Allow repo admins too to delete the repo (#23940)
Fixes https://github.com/go-gitea/gitea/issues/23934 We need to check `AccessModeAdmin` in `CanUserDelete` instead of `AccessModeOwner`
This commit is contained in:
parent
36c0840cf1
commit
26a0cd7143
|
@ -100,6 +100,11 @@ func (org *Organization) IsOwnedBy(uid int64) (bool, error) {
|
||||||
return IsOrganizationOwner(db.DefaultContext, org.ID, uid)
|
return IsOrganizationOwner(db.DefaultContext, org.ID, uid)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// IsOrgAdmin returns true if given user is in the owner team or an admin team.
|
||||||
|
func (org *Organization) IsOrgAdmin(uid int64) (bool, error) {
|
||||||
|
return IsOrganizationAdmin(db.DefaultContext, org.ID, uid)
|
||||||
|
}
|
||||||
|
|
||||||
// IsOrgMember returns true if given user is member of organization.
|
// IsOrgMember returns true if given user is member of organization.
|
||||||
func (org *Organization) IsOrgMember(uid int64) (bool, error) {
|
func (org *Organization) IsOrgMember(uid int64) (bool, error) {
|
||||||
return IsOrganizationMember(db.DefaultContext, org.ID, uid)
|
return IsOrganizationMember(db.DefaultContext, org.ID, uid)
|
||||||
|
|
|
@ -8,6 +8,7 @@ import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
|
||||||
"code.gitea.io/gitea/models/db"
|
"code.gitea.io/gitea/models/db"
|
||||||
|
"code.gitea.io/gitea/models/perm"
|
||||||
user_model "code.gitea.io/gitea/models/user"
|
user_model "code.gitea.io/gitea/models/user"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
|
|
||||||
|
@ -53,6 +54,20 @@ func IsOrganizationOwner(ctx context.Context, orgID, uid int64) (bool, error) {
|
||||||
return IsTeamMember(ctx, orgID, ownerTeam.ID, uid)
|
return IsTeamMember(ctx, orgID, ownerTeam.ID, uid)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// IsOrganizationAdmin returns true if given user is in the owner team or an admin team.
|
||||||
|
func IsOrganizationAdmin(ctx context.Context, orgID, uid int64) (bool, error) {
|
||||||
|
teams, err := GetUserOrgTeams(ctx, orgID, uid)
|
||||||
|
if err != nil {
|
||||||
|
return false, err
|
||||||
|
}
|
||||||
|
for _, t := range teams {
|
||||||
|
if t.AccessMode >= perm.AccessModeAdmin {
|
||||||
|
return true, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false, nil
|
||||||
|
}
|
||||||
|
|
||||||
// IsOrganizationMember returns true if given user is member of organization.
|
// IsOrganizationMember returns true if given user is member of organization.
|
||||||
func IsOrganizationMember(ctx context.Context, orgID, uid int64) (bool, error) {
|
func IsOrganizationMember(ctx context.Context, orgID, uid int64) (bool, error) {
|
||||||
return db.GetEngine(ctx).
|
return db.GetEngine(ctx).
|
||||||
|
|
|
@ -21,11 +21,11 @@ func CanUserDelete(repo *repo_model.Repository, user *user_model.User) (bool, er
|
||||||
}
|
}
|
||||||
|
|
||||||
if repo.Owner.IsOrganization() {
|
if repo.Owner.IsOrganization() {
|
||||||
isOwner, err := organization.OrgFromUser(repo.Owner).IsOwnedBy(user.ID)
|
isAdmin, err := organization.OrgFromUser(repo.Owner).IsOrgAdmin(user.ID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
return isOwner, nil
|
return isAdmin, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
return false, nil
|
return false, nil
|
||||||
|
|
Loading…
Reference in a new issue