diff --git a/models/perm/access/repo_permission.go b/models/perm/access/repo_permission.go index 64df5355bba6a..2027b87ecb43c 100644 --- a/models/perm/access/repo_permission.go +++ b/models/perm/access/repo_permission.go @@ -127,7 +127,8 @@ func (p *Permission) LogString() string { } // GetUserRepoPermission returns the user permissions to the repository -func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (perm Permission, err error) { +func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (Permission, error) { + var perm Permission if log.IsTrace() { defer func() { if user == nil { @@ -147,30 +148,31 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use // TODO: anonymous user visit public unit of private repo??? if user == nil && repo.IsPrivate { perm.AccessMode = perm_model.AccessModeNone - return + return perm, nil } - var is bool + var isCollaborator bool + var err error if user != nil { - is, err = repo_model.IsCollaborator(ctx, repo.ID, user.ID) + isCollaborator, err = repo_model.IsCollaborator(ctx, repo.ID, user.ID) if err != nil { return perm, err } } - if err = repo.LoadOwner(ctx); err != nil { - return + if err := repo.LoadOwner(ctx); err != nil { + return perm, err } // Prevent strangers from checking out public repo of private organization/users // Allow user if they are collaborator of a repo within a private user or a private organization but not a member of the organization itself - if !organization.HasOrgOrUserVisible(ctx, repo.Owner, user) && !is { + if !organization.HasOrgOrUserVisible(ctx, repo.Owner, user) && !isCollaborator { perm.AccessMode = perm_model.AccessModeNone - return + return perm, nil } - if err = repo.LoadUnits(ctx); err != nil { - return + if err := repo.LoadUnits(ctx); err != nil { + return perm, err } perm.Units = repo.Units @@ -178,32 +180,32 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use // anonymous visit public repo if user == nil { perm.AccessMode = perm_model.AccessModeRead - return + return perm, nil } // Admin or the owner has super access to the repository if user.IsAdmin || user.ID == repo.OwnerID { perm.AccessMode = perm_model.AccessModeOwner - return + return perm, nil } // plain user perm.AccessMode, err = accessLevel(ctx, user, repo) if err != nil { - return + return perm, err } - if err = repo.LoadOwner(ctx); err != nil { - return + if err := repo.LoadOwner(ctx); err != nil { + return perm, err } if !repo.Owner.IsOrganization() { - return + return perm, nil } perm.UnitsMode = make(map[unit.Type]perm_model.AccessMode) // Collaborators on organization - if is { + if isCollaborator { for _, u := range repo.Units { perm.UnitsMode[u.Type] = perm.AccessMode } @@ -212,7 +214,7 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use // get units mode from teams teams, err := organization.GetUserRepoTeams(ctx, repo.OwnerID, user.ID, repo.ID) if err != nil { - return + return perm, err } // if user in an owner team @@ -220,7 +222,7 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use if team.AccessMode >= perm_model.AccessModeAdmin { perm.AccessMode = perm_model.AccessModeOwner perm.UnitsMode = nil - return + return perm, nil } } diff --git a/models/repo/release.go b/models/repo/release.go index b77490584f901..246642205a28c 100644 --- a/models/repo/release.go +++ b/models/repo/release.go @@ -339,7 +339,7 @@ func (s releaseMetaSearch) Less(i, j int) bool { // GetReleaseAttachments retrieves the attachments for releases func GetReleaseAttachments(ctx context.Context, rels ...*Release) (err error) { if len(rels) == 0 { - return + return nil } // To keep this efficient as possible sort all releases by id,