Use middleware to load org (#4208)

Co-authored-by: Anbraten <6918444+anbraten@users.noreply.github.com>
Co-authored-by: Anbraten <anton@ju60.de>

server/router/api.go

@@ -52,13 +52,15 @@ func apiRoutes(e *gin.RouterGroup) {
 			orgs.GET("/lookup/*org_full_name", api.LookupOrg)
 			orgBase := orgs.Group("/:org_id")
 			{
+				orgBase.Use(session.SetOrg())
+				orgBase.Use(session.MustOrg())
 				orgBase.GET("/permissions", api.GetOrgPermissions)
+				orgBase.GET("", session.MustOrgMember(false), api.GetOrg)
 
 				org := orgBase.Group("")
 				{
 					org.Use(session.MustOrgMember(true))
 					org.DELETE("", session.MustAdmin(), api.DeleteOrg)
-					org.GET("", api.GetOrg)
 
 					org.GET("/secrets", api.GetOrgSecretList)
 					org.POST("/secrets", api.PostOrgSecret)

server/router/middleware/session/org.go

@@ -0,0 +1,86 @@
+// Copyright 2024 Woodpecker Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package session
+
+import (
+	"errors"
+	"net/http"
+	"strconv"
+
+	"github.com/gin-gonic/gin"
+
+	"go.woodpecker-ci.org/woodpecker/v2/server/model"
+	"go.woodpecker-ci.org/woodpecker/v2/server/store"
+	"go.woodpecker-ci.org/woodpecker/v2/server/store/types"
+)
+
+func Org(c *gin.Context) *model.Org {
+	v, ok := c.Get("org")
+	if !ok {
+		return nil
+	}
+	r, ok := v.(*model.Org)
+	if !ok {
+		return nil
+	}
+	return r
+}
+
+func SetOrg() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		var (
+			orgID int64
+			err   error
+		)
+
+		orgParam := c.Param("org_id")
+		if orgParam != "" {
+			orgID, err = strconv.ParseInt(orgParam, 10, 64)
+			if err != nil {
+				c.String(http.StatusBadRequest, "Invalid organization ID")
+				c.Abort()
+				return
+			}
+		}
+
+		org, err := store.FromContext(c).OrgGet(orgID)
+		if err != nil && !errors.Is(err, types.RecordNotExist) {
+			_ = c.AbortWithError(http.StatusInternalServerError, err)
+			return
+		}
+
+		if org == nil {
+			c.String(http.StatusNotFound, "Organization not found")
+			c.Abort()
+			return
+		}
+
+		c.Set("org", org)
+		c.Next()
+	}
+}
+
+func MustOrg() gin.HandlerFunc {
+	return func(c *gin.Context) {
+		org := Org(c)
+		switch {
+		case org == nil:
+			c.String(http.StatusNotFound, "Organization not loaded")
+			c.Abort()
+		default:
+			c.Next()
+		}
+	}
+}

server/router/middleware/session/user.go

@@ -122,8 +122,6 @@ func MustUser() gin.HandlerFunc {
 
 func MustOrgMember(admin bool) gin.HandlerFunc {
 	return func(c *gin.Context) {
-		_store := store.FromContext(c)
-
 		user := User(c)
 		if user == nil {
 			c.String(http.StatusUnauthorized, "User not authorized")
@@ -131,15 +129,10 @@ func MustOrgMember(admin bool) gin.HandlerFunc {
 			return
 		}
 
-		orgID, err := strconv.ParseInt(c.Param("org_id"), 10, 64)
-		if err != nil {
-			c.String(http.StatusBadRequest, "Error parsing org id. %s", err)
-			return
-		}
-
-		org, err := _store.OrgGet(orgID)
-		if err != nil {
-			c.String(http.StatusNotFound, "Organization not found")
+		org := Org(c)
+		if org == nil {
+			c.String(http.StatusBadRequest, "Organization not loaded")
+			c.Abort()
 			return
 		}