mirror of
https://github.com/go-gitea/gitea.git
synced 2026-06-14 03:29:55 +00:00
fix: Fix some wrong code and follow 37347 (#37987)
This commit is contained in:
Lunny Xiao
+28
-31
@@ -19,7 +19,6 @@ import (
|
||||
"gitea.dev/modules/util"
|
||||
|
||||
"xorm.io/builder"
|
||||
"xorm.io/xorm"
|
||||
)
|
||||
|
||||
// ErrOrgNotExist represents a "OrgNotExist" kind of error.
|
||||
@@ -181,45 +180,43 @@ func (org *Organization) HomeLink() string {
|
||||
// FindOrgMembersOpts represents find org members conditions
|
||||
type FindOrgMembersOpts struct {
|
||||
db.ListOptions
|
||||
Doer *user_model.User
|
||||
IsDoerMember bool
|
||||
OrgID int64
|
||||
Keyword string
|
||||
SearchByEmail bool
|
||||
Doer *user_model.User
|
||||
IsDoerMember bool
|
||||
OrgID int64
|
||||
Keyword string
|
||||
}
|
||||
|
||||
func (opts FindOrgMembersOpts) PublicOnly() bool {
|
||||
return opts.Doer == nil || !(opts.IsDoerMember || opts.Doer.IsAdmin)
|
||||
}
|
||||
|
||||
func (opts FindOrgMembersOpts) applyKeywordFilter(sess *xorm.Session) (*xorm.Session, bool) {
|
||||
// applyKeywordFilter adds keyword search conditions to session
|
||||
func (opts FindOrgMembersOpts) applyKeywordFilter(sess db.Session) bool {
|
||||
if opts.Keyword == "" {
|
||||
return sess, false
|
||||
return false
|
||||
}
|
||||
|
||||
lowerKeyword := strings.ToLower(opts.Keyword)
|
||||
keywordCond := builder.Or(
|
||||
builder.Like{"`user`.lower_name", lowerKeyword},
|
||||
builder.Like{"LOWER(`user`.full_name)", lowerKeyword},
|
||||
db.BuildCaseInsensitiveLike("`user`.lower_name", opts.Keyword),
|
||||
db.BuildCaseInsensitiveLike("`user`.full_name", opts.Keyword),
|
||||
)
|
||||
if opts.SearchByEmail {
|
||||
var emailCond builder.Cond = builder.Like{"LOWER(`user`.email)", lowerKeyword}
|
||||
switch {
|
||||
case opts.Doer == nil:
|
||||
emailCond = emailCond.And(builder.Eq{"`user`.keep_email_private": false})
|
||||
case !opts.Doer.IsAdmin:
|
||||
emailCond = emailCond.And(
|
||||
builder.Or(
|
||||
builder.Eq{"`user`.keep_email_private": false},
|
||||
builder.Eq{"`user`.id": opts.Doer.ID},
|
||||
),
|
||||
)
|
||||
}
|
||||
keywordCond = keywordCond.Or(emailCond)
|
||||
}
|
||||
|
||||
sess = sess.Join("INNER", "`user`", "org_user.uid = `user`.id").And(keywordCond)
|
||||
return sess, true
|
||||
emailCond := db.BuildCaseInsensitiveLike("`user`.email", opts.Keyword)
|
||||
switch {
|
||||
case opts.Doer == nil:
|
||||
emailCond = emailCond.And(builder.Eq{"`user`.keep_email_private": false})
|
||||
case !opts.Doer.IsAdmin:
|
||||
emailCond = emailCond.And(
|
||||
builder.Or(
|
||||
builder.Eq{"`user`.keep_email_private": false},
|
||||
builder.Eq{"`user`.id": opts.Doer.ID},
|
||||
),
|
||||
)
|
||||
}
|
||||
keywordCond = keywordCond.Or(emailCond)
|
||||
|
||||
_ = sess.Join("INNER", "`user`", "org_user.uid = `user`.id").And(keywordCond)
|
||||
return true
|
||||
}
|
||||
|
||||
// applyTeamMatesOnlyFilter make sure restricted users only see public team members and there own team mates
|
||||
@@ -245,7 +242,7 @@ func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, erro
|
||||
} else {
|
||||
opts.applyTeamMatesOnlyFilter(sess)
|
||||
}
|
||||
sess, _ = opts.applyKeywordFilter(sess)
|
||||
_ = opts.applyKeywordFilter(sess)
|
||||
|
||||
return sess.Count(new(OrgUser))
|
||||
}
|
||||
@@ -494,8 +491,8 @@ func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUs
|
||||
} else {
|
||||
opts.applyTeamMatesOnlyFilter(sess)
|
||||
}
|
||||
if keywordSess, hasKeyword := opts.applyKeywordFilter(sess); hasKeyword {
|
||||
sess = keywordSess.Select("org_user.*")
|
||||
if opts.applyKeywordFilter(sess) {
|
||||
sess = sess.Select("org_user.*")
|
||||
}
|
||||
|
||||
sess = sess.OrderBy("org_user.uid ASC")
|
||||
|
||||
@@ -302,43 +302,39 @@ func TestOrgMembersSearch(t *testing.T) {
|
||||
{
|
||||
name: "match by username",
|
||||
opts: &organization.FindOrgMembersOpts{
|
||||
OrgID: 3,
|
||||
Doer: member,
|
||||
IsDoerMember: true,
|
||||
Keyword: "user4",
|
||||
SearchByEmail: true,
|
||||
OrgID: 3,
|
||||
Doer: member,
|
||||
IsDoerMember: true,
|
||||
Keyword: "user4",
|
||||
},
|
||||
expectedUIDs: []int64{4},
|
||||
},
|
||||
{
|
||||
name: "match by full name",
|
||||
opts: &organization.FindOrgMembersOpts{
|
||||
OrgID: 3,
|
||||
Doer: member,
|
||||
IsDoerMember: true,
|
||||
Keyword: "user27",
|
||||
SearchByEmail: true,
|
||||
OrgID: 3,
|
||||
Doer: member,
|
||||
IsDoerMember: true,
|
||||
Keyword: "user27",
|
||||
},
|
||||
expectedUIDs: []int64{28},
|
||||
},
|
||||
{
|
||||
name: "private email hidden",
|
||||
opts: &organization.FindOrgMembersOpts{
|
||||
OrgID: 3,
|
||||
Doer: member,
|
||||
IsDoerMember: true,
|
||||
Keyword: "user2@example.com",
|
||||
SearchByEmail: true,
|
||||
OrgID: 3,
|
||||
Doer: member,
|
||||
IsDoerMember: true,
|
||||
Keyword: "user2@example.com",
|
||||
},
|
||||
expectedUIDs: []int64{},
|
||||
},
|
||||
{
|
||||
name: "admin can search private email",
|
||||
opts: &organization.FindOrgMembersOpts{
|
||||
OrgID: 3,
|
||||
Doer: admin,
|
||||
Keyword: "user2@example.com",
|
||||
SearchByEmail: true,
|
||||
OrgID: 3,
|
||||
Doer: admin,
|
||||
Keyword: "user2@example.com",
|
||||
},
|
||||
expectedUIDs: []int64{2},
|
||||
},
|
||||
|
||||
Reference in New Issue
Block a user