAccessesRemoveAccess(t *testing.T) {
assert.NoError(t, err)
assert.False(t, has, "Access should be deleted after removing collaboration")
}
func testRecalculateUserAccess(t *testing.T) {
t.Run("NoAccessForUserWithoutCollaboration", func(t *testing.T) {
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 4})
assert.NoError(t, repo.LoadOwner(t.Context()))
userID := int64(8)
_, _ = db.GetEngine(t.Context()).Where("user_id = ? AND repo_id = ?", userID, repo.ID).Delete(&access_model.Access{})
assert.NoError(t, access_model.RecalculateUserAccess(t.Context(), repo, userID))
access := &access_model.Access{UserID: userID, RepoID: repo.ID}
has, err := db.GetEngine(t.Context()).Get(access)
assert.NoError(t, err)
assert.False(t, has, "User without collaboration/team membership should have no access record")
})
t.Run("CollaboratorGetsAccess", func(t *testing.T) {
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 4})
assert.NoError(t, repo.LoadOwner(t.Context()))
userID := int64(4)
_ = db.Insert(t.Context(), &repo_model.Collaboration{UserID: userID, RepoID: repo.ID, Mode: perm_model.AccessModeWrite})
assert.NoError(t, access_model.RecalculateUserAccess(t.Context(), repo, userID))
access := &access_model.Access{UserID: userID, RepoID: repo.ID}
has, err := db.GetEngine(t.Context()).Get(access)
assert.NoError(t, err)
assert.True(t, has)
assert.Equal(t, perm_model.AccessModeWrite, access.Mode)
})
}