💾 Archived View for gemini.rmf-dev.com › repo › Vaati › Gemigit › files › f0043f4a9ddccb3be9162ad747… captured on 2024-02-05 at 09:47:12. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
0 package gmi
1
2 import (
3 "gemigit/db"
4 "gemigit/csrf"
5
6 "github.com/pitr/gig"
7 )
8
9 func accessRedirect(c gig.Context) error {
10 return c.NoContent(gig.StatusRedirectTemporary,
11 "/account/" + csrf.Token(c.CertHash()) + "/repo/" +
12 c.Param("repo") + "/access")
13 }
14
15 func privilegeUpdate(privilege int, first bool) int {
16 if first {
17 return (privilege + 1)%3
18 }
19 if privilege == 0 {
20 return 2
21 }
22 return privilege - 1
23 }
24
25 func privilegeToString(privilege int) string {
26 switch (privilege) {
27 case 0:
28 return "none"
29 case 1:
30 return "read"
31 case 2:
32 return "read and write"
33 }
34 return "Invalid value"
35 }
36
37 func accessFirstOption(privilege int) string {
38 switch (privilege) {
39 case 0:
40 return "Grant read access"
41 case 1:
42 return "Grant write access"
43 default:
44 return "Revoke read and write access"
45 }
46 }
47
48 func accessSecondOption(privilege int) string {
49 switch (privilege) {
50 case 0:
51 return "Grant read and write access"
52 case 1:
53 return "Revoke read access"
54 default:
55 return "Revoke write access"
56 }
57 }
58
59 func changeGroupAccess(user db.User, repository string,
60 name string, first bool) error {
61 repo, err := user.GetRepo(repository)
62 if err != nil {
63 return err
64 }
65 groupID, err := db.GetGroupID(name)
66 if err != nil {
67 return err
68 }
69 privilege, err := db.GetGroupAccess(repo, groupID)
70 if err != nil {
71 return err
72 }
73 privilege = privilegeUpdate(privilege, first)
74 err = user.SetGroupAccess(repo, groupID, privilege)
75 return err
76 }
77
78 func groupAccessOption(c gig.Context, first bool) error {
79 user, exist := db.GetUser(c.CertHash())
80 if !exist {
81 return c.NoContent(gig.StatusBadRequest, "Invalid group")
82 }
83 err := changeGroupAccess(user, c.Param("repo"),
84 c.Param("group"), first)
85 if err != nil {
86 return c.NoContent(gig.StatusBadRequest, err.Error())
87 }
88 return accessRedirect(c)
89 }
90
91 func GroupAccessFirstOption(c gig.Context) error {
92 return groupAccessOption(c, true)
93 }
94
95 func GroupAccessSecondOption(c gig.Context) error {
96 return groupAccessOption(c, false)
97 }
98
99 func changeUserAccess(owner db.User, repository string,
100 name string, first bool) error {
101 repo, err := owner.GetRepo(repository)
102 if err != nil {
103 return err
104 }
105 user, err := db.GetPublicUser(name)
106 if err != nil {
107 return err
108 }
109 privilege, err := db.GetUserAccess(repo, user)
110 if err != nil {
111 return err
112 }
113 privilege = privilegeUpdate(privilege, first)
114 err = owner.SetUserAccess(repo, user.ID, privilege)
115 return err
116 }
117
118 func userAccessOption(c gig.Context, first bool) error {
119 user, exist := db.GetUser(c.CertHash())
120 if !exist {
121 return c.NoContent(gig.StatusBadRequest, "Invalid username")
122 }
123 err := changeUserAccess(user, c.Param("repo"), c.Param("user"), first)
124 if err != nil {
125 return c.NoContent(gig.StatusBadRequest, err.Error())
126 }
127 return accessRedirect(c)
128 }
129
130 func UserAccessFirstOption(c gig.Context) error {
131 return userAccessOption(c, true)
132 }
133
134 func UserAccessSecondOption(c gig.Context) error {
135 return userAccessOption(c, false)
136 }
137
138 func addAcess(c gig.Context, param string) (string, db.User, db.Repo, error) {
139 query, err := c.QueryString()
140 if err != nil {
141 return "", db.User{}, db.Repo{},
142 c.NoContent(gig.StatusBadRequest, err.Error())
143 }
144 if query == "" {
145 return "", db.User{}, db.Repo{},
146 c.NoContent(gig.StatusInput, param)
147 }
148 user, exist := db.GetUser(c.CertHash())
149 if !exist {
150 return query, user, db.Repo{},
151 c.NoContent(gig.StatusBadRequest, "Invalid entry")
152 }
153
154 repo, err := user.GetRepo(c.Param("repo"))
155 if err != nil {
156 return query, user, db.Repo{},
157 c.NoContent(gig.StatusBadRequest,
158 "Repository not found")
159 }
160 return query, user, repo, nil
161 }
162
163 func AddUserAccess(c gig.Context) error {
164 query, user, repo, err := addAcess(c, "User")
165 if err != nil {
166 return err
167 }
168 err = user.AddUserAccess(repo, query)
169 if err != nil {
170 return c.NoContent(gig.StatusBadRequest,
171 "Invalid user")
172 }
173 return accessRedirect(c)
174 }
175
176 func AddGroupAccess(c gig.Context) error {
177 query, user, repo, err := addAcess(c, "Group")
178 if err != nil {
179 return err
180 }
181 err = user.AddGroupAccess(repo, query)
182 if err != nil {
183 return c.NoContent(gig.StatusBadRequest,
184 "Invalid user")
185 }
186 return accessRedirect(c)
187 }
188
189 func RemoveUserAccess(c gig.Context) error {
190 user, exist := db.GetUser(c.CertHash())
191 if !exist {
192 return c.NoContent(gig.StatusBadRequest, "Invalid username")
193 }
194 userID, err := db.GetUserID(c.Param("user"))
195 if err != nil {
196 return c.NoContent(gig.StatusBadRequest,
197 "User not found")
198 }
199 repo, err := user.GetRepo(c.Param("repo"))
200 err = user.RemoveUserAccess(repo, userID)
201 if err != nil {
202 return c.NoContent(gig.StatusBadRequest,
203 "User doesn't have access")
204 }
205 return accessRedirect(c)
206 }
207
208 func RemoveGroupAccess(c gig.Context) error {
209 user, exist := db.GetUser(c.CertHash())
210 if !exist {
211 return c.NoContent(gig.StatusBadRequest, "Invalid username")
212 }
213 groupID, err := db.GetGroupID(c.Param("group"))
214 if err != nil {
215 return c.NoContent(gig.StatusBadRequest,
216 "Group not found")
217 }
218 repo, err := user.GetRepo(c.Param("repo"))
219 err = user.RemoveGroupAccess(repo, groupID)
220 if err != nil {
221 return c.NoContent(gig.StatusBadRequest,
222 "Group doesn't have access")
223 }
224 return accessRedirect(c)
225 }
226