Fix private repo permission problem (#16142)

* Change user access permission

* Add string 'transfer_notices_3'

* Add 3rd transfer note to transfer dialog

* Add test

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This commit is contained in:
Nils Dralle 2021-06-14 20:30:35 +02:00 committed by GitHub
parent 440039c0cc
commit f374789fe2
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 38 additions and 1 deletions

View file

@ -1625,6 +1625,7 @@ settings.transfer_form_title = Enter the repository name as confirmation:
settings.transfer_in_progress = There is currently an ongoing transfer. Please cancel it if you will like to transfer this repository to another user. settings.transfer_in_progress = There is currently an ongoing transfer. Please cancel it if you will like to transfer this repository to another user.
settings.transfer_notices_1 = - You will lose access to the repository if you transfer it to an individual user. settings.transfer_notices_1 = - You will lose access to the repository if you transfer it to an individual user.
settings.transfer_notices_2 = - You will keep access to the repository if you transfer it to an organization that you (co-)own. settings.transfer_notices_2 = - You will keep access to the repository if you transfer it to an organization that you (co-)own.
settings.transfer_notices_3 = - If the repository is private and is transferred to an individual user, this action makes sure that the user does have at least read permission (and changes permissions if necessary).
settings.transfer_owner = New Owner settings.transfer_owner = New Owner
settings.transfer_perform = Perform Transfer settings.transfer_perform = Perform Transfer
settings.transfer_started = This repository has been marked for transfer and awaits confirmation from "%s" settings.transfer_started = This repository has been marked for transfer and awaits confirmation from "%s"

View file

@ -94,6 +94,20 @@ func StartRepositoryTransfer(doer, newOwner *models.User, repo *models.Repositor
} }
} }
// In case the new owner would not have sufficient access to the repo, give access rights for read
hasAccess, err := models.HasAccess(newOwner.ID, repo)
if err != nil {
return err
}
if !hasAccess {
if err := repo.AddCollaborator(newOwner); err != nil {
return err
}
if err := repo.ChangeCollaborationAccessMode(newOwner.ID, models.AccessModeRead); err != nil {
return err
}
}
// Make repo as pending for transfer // Make repo as pending for transfer
repo.Status = models.RepositoryPendingTransfer repo.Status = models.RepositoryPendingTransfer
if err := models.CreatePendingRepositoryTransfer(doer, newOwner, repo.ID, teams); err != nil { if err := models.CreatePendingRepositoryTransfer(doer, newOwner, repo.ID, teams); err != nil {

View file

@ -52,3 +52,24 @@ func TestTransferOwnership(t *testing.T) {
models.CheckConsistencyFor(t, &models.Repository{}, &models.User{}, &models.Team{}) models.CheckConsistencyFor(t, &models.Repository{}, &models.User{}, &models.Team{})
} }
func TestStartRepositoryTransferSetPermission(t *testing.T) {
assert.NoError(t, models.PrepareTestDatabase())
doer := models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User)
recipient := models.AssertExistsAndLoadBean(t, &models.User{ID: 5}).(*models.User)
repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 3}).(*models.Repository)
repo.Owner = models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
hasAccess, err := models.HasAccess(recipient.ID, repo)
assert.NoError(t, err)
assert.False(t, hasAccess)
assert.NoError(t, StartRepositoryTransfer(doer, recipient, repo, nil))
hasAccess, err = models.HasAccess(recipient.ID, repo)
assert.NoError(t, err)
assert.True(t, hasAccess)
models.CheckConsistencyFor(t, &models.Repository{}, &models.User{}, &models.Team{})
}

View file

@ -733,7 +733,8 @@
<div class="content"> <div class="content">
<div class="ui warning message text left"> <div class="ui warning message text left">
{{.i18n.Tr "repo.settings.transfer_notices_1"}} <br> {{.i18n.Tr "repo.settings.transfer_notices_1"}} <br>
{{.i18n.Tr "repo.settings.transfer_notices_2"}} {{.i18n.Tr "repo.settings.transfer_notices_2"}} <br>
{{.i18n.Tr "repo.settings.transfer_notices_3"}}
</div> </div>
<form class="ui form" action="{{.Link}}" method="post"> <form class="ui form" action="{{.Link}}" method="post">
{{.CsrfTokenHtml}} {{.CsrfTokenHtml}}