fix: mirror project permission error

5 years ago · fffe57a211
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -41,6 +41,7 @@ class UsersController < ApplicationController
      @user_composes_count = 0
      user_organizations =  User.current.logged? ? @user.organizations.with_visibility(%w(common limited)) + @user.organizations.with_visibility("privacy").joins(:team_users).where(team_users: {user_id: current_user.id}) : @user.organizations.with_visibility("common")
      @user_org_count = user_organizations.size
      normal_projects = @user.projects
      user_projects = User.current.logged? && (User.current.admin? ||  User.current.login == @user.login) ? @user.projects : @user.projects.visible
      @projects_common_count = user_projects.common.size
      @projects_mirrior_count = user_projects.mirror.size
--- a/app/models/concerns/project_operable.rb
+++ b/app/models/concerns/project_operable.rb
@@ -11,6 +11,14 @@ module ProjectOperable
    has_many :team_projects, dependent: :destroy
  end

  def set_owner_permission(creator)
    return unless owner.is_a?(Organization)
    owner.build_permit_team_projects!(id)
    # 避免自己创建的项目，却无法拥有访问权，因为该用户所在团队暂未获得项目访问权
    return if creator.nil? || owner.is_owner?(creator.id)
    add_member!(creator.id, "Manager")
  end

  def add_member!(user_id, role_name='Developer')
    member = members.create!(user_id: user_id)
    set_developer_role(member, role_name)
--- a/app/models/organization.rb
+++ b/app/models/organization.rb
@@ -114,6 +114,13 @@ class Organization < Owner
    owner_team_users.pluck(:user_id).include?(user_id) && owner_team_users.size == 1
  end

  # 为包含组织所有项目的团队创建项目访问权限
  def build_permit_team_projects!(project_id)
    teams.where(includes_all_project: true).each do |team|
      TeamProject.build(id, team.id, project_id)
    end
  end

  def real_name
    name = lastname + firstname
    name = name.blank? ? (nickname.blank? ? login : nickname) : name
--- a/app/services/projects/migrate_service.rb
+++ b/app/services/projects/migrate_service.rb
@@ -1,5 +1,6 @@
 class Projects::MigrateService < ApplicationService
  attr_reader :user, :params
  attr_accessor :project

  def initialize(user, params)
    @user    = user
@@ -11,6 +12,7 @@ class Projects::MigrateService < ApplicationService
    if @project.save!
      ProjectUnit.init_types(@project.id)
      Project.update_mirror_projects_count!
      @project.set_owner_permission(user)
      Repositories::MigrateService.new(user, @project, repository_params).call
    else
      #
--- a/app/services/projects/transfer_service.rb
+++ b/app/services/projects/transfer_service.rb
@@ -33,9 +33,8 @@ class Projects::TransferService < ApplicationService

  def update_visit_teams
    if new_owner.is_a?(Organization)
      new_owner.teams.where(includes_all_project: true).each do |team|
        TeamProject.build(new_owner.id, team.id, project.id)
      end
      # 为包含组织所有项目的团队创建项目访问权限
      new_owner.build_permit_team_projects(project.id)
    else
      project.team_projects.each(&:destroy!)
    end
--- a/app/services/repositories/create_service.rb
+++ b/app/services/repositories/create_service.rb
@@ -15,6 +15,7 @@ class Repositories::CreateService < ApplicationService
        create_gitea_repository
        sync_project
        sync_repository
        set_owner_permission(user)
        # if project.project_type == "common"
        #   chain_params = {
        #     type: "create",
@@ -44,19 +45,9 @@ class Repositories::CreateService < ApplicationService
      @gitea_repository = Gitea::Repository::CreateService.new(user.gitea_token, gitea_repository_params).call
    elsif project.owner.is_a?(Organization)
      @gitea_repository = Gitea::Organization::Repository::CreateService.call(user.gitea_token, project.owner.login, gitea_repository_params)
      project.owner.teams.each do |team|
        next unless team.includes_all_project
        TeamProject.build(project.user_id, team.id, project.id)
      end
      create_manager_member
    end
  end

  def create_manager_member
    return if project.owner.is_owner?(user.id)
    project.add_member!(user.id, "Manager")
  end

  def sync_project
    if gitea_repository
      project.update_columns(
--- a/lib/tasks/sync_org_project_permission.rake
+++ b/lib/tasks/sync_org_project_permission.rake
@@ -0,0 +1,8 @@
 namespace :sync_org_project_permission do 
  desc "sync organization project team permissions"
  task mirror: :environment do 
    Project.mirror.includes(:team_projects,:owner).where(team_projects: {id: nil}, users: {type: 'Organization'}).find_each do |project| 
      project.set_owner_permission(nil)
    end
  end
 end