diff --git a/server/api/repo.go b/server/api/repo.go index 1a7cbe580c..fcc823f9b4 100644 --- a/server/api/repo.go +++ b/server/api/repo.go @@ -165,6 +165,11 @@ func GetRepo(c *gin.Context) { c.JSON(http.StatusOK, session.Repo(c)) } +func GetRepoPermissions(c *gin.Context) { + perm := session.Perm(c) + c.JSON(http.StatusOK, perm) +} + func DeleteRepo(c *gin.Context) { remove, _ := strconv.ParseBool(c.Query("remove")) r := remote.FromContext(c) diff --git a/server/router/api.go b/server/router/api.go index 5cea755157..5a31c93584 100644 --- a/server/router/api.go +++ b/server/router/api.go @@ -43,54 +43,60 @@ func apiRoutes(e *gin.Engine) { users.DELETE("/:login", api.DeleteUser) } - repo := e.Group("/api/repos/:owner/:name") + repoBase := e.Group("/api/repos/:owner/:name") { - repo.Use(session.SetRepo()) - repo.Use(session.SetPerm()) - repo.Use(session.MustPull) - - repo.POST("", session.MustRepoAdmin(), api.PostRepo) - repo.GET("", api.GetRepo) - - repo.GET("/builds", api.GetBuilds) - repo.GET("/builds/:number", api.GetBuild) - - // requires push permissions - repo.POST("/builds/:number", session.MustPush, api.PostBuild) - repo.DELETE("/builds/:number", session.MustPush, api.DeleteBuild) - repo.POST("/builds/:number/approve", session.MustPush, api.PostApproval) - repo.POST("/builds/:number/decline", session.MustPush, api.PostDecline) - repo.DELETE("/builds/:number/:job", session.MustPush, api.DeleteBuild) - - repo.GET("/logs/:number/:pid", api.GetProcLogs) - repo.GET("/logs/:number/:pid/:proc", api.GetBuildLogs) - - // requires push permissions - repo.DELETE("/logs/:number", session.MustPush, api.DeleteBuildLogs) - - repo.GET("/files/:number", api.FileList) - repo.GET("/files/:number/:proc/*file", api.FileGet) - - // requires push permissions - repo.GET("/secrets", session.MustPush, api.GetSecretList) - repo.POST("/secrets", session.MustPush, api.PostSecret) - repo.GET("/secrets/:secret", session.MustPush, api.GetSecret) - repo.PATCH("/secrets/:secret", session.MustPush, api.PatchSecret) - repo.DELETE("/secrets/:secret", session.MustPush, api.DeleteSecret) - - // requires push permissions - repo.GET("/registry", session.MustPush, api.GetRegistryList) - repo.POST("/registry", session.MustPush, api.PostRegistry) - repo.GET("/registry/:registry", session.MustPush, api.GetRegistry) - repo.PATCH("/registry/:registry", session.MustPush, api.PatchRegistry) - repo.DELETE("/registry/:registry", session.MustPush, api.DeleteRegistry) - - // requires admin permissions - repo.PATCH("", session.MustRepoAdmin(), api.PatchRepo) - repo.DELETE("", session.MustRepoAdmin(), api.DeleteRepo) - repo.POST("/chown", session.MustRepoAdmin(), api.ChownRepo) - repo.POST("/repair", session.MustRepoAdmin(), api.RepairRepo) - repo.POST("/move", session.MustRepoAdmin(), api.MoveRepo) + repoBase.Use(session.SetRepo()) + repoBase.Use(session.SetPerm()) + + repoBase.GET("/permissions", api.GetRepoPermissions) + + repo := repoBase.Group("") + { + repo.Use(session.MustPull) + + repo.POST("", session.MustRepoAdmin(), api.PostRepo) + repo.GET("", api.GetRepo) + + repo.GET("/builds", api.GetBuilds) + repo.GET("/builds/:number", api.GetBuild) + + // requires push permissions + repo.POST("/builds/:number", session.MustPush, api.PostBuild) + repo.DELETE("/builds/:number", session.MustPush, api.DeleteBuild) + repo.POST("/builds/:number/approve", session.MustPush, api.PostApproval) + repo.POST("/builds/:number/decline", session.MustPush, api.PostDecline) + repo.DELETE("/builds/:number/:job", session.MustPush, api.DeleteBuild) + + repo.GET("/logs/:number/:pid", api.GetProcLogs) + repo.GET("/logs/:number/:pid/:proc", api.GetBuildLogs) + + // requires push permissions + repo.DELETE("/logs/:number", session.MustPush, api.DeleteBuildLogs) + + repo.GET("/files/:number", api.FileList) + repo.GET("/files/:number/:proc/*file", api.FileGet) + + // requires push permissions + repo.GET("/secrets", session.MustPush, api.GetSecretList) + repo.POST("/secrets", session.MustPush, api.PostSecret) + repo.GET("/secrets/:secret", session.MustPush, api.GetSecret) + repo.PATCH("/secrets/:secret", session.MustPush, api.PatchSecret) + repo.DELETE("/secrets/:secret", session.MustPush, api.DeleteSecret) + + // requires push permissions + repo.GET("/registry", session.MustPush, api.GetRegistryList) + repo.POST("/registry", session.MustPush, api.PostRegistry) + repo.GET("/registry/:registry", session.MustPush, api.GetRegistry) + repo.PATCH("/registry/:registry", session.MustPush, api.PatchRegistry) + repo.DELETE("/registry/:registry", session.MustPush, api.DeleteRegistry) + + // requires admin permissions + repo.PATCH("", session.MustRepoAdmin(), api.PatchRepo) + repo.DELETE("", session.MustRepoAdmin(), api.DeleteRepo) + repo.POST("/chown", session.MustRepoAdmin(), api.ChownRepo) + repo.POST("/repair", session.MustRepoAdmin(), api.RepairRepo) + repo.POST("/move", session.MustRepoAdmin(), api.MoveRepo) + } } badges := e.Group("/api/badges/:owner/:name")