func Hook(ctx *middleware.Context) {
if ctx.Query("secret") != setting.Docs.Secret {
ctx.Error(403)
return
}
log.Info("Incoming hook update request")
if err := models.ReloadDocs(); err != nil {
ctx.Error(500)
return
}
ctx.Status(200)
}
func DocsStatic(ctx *middleware.Context) {
if len(ctx.Params("*")) > 0 {
f, err := os.Open(path.Join(models.Tocs[setting.Docs.Langs[0]].RootPath, "images", ctx.Params("*")))
if err != nil {
ctx.JSON(500, map[string]interface{}{
"error": err.Error(),
})
return
}
defer f.Close()
_, err = io.Copy(ctx.Resp, f)
if err != nil {
ctx.JSON(500, map[string]interface{}{
"error": err.Error(),
})
return
}
return
}
ctx.Error(404)
}
func Protect(ctx *middleware.Context) {
if !models.Protector.HasProtection {
return
}
// Check if resource is protected.
allows, yes := models.Protector.Resources[strings.TrimPrefix(ctx.Req.URL.Path, "/docs/")]
if !yes {
return
}
// Check if auth is presented.
authHead := ctx.Req.Header.Get("Authorization")
if len(authHead) == 0 {
authRequired(ctx)
return
}
auths := strings.Fields(authHead)
if len(auths) != 2 || auths[0] != "Basic" {
ctx.Error(401)
return
}
uname, passwd, err := basicAuthDecode(auths[1])
if err != nil {
ctx.Error(401)
return
}
// Check if auth is valid.
if models.Protector.Users[uname] != encodeMd5(passwd) {
ctx.Error(401)
return
}
// Check if user has access to the resource.
if !allows[uname] {
ctx.Error(403)
return
}
}
func authRequired(ctx *middleware.Context) {
ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
ctx.Error(401)
}
