Handle user repositories as well, and only add access if minimum mode

go-gitea · Oct 12, 2019 · 42f60be · 42f60be
1 parent 2bb003c
commit 42f60be
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 24 deletions.
diff --git a/models/access.go b/models/access.go
@@ -249,37 +249,46 @@ func (repo *Repository) recalculateTeamAccesses(e Engine, ignTeamID int64) (err
 // recalculateUserAccess recalculates new access for a single user
 // Usable if we know access only affected one user
 func (repo *Repository) recalculateUserAccess(e Engine, uid int64) (err error) {
-	access := AccessModeNone
+	minMode := AccessModeRead
+	if !repo.IsPrivate {
+		minMode = AccessModeWrite
+	}
+
+	accessMode := AccessModeNone
 	collaborator, err := repo.getCollaboration(e, uid)
 	if err != nil {
 		return err
 	} else if collaborator != nil {
-		access = collaborator.Mode
-	}
-
-	var teams []Team
-	if err := e.Join("INNER", "team_repo", "team_repo.team_id = team.id").
-		Join("INNER", "team_user", "team_user.team_id = team.id").
-		Where("team.org_id = ?", repo.OwnerID).
-		And("team_repo.repo_id=?", repo.ID).
-		And("team_user.uid=?", uid).
-		Find(&teams); err != nil {
-		return err
+		accessMode = collaborator.Mode
 	}
 
-	for _, t := range teams {
-		if t.IsOwnerTeam() {
-			t.Authorize = AccessModeOwner
+	if repo.Owner.IsOrganization() {
+		var teams []Team
+		if err := e.Join("INNER", "team_repo", "team_repo.team_id = team.id").
+			Join("INNER", "team_user", "team_user.team_id = team.id").
+			Where("team.org_id = ?", repo.OwnerID).
+			And("team_repo.repo_id=?", repo.ID).
+			And("team_user.uid=?", uid).
+			Find(&teams); err != nil {
+			return err
 		}
 
-		access = maxAccessMode(access, t.Authorize)
+		for _, t := range teams {
+			if t.IsOwnerTeam() {
+				t.Authorize = AccessModeOwner
+			}
+
+			accessMode = maxAccessMode(accessMode, t.Authorize)
+		}
 	}
 
 	// Delete old user accesses and insert new one for repository.
 	if _, err = e.Delete(&Access{RepoID: repo.ID, UserID: uid}); err != nil {
 		return fmt.Errorf("delete old user accesses: %v", err)
-	} else if _, err = e.Insert(&Access{RepoID: repo.ID, UserID: uid, Mode: access}); err != nil {
-		return fmt.Errorf("insert new user accesses: %v", err)
+	} else if accessMode >= minMode {
+		if _, err = e.Insert(&Access{RepoID: repo.ID, UserID: uid, Mode: accessMode}); err != nil {
+			return fmt.Errorf("insert new user accesses: %v", err)
+		}
 	}
 	return nil
 }

diff --git a/models/repo_collaboration.go b/models/repo_collaboration.go
@@ -41,12 +41,7 @@ func (repo *Repository) AddCollaborator(u *User) error {
 		return err
 	}
 
-	if repo.Owner.IsOrganization() {
-		err = repo.recalculateUserAccess(sess, u.ID)
-	} else {
-		err = repo.recalculateAccesses(sess)
-	}
-	if err != nil {
+	if err = repo.recalculateUserAccess(sess, u.ID); err != nil {
 		return fmt.Errorf("recalculateAccesses 'team=%v': %v", repo.Owner.IsOrganization(), err)
 	}