mirror of
https://github.com/go-gitea/gitea
synced 2025-07-22 18:28:37 +00:00
Fix ignored errors when checking if organization, team member (#3177)
This commit is contained in:
Ethan Koenig
Lauris BH
@@ -475,6 +475,26 @@ func NewIssuePost(ctx *context.Context, form auth.CreateIssueForm) {
|
||||
ctx.Redirect(ctx.Repo.RepoLink + "/issues/" + com.ToStr(issue.Index))
|
||||
}
|
||||
|
||||
// commentTag returns the CommentTag for a comment in/with the given repo, poster and issue
|
||||
func commentTag(repo *models.Repository, poster *models.User, issue *models.Issue) (models.CommentTag, error) {
|
||||
if repo.IsOwnedBy(poster.ID) {
|
||||
return models.CommentTagOwner, nil
|
||||
} else if repo.Owner.IsOrganization() {
|
||||
isOwner, err := repo.Owner.IsOwnedBy(poster.ID)
|
||||
if err != nil {
|
||||
return models.CommentTagNone, err
|
||||
} else if isOwner {
|
||||
return models.CommentTagOwner, nil
|
||||
}
|
||||
}
|
||||
if poster.IsWriterOfRepo(repo) {
|
||||
return models.CommentTagWriter, nil
|
||||
} else if poster.ID == issue.PosterID {
|
||||
return models.CommentTagPoster, nil
|
||||
}
|
||||
return models.CommentTagNone, nil
|
||||
}
|
||||
|
||||
// ViewIssue render issue view page
|
||||
func ViewIssue(ctx *context.Context) {
|
||||
ctx.Data["RequireHighlightJS"] = true
|
||||
@@ -644,15 +664,11 @@ func ViewIssue(ctx *context.Context) {
|
||||
continue
|
||||
}
|
||||
|
||||
if repo.IsOwnedBy(comment.PosterID) ||
|
||||
(repo.Owner.IsOrganization() && repo.Owner.IsOwnedBy(comment.PosterID)) {
|
||||
comment.ShowTag = models.CommentTagOwner
|
||||
} else if comment.Poster.IsWriterOfRepo(repo) {
|
||||
comment.ShowTag = models.CommentTagWriter
|
||||
} else if comment.PosterID == issue.PosterID {
|
||||
comment.ShowTag = models.CommentTagPoster
|
||||
comment.ShowTag, err = commentTag(repo, comment.Poster, issue)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "commentTag", err)
|
||||
return
|
||||
}
|
||||
|
||||
marked[comment.PosterID] = comment.ShowTag
|
||||
|
||||
isAdded := false
|
||||
|
||||
@@ -173,7 +173,11 @@ func ForkPost(ctx *context.Context, form auth.CreateRepoForm) {
|
||||
|
||||
// Check ownership of organization.
|
||||
if ctxUser.IsOrganization() {
|
||||
if !ctxUser.IsOwnedBy(ctx.User.ID) {
|
||||
isOwner, err := ctxUser.IsOwnedBy(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "IsOwnedBy", err)
|
||||
return
|
||||
} else if !isOwner {
|
||||
ctx.Error(403)
|
||||
return
|
||||
}
|
||||
|
||||
@@ -74,10 +74,20 @@ func checkContextUser(ctx *context.Context, uid int64) *models.User {
|
||||
}
|
||||
|
||||
// Check ownership of organization.
|
||||
if !org.IsOrganization() || !(ctx.User.IsAdmin || org.IsOwnedBy(ctx.User.ID)) {
|
||||
if !org.IsOrganization() {
|
||||
ctx.Error(403)
|
||||
return nil
|
||||
}
|
||||
if !ctx.User.IsAdmin {
|
||||
isOwner, err := org.IsOwnedBy(ctx.User.ID)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "IsOwnedBy", err)
|
||||
return nil
|
||||
} else if !isOwner {
|
||||
ctx.Error(403)
|
||||
return nil
|
||||
}
|
||||
}
|
||||
return org
|
||||
}
|
||||
|
||||
|
||||
@@ -234,13 +234,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
|
||||
return
|
||||
}
|
||||
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(404)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if !repo.IsMirror {
|
||||
ctx.Error(404)
|
||||
return
|
||||
@@ -268,13 +261,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
|
||||
return
|
||||
}
|
||||
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(404)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
newOwner := ctx.Query("new_owner_name")
|
||||
isExist, err := models.IsUserExist(0, newOwner)
|
||||
if err != nil {
|
||||
@@ -307,13 +293,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
|
||||
return
|
||||
}
|
||||
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(404)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if err := models.DeleteRepository(ctx.User, ctx.Repo.Owner.ID, repo.ID); err != nil {
|
||||
ctx.Handle(500, "DeleteRepository", err)
|
||||
return
|
||||
@@ -333,13 +312,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
|
||||
return
|
||||
}
|
||||
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.ID) {
|
||||
ctx.Error(404)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
repo.DeleteWiki()
|
||||
log.Trace("Repository wiki deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
|
||||
|
||||
@@ -393,10 +365,16 @@ func CollaborationPost(ctx *context.Context) {
|
||||
}
|
||||
|
||||
// Check if user is organization member.
|
||||
if ctx.Repo.Owner.IsOrganization() && ctx.Repo.Owner.IsOrgMember(u.ID) {
|
||||
ctx.Flash.Info(ctx.Tr("repo.settings.user_is_org_member"))
|
||||
ctx.Redirect(ctx.Repo.RepoLink + "/settings/collaboration")
|
||||
return
|
||||
if ctx.Repo.Owner.IsOrganization() {
|
||||
isMember, err := ctx.Repo.Owner.IsOrgMember(u.ID)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "IsOrgMember", err)
|
||||
return
|
||||
} else if isMember {
|
||||
ctx.Flash.Info(ctx.Tr("repo.settings.user_is_org_member"))
|
||||
ctx.Redirect(ctx.Repo.RepoLink + "/settings/collaboration")
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if err = ctx.Repo.Repository.AddCollaborator(u); err != nil {
|
||||
|
||||
Reference in New Issue
Block a user