From 22b37af6b0982dbf93fc3afb89d4153c2a29432b Mon Sep 17 00:00:00 2001 From: Anton Bracke Date: Tue, 26 Oct 2021 18:00:13 +0200 Subject: [PATCH 1/5] fix repo access --- server/api/stream.go | 2 +- server/api/user.go | 2 +- server/store/datastore/repos.go | 5 +- server/store/datastore/repos_test.go | 74 ++++++++++++++++++- .../store/datastore/sql/mysql/files/feed.sql | 2 + .../store/datastore/sql/mysql/files/repos.sql | 29 ++++++++ server/store/datastore/sql/mysql/sql_gen.go | 32 ++++++++ .../datastore/sql/postgres/files/feed.sql | 2 + .../datastore/sql/postgres/files/repos.sql | 29 ++++++++ .../store/datastore/sql/postgres/sql_gen.go | 32 ++++++++ .../store/datastore/sql/sqlite/files/feed.sql | 2 + .../datastore/sql/sqlite/files/repos.sql | 29 ++++++++ server/store/datastore/sql/sqlite/sql_gen.go | 32 ++++++++ server/store/datastore/users_test.go | 4 +- server/store/store.go | 4 +- 15 files changed, 270 insertions(+), 10 deletions(-) diff --git a/server/api/stream.go b/server/api/stream.go index 643d000369..6ebaeb45fb 100644 --- a/server/api/stream.go +++ b/server/api/stream.go @@ -60,7 +60,7 @@ func EventStreamSSE(c *gin.Context) { user := session.User(c) repo := map[string]bool{} if user != nil { - repos, _ := store.FromContext(c).RepoList(user) + repos, _ := store.FromContext(c).RepoList(user, false) for _, r := range repos { repo[r.FullName] = true } diff --git a/server/api/user.go b/server/api/user.go index d7c377b46a..df63199a59 100644 --- a/server/api/user.go +++ b/server/api/user.go @@ -107,7 +107,7 @@ func GetRepos(c *gin.Context) { } } - repos, err := store.FromContext(c).RepoList(user) + repos, err := store.FromContext(c).RepoList(user, true) if err != nil { c.String(500, "Error fetching repository list. %s", err) return diff --git a/server/store/datastore/repos.go b/server/store/datastore/repos.go index 10a088d940..7187c89475 100644 --- a/server/store/datastore/repos.go +++ b/server/store/datastore/repos.go @@ -54,8 +54,11 @@ func (db *datastore) DeleteRepo(repo *model.Repo) error { return err } -func (db *datastore) RepoList(user *model.User) ([]*model.Repo, error) { +func (db *datastore) RepoList(user *model.User, canPush bool) ([]*model.Repo, error) { stmt := sql.Lookup(db.driver, "repo-find-user") + if canPush { + stmt = sql.Lookup(db.driver, "repo-find-user-push") + } data := []*model.Repo{} err := meddler.QueryAll(db, &data, stmt, user.ID) return data, err diff --git a/server/store/datastore/repos_test.go b/server/store/datastore/repos_test.go index 8cdccea99e..7bbbfe7c30 100644 --- a/server/store/datastore/repos_test.go +++ b/server/store/datastore/repos_test.go @@ -164,7 +164,75 @@ func TestRepoList(t *testing.T) { {UserID: user.ID, Repo: repo2.FullName}, }) - repos, err := s.RepoList(user) + repos, err := s.RepoList(user, false) + if err != nil { + t.Error(err) + return + } + if got, want := len(repos), 2; got != want { + t.Errorf("Want %d repositories, got %d", want, got) + } + if got, want := repos[0].ID, repo1.ID; got != want { + t.Errorf("Want repository id %d, got %d", want, got) + } + if got, want := repos[1].ID, repo2.ID; got != want { + t.Errorf("Want repository id %d, got %d", want, got) + } +} + +func TestRepoListWithPushAccess(t *testing.T) { + s := newTest() + s.Exec("delete from repos") + s.Exec("delete from users") + s.Exec("delete from perms") + + defer func() { + s.Exec("delete from repos") + s.Exec("delete from users") + s.Exec("delete from perms") + s.Close() + }() + + user := &model.User{ + Login: "joe", + Email: "foo@bar.com", + Token: "e42080dddf012c718e476da161d21ad5", + } + s.CreateUser(user) + + repo1 := &model.Repo{ + Owner: "bradrydzewski", + Name: "test", + FullName: "bradrydzewski/test", + } + repo2 := &model.Repo{ + Owner: "test", + Name: "test", + FullName: "test/test", + } + repo3 := &model.Repo{ + Owner: "octocat", + Name: "hello-world", + FullName: "octocat/hello-world", + } + repo4 := &model.Repo{ + Owner: "demo", + Name: "demo", + FullName: "demo/demo", + } + s.CreateRepo(repo1) + s.CreateRepo(repo2) + s.CreateRepo(repo3) + s.CreateRepo(repo4) + + s.PermBatch([]*model.Perm{ + {UserID: user.ID, Repo: repo1.FullName, Push: true, Admin: false}, + {UserID: user.ID, Repo: repo2.FullName, Push: false, Admin: true}, + {UserID: user.ID, Repo: repo3.FullName}, + {UserID: user.ID, Repo: repo4.FullName}, + }) + + repos, err := s.RepoList(user, true) if err != nil { t.Error(err) return @@ -219,8 +287,8 @@ func TestRepoListLatest(t *testing.T) { s.CreateRepo(repo3) s.PermBatch([]*model.Perm{ - {UserID: user.ID, Repo: repo1.FullName}, - {UserID: user.ID, Repo: repo2.FullName}, + {UserID: user.ID, Repo: repo1.FullName, Push: true, Admin: false}, + {UserID: user.ID, Repo: repo2.FullName, Push: true, Admin: true}, }) build1 := &model.Build{ diff --git a/server/store/datastore/sql/mysql/files/feed.sql b/server/store/datastore/sql/mysql/files/feed.sql index 8710a0a265..d0f003eabb 100644 --- a/server/store/datastore/sql/mysql/files/feed.sql +++ b/server/store/datastore/sql/mysql/files/feed.sql @@ -28,6 +28,7 @@ FROM repos LEFT OUTER JOIN builds ON build_id = ( ) INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) AND repos.repo_active = true ORDER BY repo_full_name ASC; @@ -57,5 +58,6 @@ FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id INNER JOIN builds ON builds.build_repo_id = repos.repo_id WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) ORDER BY build_id DESC LIMIT 50 diff --git a/server/store/datastore/sql/mysql/files/repos.sql b/server/store/datastore/sql/mysql/files/repos.sql index 2609a91ed0..df3027e97d 100644 --- a/server/store/datastore/sql/mysql/files/repos.sql +++ b/server/store/datastore/sql/mysql/files/repos.sql @@ -32,6 +32,35 @@ INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = ? ORDER BY repo_full_name ASC +-- name: repo-find-user-push + +SELECT + repo_id +,repo_user_id +,repo_owner +,repo_name +,repo_full_name +,repo_avatar +,repo_link +,repo_clone +,repo_branch +,repo_timeout +,repo_private +,repo_trusted +,repo_active +,repo_allow_pr +,repo_hash +,repo_scm +,repo_config_path +,repo_gated +,repo_visibility +,repo_counter +FROM repos +INNER JOIN perms ON perms.perm_repo_id = repos.repo_id +WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) +ORDER BY repo_full_name ASC + -- name: repo-insert-ignore INSERT IGNORE INTO repos ( diff --git a/server/store/datastore/sql/mysql/sql_gen.go b/server/store/datastore/sql/mysql/sql_gen.go index be6b354420..58dee8c00b 100644 --- a/server/store/datastore/sql/mysql/sql_gen.go +++ b/server/store/datastore/sql/mysql/sql_gen.go @@ -36,6 +36,7 @@ var index = map[string]string{ "registry-delete": registryDelete, "repo-update-counter": repoUpdateCounter, "repo-find-user": repoFindUser, + "repo-find-user-push": repoFindUserPush, "repo-insert-ignore": repoInsertIgnore, "repo-delete": repoDelete, "secret-find-repo": secretFindRepo, @@ -134,6 +135,7 @@ FROM repos LEFT OUTER JOIN builds ON build_id = ( ) INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) AND repos.repo_active = true ORDER BY repo_full_name ASC; ` @@ -163,6 +165,7 @@ FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id INNER JOIN builds ON builds.build_repo_id = repos.repo_id WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) ORDER BY build_id DESC LIMIT 50 ` @@ -451,6 +454,35 @@ WHERE perms.perm_user_id = ? ORDER BY repo_full_name ASC ` +var repoFindUserPush = ` +SELECT + repo_id +,repo_user_id +,repo_owner +,repo_name +,repo_full_name +,repo_avatar +,repo_link +,repo_clone +,repo_branch +,repo_timeout +,repo_private +,repo_trusted +,repo_active +,repo_allow_pr +,repo_hash +,repo_scm +,repo_config_path +,repo_gated +,repo_visibility +,repo_counter +FROM repos +INNER JOIN perms ON perms.perm_repo_id = repos.repo_id +WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) +ORDER BY repo_full_name ASC +` + var repoInsertIgnore = ` INSERT IGNORE INTO repos ( repo_user_id diff --git a/server/store/datastore/sql/postgres/files/feed.sql b/server/store/datastore/sql/postgres/files/feed.sql index 8c4de5848c..c36d3ac7a9 100644 --- a/server/store/datastore/sql/postgres/files/feed.sql +++ b/server/store/datastore/sql/postgres/files/feed.sql @@ -26,6 +26,7 @@ FROM repos LEFT OUTER JOIN ( ) b ON b.build_repo_id = repos.repo_id INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 + AND (perms.perm_push = 1 OR perms.perm_admin = 1) AND repos.repo_active = TRUE ORDER BY repo_full_name ASC; @@ -55,5 +56,6 @@ FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id INNER JOIN builds ON builds.build_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 + AND (perms.perm_push = 1 OR perms.perm_admin = 1) ORDER BY build_id DESC LIMIT 50 diff --git a/server/store/datastore/sql/postgres/files/repos.sql b/server/store/datastore/sql/postgres/files/repos.sql index 09199ed507..369c71f2bc 100644 --- a/server/store/datastore/sql/postgres/files/repos.sql +++ b/server/store/datastore/sql/postgres/files/repos.sql @@ -32,6 +32,35 @@ INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 ORDER BY repo_full_name ASC +-- name: repo-find-user-push + +SELECT + repo_id +,repo_user_id +,repo_owner +,repo_name +,repo_full_name +,repo_avatar +,repo_link +,repo_clone +,repo_branch +,repo_timeout +,repo_private +,repo_trusted +,repo_active +,repo_allow_pr +,repo_hash +,repo_scm +,repo_config_path +,repo_gated +,repo_visibility +,repo_counter +FROM repos +INNER JOIN perms ON perms.perm_repo_id = repos.repo_id +WHERE perms.perm_user_id = $1 + AND (perms.perm_push = 1 OR perms.perm_admin = 1) +ORDER BY repo_full_name ASC + -- name: repo-insert-ignore INSERT INTO repos ( diff --git a/server/store/datastore/sql/postgres/sql_gen.go b/server/store/datastore/sql/postgres/sql_gen.go index 8a47f81458..317ef05f88 100644 --- a/server/store/datastore/sql/postgres/sql_gen.go +++ b/server/store/datastore/sql/postgres/sql_gen.go @@ -36,6 +36,7 @@ var index = map[string]string{ "registry-delete": registryDelete, "repo-update-counter": repoUpdateCounter, "repo-find-user": repoFindUser, + "repo-find-user-push": repoFindUserPush, "repo-insert-ignore": repoInsertIgnore, "repo-delete": repoDelete, "secret-find-repo": secretFindRepo, @@ -132,6 +133,7 @@ FROM repos LEFT OUTER JOIN ( ) b ON b.build_repo_id = repos.repo_id INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 + AND (perms.perm_push = 1 OR perms.perm_admin = 1) AND repos.repo_active = TRUE ORDER BY repo_full_name ASC; ` @@ -161,6 +163,7 @@ FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id INNER JOIN builds ON builds.build_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 + AND (perms.perm_push = 1 OR perms.perm_admin = 1) ORDER BY build_id DESC LIMIT 50 ` @@ -454,6 +457,35 @@ WHERE perms.perm_user_id = $1 ORDER BY repo_full_name ASC ` +var repoFindUserPush = ` +SELECT + repo_id +,repo_user_id +,repo_owner +,repo_name +,repo_full_name +,repo_avatar +,repo_link +,repo_clone +,repo_branch +,repo_timeout +,repo_private +,repo_trusted +,repo_active +,repo_allow_pr +,repo_hash +,repo_scm +,repo_config_path +,repo_gated +,repo_visibility +,repo_counter +FROM repos +INNER JOIN perms ON perms.perm_repo_id = repos.repo_id +WHERE perms.perm_user_id = $1 + AND (perms.perm_push = 1 OR perms.perm_admin = 1) +ORDER BY repo_full_name ASC +` + var repoInsertIgnore = ` INSERT INTO repos ( repo_user_id diff --git a/server/store/datastore/sql/sqlite/files/feed.sql b/server/store/datastore/sql/sqlite/files/feed.sql index b04d374c0d..1e967f3e01 100644 --- a/server/store/datastore/sql/sqlite/files/feed.sql +++ b/server/store/datastore/sql/sqlite/files/feed.sql @@ -28,6 +28,7 @@ FROM repos LEFT OUTER JOIN builds ON build_id = ( ) INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) AND repos.repo_active = 1 ORDER BY repo_full_name ASC; @@ -57,5 +58,6 @@ FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id INNER JOIN builds ON builds.build_repo_id = repos.repo_id WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) ORDER BY build_id DESC LIMIT 50 diff --git a/server/store/datastore/sql/sqlite/files/repos.sql b/server/store/datastore/sql/sqlite/files/repos.sql index cf8db973a3..fd31361593 100644 --- a/server/store/datastore/sql/sqlite/files/repos.sql +++ b/server/store/datastore/sql/sqlite/files/repos.sql @@ -32,6 +32,35 @@ INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = ? ORDER BY repo_full_name ASC +-- name: repo-find-user-push + +SELECT + repo_id +,repo_user_id +,repo_owner +,repo_name +,repo_full_name +,repo_avatar +,repo_link +,repo_clone +,repo_branch +,repo_timeout +,repo_private +,repo_trusted +,repo_active +,repo_allow_pr +,repo_hash +,repo_scm +,repo_config_path +,repo_gated +,repo_visibility +,repo_counter +FROM repos +INNER JOIN perms ON perms.perm_repo_id = repos.repo_id +WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) +ORDER BY repo_full_name ASC + -- name: repo-insert-ignore INSERT OR IGNORE INTO repos ( diff --git a/server/store/datastore/sql/sqlite/sql_gen.go b/server/store/datastore/sql/sqlite/sql_gen.go index d3d092ae77..8053b854a9 100644 --- a/server/store/datastore/sql/sqlite/sql_gen.go +++ b/server/store/datastore/sql/sqlite/sql_gen.go @@ -36,6 +36,7 @@ var index = map[string]string{ "registry-delete": registryDelete, "repo-update-counter": repoUpdateCounter, "repo-find-user": repoFindUser, + "repo-find-user-push": repoFindUserPush, "repo-insert-ignore": repoInsertIgnore, "repo-delete": repoDelete, "secret-find-repo": secretFindRepo, @@ -134,6 +135,7 @@ FROM repos LEFT OUTER JOIN builds ON build_id = ( ) INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) AND repos.repo_active = 1 ORDER BY repo_full_name ASC; ` @@ -163,6 +165,7 @@ FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id INNER JOIN builds ON builds.build_repo_id = repos.repo_id WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) ORDER BY build_id DESC LIMIT 50 ` @@ -451,6 +454,35 @@ WHERE perms.perm_user_id = ? ORDER BY repo_full_name ASC ` +var repoFindUserPush = ` +SELECT + repo_id +,repo_user_id +,repo_owner +,repo_name +,repo_full_name +,repo_avatar +,repo_link +,repo_clone +,repo_branch +,repo_timeout +,repo_private +,repo_trusted +,repo_active +,repo_allow_pr +,repo_hash +,repo_scm +,repo_config_path +,repo_gated +,repo_visibility +,repo_counter +FROM repos +INNER JOIN perms ON perms.perm_repo_id = repos.repo_id +WHERE perms.perm_user_id = ? + AND (perms.perm_push = 1 OR perms.perm_admin = 1) +ORDER BY repo_full_name ASC +` + var repoInsertIgnore = ` INSERT OR IGNORE INTO repos ( repo_user_id diff --git a/server/store/datastore/users_test.go b/server/store/datastore/users_test.go index 6f24b4351d..8054726c34 100644 --- a/server/store/datastore/users_test.go +++ b/server/store/datastore/users_test.go @@ -211,8 +211,8 @@ func TestUsers(t *testing.T) { s.CreateRepo(repo3) s.PermBatch([]*model.Perm{ - {UserID: user.ID, Repo: repo1.FullName}, - {UserID: user.ID, Repo: repo2.FullName}, + {UserID: user.ID, Repo: repo1.FullName, Push: true, Admin: false}, + {UserID: user.ID, Repo: repo2.FullName, Push: false, Admin: true}, }) build1 := &model.Build{ diff --git a/server/store/store.go b/server/store/store.go index d834b3561f..67efc2c801 100644 --- a/server/store/store.go +++ b/server/store/store.go @@ -100,8 +100,8 @@ type Store interface { UserFeed(*model.User) ([]*model.Feed, error) - RepoList(*model.User) ([]*model.Repo, error) - RepoListLatest(*model.User) ([]*model.Feed, error) + RepoList(user *model.User, canPush bool) ([]*model.Repo, error) + RepoListLatest(user *model.User) ([]*model.Feed, error) RepoBatch([]*model.Repo) error PermFind(user *model.User, repo *model.Repo) (*model.Perm, error) From 4a0fdb5585080e68a78f9aac7b34707d0157c156 Mon Sep 17 00:00:00 2001 From: Anton Bracke Date: Tue, 26 Oct 2021 18:04:29 +0200 Subject: [PATCH 2/5] change option name to owned --- server/store/datastore/repos.go | 6 +++--- server/store/datastore/repos_test.go | 2 +- server/store/datastore/sql/mysql/files/repos.sql | 2 +- server/store/datastore/sql/mysql/sql_gen.go | 4 ++-- server/store/datastore/sql/postgres/files/repos.sql | 2 +- server/store/datastore/sql/postgres/sql_gen.go | 4 ++-- server/store/datastore/sql/sqlite/files/repos.sql | 2 +- server/store/datastore/sql/sqlite/sql_gen.go | 4 ++-- server/store/store.go | 2 +- 9 files changed, 14 insertions(+), 14 deletions(-) diff --git a/server/store/datastore/repos.go b/server/store/datastore/repos.go index 7187c89475..94cb230897 100644 --- a/server/store/datastore/repos.go +++ b/server/store/datastore/repos.go @@ -54,10 +54,10 @@ func (db *datastore) DeleteRepo(repo *model.Repo) error { return err } -func (db *datastore) RepoList(user *model.User, canPush bool) ([]*model.Repo, error) { +func (db *datastore) RepoList(user *model.User, owned bool) ([]*model.Repo, error) { stmt := sql.Lookup(db.driver, "repo-find-user") - if canPush { - stmt = sql.Lookup(db.driver, "repo-find-user-push") + if owned { + stmt = sql.Lookup(db.driver, "repo-find-user-owned") } data := []*model.Repo{} err := meddler.QueryAll(db, &data, stmt, user.ID) diff --git a/server/store/datastore/repos_test.go b/server/store/datastore/repos_test.go index 7bbbfe7c30..22f91245f5 100644 --- a/server/store/datastore/repos_test.go +++ b/server/store/datastore/repos_test.go @@ -180,7 +180,7 @@ func TestRepoList(t *testing.T) { } } -func TestRepoListWithPushAccess(t *testing.T) { +func TestOwnedRepoList(t *testing.T) { s := newTest() s.Exec("delete from repos") s.Exec("delete from users") diff --git a/server/store/datastore/sql/mysql/files/repos.sql b/server/store/datastore/sql/mysql/files/repos.sql index df3027e97d..9c141643b0 100644 --- a/server/store/datastore/sql/mysql/files/repos.sql +++ b/server/store/datastore/sql/mysql/files/repos.sql @@ -32,7 +32,7 @@ INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = ? ORDER BY repo_full_name ASC --- name: repo-find-user-push +-- name: repo-find-user-owned SELECT repo_id diff --git a/server/store/datastore/sql/mysql/sql_gen.go b/server/store/datastore/sql/mysql/sql_gen.go index 58dee8c00b..4227ee29d4 100644 --- a/server/store/datastore/sql/mysql/sql_gen.go +++ b/server/store/datastore/sql/mysql/sql_gen.go @@ -36,7 +36,7 @@ var index = map[string]string{ "registry-delete": registryDelete, "repo-update-counter": repoUpdateCounter, "repo-find-user": repoFindUser, - "repo-find-user-push": repoFindUserPush, + "repo-find-user-owned": repoFindUserOwned, "repo-insert-ignore": repoInsertIgnore, "repo-delete": repoDelete, "secret-find-repo": secretFindRepo, @@ -454,7 +454,7 @@ WHERE perms.perm_user_id = ? ORDER BY repo_full_name ASC ` -var repoFindUserPush = ` +var repoFindUserOwned = ` SELECT repo_id ,repo_user_id diff --git a/server/store/datastore/sql/postgres/files/repos.sql b/server/store/datastore/sql/postgres/files/repos.sql index 369c71f2bc..88eb50f461 100644 --- a/server/store/datastore/sql/postgres/files/repos.sql +++ b/server/store/datastore/sql/postgres/files/repos.sql @@ -32,7 +32,7 @@ INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 ORDER BY repo_full_name ASC --- name: repo-find-user-push +-- name: repo-find-user-owned SELECT repo_id diff --git a/server/store/datastore/sql/postgres/sql_gen.go b/server/store/datastore/sql/postgres/sql_gen.go index 317ef05f88..4bf4e0ad34 100644 --- a/server/store/datastore/sql/postgres/sql_gen.go +++ b/server/store/datastore/sql/postgres/sql_gen.go @@ -36,7 +36,7 @@ var index = map[string]string{ "registry-delete": registryDelete, "repo-update-counter": repoUpdateCounter, "repo-find-user": repoFindUser, - "repo-find-user-push": repoFindUserPush, + "repo-find-user-owned": repoFindUserOwned, "repo-insert-ignore": repoInsertIgnore, "repo-delete": repoDelete, "secret-find-repo": secretFindRepo, @@ -457,7 +457,7 @@ WHERE perms.perm_user_id = $1 ORDER BY repo_full_name ASC ` -var repoFindUserPush = ` +var repoFindUserOwned = ` SELECT repo_id ,repo_user_id diff --git a/server/store/datastore/sql/sqlite/files/repos.sql b/server/store/datastore/sql/sqlite/files/repos.sql index fd31361593..8c3cb86c0a 100644 --- a/server/store/datastore/sql/sqlite/files/repos.sql +++ b/server/store/datastore/sql/sqlite/files/repos.sql @@ -32,7 +32,7 @@ INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = ? ORDER BY repo_full_name ASC --- name: repo-find-user-push +-- name: repo-find-user-owned SELECT repo_id diff --git a/server/store/datastore/sql/sqlite/sql_gen.go b/server/store/datastore/sql/sqlite/sql_gen.go index 8053b854a9..3372cee808 100644 --- a/server/store/datastore/sql/sqlite/sql_gen.go +++ b/server/store/datastore/sql/sqlite/sql_gen.go @@ -36,7 +36,7 @@ var index = map[string]string{ "registry-delete": registryDelete, "repo-update-counter": repoUpdateCounter, "repo-find-user": repoFindUser, - "repo-find-user-push": repoFindUserPush, + "repo-find-user-owned": repoFindUserOwned, "repo-insert-ignore": repoInsertIgnore, "repo-delete": repoDelete, "secret-find-repo": secretFindRepo, @@ -454,7 +454,7 @@ WHERE perms.perm_user_id = ? ORDER BY repo_full_name ASC ` -var repoFindUserPush = ` +var repoFindUserOwned = ` SELECT repo_id ,repo_user_id diff --git a/server/store/store.go b/server/store/store.go index 67efc2c801..598980891c 100644 --- a/server/store/store.go +++ b/server/store/store.go @@ -100,7 +100,7 @@ type Store interface { UserFeed(*model.User) ([]*model.Feed, error) - RepoList(user *model.User, canPush bool) ([]*model.Repo, error) + RepoList(user *model.User, owned bool) ([]*model.Repo, error) RepoListLatest(user *model.User) ([]*model.Feed, error) RepoBatch([]*model.Repo) error From 9562664754436951eefe59988b6954d5435314fd Mon Sep 17 00:00:00 2001 From: Anton Bracke Date: Tue, 26 Oct 2021 18:18:27 +0200 Subject: [PATCH 3/5] fix pg boolean where --- server/store/datastore/sql/postgres/files/feed.sql | 4 ++-- server/store/datastore/sql/postgres/files/repos.sql | 2 +- server/store/datastore/sql/postgres/sql_gen.go | 6 +++--- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/server/store/datastore/sql/postgres/files/feed.sql b/server/store/datastore/sql/postgres/files/feed.sql index c36d3ac7a9..9416781442 100644 --- a/server/store/datastore/sql/postgres/files/feed.sql +++ b/server/store/datastore/sql/postgres/files/feed.sql @@ -26,7 +26,7 @@ FROM repos LEFT OUTER JOIN ( ) b ON b.build_repo_id = repos.repo_id INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 - AND (perms.perm_push = 1 OR perms.perm_admin = 1) + AND (perms.perm_push = true OR perms.perm_admin = true) AND repos.repo_active = TRUE ORDER BY repo_full_name ASC; @@ -56,6 +56,6 @@ FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id INNER JOIN builds ON builds.build_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 - AND (perms.perm_push = 1 OR perms.perm_admin = 1) + AND (perms.perm_push = true OR perms.perm_admin = true) ORDER BY build_id DESC LIMIT 50 diff --git a/server/store/datastore/sql/postgres/files/repos.sql b/server/store/datastore/sql/postgres/files/repos.sql index 88eb50f461..6e8c6aedfc 100644 --- a/server/store/datastore/sql/postgres/files/repos.sql +++ b/server/store/datastore/sql/postgres/files/repos.sql @@ -58,7 +58,7 @@ SELECT FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 - AND (perms.perm_push = 1 OR perms.perm_admin = 1) + AND (perms.perm_push = true OR perms.perm_admin = true) ORDER BY repo_full_name ASC -- name: repo-insert-ignore diff --git a/server/store/datastore/sql/postgres/sql_gen.go b/server/store/datastore/sql/postgres/sql_gen.go index 4bf4e0ad34..3803b818e8 100644 --- a/server/store/datastore/sql/postgres/sql_gen.go +++ b/server/store/datastore/sql/postgres/sql_gen.go @@ -133,7 +133,7 @@ FROM repos LEFT OUTER JOIN ( ) b ON b.build_repo_id = repos.repo_id INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 - AND (perms.perm_push = 1 OR perms.perm_admin = 1) + AND (perms.perm_push = true OR perms.perm_admin = true) AND repos.repo_active = TRUE ORDER BY repo_full_name ASC; ` @@ -163,7 +163,7 @@ FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id INNER JOIN builds ON builds.build_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 - AND (perms.perm_push = 1 OR perms.perm_admin = 1) + AND (perms.perm_push = true OR perms.perm_admin = true) ORDER BY build_id DESC LIMIT 50 ` @@ -482,7 +482,7 @@ SELECT FROM repos INNER JOIN perms ON perms.perm_repo_id = repos.repo_id WHERE perms.perm_user_id = $1 - AND (perms.perm_push = 1 OR perms.perm_admin = 1) + AND (perms.perm_push = true OR perms.perm_admin = true) ORDER BY repo_full_name ASC ` From 1140a34cd6855532d977a956ca11a070d7d26b45 Mon Sep 17 00:00:00 2001 From: Anton Bracke Date: Tue, 26 Oct 2021 18:56:37 +0200 Subject: [PATCH 4/5] fix repo list --- server/api/user.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/server/api/user.go b/server/api/user.go index df63199a59..5108cfcc0c 100644 --- a/server/api/user.go +++ b/server/api/user.go @@ -107,7 +107,8 @@ func GetRepos(c *gin.Context) { } } - repos, err := store.FromContext(c).RepoList(user, true) + owned := c.Query("all") == "" || c.Query("all") == "0" + repos, err := store.FromContext(c).RepoList(user, owned) if err != nil { c.String(500, "Error fetching repository list. %s", err) return From 64d28aeaa5261338f0cc42c460edfaa1bf62e8df Mon Sep 17 00:00:00 2001 From: Anton Bracke Date: Tue, 26 Oct 2021 19:46:22 +0200 Subject: [PATCH 5/5] fix permission syncing --- server/api/user.go | 3 +-- server/shared/userSyncer.go | 7 ++++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/server/api/user.go b/server/api/user.go index 5108cfcc0c..df63199a59 100644 --- a/server/api/user.go +++ b/server/api/user.go @@ -107,8 +107,7 @@ func GetRepos(c *gin.Context) { } } - owned := c.Query("all") == "" || c.Query("all") == "0" - repos, err := store.FromContext(c).RepoList(user, owned) + repos, err := store.FromContext(c).RepoList(user, true) if err != nil { c.String(500, "Error fetching repository list. %s", err) return diff --git a/server/shared/userSyncer.go b/server/shared/userSyncer.go index fdfe6f8bbd..a46bdde6f8 100644 --- a/server/shared/userSyncer.go +++ b/server/shared/userSyncer.go @@ -82,9 +82,10 @@ func (s *Syncer) Sync(ctx context.Context, user *model.User) error { Pull: true, Synced: unix, } - if repo.Perm != nil { - perm.Push = repo.Perm.Push - perm.Admin = repo.Perm.Admin + remotePerm, err := s.Remote.Perm(ctx, user, repo.Owner, repo.Name) + if err == nil && remotePerm != nil { + perm.Push = remotePerm.Push + perm.Admin = remotePerm.Admin } perms = append(perms, &perm) }