Make admins allowed to create repos in any organization

2018-07-04 23:54:02 +02:00 · 2018-07-04 23:54:02 +02:00 · f72b6953ee
commit f72b6953ee
parent 95f0f62ea4
2 changed files with 41 additions and 7 deletions
--- a/integrations/api_repo_test.go
+++ b/integrations/api_repo_test.go
@ -13,6 +13,7 @@ import (
 	api "code.gitea.io/sdk/gitea"

 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 )

 func TestAPIUserReposNotLogin(t *testing.T) {
@ -235,3 +236,34 @@ func TestAPIGetRepoByIDUnauthorized(t *testing.T) {
 	req := NewRequestf(t, "GET", "/api/v1/repositories/2")
 	sess.MakeRequest(t, req, http.StatusNotFound)
 }
+
+func TestAPIOrgRepoCreate(t *testing.T) {
+	prepareTestEnv(t)
+	testCases := []struct {
+		desc     string
+		user     *models.User
+		org      *models.User
+		repoName string
+		resp     int
+	}{
+		{
+			desc:     "owner of organization",
+			user:     models.AssertExistsAndLoadBean(t, &models.User{ID: 2}).(*models.User),
+			org:      models.AssertExistsAndLoadBean(t, &models.User{ID: 3}).(*models.User),
+			repoName: "foo",
+			resp:     http.StatusCreated,
+		},
+	}
+	for _, tc := range testCases {
+		t.Run(tc.desc, func(t *testing.T) {
+			session := loginUser(t, tc.user.Name)
+
+			req := NewRequestf(t, "POST", "/api/v1/org/%s/repos", tc.org.LowerName)
+			resp := session.MakeRequest(t, req, tc.resp)
+
+			var apiRepo *api.Repository
+			DecodeJSON(t, resp, &apiRepo)
+			require.Equal(t, tc.repoName, apiRepo.Name)
+		})
+	}
+}
--- a/routers/api/v1/repo/repo.go
+++ b/routers/api/v1/repo/repo.go
@ -257,13 +257,15 @@ func CreateOrgRepo(ctx *context.APIContext, opt api.CreateRepoOption) {
 		return
 	}

-	isOwner, err := org.IsOwnedBy(ctx.User.ID)
-	if err != nil {
-		ctx.ServerError("IsOwnedBy", err)
-		return
-	} else if !isOwner {
-		ctx.Error(403, "", "Given user is not owner of organization.")
-		return
+	if !ctx.User.IsAdmin {
+		isOwner, err := org.IsOwnedBy(ctx.User.ID)
+		if err != nil {
+			ctx.ServerError("IsOwnedBy", err)
+			return
+		} else if !isOwner {
+			ctx.Error(403, "", "Given user is not owner of organization.")
+			return
+		}
 	}
 	CreateUserRepo(ctx, org, opt)
 }