From 81b29d6263aff460e8321464a8e473efac7a103d Mon Sep 17 00:00:00 2001 From: zeripath Date: Thu, 24 Feb 2022 01:22:46 +0000 Subject: [PATCH] Update assignees check to include any writing team and change org sidebar (#18680) (#18873) Backport #18680 Following the merging of #17811 teams can now have differing write and readonly permissions, however the assignee list will not include teams which have mixed perms. Further the org sidebar is no longer helpful as it can't describe these mixed permissions situations. Fix #18572 Signed-off-by: Andrew Thornton --- models/repo.go | 51 +++++++++++++++++++------ routers/web/org/teams.go | 2 + templates/org/team/sidebar.tmpl | 68 ++++++++++++++++++++++----------- 3 files changed, 88 insertions(+), 33 deletions(-) diff --git a/models/repo.go b/models/repo.go index 83031c508cdce..933bb6c2a73d6 100644 --- a/models/repo.go +++ b/models/repo.go @@ -150,27 +150,56 @@ func getRepoAssignees(ctx context.Context, repo *repo_model.Repository) (_ []*us } e := db.GetEngine(ctx) - accesses := make([]*Access, 0, 10) - if err = e. + userIDs := make([]int64, 0, 10) + if err = e.Table("access"). Where("repo_id = ? AND mode >= ?", repo.ID, perm.AccessModeWrite). - Find(&accesses); err != nil { + Select("id"). + Find(&userIDs); err != nil { return nil, err } - // Leave a seat for owner itself to append later, but if owner is an organization - // and just waste 1 unit is cheaper than re-allocate memory once. - users := make([]*user_model.User, 0, len(accesses)+1) - if len(accesses) > 0 { - userIDs := make([]int64, len(accesses)) - for i := 0; i < len(accesses); i++ { - userIDs[i] = accesses[i].UserID + additionalUserIDs := make([]int64, 0, 10) + if err = e.Table("team_user"). + Join("INNER", "team_repo", "`team_repo`.team_id = `team_user`.team_id"). + Join("INNER", "team_unit", "`team_unit`.team_id = `team_user`.team_id"). + Where("`team_repo`.repo_id = ? AND `team_unit`.access_mode >= ?", repo.ID, perm.AccessModeWrite). + Distinct("`team_user`.uid"). + Select("`team_user`.uid"). + Find(&additionalUserIDs); err != nil { + return nil, err + } + + uidMap := map[int64]bool{} + i := 0 + for _, uid := range userIDs { + if uidMap[uid] { + continue + } + uidMap[uid] = true + userIDs[i] = uid + i++ + } + userIDs = userIDs[:i] + userIDs = append(userIDs, additionalUserIDs...) + + for _, uid := range additionalUserIDs { + if uidMap[uid] { + continue } + userIDs[i] = uid + i++ + } + userIDs = userIDs[:i] + // Leave a seat for owner itself to append later, but if owner is an organization + // and just waste 1 unit is cheaper than re-allocate memory once. + users := make([]*user_model.User, 0, len(userIDs)+1) + if len(userIDs) > 0 { if err = e.In("id", userIDs).Find(&users); err != nil { return nil, err } } - if !repo.Owner.IsOrganization() { + if !repo.Owner.IsOrganization() && !uidMap[repo.OwnerID] { users = append(users, repo.Owner) } diff --git a/routers/web/org/teams.go b/routers/web/org/teams.go index 9b0212e56955a..f6e09eb4c8da1 100644 --- a/routers/web/org/teams.go +++ b/routers/web/org/teams.go @@ -311,6 +311,7 @@ func TeamMembers(ctx *context.Context) { ctx.ServerError("GetMembers", err) return } + ctx.Data["Units"] = unit_model.Units ctx.HTML(http.StatusOK, tplTeamMembers) } @@ -323,6 +324,7 @@ func TeamRepositories(ctx *context.Context) { ctx.ServerError("GetRepositories", err) return } + ctx.Data["Units"] = unit_model.Units ctx.HTML(http.StatusOK, tplTeamRepositories) } diff --git a/templates/org/team/sidebar.tmpl b/templates/org/team/sidebar.tmpl index 6ea08740f714d..2dec681b4c633 100644 --- a/templates/org/team/sidebar.tmpl +++ b/templates/org/team/sidebar.tmpl @@ -25,31 +25,55 @@ {{.i18n.Tr "org.teams.no_desc"}} {{end}} - -
- {{if eq .Team.LowerName "owners"}} + {{if eq .Team.LowerName "owners"}} +
{{.i18n.Tr "org.teams.owners_permission_desc" | Str2html}} - {{else if (eq .Team.AccessMode 1)}} - {{if .Team.IncludesAllRepositories}} - {{.i18n.Tr "org.teams.all_repositories_read_permission_desc" | Str2html}} - {{else}} - {{.i18n.Tr "org.teams.read_permission_desc" | Str2html}} - {{end}} - {{else if (eq .Team.AccessMode 2)}} - {{if .Team.IncludesAllRepositories}} - {{.i18n.Tr "org.teams.all_repositories_write_permission_desc" | Str2html}} +
+ {{else}} +
+

{{.i18n.Tr "org.team_access_desc"}}

+
    + {{if .Team.IncludesAllRepositories}} +
  • {{.i18n.Tr "org.teams.all_repositories" | Str2html}} + {{else}} +
  • {{.i18n.Tr "org.teams.specific_repositories" | Str2html}} + {{end}} + {{if .Team.CanCreateOrgRepo}} +
  • {{.i18n.Tr "org.teams.can_create_org_repo"}} + {{end}} +
+ {{if (eq .Team.AccessMode 2)}} +

{{.i18n.Tr "org.settings.permission"}}

+ {{.i18n.Tr "org.teams.write_permission_desc"}} + {{else if (eq .Team.AccessMode 3)}} +

{{.i18n.Tr "org.settings.permission"}}

+ {{.i18n.Tr "org.teams.admin_permission_desc"}} {{else}} - {{.i18n.Tr "org.teams.write_permission_desc" | Str2html}} + + + + + + + + + {{range $t, $unit := $.Units}} + {{if and (lt $unit.MaxPerm 2) (not $unit.Type.UnitGlobalDisabled)}} + + + + + {{end}} + {{end}} + +
{{.i18n.Tr "units.unit"}}{{.i18n.Tr "org.team_permission_desc"}}
{{$.i18n.Tr $unit.NameKey}}{{if eq ($.Team.UnitAccessMode $unit.Type) 0 -}} + {{$.i18n.Tr "org.teams.none_access"}} + {{- else if or (eq $.Team.ID 0) (eq ($.Team.UnitAccessMode $unit.Type) 1) -}} + {{$.i18n.Tr "org.teams.read_access"}} + {{- else if eq ($.Team.UnitAccessMode $unit.Type) 2 -}} + {{$.i18n.Tr "org.teams.write_access"}} + {{- end}}
{{end}} - {{else if (eq .Team.AccessMode 3)}} - {{if .Team.IncludesAllRepositories}} - {{.i18n.Tr "org.teams.all_repositories_admin_permission_desc" | Str2html}} - {{else}} - {{.i18n.Tr "org.teams.admin_permission_desc" | Str2html}} - {{end}} - {{end}} - {{if .Team.CanCreateOrgRepo}} -

{{.i18n.Tr "org.teams.create_repo_permission_desc" | Str2html}} {{end}}