Add flag for not fetching permissions (FlatPermissions) (#491)

* Rebase on 0.14 * Fixes from PR review
2024-06-10 09:29:34 +00:00 · 2021-10-28 12:36:32 +02:00 · 2021-10-28 12:36:32 +02:00 · ae3671e7fb
parent 96155a47ac
commit ae3671e7fb
5 changed files with 29 additions and 7 deletions
--- a/cmd/drone-server/flags.go
+++ b/cmd/drone-server/flags.go
@ -201,6 +201,13 @@ var flags = []cli.Flag{
 	//
 	// remote parameters
 	//
+	cli.BoolFlag{
+		Name:   "flat-permissions",
+		Usage:  "no remote call for permissions should be made",
+		EnvVar: "WOODPECKER_FLAT_PERMISSIONS",
+		Hidden: true,
+		// temporary workaround for v0.14.x to not hit api rate limits
+	},
 	cli.BoolFlag{
 		EnvVar: "DRONE_GITHUB,WOODPECKER_GITHUB",
 		Name:   "github",
--- a/cmd/drone-server/server.go
+++ b/cmd/drone-server/server.go
@ -234,6 +234,9 @@ func setupEvilGlobals(c *cli.Context, v store.Store, r remote.Remote) {

 	// prometheus
 	droneserver.Config.Prometheus.AuthToken = c.String("prometheus-auth-token")
+
+	// temporary workaround for v0.14.x to not hit api rate limits
+	droneserver.Config.FlatPermissions = c.Bool("flat-permissions")
 }

 type authorizer struct {
--- a/server/rpc.go
+++ b/server/rpc.go
@ -88,6 +88,7 @@ var Config = struct {
 		Networks   []string
 		Privileged []string
 	}
+	FlatPermissions bool // temporary workaround for v0.14.x to not hit api rate limits
 }{}

 type RPC struct {
--- a/server/sync.go
+++ b/server/sync.go
@ -62,7 +62,7 @@ func (s *syncer) SetFilter(fn FilterFunc) {
 	s.match = fn
 }

-func (s *syncer) Sync(user *model.User) error {
+func (s *syncer) Sync(user *model.User, flatPermissions bool) error {
 	unix := time.Now().Unix() - (3601) // force immediate expiration. note 1 hour expiration is hard coded at the moment
 	repos, err := s.remote.Repos(user)
 	if err != nil {
@ -81,10 +81,21 @@ func (s *syncer) Sync(user *model.User) error {
 				Pull:   true,
 				Synced: unix,
 			}
-			remotePerm, err := s.remote.Perm(user, repo.Owner, repo.Name)
-			if err == nil && remotePerm != nil {
-				perm.Push = remotePerm.Push
-				perm.Admin = remotePerm.Admin
+			// temporary workaround for v0.14.x to not hit api rate limits
+			if flatPermissions {
+				if repo.Perm != nil {
+					perm.Push = repo.Perm.Push
+					perm.Admin = repo.Perm.Admin
+				} else {
+					perm.Push = true
+					perm.Admin = true
+				}
+			} else {
+				remotePerm, err := s.remote.Perm(user, repo.Owner, repo.Name)
+				if err == nil && remotePerm != nil {
+					perm.Push = remotePerm.Push
+					perm.Admin = remotePerm.Admin
+				}
 			}
 			perms = append(perms, &perm)
 		}
--- a/server/user.go
+++ b/server/user.go
@ -53,7 +53,7 @@ func GetFeed(c *gin.Context) {
 			perms:  store.FromContext(c),
 			match:  NamespaceFilter(config.OwnersWhitelist),
 		}
-		if err := sync.Sync(user); err != nil {
+		if err := sync.Sync(user, Config.FlatPermissions); err != nil {
 			logrus.Debugf("sync error: %s: %s", user.Login, err)
 		} else {
 			logrus.Debugf("sync complete: %s", user.Login)
@ -99,7 +99,7 @@ func GetRepos(c *gin.Context) {
 			match:  NamespaceFilter(config.OwnersWhitelist),
 		}

-		if err := sync.Sync(user); err != nil {
+		if err := sync.Sync(user, Config.FlatPermissions); err != nil {
 			logrus.Debugf("sync error: %s: %s", user.Login, err)
 		} else {
 			logrus.Debugf("sync complete: %s", user.Login)