Add flag for not fetching permissions (FlatPermissions) (#491)

* Rebase on 0.14 * Fixes from PR review
woodpecker-ci · Oct 28, 2021 · ae3671e · ae3671e
1 parent 96155a4
commit ae3671e
Show file tree

Hide file tree

Showing 5 changed files with 29 additions and 7 deletions.
diff --git a/cmd/drone-server/flags.go b/cmd/drone-server/flags.go
@@ -201,6 +201,13 @@ var flags = []cli.Flag{
 	//
 	// remote parameters
 	//
+	cli.BoolFlag{
+		Name:   "flat-permissions",
+		Usage:  "no remote call for permissions should be made",
+		EnvVar: "WOODPECKER_FLAT_PERMISSIONS",
+		Hidden: true,
+		// temporary workaround for v0.14.x to not hit api rate limits
+	},
 	cli.BoolFlag{
 		EnvVar: "DRONE_GITHUB,WOODPECKER_GITHUB",
 		Name:   "github",

diff --git a/cmd/drone-server/server.go b/cmd/drone-server/server.go
@@ -234,6 +234,9 @@ func setupEvilGlobals(c *cli.Context, v store.Store, r remote.Remote) {
 
 	// prometheus
 	droneserver.Config.Prometheus.AuthToken = c.String("prometheus-auth-token")
+
+	// temporary workaround for v0.14.x to not hit api rate limits
+	droneserver.Config.FlatPermissions = c.Bool("flat-permissions")
 }
 
 type authorizer struct {

diff --git a/server/rpc.go b/server/rpc.go
@@ -88,6 +88,7 @@ var Config = struct {
 		Networks   []string
 		Privileged []string
 	}
+	FlatPermissions bool // temporary workaround for v0.14.x to not hit api rate limits
 }{}
 
 type RPC struct {

diff --git a/server/sync.go b/server/sync.go
@@ -62,7 +62,7 @@ func (s *syncer) SetFilter(fn FilterFunc) {
 	s.match = fn
 }
 
-func (s *syncer) Sync(user *model.User) error {
+func (s *syncer) Sync(user *model.User, flatPermissions bool) error {
 	unix := time.Now().Unix() - (3601) // force immediate expiration. note 1 hour expiration is hard coded at the moment
 	repos, err := s.remote.Repos(user)
 	if err != nil {
@@ -81,10 +81,21 @@ func (s *syncer) Sync(user *model.User) error {
 				Pull:   true,
 				Synced: unix,
 			}
-			remotePerm, err := s.remote.Perm(user, repo.Owner, repo.Name)
-			if err == nil && remotePerm != nil {
-				perm.Push = remotePerm.Push
-				perm.Admin = remotePerm.Admin
+			// temporary workaround for v0.14.x to not hit api rate limits
+			if flatPermissions {
+				if repo.Perm != nil {
+					perm.Push = repo.Perm.Push
+					perm.Admin = repo.Perm.Admin
+				} else {
+					perm.Push = true
+					perm.Admin = true
+				}
+			} else {
+				remotePerm, err := s.remote.Perm(user, repo.Owner, repo.Name)
+				if err == nil && remotePerm != nil {
+					perm.Push = remotePerm.Push
+					perm.Admin = remotePerm.Admin
+				}
 			}
 			perms = append(perms, &perm)
 		}

diff --git a/server/user.go b/server/user.go
@@ -53,7 +53,7 @@ func GetFeed(c *gin.Context) {
 			perms:  store.FromContext(c),
 			match:  NamespaceFilter(config.OwnersWhitelist),
 		}
-		if err := sync.Sync(user); err != nil {
+		if err := sync.Sync(user, Config.FlatPermissions); err != nil {
 			logrus.Debugf("sync error: %s: %s", user.Login, err)
 		} else {
 			logrus.Debugf("sync complete: %s", user.Login)
@@ -99,7 +99,7 @@ func GetRepos(c *gin.Context) {
 			match:  NamespaceFilter(config.OwnersWhitelist),
 		}
 
-		if err := sync.Sync(user); err != nil {
+		if err := sync.Sync(user, Config.FlatPermissions); err != nil {
 			logrus.Debugf("sync error: %s: %s", user.Login, err)
 		} else {
 			logrus.Debugf("sync complete: %s", user.Login)