diff --git a/models/user.go b/models/user.go index 1ee20d74c..8968f7c02 100755 --- a/models/user.go +++ b/models/user.go @@ -145,6 +145,7 @@ type User struct { AllowImportLocal bool // Allow migrate repository by local path AllowCreateOrganization bool `xorm:"DEFAULT true"` ProhibitLogin bool `xorm:"NOT NULL DEFAULT false"` + IsOperator bool `xorm:"NOT NULL DEFAULT false"` //运营人员 // Avatar Avatar string `xorm:"VARCHAR(2048) NOT NULL"` diff --git a/modules/context/auth.go b/modules/context/auth.go index 3f53e6fce..9877657eb 100755 --- a/modules/context/auth.go +++ b/modules/context/auth.go @@ -145,8 +145,7 @@ func Toggle(options *ToggleOptions) macaron.Handler { } if options.OperationRequired { - //todo: add isOperator judgement - if !ctx.User.IsAdmin { + if !ctx.User.IsOperator { ctx.Error(403) return } diff --git a/modules/context/context.go b/modules/context/context.go index 6877780e3..5f09e190d 100755 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -310,6 +310,7 @@ func Contexter() macaron.Handler { ctx.Data["SignedUserID"] = ctx.User.ID ctx.Data["SignedUserName"] = ctx.User.Name ctx.Data["IsAdmin"] = ctx.User.IsAdmin + ctx.Data["IsOperator"] = ctx.User.IsOperator c.Data["SignedUserName"] = ctx.User.Name } else { ctx.Data["SignedUserID"] = int64(0) diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index b7ef8d48f..518c63e4f 100755 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -75,6 +75,7 @@ import ( "code.gitea.io/gitea/routers/api/v1/repo" _ "code.gitea.io/gitea/routers/api/v1/swagger" // for swagger generation "code.gitea.io/gitea/routers/api/v1/user" + repo_ext "code.gitea.io/gitea/routers/repo" "gitea.com/macaron/binding" "gitea.com/macaron/macaron" @@ -523,23 +524,26 @@ func RegisterRoutes(m *macaron.Macaron) { Get(notify.GetThread). Patch(notify.ReadThread) }, reqToken()) - adminReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, AdminRequired: true}) + + operationReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, OperationRequired: true}) //Project board m.Group("/projectboard", func() { - m.Get("/restoreFork", adminReq, repo.RestoreForkNumber) - m.Get("/downloadAll", adminReq, repo.ServeAllProjectsPeriodStatisticsFile) - m.Get("/downloadAllOpenI", adminReq, repo.ServeAllProjectsOpenIStatisticsFile) + m.Get("/restoreFork", repo.RestoreForkNumber) + m.Get("/downloadAll", repo.ServeAllProjectsPeriodStatisticsFile) + m.Get("/downloadAllOpenI", repo.ServeAllProjectsOpenIStatisticsFile) m.Group("/project", func() { - m.Get("", adminReq, repo.GetAllProjectsPeriodStatistics) + m.Get("", repo.GetAllProjectsPeriodStatistics) m.Group("/:id", func() { - m.Get("", adminReq, repo.GetProjectLatestStatistics) - m.Get("/period", adminReq, repo.GetProjectPeriodStatistics) + m.Get("", repo.GetProjectLatestStatistics) + m.Get("/period", repo.GetProjectPeriodStatistics) }) }) - }) + }, operationReq) + + m.Get("/query_user_static_page", operationReq, repo_ext.QueryUserStaticDataPage) // Users m.Group("/users", func() { diff --git a/routers/routes/routes.go b/routers/routes/routes.go index 3bacb7549..67794bf88 100755 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -792,7 +792,7 @@ func RegisterRoutes(m *macaron.Macaron) { }, reqSignIn, context.RepoAssignment(), context.UnitTypes(), reqRepoAdmin, context.RepoRef()) m.Post("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action) - m.Get("/tool/query_user_static_page", adminReq, repo.QueryUserStaticDataPage) + // Grouping for those endpoints not requiring authentication m.Group("/:username/:reponame", func() { m.Get("/contributors", repo.Contributors)