fix 902

models/user.go

@@ -145,6 +145,7 @@ type User struct {
 	AllowImportLocal        bool // Allow migrate repository by local path
 	AllowCreateOrganization bool `xorm:"DEFAULT true"`
 	ProhibitLogin           bool `xorm:"NOT NULL DEFAULT false"`
+	IsOperator              bool `xorm:"NOT NULL DEFAULT false"`		//运营人员
 
 	// Avatar
 	Avatar          string `xorm:"VARCHAR(2048) NOT NULL"`

modules/context/auth.go

@@ -145,8 +145,7 @@ func Toggle(options *ToggleOptions) macaron.Handler {
 		}
 
 		if options.OperationRequired {
-			//todo: add isOperator judgement
-			if !ctx.User.IsAdmin {
+			if !ctx.User.IsOperator {
 				ctx.Error(403)
 				return
 			}

modules/context/context.go

@@ -310,6 +310,7 @@ func Contexter() macaron.Handler {
 			ctx.Data["SignedUserID"] = ctx.User.ID
 			ctx.Data["SignedUserName"] = ctx.User.Name
 			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
+			ctx.Data["IsOperator"] = ctx.User.IsOperator
 			c.Data["SignedUserName"] = ctx.User.Name
 		} else {
 			ctx.Data["SignedUserID"] = int64(0)

routers/api/v1/api.go

@@ -75,6 +75,7 @@ import (
 	"code.gitea.io/gitea/routers/api/v1/repo"
 	_ "code.gitea.io/gitea/routers/api/v1/swagger" // for swagger generation
 	"code.gitea.io/gitea/routers/api/v1/user"
+	repo_ext "code.gitea.io/gitea/routers/repo"
 
 	"gitea.com/macaron/binding"
 	"gitea.com/macaron/macaron"
@@ -523,23 +524,26 @@ func RegisterRoutes(m *macaron.Macaron) {
 				Get(notify.GetThread).
 				Patch(notify.ReadThread)
 		}, reqToken())
-		adminReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, AdminRequired: true})
+		
+		operationReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, OperationRequired: true})
 		//Project board
 		m.Group("/projectboard", func() {
 
-			m.Get("/restoreFork", adminReq, repo.RestoreForkNumber)
-			m.Get("/downloadAll", adminReq, repo.ServeAllProjectsPeriodStatisticsFile)
-			m.Get("/downloadAllOpenI", adminReq, repo.ServeAllProjectsOpenIStatisticsFile)
+			m.Get("/restoreFork", repo.RestoreForkNumber)
+			m.Get("/downloadAll", repo.ServeAllProjectsPeriodStatisticsFile)
+			m.Get("/downloadAllOpenI", repo.ServeAllProjectsOpenIStatisticsFile)
 			m.Group("/project", func() {
-				m.Get("", adminReq, repo.GetAllProjectsPeriodStatistics)
+				m.Get("", repo.GetAllProjectsPeriodStatistics)
 
 				m.Group("/:id", func() {
-					m.Get("", adminReq, repo.GetProjectLatestStatistics)
-					m.Get("/period", adminReq, repo.GetProjectPeriodStatistics)
+					m.Get("", repo.GetProjectLatestStatistics)
+					m.Get("/period", repo.GetProjectPeriodStatistics)
 
 				})
 			})
-		})
+		}, operationReq)
+
+		m.Get("/query_user_static_page", operationReq, repo_ext.QueryUserStaticDataPage)
 
 		// Users
 		m.Group("/users", func() {

routers/routes/routes.go

@@ -792,7 +792,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 	}, reqSignIn, context.RepoAssignment(), context.UnitTypes(), reqRepoAdmin, context.RepoRef())
 
 	m.Post("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action)
-	m.Get("/tool/query_user_static_page", adminReq, repo.QueryUserStaticDataPage)
+
 	// Grouping for those endpoints not requiring authentication
 	m.Group("/:username/:reponame", func() {
 		m.Get("/contributors", repo.Contributors)