func Action(ctx *context.Context) {
var err error
switch ctx.Params(":action") {
case "watch":
err = models.WatchRepo(ctx.User.ID, ctx.Repo.Repository.ID, true)
case "unwatch":
err = models.WatchRepo(ctx.User.ID, ctx.Repo.Repository.ID, false)
case "star":
err = models.StarRepo(ctx.User.ID, ctx.Repo.Repository.ID, true)
case "unstar":
err = models.StarRepo(ctx.User.ID, ctx.Repo.Repository.ID, false)
case "desc": // FIXME: this is not used
if !ctx.Repo.IsOwner() {
ctx.Error(404)
return
}
ctx.Repo.Repository.Description = ctx.Query("desc")
ctx.Repo.Repository.Website = ctx.Query("site")
err = models.UpdateRepository(ctx.Repo.Repository, false)
}
if err != nil {
ctx.Handle(500, fmt.Sprintf("Action (%s)", ctx.Params(":action")), err)
return
}
redirectTo := ctx.Query("redirect_to")
if len(redirectTo) == 0 {
redirectTo = ctx.Repo.RepoLink
}
ctx.Redirect(redirectTo)
}
func UpdateCommentContent(ctx *context.Context) {
comment, err := models.GetCommentByID(ctx.ParamsInt64(":id"))
if err != nil {
ctx.NotFoundOrServerError("GetCommentByID", models.IsErrCommentNotExist, err)
return
}
if !ctx.IsSigned || (ctx.User.ID != comment.PosterID && !ctx.Repo.IsAdmin()) {
ctx.Error(403)
return
} else if comment.Type != models.COMMENT_TYPE_COMMENT {
ctx.Error(204)
return
}
comment.Content = ctx.Query("content")
if len(comment.Content) == 0 {
ctx.JSON(200, map[string]interface{}{
"content": "",
})
return
}
if err = models.UpdateComment(comment); err != nil {
ctx.Handle(500, "UpdateComment", err)
return
}
ctx.JSON(200, map[string]interface{}{
"content": string(markdown.Render([]byte(comment.Content), ctx.Query("context"), ctx.Repo.Repository.ComposeMetas())),
})
}
func checkContextUser(ctx *context.Context, uid int64) *models.User {
orgs, err := models.GetOwnedOrgsByUserIDDesc(ctx.User.ID, "updated_unix")
if err != nil {
ctx.Handle(500, "GetOwnedOrgsByUserIDDesc", err)
return nil
}
ctx.Data["Orgs"] = orgs
// Not equal means current user is an organization.
if uid == ctx.User.ID || uid == 0 {
return ctx.User
}
org, err := models.GetUserByID(uid)
if models.IsErrUserNotExist(err) {
return ctx.User
}
if err != nil {
ctx.Handle(500, "GetUserByID", fmt.Errorf("[%d]: %v", uid, err))
return nil
}
// Check ownership of organization.
if !org.IsOrganization() || !(ctx.User.IsAdmin || org.IsOwnedBy(ctx.User.ID)) {
ctx.Error(403)
return nil
}
return org
}
func TeamsRepoAction(ctx *context.Context) {
if !ctx.Org.IsOwner {
ctx.Error(404)
return
}
var err error
switch ctx.Params(":action") {
case "add":
repoName := path.Base(ctx.Query("repo_name"))
var repo *models.Repository
repo, err = models.GetRepositoryByName(ctx.Org.Organization.ID, repoName)
if err != nil {
if models.IsErrRepoNotExist(err) {
ctx.Flash.Error(ctx.Tr("org.teams.add_nonexistent_repo"))
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + ctx.Org.Team.LowerName + "/repositories")
return
}
ctx.Handle(500, "GetRepositoryByName", err)
return
}
err = ctx.Org.Team.AddRepository(repo)
case "remove":
err = ctx.Org.Team.RemoveRepository(com.StrTo(ctx.Query("repoid")).MustInt64())
}
if err != nil {
log.Error(3, "Action(%s): '%s' %v", ctx.Params(":action"), ctx.Org.Team.Name, err)
ctx.Handle(500, "TeamsRepoAction", err)
return
}
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + ctx.Org.Team.LowerName + "/repositories")
}
func UpdateIssueTitle(ctx *context.Context) {
issue := getActionIssue(ctx)
if ctx.Written() {
return
}
if !ctx.IsSigned || (!issue.IsPoster(ctx.User.ID) && !ctx.Repo.IsWriter()) {
ctx.Error(403)
return
}
title := ctx.QueryTrim("title")
if len(title) == 0 {
ctx.Error(204)
return
}
if err := issue.ChangeTitle(ctx.User, title); err != nil {
ctx.Handle(500, "ChangeTitle", err)
return
}
ctx.JSON(200, map[string]interface{}{
"title": issue.Title,
})
}
func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = ctx.Tr("admin.auths.new")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
ctx.Data["CurrentTypeName"] = models.LoginNames[models.LoginType(form.Type)]
ctx.Data["CurrentSecurityProtocol"] = models.SecurityProtocolNames[ldap.SecurityProtocol(form.SecurityProtocol)]
ctx.Data["AuthSources"] = authSources
ctx.Data["SecurityProtocols"] = securityProtocols
ctx.Data["SMTPAuths"] = models.SMTPAuths
hasTLS := false
var config core.Conversion
switch models.LoginType(form.Type) {
case models.LOGIN_LDAP, models.LOGIN_DLDAP:
config = parseLDAPConfig(form)
hasTLS = ldap.SecurityProtocol(form.SecurityProtocol) > ldap.SECURITY_PROTOCOL_UNENCRYPTED
case models.LOGIN_SMTP:
config = parseSMTPConfig(form)
hasTLS = true
case models.LOGIN_PAM:
config = &models.PAMConfig{
ServiceName: form.PAMServiceName,
}
default:
ctx.Error(400)
return
}
ctx.Data["HasTLS"] = hasTLS
if ctx.HasError() {
ctx.HTML(200, AUTH_NEW)
return
}
if err := models.CreateLoginSource(&models.LoginSource{
Type: models.LoginType(form.Type),
Name: form.Name,
IsActived: form.IsActive,
Cfg: config,
}); err != nil {
if models.IsErrLoginSourceAlreadyExist(err) {
ctx.Data["Err_Name"] = true
ctx.RenderWithErr(ctx.Tr("admin.auths.login_source_exist", err.(models.ErrLoginSourceAlreadyExist).Name), AUTH_NEW, form)
} else {
ctx.Handle(500, "CreateSource", err)
}
return
}
log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.Name)
ctx.Flash.Success(ctx.Tr("admin.auths.new_success", form.Name))
ctx.Redirect(setting.AppSubUrl + "/admin/auths")
}
func getActionIssue(ctx *context.Context) *models.Issue {
issue, err := models.GetIssueByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index"))
if err != nil {
if models.IsErrIssueNotExist(err) {
ctx.Error(404, "GetIssueByIndex")
} else {
ctx.Handle(500, "GetIssueByIndex", err)
}
return nil
}
return issue
}
func ResetPasswd(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("auth.reset_password")
code := ctx.Query("code")
if len(code) == 0 {
ctx.Error(404)
return
}
ctx.Data["Code"] = code
ctx.Data["IsResetForm"] = true
ctx.HTML(200, RESET_PASSWORD)
}
func ForkPost(ctx *context.Context, form auth.CreateRepoForm) {
ctx.Data["Title"] = ctx.Tr("new_fork")
forkRepo := getForkRepository(ctx)
if ctx.Written() {
return
}
ctxUser := checkContextUser(ctx, form.Uid)
if ctx.Written() {
return
}
ctx.Data["ContextUser"] = ctxUser
if ctx.HasError() {
ctx.HTML(200, FORK)
return
}
repo, has := models.HasForkedRepo(ctxUser.Id, forkRepo.ID)
if has {
ctx.Redirect(setting.AppSubUrl + "/" + ctxUser.Name + "/" + repo.Name)
return
}
// Check ownership of organization.
if ctxUser.IsOrganization() {
if !ctxUser.IsOwnedBy(ctx.User.Id) {
ctx.Error(403)
return
}
}
repo, err := models.ForkRepository(ctxUser, forkRepo, form.RepoName, form.Description)
if err != nil {
ctx.Data["Err_RepoName"] = true
switch {
case models.IsErrRepoAlreadyExist(err):
ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), FORK, &form)
case models.IsErrNameReserved(err):
ctx.RenderWithErr(ctx.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), FORK, &form)
case models.IsErrNamePatternNotAllowed(err):
ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), FORK, &form)
default:
ctx.Handle(500, "ForkPost", err)
}
return
}
log.Trace("Repository forked[%d]: %s/%s", forkRepo.ID, ctxUser.Name, repo.Name)
ctx.Redirect(setting.AppSubUrl + "/" + ctxUser.Name + "/" + repo.Name)
}
func Activate(ctx *context.Context) {
code := ctx.Query("code")
if len(code) == 0 {
ctx.Data["IsActivatePage"] = true
if ctx.User.IsActive {
ctx.Error(404)
return
}
// Resend confirmation e-mail.
if setting.Service.RegisterEmailConfirm {
if ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName) {
ctx.Data["ResendLimited"] = true
} else {
ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
mailer.SendActivateAccountMail(ctx.Context, ctx.User)
if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
}
}
} else {
ctx.Data["ServiceNotEnabled"] = true
}
ctx.HTML(200, ACTIVATE)
return
}
// Verify code.
if user := models.VerifyUserActiveCode(code); user != nil {
user.IsActive = true
user.Rands = models.GetUserSalt()
if err := models.UpdateUser(user); err != nil {
if models.IsErrUserNotExist(err) {
ctx.Error(404)
} else {
ctx.Handle(500, "UpdateUser", err)
}
return
}
log.Trace("User activated: %s", user.Name)
ctx.Session.Set("uid", user.Id)
ctx.Session.Set("uname", user.Name)
ctx.Redirect(setting.AppSubUrl + "/")
return
}
ctx.Data["IsActivateFailed"] = true
ctx.HTML(200, ACTIVATE)
}
func RemoveUploadFileFromServer(ctx *context.Context, form auth.RemoveUploadFileForm) {
if len(form.File) == 0 {
ctx.Status(204)
return
}
if err := models.DeleteUploadByUUID(form.File); err != nil {
ctx.Error(500, fmt.Sprintf("DeleteUploadByUUID: %v", err))
return
}
log.Trace("Upload file removed: %s", form.File)
ctx.Status(204)
}
func EditAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
ctx.Data["SMTPAuths"] = models.SMTPAuths
source, err := models.GetLoginSourceByID(ctx.ParamsInt64(":authid"))
if err != nil {
ctx.Handle(500, "GetLoginSourceByID", err)
return
}
ctx.Data["Source"] = source
ctx.Data["HasTLS"] = source.HasTLS()
if ctx.HasError() {
ctx.HTML(200, AUTH_EDIT)
return
}
var config core.Conversion
switch models.LoginType(form.Type) {
case models.LOGIN_LDAP, models.LOGIN_DLDAP:
config = parseLDAPConfig(form)
case models.LOGIN_SMTP:
config = parseSMTPConfig(form)
case models.LOGIN_PAM:
config = &models.PAMConfig{
ServiceName: form.PAMServiceName,
}
default:
ctx.Error(400)
return
}
source.Name = form.Name
source.IsActived = form.IsActive
source.Cfg = config
if err := models.UpdateSource(source); err != nil {
ctx.Handle(500, "UpdateSource", err)
return
}
log.Trace("Authentication changed by admin(%s): %s", ctx.User.Name, source.ID)
ctx.Flash.Success(ctx.Tr("admin.auths.update_success"))
ctx.Redirect(setting.AppSubUrl + "/admin/auths/" + com.ToStr(form.ID))
}
func EditTeamPost(ctx *context.Context, form auth.CreateTeamForm) {
t := ctx.Org.Team
ctx.Data["Title"] = ctx.Org.Organization.FullName
ctx.Data["PageIsOrgTeams"] = true
ctx.Data["Team"] = t
if ctx.HasError() {
ctx.HTML(200, TEAM_NEW)
return
}
isAuthChanged := false
if !t.IsOwnerTeam() {
// Validate permission level.
var auth models.AccessMode
switch form.Permission {
case "read":
auth = models.ACCESS_MODE_READ
case "write":
auth = models.ACCESS_MODE_WRITE
case "admin":
auth = models.ACCESS_MODE_ADMIN
default:
ctx.Error(401)
return
}
t.Name = form.TeamName
if t.Authorize != auth {
isAuthChanged = true
t.Authorize = auth
}
}
t.Description = form.Description
if err := models.UpdateTeam(t, isAuthChanged); err != nil {
ctx.Data["Err_TeamName"] = true
switch {
case models.IsErrTeamAlreadyExist(err):
ctx.RenderWithErr(ctx.Tr("form.team_name_been_taken"), TEAM_NEW, &form)
default:
ctx.Handle(500, "UpdateTeam", err)
}
return
}
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + t.LowerName)
}
func NewTeamPost(ctx *context.Context, form auth.CreateTeamForm) {
ctx.Data["Title"] = ctx.Org.Organization.FullName
ctx.Data["PageIsOrgTeams"] = true
ctx.Data["PageIsOrgTeamsNew"] = true
// Validate permission level.
var auth models.AccessMode
switch form.Permission {
case "read":
auth = models.ACCESS_MODE_READ
case "write":
auth = models.ACCESS_MODE_WRITE
case "admin":
auth = models.ACCESS_MODE_ADMIN
default:
ctx.Error(401)
return
}
t := &models.Team{
OrgID: ctx.Org.Organization.Id,
Name: form.TeamName,
Description: form.Description,
Authorize: auth,
}
ctx.Data["Team"] = t
if ctx.HasError() {
ctx.HTML(200, TEAM_NEW)
return
}
if err := models.NewTeam(t); err != nil {
ctx.Data["Err_TeamName"] = true
switch {
case models.IsErrTeamAlreadyExist(err):
ctx.RenderWithErr(ctx.Tr("form.team_name_been_taken"), TEAM_NEW, &form)
default:
ctx.Handle(500, "NewTeam", err)
}
return
}
log.Trace("Team created: %s/%s", ctx.Org.Organization.Name, t.Name)
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + t.LowerName)
}
func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = ctx.Tr("admin.auths.new")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
ctx.Data["CurTypeName"] = models.LoginNames[models.LoginType(form.Type)]
ctx.Data["AuthSources"] = authSources
ctx.Data["SMTPAuths"] = models.SMTPAuths
if ctx.HasError() {
ctx.HTML(200, AUTH_NEW)
return
}
var config core.Conversion
switch models.LoginType(form.Type) {
case models.LOGIN_LDAP, models.LOGIN_DLDAP:
config = parseLDAPConfig(form)
case models.LOGIN_SMTP:
config = parseSMTPConfig(form)
case models.LOGIN_PAM:
config = &models.PAMConfig{
ServiceName: form.PAMServiceName,
}
default:
ctx.Error(400)
return
}
if err := models.CreateSource(&models.LoginSource{
Type: models.LoginType(form.Type),
Name: form.Name,
IsActived: form.IsActive,
Cfg: config,
}); err != nil {
ctx.Handle(500, "CreateSource", err)
return
}
log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.Name)
ctx.Flash.Success(ctx.Tr("admin.auths.new_success", form.Name))
ctx.Redirect(setting.AppSubUrl + "/admin/auths")
}
func UpdateLabel(ctx *context.Context, form auth.CreateLabelForm) {
l, err := models.GetLabelByID(form.ID)
if err != nil {
switch {
case models.IsErrLabelNotExist(err):
ctx.Error(404)
default:
ctx.Handle(500, "UpdateLabel", err)
}
return
}
l.Name = form.Title
l.Color = form.Color
if err := models.UpdateLabel(l); err != nil {
ctx.Handle(500, "UpdateLabel", err)
return
}
ctx.Redirect(ctx.Repo.RepoLink + "/labels")
}
func UpdateIssueContent(ctx *context.Context) {
issue := getActionIssue(ctx)
if ctx.Written() {
return
}
if !ctx.IsSigned || (ctx.User.ID != issue.PosterID && !ctx.Repo.IsWriter()) {
ctx.Error(403)
return
}
content := ctx.Query("content")
if err := issue.ChangeContent(ctx.User, content); err != nil {
ctx.Handle(500, "ChangeContent", err)
return
}
ctx.JSON(200, map[string]interface{}{
"content": string(markdown.Render([]byte(issue.Content), ctx.Query("context"), ctx.Repo.Repository.ComposeMetas())),
})
}
func UpdateIssueLabel(ctx *context.Context) {
issue := getActionIssue(ctx)
if ctx.Written() {
return
}
if ctx.Query("action") == "clear" {
if err := issue.ClearLabels(ctx.User); err != nil {
ctx.Handle(500, "ClearLabels", err)
return
}
} else {
isAttach := ctx.Query("action") == "attach"
label, err := models.GetLabelByID(ctx.QueryInt64("id"))
if err != nil {
if models.IsErrLabelNotExist(err) {
ctx.Error(404, "GetLabelByID")
} else {
ctx.Handle(500, "GetLabelByID", err)
}
return
}
if isAttach && !issue.HasLabel(label.ID) {
if err = issue.AddLabel(ctx.User, label); err != nil {
ctx.Handle(500, "AddLabel", err)
return
}
} else if !isAttach && issue.HasLabel(label.ID) {
if err = issue.RemoveLabel(ctx.User, label); err != nil {
ctx.Handle(500, "RemoveLabel", err)
return
}
}
}
ctx.JSON(200, map[string]interface{}{
"ok": true,
})
}
func DiffPreviewPost(ctx *context.Context, form auth.EditPreviewDiffForm) {
treePath := ctx.Repo.TreePath
entry, err := ctx.Repo.Commit.GetTreeEntryByPath(treePath)
if err != nil {
ctx.Error(500, "GetTreeEntryByPath: "+err.Error())
return
} else if entry.IsDir() {
ctx.Error(422)
return
}
diff, err := ctx.Repo.Repository.GetDiffPreview(ctx.Repo.BranchName, treePath, form.Content)
if err != nil {
ctx.Error(500, "GetDiffPreview: "+err.Error())
return
}
if diff.NumFiles() == 0 {
ctx.PlainText(200, []byte(ctx.Tr("repo.editor.no_changes_to_show")))
return
}
ctx.Data["File"] = diff.Files[0]
ctx.HTML(200, EDIT_DIFF_PREVIEW)
}
func TriggerTask(ctx *context.Context) {
pusherID := ctx.QueryInt64("pusher")
branch := ctx.Query("branch")
secret := ctx.Query("secret")
if len(branch) == 0 || len(secret) == 0 || pusherID <= 0 {
ctx.Error(404)
log.Trace("TriggerTask: branch or secret is empty, or pusher ID is not valid")
return
}
owner, repo := parseOwnerAndRepo(ctx)
if ctx.Written() {
return
}
if secret != base.EncodeMD5(owner.Salt) {
ctx.Error(404)
log.Trace("TriggerTask [%s/%s]: invalid secret", owner.Name, repo.Name)
return
}
pusher, err := models.GetUserByID(pusherID)
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.Error(404)
} else {
ctx.Handle(500, "GetUserByID", err)
}
return
}
log.Trace("TriggerTask '%s/%s' by %s", repo.Name, branch, pusher.Name)
go models.HookQueue.Add(repo.ID)
go models.AddTestPullRequestTask(pusher, repo.ID, branch, true)
ctx.Status(202)
}
func DeleteComment(ctx *context.Context) {
comment, err := models.GetCommentByID(ctx.ParamsInt64(":id"))
if err != nil {
ctx.NotFoundOrServerError("GetCommentByID", models.IsErrCommentNotExist, err)
return
}
if !ctx.IsSigned || (ctx.User.ID != comment.PosterID && !ctx.Repo.IsAdmin()) {
ctx.Error(403)
return
} else if comment.Type != models.COMMENT_TYPE_COMMENT {
ctx.Error(204)
return
}
if err = models.DeleteCommentByID(comment.ID); err != nil {
ctx.Handle(500, "DeleteCommentByID", err)
return
}
ctx.Status(200)
}
func ResetPasswdPost(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("auth.reset_password")
code := ctx.Query("code")
if len(code) == 0 {
ctx.Error(404)
return
}
ctx.Data["Code"] = code
if u := models.VerifyUserActiveCode(code); u != nil {
// Validate password length.
passwd := ctx.Query("password")
if len(passwd) < 6 {
ctx.Data["IsResetForm"] = true
ctx.Data["Err_Password"] = true
ctx.RenderWithErr(ctx.Tr("auth.password_too_short"), RESET_PASSWORD, nil)
return
}
u.Passwd = passwd
u.Rands = models.GetUserSalt()
u.Salt = models.GetUserSalt()
u.EncodePasswd()
if err := models.UpdateUser(u); err != nil {
ctx.Handle(500, "UpdateUser", err)
return
}
log.Trace("User password reset: %s", u.Name)
ctx.Redirect(setting.AppSubUrl + "/user/login")
return
}
ctx.Data["IsResetFailed"] = true
ctx.HTML(200, RESET_PASSWORD)
}
func MembersAction(ctx *context.Context) {
uid := com.StrTo(ctx.Query("uid")).MustInt64()
if uid == 0 {
ctx.Redirect(ctx.Org.OrgLink + "/members")
return
}
org := ctx.Org.Organization
var err error
switch ctx.Params(":action") {
case "private":
if ctx.User.ID != uid && !ctx.Org.IsOwner {
ctx.Error(404)
return
}
err = models.ChangeOrgUserStatus(org.ID, uid, false)
case "public":
if ctx.User.ID != uid && !ctx.Org.IsOwner {
ctx.Error(404)
return
}
err = models.ChangeOrgUserStatus(org.ID, uid, true)
case "remove":
if !ctx.Org.IsOwner {
ctx.Error(404)
return
}
err = org.RemoveMember(uid)
if models.IsErrLastOrgOwner(err) {
ctx.Flash.Error(ctx.Tr("form.last_org_owner"))
ctx.Redirect(ctx.Org.OrgLink + "/members")
return
}
case "leave":
err = org.RemoveMember(ctx.User.ID)
if models.IsErrLastOrgOwner(err) {
ctx.Flash.Error(ctx.Tr("form.last_org_owner"))
ctx.Redirect(ctx.Org.OrgLink + "/members")
return
}
}
if err != nil {
log.Error(4, "Action(%s): %v", ctx.Params(":action"), err)
ctx.JSON(200, map[string]interface{}{
"ok": false,
"err": err.Error(),
})
return
}
if ctx.Params(":action") != "leave" {
ctx.Redirect(ctx.Org.OrgLink + "/members")
} else {
ctx.Redirect(setting.AppSubUrl + "/")
}
}
func TriggerTask(ctx *context.Context) {
branch := ctx.Query("branch")
secret := ctx.Query("secret")
if len(branch) == 0 || len(secret) == 0 {
ctx.Error(404)
log.Trace("TriggerTask: branch or secret is empty")
return
}
owner, repo := parseOwnerAndRepo(ctx)
if ctx.Written() {
return
}
if secret != base.EncodeMD5(owner.Salt) {
ctx.Error(404)
log.Trace("TriggerTask [%s/%s]: invalid secret", owner.Name, repo.Name)
return
}
log.Trace("TriggerTask [%d].(new request): %s", repo.ID, branch)
go models.HookQueue.Add(repo.ID)
go models.AddTestPullRequestTask(repo.ID, branch)
ctx.Status(202)
}
func UploadIssueAttachment(ctx *context.Context) {
if !setting.AttachmentEnabled {
ctx.Error(404, "attachment is not enabled")
return
}
file, header, err := ctx.Req.FormFile("file")
if err != nil {
ctx.Error(500, fmt.Sprintf("FormFile: %v", err))
return
}
defer file.Close()
buf := make([]byte, 1024)
n, _ := file.Read(buf)
if n > 0 {
buf = buf[:n]
}
fileType := http.DetectContentType(buf)
allowedTypes := strings.Split(setting.AttachmentAllowedTypes, ",")
allowed := false
for _, t := range allowedTypes {
t := strings.Trim(t, " ")
if t == "*/*" || t == fileType {
allowed = true
break
}
}
if !allowed {
ctx.Error(400, ErrFileTypeForbidden.Error())
return
}
attach, err := models.NewAttachment(header.Filename, buf, file)
if err != nil {
ctx.Error(500, fmt.Sprintf("NewAttachment: %v", err))
return
}
log.Trace("New attachment uploaded: %s", attach.UUID)
ctx.JSON(200, map[string]string{
"uuid": attach.UUID,
})
}
func UploadFileToServer(ctx *context.Context) {
file, header, err := ctx.Req.FormFile("file")
if err != nil {
ctx.Error(500, fmt.Sprintf("FormFile: %v", err))
return
}
defer file.Close()
buf := make([]byte, 1024)
n, _ := file.Read(buf)
if n > 0 {
buf = buf[:n]
}
fileType := http.DetectContentType(buf)
if len(setting.Repository.Upload.AllowedTypes) > 0 {
allowed := false
for _, t := range setting.Repository.Upload.AllowedTypes {
t := strings.Trim(t, " ")
if t == "*/*" || t == fileType {
allowed = true
break
}
}
if !allowed {
ctx.Error(400, ErrFileTypeForbidden.Error())
return
}
}
upload, err := models.NewUpload(header.Filename, buf, file)
if err != nil {
ctx.Error(500, fmt.Sprintf("NewUpload: %v", err))
return
}
log.Trace("New file uploaded: %s", upload.UUID)
ctx.JSON(200, map[string]string{
"uuid": upload.UUID,
})
}
func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterForm) {
ctx.Data["Title"] = ctx.Tr("sign_up")
ctx.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
if setting.Service.DisableRegistration {
ctx.Error(403)
return
}
if ctx.HasError() {
ctx.HTML(200, SIGNUP)
return
}
if setting.Service.EnableCaptcha && !cpt.VerifyReq(ctx.Req) {
ctx.Data["Err_Captcha"] = true
ctx.RenderWithErr(ctx.Tr("form.captcha_incorrect"), SIGNUP, &form)
return
}
if form.Password != form.Retype {
ctx.Data["Err_Password"] = true
ctx.RenderWithErr(ctx.Tr("form.password_not_match"), SIGNUP, &form)
return
}
u := &models.User{
Name: form.UserName,
Email: form.Email,
Passwd: form.Password,
IsActive: !setting.Service.RegisterEmailConfirm,
}
if err := models.CreateUser(u); err != nil {
switch {
case models.IsErrUserAlreadyExist(err):
ctx.Data["Err_UserName"] = true
ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), SIGNUP, &form)
case models.IsErrEmailAlreadyUsed(err):
ctx.Data["Err_Email"] = true
ctx.RenderWithErr(ctx.Tr("form.email_been_used"), SIGNUP, &form)
case models.IsErrNameReserved(err):
ctx.Data["Err_UserName"] = true
ctx.RenderWithErr(ctx.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), SIGNUP, &form)
case models.IsErrNamePatternNotAllowed(err):
ctx.Data["Err_UserName"] = true
ctx.RenderWithErr(ctx.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SIGNUP, &form)
default:
ctx.Handle(500, "CreateUser", err)
}
return
}
log.Trace("Account created: %s", u.Name)
// Auto-set admin for the only user.
if models.CountUsers() == 1 {
u.IsAdmin = true
u.IsActive = true
if err := models.UpdateUser(u); err != nil {
ctx.Handle(500, "UpdateUser", err)
return
}
}
// Send confirmation e-mail, no need for social account.
if setting.Service.RegisterEmailConfirm && u.Id > 1 {
mailer.SendActivateAccountMail(ctx.Context, u)
ctx.Data["IsSendRegisterMail"] = true
ctx.Data["Email"] = u.Email
ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
ctx.HTML(200, ACTIVATE)
if err := ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
}
return
}
ctx.Redirect(setting.AppSubUrl + "/user/login")
}
func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
ctx.Data["Title"] = ctx.Tr("repo.settings")
ctx.Data["PageIsSettingsOptions"] = true
repo := ctx.Repo.Repository
switch ctx.Query("action") {
case "update":
if ctx.HasError() {
ctx.HTML(200, SETTINGS_OPTIONS)
return
}
isNameChanged := false
oldRepoName := repo.Name
newRepoName := form.RepoName
// Check if repository name has been changed.
if repo.LowerName != strings.ToLower(newRepoName) {
isNameChanged = true
if err := models.ChangeRepositoryName(ctx.Repo.Owner, repo.Name, newRepoName); err != nil {
ctx.Data["Err_RepoName"] = true
switch {
case models.IsErrRepoAlreadyExist(err):
ctx.RenderWithErr(ctx.Tr("form.repo_name_been_taken"), SETTINGS_OPTIONS, &form)
case models.IsErrNameReserved(err):
ctx.RenderWithErr(ctx.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), SETTINGS_OPTIONS, &form)
case models.IsErrNamePatternNotAllowed(err):
ctx.RenderWithErr(ctx.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SETTINGS_OPTIONS, &form)
default:
ctx.Handle(500, "ChangeRepositoryName", err)
}
return
}
log.Trace("Repository name changed: %s/%s -> %s", ctx.Repo.Owner.Name, repo.Name, newRepoName)
}
// In case it's just a case change.
repo.Name = newRepoName
repo.LowerName = strings.ToLower(newRepoName)
if ctx.Repo.GitRepo.IsBranchExist(form.Branch) &&
repo.DefaultBranch != form.Branch {
repo.DefaultBranch = form.Branch
if err := ctx.Repo.GitRepo.SetDefaultBranch(form.Branch); err != nil {
if !git.IsErrUnsupportedVersion(err) {
ctx.Handle(500, "SetDefaultBranch", err)
return
}
}
}
repo.Description = form.Description
repo.Website = form.Website
// Visibility of forked repository is forced sync with base repository.
if repo.IsFork {
form.Private = repo.BaseRepo.IsPrivate
}
visibilityChanged := repo.IsPrivate != form.Private
repo.IsPrivate = form.Private
if err := models.UpdateRepository(repo, visibilityChanged); err != nil {
ctx.Handle(500, "UpdateRepository", err)
return
}
log.Trace("Repository basic settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
if isNameChanged {
if err := models.RenameRepoAction(ctx.User, oldRepoName, repo); err != nil {
log.Error(4, "RenameRepoAction: %v", err)
}
}
if repo.IsMirror {
if form.Interval > 0 {
ctx.Repo.Mirror.EnablePrune = form.EnablePrune
ctx.Repo.Mirror.Interval = form.Interval
ctx.Repo.Mirror.NextUpdate = time.Now().Add(time.Duration(form.Interval) * time.Hour)
if err := models.UpdateMirror(ctx.Repo.Mirror); err != nil {
ctx.Handle(500, "UpdateMirror", err)
return
}
}
if err := ctx.Repo.Mirror.SaveAddress(form.MirrorAddress); err != nil {
ctx.Handle(500, "SaveAddress", err)
return
}
}
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(repo.RepoLink() + "/settings")
case "advanced":
repo.EnableWiki = form.EnableWiki
repo.EnableExternalWiki = form.EnableExternalWiki
repo.ExternalWikiURL = form.ExternalWikiURL
repo.EnableIssues = form.EnableIssues
repo.EnableExternalTracker = form.EnableExternalTracker
repo.ExternalTrackerFormat = form.TrackerURLFormat
repo.ExternalTrackerStyle = form.TrackerIssueStyle
repo.EnablePulls = form.EnablePulls
if err := models.UpdateRepository(repo, false); err != nil {
ctx.Handle(500, "UpdateRepository", err)
return
}
log.Trace("Repository advanced settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
case "convert":
if !ctx.Repo.IsOwner() {
ctx.Error(404)
return
}
if repo.Name != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil)
return
}
if ctx.Repo.Owner.IsOrganization() {
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.Id) {
ctx.Error(404)
return
}
}
if !repo.IsMirror {
ctx.Error(404)
return
}
repo.IsMirror = false
if _, err := models.CleanUpMigrateInfo(repo, models.RepoPath(ctx.Repo.Owner.Name, repo.Name)); err != nil {
ctx.Handle(500, "CleanUpMigrateInfo", err)
return
} else if err = models.DeleteMirrorByRepoID(ctx.Repo.Repository.ID); err != nil {
ctx.Handle(500, "DeleteMirrorByRepoID", err)
return
}
log.Trace("Repository converted from mirror to regular: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.convert_succeed"))
ctx.Redirect(setting.AppSubUrl + "/" + ctx.Repo.Owner.Name + "/" + repo.Name)
case "transfer":
if !ctx.Repo.IsOwner() {
ctx.Error(404)
return
}
if repo.Name != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil)
return
}
if ctx.Repo.Owner.IsOrganization() {
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.Id) {
ctx.Error(404)
return
}
}
newOwner := ctx.Query("new_owner_name")
isExist, err := models.IsUserExist(0, newOwner)
if err != nil {
ctx.Handle(500, "IsUserExist", err)
return
} else if !isExist {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), SETTINGS_OPTIONS, nil)
return
}
if err = models.TransferOwnership(ctx.User, newOwner, repo); err != nil {
if models.IsErrRepoAlreadyExist(err) {
ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), SETTINGS_OPTIONS, nil)
} else {
ctx.Handle(500, "TransferOwnership", err)
}
return
}
log.Trace("Repository transfered: %s/%s -> %s", ctx.Repo.Owner.Name, repo.Name, newOwner)
ctx.Flash.Success(ctx.Tr("repo.settings.transfer_succeed"))
ctx.Redirect(setting.AppSubUrl + "/" + newOwner + "/" + repo.Name)
case "delete":
if !ctx.Repo.IsOwner() {
ctx.Error(404)
return
}
if repo.Name != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil)
return
}
if ctx.Repo.Owner.IsOrganization() {
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.Id) {
ctx.Error(404)
return
}
}
if err := models.DeleteRepository(ctx.Repo.Owner.Id, repo.ID); err != nil {
ctx.Handle(500, "DeleteRepository", err)
return
}
log.Trace("Repository deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
ctx.Flash.Success(ctx.Tr("repo.settings.deletion_success"))
ctx.Redirect(ctx.Repo.Owner.DashboardLink())
case "delete-wiki":
if !ctx.Repo.IsOwner() {
ctx.Error(404)
return
}
if repo.Name != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil)
return
}
if ctx.Repo.Owner.IsOrganization() {
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.Id) {
ctx.Error(404)
return
}
}
repo.DeleteWiki()
log.Trace("Repository wiki deleted: %s/%s", ctx.Repo.Owner.Name, repo.Name)
repo.EnableWiki = false
if err := models.UpdateRepository(repo, false); err != nil {
ctx.Handle(500, "UpdateRepository", err)
return
}
ctx.Flash.Success(ctx.Tr("repo.settings.wiki_deletion_success"))
ctx.Redirect(ctx.Repo.RepoLink + "/settings")
}
}
func HTTP(ctx *context.Context) {
username := ctx.Params(":username")
reponame := strings.TrimSuffix(ctx.Params(":reponame"), ".git")
var isPull bool
service := ctx.Query("service")
if service == "git-receive-pack" ||
strings.HasSuffix(ctx.Req.URL.Path, "git-receive-pack") {
isPull = false
} else if service == "git-upload-pack" ||
strings.HasSuffix(ctx.Req.URL.Path, "git-upload-pack") {
isPull = true
} else {
isPull = (ctx.Req.Method == "GET")
}
isWiki := false
if strings.HasSuffix(reponame, ".wiki") {
isWiki = true
reponame = reponame[:len(reponame)-5]
}
repoUser, err := models.GetUserByName(username)
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.Handle(http.StatusNotFound, "GetUserByName", nil)
} else {
ctx.Handle(http.StatusInternalServerError, "GetUserByName", err)
}
return
}
repo, err := models.GetRepositoryByName(repoUser.Id, reponame)
if err != nil {
if models.IsErrRepoNotExist(err) {
ctx.Handle(http.StatusNotFound, "GetRepositoryByName", nil)
} else {
ctx.Handle(http.StatusInternalServerError, "GetRepositoryByName", err)
}
return
}
// Only public pull don't need auth.
isPublicPull := !repo.IsPrivate && isPull
var (
askAuth = !isPublicPull || setting.Service.RequireSignInView
authUser *models.User
authUsername string
authPasswd string
)
// check access
if askAuth {
authHead := ctx.Req.Header.Get("Authorization")
if len(authHead) == 0 {
ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
ctx.Error(http.StatusUnauthorized)
return
}
auths := strings.Fields(authHead)
// currently check basic auth
// TODO: support digit auth
// FIXME: middlewares/context.go did basic auth check already,
// maybe could use that one.
if len(auths) != 2 || auths[0] != "Basic" {
ctx.HandleText(http.StatusUnauthorized, "no basic auth and digit auth")
return
}
authUsername, authPasswd, err = base.BasicAuthDecode(auths[1])
if err != nil {
ctx.HandleText(http.StatusUnauthorized, "no basic auth and digit auth")
return
}
authUser, err = models.UserSignIn(authUsername, authPasswd)
if err != nil {
if !models.IsErrUserNotExist(err) {
ctx.Handle(http.StatusInternalServerError, "UserSignIn error: %v", err)
return
}
// Assume username now is a token.
token, err := models.GetAccessTokenBySHA(authUsername)
if err != nil {
if models.IsErrAccessTokenNotExist(err) {
ctx.HandleText(http.StatusUnauthorized, "invalid token")
} else {
ctx.Handle(http.StatusInternalServerError, "GetAccessTokenBySha", err)
}
return
}
token.Updated = time.Now()
if err = models.UpdateAccessToken(token); err != nil {
ctx.Handle(http.StatusInternalServerError, "UpdateAccessToken", err)
}
authUser, err = models.GetUserByID(token.UID)
if err != nil {
ctx.Handle(http.StatusInternalServerError, "GetUserByID", err)
return
}
}
if !isPublicPull {
var tp = models.ACCESS_MODE_WRITE
if isPull {
tp = models.ACCESS_MODE_READ
}
has, err := models.HasAccess(authUser, repo, tp)
if err != nil {
ctx.Handle(http.StatusInternalServerError, "HasAccess", err)
return
} else if !has {
if tp == models.ACCESS_MODE_READ {
has, err = models.HasAccess(authUser, repo, models.ACCESS_MODE_WRITE)
if err != nil {
ctx.Handle(http.StatusInternalServerError, "HasAccess2", err)
return
} else if !has {
ctx.HandleText(http.StatusForbidden, "User permission denied")
return
}
} else {
ctx.HandleText(http.StatusForbidden, "User permission denied")
return
}
}
if !isPull && repo.IsMirror {
ctx.HandleText(http.StatusForbidden, "mirror repository is read-only")
return
}
}
}
callback := func(rpc string, input []byte) {
if rpc != "receive-pack" || isWiki {
return
}
var lastLine int64 = 0
for {
head := input[lastLine : lastLine+2]
if head[0] == '0' && head[1] == '0' {
size, err := strconv.ParseInt(string(input[lastLine+2:lastLine+4]), 16, 32)
if err != nil {
log.Error(4, "%v", err)
return
}
if size == 0 {
//fmt.Println(string(input[lastLine:]))
break
}
line := input[lastLine : lastLine+size]
idx := bytes.IndexRune(line, '\000')
if idx > -1 {
line = line[:idx]
}
fields := strings.Fields(string(line))
if len(fields) >= 3 {
oldCommitId := fields[0][4:]
newCommitId := fields[1]
refName := fields[2]
// FIXME: handle error.
if err = models.PushUpdate(models.PushUpdateOptions{
RefName: refName,
OldCommitID: oldCommitId,
NewCommitID: newCommitId,
PusherID: authUser.Id,
PusherName: authUser.Name,
RepoUserName: username,
RepoName: reponame,
}); err == nil {
go models.HookQueue.Add(repo.ID)
go models.AddTestPullRequestTask(repo.ID, strings.TrimPrefix(refName, "refs/heads/"))
}
}
lastLine = lastLine + size
} else {
break
}
}
}
HTTPBackend(ctx, &serviceConfig{
UploadPack: true,
ReceivePack: true,
OnSucceed: callback,
})(ctx.Resp, ctx.Req.Request)
runtime.GC()
}
func authRequired(ctx *context.Context) {
ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
ctx.Data["ErrorMsg"] = "no basic auth and digit auth"
ctx.Error(401)
}
