Skip to content

API Endpoints for collaborators #375

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Dec 26, 2016
Merged

API Endpoints for collaborators #375

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions models/repo_collaboration.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,6 +103,15 @@ func (repo *Repository) GetCollaborators() ([]*Collaborator, error) {
return repo.getCollaborators(x)
}

func (repo *Repository) isCollaborator(e Engine, userID int64) (bool, error) {
return e.Get(&Collaboration{RepoID: repo.ID, UserID: userID})
}

// IsCollaborator check if a user is a collaborator of a repository
func (repo *Repository) IsCollaborator(userID int64) (bool, error) {
return repo.isCollaborator(x, userID)
}

// ChangeCollaborationAccessMode sets new access mode for the collaboration.
func (repo *Repository) ChangeCollaborationAccessMode(uid int64, mode AccessMode) error {
// Discard invalid input
Expand Down
7 changes: 6 additions & 1 deletion routers/api/v1/api.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -269,7 +269,12 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Combo("/:id").Patch(bind(api.EditHookOption{}), repo.EditHook).
Delete(repo.DeleteHook)
})
m.Put("/collaborators/:collaborator", bind(api.AddCollaboratorOption{}), repo.AddCollaborator)
m.Group("/collaborators", func() {
m.Get("", repo.ListCollaborators)
m.Combo("/:collaborator").Get(repo.IsCollaborator).
Put(bind(api.AddCollaboratorOption{}), repo.AddCollaborator).
Delete(repo.DeleteCollaborator)
})
m.Get("/raw/*", context.RepoRef(), repo.GetRawFile)
m.Get("/archive/*", repo.GetArchive)
m.Group("/branches", func() {
Expand Down
93 changes: 93 additions & 0 deletions routers/api/v1/repo/collaborators.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,72 @@ import (
"code.gitea.io/gitea/modules/context"
)

// ListCollaborators list a repository's collaborators
func ListCollaborators(ctx *context.APIContext) {
access, err := models.AccessLevel(ctx.User, ctx.Repo.Repository)
if err != nil {
ctx.Error(500, "AccessLevel", err)
return
}
if access < models.AccessModeWrite {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should only be checked for private repos. For public repos anyone can fetch the list of collaborators :)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is always checked in the Github API, even for public repos.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ooh nvm then 😄

ctx.Error(403, "", "User does not have push access")
return
}
collaborators, err := ctx.Repo.Repository.GetCollaborators()
if err != nil {
ctx.Error(500, "ListCollaborators", err)
return
}
users := make([]*api.User, len(collaborators))
for i, collaborator := range collaborators {
users[i] = collaborator.APIFormat()
}
ctx.JSON(200, users)
}

// IsCollaborator check if a user is a collaborator of a repository
func IsCollaborator(ctx *context.APIContext) {
access, err := models.AccessLevel(ctx.User, ctx.Repo.Repository)
if err != nil {
ctx.Error(500, "AccessLevel", err)
return
}
if access < models.AccessModeWrite {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same as above

ctx.Error(403, "", "User does not have push access")
return
}
user, err := models.GetUserByName(ctx.Params(":collaborator"))
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.Error(422, "", err)
} else {
ctx.Error(500, "GetUserByName", err)
}
return
}
isColab, err := ctx.Repo.Repository.IsCollaborator(user.ID)
if err != nil {
ctx.Error(500, "IsCollaborator", err)
return
}
if isColab {
ctx.Status(204)
} else {
ctx.Status(404)
}
}

// AddCollaborator add a collaborator of a repository
func AddCollaborator(ctx *context.APIContext, form api.AddCollaboratorOption) {
access, err := models.AccessLevel(ctx.User, ctx.Repo.Repository)
if err != nil {
ctx.Error(500, "AccessLevel", err)
return
}
if access < models.AccessModeWrite {
ctx.Error(403, "", "User does not have push access")
return
}
collaborator, err := models.GetUserByName(ctx.Params(":collaborator"))
if err != nil {
if models.IsErrUserNotExist(err) {
Expand All @@ -37,3 +101,32 @@ func AddCollaborator(ctx *context.APIContext, form api.AddCollaboratorOption) {

ctx.Status(204)
}

// DeleteCollaborator delete a collaborator from a repository
func DeleteCollaborator(ctx *context.APIContext) {
access, err := models.AccessLevel(ctx.User, ctx.Repo.Repository)
if err != nil {
ctx.Error(500, "AccessLevel", err)
return
}
if access < models.AccessModeWrite {
ctx.Error(403, "", "User does not have push access")
return
}

collaborator, err := models.GetUserByName(ctx.Params(":collaborator"))
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.Error(422, "", err)
} else {
ctx.Error(500, "GetUserByName", err)
}
return
}

if err := ctx.Repo.Repository.DeleteCollaboration(collaborator.ID); err != nil {
ctx.Error(500, "DeleteCollaboration", err)
return
}
ctx.Status(204)
}