// searchEntry : search an LDAP source if an entry (name, passwd) is valide and in the specific filter
func (ls Ldapsource) SearchEntry(name, passwd string) (string, bool) {
l, err := ldapDial(ls)
if err != nil {
log.Error(4, "LDAP Connect error, %s:%v", ls.Host, err)
ls.Enabled = false
return "", false
}
defer l.Close()
nx := fmt.Sprintf(ls.MsAdSAFormat, name)
err = l.Bind(nx, passwd)
if err != nil {
log.Debug("LDAP Authan failed for %s, reason: %s", nx, err.Error())
return "", false
}
search := ldap.NewSearchRequest(
ls.BaseDN,
ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false,
fmt.Sprintf(ls.Filter, name),
[]string{ls.Attributes},
nil)
sr, err := l.Search(search)
if err != nil {
log.Debug("LDAP Authen OK but not in filter %s", name)
return "", false
}
log.Debug("LDAP Authen OK: %s", name)
if len(sr.Entries) > 0 {
r := sr.Entries[0].GetAttributeValue(ls.Attributes)
return r, true
}
return "", true
}
func UpdateGravatarSource() {
gravatarSource = setting.GravatarSource
log.Debug("avatar.UpdateGravatarSource(gavatar source): %s", gravatarSource)
if !strings.HasPrefix(gravatarSource, "http:") {
gravatarSource = "http:" + gravatarSource
log.Debug("avatar.UpdateGravatarSource(update gavatar source): %s", gravatarSource)
}
}
func (ls Ldapsource) FindUserDN(name, passwd string) (string, bool) {
l, err := ldapDial(ls)
if err != nil {
log.Error(4, "LDAP Connect error, %s:%v", ls.Host, err)
ls.Enabled = false
return "", false
}
defer l.Close()
log.Trace("Search for LDAP user: %s", name)
if ls.BindDN != "" {
var bd, bp string
// With palceholder in BindDN and no password,
// It will bind as combination define in BindDN with login password
if ls.BindPassword == "" {
bd = strings.Replace(ls.BindDN, "<username>", name, -1)
bp = passwd
} else {
bd = ls.BindDN
bp = ls.BindPassword
}
err = l.Bind(bd, bp)
if err != nil {
log.Debug("Failed to bind as BindDN[%s]: %v", bd, err)
return "", false
}
log.Trace("Bound as BindDN %s", bd)
} else {
log.Trace("Proceeding with anonymous LDAP search.")
}
// A search for the user.
userFilter := fmt.Sprintf(ls.Filter, name)
log.Trace("Searching using filter %s", userFilter)
search := ldap.NewSearchRequest(
ls.UserBase, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0,
false, userFilter, []string{}, nil)
// Ensure we found a user
sr, err := l.Search(search)
if err != nil || len(sr.Entries) < 1 {
log.Debug("Failed search using filter[%s]: %v", userFilter, err)
return "", false
} else if len(sr.Entries) > 1 {
log.Debug("Filter '%s' returned more than one user.", userFilter)
return "", false
}
userDN := sr.Entries[0].DN
if userDN == "" {
log.Error(4, "LDAP search was succesful, but found no DN!")
return "", false
}
return userDN, true
}
// Contexter initializes a classic context for a request.
func Contexter() macaron.Handler {
return func(c *macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f *session.Flash, x csrf.CSRF) {
ctx := &Context{
Context: c,
Cache: cache,
csrf: x,
Flash: f,
Session: sess,
Repo: &Repository{
PullRequest: &PullRequest{},
},
Org: &Organization{},
}
// Compute current URL for real-time change language.
ctx.Data["Link"] = setting.AppSubUrl + strings.TrimSuffix(ctx.Req.URL.Path, "/")
ctx.Data["PageStartTime"] = time.Now()
// Get user from session if logined.
ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)
if ctx.User != nil {
ctx.IsSigned = true
ctx.Data["IsSigned"] = ctx.IsSigned
ctx.Data["SignedUser"] = ctx.User
ctx.Data["SignedUserID"] = ctx.User.ID
ctx.Data["SignedUserName"] = ctx.User.Name
ctx.Data["IsAdmin"] = ctx.User.IsAdmin
} else {
ctx.Data["SignedUserID"] = 0
ctx.Data["SignedUserName"] = ""
}
// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
ctx.Handle(500, "ParseMultipartForm", err)
return
}
}
ctx.Data["CsrfToken"] = x.GetToken()
ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + x.GetToken() + `">`)
log.Debug("Session ID: %s", sess.ID())
log.Debug("CSRF Token: %v", ctx.Data["CsrfToken"])
ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton
ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding
ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion
c.Map(ctx)
}
}
func (ls *Source) FindUserDN(name string) (string, bool) {
l, err := ldapDial(ls)
if err != nil {
log.Error(4, "LDAP Connect error, %s:%v", ls.Host, err)
ls.Enabled = false
return "", false
}
defer l.Close()
log.Trace("Search for LDAP user: %s", name)
if ls.BindDN != "" && ls.BindPassword != "" {
err = l.Bind(ls.BindDN, ls.BindPassword)
if err != nil {
log.Debug("Failed to bind as BindDN[%s]: %v", ls.BindDN, err)
return "", false
}
log.Trace("Bound as BindDN %s", ls.BindDN)
} else {
log.Trace("Proceeding with anonymous LDAP search.")
}
// A search for the user.
userFilter, ok := ls.sanitizedUserQuery(name)
if !ok {
return "", false
}
log.Trace("Searching using filter %s", userFilter)
search := ldap.NewSearchRequest(
ls.UserBase, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0,
false, userFilter, []string{}, nil)
// Ensure we found a user
sr, err := l.Search(search)
if err != nil || len(sr.Entries) < 1 {
log.Debug("Failed search using filter[%s]: %v", userFilter, err)
return "", false
} else if len(sr.Entries) > 1 {
log.Debug("Filter '%s' returned more than one user.", userFilter)
return "", false
}
userDN := sr.Entries[0].DN
if userDN == "" {
log.Error(4, "LDAP search was successful, but found no DN!")
return "", false
}
return userDN, true
}
func DetectEncoding(content []byte) (string, error) {
if utf8.Valid(content) {
log.Debug("Detected encoding: utf-8 (fast)")
return "UTF-8", nil
}
result, err := chardet.NewTextDetector().DetectBest(content)
if result.Charset != "UTF-8" && len(setting.Repository.AnsiCharset) > 0 {
log.Debug("Using default AnsiCharset: %s", setting.Repository.AnsiCharset)
return setting.Repository.AnsiCharset, err
}
log.Debug("Detected encoding: %s", result.Charset)
return result.Charset, err
}
func newLdapService() {
Service.LdapAuth = Cfg.MustBool("security", "LDAP_AUTH", false)
if !Service.LdapAuth {
return
}
nbsrc := 0
for _, v := range Cfg.GetSectionList() {
if matched, _ := regexp.MatchString("(?i)^LDAPSOURCE.*", v); matched {
ldapname := Cfg.MustValue(v, "name", v)
ldaphost := Cfg.MustValue(v, "host")
ldapport := Cfg.MustInt(v, "port", 389)
ldapbasedn := Cfg.MustValue(v, "basedn", "dc=*,dc=*")
ldapattribute := Cfg.MustValue(v, "attribute", "mail")
ldapfilter := Cfg.MustValue(v, "filter", "(*)")
ldapmsadsaformat := Cfg.MustValue(v, "MSADSAFORMAT", "%s")
ldap.AddSource(ldapname, ldaphost, ldapport, ldapbasedn, ldapattribute, ldapfilter, ldapmsadsaformat)
nbsrc++
log.Debug("%s added as LDAP source", ldapname)
}
}
if nbsrc == 0 {
log.Warn("No valide LDAP found, LDAP Authentication NOT enabled")
Service.LdapAuth = false
return
}
log.Info("LDAP Authentication Enabled")
}
// searchEntry : search an LDAP source if an entry (name, passwd) is valid and in the specific filter
func (ls Ldapsource) SearchEntry(name, passwd string) (string, string, string, bool, bool) {
userDN, found := ls.FindUserDN(name)
if !found {
return "", "", "", false, false
}
l, err := ldapDial(ls)
if err != nil {
log.Error(4, "LDAP Connect error, %s:%v", ls.Host, err)
ls.Enabled = false
return "", "", "", false, false
}
defer l.Close()
log.Trace("Binding with userDN: %s", userDN)
err = l.Bind(userDN, passwd)
if err != nil {
log.Debug("LDAP auth. failed for %s, reason: %v", userDN, err)
return "", "", "", false, false
}
log.Trace("Bound successfully with userDN: %s", userDN)
userFilter := fmt.Sprintf(ls.Filter, name)
search := ldap.NewSearchRequest(
userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, userFilter,
[]string{ls.AttributeName, ls.AttributeSurname, ls.AttributeMail},
nil)
sr, err := l.Search(search)
if err != nil {
log.Error(4, "LDAP Search failed unexpectedly! (%v)", err)
return "", "", "", false, false
} else if len(sr.Entries) < 1 {
log.Error(4, "LDAP Search failed unexpectedly! (0 entries)")
return "", "", "", false, false
}
name_attr := sr.Entries[0].GetAttributeValue(ls.AttributeName)
sn_attr := sr.Entries[0].GetAttributeValue(ls.AttributeSurname)
mail_attr := sr.Entries[0].GetAttributeValue(ls.AttributeMail)
search = ldap.NewSearchRequest(
userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter,
[]string{ls.AttributeName},
nil)
sr, err = l.Search(search)
admin_attr := false
if err != nil {
log.Error(4, "LDAP Admin Search failed unexpectedly! (%v)", err)
} else if len(sr.Entries) < 1 {
log.Error(4, "LDAP Admin Search failed")
} else {
admin_attr = true
}
return name_attr, sn_attr, mail_attr, admin_attr, true
}
func ldapDial(ls Ldapsource) (*ldap.Conn, error) {
if ls.UseSSL {
log.Debug("Using TLS for LDAP")
return ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port), nil)
} else {
return ldap.Dial("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port))
}
}
func bindUser(l *ldap.Conn, userDN, passwd string) error {
log.Trace("Binding with userDN: %s", userDN)
err := l.Bind(userDN, passwd)
if err != nil {
log.Debug("LDAP auth. failed for %s, reason: %v", userDN, err)
return err
}
log.Trace("Bound successfully with userDN: %s", userDN)
return err
}
func UpdateGravatarSource() {
gravatarSource = setting.GravatarSource
if strings.HasPrefix(gravatarSource, "//") {
gravatarSource = "http:" + gravatarSource
} else if !strings.HasPrefix(gravatarSource, "http://") &&
!strings.HasPrefix(gravatarSource, "https://") {
gravatarSource = "http://" + gravatarSource
}
log.Debug("avatar.UpdateGravatarSource(update gavatar source): %s", gravatarSource)
}
func ldapDial(ls *Source) (*ldap.Conn, error) {
if ls.UseSSL {
log.Debug("Using TLS for LDAP without verifying: %v", ls.SkipVerify)
return ldap.DialTLS("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port), &tls.Config{
InsecureSkipVerify: ls.SkipVerify,
})
} else {
return ldap.Dial("tcp", fmt.Sprintf("%s:%d", ls.Host, ls.Port))
}
}
func (ls *Source) sanitizedUserDN(username string) (string, bool) {
// See http://tools.ietf.org/search/rfc4514: "special characters"
badCharacters := "\x00()*\\,='\"#+;<> "
if strings.ContainsAny(username, badCharacters) {
log.Debug("'%s' contains invalid DN characters. Aborting.", username)
return "", false
}
return fmt.Sprintf(ls.UserDN, username), true
}
func (ls *Source) sanitizedUserQuery(username string) (string, bool) {
// See http://tools.ietf.org/search/rfc4515
badCharacters := "\x00()*\\"
if strings.ContainsAny(username, badCharacters) {
log.Debug("'%s' contains invalid query characters. Aborting.", username)
return "", false
}
return fmt.Sprintf(ls.Filter, username), true
}
func (this *thunderTask) fetch() error {
log.Debug("avatar.fetch(fetch new avatar): %s", this.Url)
req, _ := http.NewRequest("GET", this.Url, nil)
req.Header.Set("Accept", "text/html,application/xhtml+xml,application/xml;q=0.9,image/jpeg,image/png,*/*;q=0.8")
req.Header.Set("Accept-Encoding", "deflate,sdch")
req.Header.Set("Accept-Language", "zh-CN,zh;q=0.8")
req.Header.Set("Cache-Control", "no-cache")
req.Header.Set("User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.154 Safari/537.36")
resp, err := client.Do(req)
if err != nil {
return err
}
defer resp.Body.Close()
if resp.StatusCode != 200 {
return fmt.Errorf("status code: %d", resp.StatusCode)
}
/*
log.Println("headers:", resp.Header)
switch resp.Header.Get("Content-Type") {
case "image/jpeg":
this.SaveFile += ".jpeg"
case "image/png":
this.SaveFile += ".png"
}
*/
/*
imgType := resp.Header.Get("Content-Type")
if imgType != "image/jpeg" && imgType != "image/png" {
return errors.New("not png or jpeg")
}
*/
tmpFile := this.SaveFile + ".part" // mv to destination when finished
fd, err := os.Create(tmpFile)
if err != nil {
return err
}
_, err = io.Copy(fd, resp.Body)
fd.Close()
if err != nil {
os.Remove(tmpFile)
return err
}
return os.Rename(tmpFile, this.SaveFile)
}
// Note: get back time.Time from database Go sees it at UTC where they are really Local.
// So this function makes correct timezone offset.
func regulateTimeZone(t time.Time) time.Time {
if !setting.UseMySQL {
return t
}
zone := t.Local().Format("-0700")
if len(zone) != 5 {
log.Debug("Unprocessable time: %v", t.Local())
return t
}
hour := com.StrTo(zone[2:3]).MustInt()
minutes := com.StrTo(zone[3:5]).MustInt()
if zone[0] == '-' {
return t.Add(time.Duration(hour) * time.Hour).Add(time.Duration(minutes) * time.Minute)
}
return t.Add(-1 * time.Duration(hour) * time.Hour).Add(-1 * time.Duration(minutes) * time.Minute)
}
// Query if name/passwd can login against the LDAP direcotry pool
// Create a local user if success
// Return the same LoginUserPlain semantic
func LoginUserLdap(name, passwd string) (*User, error) {
mail, logged := ldap.LoginUser(name, passwd)
if !logged {
// user not in LDAP, do nothing
return nil, ErrUserNotExist
}
// fake a local user creation
user := User{
LowerName: strings.ToLower(name),
Name: strings.ToLower(name),
LoginType: 389,
IsActive: true,
Passwd: passwd,
Email: mail}
_, err := RegisterUser(&user)
if err != nil {
log.Debug("LDAP local user %s fond (%s) ", name, err)
}
// simulate local user login
localUser, err2 := GetUserByName(user.Name)
return localUser, err2
}
func (ctx *Context) Debug(msg string, args ...interface{}) {
log.Debug(msg, args...)
}
// CommitRepoAction adds new action for committing repository.
func CommitRepoAction(userId, repoUserId int64, userName, actEmail string,
repoId int64, repoUserName, repoName string, refFullName string, commit *base.PushCommits, oldCommitId string, newCommitId string) error {
opType := COMMIT_REPO
// Check it's tag push or branch.
if strings.HasPrefix(refFullName, "refs/tags/") {
opType = PUSH_TAG
commit = &base.PushCommits{}
}
repoLink := fmt.Sprintf("%s%s/%s", setting.AppUrl, repoUserName, repoName)
// if not the first commit, set the compareUrl
if !strings.HasPrefix(oldCommitId, "0000000") {
commit.CompareUrl = fmt.Sprintf("%s/compare/%s...%s", repoLink, oldCommitId, newCommitId)
}
bs, err := json.Marshal(commit)
if err != nil {
return errors.New("action.CommitRepoAction(json): " + err.Error())
}
refName := git.RefEndName(refFullName)
// Change repository bare status and update last updated time.
repo, err := GetRepositoryByName(repoUserId, repoName)
if err != nil {
return errors.New("action.CommitRepoAction(GetRepositoryByName): " + err.Error())
}
repo.IsBare = false
if err = UpdateRepository(repo); err != nil {
return errors.New("action.CommitRepoAction(UpdateRepository): " + err.Error())
}
err = updateIssuesCommit(userId, repoId, repoUserName, repoName, commit.Commits)
if err != nil {
log.Debug("action.CommitRepoAction(updateIssuesCommit): ", err)
}
if err = NotifyWatchers(&Action{ActUserId: userId, ActUserName: userName, ActEmail: actEmail,
OpType: opType, Content: string(bs), RepoId: repoId, RepoUserName: repoUserName,
RepoName: repoName, RefName: refName,
IsPrivate: repo.IsPrivate}); err != nil {
return errors.New("action.CommitRepoAction(NotifyWatchers): " + err.Error())
}
// New push event hook.
if err := repo.GetOwner(); err != nil {
return errors.New("action.CommitRepoAction(GetOwner): " + err.Error())
}
ws, err := GetActiveWebhooksByRepoId(repoId)
if err != nil {
return errors.New("action.CommitRepoAction(GetActiveWebhooksByRepoId): " + err.Error())
}
// check if repo belongs to org and append additional webhooks
if repo.Owner.IsOrganization() {
// get hooks for org
orgws, err := GetActiveWebhooksByOrgId(repo.OwnerId)
if err != nil {
return errors.New("action.CommitRepoAction(GetActiveWebhooksByOrgId): " + err.Error())
}
ws = append(ws, orgws...)
}
if len(ws) == 0 {
return nil
}
pusher_email, pusher_name := "", ""
pusher, err := GetUserByName(userName)
if err == nil {
pusher_email = pusher.Email
pusher_name = pusher.GetFullNameFallback()
}
commits := make([]*PayloadCommit, len(commit.Commits))
for i, cmt := range commit.Commits {
author_username := ""
author, err := GetUserByEmail(cmt.AuthorEmail)
if err == nil {
author_username = author.Name
}
commits[i] = &PayloadCommit{
Id: cmt.Sha1,
Message: cmt.Message,
Url: fmt.Sprintf("%s/commit/%s", repoLink, cmt.Sha1),
Author: &PayloadAuthor{
Name: cmt.AuthorName,
Email: cmt.AuthorEmail,
UserName: author_username,
},
}
}
p := &Payload{
Ref: refFullName,
Commits: commits,
Repo: &PayloadRepo{
Id: repo.Id,
Name: repo.LowerName,
Url: repoLink,
Description: repo.Description,
Website: repo.Website,
Watchers: repo.NumWatches,
Owner: &PayloadAuthor{
Name: repo.Owner.GetFullNameFallback(),
Email: repo.Owner.Email,
UserName: repo.Owner.Name,
},
Private: repo.IsPrivate,
},
Pusher: &PayloadAuthor{
Name: pusher_name,
Email: pusher_email,
UserName: userName,
},
Before: oldCommitId,
After: newCommitId,
CompareUrl: commit.CompareUrl,
}
for _, w := range ws {
w.GetEvent()
if !w.HasPushEvent() {
continue
}
switch w.HookTaskType {
case SLACK:
{
s, err := GetSlackPayload(p, w.Meta)
if err != nil {
return errors.New("action.GetSlackPayload: " + err.Error())
}
CreateHookTask(&HookTask{
Type: w.HookTaskType,
Url: w.Url,
BasePayload: s,
ContentType: w.ContentType,
IsSsl: w.IsSsl,
})
}
default:
{
p.Secret = w.Secret
CreateHookTask(&HookTask{
Type: w.HookTaskType,
Url: w.Url,
BasePayload: p,
ContentType: w.ContentType,
IsSsl: w.IsSsl,
})
}
}
}
go DeliverHooks()
return nil
}
func NewConfigContext() {
//var err error
workDir, err := ExecDir()
if err != nil {
qlog.Fatalf("Fail to get work directory: %s\n", err)
}
cfgPath := filepath.Join(workDir, "conf/app.ini")
Cfg, err = goconfig.LoadConfigFile(cfgPath)
if err != nil {
qlog.Fatalf("Cannot load config file(%s): %v\n", cfgPath, err)
}
Cfg.BlockMode = false
cfgPath = filepath.Join(workDir, "custom/conf/app.ini")
if com.IsFile(cfgPath) {
if err = Cfg.AppendFiles(cfgPath); err != nil {
qlog.Fatalf("Cannot load config file(%s): %v\n", cfgPath, err)
}
}
AppName = Cfg.MustValue("", "APP_NAME", "Gogs: Go Git Service")
AppLogo = Cfg.MustValue("", "APP_LOGO", "img/favicon.png")
AppUrl = Cfg.MustValue("server", "ROOT_URL")
Domain = Cfg.MustValue("server", "DOMAIN")
SecretKey = Cfg.MustValue("security", "SECRET_KEY")
InstallLock = Cfg.MustBool("security", "INSTALL_LOCK", false)
RunUser = Cfg.MustValue("", "RUN_USER")
curUser := os.Getenv("USER")
if len(curUser) == 0 {
curUser = os.Getenv("USERNAME")
}
// Does not check run user when the install lock is off.
if InstallLock && RunUser != curUser {
qlog.Fatalf("Expect user(%s) but current user is: %s\n", RunUser, curUser)
}
LogInRememberDays = Cfg.MustInt("security", "LOGIN_REMEMBER_DAYS")
CookieUserName = Cfg.MustValue("security", "COOKIE_USERNAME")
CookieRememberName = Cfg.MustValue("security", "COOKIE_REMEMBER_NAME")
// load LDAP authentication configuration if present
LdapAuth = Cfg.MustBool("security", "LDAP_AUTH", false)
if LdapAuth {
log.Debug("LDAP AUTHENTICATION activated")
nbsrc := 0
for _, v := range Cfg.GetSectionList() {
if matched, _ := regexp.MatchString("(?i)^LDAPSOURCE.*", v); matched {
ldapname := Cfg.MustValue(v, "name", v)
ldaphost := Cfg.MustValue(v, "host")
ldapport := Cfg.MustInt(v, "port", 389)
ldapbasedn := Cfg.MustValue(v, "basedn", "dc=*,dc=*")
ldapattribute := Cfg.MustValue(v, "attribute", "mail")
ldapfilter := Cfg.MustValue(v, "filter", "(*)")
ldapmsadsaformat := Cfg.MustValue(v, "MSADSAFORMAT", "%s")
ldap.AddSource(ldapname, ldaphost, ldapport, ldapbasedn, ldapattribute, ldapfilter, ldapmsadsaformat)
nbsrc += 1
log.Debug("%s added as LDAP source", ldapname)
}
}
if nbsrc == 0 {
log.Debug("No valide LDAP found, LDAP AUTHENTICATION NOT activated")
LdapAuth = false
}
} else {
log.Debug("LDAP AUTHENTICATION NOT activated")
}
PictureService = Cfg.MustValue("picture", "SERVICE")
// Determine and create root git reposiroty path.
homeDir, err := com.HomeDir()
if err != nil {
qlog.Fatalf("Fail to get home directory): %v\n", err)
}
RepoRootPath = Cfg.MustValue("repository", "ROOT", filepath.Join(homeDir, "gogs-repositories"))
if err = os.MkdirAll(RepoRootPath, os.ModePerm); err != nil {
qlog.Fatalf("Fail to create RepoRootPath(%s): %v\n", RepoRootPath, err)
}
ScriptType = Cfg.MustValue("repository", "SCRIPT_TYPE", "bash")
}
func RepoAssignment(args ...bool) macaron.Handler {
return func(ctx *Context) {
var (
displayBare bool // To display bare page if it is a bare repo.
)
if len(args) >= 1 {
displayBare = args[0]
}
var (
owner *models.User
err error
)
userName := ctx.Params(":username")
repoName := ctx.Params(":reponame")
refName := ctx.Params(":branchname")
if len(refName) == 0 {
refName = ctx.Params(":path")
}
// Check if the user is the same as the repository owner
if ctx.IsSigned && ctx.User.LowerName == strings.ToLower(userName) {
owner = ctx.User
} else {
owner, err = models.GetUserByName(userName)
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.Handle(404, "GetUserByName", err)
} else {
ctx.Handle(500, "GetUserByName", err)
}
return
}
}
ctx.Repo.Owner = owner
// Get repository.
repo, err := models.GetRepositoryByName(owner.Id, repoName)
if err != nil {
if models.IsErrRepoNotExist(err) {
ctx.Handle(404, "GetRepositoryByName", err)
} else {
ctx.Handle(500, "GetRepositoryByName", err)
}
return
} else if err = repo.GetOwner(); err != nil {
ctx.Handle(500, "GetOwner", err)
return
}
// Admin has super access.
if ctx.IsSigned && ctx.User.IsAdmin {
ctx.Repo.AccessMode = models.ACCESS_MODE_OWNER
} else {
mode, err := models.AccessLevel(ctx.User, repo)
if err != nil {
ctx.Handle(500, "AccessLevel", err)
return
}
ctx.Repo.AccessMode = mode
}
// Check access.
if ctx.Repo.AccessMode == models.ACCESS_MODE_NONE {
ctx.Handle(404, "no access right", err)
return
}
ctx.Data["HasAccess"] = true
if repo.IsMirror {
ctx.Repo.Mirror, err = models.GetMirror(repo.ID)
if err != nil {
ctx.Handle(500, "GetMirror", err)
return
}
ctx.Data["MirrorEnablePrune"] = ctx.Repo.Mirror.EnablePrune
ctx.Data["MirrorInterval"] = ctx.Repo.Mirror.Interval
ctx.Data["Mirror"] = ctx.Repo.Mirror
}
ctx.Repo.Repository = repo
ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
gitRepo, err := git.OpenRepository(models.RepoPath(userName, repoName))
if err != nil {
ctx.Handle(500, "RepoAssignment Invalid repo "+models.RepoPath(userName, repoName), err)
return
}
ctx.Repo.GitRepo = gitRepo
ctx.Repo.RepoLink = repo.Link()
ctx.Data["RepoLink"] = ctx.Repo.RepoLink
ctx.Data["RepoRelPath"] = ctx.Repo.Owner.Name + "/" + ctx.Repo.Repository.Name
tags, err := ctx.Repo.GitRepo.GetTags()
if err != nil {
ctx.Handle(500, "GetTags", err)
return
}
ctx.Data["Tags"] = tags
ctx.Repo.Repository.NumTags = len(tags)
ctx.Data["Title"] = owner.Name + "/" + repo.Name
ctx.Data["Repository"] = repo
ctx.Data["Owner"] = ctx.Repo.Repository.Owner
ctx.Data["IsRepositoryOwner"] = ctx.Repo.IsOwner()
ctx.Data["IsRepositoryAdmin"] = ctx.Repo.IsAdmin()
ctx.Data["IsRepositoryWriter"] = ctx.Repo.IsWriter()
ctx.Data["DisableSSH"] = setting.SSH.Disabled
ctx.Data["CloneLink"] = repo.CloneLink()
ctx.Data["WikiCloneLink"] = repo.WikiCloneLink()
if ctx.IsSigned {
ctx.Data["IsWatchingRepo"] = models.IsWatching(ctx.User.Id, repo.ID)
ctx.Data["IsStaringRepo"] = models.IsStaring(ctx.User.Id, repo.ID)
}
// repo is bare and display enable
if ctx.Repo.Repository.IsBare {
log.Debug("Bare repository: %s", ctx.Repo.RepoLink)
// NOTE: to prevent templating error
ctx.Data["BranchName"] = ""
if displayBare {
if !ctx.Repo.IsAdmin() {
ctx.Flash.Info(ctx.Tr("repo.repo_is_empty"), true)
}
ctx.HTML(200, "repo/bare")
}
return
}
ctx.Data["TagName"] = ctx.Repo.TagName
brs, err := ctx.Repo.GitRepo.GetBranches()
if err != nil {
ctx.Handle(500, "GetBranches", err)
return
}
ctx.Data["Branches"] = brs
ctx.Data["BrancheCount"] = len(brs)
// If not branch selected, try default one.
// If default branch doesn't exists, fall back to some other branch.
if len(ctx.Repo.BranchName) == 0 {
if len(ctx.Repo.Repository.DefaultBranch) > 0 && gitRepo.IsBranchExist(ctx.Repo.Repository.DefaultBranch) {
ctx.Repo.BranchName = ctx.Repo.Repository.DefaultBranch
} else if len(brs) > 0 {
ctx.Repo.BranchName = brs[0]
}
}
ctx.Data["BranchName"] = ctx.Repo.BranchName
ctx.Data["CommitID"] = ctx.Repo.CommitID
if repo.IsFork {
RetrieveBaseRepo(ctx, repo)
if ctx.Written() {
return
}
}
// People who have push access and propose a new pull request.
if ctx.Repo.IsWriter() {
// Pull request is allowed if this is a fork repository
// and base repository accepts pull requests.
if repo.BaseRepo != nil {
if repo.BaseRepo.AllowsPulls() {
ctx.Data["BaseRepo"] = repo.BaseRepo
ctx.Repo.PullRequest.BaseRepo = repo.BaseRepo
ctx.Repo.PullRequest.Allowed = true
ctx.Repo.PullRequest.HeadInfo = ctx.Repo.Owner.Name + ":" + ctx.Repo.BranchName
}
} else {
// Or, this is repository accepts pull requests between branches.
if repo.AllowsPulls() {
ctx.Data["BaseRepo"] = repo
ctx.Repo.PullRequest.BaseRepo = repo
ctx.Repo.PullRequest.Allowed = true
ctx.Repo.PullRequest.SameRepo = true
ctx.Repo.PullRequest.HeadInfo = ctx.Repo.BranchName
}
}
}
ctx.Data["PullRequestCtx"] = ctx.Repo.PullRequest
if ctx.Query("go-get") == "1" {
ctx.Data["GoGetImport"] = path.Join(setting.Domain, setting.AppSubUrl, owner.Name, repo.Name)
prefix := setting.AppUrl + path.Join(owner.Name, repo.Name, "src", ctx.Repo.BranchName)
ctx.Data["GoDocDirectory"] = prefix + "{/dir}"
ctx.Data["GoDocFile"] = prefix + "{/dir}/{file}#L{line}"
}
}
}
// CommitRepoAction adds new action for committing repository.
func CommitRepoAction(
userID, repoUserID int64,
userName, actEmail string,
repoID int64,
repoUserName, repoName string,
refFullName string,
commit *base.PushCommits,
oldCommitID string, newCommitID string) error {
u, err := GetUserByID(userID)
if err != nil {
return fmt.Errorf("GetUserByID: %v", err)
}
repo, err := GetRepositoryByName(repoUserID, repoName)
if err != nil {
return fmt.Errorf("GetRepositoryByName: %v", err)
} else if err = repo.GetOwner(); err != nil {
return fmt.Errorf("GetOwner: %v", err)
}
isNewBranch := false
opType := COMMIT_REPO
// Check it's tag push or branch.
if strings.HasPrefix(refFullName, "refs/tags/") {
opType = PUSH_TAG
commit = &base.PushCommits{}
} else {
// if not the first commit, set the compareUrl
if !strings.HasPrefix(oldCommitID, "0000000") {
commit.CompareUrl = fmt.Sprintf("%s/%s/compare/%s...%s", repoUserName, repoName, oldCommitID, newCommitID)
} else {
isNewBranch = true
}
// Change repository bare status and update last updated time.
repo.IsBare = false
if err = UpdateRepository(repo, false); err != nil {
return fmt.Errorf("UpdateRepository: %v", err)
}
if err = updateIssuesCommit(u, repo, repoUserName, repoName, commit.Commits); err != nil {
log.Debug("updateIssuesCommit: %v", err)
}
}
bs, err := json.Marshal(commit)
if err != nil {
return fmt.Errorf("Marshal: %v", err)
}
refName := git.RefEndName(refFullName)
if err = NotifyWatchers(&Action{
ActUserID: u.Id,
ActUserName: userName,
ActEmail: actEmail,
OpType: opType,
Content: string(bs),
RepoID: repo.ID,
RepoUserName: repoUserName,
RepoName: repoName,
RefName: refName,
IsPrivate: repo.IsPrivate,
}); err != nil {
return fmt.Errorf("NotifyWatchers: %v", err)
}
repoLink := fmt.Sprintf("%s%s/%s", setting.AppUrl, repoUserName, repoName)
payloadRepo := &api.PayloadRepo{
ID: repo.ID,
Name: repo.LowerName,
URL: repoLink,
Description: repo.Description,
Website: repo.Website,
Watchers: repo.NumWatches,
Owner: &api.PayloadAuthor{
Name: repo.Owner.DisplayName(),
Email: repo.Owner.Email,
UserName: repo.Owner.Name,
},
Private: repo.IsPrivate,
}
pusher_email, pusher_name := "", ""
pusher, err := GetUserByName(userName)
if err == nil {
pusher_email = pusher.Email
pusher_name = pusher.DisplayName()
}
payloadSender := &api.PayloadUser{
UserName: pusher.Name,
ID: pusher.Id,
AvatarUrl: setting.AppUrl + pusher.RelAvatarLink(),
}
switch opType {
case COMMIT_REPO: // Push
commits := make([]*api.PayloadCommit, len(commit.Commits))
for i, cmt := range commit.Commits {
author_username := ""
author, err := GetUserByEmail(cmt.AuthorEmail)
if err == nil {
author_username = author.Name
}
commits[i] = &api.PayloadCommit{
ID: cmt.Sha1,
Message: cmt.Message,
URL: fmt.Sprintf("%s/commit/%s", repoLink, cmt.Sha1),
Author: &api.PayloadAuthor{
Name: cmt.AuthorName,
Email: cmt.AuthorEmail,
UserName: author_username,
},
}
}
p := &api.PushPayload{
Ref: refFullName,
Before: oldCommitID,
After: newCommitID,
CompareUrl: setting.AppUrl + commit.CompareUrl,
Commits: commits,
Repo: payloadRepo,
Pusher: &api.PayloadAuthor{
Name: pusher_name,
Email: pusher_email,
UserName: userName,
},
Sender: payloadSender,
}
if err = PrepareWebhooks(repo, HOOK_EVENT_PUSH, p); err != nil {
return fmt.Errorf("PrepareWebhooks: %v", err)
}
if isNewBranch {
return PrepareWebhooks(repo, HOOK_EVENT_CREATE, &api.CreatePayload{
Ref: refName,
RefType: "branch",
Repo: payloadRepo,
Sender: payloadSender,
})
}
case PUSH_TAG: // Create
return PrepareWebhooks(repo, HOOK_EVENT_CREATE, &api.CreatePayload{
Ref: refName,
RefType: "tag",
Repo: payloadRepo,
Sender: payloadSender,
})
}
return nil
}
func RepoAssignment(redirect bool, args ...bool) macaron.Handler {
return func(ctx *Context) {
var (
displayBare bool // To display bare page if it is a bare repo.
)
if len(args) >= 1 {
displayBare = args[0]
}
var (
u *models.User
err error
)
userName := ctx.Params(":username")
repoName := ctx.Params(":reponame")
refName := ctx.Params(":branchname")
if len(refName) == 0 {
refName = ctx.Params(":path")
}
// Check if the user is the same as the repository owner
if ctx.IsSigned && ctx.User.LowerName == strings.ToLower(userName) {
u = ctx.User
} else {
u, err = models.GetUserByName(userName)
if err != nil {
if models.IsErrUserNotExist(err) {
ctx.Handle(404, "GetUserByName", err)
} else {
ctx.Handle(500, "GetUserByName", err)
}
return
}
}
ctx.Repo.Owner = u
// Get repository.
repo, err := models.GetRepositoryByName(u.Id, repoName)
if err != nil {
if models.IsErrRepoNotExist(err) {
ctx.Handle(404, "GetRepositoryByName", err)
} else {
ctx.Handle(500, "GetRepositoryByName", err)
}
return
} else if err = repo.GetOwner(); err != nil {
ctx.Handle(500, "GetOwner", err)
return
}
mode, err := models.AccessLevel(ctx.User, repo)
if err != nil {
ctx.Handle(500, "AccessLevel", err)
return
}
ctx.Repo.AccessMode = mode
// Check access.
if ctx.Repo.AccessMode == models.ACCESS_MODE_NONE {
ctx.Handle(404, "no access right", err)
return
}
ctx.Data["HasAccess"] = true
if repo.IsMirror {
ctx.Repo.Mirror, err = models.GetMirror(repo.ID)
if err != nil {
ctx.Handle(500, "GetMirror", err)
return
}
ctx.Data["MirrorInterval"] = ctx.Repo.Mirror.Interval
}
ctx.Repo.Repository = repo
ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
gitRepo, err := git.OpenRepository(models.RepoPath(userName, repoName))
if err != nil {
ctx.Handle(500, "RepoAssignment Invalid repo "+models.RepoPath(userName, repoName), err)
return
}
ctx.Repo.GitRepo = gitRepo
ctx.Repo.RepoLink, err = repo.RepoLink()
if err != nil {
ctx.Handle(500, "RepoLink", err)
return
}
ctx.Data["RepoLink"] = ctx.Repo.RepoLink
ctx.Data["RepoRelPath"] = ctx.Repo.Owner.Name + "/" + ctx.Repo.Repository.Name
tags, err := ctx.Repo.GitRepo.GetTags()
if err != nil {
ctx.Handle(500, "GetTags", err)
return
}
ctx.Data["Tags"] = tags
ctx.Repo.Repository.NumTags = len(tags)
if repo.IsFork {
RetrieveBaseRepo(ctx, repo)
if ctx.Written() {
return
}
}
ctx.Data["Title"] = u.Name + "/" + repo.Name
ctx.Data["Repository"] = repo
ctx.Data["Owner"] = ctx.Repo.Repository.Owner
ctx.Data["IsRepositoryOwner"] = ctx.Repo.IsOwner()
ctx.Data["IsRepositoryAdmin"] = ctx.Repo.IsAdmin()
ctx.Data["DisableSSH"] = setting.DisableSSH
ctx.Repo.CloneLink, err = repo.CloneLink()
if err != nil {
ctx.Handle(500, "CloneLink", err)
return
}
ctx.Data["CloneLink"] = ctx.Repo.CloneLink
if ctx.Query("go-get") == "1" {
ctx.Data["GoGetImport"] = fmt.Sprintf("%s/%s/%s", setting.Domain, u.Name, repo.Name)
}
if ctx.IsSigned {
ctx.Data["IsWatchingRepo"] = models.IsWatching(ctx.User.Id, repo.ID)
ctx.Data["IsStaringRepo"] = models.IsStaring(ctx.User.Id, repo.ID)
}
// repo is bare and display enable
if ctx.Repo.Repository.IsBare {
log.Debug("Bare repository: %s", ctx.Repo.RepoLink)
// NOTE: to prevent templating error
ctx.Data["BranchName"] = ""
if displayBare {
if !ctx.Repo.IsAdmin() {
ctx.Flash.Info(ctx.Tr("repo.repo_is_empty"), true)
}
ctx.HTML(200, "repo/bare")
}
return
}
ctx.Data["TagName"] = ctx.Repo.TagName
brs, err := ctx.Repo.GitRepo.GetBranches()
if err != nil {
ctx.Handle(500, "GetBranches", err)
return
}
ctx.Data["Branches"] = brs
ctx.Data["BrancheCount"] = len(brs)
// If not branch selected, try default one.
// If default branch doesn't exists, fall back to some other branch.
if len(ctx.Repo.BranchName) == 0 {
if len(ctx.Repo.Repository.DefaultBranch) > 0 && gitRepo.IsBranchExist(ctx.Repo.Repository.DefaultBranch) {
ctx.Repo.BranchName = ctx.Repo.Repository.DefaultBranch
} else if len(brs) > 0 {
ctx.Repo.BranchName = brs[0]
}
}
ctx.Data["BranchName"] = ctx.Repo.BranchName
ctx.Data["CommitID"] = ctx.Repo.CommitID
userAgent := ctx.Req.Header.Get("User-Agent")
ua := user_agent.New(userAgent)
browserName, browserVer := ua.Browser()
ctx.Data["BrowserSupportsCopy"] = (browserName == "Chrome" && version.Compare(browserVer, CHROME_COPY_SUPPORT, ">=")) ||
(browserName == "Firefox" && version.Compare(browserVer, FIREFOX_COPY_SUPPORT, ">="))
}
}
func RepoAssignment(redirect bool, args ...bool) martini.Handler {
return func(ctx *Context, params martini.Params) {
log.Trace(fmt.Sprint(args))
// valid brachname
var validBranch bool
// display bare quick start if it is a bare repo
var displayBare bool
if len(args) >= 1 {
// Note: argument has wrong value in Go1.3 martini.
// validBranch = args[0]
validBranch = true
}
if len(args) >= 2 {
// displayBare = args[1]
displayBare = true
}
var (
user *models.User
err error
isTrueOwner bool
)
userName := params["username"]
repoName := params["reponame"]
refName := params["branchname"]
// Collaborators who have write access can be seen as owners.
if ctx.IsSigned {
ctx.Repo.IsOwner, err = models.HasAccess(ctx.User.Name, userName+"/"+repoName, models.AU_WRITABLE)
if err != nil {
ctx.Handle(500, "RepoAssignment(HasAccess)", err)
return
}
isTrueOwner = ctx.User.LowerName == strings.ToLower(userName)
}
if !isTrueOwner {
user, err = models.GetUserByName(userName)
if err != nil {
if err == models.ErrUserNotExist {
ctx.Handle(404, "RepoAssignment(GetUserByName)", err)
return
} else if redirect {
ctx.Redirect("/")
return
}
ctx.Handle(500, "RepoAssignment(GetUserByName)", err)
return
}
} else {
user = ctx.User
}
if user == nil {
if redirect {
ctx.Redirect("/")
return
}
ctx.Handle(403, "RepoAssignment", errors.New("invliad user account for single repository"))
return
}
ctx.Repo.Owner = user
// get repository
repo, err := models.GetRepositoryByName(user.Id, repoName)
if err != nil {
if err == models.ErrRepoNotExist {
ctx.Handle(404, "RepoAssignment", err)
return
} else if redirect {
ctx.Redirect("/")
return
}
ctx.Handle(500, "RepoAssignment", err)
return
}
// Check access.
if repo.IsPrivate && !ctx.Repo.IsOwner {
if ctx.User == nil {
ctx.Handle(404, "RepoAssignment(HasAccess)", nil)
return
}
hasAccess, err := models.HasAccess(ctx.User.Name, ctx.Repo.Owner.Name+"/"+repo.Name, models.AU_READABLE)
if err != nil {
ctx.Handle(500, "RepoAssignment(HasAccess)", err)
return
} else if !hasAccess {
ctx.Handle(404, "RepoAssignment(HasAccess)", nil)
return
}
}
ctx.Repo.HasAccess = true
ctx.Data["HasAccess"] = true
if repo.IsMirror {
ctx.Repo.Mirror, err = models.GetMirror(repo.Id)
if err != nil {
ctx.Handle(500, "RepoAssignment(GetMirror)", err)
return
}
ctx.Data["MirrorInterval"] = ctx.Repo.Mirror.Interval
}
repo.NumOpenIssues = repo.NumIssues - repo.NumClosedIssues
ctx.Repo.Repository = repo
ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
gitRepo, err := git.OpenRepository(models.RepoPath(userName, repoName))
if err != nil {
ctx.Handle(500, "RepoAssignment Invalid repo "+models.RepoPath(userName, repoName), err)
return
}
ctx.Repo.GitRepo = gitRepo
ctx.Repo.RepoLink = "/" + user.Name + "/" + repo.Name
tags, err := ctx.Repo.GitRepo.GetTags()
if err != nil {
ctx.Handle(500, "RepoAssignment(GetTags))", err)
return
}
ctx.Repo.Repository.NumTags = len(tags)
ctx.Data["Title"] = user.Name + "/" + repo.Name
ctx.Data["Repository"] = repo
ctx.Data["Owner"] = user
ctx.Data["RepoLink"] = ctx.Repo.RepoLink
ctx.Data["IsRepositoryOwner"] = ctx.Repo.IsOwner
ctx.Data["BranchName"] = ""
if base.SshPort != 22 {
ctx.Repo.CloneLink.SSH = fmt.Sprintf("ssh://%s@%s/%s/%s.git", base.RunUser, base.Domain, user.LowerName, repo.LowerName)
} else {
ctx.Repo.CloneLink.SSH = fmt.Sprintf("%s@%s:%s/%s.git", base.RunUser, base.Domain, user.LowerName, repo.LowerName)
}
ctx.Repo.CloneLink.HTTPS = fmt.Sprintf("%s%s/%s.git", base.AppUrl, user.LowerName, repo.LowerName)
ctx.Data["CloneLink"] = ctx.Repo.CloneLink
if ctx.Repo.Repository.IsGoget {
ctx.Data["GoGetLink"] = fmt.Sprintf("%s%s/%s", base.AppUrl, user.LowerName, repo.LowerName)
ctx.Data["GoGetImport"] = fmt.Sprintf("%s/%s/%s", base.Domain, user.LowerName, repo.LowerName)
}
// when repo is bare, not valid branch
if !ctx.Repo.Repository.IsBare && validBranch {
detect:
if len(refName) > 0 {
if gitRepo.IsBranchExist(refName) {
ctx.Repo.IsBranch = true
ctx.Repo.BranchName = refName
ctx.Repo.Commit, err = gitRepo.GetCommitOfBranch(refName)
if err != nil {
ctx.Handle(404, "RepoAssignment invalid branch", nil)
return
}
ctx.Repo.CommitId = ctx.Repo.Commit.Id.String()
} else if gitRepo.IsTagExist(refName) {
ctx.Repo.IsBranch = true
ctx.Repo.BranchName = refName
ctx.Repo.Commit, err = gitRepo.GetCommitOfTag(refName)
if err != nil {
ctx.Handle(404, "RepoAssignment invalid tag", nil)
return
}
ctx.Repo.CommitId = ctx.Repo.Commit.Id.String()
} else if len(refName) == 40 {
ctx.Repo.IsCommit = true
ctx.Repo.CommitId = refName
ctx.Repo.BranchName = refName
ctx.Repo.Commit, err = gitRepo.GetCommit(refName)
if err != nil {
ctx.Handle(404, "RepoAssignment invalid commit", nil)
return
}
} else {
ctx.Handle(404, "RepoAssignment invalid repo", nil)
return
}
} else {
if len(refName) == 0 {
if gitRepo.IsBranchExist(ctx.Repo.Repository.DefaultBranch) {
refName = ctx.Repo.Repository.DefaultBranch
} else {
brs, err := gitRepo.GetBranches()
if err != nil {
ctx.Handle(500, "RepoAssignment(GetBranches))", err)
return
}
refName = brs[0]
}
}
goto detect
}
ctx.Data["IsBranch"] = ctx.Repo.IsBranch
ctx.Data["IsCommit"] = ctx.Repo.IsCommit
log.Debug("Repo.Commit: %v", ctx.Repo.Commit)
}
log.Debug("displayBare: %v; IsBare: %v", displayBare, ctx.Repo.Repository.IsBare)
// repo is bare and display enable
if displayBare && ctx.Repo.Repository.IsBare {
log.Debug("Bare repository: %s", ctx.Repo.RepoLink)
ctx.HTML(200, "repo/single_bare")
return
}
if ctx.IsSigned {
ctx.Repo.IsWatching = models.IsWatching(ctx.User.Id, repo.Id)
}
ctx.Data["BranchName"] = ctx.Repo.BranchName
brs, err := ctx.Repo.GitRepo.GetBranches()
if err != nil {
log.Error("RepoAssignment(GetBranches): %v", err)
}
ctx.Data["Branches"] = brs
ctx.Data["CommitId"] = ctx.Repo.CommitId
ctx.Data["IsRepositoryWatching"] = ctx.Repo.IsWatching
}
}
func RepoAssignment(redirect bool, args ...bool) macaron.Handler {
return func(ctx *Context) {
var (
validBranch bool // To valid brach name.
displayBare bool // To display bare page if it is a bare repo.
)
if len(args) >= 1 {
validBranch = args[0]
}
if len(args) >= 2 {
displayBare = args[1]
}
var (
u *models.User
err error
)
userName := ctx.Params(":username")
repoName := ctx.Params(":reponame")
refName := ctx.Params(":branchname")
if len(refName) == 0 {
refName = ctx.Params(":path")
}
// Collaborators who have write access can be seen as owners.
if ctx.IsSigned {
ctx.Repo.IsOwner, err = models.HasAccess(ctx.User.Name, userName+"/"+repoName, models.WRITABLE)
if err != nil {
ctx.Handle(500, "HasAccess", err)
return
}
ctx.Repo.IsTrueOwner = ctx.User.LowerName == strings.ToLower(userName)
}
if !ctx.Repo.IsTrueOwner {
u, err = models.GetUserByName(userName)
if err != nil {
if err == models.ErrUserNotExist {
ctx.Handle(404, "GetUserByName", err)
} else if redirect {
log.Error(4, "GetUserByName", err)
ctx.Redirect("/")
} else {
ctx.Handle(500, "GetUserByName", err)
}
return
}
} else {
u = ctx.User
}
if u == nil {
if redirect {
ctx.Redirect("/")
return
}
ctx.Handle(404, "RepoAssignment", errors.New("invliad user account for single repository"))
return
}
ctx.Repo.Owner = u
// Organization owner team members are true owners as well.
if ctx.IsSigned && ctx.Repo.Owner.IsOrganization() && ctx.Repo.Owner.IsOrgOwner(ctx.User.Id) {
ctx.Repo.IsTrueOwner = true
}
// Get repository.
repo, err := models.GetRepositoryByName(u.Id, repoName)
if err != nil {
if err == models.ErrRepoNotExist {
ctx.Handle(404, "GetRepositoryByName", err)
return
} else if redirect {
ctx.Redirect("/")
return
}
ctx.Handle(500, "GetRepositoryByName", err)
return
} else if err = repo.GetOwner(); err != nil {
ctx.Handle(500, "GetOwner", err)
return
}
// Check if the mirror repository owner(mirror repository doesn't have access).
if ctx.IsSigned && !ctx.Repo.IsOwner {
if repo.OwnerId == ctx.User.Id {
ctx.Repo.IsOwner = true
}
// Check if current user has admin permission to repository.
if u.IsOrganization() {
auth, err := models.GetHighestAuthorize(u.Id, ctx.User.Id, 0, repo.Id)
if err != nil {
ctx.Handle(500, "GetHighestAuthorize", err)
return
}
if auth == models.ORG_ADMIN {
ctx.Repo.IsOwner = true
ctx.Repo.IsAdmin = true
}
}
}
// Check access.
if repo.IsPrivate && !ctx.Repo.IsOwner {
if ctx.User == nil {
ctx.Handle(404, "HasAccess", nil)
return
}
hasAccess, err := models.HasAccess(ctx.User.Name, ctx.Repo.Owner.Name+"/"+repo.Name, models.READABLE)
if err != nil {
ctx.Handle(500, "HasAccess", err)
return
} else if !hasAccess {
ctx.Handle(404, "HasAccess", nil)
return
}
}
ctx.Repo.HasAccess = true
ctx.Data["HasAccess"] = true
if repo.IsMirror {
ctx.Repo.Mirror, err = models.GetMirror(repo.Id)
if err != nil {
ctx.Handle(500, "GetMirror", err)
return
}
ctx.Data["MirrorInterval"] = ctx.Repo.Mirror.Interval
}
repo.NumOpenIssues = repo.NumIssues - repo.NumClosedIssues
repo.NumOpenMilestones = repo.NumMilestones - repo.NumClosedMilestones
ctx.Repo.Repository = repo
ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
gitRepo, err := git.OpenRepository(models.RepoPath(userName, repoName))
if err != nil {
ctx.Handle(500, "RepoAssignment Invalid repo "+models.RepoPath(userName, repoName), err)
return
}
ctx.Repo.GitRepo = gitRepo
ctx.Repo.RepoLink = "/" + u.Name + "/" + repo.Name
ctx.Data["RepoLink"] = ctx.Repo.RepoLink
tags, err := ctx.Repo.GitRepo.GetTags()
if err != nil {
ctx.Handle(500, "GetTags", err)
return
}
ctx.Repo.Repository.NumTags = len(tags)
ctx.Data["Title"] = u.Name + "/" + repo.Name
ctx.Data["Repository"] = repo
ctx.Data["Owner"] = ctx.Repo.Repository.Owner
ctx.Data["IsRepositoryOwner"] = ctx.Repo.IsOwner
ctx.Data["IsRepositoryTrueOwner"] = ctx.Repo.IsTrueOwner
if setting.SshPort != 22 {
ctx.Repo.CloneLink.SSH = fmt.Sprintf("ssh://%s@%s:%d/%s/%s.git", setting.RunUser, setting.Domain, setting.SshPort, u.LowerName, repo.LowerName)
} else {
ctx.Repo.CloneLink.SSH = fmt.Sprintf("%s@%s:%s/%s.git", setting.RunUser, setting.Domain, u.LowerName, repo.LowerName)
}
ctx.Repo.CloneLink.HTTPS = fmt.Sprintf("%s%s/%s.git", setting.AppUrl, u.LowerName, repo.LowerName)
ctx.Data["CloneLink"] = ctx.Repo.CloneLink
if ctx.Repo.Repository.IsGoget {
ctx.Data["GoGetLink"] = fmt.Sprintf("%s%s/%s", setting.AppUrl, u.LowerName, repo.LowerName)
ctx.Data["GoGetImport"] = fmt.Sprintf("%s/%s/%s", setting.Domain, u.LowerName, repo.LowerName)
}
// when repo is bare, not valid branch
if !ctx.Repo.Repository.IsBare && validBranch {
detect:
if len(refName) > 0 {
if gitRepo.IsBranchExist(refName) {
ctx.Repo.IsBranch = true
ctx.Repo.BranchName = refName
ctx.Repo.Commit, err = gitRepo.GetCommitOfBranch(refName)
if err != nil {
ctx.Handle(404, "RepoAssignment invalid branch", nil)
return
}
ctx.Repo.CommitId = ctx.Repo.Commit.Id.String()
} else if gitRepo.IsTagExist(refName) {
ctx.Repo.IsTag = true
ctx.Repo.BranchName = refName
ctx.Repo.Tag, err = gitRepo.GetTag(refName)
if err != nil {
ctx.Handle(404, "RepoAssignment invalid tag", nil)
return
}
ctx.Repo.Commit, _ = ctx.Repo.Tag.Commit()
ctx.Repo.CommitId = ctx.Repo.Commit.Id.String()
} else if len(refName) == 40 {
ctx.Repo.IsCommit = true
ctx.Repo.CommitId = refName
ctx.Repo.BranchName = refName
ctx.Repo.Commit, err = gitRepo.GetCommit(refName)
if err != nil {
ctx.Handle(404, "RepoAssignment invalid commit", nil)
return
}
} else {
ctx.Handle(404, "RepoAssignment invalid repo", errors.New("branch or tag not exist"))
return
}
} else {
if len(refName) == 0 {
if gitRepo.IsBranchExist(ctx.Repo.Repository.DefaultBranch) {
refName = ctx.Repo.Repository.DefaultBranch
} else {
brs, err := gitRepo.GetBranches()
if err != nil {
ctx.Handle(500, "GetBranches", err)
return
}
refName = brs[0]
}
}
goto detect
}
ctx.Data["IsBranch"] = ctx.Repo.IsBranch
ctx.Data["IsCommit"] = ctx.Repo.IsCommit
ctx.Repo.CommitsCount, err = ctx.Repo.Commit.CommitsCount()
if err != nil {
ctx.Handle(500, "CommitsCount", err)
return
}
ctx.Data["CommitsCount"] = ctx.Repo.CommitsCount
}
// repo is bare and display enable
if ctx.Repo.Repository.IsBare {
log.Debug("Bare repository: %s", ctx.Repo.RepoLink)
if displayBare {
ctx.HTML(200, "repo/bare")
}
return
}
if ctx.IsSigned {
ctx.Data["IsWatchingRepo"] = models.IsWatching(ctx.User.Id, repo.Id)
ctx.Data["IsStaringRepo"] = models.IsStaring(ctx.User.Id, repo.Id)
}
ctx.Data["TagName"] = ctx.Repo.TagName
brs, err := ctx.Repo.GitRepo.GetBranches()
if err != nil {
log.Error(4, "GetBranches: %v", err)
}
ctx.Data["Branches"] = brs
ctx.Data["BrancheCount"] = len(brs)
// If not branch selected, try default one.
// If default branch doesn't exists, fall back to some other branch.
if ctx.Repo.BranchName == "" {
if ctx.Repo.Repository.DefaultBranch != "" && gitRepo.IsBranchExist(ctx.Repo.Repository.DefaultBranch) {
ctx.Repo.BranchName = ctx.Repo.Repository.DefaultBranch
} else if len(brs) > 0 {
ctx.Repo.BranchName = brs[0]
}
}
ctx.Data["BranchName"] = ctx.Repo.BranchName
ctx.Data["CommitId"] = ctx.Repo.CommitId
}
}
func ParsePatch(cmd *exec.Cmd, reader io.Reader) (*Diff, error) {
scanner := bufio.NewScanner(reader)
var (
curFile *DiffFile
curSection = &DiffSection{
Lines: make([]*DiffLine, 0, 10),
}
leftLine, rightLine int
)
diff := &Diff{Files: make([]*DiffFile, 0)}
var i int
for scanner.Scan() {
line := scanner.Text()
// fmt.Println(i, line)
if strings.HasPrefix(line, "+++ ") || strings.HasPrefix(line, "--- ") {
continue
}
i = i + 1
// Diff data too large.
if i == 5000 {
log.Warn("Diff data too large")
return &Diff{}, nil
}
if line == "" {
continue
}
switch {
case line[0] == ' ':
diffLine := &DiffLine{Type: DIFF_LINE_PLAIN, Content: line, LeftIdx: leftLine, RightIdx: rightLine}
leftLine++
rightLine++
curSection.Lines = append(curSection.Lines, diffLine)
continue
case line[0] == '@':
curSection = &DiffSection{}
curFile.Sections = append(curFile.Sections, curSection)
ss := strings.Split(line, "@@")
diffLine := &DiffLine{Type: DIFF_LINE_SECTION, Content: line}
curSection.Lines = append(curSection.Lines, diffLine)
// Parse line number.
ranges := strings.Split(ss[len(ss)-2][1:], " ")
leftLine, _ = base.StrTo(strings.Split(ranges[0], ",")[0][1:]).Int()
rightLine, _ = base.StrTo(strings.Split(ranges[1], ",")[0]).Int()
continue
case line[0] == '+':
curFile.Addition++
diff.TotalAddition++
diffLine := &DiffLine{Type: DIFF_LINE_ADD, Content: line, RightIdx: rightLine}
rightLine++
curSection.Lines = append(curSection.Lines, diffLine)
continue
case line[0] == '-':
curFile.Deletion++
diff.TotalDeletion++
diffLine := &DiffLine{Type: DIFF_LINE_DEL, Content: line, LeftIdx: leftLine}
if leftLine > 0 {
leftLine++
}
curSection.Lines = append(curSection.Lines, diffLine)
case strings.HasPrefix(line, "Binary"):
curFile.IsBin = true
continue
}
// Get new file.
if strings.HasPrefix(line, DIFF_HEAD) {
fs := strings.Split(line[len(DIFF_HEAD):], " ")
a := fs[0]
curFile = &DiffFile{
Name: a[strings.Index(a, "/")+1:],
Index: len(diff.Files) + 1,
Type: DIFF_FILE_CHANGE,
Sections: make([]*DiffSection, 0, 10),
}
diff.Files = append(diff.Files, curFile)
// Check file diff type.
for scanner.Scan() {
switch {
case strings.HasPrefix(scanner.Text(), "new file"):
curFile.Type = DIFF_FILE_ADD
case strings.HasPrefix(scanner.Text(), "deleted"):
curFile.Type = DIFF_FILE_DEL
case strings.HasPrefix(scanner.Text(), "index"):
curFile.Type = DIFF_FILE_CHANGE
}
if curFile.Type > 0 {
break
}
}
}
}
// In case process became zombie.
if !cmd.ProcessState.Exited() {
log.Debug("git_diff.ParsePatch: process doesn't exit and now will be killed")
if err := cmd.Process.Kill(); err != nil {
log.Error("git_diff.ParsePatch: fail to kill zombie process: %v", err)
}
}
return diff, nil
}
// searchEntry : search an LDAP source if an entry (name, passwd) is valid and in the specific filter
func (ls *Source) SearchEntry(name, passwd string, directBind bool) (string, string, string, string, bool, bool) {
var userDN string
if directBind {
log.Trace("LDAP will bind directly via UserDN template: %s", ls.UserDN)
var ok bool
userDN, ok = ls.sanitizedUserDN(name)
if !ok {
return "", "", "", "", false, false
}
} else {
log.Trace("LDAP will use BindDN.")
var found bool
userDN, found = ls.FindUserDN(name)
if !found {
return "", "", "", "", false, false
}
}
l, err := ldapDial(ls)
if err != nil {
log.Error(4, "LDAP Connect error (%s): %v", ls.Host, err)
ls.Enabled = false
return "", "", "", "", false, false
}
defer l.Close()
log.Trace("Binding with userDN: %s", userDN)
err = l.Bind(userDN, passwd)
if err != nil {
log.Debug("LDAP auth. failed for %s, reason: %v", userDN, err)
return "", "", "", "", false, false
}
log.Trace("Bound successfully with userDN: %s", userDN)
userFilter, ok := ls.sanitizedUserQuery(name)
if !ok {
return "", "", "", "", false, false
}
search := ldap.NewSearchRequest(
userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, userFilter,
[]string{ls.AttributeName, ls.AttributeSurname, ls.AttributeMail},
nil)
sr, err := l.Search(search)
if err != nil {
log.Error(4, "LDAP Search failed unexpectedly! (%v)", err)
return "", "", "", "", false, false
} else if len(sr.Entries) < 1 {
if directBind {
log.Error(4, "User filter inhibited user login.")
} else {
log.Error(4, "LDAP Search failed unexpectedly! (0 entries)")
}
return "", "", "", "", false, false
}
username_attr := sr.Entries[0].GetAttributeValue(ls.AttributeUsername)
name_attr := sr.Entries[0].GetAttributeValue(ls.AttributeName)
sn_attr := sr.Entries[0].GetAttributeValue(ls.AttributeSurname)
mail_attr := sr.Entries[0].GetAttributeValue(ls.AttributeMail)
admin_attr := false
if len(ls.AdminFilter) > 0 {
search = ldap.NewSearchRequest(
userDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, ls.AdminFilter,
[]string{ls.AttributeName},
nil)
sr, err = l.Search(search)
if err != nil {
log.Error(4, "LDAP Admin Search failed unexpectedly! (%v)", err)
} else if len(sr.Entries) < 1 {
log.Error(4, "LDAP Admin Search failed")
} else {
admin_attr = true
}
}
return username_attr, name_attr, sn_attr, mail_attr, admin_attr, true
}
// HTML calls Context.HTML and converts template name to string.
func (ctx *Context) HTML(status int, name base.TplName) {
log.Debug("Template: %s", name)
ctx.Context.HTML(status, string(name))
}
// CommitRepoAction adds new action for committing repository.
func CommitRepoAction(userId, repoUserId int64, userName, actEmail string,
repoId int64, repoUserName, repoName string, refFullName string, commit *base.PushCommits) error {
opType := COMMIT_REPO
// Check it's tag push or branch.
if strings.HasPrefix(refFullName, "refs/tags/") {
opType = PUSH_TAG
commit = &base.PushCommits{}
}
refName := git.RefEndName(refFullName)
bs, err := json.Marshal(commit)
if err != nil {
return errors.New("action.CommitRepoAction(json): " + err.Error())
}
// Change repository bare status and update last updated time.
repo, err := GetRepositoryByName(repoUserId, repoName)
if err != nil {
return errors.New("action.CommitRepoAction(GetRepositoryByName): " + err.Error())
}
repo.IsBare = false
if err = UpdateRepository(repo); err != nil {
return errors.New("action.CommitRepoAction(UpdateRepository): " + err.Error())
}
err = updateIssuesCommit(userId, repoId, repoUserName, repoName, commit.Commits)
if err != nil {
log.Debug("action.CommitRepoAction(updateIssuesCommit): ", err)
}
if err = NotifyWatchers(&Action{ActUserId: userId, ActUserName: userName, ActEmail: actEmail,
OpType: opType, Content: string(bs), RepoId: repoId, RepoUserName: repoUserName,
RepoName: repoName, RefName: refName,
IsPrivate: repo.IsPrivate}); err != nil {
return errors.New("action.CommitRepoAction(NotifyWatchers): " + err.Error())
}
//qlog.Info("action.CommitRepoAction(end): %d/%s", repoUserId, repoName)
// New push event hook.
if err := repo.GetOwner(); err != nil {
return errors.New("action.CommitRepoAction(GetOwner): " + err.Error())
}
ws, err := GetActiveWebhooksByRepoId(repoId)
if err != nil {
return errors.New("action.CommitRepoAction(GetWebhooksByRepoId): " + err.Error())
} else if len(ws) == 0 {
return nil
}
repoLink := fmt.Sprintf("%s%s/%s", setting.AppUrl, repoUserName, repoName)
commits := make([]*PayloadCommit, len(commit.Commits))
for i, cmt := range commit.Commits {
commits[i] = &PayloadCommit{
Id: cmt.Sha1,
Message: cmt.Message,
Url: fmt.Sprintf("%s/commit/%s", repoLink, cmt.Sha1),
Author: &PayloadAuthor{
Name: cmt.AuthorName,
Email: cmt.AuthorEmail,
},
}
}
p := &Payload{
Ref: refFullName,
Commits: commits,
Repo: &PayloadRepo{
Id: repo.Id,
Name: repo.LowerName,
Url: repoLink,
Description: repo.Description,
Website: repo.Website,
Watchers: repo.NumWatches,
Owner: &PayloadAuthor{
Name: repoUserName,
Email: actEmail,
},
Private: repo.IsPrivate,
},
Pusher: &PayloadAuthor{
Name: repo.Owner.LowerName,
Email: repo.Owner.Email,
},
}
for _, w := range ws {
w.GetEvent()
if !w.HasPushEvent() {
continue
}
p.Secret = w.Secret
CreateHookTask(&HookTask{
Type: WEBHOOK,
Url: w.Url,
Payload: p,
ContentType: w.ContentType,
IsSsl: w.IsSsl,
})
}
return nil
}
