mirror of
				https://gitcode.com/gitea/gitea.git
				synced 2025-10-25 03:57:13 +08:00 
			
		
		
		
	Add API to query collaborators permission for a repository (#18761)
Targeting #14936, #15332 Adds a collaborator permissions API endpoint according to GitHub API: https://docs.github.com/en/rest/collaborators/collaborators#get-repository-permissions-for-a-user to retrieve a collaborators permissions for a specific repository. ### Checks the repository permissions of a collaborator. `GET` `/repos/{owner}/{repo}/collaborators/{collaborator}/permission` Possible `permission` values are `admin`, `write`, `read`, `owner`, `none`. ```json { "permission": "admin", "role_name": "admin", "user": {} } ``` Where `permission` and `role_name` hold the same `permission` value and `user` is filled with the user API object. Only admins are allowed to use this API endpoint.
This commit is contained in:
		 Florin Hillebrand
					Florin Hillebrand
				
			
				
					committed by
					
						 GitHub
						GitHub
					
				
			
			
				
	
			
			
			 GitHub
						GitHub
					
				
			
						parent
						
							e5c6c001c5
						
					
				
				
					commit
					ad6d08d155
				
			| @ -810,9 +810,12 @@ func Routes() *web.Route { | ||||
| 				}, reqToken(), reqAdmin(), reqWebhooksEnabled()) | ||||
| 				m.Group("/collaborators", func() { | ||||
| 					m.Get("", reqAnyRepoReader(), repo.ListCollaborators) | ||||
| 					m.Combo("/{collaborator}").Get(reqAnyRepoReader(), repo.IsCollaborator). | ||||
| 						Put(reqAdmin(), bind(api.AddCollaboratorOption{}), repo.AddCollaborator). | ||||
| 						Delete(reqAdmin(), repo.DeleteCollaborator) | ||||
| 					m.Group("/{collaborator}", func() { | ||||
| 						m.Combo("").Get(reqAnyRepoReader(), repo.IsCollaborator). | ||||
| 							Put(reqAdmin(), bind(api.AddCollaboratorOption{}), repo.AddCollaborator). | ||||
| 							Delete(reqAdmin(), repo.DeleteCollaborator) | ||||
| 						m.Get("/permission", repo.GetRepoPermissions) | ||||
| 					}, reqToken()) | ||||
| 				}, reqToken()) | ||||
| 				m.Get("/assignees", reqToken(), reqAnyRepoReader(), repo.GetAssignees) | ||||
| 				m.Get("/reviewers", reqToken(), reqAnyRepoReader(), repo.GetReviewers) | ||||
|  | ||||
| @ -233,6 +233,61 @@ func DeleteCollaborator(ctx *context.APIContext) { | ||||
| 	ctx.Status(http.StatusNoContent) | ||||
| } | ||||
|  | ||||
| // GetRepoPermissions gets repository permissions for a user | ||||
| func GetRepoPermissions(ctx *context.APIContext) { | ||||
| 	// swagger:operation GET /repos/{owner}/{repo}/collaborators/{collaborator}/permission repository repoGetRepoPermissions | ||||
| 	// --- | ||||
| 	// summary: Get repository permissions for a user | ||||
| 	// produces: | ||||
| 	// - application/json | ||||
| 	// parameters: | ||||
| 	// - name: owner | ||||
| 	//   in: path | ||||
| 	//   description: owner of the repo | ||||
| 	//   type: string | ||||
| 	//   required: true | ||||
| 	// - name: repo | ||||
| 	//   in: path | ||||
| 	//   description: name of the repo | ||||
| 	//   type: string | ||||
| 	//   required: true | ||||
| 	// - name: collaborator | ||||
| 	//   in: path | ||||
| 	//   description: username of the collaborator | ||||
| 	//   type: string | ||||
| 	//   required: true | ||||
| 	// responses: | ||||
| 	//   "200": | ||||
| 	//     "$ref": "#/responses/RepoCollaboratorPermission" | ||||
| 	//   "404": | ||||
| 	//     "$ref": "#/responses/notFound" | ||||
| 	//   "403": | ||||
| 	//     "$ref": "#/responses/forbidden" | ||||
|  | ||||
| 	if !ctx.Doer.IsAdmin && ctx.Doer.LoginName != ctx.Params(":collaborator") && !ctx.IsUserRepoAdmin() { | ||||
| 		ctx.Error(http.StatusForbidden, "User", "Only admins can query all permissions, repo admins can query all repo permissions, collaborators can query only their own") | ||||
| 		return | ||||
| 	} | ||||
|  | ||||
| 	collaborator, err := user_model.GetUserByName(ctx.Params(":collaborator")) | ||||
| 	if err != nil { | ||||
| 		if user_model.IsErrUserNotExist(err) { | ||||
| 			ctx.Error(http.StatusNotFound, "GetUserByName", err) | ||||
| 		} else { | ||||
| 			ctx.Error(http.StatusInternalServerError, "GetUserByName", err) | ||||
| 		} | ||||
| 		return | ||||
| 	} | ||||
|  | ||||
| 	permission, err := models.GetUserRepoPermission(ctx, ctx.Repo.Repository, collaborator) | ||||
| 	if err != nil { | ||||
| 		ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err) | ||||
| 		return | ||||
| 	} | ||||
|  | ||||
| 	ctx.JSON(http.StatusOK, convert.ToUserAndPermission(collaborator, ctx.ContextUser, permission.AccessMode)) | ||||
| } | ||||
|  | ||||
| // GetReviewers return all users that can be requested to review in this repo | ||||
| func GetReviewers(ctx *context.APIContext) { | ||||
| 	// swagger:operation GET /repos/{owner}/{repo}/reviewers repository repoGetReviewers | ||||
|  | ||||
| @ -344,3 +344,10 @@ type swaggerWikiCommitList struct { | ||||
| 	// in:body | ||||
| 	Body api.WikiCommitList `json:"body"` | ||||
| } | ||||
|  | ||||
| // RepoCollaboratorPermission | ||||
| // swagger:response RepoCollaboratorPermission | ||||
| type swaggerRepoCollaboratorPermission struct { | ||||
| 	// in:body | ||||
| 	Body api.RepoCollaboratorPermission `json:"body"` | ||||
| } | ||||
|  | ||||
		Reference in New Issue
	
	Block a user