[FIX]concat change to concat_ws, org render 403, normal team leave

This commit is contained in:
viletyy 2021-02-03 18:29:14 +08:00
parent 629f3fbbe1
commit 4f6f257b37
7 changed files with 24 additions and 24 deletions

View File

@ -5,7 +5,7 @@ class Organizations::OrganizationUsersController < Organizations::BaseController
def index
@organization_users = @organization.organization_users.includes(:user)
search = params[:search].to_s.downcase
@organization_users = @organization_users.joins(:user).where("LOWER(concat(users.lastname, users.firstname, users.login, users.mail, users.nickname)) LIKE ?", "%#{search.split(" ").join('|')}%") if search.present?
@organization_users = @organization_users.joins(:user).where("LOWER(CONCAT_WS(users.lastname, users.firstname, users.login, users.mail)) LIKE ?", "%#{search.split(" ").join('|')}%") if search.present?
@organization_users = kaminari_paginate(@organization_users)
end
@ -41,8 +41,8 @@ class Organizations::OrganizationUsersController < Organizations::BaseController
private
def load_organization
@organization = Organization.find_by(login: params[:organization_id]) || Organization.find_by(id: params[:organization_id])
tip_exception("组织不存在") if @organization.nil?
tip_exception("没有查看组织的权限") if org_limited_condition || org_privacy_condition
return render_not_found("组织不存在") if @organization.nil?
return render_forbidden("没有查看组织的权限") if org_limited_condition || org_privacy_condition
end
def load_operate_user

View File

@ -90,8 +90,8 @@ class Organizations::OrganizationsController < Organizations::BaseController
def load_organization
@organization = Organization.find_by(login: params[:id]) || Organization.find_by(id: params[:id])
tip_exception("组织不存在") if @organization.nil?
tip_exception("没有查看组织的权限") if org_limited_condition || org_privacy_condition
return render_not_found("组织不存在") if @organization.nil?
return render_forbidden("没有查看组织的权限") if org_limited_condition || org_privacy_condition
end
def sort_by

View File

@ -31,8 +31,8 @@ class Organizations::ProjectsController < Organizations::BaseController
def load_organization
@organization = Organization.find_by(login: params[:organization_id]) || Organization.find_by(id: params[:organization_id])
tip_exception("组织不存在") if @organization.nil?
tip_exception("没有查看组织的权限") if org_limited_condition || org_privacy_condition
return render_not_found("组织不存在") if @organization.nil?
return render_forbidden("没有查看组织的权限") if org_limited_condition || org_privacy_condition
end
def sort

View File

@ -36,14 +36,14 @@ class Organizations::TeamProjectsController < Organizations::BaseController
private
def load_organization
@organization = Organization.find_by(login: params[:organization_id]) || Organization.find_by(id: params[:organization_id])
tip_exception("组织不存在") if @organization.nil?
tip_exception("没有查看组织的权限") if org_limited_condition || org_privacy_condition
return render_not_found("组织不存在") if @organization.nil?
return render_forbidden("没有查看组织的权限") if org_limited_condition || org_privacy_condition
end
def load_team
@team = Team.find_by_id(params[:team_id])
tip_exception("组织团队不存在") if @team.nil?
tip_exception("没有查看组织团队的权限") if team_not_found_condition
return render_not_found("组织团队不存在") if @team.nil?
return render_forbidden("没有查看组织团队的权限") if team_not_found_condition
end
def load_operate_project

View File

@ -5,10 +5,10 @@ class Organizations::TeamUsersController < Organizations::BaseController
before_action :check_user_can_edit_org, only: [:create, :destroy]
def index
@team_users = @team.team_users
@team_users = @team.team_users.includes(:user)
search = params[:search].to_s.downcase
@team_users = @team_users.joins(:user).where("LOWER(concat(users.lastname, users.firstname, users.login, users.mail, users.nickname)) LIKE ?", "%#{search.split(" ").join('|')}%") if search.present?
@team_users = @team_users.joins(:user).where("LOWER(CONCAT_WS(users.lastname, users.firstname, users.login, users.mail, users.nickname)) LIKE ?", "%#{search.split(" ").join('|')}%") if search.present?
@team_users = kaminari_paginate(@team_users)
end
@ -25,7 +25,7 @@ class Organizations::TeamUsersController < Organizations::BaseController
end
def destroy
tip_exception("您不能从 Owner 团队中删除最后一个用户") if @organization.is_owner_team_last_one?(@operate_user.id)
tip_exception("您不能从 Owner 团队中删除最后一个用户") if @team.owner? && @organization.is_owner_team_last_one?(@operate_user.id)
ActiveRecord::Base.transaction do
@team_user.destroy!
Gitea::Organization::TeamUser::DeleteService.call(@organization.gitea_token, @team.gtid, @operate_user.login)
@ -39,7 +39,7 @@ class Organizations::TeamUsersController < Organizations::BaseController
def quit
@team_user = @team.team_users.find_by(user_id: current_user.id)
tip_exception("您不在该组织团队中") if @team_user.nil?
tip_exception("您不能从 Owner 团队中删除最后一个用户") if @organization.is_owner_team_last_one?(current_user.id)
tip_exception("您不能从 Owner 团队中删除最后一个用户") if @team.owner? && @organization.is_owner_team_last_one?(current_user.id)
ActiveRecord::Base.transaction do
@team_user.destroy!
Gitea::Organization::TeamUser::DeleteService.call(@organization.gitea_token, @team.gtid, current_user.login)
@ -53,14 +53,14 @@ class Organizations::TeamUsersController < Organizations::BaseController
private
def load_organization
@organization = Organization.find_by(login: params[:organization_id]) || Organization.find_by(id: params[:organization_id])
tip_exception("组织不存在") if @organization.nil?
tip_exception("没有查看组织的权限") if org_limited_condition || org_privacy_condition
return render_not_found("组织不存在") if @organization.nil?
return render_forbidden("没有查看组织的权限") if org_limited_condition || org_privacy_condition
end
def load_team
@team = Team.find_by_id(params[:team_id])
tip_exception("组织团队不存在") if @team.nil?
tip_exception("没有查看组织团队的权限") if team_not_found_condition
return render_not_found("组织团队不存在") if @team.nil?
return render_forbidden("没有查看组织团队的权限") if team_not_found_condition
end
def load_operate_user

View File

@ -53,13 +53,13 @@ class Organizations::TeamsController < Organizations::BaseController
def load_organization
@organization = Organization.find_by(login: params[:organization_id]) || Organization.find_by(id: params[:organization_id])
tip_exception("组织不存在") if @organization.nil?
tip_exception("没有查看组织的权限") if org_limited_condition || org_privacy_condition
return render_not_found("组织不存在") if @organization.nil?
return render_forbidden("没有查看组织的权限") if org_limited_condition || org_privacy_condition
end
def load_team
@team = Team.find_by_id(params[:id])
tip_exception("组织团队不存在") if @team.nil?
tip_exception("没有查看组织团队的权限") if team_not_found_condition
return render_not_found("组织团队不存在") if @team.nil?
return render_forbidden("没有查看组织团队的权限") if team_not_found_condition
end
end

View File

@ -7,7 +7,7 @@ json.repo_admin_change_team_access organization.repo_admin_change_team_access
json.visibility organization.visibility
json.max_repo_creation organization.max_repo_creation
json.num_projects organization.num_projects
json.num_user organization.num_users
json.num_users organization.num_users
json.num_teams organization.num_teams
json.avatar_url url_to_avatar(organization)
json.created_at organization.created_on.strftime("%Y-%m-%d")