1
1
mirror of https://github.com/go-gitea/gitea synced 2025-07-22 18:28:37 +00:00

Restricted users (#6274)

* Restricted users (#4334): initial implementation

* Add User.IsRestricted & UI to edit it

* Pass user object instead of user id to places where IsRestricted flag matters

* Restricted users: maintain access rows for all referenced repos (incl public)

* Take logged in user & IsRestricted flag into account in org/repo listings, searches and accesses

* Add basic repo access tests for restricted users

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* Mention restricted users in the faq

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* Revert unnecessary change `.isUserPartOfOrg` -> `.IsUserPartOfOrg`

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* Remove unnecessary `org.IsOrganization()` call

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* Revert to an `int64` keyed `accessMap`

* Add type `userAccess`
* Add convenience func updateUserAccess()
* Turn accessMap into a `map[int64]userAccess`

Signed-off-by: Manush Dodunekov <manush@stendahls.se>

* or even better: `map[int64]*userAccess`

* updateUserAccess(): use tighter syntax as suggested by lafriks

* even tighter

* Avoid extra loop

* Don't disclose limited orgs to unauthenticated users

* Don't assume block only applies to orgs

* Use an array of `VisibleType` for filtering

* fix yet another thinko

* Ok - no need for u

* Revert "Ok - no need for u"

This reverts commit 5c3e886aab.

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
This commit is contained in:
Manush Dodunekov
2020-01-13 19:33:46 +02:00
committed by Antoine GIRARD
parent 0b3aaa6196
commit 1751d5fcf2
31 changed files with 310 additions and 124 deletions

View File

@@ -72,10 +72,11 @@ func Home(ctx *context.Context) {
// RepoSearchOptions when calling search repositories
type RepoSearchOptions struct {
OwnerID int64
Private bool
PageSize int
TplName base.TplName
OwnerID int64
Private bool
Restricted bool
PageSize int
TplName base.TplName
}
var (
@@ -136,6 +137,7 @@ func RenderRepoSearch(ctx *context.Context, opts *RepoSearchOptions) {
ctx.Data["TopicOnly"] = topicOnly
repos, count, err = models.SearchRepository(&models.SearchRepoOptions{
Actor: ctx.User,
Page: page,
PageSize: opts.PageSize,
OrderBy: orderBy,
@@ -190,6 +192,7 @@ func RenderUserSearch(ctx *context.Context, opts *models.SearchUserOptions, tplN
if opts.Page <= 1 {
opts.Page = 1
}
opts.Actor = ctx.User
var (
users []*models.User
@@ -261,22 +264,16 @@ func ExploreOrganizations(ctx *context.Context) {
ctx.Data["PageIsExploreOrganizations"] = true
ctx.Data["IsRepoIndexerEnabled"] = setting.Indexer.RepoIndexerEnabled
var ownerID int64
if ctx.User != nil && !ctx.User.IsAdmin {
ownerID = ctx.User.ID
visibleTypes := []structs.VisibleType{structs.VisibleTypePublic}
if ctx.User != nil {
visibleTypes = append(visibleTypes, structs.VisibleTypeLimited, structs.VisibleTypePrivate)
}
opts := models.SearchUserOptions{
RenderUserSearch(ctx, &models.SearchUserOptions{
Type: models.UserTypeOrganization,
PageSize: setting.UI.ExplorePagingNum,
OwnerID: ownerID,
}
if ctx.User != nil {
opts.Visible = []structs.VisibleType{structs.VisibleTypePublic, structs.VisibleTypeLimited, structs.VisibleTypePrivate}
} else {
opts.Visible = []structs.VisibleType{structs.VisibleTypePublic}
}
RenderUserSearch(ctx, &opts, tplExploreOrganizations)
Visible: visibleTypes,
}, tplExploreOrganizations)
}
// ExploreCode render explore code page
@@ -310,7 +307,7 @@ func ExploreCode(ctx *context.Context) {
// guest user or non-admin user
if ctx.User == nil || !isAdmin {
repoIDs, err = models.FindUserAccessibleRepoIDs(userID)
repoIDs, err = models.FindUserAccessibleRepoIDs(ctx.User)
if err != nil {
ctx.ServerError("SearchResults", err)
return