From ad14f9c6405028a71e130351115c86a1e0e6c394 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Tue, 8 Feb 2022 03:14:50 +0000 Subject: [PATCH 1/4] Update the team sidebar to account for new permissions structure Fix #18572 Signed-off-by: Andrew Thornton --- routers/web/org/teams.go | 2 + templates/org/team/sidebar.tmpl | 82 ++++++++++++++++++++++++--------- 2 files changed, 62 insertions(+), 22 deletions(-) diff --git a/routers/web/org/teams.go b/routers/web/org/teams.go index 9b0212e56955..f6e09eb4c8da 100644 --- a/routers/web/org/teams.go +++ b/routers/web/org/teams.go @@ -311,6 +311,7 @@ func TeamMembers(ctx *context.Context) { ctx.ServerError("GetMembers", err) return } + ctx.Data["Units"] = unit_model.Units ctx.HTML(http.StatusOK, tplTeamMembers) } @@ -323,6 +324,7 @@ func TeamRepositories(ctx *context.Context) { ctx.ServerError("GetRepositories", err) return } + ctx.Data["Units"] = unit_model.Units ctx.HTML(http.StatusOK, tplTeamRepositories) } diff --git a/templates/org/team/sidebar.tmpl b/templates/org/team/sidebar.tmpl index 6ea08740f714..29bfbb98437d 100644 --- a/templates/org/team/sidebar.tmpl +++ b/templates/org/team/sidebar.tmpl @@ -25,31 +25,69 @@ {{.i18n.Tr "org.teams.no_desc"}} {{end}} - -
- {{if eq .Team.LowerName "owners"}} + {{if eq .Team.LowerName "owners"}} +
{{.i18n.Tr "org.teams.owners_permission_desc" | Str2html}} - {{else if (eq .Team.AccessMode 1)}} - {{if .Team.IncludesAllRepositories}} - {{.i18n.Tr "org.teams.all_repositories_read_permission_desc" | Str2html}} - {{else}} - {{.i18n.Tr "org.teams.read_permission_desc" | Str2html}} - {{end}} - {{else if (eq .Team.AccessMode 2)}} - {{if .Team.IncludesAllRepositories}} - {{.i18n.Tr "org.teams.all_repositories_write_permission_desc" | Str2html}} +
+ {{else}} +
+

{{.i18n.Tr "org.team_access_desc"}}

+
    + {{if .Team.IncludesAllRepositories}} +
  • {{.i18n.Tr "org.teams.all_repositories" | Str2html}} + {{else}} +
  • {{.i18n.Tr "org.teams.specific_repositories" | Str2html}} + {{end}} + {{if .Team.CanCreateOrgRepo}} +
  • {{.i18n.Tr "org.teams.can_create_org_repo"}} + {{end}} +
+ {{if (eq .Team.AccessMode 2)}} +

{{.i18n.Tr "org.settings.permission"}}

+ {{.i18n.Tr "org.teams.write_permission_desc"}} + {{else if (eq .Team.AccessMode 3)}} +

{{.i18n.Tr "org.settings.permission"}}

+ {{.i18n.Tr "org.teams.admin_permission_desc"}} {{else}} - {{.i18n.Tr "org.teams.write_permission_desc" | Str2html}} + + + + + + + + + {{range $t, $unit := $.Units}} + {{if and (ge $unit.MaxPerm 2) (not $unit.Type.UnitGlobalDisabled)}} + + + + + {{end}} + {{end}} + {{range $t, $unit := $.Units}} + {{if and (lt $unit.MaxPerm 2) (not $unit.Type.UnitGlobalDisabled)}} + + + + + {{end}} + {{end}} + +
{{.i18n.Tr "units.unit"}}{{.i18n.Tr "org.team_permission_desc"}}
{{$.i18n.Tr $unit.NameKey}}{{if eq ($.Team.UnitAccessMode $unit.Type) 0 -}} + {{$.i18n.Tr "org.teams.none_access"}} + {{- else if or (eq $.Team.ID 0) (eq ($.Team.UnitAccessMode $unit.Type) 1) -}} + {{$.i18n.Tr "org.teams.read_access"}} + {{- else if eq ($.Team.UnitAccessMode $unit.Type) 2 -}} + {{$.i18n.Tr "org.teams.write_access"}} + {{- end}}
{{$.i18n.Tr $unit.NameKey}}{{if eq ($.Team.UnitAccessMode $unit.Type) 0 -}} + {{$.i18n.Tr "org.teams.none_access"}} + {{- else if or (eq $.Team.ID 0) (eq ($.Team.UnitAccessMode $unit.Type) 1) -}} + {{$.i18n.Tr "org.teams.read_access"}} + {{- else if eq ($.Team.UnitAccessMode $unit.Type) 2 -}} + {{$.i18n.Tr "org.teams.write_access"}} + {{- end}}
{{end}} - {{else if (eq .Team.AccessMode 3)}} - {{if .Team.IncludesAllRepositories}} - {{.i18n.Tr "org.teams.all_repositories_admin_permission_desc" | Str2html}} - {{else}} - {{.i18n.Tr "org.teams.admin_permission_desc" | Str2html}} - {{end}} - {{end}} - {{if .Team.CanCreateOrgRepo}} -

{{.i18n.Tr "org.teams.create_repo_permission_desc" | Str2html}} {{end}}
From 3d9c4a40d75faf3a8f7e46712c77468ab0e81bde Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Tue, 8 Feb 2022 23:36:08 +0000 Subject: [PATCH 2/4] Change Assignee list to include any team member with WriteAccess Fix #18572 Signed-off-by: Andrew Thornton --- models/repo.go | 52 +++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 41 insertions(+), 11 deletions(-) diff --git a/models/repo.go b/models/repo.go index 2a857c43df07..131012fbeb33 100644 --- a/models/repo.go +++ b/models/repo.go @@ -150,27 +150,57 @@ func getRepoAssignees(ctx context.Context, repo *repo_model.Repository) (_ []*us } e := db.GetEngine(ctx) - accesses := make([]*Access, 0, 10) - if err = e. + userIDs := make([]int64, 0, 10) + if err = e.Table("access"). Where("repo_id = ? AND mode >= ?", repo.ID, perm.AccessModeWrite). - Find(&accesses); err != nil { + Distinct("id"). + Select("id"). + Find(&userIDs); err != nil { return nil, err } - // Leave a seat for owner itself to append later, but if owner is an organization - // and just waste 1 unit is cheaper than re-allocate memory once. - users := make([]*user_model.User, 0, len(accesses)+1) - if len(accesses) > 0 { - userIDs := make([]int64, len(accesses)) - for i := 0; i < len(accesses); i++ { - userIDs[i] = accesses[i].UserID + additionalUserIDs := make([]int64, 0, 10) + if err = e.Table("team_user"). + Join("INNER", "team_repo", "`team_repo`.team_id = `team_user`.team_id"). + Join("INNER", "team_unit", "`team_unit`.team_id = `team_user`.team_id"). + Where("`team_repo`.repo_id = ? AND `team_unit`.access_mode >= ?", repo.ID, perm.AccessModeWrite). + Distinct("`team_user`.uid"). + Select("`team_user`.uid"). + Find(&additionalUserIDs); err != nil { + return nil, err + } + + uidMap := map[int64]bool{} + i := 0 + for _, uid := range userIDs { + if uidMap[uid] { + continue + } + uidMap[uid] = true + userIDs[i] = uid + i++ + } + userIDs = userIDs[:i] + userIDs = append(userIDs, additionalUserIDs...) + + for _, uid := range additionalUserIDs { + if uidMap[uid] { + continue } + userIDs[i] = uid + i++ + } + userIDs = userIDs[:i] + // Leave a seat for owner itself to append later, but if owner is an organization + // and just waste 1 unit is cheaper than re-allocate memory once. + users := make([]*user_model.User, 0, len(userIDs)+1) + if len(userIDs) > 0 { if err = e.In("id", userIDs).Find(&users); err != nil { return nil, err } } - if !repo.Owner.IsOrganization() { + if !repo.Owner.IsOrganization() && !uidMap[repo.OwnerID] { users = append(users, repo.Owner) } From c93b511c4010bc48cafbd47ff74e7d60f4bcf292 Mon Sep 17 00:00:00 2001 From: zeripath Date: Wed, 9 Feb 2022 20:12:36 +0000 Subject: [PATCH 3/4] Update models/repo.go --- models/repo.go | 1 - 1 file changed, 1 deletion(-) diff --git a/models/repo.go b/models/repo.go index 131012fbeb33..c71d654f598f 100644 --- a/models/repo.go +++ b/models/repo.go @@ -153,7 +153,6 @@ func getRepoAssignees(ctx context.Context, repo *repo_model.Repository) (_ []*us userIDs := make([]int64, 0, 10) if err = e.Table("access"). Where("repo_id = ? AND mode >= ?", repo.ID, perm.AccessModeWrite). - Distinct("id"). Select("id"). Find(&userIDs); err != nil { return nil, err From f6e3575df8cbb781ca552eb9b6658d13873fcdbf Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Wed, 23 Feb 2022 21:13:36 +0000 Subject: [PATCH 4/4] remove duplicate Signed-off-by: Andrew Thornton --- templates/org/team/sidebar.tmpl | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/templates/org/team/sidebar.tmpl b/templates/org/team/sidebar.tmpl index 29bfbb98437d..2dec681b4c63 100644 --- a/templates/org/team/sidebar.tmpl +++ b/templates/org/team/sidebar.tmpl @@ -57,20 +57,6 @@ - {{range $t, $unit := $.Units}} - {{if and (ge $unit.MaxPerm 2) (not $unit.Type.UnitGlobalDisabled)}} - - {{$.i18n.Tr $unit.NameKey}} - {{if eq ($.Team.UnitAccessMode $unit.Type) 0 -}} - {{$.i18n.Tr "org.teams.none_access"}} - {{- else if or (eq $.Team.ID 0) (eq ($.Team.UnitAccessMode $unit.Type) 1) -}} - {{$.i18n.Tr "org.teams.read_access"}} - {{- else if eq ($.Team.UnitAccessMode $unit.Type) 2 -}} - {{$.i18n.Tr "org.teams.write_access"}} - {{- end}} - - {{end}} - {{end}} {{range $t, $unit := $.Units}} {{if and (lt $unit.MaxPerm 2) (not $unit.Type.UnitGlobalDisabled)}}