chore(projects): only pass users to checks
This commit is contained in:
parent
816da6bc50
commit
412a8ef654
|
|
@ -228,7 +228,7 @@ func (p *Project) ReadAll(s *xorm.Session, a web.Auth, search string, page int,
|
|||
}
|
||||
|
||||
if p.Expand == ProjectExpandableRights {
|
||||
err = addMaxRightToProjects(s, prs, a)
|
||||
err = addMaxRightToProjects(s, prs, doer)
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
|
|
@ -733,7 +733,7 @@ func addProjectDetails(s *xorm.Session, projects []*Project, a web.Auth) (err er
|
|||
return
|
||||
}
|
||||
|
||||
func addMaxRightToProjects(s *xorm.Session, projects []*Project, a web.Auth) (err error) {
|
||||
func addMaxRightToProjects(s *xorm.Session, projects []*Project, u *user.User) (err error) {
|
||||
projectIDs := make([]int64, 0, len(projects))
|
||||
for _, project := range projects {
|
||||
if getSavedFilterIDFromProjectID(project.ID) > 0 {
|
||||
|
|
@ -743,7 +743,7 @@ func addMaxRightToProjects(s *xorm.Session, projects []*Project, a web.Auth) (er
|
|||
projectIDs = append(projectIDs, project.ID)
|
||||
}
|
||||
|
||||
rights, err := checkRightsForProjects(s, a, projectIDs)
|
||||
rights, err := checkRightsForProjects(s, u, projectIDs)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -52,8 +52,10 @@ func (p *Project) CanWrite(s *xorm.Session, a web.Auth) (bool, error) {
|
|||
(shareAuth.Right == RightWrite || shareAuth.Right == RightAdmin), errIsArchived
|
||||
}
|
||||
|
||||
u := &user.User{ID: a.GetID()}
|
||||
|
||||
// Check if the user is either owner or can write to the project
|
||||
if originalProject.isOwner(&user.User{ID: a.GetID()}) {
|
||||
if originalProject.isOwner(u) {
|
||||
canWrite = true
|
||||
}
|
||||
|
||||
|
|
@ -61,7 +63,7 @@ func (p *Project) CanWrite(s *xorm.Session, a web.Auth) (bool, error) {
|
|||
return canWrite, errIsArchived
|
||||
}
|
||||
|
||||
canWrite, _, err = originalProject.checkRight(s, a, RightWrite, RightAdmin)
|
||||
canWrite, _, err = originalProject.checkRight(s, u, RightWrite, RightAdmin)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
|
@ -105,7 +107,7 @@ func (p *Project) CanRead(s *xorm.Session, a web.Auth) (bool, int, error) {
|
|||
(shareAuth.Right == RightRead || shareAuth.Right == RightWrite || shareAuth.Right == RightAdmin), int(shareAuth.Right), nil
|
||||
}
|
||||
|
||||
return p.checkRight(s, a, RightRead, RightWrite, RightAdmin)
|
||||
return p.checkRight(s, &user.User{ID: a.GetID()}, RightRead, RightWrite, RightAdmin)
|
||||
}
|
||||
|
||||
// CanUpdate checks if the user can update a project
|
||||
|
|
@ -191,13 +193,15 @@ func (p *Project) IsAdmin(s *xorm.Session, a web.Auth) (bool, error) {
|
|||
return originalProject.ID == shareAuth.ProjectID && shareAuth.Right == RightAdmin, nil
|
||||
}
|
||||
|
||||
u := &user.User{ID: a.GetID()}
|
||||
|
||||
// Check all the things
|
||||
// Check if the user is either owner or can write to the project
|
||||
// Owners are always admins
|
||||
if originalProject.isOwner(&user.User{ID: a.GetID()}) {
|
||||
if originalProject.isOwner(u) {
|
||||
return true, nil
|
||||
}
|
||||
is, _, err := originalProject.checkRight(s, a, RightAdmin)
|
||||
is, _, err := originalProject.checkRight(s, u, RightAdmin)
|
||||
return is, err
|
||||
}
|
||||
|
||||
|
|
@ -207,8 +211,8 @@ func (p *Project) isOwner(u *user.User) bool {
|
|||
}
|
||||
|
||||
// Checks n different rights for any given user
|
||||
func (p *Project) checkRight(s *xorm.Session, a web.Auth, rights ...Right) (bool, int, error) {
|
||||
projectRights, err := checkRightsForProjects(s, a, []int64{p.ID})
|
||||
func (p *Project) checkRight(s *xorm.Session, u *user.User, rights ...Right) (bool, int, error) {
|
||||
projectRights, err := checkRightsForProjects(s, u, []int64{p.ID})
|
||||
if err != nil {
|
||||
return false, 0, err
|
||||
}
|
||||
|
|
@ -231,16 +235,16 @@ type projectRight struct {
|
|||
MaxRight Right
|
||||
}
|
||||
|
||||
func checkRightsForProjects(s *xorm.Session, a web.Auth, projectIDs []int64) (projectRightMap map[int64]*projectRight, err error) {
|
||||
func checkRightsForProjects(s *xorm.Session, u *user.User, projectIDs []int64) (projectRightMap map[int64]*projectRight, err error) {
|
||||
projectRightMap = make(map[int64]*projectRight)
|
||||
args := []interface{}{
|
||||
a.GetID(),
|
||||
a.GetID(),
|
||||
a.GetID(),
|
||||
a.GetID(),
|
||||
a.GetID(),
|
||||
a.GetID(),
|
||||
a.GetID(),
|
||||
u.ID,
|
||||
u.ID,
|
||||
u.ID,
|
||||
u.ID,
|
||||
u.ID,
|
||||
u.ID,
|
||||
u.ID,
|
||||
}
|
||||
|
||||
err = s.SQL(`
|
||||
|
|
|
|||
Loading…
Reference in New Issue