Check user instead of organization when creating a repo from a template via API

[ijaureguialzo]

API documentation for repos/generate action implemented on #15958 says for the owner parameter: The organization or person who will own the new repository.

Current code only checks if destination owner is an organization and error is given if trying to copy a template to another user.

Checking for user instead of organization allows for both targets.

[codecov-commenter]

Codecov Report

Merging #16346 (6b507cb) into main (ff69dff) will decrease coverage by 0.01%.
The diff coverage is 14.28%.

@@            Coverage Diff             @@
##             main   #16346      +/-   ##
==========================================
- Coverage   45.43%   45.42%   -0.02%     
==========================================
  Files         717      717              
  Lines       84177    84180       +3     
==========================================
- Hits        38250    38239      -11     
- Misses      39780    39793      +13     
- Partials     6147     6148       +1     

Impacted Files	Coverage Δ
routers/api/v1/repo/repo.go	54.54% <14.28%> (-0.35%)	⬇️
services/pull/temp_repo.go	25.77% <0.00%> (-4.13%)	⬇️
modules/charset/charset.go	71.71% <0.00%> (-4.05%)	⬇️
services/pull/check.go	25.51% <0.00%> (-2.76%)	⬇️
services/pull/patch.go	54.23% <0.00%> (-1.70%)	⬇️
models/repo_list.go	77.04% <0.00%> (-0.78%)	⬇️
modules/queue/workerpool.go	54.96% <0.00%> (+1.14%)	⬆️
modules/util/timer.go	85.71% <0.00%> (+42.85%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ff69dff...6b507cb. Read the comment docs.

[a1012112796]

Not sure in curent design, whether user can create new repo for another user, and if yes, which permission should be request ...

/cc @lunny

[ijaureguialzo]

At least, admins should be able to do the copy to another user's account.

I'm using this feature in a Learning Management System and before this feature was available, I had to use repos/migrate to create copies of the repos for the students from base repos owned by root user.

This is much more convenient and efficient.

[6543]

Well for admins we have the sudo header

[zeripath]

At present just use Sudo.

For other non-admin users we would need to think a bit more about authorization.

[zeripath]

Use SUDO instead.

[ijaureguialzo]

At present just use Sudo.

For other non-admin users we would need to think a bit more about authorization.

It's not a problem of permissions, it's that this endpoint, using an API call token from a root account, doesn't work.

Documentation says that the repo can be copied to an org or user, and it doesn't, it only copies if destination is an organization, that's what I was trying to solve.

[6543]

@zeripath should we realy enforce sudo header?
-> from permissions it wont make a difference

@ijaureguialzo you can solve your problem with a sudo header

[ijaureguialzo]

Sorry, @6543, could you explain me how? I don't understand how sudo can solve my problem.

My goal is to be able to copy an admin-owned private repo to another random user on the system (I'm creating tasks for my students).

I'm using this PHP code to query the Gitea API:

$request = self::$client->post("repos/$repositorio/generate", [
    'headers' => [
        'Authorization' => 'token ' . config('gitea.token'),
        'Accept' => 'application/json',
    ],
    'json' => [
        "owner" => $username,
        "name" => $destination,
        "private" => true,
        "git_content" => true,
        "description" => $description,
    ]
]);

The gitea.token is a token created from an admin account (root) and I can make other operations (repository deletions for example).

If I try to run that code and copy a repo named task-repo owned by root to student, a normal user on the system, I get this log message: {"error":"request owner 'task-repo' is not exist"}

The log message itself is wrong, but looking at the source I realized that ever if I have full permissions, if I'm not the owner of the repository and the destination is not and org, the copy is not allowed; and documentation says it should be.

With the patch I submitted, the copy is made correctly and fails if the destination user or organization doesn't exist.

Thanks in advance for your time.

[6543]

I have to agree if the repo is private sudo wont work

[zeripath]

You're creating repos for other users. We don't have that functionality yet and haven't properly considered the consequences of doing so.

We'd really need to completely double check that this actually does the permissions checks properly and really does handle all of the counters properly.

[a1012112796]

Hmm, In my view. I'd like add a new api for admin to generate repo for other user. for example:
/admin/users/{username}/repos/generate

like:
https://try.gitea.io/api/swagger#/admin/adminCreateRepo

[ijaureguialzo]

Hmm, In my view. I'd like add a new api for admin to generate repo for other user. for example:
/admin/users/{username}/repos/generate

like:
https://try.gitea.io/api/swagger#/admin/adminCreateRepo

That would be great but I don't have enough profiency with Gitea's code, so, can't help much with that.

[zeripath]

OK on deeper looking I think this would work

[a1012112796]

index 9c534a194..5e0228fdb 100644
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@@ -387,6 +387,11 @@ func Generate(ctx *context.APIContext) {
                        return
                }
 
+               if !ctx.User.IsAdmin && !ctxUser.IsOrganization() {
+                       ctx.Error(http.StatusForbidden, "", "Only admin can generate repository for other user.")
+                       return
+               }
+
                if !ctx.User.IsAdmin {
                        canCreate, err := ctxUser.CanCreateOrgRepo(ctx.User.ID)
                        if err != nil {

My suggestion about permission check.

[ijaureguialzo]

Thank you for the approval @a1012112796. Will this changes make it to 1.15? I see it's marked for 1.16 milestone.

[zeripath]

I'm afraid it won't make 1.15.

[ijaureguialzo]

Great, thank you all for your help.