Documentation ¶
Index ¶
- func AccessLevel(ctx context.Context, user *user_model.User, repo *repo_model.Repository) (perm_model.AccessMode, error)
- func AccessLevelUnit(ctx context.Context, user *user_model.User, repo *repo_model.Repository, ...) (perm_model.AccessMode, error)
- func CanBeAssigned(ctx context.Context, user *user_model.User, repo *repo_model.Repository, ...) (bool, error)
- func CheckRepoUnitUser(ctx context.Context, repo *repo_model.Repository, user *user_model.User, ...) bool
- func GetRepoReaders(ctx context.Context, repo *repo_model.Repository) (_ []*user_model.User, err error)
- func GetRepoWriters(ctx context.Context, repo *repo_model.Repository) (_ []*user_model.User, err error)
- func HasAccessUnit(ctx context.Context, user *user_model.User, repo *repo_model.Repository, ...) (bool, error)
- func HasAnyUnitAccess(ctx context.Context, userID int64, repo *repo_model.Repository) (bool, error)
- func IsRepoReader(ctx context.Context, repo *repo_model.Repository, userID int64) (bool, error)
- func IsUserRealRepoAdmin(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (bool, error)
- func IsUserRepoAdmin(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (bool, error)
- func RecalculateAccesses(ctx context.Context, repo *repo_model.Repository) error
- func RecalculateTeamAccesses(ctx context.Context, repo *repo_model.Repository, ignTeamID int64) (err error)
- func RecalculateUserAccess(ctx context.Context, repo *repo_model.Repository, uid int64) (err error)
- type Access
- type Permission
- func (p *Permission) CanAccess(mode perm_model.AccessMode, unitType unit.Type) bool
- func (p *Permission) CanAccessAny(mode perm_model.AccessMode, unitTypes ...unit.Type) bool
- func (p *Permission) CanRead(unitType unit.Type) bool
- func (p *Permission) CanReadAny(unitTypes ...unit.Type) bool
- func (p *Permission) CanReadIssuesOrPulls(isPull bool) bool
- func (p *Permission) CanWrite(unitType unit.Type) bool
- func (p *Permission) CanWriteIssuesOrPulls(isPull bool) bool
- func (p *Permission) GetFirstUnitRepoID() int64
- func (p *Permission) HasAnyUnitAccess() bool
- func (p *Permission) HasAnyUnitAccessOrEveryoneAccess() bool
- func (p *Permission) HasUnits() bool
- func (p *Permission) IsAdmin() bool
- func (p *Permission) IsOwner() bool
- func (p *Permission) LogString() string
- func (p *Permission) ReadableUnitTypes() []unit.Type
- func (p *Permission) SetUnitsWithDefaultAccessMode(units []*repo_model.RepoUnit, mode perm_model.AccessMode)
- func (p *Permission) UnitAccessMode(unitType unit.Type) perm_model.AccessMode
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AccessLevel ¶
func AccessLevel(ctx context.Context, user *user_model.User, repo *repo_model.Repository) (perm_model.AccessMode, error)
AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the user does not have access.
func AccessLevelUnit ¶
func AccessLevelUnit(ctx context.Context, user *user_model.User, repo *repo_model.Repository, unitType unit.Type) (perm_model.AccessMode, error)
AccessLevelUnit returns the Access a user has to a repository's. Will return NoneAccess if the user does not have access.
func CanBeAssigned ¶
func CanBeAssigned(ctx context.Context, user *user_model.User, repo *repo_model.Repository, _ bool) (bool, error)
CanBeAssigned return true if user can be assigned to issue or pull requests in repo Currently any write access (code, issues or pr's) is assignable, to match assignee list in user interface.
func CheckRepoUnitUser ¶ added in v1.17.4
func CheckRepoUnitUser(ctx context.Context, repo *repo_model.Repository, user *user_model.User, unitType unit.Type) bool
CheckRepoUnitUser check whether user could visit the unit of this repository
func GetRepoReaders ¶
func GetRepoReaders(ctx context.Context, repo *repo_model.Repository) (_ []*user_model.User, err error)
GetRepoReaders returns all users that have explicit read access or higher to the repository.
func GetRepoWriters ¶
func GetRepoWriters(ctx context.Context, repo *repo_model.Repository) (_ []*user_model.User, err error)
GetRepoWriters returns all users that have write access to the repository.
func HasAccessUnit ¶
func HasAccessUnit(ctx context.Context, user *user_model.User, repo *repo_model.Repository, unitType unit.Type, testMode perm_model.AccessMode) (bool, error)
HasAccessUnit returns true if user has testMode to the unit of the repository
func HasAnyUnitAccess ¶ added in v1.22.0
func HasAnyUnitAccess(ctx context.Context, userID int64, repo *repo_model.Repository) (bool, error)
HasAnyUnitAccess see the comment of "perm.HasAnyUnitAccess"
func IsRepoReader ¶
func IsRepoReader(ctx context.Context, repo *repo_model.Repository, userID int64) (bool, error)
IsRepoReader returns true if user has explicit read access or higher to the repository.
func IsUserRealRepoAdmin ¶
func IsUserRealRepoAdmin(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (bool, error)
IsUserRealRepoAdmin check if this user is real repo admin
func IsUserRepoAdmin ¶
func IsUserRepoAdmin(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (bool, error)
IsUserRepoAdmin return true if user has admin right of a repo
func RecalculateAccesses ¶
func RecalculateAccesses(ctx context.Context, repo *repo_model.Repository) error
RecalculateAccesses recalculates all accesses for repository.
func RecalculateTeamAccesses ¶
func RecalculateTeamAccesses(ctx context.Context, repo *repo_model.Repository, ignTeamID int64) (err error)
RecalculateTeamAccesses recalculates new accesses for teams of an organization except the team whose ID is given. It is used to assign a team ID when remove repository from that team.
func RecalculateUserAccess ¶
func RecalculateUserAccess(ctx context.Context, repo *repo_model.Repository, uid int64) (err error)
RecalculateUserAccess recalculates new access for a single user Usable if we know access only affected one user
Types ¶
type Access ¶
type Access struct { ID int64 `xorm:"pk autoincr"` UserID int64 `xorm:"UNIQUE(s)"` RepoID int64 `xorm:"UNIQUE(s)"` Mode perm.AccessMode }
Access represents the highest access level of a user to the repository. The only access type that is not in this table is the real owner of a repository. In case of an organization repository, the members of the owners team are in this table.
type Permission ¶
type Permission struct { AccessMode perm_model.AccessMode // contains filtered or unexported fields }
Permission contains all the permissions related variables to a repository for a user
func GetUserRepoPermission ¶
func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (perm Permission, err error)
GetUserRepoPermission returns the user permissions to the repository
func (*Permission) CanAccess ¶
func (p *Permission) CanAccess(mode perm_model.AccessMode, unitType unit.Type) bool
CanAccess returns true if user has mode access to the unit of the repository
func (*Permission) CanAccessAny ¶
func (p *Permission) CanAccessAny(mode perm_model.AccessMode, unitTypes ...unit.Type) bool
CanAccessAny returns true if user has mode access to any of the units of the repository
func (*Permission) CanRead ¶
func (p *Permission) CanRead(unitType unit.Type) bool
CanRead returns true if user could read to this unit
func (*Permission) CanReadAny ¶
func (p *Permission) CanReadAny(unitTypes ...unit.Type) bool
CanReadAny returns true if user has read access to any of the units of the repository
func (*Permission) CanReadIssuesOrPulls ¶
func (p *Permission) CanReadIssuesOrPulls(isPull bool) bool
CanReadIssuesOrPulls returns true if isPull is true and user could read pull requests and returns true if isPull is false and user could read to issues
func (*Permission) CanWrite ¶
func (p *Permission) CanWrite(unitType unit.Type) bool
CanWrite returns true if user could write to this unit
func (*Permission) CanWriteIssuesOrPulls ¶
func (p *Permission) CanWriteIssuesOrPulls(isPull bool) bool
CanWriteIssuesOrPulls returns true if isPull is true and user could write to pull requests and returns true if isPull is false and user could write to issues
func (*Permission) GetFirstUnitRepoID ¶ added in v1.22.0
func (p *Permission) GetFirstUnitRepoID() int64
GetFirstUnitRepoID returns the repo ID of the first unit, it is a fragile design and should NOT be used anymore deprecated
func (*Permission) HasAnyUnitAccess ¶ added in v1.22.0
func (p *Permission) HasAnyUnitAccess() bool
HasAnyUnitAccess returns true if the user might have at least one access mode to any unit of this repository. It doesn't count the "everyone access mode".
func (*Permission) HasAnyUnitAccessOrEveryoneAccess ¶ added in v1.22.0
func (p *Permission) HasAnyUnitAccessOrEveryoneAccess() bool
func (*Permission) HasUnits ¶ added in v1.22.0
func (p *Permission) HasUnits() bool
HasUnits returns true if the permission contains attached units
func (*Permission) IsAdmin ¶
func (p *Permission) IsAdmin() bool
IsAdmin returns true if current user has admin or higher access of repository.
func (*Permission) IsOwner ¶
func (p *Permission) IsOwner() bool
IsOwner returns true if current user is the owner of repository.
func (*Permission) LogString ¶ added in v1.20.0
func (p *Permission) LogString() string
func (*Permission) ReadableUnitTypes ¶ added in v1.22.0
func (p *Permission) ReadableUnitTypes() []unit.Type
func (*Permission) SetUnitsWithDefaultAccessMode ¶ added in v1.22.0
func (p *Permission) SetUnitsWithDefaultAccessMode(units []*repo_model.RepoUnit, mode perm_model.AccessMode)
func (*Permission) UnitAccessMode ¶
func (p *Permission) UnitAccessMode(unitType unit.Type) perm_model.AccessMode
UnitAccessMode returns current user access mode to the specify unit of the repository It also considers "everyone access mode"