Lunny Xiao
8 years ago
No known key found for this signature in database
GPG Key ID: C3B7C91B632F738A
4 changed files with 14 additions and 9 deletions
Unified View
Diff Options
-
+1 -1cmd/serv.go
-
+6 -6models/repo.go
-
+6 -1modules/context/repo.go
-
+1 -1routers/repo/http.go
+ 1
- 1
cmd/serv.go
View File
| @@ -250,7 +250,7 @@ func runServ(c *cli.Context) error { | |||||
| user.Name, requestedMode, repoPath) | user.Name, requestedMode, repoPath) | ||||
| } | } | ||||
| if !repo.CheckUnitUser(user.ID, unitType) { | |||||
| if !repo.CheckUnitUser(user.ID, user.IsAdmin, unitType) { | |||||
| fail("You do not have allowed for this action", | fail("You do not have allowed for this action", | ||||
| "User %s does not have allowed access to repository %s 's code", | "User %s does not have allowed access to repository %s 's code", | ||||
| user.Name, repoPath) | user.Name, repoPath) | ||||
+ 6
- 6
models/repo.go
View File
| @@ -330,8 +330,8 @@ func (repo *Repository) getUnits(e Engine) (err error) { | |||||
| } | } | ||||
| // CheckUnitUser check whether user could visit the unit of this repository | // CheckUnitUser check whether user could visit the unit of this repository | ||||
| func (repo *Repository) CheckUnitUser(userID int64, unitType UnitType) bool { | |||||
| if err := repo.getUnitsByUserID(x, userID); err != nil { | |||||
| func (repo *Repository) CheckUnitUser(userID int64, isAdmin bool, unitType UnitType) bool { | |||||
| if err := repo.getUnitsByUserID(x, userID, isAdmin); err != nil { | |||||
| return false | return false | ||||
| } | } | ||||
| @@ -344,11 +344,11 @@ func (repo *Repository) CheckUnitUser(userID int64, unitType UnitType) bool { | |||||
| } | } | ||||
| // LoadUnitsByUserID loads units according userID's permissions | // LoadUnitsByUserID loads units according userID's permissions | ||||
| func (repo *Repository) LoadUnitsByUserID(userID int64) error { | |||||
| return repo.getUnitsByUserID(x, userID) | |||||
| func (repo *Repository) LoadUnitsByUserID(userID int64, isAdmin bool) error { | |||||
| return repo.getUnitsByUserID(x, userID, isAdmin) | |||||
| } | } | ||||
| func (repo *Repository) getUnitsByUserID(e Engine, userID int64) (err error) { | |||||
| func (repo *Repository) getUnitsByUserID(e Engine, userID int64, isAdmin bool) (err error) { | |||||
| if repo.Units != nil { | if repo.Units != nil { | ||||
| return nil | return nil | ||||
| } | } | ||||
| @@ -358,7 +358,7 @@ func (repo *Repository) getUnitsByUserID(e Engine, userID int64) (err error) { | |||||
| return err | return err | ||||
| } | } | ||||
| if !repo.Owner.IsOrganization() || userID == 0 { | |||||
| if !repo.Owner.IsOrganization() || userID == 0 || isAdmin { | |||||
| return nil | return nil | ||||
| } | } | ||||
+ 6
- 1
modules/context/repo.go
View File
| @@ -496,11 +496,16 @@ func RequireRepoWriter() macaron.Handler { | |||||
| // LoadRepoUnits loads repsitory's units, it should be called after repository and user loaded | // LoadRepoUnits loads repsitory's units, it should be called after repository and user loaded | ||||
| func LoadRepoUnits() macaron.Handler { | func LoadRepoUnits() macaron.Handler { | ||||
| return func(ctx *Context) { | return func(ctx *Context) { | ||||
| var isAdmin bool | |||||
| if ctx.User != nil && ctx.User.IsAdmin { | |||||
| isAdmin = true | |||||
| } | |||||
| var userID int64 | var userID int64 | ||||
| if ctx.User != nil { | if ctx.User != nil { | ||||
| userID = ctx.User.ID | userID = ctx.User.ID | ||||
| } | } | ||||
| err := ctx.Repo.Repository.LoadUnitsByUserID(userID) | |||||
| err := ctx.Repo.Repository.LoadUnitsByUserID(userID, isAdmin) | |||||
| if err != nil { | if err != nil { | ||||
| ctx.Handle(500, "LoadUnitsByUserID", err) | ctx.Handle(500, "LoadUnitsByUserID", err) | ||||
| return | return | ||||
+ 1
- 1
routers/repo/http.go
View File
| @@ -206,7 +206,7 @@ func HTTP(ctx *context.Context) { | |||||
| } | } | ||||
| } | } | ||||
| if !repo.CheckUnitUser(authUser.ID, unitType) { | |||||
| if !repo.CheckUnitUser(authUser.ID, authUser.IsAdmin, unitType) { | |||||
| ctx.HandleText(http.StatusForbidden, fmt.Sprintf("User %s does not have allowed access to repository %s 's code", | ctx.HandleText(http.StatusForbidden, fmt.Sprintf("User %s does not have allowed access to repository %s 's code", | ||||
| authUser.Name, repo.RepoPath())) | authUser.Name, repo.RepoPath())) | ||||
| return | return | ||||