From f46c58a74e70f4fb152161a04744f3d4a2cf9e11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim-Niclas=20Oelschl=C3=A4ger?= Date: Sun, 14 Apr 2024 20:00:21 +0200 Subject: [PATCH] use already existing GetUserRepoPermission --- models/activities/action.go | 47 ++++++++++++++++++++++---------- models/activities/action_list.go | 10 ------- models/organization/org_user.go | 21 -------------- 3 files changed, 32 insertions(+), 46 deletions(-) diff --git a/models/activities/action.go b/models/activities/action.go index 9c2b740990..02b9c65122 100644 --- a/models/activities/action.go +++ b/models/activities/action.go @@ -23,6 +23,7 @@ import ( "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/optional" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/timeutil" @@ -468,21 +469,32 @@ func GetFeeds(ctx context.Context, opts GetFeedsOptions) (ActionList, int64, err return nil, 0, fmt.Errorf("LoadAttributes: %w", err) } - isOrgMemberMap := make(map[int64]bool, 0) - isPrivateForActor := true if opts.Actor != nil && opts.RequestedUser != nil { - isPrivateForActor = !opts.Actor.IsAdmin && opts.Actor.ID != opts.RequestedUser.ID - isOrgMemberMap, err = organization.IsOrganizationsMember(ctx, actions.GetOrgIDs(), opts.Actor.ID) - if err != nil { - return nil, 0, err + isPrivateForActor := !opts.Actor.IsAdmin && opts.Actor.ID != opts.RequestedUser.ID + + // cache user repo read permissions + canReadRepo := make(map[int64]optional.Option[bool], 0) + + for _, action := range actions { + action.IsPrivateView = isPrivateForActor && action.IsPrivate + + if action.IsPrivateView && action.Repo.Owner.IsOrganization() { + if !canReadRepo[action.Repo.ID].Has() { + perm, err := access_model.GetUserRepoPermission(ctx, action.Repo, opts.Actor) + if err != nil { + return nil, 0, fmt.Errorf("GetUserRepoPermission: %w", err) + } + canRead := perm.CanRead(unit.TypeCode) + action.IsPrivateView = !canRead + canReadRepo[action.Repo.ID] = optional.Option[bool]{canRead} + } + + action.IsPrivateView = !canReadRepo[action.Repo.ID].Value() + } } - } - - for _, action := range actions { - action.IsPrivateView = isPrivateForActor && action.IsPrivate - - if action.IsPrivateView && action.Repo.Owner.IsOrganization() { - action.IsPrivateView = !isOrgMemberMap[action.Repo.Owner.ID] + } else { + for _, action := range actions { + action.IsPrivateView = action.IsPrivate } } @@ -491,8 +503,13 @@ func GetFeeds(ctx context.Context, opts GetFeedsOptions) (ActionList, int64, err // ActivityReadable return whether doer can read activities of user func ActivityReadable(user, doer *user_model.User) bool { - return !user.ActivityVisibility.ShowNone() || - doer != nil && (doer.IsAdmin || user.ID == doer.ID) + if doer != nil && (doer.IsAdmin || user.ID == doer.ID) { + return true + } + if user.ActivityVisibility.ShowNone() { + return false + } + return true } func activityQueryCondition(ctx context.Context, opts GetFeedsOptions) (builder.Cond, error) { diff --git a/models/activities/action_list.go b/models/activities/action_list.go index edd7a47ad1..6e23b173b5 100644 --- a/models/activities/action_list.go +++ b/models/activities/action_list.go @@ -53,16 +53,6 @@ func (actions ActionList) getRepoIDs() []int64 { }) } -func (actions ActionList) GetOrgIDs() []int64 { - orgIDs := make(container.Set[int64], len(actions)) - for _, action := range actions { - if action.Repo.Owner.IsOrganization() { - orgIDs.Add(action.Repo.Owner.ID) - } - } - return orgIDs.Values() -} - func (actions ActionList) LoadRepositories(ctx context.Context) error { if len(actions) == 0 { return nil diff --git a/models/organization/org_user.go b/models/organization/org_user.go index 56730325e6..5fe3a178d2 100644 --- a/models/organization/org_user.go +++ b/models/organization/org_user.go @@ -77,27 +77,6 @@ func IsOrganizationMember(ctx context.Context, orgID, uid int64) (bool, error) { Exist() } -// IsOrganizationsMember returns a map with key of orgID and value is true if given user is member of organization. -func IsOrganizationsMember(ctx context.Context, orgIDs []int64, uid int64) (map[int64]bool, error) { - var orgUsers []*OrgUser - - err := db.GetEngine(ctx). - Where("uid=?", uid). - And(builder.In("org_id", orgIDs)). - Table("org_user"). - Find(&orgUsers) - if err != nil { - return nil, err - } - - memberMap := make(map[int64]bool, len(orgIDs)) - for _, orgUser := range orgUsers { - memberMap[orgUser.OrgID] = true - } - - return memberMap, nil -} - // IsPublicMembership returns true if the given user's membership of given org is public. func IsPublicMembership(ctx context.Context, orgID, uid int64) (bool, error) { return db.GetEngine(ctx).