mirror of
https://codeberg.org/forgejo/forgejo
synced 2024-11-30 13:56:09 +01:00
f4310d74ee
backport #28213
This PR will fix some missed checks for private repositories' data on
web routes and API routes.
(cherry picked from commit bc3d8bff73
)
1032 lines
29 KiB
Go
1032 lines
29 KiB
Go
// Copyright 2016 The Gogs Authors. All rights reserved.
|
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package repo
|
|
|
|
import (
|
|
"errors"
|
|
"fmt"
|
|
"net/http"
|
|
"strconv"
|
|
"strings"
|
|
"time"
|
|
|
|
"code.gitea.io/gitea/models/db"
|
|
issues_model "code.gitea.io/gitea/models/issues"
|
|
"code.gitea.io/gitea/models/organization"
|
|
access_model "code.gitea.io/gitea/models/perm/access"
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
|
"code.gitea.io/gitea/models/unit"
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
"code.gitea.io/gitea/modules/context"
|
|
issue_indexer "code.gitea.io/gitea/modules/indexer/issues"
|
|
"code.gitea.io/gitea/modules/setting"
|
|
api "code.gitea.io/gitea/modules/structs"
|
|
"code.gitea.io/gitea/modules/timeutil"
|
|
"code.gitea.io/gitea/modules/util"
|
|
"code.gitea.io/gitea/modules/web"
|
|
"code.gitea.io/gitea/routers/api/v1/utils"
|
|
"code.gitea.io/gitea/services/convert"
|
|
issue_service "code.gitea.io/gitea/services/issue"
|
|
notify_service "code.gitea.io/gitea/services/notify"
|
|
)
|
|
|
|
// SearchIssues searches for issues across the repositories that the user has access to
|
|
func SearchIssues(ctx *context.APIContext) {
|
|
// swagger:operation GET /repos/issues/search issue issueSearchIssues
|
|
// ---
|
|
// summary: Search for issues across the repositories that the user has access to
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: state
|
|
// in: query
|
|
// description: whether issue is open or closed
|
|
// type: string
|
|
// - name: labels
|
|
// in: query
|
|
// description: comma separated list of labels. Fetch only issues that have any of this labels. Non existent labels are discarded
|
|
// type: string
|
|
// - name: milestones
|
|
// in: query
|
|
// description: comma separated list of milestone names. Fetch only issues that have any of this milestones. Non existent are discarded
|
|
// type: string
|
|
// - name: q
|
|
// in: query
|
|
// description: search string
|
|
// type: string
|
|
// - name: priority_repo_id
|
|
// in: query
|
|
// description: repository to prioritize in the results
|
|
// type: integer
|
|
// format: int64
|
|
// - name: type
|
|
// in: query
|
|
// description: filter by type (issues / pulls) if set
|
|
// type: string
|
|
// - name: since
|
|
// in: query
|
|
// description: Only show notifications updated after the given time. This is a timestamp in RFC 3339 format
|
|
// type: string
|
|
// format: date-time
|
|
// required: false
|
|
// - name: before
|
|
// in: query
|
|
// description: Only show notifications updated before the given time. This is a timestamp in RFC 3339 format
|
|
// type: string
|
|
// format: date-time
|
|
// required: false
|
|
// - name: assigned
|
|
// in: query
|
|
// description: filter (issues / pulls) assigned to you, default is false
|
|
// type: boolean
|
|
// - name: created
|
|
// in: query
|
|
// description: filter (issues / pulls) created by you, default is false
|
|
// type: boolean
|
|
// - name: mentioned
|
|
// in: query
|
|
// description: filter (issues / pulls) mentioning you, default is false
|
|
// type: boolean
|
|
// - name: review_requested
|
|
// in: query
|
|
// description: filter pulls requesting your review, default is false
|
|
// type: boolean
|
|
// - name: reviewed
|
|
// in: query
|
|
// description: filter pulls reviewed by you, default is false
|
|
// type: boolean
|
|
// - name: owner
|
|
// in: query
|
|
// description: filter by owner
|
|
// type: string
|
|
// - name: team
|
|
// in: query
|
|
// description: filter by team (requires organization owner parameter to be provided)
|
|
// type: string
|
|
// - name: page
|
|
// in: query
|
|
// description: page number of results to return (1-based)
|
|
// type: integer
|
|
// - name: limit
|
|
// in: query
|
|
// description: page size of results
|
|
// type: integer
|
|
// responses:
|
|
// "200":
|
|
// "$ref": "#/responses/IssueList"
|
|
|
|
before, since, err := context.GetQueryBeforeSince(ctx.Base)
|
|
if err != nil {
|
|
ctx.Error(http.StatusUnprocessableEntity, "GetQueryBeforeSince", err)
|
|
return
|
|
}
|
|
|
|
var isClosed util.OptionalBool
|
|
switch ctx.FormString("state") {
|
|
case "closed":
|
|
isClosed = util.OptionalBoolTrue
|
|
case "all":
|
|
isClosed = util.OptionalBoolNone
|
|
default:
|
|
isClosed = util.OptionalBoolFalse
|
|
}
|
|
|
|
var (
|
|
repoIDs []int64
|
|
allPublic bool
|
|
)
|
|
{
|
|
// find repos user can access (for issue search)
|
|
opts := &repo_model.SearchRepoOptions{
|
|
Private: false,
|
|
AllPublic: true,
|
|
TopicOnly: false,
|
|
Collaborate: util.OptionalBoolNone,
|
|
// This needs to be a column that is not nil in fixtures or
|
|
// MySQL will return different results when sorting by null in some cases
|
|
OrderBy: db.SearchOrderByAlphabetically,
|
|
Actor: ctx.Doer,
|
|
}
|
|
if ctx.IsSigned {
|
|
opts.Private = true
|
|
opts.AllLimited = true
|
|
}
|
|
if ctx.FormString("owner") != "" {
|
|
owner, err := user_model.GetUserByName(ctx, ctx.FormString("owner"))
|
|
if err != nil {
|
|
if user_model.IsErrUserNotExist(err) {
|
|
ctx.Error(http.StatusBadRequest, "Owner not found", err)
|
|
} else {
|
|
ctx.Error(http.StatusInternalServerError, "GetUserByName", err)
|
|
}
|
|
return
|
|
}
|
|
opts.OwnerID = owner.ID
|
|
opts.AllLimited = false
|
|
opts.AllPublic = false
|
|
opts.Collaborate = util.OptionalBoolFalse
|
|
}
|
|
if ctx.FormString("team") != "" {
|
|
if ctx.FormString("owner") == "" {
|
|
ctx.Error(http.StatusBadRequest, "", "Owner organisation is required for filtering on team")
|
|
return
|
|
}
|
|
team, err := organization.GetTeam(ctx, opts.OwnerID, ctx.FormString("team"))
|
|
if err != nil {
|
|
if organization.IsErrTeamNotExist(err) {
|
|
ctx.Error(http.StatusBadRequest, "Team not found", err)
|
|
} else {
|
|
ctx.Error(http.StatusInternalServerError, "GetUserByName", err)
|
|
}
|
|
return
|
|
}
|
|
opts.TeamID = team.ID
|
|
}
|
|
|
|
if opts.AllPublic {
|
|
allPublic = true
|
|
opts.AllPublic = false // set it false to avoid returning too many repos, we could filter by indexer
|
|
}
|
|
repoIDs, _, err = repo_model.SearchRepositoryIDs(opts)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "SearchRepositoryIDs", err)
|
|
return
|
|
}
|
|
if len(repoIDs) == 0 {
|
|
// no repos found, don't let the indexer return all repos
|
|
repoIDs = []int64{0}
|
|
}
|
|
}
|
|
|
|
keyword := ctx.FormTrim("q")
|
|
if strings.IndexByte(keyword, 0) >= 0 {
|
|
keyword = ""
|
|
}
|
|
|
|
var isPull util.OptionalBool
|
|
switch ctx.FormString("type") {
|
|
case "pulls":
|
|
isPull = util.OptionalBoolTrue
|
|
case "issues":
|
|
isPull = util.OptionalBoolFalse
|
|
default:
|
|
isPull = util.OptionalBoolNone
|
|
}
|
|
|
|
var includedAnyLabels []int64
|
|
{
|
|
|
|
labels := ctx.FormTrim("labels")
|
|
var includedLabelNames []string
|
|
if len(labels) > 0 {
|
|
includedLabelNames = strings.Split(labels, ",")
|
|
}
|
|
includedAnyLabels, err = issues_model.GetLabelIDsByNames(ctx, includedLabelNames)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetLabelIDsByNames", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
var includedMilestones []int64
|
|
{
|
|
milestones := ctx.FormTrim("milestones")
|
|
var includedMilestoneNames []string
|
|
if len(milestones) > 0 {
|
|
includedMilestoneNames = strings.Split(milestones, ",")
|
|
}
|
|
includedMilestones, err = issues_model.GetMilestoneIDsByNames(ctx, includedMilestoneNames)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetMilestoneIDsByNames", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
// this api is also used in UI,
|
|
// so the default limit is set to fit UI needs
|
|
limit := ctx.FormInt("limit")
|
|
if limit == 0 {
|
|
limit = setting.UI.IssuePagingNum
|
|
} else if limit > setting.API.MaxResponseItems {
|
|
limit = setting.API.MaxResponseItems
|
|
}
|
|
|
|
searchOpt := &issue_indexer.SearchOptions{
|
|
Paginator: &db.ListOptions{
|
|
PageSize: limit,
|
|
Page: ctx.FormInt("page"),
|
|
},
|
|
Keyword: keyword,
|
|
RepoIDs: repoIDs,
|
|
AllPublic: allPublic,
|
|
IsPull: isPull,
|
|
IsClosed: isClosed,
|
|
IncludedAnyLabelIDs: includedAnyLabels,
|
|
MilestoneIDs: includedMilestones,
|
|
SortBy: issue_indexer.SortByCreatedDesc,
|
|
}
|
|
|
|
if since != 0 {
|
|
searchOpt.UpdatedAfterUnix = &since
|
|
}
|
|
if before != 0 {
|
|
searchOpt.UpdatedBeforeUnix = &before
|
|
}
|
|
|
|
if ctx.IsSigned {
|
|
ctxUserID := ctx.Doer.ID
|
|
if ctx.FormBool("created") {
|
|
searchOpt.PosterID = &ctxUserID
|
|
}
|
|
if ctx.FormBool("assigned") {
|
|
searchOpt.AssigneeID = &ctxUserID
|
|
}
|
|
if ctx.FormBool("mentioned") {
|
|
searchOpt.MentionID = &ctxUserID
|
|
}
|
|
if ctx.FormBool("review_requested") {
|
|
searchOpt.ReviewRequestedID = &ctxUserID
|
|
}
|
|
if ctx.FormBool("reviewed") {
|
|
searchOpt.ReviewedID = &ctxUserID
|
|
}
|
|
}
|
|
|
|
// FIXME: It's unsupported to sort by priority repo when searching by indexer,
|
|
// it's indeed an regression, but I think it is worth to support filtering by indexer first.
|
|
_ = ctx.FormInt64("priority_repo_id")
|
|
|
|
ids, total, err := issue_indexer.SearchIssues(ctx, searchOpt)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "SearchIssues", err)
|
|
return
|
|
}
|
|
issues, err := issues_model.GetIssuesByIDs(ctx, ids, true)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "FindIssuesByIDs", err)
|
|
return
|
|
}
|
|
|
|
ctx.SetLinkHeader(int(total), limit)
|
|
ctx.SetTotalCountHeader(total)
|
|
ctx.JSON(http.StatusOK, convert.ToAPIIssueList(ctx, issues))
|
|
}
|
|
|
|
// ListIssues list the issues of a repository
|
|
func ListIssues(ctx *context.APIContext) {
|
|
// swagger:operation GET /repos/{owner}/{repo}/issues issue issueListIssues
|
|
// ---
|
|
// summary: List a repository's issues
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: owner
|
|
// in: path
|
|
// description: owner of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: repo
|
|
// in: path
|
|
// description: name of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: state
|
|
// in: query
|
|
// description: whether issue is open or closed
|
|
// type: string
|
|
// enum: [closed, open, all]
|
|
// - name: labels
|
|
// in: query
|
|
// description: comma separated list of labels. Fetch only issues that have any of this labels. Non existent labels are discarded
|
|
// type: string
|
|
// - name: q
|
|
// in: query
|
|
// description: search string
|
|
// type: string
|
|
// - name: type
|
|
// in: query
|
|
// description: filter by type (issues / pulls) if set
|
|
// type: string
|
|
// enum: [issues, pulls]
|
|
// - name: milestones
|
|
// in: query
|
|
// description: comma separated list of milestone names or ids. It uses names and fall back to ids. Fetch only issues that have any of this milestones. Non existent milestones are discarded
|
|
// type: string
|
|
// - name: since
|
|
// in: query
|
|
// description: Only show items updated after the given time. This is a timestamp in RFC 3339 format
|
|
// type: string
|
|
// format: date-time
|
|
// required: false
|
|
// - name: before
|
|
// in: query
|
|
// description: Only show items updated before the given time. This is a timestamp in RFC 3339 format
|
|
// type: string
|
|
// format: date-time
|
|
// required: false
|
|
// - name: created_by
|
|
// in: query
|
|
// description: Only show items which were created by the the given user
|
|
// type: string
|
|
// - name: assigned_by
|
|
// in: query
|
|
// description: Only show items for which the given user is assigned
|
|
// type: string
|
|
// - name: mentioned_by
|
|
// in: query
|
|
// description: Only show items in which the given user was mentioned
|
|
// type: string
|
|
// - name: page
|
|
// in: query
|
|
// description: page number of results to return (1-based)
|
|
// type: integer
|
|
// - name: limit
|
|
// in: query
|
|
// description: page size of results
|
|
// type: integer
|
|
// responses:
|
|
// "200":
|
|
// "$ref": "#/responses/IssueList"
|
|
// "404":
|
|
// "$ref": "#/responses/notFound"
|
|
before, since, err := context.GetQueryBeforeSince(ctx.Base)
|
|
if err != nil {
|
|
ctx.Error(http.StatusUnprocessableEntity, "GetQueryBeforeSince", err)
|
|
return
|
|
}
|
|
|
|
var isClosed util.OptionalBool
|
|
switch ctx.FormString("state") {
|
|
case "closed":
|
|
isClosed = util.OptionalBoolTrue
|
|
case "all":
|
|
isClosed = util.OptionalBoolNone
|
|
default:
|
|
isClosed = util.OptionalBoolFalse
|
|
}
|
|
|
|
keyword := ctx.FormTrim("q")
|
|
if strings.IndexByte(keyword, 0) >= 0 {
|
|
keyword = ""
|
|
}
|
|
|
|
var labelIDs []int64
|
|
if splitted := strings.Split(ctx.FormString("labels"), ","); len(splitted) > 0 {
|
|
labelIDs, err = issues_model.GetLabelIDsInRepoByNames(ctx, ctx.Repo.Repository.ID, splitted)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetLabelIDsInRepoByNames", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
var mileIDs []int64
|
|
if part := strings.Split(ctx.FormString("milestones"), ","); len(part) > 0 {
|
|
for i := range part {
|
|
// uses names and fall back to ids
|
|
// non existent milestones are discarded
|
|
mile, err := issues_model.GetMilestoneByRepoIDANDName(ctx, ctx.Repo.Repository.ID, part[i])
|
|
if err == nil {
|
|
mileIDs = append(mileIDs, mile.ID)
|
|
continue
|
|
}
|
|
if !issues_model.IsErrMilestoneNotExist(err) {
|
|
ctx.Error(http.StatusInternalServerError, "GetMilestoneByRepoIDANDName", err)
|
|
return
|
|
}
|
|
id, err := strconv.ParseInt(part[i], 10, 64)
|
|
if err != nil {
|
|
continue
|
|
}
|
|
mile, err = issues_model.GetMilestoneByRepoID(ctx, ctx.Repo.Repository.ID, id)
|
|
if err == nil {
|
|
mileIDs = append(mileIDs, mile.ID)
|
|
continue
|
|
}
|
|
if issues_model.IsErrMilestoneNotExist(err) {
|
|
continue
|
|
}
|
|
ctx.Error(http.StatusInternalServerError, "GetMilestoneByRepoID", err)
|
|
}
|
|
}
|
|
|
|
listOptions := utils.GetListOptions(ctx)
|
|
|
|
var isPull util.OptionalBool
|
|
switch ctx.FormString("type") {
|
|
case "pulls":
|
|
isPull = util.OptionalBoolTrue
|
|
case "issues":
|
|
isPull = util.OptionalBoolFalse
|
|
default:
|
|
isPull = util.OptionalBoolNone
|
|
}
|
|
|
|
if isPull != util.OptionalBoolNone && !ctx.Repo.CanReadIssuesOrPulls(isPull.IsTrue()) {
|
|
ctx.NotFound()
|
|
return
|
|
}
|
|
|
|
if isPull == util.OptionalBoolNone {
|
|
canReadIssues := ctx.Repo.CanRead(unit.TypeIssues)
|
|
canReadPulls := ctx.Repo.CanRead(unit.TypePullRequests)
|
|
if !canReadIssues && !canReadPulls {
|
|
ctx.NotFound()
|
|
return
|
|
} else if !canReadIssues {
|
|
isPull = util.OptionalBoolTrue
|
|
} else if !canReadPulls {
|
|
isPull = util.OptionalBoolFalse
|
|
}
|
|
}
|
|
|
|
// FIXME: we should be more efficient here
|
|
createdByID := getUserIDForFilter(ctx, "created_by")
|
|
if ctx.Written() {
|
|
return
|
|
}
|
|
assignedByID := getUserIDForFilter(ctx, "assigned_by")
|
|
if ctx.Written() {
|
|
return
|
|
}
|
|
mentionedByID := getUserIDForFilter(ctx, "mentioned_by")
|
|
if ctx.Written() {
|
|
return
|
|
}
|
|
|
|
searchOpt := &issue_indexer.SearchOptions{
|
|
Paginator: &listOptions,
|
|
Keyword: keyword,
|
|
RepoIDs: []int64{ctx.Repo.Repository.ID},
|
|
IsPull: isPull,
|
|
IsClosed: isClosed,
|
|
SortBy: issue_indexer.SortByCreatedDesc,
|
|
}
|
|
if since != 0 {
|
|
searchOpt.UpdatedAfterUnix = &since
|
|
}
|
|
if before != 0 {
|
|
searchOpt.UpdatedBeforeUnix = &before
|
|
}
|
|
if len(labelIDs) == 1 && labelIDs[0] == 0 {
|
|
searchOpt.NoLabelOnly = true
|
|
} else {
|
|
for _, labelID := range labelIDs {
|
|
if labelID > 0 {
|
|
searchOpt.IncludedLabelIDs = append(searchOpt.IncludedLabelIDs, labelID)
|
|
} else {
|
|
searchOpt.ExcludedLabelIDs = append(searchOpt.ExcludedLabelIDs, -labelID)
|
|
}
|
|
}
|
|
}
|
|
|
|
if len(mileIDs) == 1 && mileIDs[0] == db.NoConditionID {
|
|
searchOpt.MilestoneIDs = []int64{0}
|
|
} else {
|
|
searchOpt.MilestoneIDs = mileIDs
|
|
}
|
|
|
|
if createdByID > 0 {
|
|
searchOpt.PosterID = &createdByID
|
|
}
|
|
if assignedByID > 0 {
|
|
searchOpt.AssigneeID = &assignedByID
|
|
}
|
|
if mentionedByID > 0 {
|
|
searchOpt.MentionID = &mentionedByID
|
|
}
|
|
|
|
ids, total, err := issue_indexer.SearchIssues(ctx, searchOpt)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "SearchIssues", err)
|
|
return
|
|
}
|
|
issues, err := issues_model.GetIssuesByIDs(ctx, ids, true)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "FindIssuesByIDs", err)
|
|
return
|
|
}
|
|
|
|
ctx.SetLinkHeader(int(total), listOptions.PageSize)
|
|
ctx.SetTotalCountHeader(total)
|
|
ctx.JSON(http.StatusOK, convert.ToAPIIssueList(ctx, issues))
|
|
}
|
|
|
|
func getUserIDForFilter(ctx *context.APIContext, queryName string) int64 {
|
|
userName := ctx.FormString(queryName)
|
|
if len(userName) == 0 {
|
|
return 0
|
|
}
|
|
|
|
user, err := user_model.GetUserByName(ctx, userName)
|
|
if user_model.IsErrUserNotExist(err) {
|
|
ctx.NotFound(err)
|
|
return 0
|
|
}
|
|
|
|
if err != nil {
|
|
ctx.InternalServerError(err)
|
|
return 0
|
|
}
|
|
|
|
return user.ID
|
|
}
|
|
|
|
// GetIssue get an issue of a repository
|
|
func GetIssue(ctx *context.APIContext) {
|
|
// swagger:operation GET /repos/{owner}/{repo}/issues/{index} issue issueGetIssue
|
|
// ---
|
|
// summary: Get an issue
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: owner
|
|
// in: path
|
|
// description: owner of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: repo
|
|
// in: path
|
|
// description: name of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: index
|
|
// in: path
|
|
// description: index of the issue to get
|
|
// type: integer
|
|
// format: int64
|
|
// required: true
|
|
// responses:
|
|
// "200":
|
|
// "$ref": "#/responses/Issue"
|
|
// "404":
|
|
// "$ref": "#/responses/notFound"
|
|
|
|
issue, err := issues_model.GetIssueWithAttrsByIndex(ctx, ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
|
|
if err != nil {
|
|
if issues_model.IsErrIssueNotExist(err) {
|
|
ctx.NotFound()
|
|
} else {
|
|
ctx.Error(http.StatusInternalServerError, "GetIssueByIndex", err)
|
|
}
|
|
return
|
|
}
|
|
if !ctx.Repo.CanReadIssuesOrPulls(issue.IsPull) {
|
|
ctx.NotFound()
|
|
return
|
|
}
|
|
ctx.JSON(http.StatusOK, convert.ToAPIIssue(ctx, issue))
|
|
}
|
|
|
|
// CreateIssue create an issue of a repository
|
|
func CreateIssue(ctx *context.APIContext) {
|
|
// swagger:operation POST /repos/{owner}/{repo}/issues issue issueCreateIssue
|
|
// ---
|
|
// summary: Create an issue. If using deadline only the date will be taken into account, and time of day ignored.
|
|
// consumes:
|
|
// - application/json
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: owner
|
|
// in: path
|
|
// description: owner of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: repo
|
|
// in: path
|
|
// description: name of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: body
|
|
// in: body
|
|
// schema:
|
|
// "$ref": "#/definitions/CreateIssueOption"
|
|
// responses:
|
|
// "201":
|
|
// "$ref": "#/responses/Issue"
|
|
// "403":
|
|
// "$ref": "#/responses/forbidden"
|
|
// "404":
|
|
// "$ref": "#/responses/notFound"
|
|
// "412":
|
|
// "$ref": "#/responses/error"
|
|
// "422":
|
|
// "$ref": "#/responses/validationError"
|
|
form := web.GetForm(ctx).(*api.CreateIssueOption)
|
|
var deadlineUnix timeutil.TimeStamp
|
|
if form.Deadline != nil && ctx.Repo.CanWrite(unit.TypeIssues) {
|
|
deadlineUnix = timeutil.TimeStamp(form.Deadline.Unix())
|
|
}
|
|
|
|
issue := &issues_model.Issue{
|
|
RepoID: ctx.Repo.Repository.ID,
|
|
Repo: ctx.Repo.Repository,
|
|
Title: form.Title,
|
|
PosterID: ctx.Doer.ID,
|
|
Poster: ctx.Doer,
|
|
Content: form.Body,
|
|
Ref: form.Ref,
|
|
DeadlineUnix: deadlineUnix,
|
|
}
|
|
|
|
assigneeIDs := make([]int64, 0)
|
|
var err error
|
|
if ctx.Repo.CanWrite(unit.TypeIssues) {
|
|
issue.MilestoneID = form.Milestone
|
|
assigneeIDs, err = issues_model.MakeIDsFromAPIAssigneesToAdd(ctx, form.Assignee, form.Assignees)
|
|
if err != nil {
|
|
if user_model.IsErrUserNotExist(err) {
|
|
ctx.Error(http.StatusUnprocessableEntity, "", fmt.Sprintf("Assignee does not exist: [name: %s]", err))
|
|
} else {
|
|
ctx.Error(http.StatusInternalServerError, "AddAssigneeByName", err)
|
|
}
|
|
return
|
|
}
|
|
|
|
// Check if the passed assignees is assignable
|
|
for _, aID := range assigneeIDs {
|
|
assignee, err := user_model.GetUserByID(ctx, aID)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetUserByID", err)
|
|
return
|
|
}
|
|
|
|
valid, err := access_model.CanBeAssigned(ctx, assignee, ctx.Repo.Repository, false)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "canBeAssigned", err)
|
|
return
|
|
}
|
|
if !valid {
|
|
ctx.Error(http.StatusUnprocessableEntity, "canBeAssigned", repo_model.ErrUserDoesNotHaveAccessToRepo{UserID: aID, RepoName: ctx.Repo.Repository.Name})
|
|
return
|
|
}
|
|
}
|
|
} else {
|
|
// setting labels is not allowed if user is not a writer
|
|
form.Labels = make([]int64, 0)
|
|
}
|
|
|
|
if err := issue_service.NewIssue(ctx, ctx.Repo.Repository, issue, form.Labels, nil, assigneeIDs); err != nil {
|
|
if errors.Is(err, user_model.ErrBlockedByUser) {
|
|
ctx.Error(http.StatusForbidden, "BlockedByUser", err)
|
|
return
|
|
} else if repo_model.IsErrUserDoesNotHaveAccessToRepo(err) {
|
|
ctx.Error(http.StatusBadRequest, "UserDoesNotHaveAccessToRepo", err)
|
|
return
|
|
}
|
|
ctx.Error(http.StatusInternalServerError, "NewIssue", err)
|
|
return
|
|
}
|
|
|
|
if form.Closed {
|
|
if err := issue_service.ChangeStatus(ctx, issue, ctx.Doer, "", true); err != nil {
|
|
if issues_model.IsErrDependenciesLeft(err) {
|
|
ctx.Error(http.StatusPreconditionFailed, "DependenciesLeft", "cannot close this issue because it still has open dependencies")
|
|
return
|
|
}
|
|
ctx.Error(http.StatusInternalServerError, "ChangeStatus", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
// Refetch from database to assign some automatic values
|
|
issue, err = issues_model.GetIssueByID(ctx, issue.ID)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetIssueByID", err)
|
|
return
|
|
}
|
|
ctx.JSON(http.StatusCreated, convert.ToAPIIssue(ctx, issue))
|
|
}
|
|
|
|
// EditIssue modify an issue of a repository
|
|
func EditIssue(ctx *context.APIContext) {
|
|
// swagger:operation PATCH /repos/{owner}/{repo}/issues/{index} issue issueEditIssue
|
|
// ---
|
|
// summary: Edit an issue. If using deadline only the date will be taken into account, and time of day ignored.
|
|
// consumes:
|
|
// - application/json
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: owner
|
|
// in: path
|
|
// description: owner of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: repo
|
|
// in: path
|
|
// description: name of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: index
|
|
// in: path
|
|
// description: index of the issue to edit
|
|
// type: integer
|
|
// format: int64
|
|
// required: true
|
|
// - name: body
|
|
// in: body
|
|
// schema:
|
|
// "$ref": "#/definitions/EditIssueOption"
|
|
// responses:
|
|
// "201":
|
|
// "$ref": "#/responses/Issue"
|
|
// "403":
|
|
// "$ref": "#/responses/forbidden"
|
|
// "404":
|
|
// "$ref": "#/responses/notFound"
|
|
// "412":
|
|
// "$ref": "#/responses/error"
|
|
|
|
form := web.GetForm(ctx).(*api.EditIssueOption)
|
|
issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
|
|
if err != nil {
|
|
if issues_model.IsErrIssueNotExist(err) {
|
|
ctx.NotFound()
|
|
} else {
|
|
ctx.Error(http.StatusInternalServerError, "GetIssueByIndex", err)
|
|
}
|
|
return
|
|
}
|
|
issue.Repo = ctx.Repo.Repository
|
|
canWrite := ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull)
|
|
|
|
err = issue.LoadAttributes(ctx)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "LoadAttributes", err)
|
|
return
|
|
}
|
|
|
|
if !issue.IsPoster(ctx.Doer.ID) && !canWrite {
|
|
ctx.Status(http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
err = issue_service.SetIssueUpdateDate(ctx, issue, form.Updated, ctx.Doer)
|
|
if err != nil {
|
|
ctx.Error(http.StatusForbidden, "SetIssueUpdateDate", err)
|
|
return
|
|
}
|
|
|
|
oldTitle := issue.Title
|
|
if len(form.Title) > 0 {
|
|
issue.Title = form.Title
|
|
}
|
|
if form.Body != nil {
|
|
issue.Content = *form.Body
|
|
}
|
|
if form.Ref != nil {
|
|
err = issue_service.ChangeIssueRef(ctx, issue, ctx.Doer, *form.Ref)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "UpdateRef", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
// Update or remove the deadline, only if set and allowed
|
|
if (form.Deadline != nil || form.RemoveDeadline != nil) && canWrite {
|
|
var deadlineUnix timeutil.TimeStamp
|
|
|
|
if (form.RemoveDeadline == nil || !*form.RemoveDeadline) && !form.Deadline.IsZero() {
|
|
deadline := time.Date(form.Deadline.Year(), form.Deadline.Month(), form.Deadline.Day(),
|
|
23, 59, 59, 0, form.Deadline.Location())
|
|
deadlineUnix = timeutil.TimeStamp(deadline.Unix())
|
|
}
|
|
|
|
if err := issues_model.UpdateIssueDeadline(ctx, issue, deadlineUnix, ctx.Doer); err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "UpdateIssueDeadline", err)
|
|
return
|
|
}
|
|
issue.DeadlineUnix = deadlineUnix
|
|
}
|
|
|
|
// Add/delete assignees
|
|
|
|
// Deleting is done the GitHub way (quote from their api documentation):
|
|
// https://developer.github.com/v3/issues/#edit-an-issue
|
|
// "assignees" (array): Logins for Users to assign to this issue.
|
|
// Pass one or more user logins to replace the set of assignees on this Issue.
|
|
// Send an empty array ([]) to clear all assignees from the Issue.
|
|
|
|
if canWrite && (form.Assignees != nil || form.Assignee != nil) {
|
|
oneAssignee := ""
|
|
if form.Assignee != nil {
|
|
oneAssignee = *form.Assignee
|
|
}
|
|
|
|
err = issue_service.UpdateAssignees(ctx, issue, oneAssignee, form.Assignees, ctx.Doer)
|
|
if err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "UpdateAssignees", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
if canWrite && form.Milestone != nil &&
|
|
issue.MilestoneID != *form.Milestone {
|
|
oldMilestoneID := issue.MilestoneID
|
|
issue.MilestoneID = *form.Milestone
|
|
if err = issue_service.ChangeMilestoneAssign(issue, ctx.Doer, oldMilestoneID); err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "ChangeMilestoneAssign", err)
|
|
return
|
|
}
|
|
}
|
|
if form.State != nil {
|
|
if issue.IsPull {
|
|
if pr, err := issue.GetPullRequest(); err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "GetPullRequest", err)
|
|
return
|
|
} else if pr.HasMerged {
|
|
ctx.Error(http.StatusPreconditionFailed, "MergedPRState", "cannot change state of this pull request, it was already merged")
|
|
return
|
|
}
|
|
}
|
|
issue.IsClosed = api.StateClosed == api.StateType(*form.State)
|
|
}
|
|
statusChangeComment, titleChanged, err := issues_model.UpdateIssueByAPI(ctx, issue, ctx.Doer)
|
|
if err != nil {
|
|
if issues_model.IsErrDependenciesLeft(err) {
|
|
ctx.Error(http.StatusPreconditionFailed, "DependenciesLeft", "cannot close this issue because it still has open dependencies")
|
|
return
|
|
}
|
|
ctx.Error(http.StatusInternalServerError, "UpdateIssueByAPI", err)
|
|
return
|
|
}
|
|
|
|
if titleChanged {
|
|
notify_service.IssueChangeTitle(ctx, ctx.Doer, issue, oldTitle)
|
|
}
|
|
|
|
if statusChangeComment != nil {
|
|
notify_service.IssueChangeStatus(ctx, ctx.Doer, "", issue, statusChangeComment, issue.IsClosed)
|
|
}
|
|
|
|
// Refetch from database to assign some automatic values
|
|
issue, err = issues_model.GetIssueByID(ctx, issue.ID)
|
|
if err != nil {
|
|
ctx.InternalServerError(err)
|
|
return
|
|
}
|
|
if err = issue.LoadMilestone(ctx); err != nil {
|
|
ctx.InternalServerError(err)
|
|
return
|
|
}
|
|
ctx.JSON(http.StatusCreated, convert.ToAPIIssue(ctx, issue))
|
|
}
|
|
|
|
func DeleteIssue(ctx *context.APIContext) {
|
|
// swagger:operation DELETE /repos/{owner}/{repo}/issues/{index} issue issueDelete
|
|
// ---
|
|
// summary: Delete an issue
|
|
// parameters:
|
|
// - name: owner
|
|
// in: path
|
|
// description: owner of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: repo
|
|
// in: path
|
|
// description: name of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: index
|
|
// in: path
|
|
// description: index of issue to delete
|
|
// type: integer
|
|
// format: int64
|
|
// required: true
|
|
// responses:
|
|
// "204":
|
|
// "$ref": "#/responses/empty"
|
|
// "403":
|
|
// "$ref": "#/responses/forbidden"
|
|
// "404":
|
|
// "$ref": "#/responses/notFound"
|
|
issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
|
|
if err != nil {
|
|
if issues_model.IsErrIssueNotExist(err) {
|
|
ctx.NotFound(err)
|
|
} else {
|
|
ctx.Error(http.StatusInternalServerError, "GetIssueByID", err)
|
|
}
|
|
return
|
|
}
|
|
|
|
if err = issue_service.DeleteIssue(ctx, ctx.Doer, ctx.Repo.GitRepo, issue); err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "DeleteIssueByID", err)
|
|
return
|
|
}
|
|
|
|
ctx.Status(http.StatusNoContent)
|
|
}
|
|
|
|
// UpdateIssueDeadline updates an issue deadline
|
|
func UpdateIssueDeadline(ctx *context.APIContext) {
|
|
// swagger:operation POST /repos/{owner}/{repo}/issues/{index}/deadline issue issueEditIssueDeadline
|
|
// ---
|
|
// summary: Set an issue deadline. If set to null, the deadline is deleted. If using deadline only the date will be taken into account, and time of day ignored.
|
|
// consumes:
|
|
// - application/json
|
|
// produces:
|
|
// - application/json
|
|
// parameters:
|
|
// - name: owner
|
|
// in: path
|
|
// description: owner of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: repo
|
|
// in: path
|
|
// description: name of the repo
|
|
// type: string
|
|
// required: true
|
|
// - name: index
|
|
// in: path
|
|
// description: index of the issue to create or update a deadline on
|
|
// type: integer
|
|
// format: int64
|
|
// required: true
|
|
// - name: body
|
|
// in: body
|
|
// schema:
|
|
// "$ref": "#/definitions/EditDeadlineOption"
|
|
// responses:
|
|
// "201":
|
|
// "$ref": "#/responses/IssueDeadline"
|
|
// "403":
|
|
// "$ref": "#/responses/forbidden"
|
|
// "404":
|
|
// "$ref": "#/responses/notFound"
|
|
form := web.GetForm(ctx).(*api.EditDeadlineOption)
|
|
issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
|
|
if err != nil {
|
|
if issues_model.IsErrIssueNotExist(err) {
|
|
ctx.NotFound()
|
|
} else {
|
|
ctx.Error(http.StatusInternalServerError, "GetIssueByIndex", err)
|
|
}
|
|
return
|
|
}
|
|
|
|
if !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) {
|
|
ctx.Error(http.StatusForbidden, "", "Not repo writer")
|
|
return
|
|
}
|
|
|
|
var deadlineUnix timeutil.TimeStamp
|
|
var deadline time.Time
|
|
if form.Deadline != nil && !form.Deadline.IsZero() {
|
|
deadline = time.Date(form.Deadline.Year(), form.Deadline.Month(), form.Deadline.Day(),
|
|
23, 59, 59, 0, time.Local)
|
|
deadlineUnix = timeutil.TimeStamp(deadline.Unix())
|
|
}
|
|
|
|
if err := issues_model.UpdateIssueDeadline(ctx, issue, deadlineUnix, ctx.Doer); err != nil {
|
|
ctx.Error(http.StatusInternalServerError, "UpdateIssueDeadline", err)
|
|
return
|
|
}
|
|
|
|
ctx.JSON(http.StatusCreated, api.IssueDeadline{Deadline: &deadline})
|
|
}
|