Skip to content

When creating a team with the api, that team does not have access to anything #5187

New issue
New issue
Closed
#5188
Closed
When creating a team with the api, that team does not have access to anything#5187
#5188
Labels
modifies/apiThis PR adds API routes or modifies themtype/bug
Milestone
1.7.0
@kolaente

Description

@kolaente
kolaente
opened on Oct 25, 2018
  • Gitea version (or commit ref): aeb5655
  • Operating system:
  • Database (use [x]):
    • PostgreSQL
    • MySQL
    • MSSQL
    • SQLite
    • not relevant
  • Can you reproduce the bug at https://try.gitea.io:
    • Yes
    • No
    • Not relevant
  • Log gist:

Description

When we migrated to Gitea from a bunch of Git repos behind an Apache, we wrote some scripts to move all repos and create users and teams and so on. This worked fairly well, except those users don't have access to the repos (404).
When I debugged this locally, I discovered that no team_units are created when creating a repo using the api, which is why the users won't have access to the repo, whereas when doing this with the web ui, all units are created accordingly.

More specifically:

API:
2018/10/25 22:33:47 [I] [SQL] BEGIN TRANSACTION
2018/10/25 22:33:47 [I] [SQL] INSERT INTO `team` (`org_id`,`lower_name`,`name`,`description`,`authorize`,`num_repos`,`num_members`) VALUES (?, ?, ?, ?, ?, ?, ?) []interface {}{2, "testapi", "testapi", "string", 2, 0, 0}
2018/10/25 22:33:47 [I] [SQL] UPDATE `user` SET num_teams=num_teams+1 WHERE id = ? []interface {}{2}
2018/10/25 22:33:47 [I] [SQL] COMMIT
UI:
2018/10/25 22:34:34 [I] [SQL] BEGIN TRANSACTION
2018/10/25 22:34:34 [I] [SQL] INSERT INTO `team` (`org_id`,`lower_name`,`name`,`description`,`authorize`,`num_repos`,`num_members`) VALUES (?, ?, ?, ?, ?, ?, ?) []interface {}{2, "testui", "testui", "", 2, 0, 0}
2018/10/25 22:34:34 [I] [SQL] INSERT INTO `team_unit` (`org_id`, `team_id`, `type`) VALUES (?, ?, ?),(?, ?, ?),(?, ?, ?),(?, ?, ?),(?, ?, ?),(?, ?, ?),(?, ?, ?) []interface {}{2, 7, 1, 2, 7, 2, 2, 7, 3, 2, 7, 4, 2, 7, 5, 2, 7, 6, 2, 7, 7}
2018/10/25 22:34:34 [I] [SQL] UPDATE `user` SET num_teams=num_teams+1 WHERE id = ? []interface {}{2}
2018/10/25 22:34:34 [I] [SQL] COMMIT

Steps to reproduce

  1. Create a team with write access using the api
  2. Give that team access to a private repo
  3. Add a user (either also via the api or with the gui)
  4. Try accessing the repo with the user you added to the team earlier

Possible solutions

(relevant code is in models/org_team.go:285

  • Always give a team rights to everything (code, issues, pull requests, releases, wiki, external wiki, external issues) -> Fastest, but quick and dirty
  • Add an extra parameter to the api to be able to specify what exact permissions the team should have.

Metadata

Metadata

Assignees

No one assigned

    Labels

    modifies/apiThis PR adds API routes or modifies themtype/bug

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions