Adding private issues functionality

models/action.go

@@ -67,20 +67,21 @@ const (
 // repository. It implemented interface base.Actioner so that can be
 // used in template render.
 type Action struct {
-	ID          int64 `xorm:"pk autoincr"`
-	UserID      int64 `xorm:"INDEX"` // Receiver user id.
-	OpType      ActionType
-	ActUserID   int64                  `xorm:"INDEX"` // Action user id.
-	ActUser     *user_model.User       `xorm:"-"`
-	RepoID      int64                  `xorm:"INDEX"`
-	Repo        *repo_model.Repository `xorm:"-"`
-	CommentID   int64                  `xorm:"INDEX"`
-	Comment     *Comment               `xorm:"-"`
-	IsDeleted   bool                   `xorm:"INDEX NOT NULL DEFAULT false"`
-	RefName     string
-	IsPrivate   bool               `xorm:"INDEX NOT NULL DEFAULT false"`
-	Content     string             `xorm:"TEXT"`
-	CreatedUnix timeutil.TimeStamp `xorm:"INDEX created"`
+	ID             int64 `xorm:"pk autoincr"`
+	UserID         int64 `xorm:"INDEX"` // Receiver user id.
+	OpType         ActionType
+	ActUserID      int64                  `xorm:"INDEX"` // Action user id.
+	ActUser        *user_model.User       `xorm:"-"`
+	RepoID         int64                  `xorm:"INDEX"`
+	Repo           *repo_model.Repository `xorm:"-"`
+	CommentID      int64                  `xorm:"INDEX"`
+	Comment        *Comment               `xorm:"-"`
+	IsDeleted      bool                   `xorm:"INDEX NOT NULL DEFAULT false"`
+	RefName        string
+	IsPrivate      bool               `xorm:"INDEX NOT NULL DEFAULT false"`
+	Content        string             `xorm:"TEXT"`
+	CreatedUnix    timeutil.TimeStamp `xorm:"INDEX created"`
+	IsIssuePrivate bool               `xorm:"INDEX NOT NULL DEFAULT false"`
 }
 
 func init() {
@@ -455,6 +456,7 @@ func notifyWatchers(ctx context.Context, actions ...*Action) error {
 	var permCode []bool
 	var permIssue []bool
 	var permPR []bool
+	var permPrivateIssue []bool
 
 	e := db.GetEngine(ctx)
 
@@ -500,6 +502,7 @@ func notifyWatchers(ctx context.Context, actions ...*Action) error {
 			permCode = make([]bool, len(watchers))
 			permIssue = make([]bool, len(watchers))
 			permPR = make([]bool, len(watchers))
+			permPrivateIssue = make([]bool, len(watchers))
 			for i, watcher := range watchers {
 				user, err := user_model.GetUserByIDEngine(e, watcher.UserID)
 				if err != nil {
@@ -518,6 +521,7 @@ func notifyWatchers(ctx context.Context, actions ...*Action) error {
 				permCode[i] = perm.CanRead(unit.TypeCode)
 				permIssue[i] = perm.CanRead(unit.TypeIssues)
 				permPR[i] = perm.CanRead(unit.TypePullRequests)
+				permPrivateIssue[i] = perm.CanReadPrivateIssues()
 			}
 		}
 
@@ -529,6 +533,10 @@ func notifyWatchers(ctx context.Context, actions ...*Action) error {
 			act.UserID = watcher.UserID
 			act.Repo.Units = nil
 
+			if act.IsIssuePrivate && !permPrivateIssue[i] {
+				continue
+			}
+
 			switch act.OpType {
 			case ActionCommitRepo, ActionPushTag, ActionDeleteTag, ActionPublishRelease, ActionDeleteBranch:
 				if !permCode[i] {

models/error.go

@@ -761,6 +761,25 @@ func (err ErrPullWasClosed) Error() string {
 	return fmt.Sprintf("Pull request [%d] %d was already closed", err.ID, err.Index)
 }
 
+// ErrCannotSeePrivateIssue is used when a user tries to view a issue
+// which they don't have permission for.
+type ErrCannotSeePrivateIssue struct {
+	UserID int64
+	ID     int64
+	RepoID int64
+	Index  int64
+}
+
+// IsErrCannotSeePrivateIssue checks if an error is a ErrCannotSeePrivateIssue.
+func IsErrCannotSeePrivateIssue(err error) bool {
+	_, ok := err.(ErrCannotSeePrivateIssue)
+	return ok
+}
+
+func (err ErrCannotSeePrivateIssue) Error() string {
+	return fmt.Sprintf("issue is private but user has no permission to view it [id: %d, repo_id: %d, index: %d, user_id: %d]", err.ID, err.RepoID, err.Index, err.UserID)
+}
+
 // __________      .__  .__ __________                                     __
 // \______   \__ __|  | |  |\______   \ ____  ________ __   ____   _______/  |_
 //  |     ___/  |  \  | |  | |       _// __ \/ ____/  |  \_/ __ \ /  ___/\   __\

models/fixtures/attachment.yml

@@ -91,6 +91,7 @@
   id: 10
   uuid: a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a20
   repo_id: 0 # TestGetAttachment/NotLinked
+  issue_id: 0
   uploader_id: 8
   name: attach1
   download_count: 0
@@ -100,6 +101,7 @@
   id: 11
   uuid: a0eebc99-9c0b-4ef8-bb6d-6bb9bd380a21
   repo_id: 40
+  issue_id: 16
   release_id: 2
   name: attach1
   download_count: 0

models/fixtures/issue.yml

@@ -184,3 +184,15 @@
   is_pull: false
   created_unix: 1602935696
   updated_unix: 1602935696
+
+-
+  id: 16
+  repo_id: 40
+  index: 1
+  poster_id: 2
+  name: issue in active repo
+  content: we are a no-op issue for some attachment, pretty special
+  is_closed: false
+  is_pull: false
+  created_unix: 1602935696
+  updated_unix: 1602935696

models/issue.go

@@ -80,6 +80,8 @@ type Issue struct {
 	// IsLocked limits commenting abilities to users on an issue
 	// with write access
 	IsLocked bool `xorm:"NOT NULL DEFAULT false"`
+	// IsPrivate limits who can see the issue.
+	IsPrivate bool `xorm:"NOT NULL DEFAULT false"`
 
 	// For view issue page.
 	ShowRole RoleDescriptor `xorm:"-"`
@@ -362,6 +364,25 @@ func (issue *Issue) LoadAttributes() error {
 	return issue.loadAttributes(db.DefaultContext)
 }
 
+// LoadCommentsAsUser loads the comment of the issue, as the user.
+func (issue *Issue) LoadCommentsAsUser(user *user_model.User, canSeePrivateIssues bool) error {
+	return issue.loadCommentsAsUser(db.GetEngine(db.DefaultContext), user, canSeePrivateIssues)
+}
+
+func (issue *Issue) loadCommentsAsUser(e db.Engine, user *user_model.User, canSeePrivateIssues bool) (err error) {
+	var userID int64
+	if user != nil {
+		userID = user.ID
+	}
+	issue.Comments, err = findComments(e, &FindCommentsOptions{
+		IssueID:       issue.ID,
+		Type:          CommentTypeUnknown,
+		UserID:        userID,
+		CanSeePrivate: canSeePrivateIssues,
+	})
+	return err
+}
+
 // LoadMilestone load milestone of this issue.
 func (issue *Issue) LoadMilestone() error {
 	return issue.loadMilestone(db.DefaultContext)
@@ -448,6 +469,14 @@ func (issue *Issue) IsPoster(uid int64) bool {
 	return issue.OriginalAuthorID == 0 && issue.PosterID == uid
 }
 
+// CanSeeIssue returns true when a given user can view the issue.
+func (issue *Issue) CanSeeIssue(userID int64, repoPermission *Permission) bool {
+	if issue.IsPrivate {
+		return repoPermission.CanReadPrivateIssues() || issue.IsPoster(userID)
+	}
+	return true
+}
+
 func (issue *Issue) getLabels(e db.Engine) (err error) {
 	if len(issue.Labels) > 0 {
 		return nil
@@ -753,6 +782,49 @@ func ChangeIssueTitle(issue *Issue, doer *user_model.User, oldTitle string) (err
 	return committer.Commit()
 }
 
+// ChangePrivate changes the private status of the issue, as the given user.
+func (issue *Issue) ChangePrivate(doer *user_model.User, isConfidential bool) (err error) {
+	ctx, committer, err := db.TxContext()
+	if err != nil {
+		return err
+	}
+	defer committer.Close()
+
+	if err = UpdateIssueCols(ctx, issue, "is_private"); err != nil {
+		return fmt.Errorf("updateIssueCols: %v", err)
+	}
+
+	if err = issue.LoadRepo(ctx); err != nil {
+		return fmt.Errorf("loadRepo: %v", err)
+	}
+
+	opts := &CreateCommentOptions{
+		Type:            CommentTypeConfidentialChanged,
+		Doer:            doer,
+		Repo:            issue.Repo,
+		Issue:           issue,
+		OldConfidential: !issue.IsPrivate,
+		NewConfidential: issue.IsPrivate,
+	}
+	if _, err = CreateCommentCtx(ctx, opts); err != nil {
+		return fmt.Errorf("createComment: %v", err)
+	}
+	if err = issue.addCrossReferences(ctx, doer, true); err != nil {
+		return err
+	}
+
+	engine := db.GetEngine(ctx)
+	if isConfidential {
+		_, err = engine.Exec("UPDATE `repository` SET num_private_issues = num_private_issues + 1 WHERE id = ?", opts.Issue.RepoID)
+		_, err = engine.Exec("UPDATE `repository` SET num_issues = num_issues - 1 WHERE id = ?", opts.Issue.RepoID)
+	} else {
+		_, err = engine.Exec("UPDATE `repository` SET num_private_issues = num_private_issues - 1 WHERE id = ?", opts.Issue.RepoID)
+		_, err = engine.Exec("UPDATE `repository` SET num_issues = num_issues + 1 WHERE id = ?", opts.Issue.RepoID)
+	}
+
+	return committer.Commit()
+}
+
 // ChangeIssueRef changes the branch of this issue, as the given user.
 func ChangeIssueRef(issue *Issue, doer *user_model.User, oldRef string) (err error) {
 	ctx, committer, err := db.TxContext()
@@ -981,7 +1053,11 @@ func newIssue(ctx context.Context, doer *user_model.User, opts NewIssueOptions)
 	if opts.IsPull {
 		_, err = e.Exec("UPDATE `repository` SET num_pulls = num_pulls + 1 WHERE id = ?", opts.Issue.RepoID)
 	} else {
-		_, err = e.Exec("UPDATE `repository` SET num_issues = num_issues + 1 WHERE id = ?", opts.Issue.RepoID)
+		if opts.Issue.IsPrivate {
+			_, err = e.Exec("UPDATE `repository` SET num_private_issues = num_private_issues + 1 WHERE id = ?", opts.Issue.RepoID)
+		} else {
+			_, err = e.Exec("UPDATE `repository` SET num_issues = num_issues + 1 WHERE id = ?", opts.Issue.RepoID)
+		}
 	}
 	if err != nil {
 		return err
@@ -1199,6 +1275,7 @@ type IssuesOptions struct {
 	MilestoneIDs       []int64
 	ProjectID          int64
 	ProjectBoardID     int64
+	UserID             int64
 	IsClosed           util.OptionalBool
 	IsPull             util.OptionalBool
 	LabelIDs           []int64
@@ -1212,6 +1289,7 @@ type IssuesOptions struct {
 	// prioritize issues from this repo
 	PriorityRepoID int64
 	IsArchived     util.OptionalBool
+	CanSeePrivate  bool
 	Org            *organization.Organization // issues permission scope
 	Team           *organization.Team         // issues permission scope
 	User           *user_model.User           // issues permission scope
@@ -1333,6 +1411,10 @@ func (opts *IssuesOptions) setupSessionNoLimit(sess *xorm.Session) {
 		}
 	}
 
+	if !opts.CanSeePrivate {
+		applyPosterPrivateIssues(sess, opts.UserID)
+	}
+
 	switch opts.IsPull {
 	case util.OptionalBoolTrue:
 		sess.And("issue.is_pull=?", true)
@@ -1433,6 +1515,27 @@ func applyReviewRequestedCondition(sess *xorm.Session, reviewRequestedID int64)
 			reviewRequestedID, ReviewTypeApprove, ReviewTypeReject, ReviewTypeRequest, reviewRequestedID)
 }
 
+func applyPosterPrivateIssues(sess *xorm.Session, userID int64) *xorm.Session {
+	if userID == 0 {
+		return sess.And("issue.is_private=?", false)
+	}
+	// OR:
+	// All non-private issues by default
+	// All issues that satisfy the condtion
+	// 	AND:
+	// 	All private issues
+	// 	That are in the group of where the user is the poster.
+	return sess.And(
+		builder.Or(
+			builder.Eq{"`issue`.is_private": false},
+			builder.And(
+				builder.Eq{"`issue`.is_private": true},
+				builder.In("`issue`.poster_id", userID),
+			),
+		),
+	)
+}
+
 // CountIssuesByRepo map from repoID to number of issues matching the options
 func CountIssuesByRepo(opts *IssuesOptions) (map[int64]int64, error) {
 	e := db.GetEngine(db.DefaultContext)
@@ -1487,7 +1590,7 @@ func Issues(opts *IssuesOptions) ([]*Issue, error) {
 	opts.setupSessionWithLimit(sess)
 	sortIssuesSession(sess, opts.SortType, opts.PriorityRepoID)
 
-	issues := make([]*Issue, 0, opts.ListOptions.PageSize)
+	issues := make([]*Issue, 0, opts.PageSize)
 	if err := sess.Find(&issues); err != nil {
 		return nil, fmt.Errorf("unable to query Issues: %w", err)
 	}
@@ -1587,8 +1690,10 @@ type IssueStatsOptions struct {
 	MentionedID       int64
 	PosterID          int64
 	ReviewRequestedID int64
+	UserID            int64
 	IsPull            util.OptionalBool
 	IssueIDs          []int64
+	CanSeePrivate     bool
 }
 
 const (
@@ -1597,7 +1702,7 @@ const (
 	maxQueryParameters = 300
 )
 
-// GetIssueStats returns issue statistic information by given conditions.
+// GetIssueStats returns issue statistic information by given conditions, as User
 func GetIssueStats(opts *IssueStatsOptions) (*IssueStats, error) {
 	if len(opts.IssueIDs) <= maxQueryParameters {
 		return getIssueStatsChunk(opts, opts.IssueIDs)
@@ -1676,6 +1781,10 @@ func getIssueStatsChunk(opts *IssueStatsOptions, issueIDs []int64) (*IssueStats,
 			applyReviewRequestedCondition(sess, opts.ReviewRequestedID)
 		}
 
+		if !opts.CanSeePrivate {
+			applyPosterPrivateIssues(sess, opts.UserID)
+		}
+
 		switch opts.IsPull {
 		case util.OptionalBoolTrue:
 			sess.And("issue.is_pull=?", true)
@@ -1747,6 +1856,16 @@ func GetUserIssueStats(opts UserIssueStatsOptions) (*IssueStats, error) {
 				s.And(builder.Eq{"repository.is_archived": opts.IsArchived.IsTrue()})
 			}
 		}
+		// Allow to see comments on private issues
+		s.And(
+			builder.Or(
+				builder.Eq{"`issue`.is_private": false},
+				builder.And(
+					builder.Eq{"`issue`.is_private": true},
+					builder.In("`issue`.poster_id", opts.UserID),
+				),
+			),
+		)
 		return s
 	}
 
@@ -2196,9 +2315,13 @@ func (issue *Issue) BlockingDependencies() ([]*DependencyInfo, error) {
 
 func updateIssueClosedNum(ctx context.Context, issue *Issue) (err error) {
 	if issue.IsPull {
-		err = repoStatsCorrectNumClosed(ctx, issue.RepoID, true, "num_closed_pulls")
+		err = repoStatsCorrectNumClosed(ctx, issue.RepoID, true, false, "num_closed_pulls")
 	} else {
-		err = repoStatsCorrectNumClosed(ctx, issue.RepoID, false, "num_closed_issues")
+		if issue.IsPrivate {
+			err = repoStatsCorrectNumClosed(ctx, issue.RepoID, false, true, "num_private_issues")
+		} else {
+			err = repoStatsCorrectNumClosed(ctx, issue.RepoID, false, false, "num_closed_issues")
+		}
 	}
 	return
 }
@@ -2341,7 +2464,7 @@ func ResolveIssueMentionsByVisibility(ctx context.Context, issue *Issue, doer *u
 		if err != nil {
 			return nil, fmt.Errorf("GetUserRepoPermission [%d]: %v", user.ID, err)
 		}
-		if !perm.CanReadIssuesOrPulls(issue.IsPull) {
+		if !perm.CanReadIssuesOrPulls(issue.IsPull) || !issue.CanSeeIssue(user.ID, &perm) {
 			continue
 		}
 		users = append(users, user)