tangled.org
boltless.me
+7
-2
appview/issues/issues.go
+7
-2
appview/issues/issues.go
···
24
24
"tangled.org/core/appview/oauth"
25
25
"tangled.org/core/appview/pages"
26
26
"tangled.org/core/appview/pages/markup"
27
+
"tangled.org/core/appview/pages/repoinfo"
27
28
"tangled.org/core/appview/pagination"
28
29
"tangled.org/core/appview/reporesolver"
29
30
"tangled.org/core/appview/validator"
30
31
"tangled.org/core/idresolver"
32
+
"tangled.org/core/rbac"
31
33
"tangled.org/core/tid"
32
34
)
33
35
34
36
type Issues struct {
35
37
oauth *oauth.OAuth
36
38
repoResolver *reporesolver.RepoResolver
39
+
enforcer *rbac.Enforcer
37
40
pages *pages.Pages
38
41
idResolver *idresolver.Resolver
39
42
db *db.DB
···
47
50
func New(
48
51
oauth *oauth.OAuth,
49
52
repoResolver *reporesolver.RepoResolver,
53
+
enforcer *rbac.Enforcer,
50
54
pages *pages.Pages,
51
55
idResolver *idresolver.Resolver,
52
56
db *db.DB,
···
59
63
return &Issues{
60
64
oauth: oauth,
61
65
repoResolver: repoResolver,
66
+
enforcer: enforcer,
62
67
pages: pages,
63
68
idResolver: idResolver,
64
69
db: db,
···
285
290
return
286
291
}
287
292
288
-
roles := f.RolesInRepo(user)
293
+
roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
289
294
isRepoOwner := roles.IsOwner()
290
295
isCollaborator := roles.IsCollaborator()
291
296
isIssueOwner := user.Did == issue.Did
···
333
338
return
334
339
}
335
340
336
-
roles := f.RolesInRepo(user)
341
+
roles := repoinfo.RolesInRepo{Roles: rp.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
337
342
isRepoOwner := roles.IsOwner()
338
343
isCollaborator := roles.IsCollaborator()
339
344
isIssueOwner := user.Did == issue.Did
+5
-4
appview/pulls/pulls.go
+5
-4
appview/pulls/pulls.go
···
23
23
"tangled.org/core/appview/oauth"
24
24
"tangled.org/core/appview/pages"
25
25
"tangled.org/core/appview/pages/markup"
26
+
"tangled.org/core/appview/pages/repoinfo"
26
27
"tangled.org/core/appview/reporesolver"
27
28
"tangled.org/core/appview/validator"
28
29
"tangled.org/core/appview/xrpcclient"
···
875
876
}
876
877
877
878
// Determine PR type based on input parameters
878
-
roles := f.RolesInRepo(user)
879
+
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
879
880
isPushAllowed := roles.IsPushAllowed()
880
881
isBranchBased := isPushAllowed && sourceBranch != "" && fromFork == ""
881
882
isForkBased := fromFork != "" && sourceBranch != ""
···
1672
1673
return
1673
1674
}
1674
1675
1675
-
roles := f.RolesInRepo(user)
1676
+
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
1676
1677
if !roles.IsPushAllowed() {
1677
1678
log.Println("unauthorized user")
1678
1679
w.WriteHeader(http.StatusUnauthorized)
···
2259
2260
}
2260
2261
2261
2262
// auth filter: only owner or collaborators can close
2262
-
roles := f.RolesInRepo(user)
2263
+
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
2263
2264
isOwner := roles.IsOwner()
2264
2265
isCollaborator := roles.IsCollaborator()
2265
2266
isPullAuthor := user.Did == pull.OwnerDid
···
2333
2334
}
2334
2335
2335
2336
// auth filter: only owner or collaborators can close
2336
-
roles := f.RolesInRepo(user)
2337
+
roles := repoinfo.RolesInRepo{Roles: s.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())}
2337
2338
isOwner := roles.IsOwner()
2338
2339
isCollaborator := roles.IsCollaborator()
2339
2340
isPullAuthor := user.Did == pull.OwnerDid
+3
-10
appview/reporesolver/resolver.go
+3
-10
appview/reporesolver/resolver.go
···
79
79
func (f *ResolvedRepo) RepoInfo(user *oauth.User) repoinfo.RepoInfo {
80
80
repoAt := f.RepoAt()
81
81
isStarred := false
82
+
roles := repoinfo.RolesInRepo{}
82
83
if user != nil {
83
84
isStarred = db.GetStarStatus(f.rr.execer, user.Did, repoAt)
85
+
roles.Roles = f.rr.enforcer.GetPermissionsInRepo(user.Did, f.Knot, f.DidSlashRepo())
84
86
}
85
87
86
88
stats := f.RepoStats
···
130
132
131
133
// info related to the session
132
134
IsStarred: isStarred,
133
-
Roles: f.RolesInRepo(user),
135
+
Roles: roles,
134
136
}
135
137
136
138
return repoInfo
137
-
}
138
-
139
-
func (f *ResolvedRepo) RolesInRepo(u *oauth.User) repoinfo.RolesInRepo {
140
-
if u != nil {
141
-
r := f.rr.enforcer.GetPermissionsInRepo(u.Did, f.Knot, f.DidSlashRepo())
142
-
return repoinfo.RolesInRepo{Roles: r}
143
-
} else {
144
-
return repoinfo.RolesInRepo{}
145
-
}
146
139
}
147
140
148
141
// extractPathAfterRef gets the actual repository path