Add team option to grant rights for all organization repositories

[ngourdon]

• add new option to team
• use the new option for owner team to unify the processing
• grant access to members
• update team API

Fix #6409 and #2654

related PR go-gitea/go-sdk#166

[ngourdon]

Behaviour is the same for Owners teams and teams which includes all repositories.
I added a handling in TransferOwnership which was missed.
All repositories are still added to teams which includes all repositories because it is how it is for Owners teams and some functions won't work without it (like access.go:recalculateTeamAccesses or org_team.go:AddTeamMember.
Ready for review.

[lafriks]

Drone fails

[ngourdon]

There's still a change in the gitea sdk to add the new field IncludesAllRepositories in the API.
This fails the task test-vendor in the CI build.

There is a PR go-gitea/go-sdk#166 opened for this change.

[codecov-io]

Codecov Report

Merging #6791 into master will increase coverage by 0.01%.
The diff coverage is 40%.

@@            Coverage Diff            @@
##           master   #6791      +/-   ##
=========================================
+ Coverage   41.19%   41.2%   +0.01%     
=========================================
  Files         469     470       +1     
  Lines       63536   63591      +55     
=========================================
+ Hits        26171   26205      +34     
- Misses      33943   33960      +17     
- Partials     3422    3426       +4

Impacted Files	Coverage Δ
models/migrations/migrations.go	1.32% <ø> (ø)	⬆️
modules/auth/org.go	0% <ø> (ø)	⬆️
models/migrations/v90.go	0% <0%> (ø)
routers/org/teams.go	0% <0%> (ø)	⬆️
models/org.go	69.54% <100%> (+0.42%)	⬆️
routers/api/v1/convert/convert.go	84.03% <100%> (+0.07%)	⬆️
routers/api/v1/org/team.go	25.93% <100%> (+0.34%)	⬆️
models/repo.go	49.23% <17.64%> (+0.63%)	⬆️
models/org_team.go	50.88% <35.71%> (-1.17%)	⬇️
models/repo_watch.go	65.11% <0%> (-3.49%)	⬇️
... and 7 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a0820e0...8f297ca. Read the comment docs.

[ngourdon]

Merge to master.
The PR go-gitea/go-sdk#166 is no longer required thanks to #6905
Build is passing

[lunny]

Please resolve the conflicts

[ngourdon]

@lunny conflicts resolved

[lunny]

Why not just change includesAllRepository to true?

[ngourdon]

All repositories need to be added to the team because access rights management won't work without them.
It is the same behavior as for owners teams.

[lunny]

OK. And I think we should use a better method to batch insert a slice of team_repo.

[ngourdon]

Sure we can use a better method to batch insert a slice of team_repo but the method addRepository do a lot more than that.
imho I don't think the batch insert will be worth it compared to the whole processing.

[lunny]

Assume there are 1000 repositories on this organization. And the code here is not work with sqlite database.

[lunny]

It still return 500 on my local test.

[ngourdon]

I can't reproduce the issue. I must do it wrong.
I build with TAGS="bindata sqlite sqlite_unlock_notify" make clean generate build
I tested on Linux and Windows.
Do the UT pass on your local machine?
Can you please give me the steps which lead to the error 500?

[lunny]

That's what I compiled locally. I'm on macOS. Just grant team to all organization repositories.

[ngourdon]

The UT must fail, don't they?

[davidsvantesson]

Problematic in pgSQL as well (500). After some debugging I found hasTeamRepo get this error: lib/pq#635

[davidsvantesson]

I would like to have a warning when pressing 'Update Setting' if includes_all_repositories was changed from false to true. Something like "This will add access for the team access to all 1118 repositories in the organization" Ok/Cancel.
If you have really many repositories and someone do this change by mistake, it will take time to restore.

[lafriks]

Please resolve conflicts

[davidsvantesson]

@ngourdon doesn't seem to be active right now. Can I take over this (create a new PR)?

[lunny]

replaced by #8688