@ -176,129 +176,133 @@ func isTeamNameTaken(orgId int64, name string, existingId int64, sess *DBSession
} }
func ( ss * SQLStore ) SearchTeams ( ctx context . Context , query * models . SearchTeamsQuery ) error { func ( ss * SQLStore ) SearchTeams ( ctx context . Context , query * models . SearchTeamsQuery ) error {
query . Result = models . SearchTeamQueryResult { return ss . WithDbSession ( ctx , func ( sess * DBSession ) error {
Teams : make ( [ ] * models . TeamDTO , 0 ) , query . Result = models . SearchTeamQueryResult {
} Teams : make ( [ ] * models . TeamDTO , 0 ) ,
queryWithWildcards := "%" + query . Query + "%" }
queryWithWildcards := "%" + query . Query + "%"
var sql bytes . Buffer var sql bytes . Buffer
params := make ( [ ] interface { } , 0 ) params := make ( [ ] interface { } , 0 )
filteredUsers := getFilteredUsers ( query . SignedInUser , query . HiddenUsers ) filteredUsers := getFilteredUsers ( query . SignedInUser , query . HiddenUsers )
for _ , user := range filteredUsers { for _ , user := range filteredUsers {
params = append ( params , user ) params = append ( params , user )
} }
if query . UserIdFilter == models . FilterIgnoreUser { if query . UserIdFilter == models . FilterIgnoreUser {
sql . WriteString ( getTeamSelectSQLBase ( filteredUsers ) ) sql . WriteString ( getTeamSelectSQLBase ( filteredUsers ) )
} else { } else {
sql . WriteString ( getTeamSelectWithPermissionsSQLBase ( filteredUsers ) ) sql . WriteString ( getTeamSelectWithPermissionsSQLBase ( filteredUsers ) )
params = append ( params , query . UserIdFilter ) params = append ( params , query . UserIdFilter )
} }
sql . WriteString ( ` WHERE team.org_id = ? ` ) sql . WriteString ( ` WHERE team.org_id = ? ` )
params = append ( params , query . OrgId ) params = append ( params , query . OrgId )
if query . Query != "" { if query . Query != "" {
sql . WriteString ( ` and team.name ` + d ialect. LikeStr ( ) + ` ? ` ) sql . WriteString ( ` and team.name ` + ss . D ialect. LikeStr ( ) + ` ? ` )
params = append ( params , queryWithWildcards ) params = append ( params , queryWithWildcards )
} }
if query . Name != "" { if query . Name != "" {
sql . WriteString ( ` and team.name = ? ` ) sql . WriteString ( ` and team.name = ? ` )
params = append ( params , query . Name ) params = append ( params , query . Name )
} }
var ( var (
acFilter ac . SQLFilter acFilter ac . SQLFilter
err error err error
) )
if ss . Cfg . IsFeatureToggleEnabled ( featuremgmt . FlagAccesscontrol ) { if ss . Cfg . IsFeatureToggleEnabled ( featuremgmt . FlagAccesscontrol ) {
acFilter , err = ac . Filter ( query . SignedInUser , "team.id" , "teams:id:" , ac . ActionTeamsRead ) acFilter , err = ac . Filter ( query . SignedInUser , "team.id" , "teams:id:" , ac . ActionTeamsRead )
if err != nil { if err != nil {
return err return err
}
sql . WriteString ( ` and ` + acFilter . Where )
params = append ( params , acFilter . Args ... )
} }
sql . WriteString ( ` and ` + acFilter . Where )
params = append ( params , acFilter . Args ... )
}
sql . WriteString ( ` order by team.name asc ` ) sql . WriteString ( ` order by team.name asc ` )
if query . Limit != 0 { if query . Limit != 0 {
offset := query . Limit * ( query . Page - 1 ) offset := query . Limit * ( query . Page - 1 )
sql . WriteString ( d ialect. LimitOffset ( int64 ( query . Limit ) , int64 ( offset ) ) ) sql . WriteString ( ss . D ialect. LimitOffset ( int64 ( query . Limit ) , int64 ( offset ) ) )
} }
if err := x . SQL ( sql . String ( ) , params ... ) . Find ( & query . Result . Teams ) ; err != nil { if err := sess . SQL ( sql . String ( ) , params ... ) . Find ( & query . Result . Teams ) ; err != nil {
return err return err
} }
team := models . Team { } team := models . Team { }
countSess := x . Table ( "team" ) countSess := sess . Table ( "team" )
countSess . Where ( "team.org_id=?" , query . OrgId ) countSess . Where ( "team.org_id=?" , query . OrgId )
if query . Query != "" { if query . Query != "" {
countSess . Where ( ` name ` + dialect . LikeStr ( ) + ` ? ` , queryWithWildcards ) countSess . Where ( ` name ` + dialect . LikeStr ( ) + ` ? ` , queryWithWildcards )
} }
if query . Name != "" { if query . Name != "" {
countSess . Where ( "name=?" , query . Name ) countSess . Where ( "name=?" , query . Name )
} }
// If we're not retrieving all results, then only search for teams that this user has access to
// If we're not retrieving all results, then only search for teams that this user has access to
if query . UserIdFilter != models . FilterIgnoreUser { if query . UserIdFilter != models . FilterIgnoreUser {
countSess . countSess .
Where ( ` Where ( `
team . id IN ( team . id IN (
SELECT SELECT
team_id team_id
FROM team_member FROM team_member
WHERE team_member . user_id = ? WHERE team_member . user_id = ?
) ` , query . UserIdFilter ) ) ` , query . UserIdFilter )
} }
// Only count teams user can see
// Only count teams user can see
if ss . Cfg . IsFeatureToggleEnabled ( featuremgmt . FlagAccesscontrol ) { if ss . Cfg . IsFeatureToggleEnabled ( featuremgmt . FlagAccesscontrol ) {
countSess . Where ( acFilter . Where , acFilter . Args ... ) countSess . Where ( acFilter . Where , acFilter . Args ... )
} }
count , err := countSess . Count ( & team ) count , err := countSess . Count ( & team )
query . Result . TotalCount = count query . Result . TotalCount = count
return err return err
} )
} }
func ( ss * SQLStore ) GetTeamById ( ctx context . Context , query * models . GetTeamByIdQuery ) error { func ( ss * SQLStore ) GetTeamById ( ctx context . Context , query * models . GetTeamByIdQuery ) error {
var sql bytes . Buffer return ss . WithDbSession ( ctx , func ( sess * DBSession ) error {
params := make ( [ ] interface { } , 0 ) var sql bytes . Buffer
params := make ( [ ] interface { } , 0 )
filteredUsers := getFilteredUsers ( query . SignedInUser , query . HiddenUsers ) filteredUsers := getFilteredUsers ( query . SignedInUser , query . HiddenUsers )
sql . WriteString ( getTeamSelectSQLBase ( filteredUsers ) ) sql . WriteString ( getTeamSelectSQLBase ( filteredUsers ) )
for _ , user := range filteredUsers { for _ , user := range filteredUsers {
params = append ( params , user ) params = append ( params , user )
} }
if query . UserIdFilter != models . FilterIgnoreUser { if query . UserIdFilter != models . FilterIgnoreUser {
sql . WriteString ( ` INNER JOIN team_member ON team.id = team_member.team_id AND team_member.user_id = ? ` ) sql . WriteString ( ` INNER JOIN team_member ON team.id = team_member.team_id AND team_member.user_id = ? ` )
params = append ( params , query . UserIdFilter ) params = append ( params , query . UserIdFilter )
} }
sql . WriteString ( ` WHERE team.org_id = ? and team.id = ? ` ) sql . WriteString ( ` WHERE team.org_id = ? and team.id = ? ` )
params = append ( params , query . OrgId , query . Id ) params = append ( params , query . OrgId , query . Id )
var team models . TeamDTO var team models . TeamDTO
exists , err := x . SQL ( sql . String ( ) , params ... ) . Get ( & team ) exists , err := sess . SQL ( sql . String ( ) , params ... ) . Get ( & team )
if err != nil { if err != nil {
return err return err
} }
if ! exists { if ! exists {
return models . ErrTeamNotFound return models . ErrTeamNotFound
} }
query . Result = & team query . Result = & team
return nil return nil
} )
} }
// GetTeamsByUser is used by the Guardian when checking a users' permissions
// GetTeamsByUser is used by the Guardian when checking a users' permissions
@ -513,7 +517,7 @@ func (ss *SQLStore) GetTeamMembers(ctx context.Context, query *models.GetTeamMem
// Note we assume that checking SignedInUser is allowed to see team members for this team has already been performed
// Note we assume that checking SignedInUser is allowed to see team members for this team has already been performed
// If the signed in user is not set no member will be returned
// If the signed in user is not set no member will be returned
if ss . Cfg . IsFeatureToggleEnabled ( featuremgmt . FlagAccesscontrol ) { if ss . Cfg . IsFeatureToggleEnabled ( featuremgmt . FlagAccesscontrol ) {
sqlID := fmt . Sprintf ( "%s.%s" , x . Dialect ( ) . Quote ( "user" ) , x . Dialect ( ) . Quote ( "id" ) ) sqlID := fmt . Sprintf ( "%s.%s" , ss . engine . Dialect ( ) . Quote ( "user" ) , ss . engine . Dialect ( ) . Quote ( "id" ) )
* acFilter , err = ac . Filter ( query . SignedInUser , sqlID , "users:id:" , ac . ActionOrgUsersRead ) * acFilter , err = ac . Filter ( query . SignedInUser , sqlID , "users:id:" , ac . ActionOrgUsersRead )
if err != nil { if err != nil {
return err return err
@ -525,67 +529,71 @@ func (ss *SQLStore) GetTeamMembers(ctx context.Context, query *models.GetTeamMem
// getTeamMembers return a list of members for the specified team
// getTeamMembers return a list of members for the specified team
func ( ss * SQLStore ) getTeamMembers ( ctx context . Context , query * models . GetTeamMembersQuery , acUserFilter * ac . SQLFilter ) error { func ( ss * SQLStore ) getTeamMembers ( ctx context . Context , query * models . GetTeamMembersQuery , acUserFilter * ac . SQLFilter ) error {
query . Result = make ( [ ] * models . TeamMemberDTO , 0 ) return ss . WithDbSession ( ctx , func ( dbSess * DBSession ) error {
sess := x . Table ( "team_member" ) query . Result = make ( [ ] * models . TeamMemberDTO , 0 )
sess . Join ( "INNER" , x . Dialect ( ) . Quote ( "user" ) , sess := dbSess . Table ( "team_member" )
fmt . Sprintf ( "team_member.user_id=%s.%s" , x . Dialect ( ) . Quote ( "user" ) , x . Dialect ( ) . Quote ( "id" ) ) , sess . Join ( "INNER" , ss . Dialect . Quote ( "user" ) ,
) fmt . Sprintf ( "team_member.user_id=%s.%s" , ss . Dialect . Quote ( "user" ) , ss . Dialect . Quote ( "id" ) ) ,
)
if acUserFilter != nil {
sess . Where ( acUserFilter . Where , acUserFilter . Args ... ) if acUserFilter != nil {
} sess . Where ( acUserFilter . Where , acUserFilter . Args ... )
}
// Join with only most recent auth module
// Join with only most recent auth module
authJoinCondition := ` ( authJoinCondition := ` (
SELECT id from user_auth SELECT id from user_auth
WHERE user_auth . user_id = team_member . user_id WHERE user_auth . user_id = team_member . user_id
ORDER BY user_auth . created DESC ` ORDER BY user_auth . created DESC `
authJoinCondition = "user_auth.id=" + authJoinCondition + d ialect. Limit ( 1 ) + ")" authJoinCondition = "user_auth.id=" + authJoinCondition + ss . D ialect. Limit ( 1 ) + ")"
sess . Join ( "LEFT" , "user_auth" , authJoinCondition ) sess . Join ( "LEFT" , "user_auth" , authJoinCondition )
if query . OrgId != 0 { if query . OrgId != 0 {
sess . Where ( "team_member.org_id=?" , query . OrgId ) sess . Where ( "team_member.org_id=?" , query . OrgId )
} }
if query . TeamId != 0 { if query . TeamId != 0 {
sess . Where ( "team_member.team_id=?" , query . TeamId ) sess . Where ( "team_member.team_id=?" , query . TeamId )
} }
if query . UserId != 0 { if query . UserId != 0 {
sess . Where ( "team_member.user_id=?" , query . UserId ) sess . Where ( "team_member.user_id=?" , query . UserId )
} }
if query . External { if query . External {
sess . Where ( "team_member.external=?" , dialect . BooleanStr ( true ) ) sess . Where ( "team_member.external=?" , ss . Dialect . BooleanStr ( true ) )
} }
sess . Cols ( sess . Cols (
"team_member.org_id" , "team_member.org_id" ,
"team_member.team_id" , "team_member.team_id" ,
"team_member.user_id" , "team_member.user_id" ,
"user.email" , "user.email" ,
"user.name" , "user.name" ,
"user.login" , "user.login" ,
"team_member.external" , "team_member.external" ,
"team_member.permission" , "team_member.permission" ,
"user_auth.auth_module" , "user_auth.auth_module" ,
) )
sess . Asc ( "user.login" , "user.email" ) sess . Asc ( "user.login" , "user.email" )
err := sess . Find ( & query . Result ) err := sess . Find ( & query . Result )
return err return err
} )
} }
func IsAdminOfTeams ( ctx context . Context , query * models . IsAdminOfTeamsQuery ) error { func ( ss * SQLStore ) IsAdminOfTeams ( ctx context . Context , query * models . IsAdminOfTeamsQuery ) error {
builder := & SQLBuilder { } return ss . WithDbSession ( ctx , func ( sess * DBSession ) error {
builder . Write ( "SELECT COUNT(team.id) AS count FROM team INNER JOIN team_member ON team_member.team_id = team.id WHERE team.org_id = ? AND team_member.user_id = ? AND team_member.permission = ?" , query . SignedInUser . OrgId , query . SignedInUser . UserId , models . PERMISSION_ADMIN ) builder := & SQLBuilder { }
builder . Write ( "SELECT COUNT(team.id) AS count FROM team INNER JOIN team_member ON team_member.team_id = team.id WHERE team.org_id = ? AND team_member.user_id = ? AND team_member.permission = ?" , query . SignedInUser . OrgId , query . SignedInUser . UserId , models . PERMISSION_ADMIN )
type teamCount struct { type teamCount struct {
Count int64 Count int64
} }
resp := make ( [ ] * teamCount , 0 ) resp := make ( [ ] * teamCount , 0 )
if err := x . SQL ( builder . GetSQLString ( ) , builder . params ... ) . Find ( & resp ) ; err != nil { if err := sess . SQL ( builder . GetSQLString ( ) , builder . params ... ) . Find ( & resp ) ; err != nil {
return err return err
} }
query . Result = len ( resp ) > 0 && resp [ 0 ] . Count > 0 query . Result = len ( resp ) > 0 && resp [ 0 ] . Count > 0
return nil return nil
} )
} }
Kat Yang
4 years ago
committed by