db: migrate access table to use GORM (#6371)

author: ᴜɴᴋɴᴡᴏɴ <u@gogs.io> 2020-10-06 15:43:28 +0800
committer: GitHub <noreply@github.com> 2020-10-06 15:43:28 +0800
commit: 2eaf1d693ae08c0312dd1f977f81675f418f3770 (patch)
tree: b42a26180e813918a05a676bd18e13a3a1bb73ec /internal/route
parent: a92d818aa35583594a6b3098f4e1e1f4edec17dd (diff)
4 files changed, 23 insertions, 13 deletions
diff --git a/internal/route/api/v1/api.go b/internal/route/api/v1/api.go
index 993ce8a3..13de45b2 100644
--- a/internal/route/api/v1/api.go
+++ b/internal/route/api/v1/api.go
@@ -45,11 +45,11 @@ func repoAssignment() macaron.Handler {
 		}
 		c.Repo.Owner = owner
 
-		r, err := db.GetRepositoryByName(owner.ID, reponame)
+		repo, err := db.Repos.GetByName(owner.ID, reponame)
 		if err != nil {
 			c.NotFoundOrError(err, "get repository by name")
 			return
-		} else if err = r.GetOwner(); err != nil {
+		} else if err = repo.GetOwner(); err != nil {
 			c.Error(err, "get owner")
 			return
 		}
@@ -57,12 +57,12 @@ func repoAssignment() macaron.Handler {
 		if c.IsTokenAuth && c.User.IsAdmin {
 			c.Repo.AccessMode = db.AccessModeOwner
 		} else {
-			mode, err := db.UserAccessMode(c.UserID(), r)
-			if err != nil {
-				c.Error(err, "get user access mode")
-				return
-			}
-			c.Repo.AccessMode = mode
+			c.Repo.AccessMode = db.Perms.AccessMode(c.UserID(), repo.ID,
+				db.AccessModeOptions{
+					OwnerID: repo.OwnerID,
+					Private: repo.IsPrivate,
+				},
+			)
 		}
 
 		if !c.Repo.HasAccess() {
@@ -70,7 +70,7 @@ func repoAssignment() macaron.Handler {
 			return
 		}
 
-		c.Repo.Repository = r
+		c.Repo.Repository = repo
 	}
 }
 
diff --git a/internal/route/lfs/route.go b/internal/route/lfs/route.go
index 40cb95eb..ff1bd591 100644
--- a/internal/route/lfs/route.go
+++ b/internal/route/lfs/route.go
@@ -131,7 +131,12 @@ func authorize(mode db.AccessMode) macaron.Handler {
 			return
 		}
 
-		if !db.Perms.Authorize(actor.ID, repo, mode) {
+		if !db.Perms.Authorize(actor.ID, repo.ID, mode,
+			db.AccessModeOptions{
+				OwnerID: repo.OwnerID,
+				Private: repo.IsPrivate,
+			},
+		) {
 			c.Status(http.StatusNotFound)
 			return
 		}
diff --git a/internal/route/lfs/route_test.go b/internal/route/lfs/route_test.go
index b6ef1ebc..9571c89d 100644
--- a/internal/route/lfs/route_test.go
+++ b/internal/route/lfs/route_test.go
@@ -209,7 +209,7 @@ func Test_authorize(t *testing.T) {
 				},
 			},
 			mockPermsStore: &db.MockPermsStore{
-				MockAuthorize: func(userID int64, repo *db.Repository, desired db.AccessMode) bool {
+				MockAuthorize: func(userID, repoID int64, desired db.AccessMode, opts db.AccessModeOptions) bool {
 					return desired <= db.AccessModeRead
 				},
 			},
@@ -230,7 +230,7 @@ func Test_authorize(t *testing.T) {
 				},
 			},
 			mockPermsStore: &db.MockPermsStore{
-				MockAuthorize: func(userID int64, repo *db.Repository, desired db.AccessMode) bool {
+				MockAuthorize: func(userID, repoID int64, desired db.AccessMode, opts db.AccessModeOptions) bool {
 					return desired <= db.AccessModeRead
 				},
 			},
diff --git a/internal/route/repo/http.go b/internal/route/repo/http.go
index f4a77a28..e14569f1 100644
--- a/internal/route/repo/http.go
+++ b/internal/route/repo/http.go
@@ -165,7 +165,12 @@ Please create and use personal access token on user settings page`)
 		if isPull {
 			mode = db.AccessModeRead
 		}
-		if !db.Perms.Authorize(authUser.ID, repo, mode) {
+		if !db.Perms.Authorize(authUser.ID, repo.ID, mode,
+			db.AccessModeOptions{
+				OwnerID: repo.OwnerID,
+				Private: repo.IsPrivate,
+			},
+		) {
 			askCredentials(c, http.StatusForbidden, "User permission denied")
 			return
 		}
author	ᴜɴᴋɴᴡᴏɴ <u@gogs.io>	2020-10-06 15:43:28 +0800
committer	GitHub <noreply@github.com>	2020-10-06 15:43:28 +0800
commit	2eaf1d693ae08c0312dd1f977f81675f418f3770 (patch)
tree	b42a26180e813918a05a676bd18e13a3a1bb73ec /internal/route
parent	a92d818aa35583594a6b3098f4e1e1f4edec17dd (diff)