Skip to content

Commit

Permalink
Update assignees check to include any writing team and change org sid…
Browse files Browse the repository at this point in the history
…ebar (#18680) (#18873)

Backport #18680

Following the merging of #17811 teams can now have differing write and readonly permissions, however the assignee list will not include teams which have mixed perms.

Further the org sidebar is no longer helpful as it can't describe these mixed permissions situations.

Fix #18572

Signed-off-by: Andrew Thornton <art27@cantab.net>
  • Loading branch information
zeripath authored Feb 24, 2022
1 parent 6591f87 commit 81b29d6
Show file tree
Hide file tree
Showing 3 changed files with 88 additions and 33 deletions.
51 changes: 40 additions & 11 deletions models/repo.go
Original file line number Diff line number Diff line change
Expand Up @@ -150,27 +150,56 @@ func getRepoAssignees(ctx context.Context, repo *repo_model.Repository) (_ []*us
}

e := db.GetEngine(ctx)
accesses := make([]*Access, 0, 10)
if err = e.
userIDs := make([]int64, 0, 10)
if err = e.Table("access").
Where("repo_id = ? AND mode >= ?", repo.ID, perm.AccessModeWrite).
Find(&accesses); err != nil {
Select("id").
Find(&userIDs); err != nil {
return nil, err
}

// Leave a seat for owner itself to append later, but if owner is an organization
// and just waste 1 unit is cheaper than re-allocate memory once.
users := make([]*user_model.User, 0, len(accesses)+1)
if len(accesses) > 0 {
userIDs := make([]int64, len(accesses))
for i := 0; i < len(accesses); i++ {
userIDs[i] = accesses[i].UserID
additionalUserIDs := make([]int64, 0, 10)
if err = e.Table("team_user").
Join("INNER", "team_repo", "`team_repo`.team_id = `team_user`.team_id").
Join("INNER", "team_unit", "`team_unit`.team_id = `team_user`.team_id").
Where("`team_repo`.repo_id = ? AND `team_unit`.access_mode >= ?", repo.ID, perm.AccessModeWrite).
Distinct("`team_user`.uid").
Select("`team_user`.uid").
Find(&additionalUserIDs); err != nil {
return nil, err
}

uidMap := map[int64]bool{}
i := 0
for _, uid := range userIDs {
if uidMap[uid] {
continue
}
uidMap[uid] = true
userIDs[i] = uid
i++
}
userIDs = userIDs[:i]
userIDs = append(userIDs, additionalUserIDs...)

for _, uid := range additionalUserIDs {
if uidMap[uid] {
continue
}
userIDs[i] = uid
i++
}
userIDs = userIDs[:i]

// Leave a seat for owner itself to append later, but if owner is an organization
// and just waste 1 unit is cheaper than re-allocate memory once.
users := make([]*user_model.User, 0, len(userIDs)+1)
if len(userIDs) > 0 {
if err = e.In("id", userIDs).Find(&users); err != nil {
return nil, err
}
}
if !repo.Owner.IsOrganization() {
if !repo.Owner.IsOrganization() && !uidMap[repo.OwnerID] {
users = append(users, repo.Owner)
}

Expand Down
2 changes: 2 additions & 0 deletions routers/web/org/teams.go
Original file line number Diff line number Diff line change
Expand Up @@ -311,6 +311,7 @@ func TeamMembers(ctx *context.Context) {
ctx.ServerError("GetMembers", err)
return
}
ctx.Data["Units"] = unit_model.Units
ctx.HTML(http.StatusOK, tplTeamMembers)
}

Expand All @@ -323,6 +324,7 @@ func TeamRepositories(ctx *context.Context) {
ctx.ServerError("GetRepositories", err)
return
}
ctx.Data["Units"] = unit_model.Units
ctx.HTML(http.StatusOK, tplTeamRepositories)
}

Expand Down
68 changes: 46 additions & 22 deletions templates/org/team/sidebar.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -25,31 +25,55 @@
<span class="text grey italic">{{.i18n.Tr "org.teams.no_desc"}}</span>
{{end}}
</div>

<div class="item">
{{if eq .Team.LowerName "owners"}}
{{if eq .Team.LowerName "owners"}}
<div class="item">
{{.i18n.Tr "org.teams.owners_permission_desc" | Str2html}}
{{else if (eq .Team.AccessMode 1)}}
{{if .Team.IncludesAllRepositories}}
{{.i18n.Tr "org.teams.all_repositories_read_permission_desc" | Str2html}}
{{else}}
{{.i18n.Tr "org.teams.read_permission_desc" | Str2html}}
{{end}}
{{else if (eq .Team.AccessMode 2)}}
{{if .Team.IncludesAllRepositories}}
{{.i18n.Tr "org.teams.all_repositories_write_permission_desc" | Str2html}}
</div>
{{else}}
<div class="item">
<h3>{{.i18n.Tr "org.team_access_desc"}}</h3>
<ul>
{{if .Team.IncludesAllRepositories}}
<li>{{.i18n.Tr "org.teams.all_repositories" | Str2html}}
{{else}}
<li>{{.i18n.Tr "org.teams.specific_repositories" | Str2html}}
{{end}}
{{if .Team.CanCreateOrgRepo}}
<li>{{.i18n.Tr "org.teams.can_create_org_repo"}}
{{end}}
</ul>
{{if (eq .Team.AccessMode 2)}}
<h3>{{.i18n.Tr "org.settings.permission"}}</h3>
{{.i18n.Tr "org.teams.write_permission_desc"}}
{{else if (eq .Team.AccessMode 3)}}
<h3>{{.i18n.Tr "org.settings.permission"}}</h3>
{{.i18n.Tr "org.teams.admin_permission_desc"}}
{{else}}
{{.i18n.Tr "org.teams.write_permission_desc" | Str2html}}
<table class="ui table">
<thead>
<tr>
<th>{{.i18n.Tr "units.unit"}}</th>
<th>{{.i18n.Tr "org.team_permission_desc"}}</th>
</tr>
</thead>
<tbody>
{{range $t, $unit := $.Units}}
{{if and (lt $unit.MaxPerm 2) (not $unit.Type.UnitGlobalDisabled)}}
<tr>
<td><strong>{{$.i18n.Tr $unit.NameKey}}</strong></td>
<td>{{if eq ($.Team.UnitAccessMode $unit.Type) 0 -}}
{{$.i18n.Tr "org.teams.none_access"}}
{{- else if or (eq $.Team.ID 0) (eq ($.Team.UnitAccessMode $unit.Type) 1) -}}
{{$.i18n.Tr "org.teams.read_access"}}
{{- else if eq ($.Team.UnitAccessMode $unit.Type) 2 -}}
{{$.i18n.Tr "org.teams.write_access"}}
{{- end}}</td>
</tr>
{{end}}
{{end}}
</tbody>
</table>
{{end}}
{{else if (eq .Team.AccessMode 3)}}
{{if .Team.IncludesAllRepositories}}
{{.i18n.Tr "org.teams.all_repositories_admin_permission_desc" | Str2html}}
{{else}}
{{.i18n.Tr "org.teams.admin_permission_desc" | Str2html}}
{{end}}
{{end}}
{{if .Team.CanCreateOrgRepo}}
<br><br>{{.i18n.Tr "org.teams.create_repo_permission_desc" | Str2html}}
{{end}}
</div>
</div>
Expand Down

0 comments on commit 81b29d6

Please sign in to comment.