[ADD]组织项目相关

app/controllers/concerns/paginate_helper.rb

@@ -1,12 +1,14 @@
 module PaginateHelper
-  def paginate(objs, **opts)
-    page     = params[:page].to_i <= 0 ? 1 : params[:page].to_i
-    per_page = params[:per_page].to_i > 0 && params[:per_page].to_i < 50 ? params[:per_page].to_i : opts[:per_page] || 20
 
-    if objs.is_a?(Array)
-      Kaminari.paginate_array(objs).page(page).per(per_page)
+  def paginate(relation)
+    limit = params[:limit] || params[:per_page]
+    limit = (limit.to_i.zero? || limit.to_i > 15) ? 15 : limit.to_i
+    page  = params[:page].to_i.zero? ? 1 : params[:page].to_i
+
+    if relation.is_a?(Array)
+      Kaminari.paginate_array(relation).page(page).per(limit)
     else
-      objs.page(page).per(per_page)
+      relation.page(page).per(limit)
     end
   end
 end

app/controllers/organizations/base_controller.rb

@@ -1,10 +1,15 @@
 class Organizations::BaseController < ApplicationController
   include ApplicationHelper
+  include PaginateHelper
 
   protected
 
-  def organization_owner
-    @organization.team_users.joins(:team).where(teams: {authorize: 'owner'}).take.user
+  def can_edit_org?
+    current_user.admin? || @organization.is_owner?(current_user.id)
+  end
+
+  def check_user_can_edit_org
+    tip_exception("您没有权限进行该操作") unless can_edit_org?
   end
 
   def org_limited_condition
@@ -16,7 +21,7 @@ class Organizations::BaseController < ApplicationController
   end
 
   def team_not_found_condition
-    @team.team_users.where(user_id: current_user.id).blank? && !@organization.is_owner?(current_user)
+    @team.team_users.where(user_id: current_user.id).blank? && !@organization.is_owner?(current_user.id)
   end
 
   def user_mark

app/controllers/organizations/organization_users_controller.rb

@@ -1,7 +1,6 @@
 class Organizations::OrganizationUsersController < Organizations::BaseController
   before_action :load_organization
-  before_action :load_operate_user, only: [:destroy]
-  before_action :load_organization_user, only: [:destroy]
+  before_action :load_operate_user, :load_organization_user, :check_user_can_edit_org, only: [:destroy]
 
   def index
     @organization_users = @organization.organization_users.includes(:user)
@@ -10,11 +9,11 @@ class Organizations::OrganizationUsersController < Organizations::BaseController
   end
 
   def destroy
-    tip_exception("您没有权限进行该操作") unless @organization.is_owner?(current_user)
+    tip_exception("您不能从 Owner 团队中删除最后一个用户") if @organization.is_owner_team_last_one?(@operate_user)
     ActiveRecord::Base.transaction do
       @organization_user.destroy!
       TeamUser.where(organization_id: @organization.id, user_id: @operate_user.id).map{|u| u.destroy!}
-      Gitea::Organization::OrganizationUser::DeleteService.call(current_user.gitea_token, @organization.login, @operate_user.login)
+      Gitea::Organization::OrganizationUser::DeleteService.call(@organization.gitea_token, @organization.login, @operate_user.login)
       render_ok
     end
   rescue Exception => e
@@ -25,10 +24,11 @@ class Organizations::OrganizationUsersController < Organizations::BaseController
   def quit
     @organization_user = @organization.organization_users.find_by(user_id: current_user.id)
     tip_exception("您不在该组织中") if @organization_user.nil?
+    tip_exception("您不能从 Owner 团队中删除最后一个用户") if @organization.is_owner_team_last_one?(current_user)
     ActiveRecord::Base.transaction do
       @organization_user.destroy!
       TeamUser.where(organization_id: @organization.id, user_id: current_user.id).map{|u| u.destroy!}
-      Gitea::Organization::OrganizationUser::DeleteService.call(organization_owner.gitea_token, @organization.login, current_user.login)
+      Gitea::Organization::OrganizationUser::DeleteService.call(@organization.gitea_token, @organization.login, current_user.login)
       render_ok
     end
   rescue Exception => e

app/controllers/organizations/organizations_controller.rb

@@ -2,6 +2,7 @@ class Organizations::OrganizationsController < Organizations::BaseController
   before_action :require_login, except: [:index, :show]
   before_action :convert_base64_image!, only: [:create, :update]
   before_action :load_organization, only: [:show, :update, :destroy]
+  before_action :check_user_can_edit_org, only: [:update, :destroy]
 
   def index
     if current_user.logged?
@@ -29,12 +30,11 @@ class Organizations::OrganizationsController < Organizations::BaseController
   end
 
   def update
-    tip_exception("您没有权限进行该操作") unless @organization.is_owner?(current_user)
     ActiveRecord::Base.transaction do
       login = @organization.login
       @organization.update!(login: organization_params[:name]) if organization_params[:name].present?
       @organization.organization_extension.update_attributes!(organization_params.except(:name))
-      Gitea::Organization::UpdateService.call(current_user.gitea_token, login, @organization.reload)
+      Gitea::Organization::UpdateService.call(@organization.gitea_token, login, @organization.reload)
       Util.write_file(@image, avatar_path(@organization)) if params[:image].present?
     end
   rescue Exception => e
@@ -44,9 +44,8 @@ class Organizations::OrganizationsController < Organizations::BaseController
 
   def destroy
     tip_exception("密码不正确") unless current_user.check_password?(password)
-    tip_exception("您没有权限进行该操作") unless @organization.is_owner?(current_user)
     ActiveRecord::Base.transaction do
-      Gitea::Organization::DeleteService.call(current_user.gitea_token, @organization.login)
+      Gitea::Organization::DeleteService.call(@organization.gitea_token, @organization.login)
       @organization.destroy!
     end
     render_ok

app/controllers/organizations/projects_controller.rb

@@ -0,0 +1,32 @@
+class Organizations::ProjectsController < Organizations::BaseController
+  before_action :load_organization
+
+  def index
+    public_projects_sql = @organization.projects.where(is_public: true).to_sql
+    private_projects_sql = @organization.projects
+                               .where(is_public: false)
+                               .joins(team_projects: {team: :team_users})
+                               .where(team_users: {user_id: current_user.id}).to_sql
+    @projects = Project.from("( #{ public_projects_sql} UNION #{ private_projects_sql } ) AS projects")
+
+    @projects = @projects.ransack(name_or_identifier_cont: params[:search]).result if params[:search].present?
+    @projects = @projects.includes(:owner).order("projects.#{sort} #{sort_direction}")
+    @projects = paginate(@projects)
+  end
+
+  private
+
+  def load_organization
+    @organization = Organization.find_by(login: params[:organization_id]) || Organization.find_by(id: params[:organization_id])
+    tip_exception("组织不存在") if @organization.nil?
+    tip_exception("没有查看组织的权限") if org_limited_condition || org_privacy_condition
+  end
+
+  def sort
+    params.fetch(:sort_by, "updated_on")
+  end
+
+  def sort_direction
+    params.fetch(:sort_direction, "desc")
+  end
+end

app/controllers/organizations/team_projects_controller.rb

@@ -0,0 +1,56 @@
+class Organizations::TeamProjectsController < Organizations::BaseController
+  before_action :load_organization
+  before_action :load_team
+  before_action :load_operate_project, :check_user_can_edit_org, only: [:create, :destroy]
+  before_action :load_team_project, only: [:destroy]
+
+  def index
+    @team_projects = @team.team_projects
+
+    @team_projects = paginate(@team_projects)
+  end
+
+  def create
+    ActiveRecord::Base.transaction do
+      @team_project = TeamProject.build(@organization.id, @team.id, @operate_project.id)
+      Gitea::Organization::TeamProject::CreateService.call(@organization.gitea_token, @team.gtid, @organization.login, @operate_project.identifier)
+    end
+  rescue Exception => e
+    uid_logger_error(e.message)
+    tip_exception(e.message)
+  end
+
+  def destroy
+    ActiveRecord::Base.transaction do
+      @team_projects.destroy!
+      Gitea::Organization::TeamProject::DeleteService.call(@organization.gitea_token, @team.gtid, @organization.login, @operate_project.identifier)
+      render_ok
+    end
+  rescue Exception => e
+    uid_logger_error(e.message)
+    tip_exception(e.message)
+  end
+
+  private
+  def load_organization
+    @organization = Organization.find_by(login: params[:organization_id]) || Organization.find_by(id: params[:organization_id])
+    tip_exception("组织不存在") if @organization.nil?
+    tip_exception("没有查看组织的权限") if org_limited_condition || org_privacy_condition
+  end
+
+  def load_team
+    @team = Team.find_by_id(params[:team_id])
+    tip_exception("组织团队不存在") if @team.nil?
+    tip_exception("没有查看组织团队的权限") if team_not_found_condition
+  end
+
+  def load_operate_project
+    @operate_project = Project.find_by(name: params[:id]) || Project.find_by(identifier: params[:id])
+    tip_exception("项目不存在") if @operate_project.nil?
+  end
+
+  def load_team_project
+    @team_project = TeamProject.find_by(organization_id: @organization.id, team_id: @team.id, project_id: @operate_project.id)
+    tip_exception("组织团队项目不存在") if @team_project.nil?
+  end
+end

app/controllers/organizations/team_users_controller.rb

@@ -2,6 +2,7 @@ class Organizations::TeamUsersController < Organizations::BaseController
   before_action :load_organization, :load_team
   before_action :load_operate_user, only: [:create, :destroy]
   before_action :load_team_user, only: [:destroy]
+  before_action :check_user_can_edit_org, only: [:create, :destroy]
 
   def index
     @team_users = @team.team_users
@@ -10,11 +11,10 @@ class Organizations::TeamUsersController < Organizations::BaseController
   end
 
   def create
-    render_forbidden("您没有权限进行该操作") unless @organization.is_owner?(current_user)
     ActiveRecord::Base.transaction do
       @team_user = TeamUser.build(@organization.id, @operate_user.id, @team.id)
       @organization_user = OrganizationUser.build(@organization.id, @operate_user.id)
-      Gitea::Organization::TeamUser::CreateService.call(current_user.gitea_token, @team.gtid, @operate_user.login)
+      Gitea::Organization::TeamUser::CreateService.call(@organization.gitea_token, @team.gtid, @operate_user.login)
     end
   rescue Exception => e
     uid_logger_error(e.message)
@@ -22,11 +22,10 @@ class Organizations::TeamUsersController < Organizations::BaseController
   end
 
   def destroy
-    tip_exception("您没有权限进行该操作") unless @organization.is_owner?(current_user)
-    tip_exception("您不能从 Owner 团队中删除最后一个用户") if @team.owner? && @team.num_users == 1
+    tip_exception("您不能从 Owner 团队中删除最后一个用户") if @organization.is_owner_team_last_one?(@operate_user)
     ActiveRecord::Base.transaction do
       @team_user.destroy!
-      Gitea::Organization::TeamUser::DeleteService.call(current_user.gitea_token, @team.gtid, @operate_user.login)
+      Gitea::Organization::TeamUser::DeleteService.call(@organization.gitea_token, @team.gtid, @operate_user.login)
       render_ok
     end
   rescue Exception => e
@@ -37,10 +36,10 @@ class Organizations::TeamUsersController < Organizations::BaseController
   def quit
     @team_user = @team.team_users.find_by(user_id: current_user.id)
     tip_exception("您不在该组织团队中") if @team_user.nil?
-    tip_exception("您不能从 Owner 团队中删除最后一个用户") if @team.owner? && @team.num_users == 1
+    tip_exception("您不能从 Owner 团队中删除最后一个用户") if @organization.is_owner_team_last_one?(current_user)
     ActiveRecord::Base.transaction do
       @team_user.destroy!
-      Gitea::Organization::TeamUser::DeleteService.call(organization_owner.gitea_token, @team.gtid, current_user.login)
+      Gitea::Organization::TeamUser::DeleteService.call(@organization.gitea_token, @team.gtid, current_user.login)
       render_ok
     end
   rescue Exception => e

app/controllers/organizations/teams_controller.rb

@@ -1,6 +1,7 @@
 class Organizations::TeamsController < Organizations::BaseController
   before_action :load_organization
   before_action :load_team, only: [:show, :update, :destroy]
+  before_action :check_user_can_edit_org, only: [:create, :update, :destroy]
 
   def index
     if @organization.is_owner?(current_user)
@@ -16,7 +17,6 @@ class Organizations::TeamsController < Organizations::BaseController
   end
 
   def create
-    tip_exception("您没有权限进行该操作") unless @organization.is_owner?(current_user)
     @team = Organizations::Teams::CreateService.call(current_user, @organization, team_params)
   rescue Exception => e
     uid_logger_error(e.message)
@@ -24,7 +24,6 @@ class Organizations::TeamsController < Organizations::BaseController
   end
 
   def update
-    tip_exception("您没有权限进行该操作") unless @organization.is_owner?(current_user)
     @team = Organizations::Teams::UpdateService.call(current_user, @team, team_params)
   rescue Exception => e
     uid_logger_error(e.message)
@@ -32,9 +31,8 @@ class Organizations::TeamsController < Organizations::BaseController
   end
 
   def destroy
-    tip_exception("您没有权限进行该操作") unless @organization.is_owner?(current_user)
     ActiveRecord::Base.transaction do
-      Gitea::Organization::Team::DeleteService.call(current_user.gitea_token, @team.gtid)
+      Gitea::Organization::Team::DeleteService.call(@organization.gitea_token, @team.gtid)
       @team.destroy!
     end
     render_ok

app/controllers/owners_controller.rb

@@ -0,0 +1,12 @@
+class OwnersController < ApplicationController
+  before_action :require_login
+
+  def index
+    @owners = []
+    @owners += [current_user]
+    @owners += Organization.joins(team_users: :team)
+                   .where(team_users: {user_id: current_user.id},
+                          teams: {can_create_org_project: true})
+                   .distinct
+  end
+end

app/controllers/projects/teams_controller.rb

@@ -0,0 +1,10 @@
+class Projects::TeamsController < Projects::BaseController
+  def index
+    if @project.owner.is_a?(Organization)
+      @teams = @project.owner.teams
+    else
+      @teams = Team.none
+    end
+    @teams = paginate(@teams)
+  end
+end

app/controllers/projects_controller.rb

@@ -163,7 +163,7 @@ class ProjectsController < ApplicationController
   private
   def project_params
     params.permit(:user_id, :name, :description, :repository_name,
-                  :project_category_id, :project_language_id, :license_id, :ignore_id)
+                  :project_category_id, :project_language_id, :license_id, :ignore_id, :private)
   end
 
   def mirror_params