CODE 165-API for delete a space subspaces and their repositories

cli/server/harness.wire_gen.go

@@ -7,7 +7,6 @@ package server
 
 import (
 	"context"
-
 	"github.com/harness/gitness/events"
 	"github.com/harness/gitness/gitrpc"
 	server2 "github.com/harness/gitness/gitrpc/server"
@@ -94,16 +93,6 @@ func initSystem(ctx context.Context, config *types.Config) (*system, error) {
 		return nil, err
 	}
 	pathUID := check.ProvidePathUIDCheck()
-	spaceController := space.ProvideController(db, provider, pathUID, authorizer, pathStore, spaceStore, repoStore, principalStore)
-	accountClient, err := client.ProvideAccountClient(serviceJWTProvider, typesConfig)
-	if err != nil {
-		return nil, err
-	}
-	authenticator, err := authn.ProvideAuthenticator(controller, tokenClient, userClient, typesConfig, serviceAccountClient, serviceaccountController, serviceController, spaceController, accountClient)
-	if err != nil {
-		return nil, err
-	}
-	principalController := principal.NewController(principalStore)
 	gitrpcConfig, err := ProvideGitRPCClientConfig()
 	if err != nil {
 		return nil, err
@@ -113,6 +102,16 @@ func initSystem(ctx context.Context, config *types.Config) (*system, error) {
 		return nil, err
 	}
 	repoController := repo.ProvideController(config, db, provider, pathUID, authorizer, pathStore, repoStore, spaceStore, principalStore, gitrpcInterface)
+	spaceController := space.ProvideController(db, provider, pathUID, authorizer, pathStore, spaceStore, repoStore, principalStore, repoController)
+	accountClient, err := client.ProvideAccountClient(serviceJWTProvider, typesConfig)
+	if err != nil {
+		return nil, err
+	}
+	authenticator, err := authn.ProvideAuthenticator(controller, tokenClient, userClient, typesConfig, serviceAccountClient, serviceaccountController, serviceController, spaceController, accountClient)
+	if err != nil {
+		return nil, err
+	}
+	principalController := principal.NewController(principalStore)
 	principalInfoView := database.ProvidePrincipalInfoView(db)
 	principalInfoCache := cache.ProvidePrincipalInfoCache(principalInfoView)
 	pullReqStore := database.ProvidePullReqStore(db, principalInfoCache)

cli/server/standalone.wire_gen.go

@@ -7,7 +7,6 @@ package server
 
 import (
 	"context"
-
 	"github.com/harness/gitness/events"
 	"github.com/harness/gitness/gitrpc"
 	server2 "github.com/harness/gitness/gitrpc/server"
@@ -77,7 +76,7 @@ func initSystem(ctx context.Context, config *types.Config) (*system, error) {
 		return nil, err
 	}
 	repoController := repo.ProvideController(config, db, provider, pathUID, authorizer, pathStore, repoStore, spaceStore, principalStore, gitrpcInterface)
-	spaceController := space.ProvideController(db, provider, pathUID, authorizer, pathStore, spaceStore, repoStore, principalStore)
+	spaceController := space.ProvideController(db, provider, pathUID, authorizer, pathStore, spaceStore, repoStore, principalStore, repoController)
 	principalInfoView := database.ProvidePrincipalInfoView(db)
 	principalInfoCache := cache.ProvidePrincipalInfoCache(principalInfoView)
 	pullReqStore := database.ProvidePullReqStore(db, principalInfoCache)

internal/api/controller/repo/delete.go

@@ -28,16 +28,20 @@ func (c *Controller) Delete(ctx context.Context, session *auth.Session, repoRef
 		return err
 	}
 
-	if err = c.DeleteRepositoryRPC(ctx, session, repo); err != nil {
+	return c.DeleteNoAuth(ctx, session, repo)
+}
+
+func (c *Controller) DeleteNoAuth(ctx context.Context, session *auth.Session, repo *types.Repository) error {
+	if err := c.DeleteRepositoryRPC(ctx, session, repo); err != nil {
 		return err
 	}
 
-	err = c.repoStore.Delete(ctx, repo.ID)
+	if err := c.repoStore.Delete(ctx, repo.ID); err != nil {
-	if err != nil {
 		return err
 	}
 	return nil
 }
+
 func (c *Controller) DeleteRepositoryRPC(ctx context.Context, session *auth.Session, repo *types.Repository) error {
 	writeParams, err := CreateRPCWriteParams(ctx, c.urlProvider, session, repo)
 	if err != nil {

internal/api/controller/space/controller.go

@@ -5,6 +5,7 @@
 package space
 
 import (
+	"github.com/harness/gitness/internal/api/controller/repo"
 	"github.com/harness/gitness/internal/auth/authz"
 	"github.com/harness/gitness/internal/store"
 	"github.com/harness/gitness/internal/url"
@@ -22,12 +23,14 @@ type Controller struct {
 	spaceStore     store.SpaceStore
 	repoStore      store.RepoStore
 	principalStore store.PrincipalStore
+	repoCtrl       *repo.Controller
 }
 
 func NewController(db *sqlx.DB, urlProvider *url.Provider,
 	uidCheck check.PathUID, authorizer authz.Authorizer,
 	pathStore store.PathStore, spaceStore store.SpaceStore,
-	repoStore store.RepoStore, principalStore store.PrincipalStore) *Controller {
+	repoStore store.RepoStore, principalStore store.PrincipalStore, repoCtrl *repo.Controller,
+) *Controller {
 	return &Controller{
 		db:             db,
 		urlProvider:    urlProvider,
@@ -37,5 +40,6 @@ func NewController(db *sqlx.DB, urlProvider *url.Provider,
 		spaceStore:     spaceStore,
 		repoStore:      repoStore,
 		principalStore: principalStore,
+		repoCtrl:       repoCtrl,
 	}
 }

internal/api/controller/space/delete.go

@@ -6,29 +6,54 @@ package space
 
 import (
 	"context"
+	"fmt"
+	"math"
 
 	apiauth "github.com/harness/gitness/internal/api/auth"
 	"github.com/harness/gitness/internal/auth"
+	"github.com/harness/gitness/types"
 	"github.com/harness/gitness/types/enum"
 )
 
-/*
+// Delete deletes a space.
-* Delete deletes a space.
- */
 func (c *Controller) Delete(ctx context.Context, session *auth.Session, spaceRef string) error {
 	space, err := c.spaceStore.FindByRef(ctx, spaceRef)
 	if err != nil {
 		return err
 	}
-
 	if err = apiauth.CheckSpace(ctx, c.authorizer, session, space, enum.PermissionSpaceDelete, false); err != nil {
 		return err
 	}
-
+	sfilter := &types.SpaceFilter{
-	err = c.spaceStore.Delete(ctx, space.ID)
+		Page:  1,
-	if err != nil {
+		Size:  int(math.MaxInt),
-		return err
+		Query: "",
+		Order: enum.OrderAsc,
+		Sort:  enum.SpaceAttrNone,
 	}
+	return c.DeleteNoAuth(ctx, session, space.ID, sfilter)
+}
 
+// DeleteNoAuth bypasses these permission
+// PermissionSpaceDelete, PermissionSpaceView, PermissionRepoView, PermissionRepoDelete
+func (c *Controller) DeleteNoAuth(ctx context.Context, session *auth.Session, spaceID int64, filter *types.SpaceFilter) error {
+	subSpaces, _, err := c.ListSpacesNoAuth(ctx, spaceID, filter)
+	if err != nil {
+		return fmt.Errorf("failed to list space %d sub spaces: %w", spaceID, err)
+	}
+	for _, space := range subSpaces {
+		err = c.DeleteNoAuth(ctx, session, space.ID, filter)
+		if err != nil {
+			return fmt.Errorf("failed to delete space %d: %w", space.ID, err)
+		}
+	}
+	err = c.deleteRepositoriesNoAuth(ctx, session, spaceID)
+	if err != nil {
+		return fmt.Errorf("failed to delete repositories of space %d: %w", spaceID, err)
+	}
+	err = c.spaceStore.Delete(ctx, spaceID)
+	if err != nil {
+		return fmt.Errorf("spaceStore failed to delete space %d: %w", spaceID, err)
+	}
 	return nil
 }

internal/api/controller/space/delete_repositories.go

@@ -0,0 +1,34 @@
+package space
+
+import (
+	"context"
+	"fmt"
+	"math"
+
+	"github.com/harness/gitness/internal/auth"
+	"github.com/harness/gitness/types"
+	"github.com/harness/gitness/types/enum"
+)
+
+// deleteRepositoriesNoAuth does not check PermissionRepoView, and PermissionRepoDelete permissions
+// Call this through Delete(Space) api to make sure the caller has DeleteSpace permission
+func (c *Controller) deleteRepositoriesNoAuth(ctx context.Context, session *auth.Session, spaceID int64) error {
+	filter := &types.RepoFilter{
+		Page:  1,
+		Size:  int(math.MaxInt),
+		Query: "",
+		Order: enum.OrderAsc,
+		Sort:  enum.RepoAttrNone,
+	}
+	repos, _, err := c.ListRepositoriesNoAuth(ctx, spaceID, filter)
+	if err != nil {
+		return fmt.Errorf("failed to list space repositories: %w", err)
+	}
+	for _, repo := range repos {
+		err = c.repoCtrl.DeleteNoAuth(ctx, session, repo)
+		if err != nil {
+			return fmt.Errorf("failed to delete repository %d: %w", repo.ID, err)
+		}
+	}
+	return nil
+}

internal/api/controller/space/list_repositories.go

@@ -14,9 +14,7 @@ import (
 	"github.com/harness/gitness/types/enum"
 )
 
-/*
+// ListRepositories lists the repositories of a space.
-* ListRepositories lists the repositories of a space.
- */
 func (c *Controller) ListRepositories(ctx context.Context, session *auth.Session,
 	spaceRef string, filter *types.RepoFilter) ([]*types.Repository, int64, error) {
 	space, err := c.spaceStore.FindByRef(ctx, spaceRef)
@@ -27,13 +25,18 @@ func (c *Controller) ListRepositories(ctx context.Context, session *auth.Session
 	if err = apiauth.CheckSpace(ctx, c.authorizer, session, space, enum.PermissionRepoView, true); err != nil {
 		return nil, 0, err
 	}
+	return c.ListRepositoriesNoAuth(ctx, space.ID, filter)
 
-	count, err := c.repoStore.Count(ctx, space.ID, filter)
+}
+
+// ListRepositoriesNoAuth list repositories WITHOUT checking for PermissionRepoView.
+func (c *Controller) ListRepositoriesNoAuth(ctx context.Context, spaceID int64, filter *types.RepoFilter) ([]*types.Repository, int64, error) {
+	count, err := c.repoStore.Count(ctx, spaceID, filter)
 	if err != nil {
 		return nil, 0, fmt.Errorf("failed to count child repos: %w", err)
 	}
 
-	repos, err := c.repoStore.List(ctx, space.ID, filter)
+	repos, err := c.repoStore.List(ctx, spaceID, filter)
 	if err != nil {
 		return nil, 0, fmt.Errorf("failed to list child repos: %w", err)
 	}

internal/api/controller/space/list_spaces.go

@@ -14,9 +14,7 @@ import (
 	"github.com/harness/gitness/types/enum"
 )
 
-/*
+// ListSpaces lists the child spaces of a space.
-* ListSpaces lists the child spaces of a space.
- */
 func (c *Controller) ListSpaces(ctx context.Context, session *auth.Session,
 	spaceRef string, filter *types.SpaceFilter) ([]*types.Space, int64, error) {
 	space, err := c.spaceStore.FindByRef(ctx, spaceRef)
@@ -27,13 +25,17 @@ func (c *Controller) ListSpaces(ctx context.Context, session *auth.Session,
 	if err = apiauth.CheckSpace(ctx, c.authorizer, session, space, enum.PermissionSpaceView, true); err != nil {
 		return nil, 0, err
 	}
+	return c.ListSpacesNoAuth(ctx, space.ID, filter)
+}
 
-	count, err := c.spaceStore.Count(ctx, space.ID, filter)
+// List spaces WITHOUT checking PermissionSpaceView.
+func (c *Controller) ListSpacesNoAuth(ctx context.Context, spaceID int64, filter *types.SpaceFilter) ([]*types.Space, int64, error) {
+	count, err := c.spaceStore.Count(ctx, spaceID, filter)
 	if err != nil {
 		return nil, 0, fmt.Errorf("failed to count child spaces: %w", err)
 	}
 
-	spaces, err := c.spaceStore.List(ctx, space.ID, filter)
+	spaces, err := c.spaceStore.List(ctx, spaceID, filter)
 	if err != nil {
 		return nil, 0, fmt.Errorf("failed to list child spaces: %w", err)
 	}

internal/api/controller/space/wire.go

@@ -5,6 +5,7 @@
 package space
 
 import (
+	"github.com/harness/gitness/internal/api/controller/repo"
 	"github.com/harness/gitness/internal/auth/authz"
 	"github.com/harness/gitness/internal/store"
 	"github.com/harness/gitness/internal/url"
@@ -21,6 +22,6 @@ var WireSet = wire.NewSet(
 
 func ProvideController(db *sqlx.DB, urlProvider *url.Provider, uidCheck check.PathUID, authorizer authz.Authorizer,
 	pathStore store.PathStore, spaceStore store.SpaceStore, repoStore store.RepoStore,
-	principalStore store.PrincipalStore) *Controller {
+	principalStore store.PrincipalStore, repoCtrl *repo.Controller) *Controller {
-	return NewController(db, urlProvider, uidCheck, authorizer, pathStore, spaceStore, repoStore, principalStore)
+	return NewController(db, urlProvider, uidCheck, authorizer, pathStore, spaceStore, repoStore, principalStore, repoCtrl)
 }