func SetUser() gin.HandlerFunc {
return func(c *gin.Context) {
var user *model.User
t, err := token.ParseRequest(c.Request, func(t *token.Token) (string, error) {
var err error
user, err = store.GetUserLogin(c, t.Text)
return user.Hash, err
})
if err == nil {
c.Set("user", user)
// if this is a session token (ie not the API token)
// this means the user is accessing with a web browser,
// so we should implement CSRF protection measures.
if t.Kind == token.SessToken {
err = token.CheckCsrf(c.Request, func(t *token.Token) (string, error) {
return user.Hash, nil
})
// if csrf token validation fails, exit immediately
// with a not authorized error.
if err != nil {
c.AbortWithStatus(http.StatusUnauthorized)
return
}
}
}
c.Next()
}
}
func GetCommit(c *gin.Context) {
repo := session.Repo(c)
parsed, err := token.ParseRequest(c.Request, func(t *token.Token) (string, error) {
return repo.Hash, nil
})
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
return
}
if parsed.Text != repo.FullName {
c.AbortWithStatus(http.StatusUnauthorized)
return
}
commit := c.Param("sha")
branch := c.Query("branch")
if len(branch) == 0 {
branch = repo.Branch
}
build, err := store.GetBuildCommit(c, repo, commit, branch)
if err != nil {
c.AbortWithError(http.StatusNotFound, err)
return
}
c.JSON(http.StatusOK, build)
}
func GetPullRequest(c *gin.Context) {
repo := session.Repo(c)
refs := fmt.Sprintf("refs/pull/%s/head", c.Param("number"))
parsed, err := token.ParseRequest(c.Request, func(t *token.Token) (string, error) {
return repo.Hash, nil
})
if err != nil {
c.AbortWithError(http.StatusBadRequest, err)
return
}
if parsed.Text != repo.FullName {
c.AbortWithStatus(http.StatusUnauthorized)
return
}
build, err := store.GetBuildRef(c, repo, refs)
if err != nil {
c.AbortWithError(http.StatusNotFound, err)
return
}
c.JSON(http.StatusOK, build)
}