💾 Archived View for gemini.rmf-dev.com › repo › Vaati › Gemigit › files › afd958219556dd851796cd6cb6… captured on 2023-09-08 at 16:26:59. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2023-05-24)
-=-=-=-=-=-=-
0 package db
1
2 import (
3 "errors"
4 "log"
5 )
6
7 const accessNone = 0
8 const accessRead = 1
9 const accessReadWrite = 2
10 const accessDefault = 1
11 const accessMax = 2
12
13 func GetUserGroupAccess(repo Repo, user User) (int, error) {
14 rows, err := db.Query("SELECT a.privilege FROM access a " +
15 "INNER JOIN member m ON a.groupID = m.groupID " +
16 "WHERE a.repoID = ? AND m.userID = ?",
17 repo.ID, user.ID)
18 if err != nil {
19 return -1, err
20 }
21 defer rows.Close()
22 privilege := -1
23 for rows.Next() {
24 var p int
25 err = rows.Scan(&p)
26 if err != nil {
27 return -1, err
28 }
29 if p > privilege {
30 privilege = p
31 }
32 }
33 return privilege, nil
34 }
35
36 func GetUserAccess(repo Repo, user User) (int, error) {
37 if user.ID == repo.UserID {
38 return accessMax, nil
39 }
40 rows, err := db.Query("SELECT privilege FROM access " +
41 "WHERE repoID = ? AND userID = ? ",
42 repo.ID, user.ID)
43 if err != nil {
44 return -1, err
45 }
46 defer rows.Close()
47 if !rows.Next() {
48 return accessNone, nil
49 }
50 var privilege int
51 err = rows.Scan(&privilege)
52 if err != nil {
53 return -1, err
54 }
55 return privilege, nil
56 }
57
58 func GetAccess(user User, repo Repo) (int, error) {
59 privilege, err := GetUserGroupAccess(repo, user)
60 if err != nil {
61 return -1, err
62 }
63 if privilege == accessMax {
64 return accessMax, nil
65 }
66 p, err := GetUserAccess(repo, user)
67 if err != nil {
68 return -1, err
69 }
70 if p < privilege {
71 return privilege, nil
72 }
73 return p, nil
74 }
75
76 func (u User) SetUserAccess(repo Repo, userID int, privilege int) (error) {
77 if repo.UserID != u.ID {
78 return errors.New(
79 "only the repository owner can manage access")
80 }
81 if u.ID == userID {
82 return errors.New(
83 "the repository owner access cannot be changed")
84 }
85 _, err := db.Exec("UPDATE access SET privilege = ? " +
86 "WHERE repoID = ? AND userID = ?",
87 privilege, repo.ID, userID)
88 return err
89 }
90
91 func GetRepoUserAccess(repoID int) ([]Access, error) {
92 rows, err := db.Query("SELECT a.repoID, a.userID, b.name, " +
93 "a.privilege FROM access a " +
94 "INNER JOIN user b ON a.userID = b.userID " +
95 "WHERE a.repoID = ?", repoID)
96 if err != nil {
97 log.Println(err.Error())
98 return nil, err
99 }
100 defer rows.Close()
101 var access []Access
102 for rows.Next() {
103 var a = Access{}
104 err = rows.Scan(&a.RepoID, &a.UserID, &a.Name, &a.Privilege)
105 if err != nil {
106 return nil, err
107 }
108 access = append(access, a)
109 }
110 return access, nil
111 }
112
113 func GetRepoGroupAccess(repoID int) ([]Access, error) {
114 rows, err := db.Query("SELECT a.repoID, a.groupID, b.name, " +
115 "a.privilege FROM access a " +
116 "INNER JOIN groups b ON a.groupID = b.groupID " +
117 "WHERE a.repoID = ?", repoID)
118 if err != nil {
119 log.Println(err.Error())
120 return nil, err
121 }
122 defer rows.Close()
123 var access []Access
124 for rows.Next() {
125 var a = Access{}
126 err = rows.Scan(&a.RepoID, &a.GroupID, &a.Name, &a.Privilege)
127 if err != nil {
128 return nil, err
129 }
130 access = append(access, a)
131 }
132 return access, nil
133 }
134
135 func (u User) HasReadAccessTo() ([]Repo, error) {
136 rows, err := db.Query("SELECT r.repoID, r.userID, r.name, " +
137 "r.creation, r.public, r.description, u.Name " +
138 "FROM access a " +
139 "INNER JOIN member m ON a.groupID = m.groupID " +
140 "INNER JOIN repo r ON a.repoID = r.repoID " +
141 "INNER JOIN user u ON r.userID = u.userID " +
142 "WHERE m.userID = ? AND a.privilege > 0 " +
143 "AND ? <> r.userID " +
144 "UNION " +
145 "SELECT r.repoID, r.userID, r.name, " +
146 "r.creation, r.public, r.description, u.Name " +
147 "FROM access a " +
148 "INNER JOIN repo r ON a.repoID = r.repoID " +
149 "INNER JOIN user u ON r.userID = u.userID " +
150 "WHERE a.userID = ? AND a.privilege > 0 " +
151 "AND ? <> r.userID",
152 u.ID, u.ID, u.ID, u.ID)
153 if err != nil {
154 return nil, err
155 }
156 defer rows.Close()
157 repos := []Repo{}
158 for rows.Next() {
159 var r Repo
160 err = rows.Scan(&r.ID, &r.UserID, &r.Name, &r.Date,
161 &r.IsPublic, &r.Description, &r.Username)
162 if err != nil {
163 return nil, err
164 }
165 repos = append(repos, r)
166 }
167 return repos, nil
168 }
169
170 func GetGroupAccess(repo Repo, groupID int) (int, error) {
171 rows, err := db.Query("SELECT privilege FROM access " +
172 "WHERE repoID = ? AND groupID = ? ",
173 repo.ID, groupID)
174 if err != nil {
175 return -1, err
176 }
177 defer rows.Close()
178 if !rows.Next() {
179 return -1, errors.New("The group is not a contributor")
180 }
181 var privilege int
182 err = rows.Scan(&privilege)
183 if err != nil {
184 return -1, err
185 }
186 return privilege, nil
187 }
188
189 func (u User) SetGroupAccess(repo Repo, groupID int, privilege int) (error) {
190 if repo.UserID != u.ID {
191 return errors.New(
192 "only the repository owner can manage access")
193 }
194 _, err := db.Exec("UPDATE access SET privilege = ? " +
195 "WHERE repoID = ? AND groupID = ?",
196 privilege, repo.ID, groupID)
197 return err
198 }
199
200 func (u User) RemoveGroupAccess(repo Repo, groupID int) error {
201
202 if repo.UserID != u.ID {
203 return errors.New(
204 "Only the repository owner can revoke access")
205 }
206
207 statement, err := db.Exec("DELETE FROM access " +
208 "WHERE groupID = ? AND repoID = ?",
209 groupID, repo.ID)
210 if err != nil {
211 return err
212 }
213 rows, err := statement.RowsAffected()
214 if err != nil {
215 return err
216 }
217 if rows < 1 {
218 return errors.New("The group is not a contributor")
219 }
220 return nil
221
222 }
223
224 func (u *User) AddUserAccess(repo Repo, user string) error {
225
226 if repo.UserID != u.ID {
227 return errors.New(
228 "Only the repository owner can add members")
229 }
230
231 userID, err := GetUserID(user)
232 if err != nil {
233 return err
234 }
235
236 if userID == u.ID {
237 return errors.New(
238 "The repository owner already has maximum privilege")
239 }
240
241 rows, err := db.Query("SELECT privilege FROM access " +
242 "WHERE repoID = ? AND userID = ? ",
243 repo.ID, userID)
244 if err != nil {
245 return err
246 }
247 defer rows.Close()
248 if rows.Next() {
249 return errors.New("The user already has access")
250 }
251
252 _, err = db.Exec("INSERT INTO access (repoID, userID, privilege) " +
253 "VALUES(?, ?, 1)", repo.ID, userID)
254 if err != nil {
255 log.Println(err.Error())
256 }
257 return err
258 }
259
260 func (u *User) AddGroupAccess(repo Repo, group string) error {
261
262 if repo.UserID != u.ID {
263 return errors.New(
264 "Only the repository owner can add groups")
265 }
266
267 groupID, err := GetGroupID(group)
268 if err != nil {
269 return err
270 }
271
272 rows, err := db.Query("SELECT privilege FROM access " +
273 "WHERE repoID = ? AND groupID = ? ",
274 repo.ID, groupID)
275 if err != nil {
276 return err
277 }
278 defer rows.Close()
279 if rows.Next() {
280 return errors.New("The group already has access")
281 }
282
283 _, err = db.Exec("INSERT INTO access (repoID, groupID, privilege) " +
284 "VALUES(?, ?, 1)", repo.ID, groupID)
285 if err != nil {
286 log.Println(err.Error())
287 }
288 return err
289 }
290
291 func (u *User) RemoveUserAccess(repo Repo, userID int) error {
292 if u.ID != repo.UserID {
293 return errors.New(
294 "Only the repository owner can revoke access")
295 }
296 statement, err := db.Exec("DELETE FROM access " +
297 "WHERE userID = ? AND repoID = ?",
298 userID, repo.ID)
299 if err != nil {
300 return err
301 }
302 rows, err := statement.RowsAffected()
303 if err != nil {
304 return err
305 }
306 if rows < 1 {
307 return errors.New("The user is not a contributor")
308 }
309 return nil
310 }
311