Support bot user

models/bots/run.go

@@ -77,7 +77,7 @@ func (run *Run) LoadAttributes(ctx context.Context) error {
 	}
 
 	if run.TriggerUser == nil {
-		u, err := user_model.GetUserByIDCtx(ctx, run.TriggerUserID)
+		u, err := user_model.GetPossbileUserByID(ctx, run.TriggerUserID)
 		if err != nil {
 			return err
 		}

models/bots/teabot.go

@@ -1,27 +0,0 @@
-// Copyright 2022 The Gitea Authors. All rights reserved.
-// Use of this source code is governed by a MIT-style
-// license that can be found in the LICENSE file.
-
-package bots
-
-import (
-	user_model "code.gitea.io/gitea/models/user"
-	"code.gitea.io/gitea/modules/structs"
-)
-
-// NewBotUser creates and returns a fake user for running the build.
-func NewBotUser() *user_model.User {
-	return &user_model.User{
-		ID:                      -2,
-		Name:                    "gitea-bots",
-		LowerName:               "gitea-bots",
-		IsActive:                true,
-		FullName:                "Gitea Bots",
-		Email:                   "teabot@gitea.io",
-		KeepEmailPrivate:        true,
-		LoginName:               "gitea-bots",
-		Type:                    user_model.UserTypeIndividual,
-		AllowCreateOrganization: true,
-		Visibility:              structs.VisibleTypePublic,
-	}
-}

models/issues/comment.go

@@ -351,7 +351,7 @@ func (c *Comment) LoadPoster(ctx context.Context) (err error) {
 		return nil
 	}
 
-	c.Poster, err = user_model.GetUserByIDCtx(ctx, c.PosterID)
+	c.Poster, err = user_model.GetPossbileUserByID(ctx, c.PosterID)
 	if err != nil {
 		if user_model.IsErrUserNotExist(err) {
 			c.PosterID = -1

models/issues/comment_list.go

@@ -49,14 +49,17 @@ func (comments CommentList) LoadPosters(ctx context.Context) error {
 	}
 
 	for _, comment := range comments {
-		if comment.PosterID <= 0 {
+		if comment.PosterID == user_model.BotUserID {
+			comment.Poster = user_model.NewBotUser()
+		} else if comment.PosterID <= 0 {
 			continue
-		}
+		} else {
 			var ok bool
 			if comment.Poster, ok = posterMaps[comment.PosterID]; !ok {
 				comment.Poster = user_model.NewGhostUser()
 			}
 		}
+	}
 	return nil
 }
 

models/issues/issue.go

@@ -243,7 +243,7 @@ func (issue *Issue) LoadLabels(ctx context.Context) (err error) {
 // LoadPoster loads poster
 func (issue *Issue) LoadPoster(ctx context.Context) (err error) {
 	if issue.Poster == nil {
-		issue.Poster, err = user_model.GetUserByIDCtx(ctx, issue.PosterID)
+		issue.Poster, err = user_model.GetPossbileUserByID(ctx, issue.PosterID)
 		if err != nil {
 			issue.PosterID = -1
 			issue.Poster = user_model.NewGhostUser()

models/issues/issue_list.go

@@ -106,14 +106,17 @@ func (issues IssueList) loadPosters(ctx context.Context) error {
 	}
 
 	for _, issue := range issues {
-		if issue.PosterID <= 0 {
+		if issue.PosterID == user_model.BotUserID {
+			issue.Poster = user_model.NewBotUser()
+		} else if issue.PosterID <= 0 {
 			continue
-		}
+		} else {
 			var ok bool
 			if issue.Poster, ok = posterMaps[issue.PosterID]; !ok {
 				issue.Poster = user_model.NewGhostUser()
 			}
 		}
+	}
 	return nil
 }
 

models/issues/review.go

@@ -159,7 +159,7 @@ func (r *Review) LoadReviewer(ctx context.Context) (err error) {
 	if r.ReviewerID == 0 || r.Reviewer != nil {
 		return
 	}
-	r.Reviewer, err = user_model.GetUserByIDCtx(ctx, r.ReviewerID)
+	r.Reviewer, err = user_model.GetPossbileUserByID(ctx, r.ReviewerID)
 	return err
 }
 

models/user/user.go

@@ -551,39 +551,6 @@ func GetUserSalt() (string, error) {
 	return hex.EncodeToString(rBytes), nil
 }
 
-// NewGhostUser creates and returns a fake user for someone has deleted their account.
-func NewGhostUser() *User {
-	return &User{
-		ID:        -1,
-		Name:      "Ghost",
-		LowerName: "ghost",
-	}
-}
-
-// NewReplaceUser creates and returns a fake user for external user
-func NewReplaceUser(name string) *User {
-	return &User{
-		ID:        -1,
-		Name:      name,
-		LowerName: strings.ToLower(name),
-	}
-}
-
-// IsGhost check if user is fake user for a deleted account
-func (u *User) IsGhost() bool {
-	if u == nil {
-		return false
-	}
-	return u.ID == -1 && u.Name == "Ghost"
-}
-
-func (u *User) IsBots() bool {
-	if u == nil {
-		return false
-	}
-	return u.ID == -2 && u.Name == "gitea-bots"
-}
-
 var (
 	reservedUsernames = []string{
 		".",
@@ -1017,6 +984,20 @@ func GetUserByIDCtx(ctx context.Context, id int64) (*User, error) {
 	return u, nil
 }
 
+// GetPossbileUserByID returns the user if id > 0 or return system usrs if id < 0
+func GetPossbileUserByID(ctx context.Context, id int64) (*User, error) {
+	switch id {
+	case -1:
+		return NewGhostUser(), nil
+	case BotUserID:
+		return NewBotUser(), nil
+	case 0:
+		return nil, ErrUserNotExist{}
+	default:
+		return GetUserByIDCtx(ctx, id)
+	}
+}
+
 // GetUserByNameCtx returns user by given name.
 func GetUserByName(ctx context.Context, name string) (*User, error) {
 	if len(name) == 0 {

models/user/user_system.go

@@ -0,0 +1,63 @@
+// Copyright 2022 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package user
+
+import (
+	"strings"
+
+	"code.gitea.io/gitea/modules/structs"
+)
+
+// NewGhostUser creates and returns a fake user for someone has deleted their account.
+func NewGhostUser() *User {
+	return &User{
+		ID:        -1,
+		Name:      "Ghost",
+		LowerName: "ghost",
+	}
+}
+
+// IsGhost check if user is fake user for a deleted account
+func (u *User) IsGhost() bool {
+	if u == nil {
+		return false
+	}
+	return u.ID == -1 && u.Name == "Ghost"
+}
+
+// NewReplaceUser creates and returns a fake user for external user
+func NewReplaceUser(name string) *User {
+	return &User{
+		ID:        -1,
+		Name:      name,
+		LowerName: strings.ToLower(name),
+	}
+}
+
+const BotUserID = -2
+
+// NewBotUser creates and returns a fake user for running the build.
+func NewBotUser() *User {
+	return &User{
+		ID:                      BotUserID,
+		Name:                    "gitea-bots",
+		LowerName:               "gitea-bots",
+		IsActive:                true,
+		FullName:                "Gitea Bots",
+		Email:                   "teabot@gitea.io",
+		KeepEmailPrivate:        true,
+		LoginName:               "gitea-bots",
+		Type:                    UserTypeIndividual,
+		AllowCreateOrganization: true,
+		Visibility:              structs.VisibleTypePublic,
+	}
+}
+
+func (u *User) IsBots() bool {
+	if u == nil {
+		return false
+	}
+	return u.ID == BotUserID && u.Name == "gitea-bots"
+}

routers/api/v1/api.go

@@ -73,6 +73,7 @@ import (
 
 	"code.gitea.io/gitea/models/organization"
 	"code.gitea.io/gitea/models/perm"
+	perm_model "code.gitea.io/gitea/models/perm"
 	access_model "code.gitea.io/gitea/models/perm/access"
 	repo_model "code.gitea.io/gitea/models/repo"
 	"code.gitea.io/gitea/models/unit"
@@ -185,11 +186,24 @@ func repoAssignment() func(ctx *context.APIContext) {
 		repo.Owner = owner
 		ctx.Repo.Repository = repo
 
+		if ctx.Doer.ID == user_model.BotUserID {
+			ctx.Repo.Permission.AccessMode = perm_model.AccessModeAdmin
+			if err := ctx.Repo.Repository.LoadUnits(ctx); err != nil {
+				ctx.Error(http.StatusInternalServerError, "LoadUnits", err)
+				return
+			}
+			ctx.Repo.Permission.Units = ctx.Repo.Repository.Units
+			ctx.Repo.Permission.UnitsMode = make(map[unit.Type]perm_model.AccessMode)
+			for _, u := range ctx.Repo.Repository.Units {
+				ctx.Repo.Permission.UnitsMode[u.Type] = ctx.Repo.Permission.AccessMode
+			}
+		} else {
 			ctx.Repo.Permission, err = access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
 			if err != nil {
 				ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err)
 				return
 			}
+		}
 
 		if !ctx.Repo.HasAccess() {
 			ctx.NotFound()
@@ -210,7 +224,7 @@ func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.APIContext)
 // Contexter middleware already checks token for user sign in process.
 func reqToken() func(ctx *context.APIContext) {
 	return func(ctx *context.APIContext) {
-		if true == ctx.Data["IsApiToken"] {
+		if true == ctx.Data["IsApiToken"] || true == ctx.Data["IsBotToken"] {
 			return
 		}
 		if ctx.Context.IsBasicAuth {

routers/private/hook_pre_receive.go

@@ -13,7 +13,6 @@ import (
 
 	"code.gitea.io/gitea/models"
 	asymkey_model "code.gitea.io/gitea/models/asymkey"
-	bots_model "code.gitea.io/gitea/models/bots"
 	git_model "code.gitea.io/gitea/models/git"
 	issues_model "code.gitea.io/gitea/models/issues"
 	perm_model "code.gitea.io/gitea/models/perm"
@@ -466,8 +465,8 @@ func (ctx *preReceiveContext) loadPusherAndPermission() bool {
 		return true
 	}
 
-	if ctx.opts.UserID == -2 {
+	if ctx.opts.UserID == user_model.BotUserID {
-		ctx.user = bots_model.NewBotUser()
+		ctx.user = user_model.NewBotUser()
 		ctx.userPerm.AccessMode = perm_model.AccessModeAdmin
 		if err := ctx.Repo.Repository.LoadUnits(ctx); err != nil {
 			log.Error("Unable to get User id %d Error: %v", ctx.opts.UserID, err)

services/auth/basic.go

@@ -117,9 +117,9 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore
 		store.GetData()["IsBotToken"] = true
 		store.GetData()["BotTaskID"] = task.ID
 
-		return bots_model.NewBotUser()
+		return user_model.NewBotUser()
 	} else {
-		log.Error("GetRunnerByToken: %v", err)
+		log.Error("GetRunnerByToken: %v %v", task, err)
 	}
 
 	if !setting.Service.EnableBasicAuth {