mirror of
https://github.com/go-gitea/gitea
synced 2025-01-20 14:44:27 +00:00
Fix branch_protection api shows users/teams who has no readAccess (#30291)
Add some logic in `convert.ToBranchProtection` to return only the names associated with readAccess instead of returning all names. This will ensure consistency in behavior between the frontend and backend. Fixes: #27694 --------- Co-authored-by: techknowlogick <techknowlogick@gitea.com> Co-authored-by: wenzhuo.zhang <wenzhuo.zhang@geely.com> Co-authored-by: Giteabot <teabot@gitea.io>
This commit is contained in:
parent
0798370f25
commit
02e183bf3f
@ -437,7 +437,7 @@ func GetBranchProtection(ctx *context.APIContext) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx.JSON(http.StatusOK, convert.ToBranchProtection(ctx, bp))
|
ctx.JSON(http.StatusOK, convert.ToBranchProtection(ctx, bp, repo))
|
||||||
}
|
}
|
||||||
|
|
||||||
// ListBranchProtections list branch protections for a repo
|
// ListBranchProtections list branch protections for a repo
|
||||||
@ -470,7 +470,7 @@ func ListBranchProtections(ctx *context.APIContext) {
|
|||||||
}
|
}
|
||||||
apiBps := make([]*api.BranchProtection, len(bps))
|
apiBps := make([]*api.BranchProtection, len(bps))
|
||||||
for i := range bps {
|
for i := range bps {
|
||||||
apiBps[i] = convert.ToBranchProtection(ctx, bps[i])
|
apiBps[i] = convert.ToBranchProtection(ctx, bps[i], repo)
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx.JSON(http.StatusOK, apiBps)
|
ctx.JSON(http.StatusOK, apiBps)
|
||||||
@ -681,7 +681,7 @@ func CreateBranchProtection(ctx *context.APIContext) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx.JSON(http.StatusCreated, convert.ToBranchProtection(ctx, bp))
|
ctx.JSON(http.StatusCreated, convert.ToBranchProtection(ctx, bp, repo))
|
||||||
}
|
}
|
||||||
|
|
||||||
// EditBranchProtection edits a branch protection for a repo
|
// EditBranchProtection edits a branch protection for a repo
|
||||||
@ -959,7 +959,7 @@ func EditBranchProtection(ctx *context.APIContext) {
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx.JSON(http.StatusOK, convert.ToBranchProtection(ctx, bp))
|
ctx.JSON(http.StatusOK, convert.ToBranchProtection(ctx, bp, repo))
|
||||||
}
|
}
|
||||||
|
|
||||||
// DeleteBranchProtection deletes a branch protection for a repo
|
// DeleteBranchProtection deletes a branch protection for a repo
|
||||||
|
@ -21,6 +21,7 @@ import (
|
|||||||
repo_model "code.gitea.io/gitea/models/repo"
|
repo_model "code.gitea.io/gitea/models/repo"
|
||||||
"code.gitea.io/gitea/models/unit"
|
"code.gitea.io/gitea/models/unit"
|
||||||
user_model "code.gitea.io/gitea/models/user"
|
user_model "code.gitea.io/gitea/models/user"
|
||||||
|
"code.gitea.io/gitea/modules/container"
|
||||||
"code.gitea.io/gitea/modules/git"
|
"code.gitea.io/gitea/modules/git"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
api "code.gitea.io/gitea/modules/structs"
|
api "code.gitea.io/gitea/modules/structs"
|
||||||
@ -105,33 +106,46 @@ func ToBranch(ctx context.Context, repo *repo_model.Repository, branchName strin
|
|||||||
return branch, nil
|
return branch, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// getWhitelistEntities returns the names of the entities that are in the whitelist
|
||||||
|
func getWhitelistEntities[T *user_model.User | *organization.Team](entities []T, whitelistIDs []int64) []string {
|
||||||
|
whitelistUserIDsSet := container.SetOf(whitelistIDs...)
|
||||||
|
whitelistNames := make([]string, 0)
|
||||||
|
for _, entity := range entities {
|
||||||
|
switch v := any(entity).(type) {
|
||||||
|
case *user_model.User:
|
||||||
|
if whitelistUserIDsSet.Contains(v.ID) {
|
||||||
|
whitelistNames = append(whitelistNames, v.Name)
|
||||||
|
}
|
||||||
|
case *organization.Team:
|
||||||
|
if whitelistUserIDsSet.Contains(v.ID) {
|
||||||
|
whitelistNames = append(whitelistNames, v.Name)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return whitelistNames
|
||||||
|
}
|
||||||
|
|
||||||
// ToBranchProtection convert a ProtectedBranch to api.BranchProtection
|
// ToBranchProtection convert a ProtectedBranch to api.BranchProtection
|
||||||
func ToBranchProtection(ctx context.Context, bp *git_model.ProtectedBranch) *api.BranchProtection {
|
func ToBranchProtection(ctx context.Context, bp *git_model.ProtectedBranch, repo *repo_model.Repository) *api.BranchProtection {
|
||||||
pushWhitelistUsernames, err := user_model.GetUserNamesByIDs(ctx, bp.WhitelistUserIDs)
|
readers, err := access_model.GetRepoReaders(ctx, repo)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("GetUserNamesByIDs (WhitelistUserIDs): %v", err)
|
log.Error("GetRepoReaders: %v", err)
|
||||||
}
|
}
|
||||||
mergeWhitelistUsernames, err := user_model.GetUserNamesByIDs(ctx, bp.MergeWhitelistUserIDs)
|
|
||||||
|
pushWhitelistUsernames := getWhitelistEntities(readers, bp.WhitelistUserIDs)
|
||||||
|
mergeWhitelistUsernames := getWhitelistEntities(readers, bp.MergeWhitelistUserIDs)
|
||||||
|
approvalsWhitelistUsernames := getWhitelistEntities(readers, bp.ApprovalsWhitelistUserIDs)
|
||||||
|
|
||||||
|
teamReaders, err := organization.OrgFromUser(repo.Owner).TeamsWithAccessToRepo(ctx, repo.ID, perm.AccessModeRead)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("GetUserNamesByIDs (MergeWhitelistUserIDs): %v", err)
|
log.Error("Repo.Owner.TeamsWithAccessToRepo: %v", err)
|
||||||
}
|
|
||||||
approvalsWhitelistUsernames, err := user_model.GetUserNamesByIDs(ctx, bp.ApprovalsWhitelistUserIDs)
|
|
||||||
if err != nil {
|
|
||||||
log.Error("GetUserNamesByIDs (ApprovalsWhitelistUserIDs): %v", err)
|
|
||||||
}
|
|
||||||
pushWhitelistTeams, err := organization.GetTeamNamesByID(ctx, bp.WhitelistTeamIDs)
|
|
||||||
if err != nil {
|
|
||||||
log.Error("GetTeamNamesByID (WhitelistTeamIDs): %v", err)
|
|
||||||
}
|
|
||||||
mergeWhitelistTeams, err := organization.GetTeamNamesByID(ctx, bp.MergeWhitelistTeamIDs)
|
|
||||||
if err != nil {
|
|
||||||
log.Error("GetTeamNamesByID (MergeWhitelistTeamIDs): %v", err)
|
|
||||||
}
|
|
||||||
approvalsWhitelistTeams, err := organization.GetTeamNamesByID(ctx, bp.ApprovalsWhitelistTeamIDs)
|
|
||||||
if err != nil {
|
|
||||||
log.Error("GetTeamNamesByID (ApprovalsWhitelistTeamIDs): %v", err)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pushWhitelistTeams := getWhitelistEntities(teamReaders, bp.WhitelistTeamIDs)
|
||||||
|
mergeWhitelistTeams := getWhitelistEntities(teamReaders, bp.MergeWhitelistTeamIDs)
|
||||||
|
approvalsWhitelistTeams := getWhitelistEntities(teamReaders, bp.ApprovalsWhitelistTeamIDs)
|
||||||
|
|
||||||
branchName := ""
|
branchName := ""
|
||||||
if !git_model.IsRuleNameSpecial(bp.RuleName) {
|
if !git_model.IsRuleNameSpecial(bp.RuleName) {
|
||||||
branchName = bp.RuleName
|
branchName = bp.RuleName
|
||||||
|
Loading…
x
Reference in New Issue
Block a user