Fix permission issues with repositories collection
This commit is contained in:
parent
141b864a56
commit
7e1b618769
2 changed files with 24 additions and 18 deletions
|
@ -242,12 +242,16 @@ App::post('/v1/functions')
|
||||||
|
|
||||||
// Git connect logic
|
// Git connect logic
|
||||||
if (!empty($providerRepositoryId)) {
|
if (!empty($providerRepositoryId)) {
|
||||||
|
$teamId = $project->getAttribute('teamId', '');
|
||||||
|
|
||||||
$repository = $dbForConsole->createDocument('repositories', new Document([
|
$repository = $dbForConsole->createDocument('repositories', new Document([
|
||||||
'$id' => ID::unique(),
|
'$id' => ID::unique(),
|
||||||
'$permissions' => [
|
'$permissions' => [
|
||||||
Permission::read(Role::any()),
|
Permission::read(Role::team(ID::custom($teamId))),
|
||||||
Permission::update(Role::any()),
|
Permission::update(Role::team(ID::custom($teamId), 'owner')),
|
||||||
Permission::delete(Role::any()),
|
Permission::update(Role::team(ID::custom($teamId), 'developer')),
|
||||||
|
Permission::delete(Role::team(ID::custom($teamId), 'owner')),
|
||||||
|
Permission::delete(Role::team(ID::custom($teamId), 'developer')),
|
||||||
],
|
],
|
||||||
'installationId' => $installation->getId(),
|
'installationId' => $installation->getId(),
|
||||||
'installationInternalId' => $installation->getInternalId(),
|
'installationInternalId' => $installation->getInternalId(),
|
||||||
|
@ -761,9 +765,11 @@ App::put('/v1/functions/:functionId')
|
||||||
$repository = $dbForConsole->createDocument('repositories', new Document([
|
$repository = $dbForConsole->createDocument('repositories', new Document([
|
||||||
'$id' => ID::unique(),
|
'$id' => ID::unique(),
|
||||||
'$permissions' => [
|
'$permissions' => [
|
||||||
Permission::read(Role::any()),
|
Permission::read(Role::team(ID::custom($teamId))),
|
||||||
Permission::update(Role::any()),
|
Permission::update(Role::team(ID::custom($teamId), 'owner')),
|
||||||
Permission::delete(Role::any()),
|
Permission::update(Role::team(ID::custom($teamId), 'developer')),
|
||||||
|
Permission::delete(Role::team(ID::custom($teamId), 'owner')),
|
||||||
|
Permission::delete(Role::team(ID::custom($teamId), 'developer')),
|
||||||
],
|
],
|
||||||
'installationId' => $installation->getId(),
|
'installationId' => $installation->getId(),
|
||||||
'installationInternalId' => $installation->getInternalId(),
|
'installationInternalId' => $installation->getInternalId(),
|
||||||
|
|
|
@ -857,10 +857,10 @@ App::post('/v1/vcs/github/events')
|
||||||
$github->initializeVariables($providerInstallationId, $privateKey, $githubAppId);
|
$github->initializeVariables($providerInstallationId, $privateKey, $githubAppId);
|
||||||
|
|
||||||
//find functionId from functions table
|
//find functionId from functions table
|
||||||
$repositories = $dbForConsole->find('repositories', [
|
$repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
|
||||||
Query::equal('providerRepositoryId', [$providerRepositoryId]),
|
Query::equal('providerRepositoryId', [$providerRepositoryId]),
|
||||||
Query::limit(100),
|
Query::limit(100),
|
||||||
]);
|
]));
|
||||||
|
|
||||||
// create new deployment only on push and not when branch is created
|
// create new deployment only on push and not when branch is created
|
||||||
if (!$providerBranchCreated) {
|
if (!$providerBranchCreated) {
|
||||||
|
@ -877,13 +877,13 @@ App::post('/v1/vcs/github/events')
|
||||||
]);
|
]);
|
||||||
|
|
||||||
foreach ($installations as $installation) {
|
foreach ($installations as $installation) {
|
||||||
$repositories = $dbForConsole->find('repositories', [
|
$repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
|
||||||
Query::equal('installationInternalId', [$installation->getInternalId()]),
|
Query::equal('installationInternalId', [$installation->getInternalId()]),
|
||||||
Query::limit(1000)
|
Query::limit(1000)
|
||||||
]);
|
]));
|
||||||
|
|
||||||
foreach ($repositories as $repository) {
|
foreach ($repositories as $repository) {
|
||||||
$dbForConsole->deleteDocument('repositories', $repository->getId());
|
Authorization::skip(fn () => $dbForConsole->deleteDocument('repositories', $repository->getId()));
|
||||||
}
|
}
|
||||||
|
|
||||||
$dbForConsole->deleteDocument('installations', $installation->getId());
|
$dbForConsole->deleteDocument('installations', $installation->getId());
|
||||||
|
@ -915,10 +915,10 @@ App::post('/v1/vcs/github/events')
|
||||||
$providerCommitAuthor = $commitDetails["commitAuthor"] ?? '';
|
$providerCommitAuthor = $commitDetails["commitAuthor"] ?? '';
|
||||||
$providerCommitMessage = $commitDetails["commitMessage"] ?? '';
|
$providerCommitMessage = $commitDetails["commitMessage"] ?? '';
|
||||||
|
|
||||||
$repositories = $dbForConsole->find('repositories', [
|
$repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
|
||||||
Query::equal('providerRepositoryId', [$providerRepositoryId]),
|
Query::equal('providerRepositoryId', [$providerRepositoryId]),
|
||||||
Query::orderDesc('$createdAt')
|
Query::orderDesc('$createdAt')
|
||||||
]);
|
]));
|
||||||
|
|
||||||
$createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerBranchUrl, $providerRepositoryName, $providerRepositoryUrl, $providerRepositoryOwner, $providerCommitHash, $providerCommitAuthor, $providerCommitAuthorUrl, $providerCommitMessage, $providerCommitUrl, $providerPullRequestId, $external, $dbForConsole, $queueForBuilds, $getProjectDB, $request);
|
$createGitDeployments($github, $providerInstallationId, $repositories, $providerBranch, $providerBranchUrl, $providerRepositoryName, $providerRepositoryUrl, $providerRepositoryOwner, $providerCommitHash, $providerCommitAuthor, $providerCommitAuthorUrl, $providerCommitMessage, $providerCommitUrl, $providerPullRequestId, $external, $dbForConsole, $queueForBuilds, $getProjectDB, $request);
|
||||||
} elseif ($parsedPayload["action"] == "closed") {
|
} elseif ($parsedPayload["action"] == "closed") {
|
||||||
|
@ -929,10 +929,10 @@ App::post('/v1/vcs/github/events')
|
||||||
$external = $parsedPayload["external"] ?? true;
|
$external = $parsedPayload["external"] ?? true;
|
||||||
|
|
||||||
if ($external) {
|
if ($external) {
|
||||||
$repositories = $dbForConsole->find('repositories', [
|
$repositories = Authorization::skip(fn () => $dbForConsole->find('repositories', [
|
||||||
Query::equal('providerRepositoryId', [$providerRepositoryId]),
|
Query::equal('providerRepositoryId', [$providerRepositoryId]),
|
||||||
Query::orderDesc('$createdAt')
|
Query::orderDesc('$createdAt')
|
||||||
]);
|
]));
|
||||||
|
|
||||||
foreach ($repositories as $repository) {
|
foreach ($repositories as $repository) {
|
||||||
$providerPullRequestIds = $repository->getAttribute('providerPullRequestIds', []);
|
$providerPullRequestIds = $repository->getAttribute('providerPullRequestIds', []);
|
||||||
|
@ -1092,9 +1092,9 @@ App::patch('/v1/vcs/github/installations/:installationId/repositories/:repositor
|
||||||
throw new Exception(Exception::INSTALLATION_NOT_FOUND);
|
throw new Exception(Exception::INSTALLATION_NOT_FOUND);
|
||||||
}
|
}
|
||||||
|
|
||||||
$repository = $dbForConsole->getDocument('repositories', $repositoryId, [
|
$repository = Authorization::skip(fn () => $dbForConsole->getDocument('repositories', $repositoryId, [
|
||||||
Query::equal('projectInternalId', [$project->getInternalId()])
|
Query::equal('projectInternalId', [$project->getInternalId()])
|
||||||
]);
|
]));
|
||||||
|
|
||||||
if ($repository->isEmpty()) {
|
if ($repository->isEmpty()) {
|
||||||
throw new Exception(Exception::REPOSITORY_NOT_FOUND);
|
throw new Exception(Exception::REPOSITORY_NOT_FOUND);
|
||||||
|
@ -1109,7 +1109,7 @@ App::patch('/v1/vcs/github/installations/:installationId/repositories/:repositor
|
||||||
|
|
||||||
// TODO: Delete from array when PR is closed
|
// TODO: Delete from array when PR is closed
|
||||||
|
|
||||||
$repository = $dbForConsole->updateDocument('repositories', $repository->getId(), $repository);
|
$repository = Authorization::skip(fn () => $dbForConsole->updateDocument('repositories', $repository->getId(), $repository));
|
||||||
|
|
||||||
$privateKey = App::getEnv('_APP_VCS_GITHUB_PRIVATE_KEY');
|
$privateKey = App::getEnv('_APP_VCS_GITHUB_PRIVATE_KEY');
|
||||||
$githubAppId = App::getEnv('_APP_VCS_GITHUB_APP_ID');
|
$githubAppId = App::getEnv('_APP_VCS_GITHUB_APP_ID');
|
||||||
|
|
Loading…
Reference in a new issue