rename some functions

lunny · lunny · commit b677d04404f2 · 2018-11-28T11:09:41.000+08:00
diff --git a/models/repo.go b/models/repo.go
@@ -607,12 +607,6 @@ func (repo *Repository) ComposeCompareURL(oldCommitID, newCommitID string) strin
 	return fmt.Sprintf("%s/%s/compare/%s...%s", repo.MustOwner().Name, repo.Name, oldCommitID, newCommitID)
 }
 
-// HasAccess returns true when user has access to this repository
-/*func (repo *Repository) HasAccess(u *User) bool {
-	has, _ := HasAccess(u.ID, repo, AccessModeRead)
-	return has
-}*/
-
 // UpdateDefaultBranch updates the default branch
 func (repo *Repository) UpdateDefaultBranch() error {
 	_, err := x.ID(repo.ID).Cols("default_branch").Update(repo)
diff --git a/modules/lfs/server.go b/modules/lfs/server.go
@@ -502,7 +502,7 @@ func authenticate(ctx *context.Context, repository *models.Repository, authoriza
 		return false
 	}
 	if ctx.IsSigned {
-		return perm.UnitAccessMode(models.UnitTypeCode) >= accessMode
+		return perm.CanAccess(accessMode, models.UnitTypeCode)
 	}
 
 	user, repo, opStr, err := parseToken(authorization)
@@ -515,7 +515,7 @@ func authenticate(ctx *context.Context, repository *models.Repository, authoriza
 		if err != nil {
 			return false
 		}
-		return perm.UnitAccessMode(models.UnitTypeCode) >= accessMode
+		return perm.CanAccess(accessMode, models.UnitTypeCode)
 	}
 	if repository.ID == repo.ID {
 		if requireWrite && opStr != "upload" {
diff --git a/modules/private/internal.go b/modules/private/internal.go
@@ -73,30 +73,6 @@ func CheckUnitUser(userID, repoID int64, isAdmin bool, unitType models.UnitType)
 	return &a, nil
 }
 
-// AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the
-// user does not have access.
-/*func AccessLevel(userID, repoID int64) (*models.AccessMode, error) {
-	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/user/%d/accesslevel", repoID, userID)
-	log.GitLogger.Trace("AccessLevel: %s", reqURL)
-
-	resp, err := newInternalRequest(reqURL, "GET").Response()
-	if err != nil {
-		return nil, err
-	}
-	defer resp.Body.Close()
-
-	if resp.StatusCode != 200 {
-		return nil, fmt.Errorf("Failed to get user access level: %s", decodeJSONError(resp).Err)
-	}
-
-	var a models.AccessMode
-	if err := json.NewDecoder(resp.Body).Decode(&a); err != nil {
-		return nil, err
-	}
-
-	return &a, nil
-}*/
-
 // GetRepositoryByOwnerAndName returns the repository by given ownername and reponame.
 func GetRepositoryByOwnerAndName(ownerName, repoName string) (*models.Repository, error) {
 	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repo/%s/%s", ownerName, repoName)
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
@@ -509,7 +509,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 						Post(bind(api.CreateKeyOption{}), repo.CreateDeployKey)
 					m.Combo("/:id").Get(repo.GetDeployKey).
 						Delete(repo.DeleteDeploykey)
-				}, reqToken(), reqRepoWriter(models.UnitTypeCode))
+				}, reqToken(), reqAdmin())
 				m.Group("/times", func() {
 					m.Combo("").Get(repo.ListTrackedTimesByRepository)
 					m.Combo("/:timetrackingusername").Get(repo.ListTrackedTimesByUser)
diff --git a/routers/private/internal.go b/routers/private/internal.go
@@ -38,27 +38,6 @@ func GetRepositoryByOwnerAndName(ctx *macaron.Context) {
 	ctx.JSON(200, repo)
 }
 
-//AccessLevel chainload to models.AccessLevel
-/*func AccessLevel(ctx *macaron.Context) {
-	repoID := ctx.ParamsInt64(":repoid")
-	userID := ctx.ParamsInt64(":userid")
-	repo, err := models.GetRepositoryByID(repoID)
-	if err != nil {
-		ctx.JSON(500, map[string]interface{}{
-			"err": err.Error(),
-		})
-		return
-	}
-	al, err := models.AccessLevel(userID, repo)
-	if err != nil {
-		ctx.JSON(500, map[string]interface{}{
-			"err": err.Error(),
-		})
-		return
-	}
-	ctx.JSON(200, al)
-}*/
-
 //CheckUnitUser chainload to models.CheckUnitUser
 func CheckUnitUser(ctx *macaron.Context) {
 	repoID := ctx.ParamsInt64(":repoid")
@@ -71,12 +50,15 @@ func CheckUnitUser(ctx *macaron.Context) {
 		return
 	}
 
-	user, err := models.GetUserByID(userID)
-	if err != nil {
-		ctx.JSON(500, map[string]interface{}{
-			"err": err.Error(),
-		})
-		return
+	var user *models.User
+	if userID > 0 {
+		user, err = models.GetUserByID(userID)
+		if err != nil {
+			ctx.JSON(500, map[string]interface{}{
+				"err": err.Error(),
+			})
+			return
+		}
 	}
 
 	perm, err := models.GetUserRepoPermission(repo, user)
@@ -98,7 +80,6 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Get("/ssh/:id/user", GetUserByKeyID)
 		m.Post("/ssh/:id/update", UpdatePublicKey)
 		m.Post("/repositories/:repoid/keys/:keyid/update", UpdateDeployKey)
-		//m.Get("/repositories/:repoid/user/:userid/accesslevel", AccessLevel)
 		m.Get("/repositories/:repoid/user/:userid/checkunituser", CheckUnitUser)
 		m.Get("/repositories/:repoid/has-keys/:keyid", HasDeployKey)
 		m.Post("/push/update", PushUpdate)
diff --git a/routers/repo/http.go b/routers/repo/http.go
@@ -188,7 +188,7 @@ func HTTP(ctx *context.Context) {
 			return
 		}
 
-		if perm.UnitAccessMode(unitType) < accessMode {
+		if !perm.CanAccess(accessMode, unitType) {
 			ctx.HandleText(http.StatusForbidden, "User permission denied")
 			return
 		}
diff --git a/routers/repo/issue.go b/routers/repo/issue.go
@@ -381,10 +381,6 @@ func ValidateRepoMetas(ctx *context.Context, form auth.CreateIssueForm, isPull b
 		return nil, nil, 0
 	}
 
-	if !ctx.Repo.CanWrite(models.UnitTypeIssues) {
-		return nil, nil, 0
-	}
-
 	var labelIDs []int64
 	hasSelected := false
 	// Check labels.
diff --git a/routers/routes/routes.go b/routers/routes/routes.go
@@ -398,8 +398,9 @@ func RegisterRoutes(m *macaron.Macaron) {
 	reqRepoReleaseWriter := context.RequireRepoWriter(models.UnitTypeReleases)
 	reqRepoReleaseReader := context.RequireRepoReader(models.UnitTypeReleases)
 	reqRepoWikiWriter := context.RequireRepoWriter(models.UnitTypeWiki)
-	reqRepoIssueWriter := context.RequireRepoWriter(models.UnitTypeIssues)
+	reqRepoIssueReader := context.RequireRepoReader(models.UnitTypeIssues)
 	reqRepoPullsWriter := context.RequireRepoWriter(models.UnitTypePullRequests)
+	reqRepoPullsReader := context.RequireRepoReader(models.UnitTypePullRequests)
 	reqRepoIssuesOrPullsWriter := context.RequireRepoWriterOr(models.UnitTypeIssues, models.UnitTypePullRequests)
 	reqRepoIssuesOrPullsReader := context.RequireRepoReaderOr(models.UnitTypeIssues, models.UnitTypePullRequests)
 
@@ -530,7 +531,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Group("/issues", func() {
 			m.Combo("/new").Get(context.RepoRef(), repo.NewIssue).
 				Post(bindIgnErr(auth.CreateIssueForm{}), repo.NewIssuePost)
-		}, reqRepoIssueWriter)
+		}, reqRepoIssueReader)
 		// FIXME: should use different URLs but mostly same logic for comments of issue and pull reuqest.
 		// So they can apply their own enable/disable logic on routers.
 		m.Group("/issues", func() {
@@ -578,7 +579,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 			m.Post("/delete", repo.DeleteMilestone)
 		}, reqRepoIssuesOrPullsWriter, context.RepoRef())
 
-		m.Combo("/compare/*", reqRepoCodeReader, repo.MustAllowPulls, repo.SetEditorconfigIfExists).
+		m.Combo("/compare/*", reqRepoCodeReader, reqRepoPullsReader, repo.MustAllowPulls, repo.SetEditorconfigIfExists).
 			Get(repo.SetDiffViewStyle, repo.CompareAndPullRequest).
 			Post(bindIgnErr(auth.CreateIssueForm{}), repo.CompareAndPullRequestPost)
 

Original file line number	Diff line number	Diff line change
`@@ -502,7 +502,7 @@ func authenticate(ctx context.Context, repository models.Repository, authoriza`
`502`	`502`	`return false`
`503`	`503`	`}`
`504`	`504`	`if ctx.IsSigned {`
`505`		`- return perm.UnitAccessMode(models.UnitTypeCode) >= accessMode`
	`505`	`+ return perm.CanAccess(accessMode, models.UnitTypeCode)`
`506`	`506`	`}`
`507`	`507`
`508`	`508`	`user, repo, opStr, err := parseToken(authorization)`
`@@ -515,7 +515,7 @@ func authenticate(ctx context.Context, repository models.Repository, authoriza`
`515`	`515`	`if err != nil {`
`516`	`516`	`return false`
`517`	`517`	`}`
`518`		`- return perm.UnitAccessMode(models.UnitTypeCode) >= accessMode`
	`518`	`+ return perm.CanAccess(accessMode, models.UnitTypeCode)`
`519`	`519`	`}`
`520`	`520`	`if repository.ID == repo.ID {`
`521`	`521`	`if requireWrite && opStr != "upload" {`
Original file line number	Diff line number	Diff line change
`@@ -188,7 +188,7 @@ func HTTP(ctx *context.Context) {`
`188`	`188`	`return`
`189`	`189`	`}`
`190`	`190`
`191`		`- if perm.UnitAccessMode(unitType) < accessMode {`
	`191`	`+ if !perm.CanAccess(accessMode, unitType) {`
`192`	`192`	`ctx.HandleText(http.StatusForbidden, "User permission denied")`
`193`	`193`	`return`
`194`	`194`	`}`