💾 Archived View for gemini.rmf-dev.com › repo › Vaati › Gemigit › files › f0043f4a9ddccb3be9162ad747… captured on 2024-02-05 at 09:47:12. Gemini links have been rewritten to link to archived content

View Raw

More Information

-=-=-=-=-=-=-

Go Back

0 package gmi

1

2 import (

3 "gemigit/db"

4 "gemigit/csrf"

5

6 "github.com/pitr/gig"

7 )

8

9 func accessRedirect(c gig.Context) error {

10 return c.NoContent(gig.StatusRedirectTemporary,

11 "/account/" + csrf.Token(c.CertHash()) + "/repo/" +

12 c.Param("repo") + "/access")

13 }

14

15 func privilegeUpdate(privilege int, first bool) int {

16 if first {

17 return (privilege + 1)%3

18 }

19 if privilege == 0 {

20 return 2

21 }

22 return privilege - 1

23 }

24

25 func privilegeToString(privilege int) string {

26 switch (privilege) {

27 case 0:

28 return "none"

29 case 1:

30 return "read"

31 case 2:

32 return "read and write"

33 }

34 return "Invalid value"

35 }

36

37 func accessFirstOption(privilege int) string {

38 switch (privilege) {

39 case 0:

40 return "Grant read access"

41 case 1:

42 return "Grant write access"

43 default:

44 return "Revoke read and write access"

45 }

46 }

47

48 func accessSecondOption(privilege int) string {

49 switch (privilege) {

50 case 0:

51 return "Grant read and write access"

52 case 1:

53 return "Revoke read access"

54 default:

55 return "Revoke write access"

56 }

57 }

58

59 func changeGroupAccess(user db.User, repository string,

60 name string, first bool) error {

61 repo, err := user.GetRepo(repository)

62 if err != nil {

63 return err

64 }

65 groupID, err := db.GetGroupID(name)

66 if err != nil {

67 return err

68 }

69 privilege, err := db.GetGroupAccess(repo, groupID)

70 if err != nil {

71 return err

72 }

73 privilege = privilegeUpdate(privilege, first)

74 err = user.SetGroupAccess(repo, groupID, privilege)

75 return err

76 }

77

78 func groupAccessOption(c gig.Context, first bool) error {

79 user, exist := db.GetUser(c.CertHash())

80 if !exist {

81 return c.NoContent(gig.StatusBadRequest, "Invalid group")

82 }

83 err := changeGroupAccess(user, c.Param("repo"),

84 c.Param("group"), first)

85 if err != nil {

86 return c.NoContent(gig.StatusBadRequest, err.Error())

87 }

88 return accessRedirect(c)

89 }

90

91 func GroupAccessFirstOption(c gig.Context) error {

92 return groupAccessOption(c, true)

93 }

94

95 func GroupAccessSecondOption(c gig.Context) error {

96 return groupAccessOption(c, false)

97 }

98

99 func changeUserAccess(owner db.User, repository string,

100 name string, first bool) error {

101 repo, err := owner.GetRepo(repository)

102 if err != nil {

103 return err

104 }

105 user, err := db.GetPublicUser(name)

106 if err != nil {

107 return err

108 }

109 privilege, err := db.GetUserAccess(repo, user)

110 if err != nil {

111 return err

112 }

113 privilege = privilegeUpdate(privilege, first)

114 err = owner.SetUserAccess(repo, user.ID, privilege)

115 return err

116 }

117

118 func userAccessOption(c gig.Context, first bool) error {

119 user, exist := db.GetUser(c.CertHash())

120 if !exist {

121 return c.NoContent(gig.StatusBadRequest, "Invalid username")

122 }

123 err := changeUserAccess(user, c.Param("repo"), c.Param("user"), first)

124 if err != nil {

125 return c.NoContent(gig.StatusBadRequest, err.Error())

126 }

127 return accessRedirect(c)

128 }

129

130 func UserAccessFirstOption(c gig.Context) error {

131 return userAccessOption(c, true)

132 }

133

134 func UserAccessSecondOption(c gig.Context) error {

135 return userAccessOption(c, false)

136 }

137

138 func addAcess(c gig.Context, param string) (string, db.User, db.Repo, error) {

139 query, err := c.QueryString()

140 if err != nil {

141 return "", db.User{}, db.Repo{},

142 c.NoContent(gig.StatusBadRequest, err.Error())

143 }

144 if query == "" {

145 return "", db.User{}, db.Repo{},

146 c.NoContent(gig.StatusInput, param)

147 }

148 user, exist := db.GetUser(c.CertHash())

149 if !exist {

150 return query, user, db.Repo{},

151 c.NoContent(gig.StatusBadRequest, "Invalid entry")

152 }

153

154 repo, err := user.GetRepo(c.Param("repo"))

155 if err != nil {

156 return query, user, db.Repo{},

157 c.NoContent(gig.StatusBadRequest,

158 "Repository not found")

159 }

160 return query, user, repo, nil

161 }

162

163 func AddUserAccess(c gig.Context) error {

164 query, user, repo, err := addAcess(c, "User")

165 if err != nil {

166 return err

167 }

168 err = user.AddUserAccess(repo, query)

169 if err != nil {

170 return c.NoContent(gig.StatusBadRequest,

171 "Invalid user")

172 }

173 return accessRedirect(c)

174 }

175

176 func AddGroupAccess(c gig.Context) error {

177 query, user, repo, err := addAcess(c, "Group")

178 if err != nil {

179 return err

180 }

181 err = user.AddGroupAccess(repo, query)

182 if err != nil {

183 return c.NoContent(gig.StatusBadRequest,

184 "Invalid user")

185 }

186 return accessRedirect(c)

187 }

188

189 func RemoveUserAccess(c gig.Context) error {

190 user, exist := db.GetUser(c.CertHash())

191 if !exist {

192 return c.NoContent(gig.StatusBadRequest, "Invalid username")

193 }

194 userID, err := db.GetUserID(c.Param("user"))

195 if err != nil {

196 return c.NoContent(gig.StatusBadRequest,

197 "User not found")

198 }

199 repo, err := user.GetRepo(c.Param("repo"))

200 err = user.RemoveUserAccess(repo, userID)

201 if err != nil {

202 return c.NoContent(gig.StatusBadRequest,

203 "User doesn't have access")

204 }

205 return accessRedirect(c)

206 }

207

208 func RemoveGroupAccess(c gig.Context) error {

209 user, exist := db.GetUser(c.CertHash())

210 if !exist {

211 return c.NoContent(gig.StatusBadRequest, "Invalid username")

212 }

213 groupID, err := db.GetGroupID(c.Param("group"))

214 if err != nil {

215 return c.NoContent(gig.StatusBadRequest,

216 "Group not found")

217 }

218 repo, err := user.GetRepo(c.Param("repo"))

219 err = user.RemoveGroupAccess(repo, groupID)

220 if err != nil {

221 return c.NoContent(gig.StatusBadRequest,

222 "Group doesn't have access")

223 }

224 return accessRedirect(c)

225 }

226