Virtual user gitea-bots

models/bots/teabot.go

@@ -0,0 +1,16 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package bots
+
+import user_model "code.gitea.io/gitea/models/user"
+
+// NewBotUser creates and returns a fake user for running the build.
+func NewBotUser() *user_model.User {
+	return &user_model.User{
+		ID:        -2,
+		Name:      "gitea-bots",
+		LowerName: "gitea-bots",
+	}
+}

models/user/user.go

@@ -577,6 +577,13 @@ func (u *User) IsGhost() bool {
 	return u.ID == -1 && u.Name == "Ghost"
 }
 
+func (u *User) IsBots() bool {
+	if u == nil {
+		return false
+	}
+	return u.ID == -2 && u.Name == "gitea-bots"
+}
+
 var (
 	reservedUsernames = []string{
 		".",

services/auth/basic.go

@@ -109,26 +109,12 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
 	}
 
 	// check runner token
+	// FIXME: the token should be a task token and return a task
 	runner, err := bots_model.GetRunnerByToken(authToken)
-	if err == nil {
+	if err == nil && runner != nil {
 		log.Trace("Basic Authorization: Valid AccessToken for runner[%d]", runner.ID)
 
-		if runner.OwnerID > 0 {
+		return bots_model.NewBotUser()
-			u, err := user_model.GetUserByID(runner.OwnerID)
-			if err != nil {
-				log.Error("GetUserByID:  %v", err)
-				return nil
-			}
-			return u
-		}
-
-		// FIXME: for a system wide runner, runner act as admin?? Or we should have a bot account
-		u, err := user_model.GetAdminUser()
-		if err != nil {
-			log.Error("GetUserByID:  %v", err)
-			return nil
-		}
-		return u
 	} else {
 		log.Error("GetRunnerByToken: %v", err)
 	}