Allow repo admins too to delete the repo (#23940)

Fixes https://github.com/go-gitea/gitea/issues/23934

We need to check `AccessModeAdmin` in `CanUserDelete` instead of
`AccessModeOwner`
This commit is contained in:
yp05327 2023-04-08 00:21:02 +09:00 committed by GitHub
parent 36c0840cf1
commit 26a0cd7143
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 2 deletions

View file

@ -100,6 +100,11 @@ func (org *Organization) IsOwnedBy(uid int64) (bool, error) {
return IsOrganizationOwner(db.DefaultContext, org.ID, uid) return IsOrganizationOwner(db.DefaultContext, org.ID, uid)
} }
// IsOrgAdmin returns true if given user is in the owner team or an admin team.
func (org *Organization) IsOrgAdmin(uid int64) (bool, error) {
return IsOrganizationAdmin(db.DefaultContext, org.ID, uid)
}
// IsOrgMember returns true if given user is member of organization. // IsOrgMember returns true if given user is member of organization.
func (org *Organization) IsOrgMember(uid int64) (bool, error) { func (org *Organization) IsOrgMember(uid int64) (bool, error) {
return IsOrganizationMember(db.DefaultContext, org.ID, uid) return IsOrganizationMember(db.DefaultContext, org.ID, uid)

View file

@ -8,6 +8,7 @@ import (
"fmt" "fmt"
"code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/db"
"code.gitea.io/gitea/models/perm"
user_model "code.gitea.io/gitea/models/user" user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/log"
@ -53,6 +54,20 @@ func IsOrganizationOwner(ctx context.Context, orgID, uid int64) (bool, error) {
return IsTeamMember(ctx, orgID, ownerTeam.ID, uid) return IsTeamMember(ctx, orgID, ownerTeam.ID, uid)
} }
// IsOrganizationAdmin returns true if given user is in the owner team or an admin team.
func IsOrganizationAdmin(ctx context.Context, orgID, uid int64) (bool, error) {
teams, err := GetUserOrgTeams(ctx, orgID, uid)
if err != nil {
return false, err
}
for _, t := range teams {
if t.AccessMode >= perm.AccessModeAdmin {
return true, nil
}
}
return false, nil
}
// IsOrganizationMember returns true if given user is member of organization. // IsOrganizationMember returns true if given user is member of organization.
func IsOrganizationMember(ctx context.Context, orgID, uid int64) (bool, error) { func IsOrganizationMember(ctx context.Context, orgID, uid int64) (bool, error) {
return db.GetEngine(ctx). return db.GetEngine(ctx).

View file

@ -21,11 +21,11 @@ func CanUserDelete(repo *repo_model.Repository, user *user_model.User) (bool, er
} }
if repo.Owner.IsOrganization() { if repo.Owner.IsOrganization() {
isOwner, err := organization.OrgFromUser(repo.Owner).IsOwnedBy(user.ID) isAdmin, err := organization.OrgFromUser(repo.Owner).IsOrgAdmin(user.ID)
if err != nil { if err != nil {
return false, err return false, err
} }
return isOwner, nil return isAdmin, nil
} }
return false, nil return false, nil