func TeamsRepoAction(ctx *middleware.Context) {
if !ctx.Org.IsOwner {
ctx.Error(404)
return
}
var err error
switch ctx.Params(":action") {
case "add":
repoName := path.Base(ctx.Query("repo-name"))
var repo *models.Repository
repo, err = models.GetRepositoryByName(ctx.Org.Organization.Id, repoName)
if err != nil {
if models.IsErrRepoNotExist(err) {
ctx.Flash.Error(ctx.Tr("org.teams.add_nonexistent_repo"))
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + ctx.Org.Team.LowerName + "/repositories")
return
}
ctx.Handle(500, "GetRepositoryByName", err)
return
}
err = ctx.Org.Team.AddRepository(repo)
case "remove":
err = ctx.Org.Team.RemoveRepository(com.StrTo(ctx.Query("repoid")).MustInt64())
}
if err != nil {
log.Error(3, "Action(%s): '%s' %v", ctx.Params(":action"), ctx.Org.Team.Name, err)
ctx.Handle(500, "TeamsRepoAction", err)
return
}
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + ctx.Org.Team.LowerName + "/repositories")
}
func NewAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = ctx.Tr("admin.auths.new")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
ctx.Data["LoginTypes"] = models.LoginTypes
ctx.Data["SMTPAuths"] = models.SMTPAuths
if ctx.HasError() {
ctx.HTML(200, AUTH_NEW)
return
}
var u core.Conversion
switch models.LoginType(form.Type) {
case models.LDAP:
u = &models.LDAPConfig{
Ldapsource: ldap.Ldapsource{
Host: form.Host,
Port: form.Port,
UseSSL: form.UseSSL,
BaseDN: form.BaseDN,
AttributeUsername: form.AttributeUsername,
AttributeName: form.AttributeName,
AttributeSurname: form.AttributeSurname,
AttributeMail: form.AttributeMail,
Filter: form.Filter,
MsAdSAFormat: form.MsAdSA,
Enabled: true,
Name: form.Name,
},
}
case models.SMTP:
u = &models.SMTPConfig{
Auth: form.SMTPAuth,
Host: form.SMTPHost,
Port: form.SMTPPort,
TLS: form.TLS,
}
default:
ctx.Error(400)
return
}
var source = &models.LoginSource{
Type: models.LoginType(form.Type),
Name: form.Name,
IsActived: true,
AllowAutoRegister: form.AllowAutoRegister,
Cfg: u,
}
if err := models.CreateSource(source); err != nil {
ctx.Handle(500, "CreateSource", err)
return
}
log.Trace("Authentication created by admin(%s): %s", ctx.User.Name, form.Name)
ctx.Redirect(setting.AppSubUrl + "/admin/auths")
}
func ResetPasswd(ctx *middleware.Context) {
ctx.Data["Title"] = ctx.Tr("auth.reset_password")
code := ctx.Query("code")
if len(code) == 0 {
ctx.Error(404)
return
}
ctx.Data["Code"] = code
ctx.Data["IsResetForm"] = true
ctx.HTML(200, RESET_PASSWORD)
}
func Activate(ctx *middleware.Context) {
code := ctx.Query("code")
if len(code) == 0 {
ctx.Data["IsActivatePage"] = true
if ctx.User.IsActive {
ctx.Error(404)
return
}
// Resend confirmation e-mail.
if setting.Service.RegisterEmailConfirm {
if ctx.Cache.IsExist("MailResendLimit_" + ctx.User.LowerName) {
ctx.Data["ResendLimited"] = true
} else {
ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
mailer.SendActiveMail(ctx.Render, ctx.User)
if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
}
}
} else {
ctx.Data["ServiceNotEnabled"] = true
}
ctx.HTML(200, ACTIVATE)
return
}
// Verify code.
if user := models.VerifyUserActiveCode(code); user != nil {
user.IsActive = true
user.Rands = models.GetUserSalt()
if err := models.UpdateUser(user); err != nil {
if err == models.ErrUserNotExist {
ctx.Error(404)
} else {
ctx.Handle(500, "UpdateUser", err)
}
return
}
log.Trace("User activated: %s", user.Name)
ctx.Session.Set("uid", user.Id)
ctx.Session.Set("uname", user.Name)
ctx.Redirect(setting.AppSubUrl + "/")
return
}
ctx.Data["IsActivateFailed"] = true
ctx.HTML(200, ACTIVATE)
}
func NewTeamPost(ctx *middleware.Context, form auth.CreateTeamForm) {
ctx.Data["Title"] = ctx.Org.Organization.FullName
ctx.Data["PageIsOrgTeams"] = true
ctx.Data["PageIsOrgTeamsNew"] = true
ctx.Data["Team"] = &models.Team{}
if ctx.HasError() {
ctx.HTML(200, TEAM_NEW)
return
}
// Validate permission level.
var auth models.AccessMode
switch form.Permission {
case "read":
auth = models.ACCESS_MODE_READ
case "write":
auth = models.ACCESS_MODE_WRITE
case "admin":
auth = models.ACCESS_MODE_ADMIN
default:
ctx.Error(401)
return
}
org := ctx.Org.Organization
t := &models.Team{
OrgID: org.Id,
Name: form.TeamName,
Description: form.Description,
Authorize: auth,
}
if err := models.NewTeam(t); err != nil {
switch err {
case models.ErrTeamNameIllegal:
ctx.Data["Err_TeamName"] = true
ctx.RenderWithErr(ctx.Tr("form.illegal_team_name"), TEAM_NEW, &form)
case models.ErrTeamAlreadyExist:
ctx.Data["Err_TeamName"] = true
ctx.RenderWithErr(ctx.Tr("form.team_name_been_taken"), TEAM_NEW, &form)
default:
ctx.Handle(500, "NewTeam", err)
}
return
}
log.Trace("Team created: %s/%s", org.Name, t.Name)
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + t.LowerName)
}
// GET /users/:username
func GetUserInfo(ctx *middleware.Context) {
u, err := models.GetUserByName(ctx.Params(":username"))
if err != nil {
if err == models.ErrUserNotExist {
ctx.Error(404)
} else {
ctx.JSON(500, &base.ApiJsonErr{"GetUserByName: " + err.Error(), base.DOC_URL})
}
return
}
// Hide user e-mail when API caller isn't signed in.
if !ctx.IsSigned {
u.Email = ""
}
ctx.JSON(200, &sdk.User{u.Id, u.Name, u.FullName, u.Email, u.AvatarLink()})
}
func EditTeamPost(ctx *middleware.Context, form auth.CreateTeamForm) {
t := ctx.Org.Team
ctx.Data["Title"] = ctx.Org.Organization.FullName
ctx.Data["PageIsOrgTeams"] = true
ctx.Data["team_name"] = t.Name
ctx.Data["desc"] = t.Description
if ctx.HasError() {
ctx.HTML(200, TEAM_NEW)
return
}
isAuthChanged := false
if !t.IsOwnerTeam() {
// Validate permission level.
var auth models.AccessMode
switch form.Permission {
case "read":
auth = models.ACCESS_MODE_READ
case "write":
auth = models.ACCESS_MODE_WRITE
case "admin":
auth = models.ACCESS_MODE_ADMIN
default:
ctx.Error(401)
return
}
t.Name = form.TeamName
if t.Authorize != auth {
isAuthChanged = true
t.Authorize = auth
}
}
t.Description = form.Description
if err := models.UpdateTeam(t, isAuthChanged); err != nil {
if err == models.ErrTeamNameIllegal {
ctx.Data["Err_TeamName"] = true
ctx.RenderWithErr(ctx.Tr("form.illegal_team_name"), TEAM_NEW, &form)
} else {
ctx.Handle(500, "UpdateTeam", err)
}
return
}
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + t.LowerName)
}
func UpdateIssueMilestone(ctx *middleware.Context) {
if !ctx.Repo.IsOwner() {
ctx.Error(403)
return
}
issueId := com.StrTo(ctx.Query("issue")).MustInt64()
if issueId == 0 {
ctx.Error(404)
return
}
issue, err := models.GetIssueById(issueId)
if err != nil {
if err == models.ErrIssueNotExist {
ctx.Handle(404, "issue.UpdateIssueMilestone(GetIssueById)", err)
} else {
ctx.Handle(500, "issue.UpdateIssueMilestone(GetIssueById)", err)
}
return
}
oldMid := issue.MilestoneId
mid := com.StrTo(ctx.Query("milestoneid")).MustInt64()
if oldMid == mid {
ctx.JSON(200, map[string]interface{}{
"ok": true,
})
return
}
// Not check for invalid milestone id and give responsibility to owners.
issue.MilestoneId = mid
if err = models.ChangeMilestoneAssign(oldMid, mid, issue); err != nil {
ctx.Handle(500, "issue.UpdateIssueMilestone(ChangeMilestoneAssign)", err)
return
} else if err = models.UpdateIssue(issue); err != nil {
ctx.Handle(500, "issue.UpdateIssueMilestone(UpdateIssue)", err)
return
}
ctx.JSON(200, map[string]interface{}{
"ok": true,
})
}
func IssueGetAttachment(ctx *middleware.Context) {
id := com.StrTo(ctx.Params(":id")).MustInt64()
if id == 0 {
ctx.Error(404)
return
}
attachment, err := models.GetAttachmentById(id)
if err != nil {
ctx.Handle(404, "issue.IssueGetAttachment(models.GetAttachmentById)", err)
return
}
// Fix #312. Attachments with , in their name are not handled correctly by Google Chrome.
// We must put the name in " manually.
ctx.ServeFile(attachment.Path, "\""+attachment.Name+"\"")
}
func GetRepoRawFile(ctx *middleware.Context) {
if !ctx.Repo.HasAccess() {
ctx.Error(404)
return
}
blob, err := ctx.Repo.Commit.GetBlobByPath(ctx.Repo.TreeName)
if err != nil {
if err == git.ErrNotExist {
ctx.Error(404)
} else {
ctx.JSON(500, &base.ApiJsonErr{"GetBlobByPath: " + err.Error(), base.DOC_URL})
}
return
}
if err = repo.ServeBlob(ctx, blob); err != nil {
ctx.JSON(500, &base.ApiJsonErr{"ServeBlob: " + err.Error(), base.DOC_URL})
}
}
func UpdateIssue(ctx *middleware.Context, form auth.CreateIssueForm) {
idx := com.StrTo(ctx.Params(":index")).MustInt64()
if idx <= 0 {
ctx.Error(404)
return
}
issue, err := models.GetIssueByIndex(ctx.Repo.Repository.Id, idx)
if err != nil {
if err == models.ErrIssueNotExist {
ctx.Handle(404, "issue.UpdateIssue", err)
} else {
ctx.Handle(500, "issue.UpdateIssue(GetIssueByIndex)", err)
}
return
}
if ctx.User.Id != issue.PosterId && !ctx.Repo.IsOwner() {
ctx.Error(403)
return
}
issue.Name = form.IssueName
//issue.MilestoneId = form.MilestoneId
//issue.AssigneeId = form.AssigneeId
//issue.LabelIds = form.Labels
issue.Content = form.Content
// try get content from text, ignore conflict with preview ajax
if form.Content == "" {
issue.Content = ctx.Query("text")
}
if err = models.UpdateIssue(issue); err != nil {
ctx.Handle(500, "issue.UpdateIssue(UpdateIssue)", err)
return
}
ctx.JSON(200, map[string]interface{}{
"ok": true,
"title": issue.Name,
"content": string(base.RenderMarkdown([]byte(issue.Content), ctx.Repo.RepoLink)),
})
}
func createRepo(ctx *middleware.Context, owner *models.User, opt api.CreateRepoOption) {
repo, err := models.CreateRepository(owner, opt.Name, opt.Description,
opt.Gitignore, opt.License, opt.Private, false, opt.AutoInit)
if err != nil {
if err == models.ErrRepoAlreadyExist ||
err == models.ErrRepoNameIllegal {
ctx.JSON(422, &base.ApiJsonErr{err.Error(), base.DOC_URL})
} else {
log.Error(4, "CreateRepository: %v", err)
if repo != nil {
if err = models.DeleteRepository(ctx.User.Id, repo.Id, ctx.User.Name); err != nil {
log.Error(4, "DeleteRepository: %v", err)
}
}
ctx.Error(500)
}
return
}
ctx.JSON(200, ToApiRepository(owner, repo, api.Permission{true, true, true}))
}
func MembersAction(ctx *middleware.Context) {
uid := com.StrTo(ctx.Query("uid")).MustInt64()
if uid == 0 {
ctx.Redirect(ctx.Org.OrgLink + "/members")
return
}
org := ctx.Org.Organization
var err error
switch ctx.Params(":action") {
case "private":
if ctx.User.Id != uid && !ctx.Org.IsOwner {
ctx.Error(404)
return
}
err = models.ChangeOrgUserStatus(org.Id, uid, false)
case "public":
if ctx.User.Id != uid {
ctx.Error(404)
return
}
err = models.ChangeOrgUserStatus(org.Id, uid, true)
case "remove":
if !ctx.Org.IsOwner {
ctx.Error(404)
return
}
err = org.RemoveMember(uid)
if models.IsErrLastOrgOwner(err) {
ctx.Flash.Error(ctx.Tr("form.last_org_owner"))
ctx.Redirect(ctx.Org.OrgLink + "/members")
return
}
case "leave":
err = org.RemoveMember(ctx.User.Id)
if models.IsErrLastOrgOwner(err) {
ctx.Flash.Error(ctx.Tr("form.last_org_owner"))
ctx.Redirect(ctx.Org.OrgLink + "/members")
return
}
}
if err != nil {
log.Error(4, "Action(%s): %v", ctx.Params(":action"), err)
ctx.JSON(200, map[string]interface{}{
"ok": false,
"err": err.Error(),
})
return
}
if ctx.Params(":action") != "leave" {
ctx.Redirect(ctx.Org.OrgLink + "/members")
} else {
ctx.Redirect(setting.AppSubUrl + "/")
}
}
func UpdateAssignee(ctx *middleware.Context) {
if !ctx.Repo.IsOwner() {
ctx.Error(403)
return
}
issueId := com.StrTo(ctx.Query("issue")).MustInt64()
if issueId == 0 {
ctx.Error(404)
return
}
issue, err := models.GetIssueById(issueId)
if err != nil {
if err == models.ErrIssueNotExist {
ctx.Handle(404, "GetIssueById", err)
} else {
ctx.Handle(500, "GetIssueById", err)
}
return
}
aid := com.StrTo(ctx.Query("assigneeid")).MustInt64()
// Not check for invalid assignee id and give responsibility to owners.
issue.AssigneeId = aid
if err = models.UpdateIssueUserPairByAssignee(aid, issue.Id); err != nil {
ctx.Handle(500, "UpdateIssueUserPairByAssignee: %v", err)
return
} else if err = models.UpdateIssue(issue); err != nil {
ctx.Handle(500, "UpdateIssue", err)
return
}
ctx.JSON(200, map[string]interface{}{
"ok": true,
})
}
func ResetPasswdPost(ctx *middleware.Context) {
ctx.Data["Title"] = ctx.Tr("auth.reset_password")
code := ctx.Query("code")
if len(code) == 0 {
ctx.Error(404)
return
}
ctx.Data["Code"] = code
if u := models.VerifyUserActiveCode(code); u != nil {
// Validate password length.
passwd := ctx.Query("password")
if len(passwd) < 6 {
ctx.Data["IsResetForm"] = true
ctx.Data["Err_Password"] = true
ctx.RenderWithErr(ctx.Tr("auth.password_too_short"), RESET_PASSWORD, nil)
return
}
u.Passwd = passwd
u.Rands = models.GetUserSalt()
u.Salt = models.GetUserSalt()
u.EncodePasswd()
if err := models.UpdateUser(u); err != nil {
ctx.Handle(500, "UpdateUser", err)
return
}
log.Trace("User password reset: %s", u.Name)
ctx.Redirect(setting.AppSubUrl + "/user/login")
return
}
ctx.Data["IsResetFailed"] = true
ctx.HTML(200, RESET_PASSWORD)
}
func UpdateLabel(ctx *middleware.Context, form auth.CreateLabelForm) {
id := com.StrTo(ctx.Query("id")).MustInt64()
if id == 0 {
ctx.Error(404)
return
}
l, err := models.GetLabelById(id)
if l == nil {
log.Warn("Could not find label id in db: %s", err)
ctx.Redirect(ctx.Repo.RepoLink + "/issues")
return
}
l.Name = form.Title
l.Color = form.Color
if err := models.UpdateLabel(l); err != nil {
ctx.Handle(500, "issue.UpdateLabel(UpdateLabel)", err)
return
}
ctx.Redirect(ctx.Repo.RepoLink + "/issues")
}
func Action(ctx *middleware.Context) {
var err error
switch ctx.Params(":action") {
case "watch":
err = models.WatchRepo(ctx.User.Id, ctx.Repo.Repository.Id, true)
case "unwatch":
err = models.WatchRepo(ctx.User.Id, ctx.Repo.Repository.Id, false)
case "star":
err = models.StarRepo(ctx.User.Id, ctx.Repo.Repository.Id, true)
case "unstar":
err = models.StarRepo(ctx.User.Id, ctx.Repo.Repository.Id, false)
case "desc":
if !ctx.Repo.IsOwner() {
ctx.Error(404)
return
}
ctx.Repo.Repository.Description = ctx.Query("desc")
ctx.Repo.Repository.Website = ctx.Query("site")
err = models.UpdateRepository(ctx.Repo.Repository, false)
}
if err != nil {
log.Error(4, "Action(%s): %v", ctx.Params(":action"), err)
ctx.JSON(200, map[string]interface{}{
"ok": false,
"err": err.Error(),
})
return
}
ctx.Redirect(ctx.Repo.RepoLink)
return
ctx.JSON(200, map[string]interface{}{
"ok": true,
})
}
// POST /orgs/:org/repos
// https://developer.github.com/v3/repos/#create
func CreateOrgRepo(ctx *middleware.Context, opt api.CreateRepoOption) {
org, err := models.GetOrgByName(ctx.Params(":org"))
if err != nil {
if err == models.ErrUserNotExist {
ctx.Error(404)
} else {
ctx.Error(500)
}
return
}
if !org.IsOwnedBy(ctx.User.Id) {
ctx.Error(403)
return
}
createRepo(ctx, org, opt)
}
func TeamsAction(ctx *middleware.Context) {
uid := com.StrTo(ctx.Query("uid")).MustInt64()
if uid == 0 {
ctx.Redirect(ctx.Org.OrgLink + "/teams")
return
}
page := ctx.Query("page")
var err error
switch ctx.Params(":action") {
case "join":
if !ctx.Org.IsOwner {
ctx.Error(404)
return
}
err = ctx.Org.Team.AddMember(ctx.User.Id)
case "leave":
err = ctx.Org.Team.RemoveMember(ctx.User.Id)
case "remove":
if !ctx.Org.IsOwner {
ctx.Error(404)
return
}
err = ctx.Org.Team.RemoveMember(uid)
page = "team"
case "add":
if !ctx.Org.IsOwner {
ctx.Error(404)
return
}
uname := ctx.Query("uname")
var u *models.User
u, err = models.GetUserByName(uname)
if err != nil {
if err == models.ErrUserNotExist {
ctx.Flash.Error(ctx.Tr("form.user_not_exist"))
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + ctx.Org.Team.LowerName)
} else {
ctx.Handle(500, " GetUserByName", err)
}
return
}
err = ctx.Org.Team.AddMember(u.Id)
page = "team"
}
if err != nil {
if models.IsErrLastOrgOwner(err) {
ctx.Flash.Error(ctx.Tr("form.last_org_owner"))
} else {
log.Error(3, "Action(%s): %v", ctx.Params(":action"), err)
ctx.JSON(200, map[string]interface{}{
"ok": false,
"err": err.Error(),
})
return
}
}
switch page {
case "team":
ctx.Redirect(ctx.Org.OrgLink + "/teams/" + ctx.Org.Team.LowerName)
default:
ctx.Redirect(ctx.Org.OrgLink + "/teams")
}
}
func UpdateIssueLabel(ctx *middleware.Context) {
if !ctx.Repo.IsOwner() {
ctx.Error(403)
return
}
idx := com.StrTo(ctx.Params(":index")).MustInt64()
if idx <= 0 {
ctx.Error(404)
return
}
issue, err := models.GetIssueByIndex(ctx.Repo.Repository.Id, idx)
if err != nil {
if err == models.ErrIssueNotExist {
ctx.Handle(404, "issue.UpdateIssueLabel(GetIssueByIndex)", err)
} else {
ctx.Handle(500, "issue.UpdateIssueLabel(GetIssueByIndex)", err)
}
return
}
isAttach := ctx.Query("action") == "attach"
labelStrId := ctx.Query("id")
labelId := com.StrTo(labelStrId).MustInt64()
label, err := models.GetLabelById(labelId)
if err != nil {
if err == models.ErrLabelNotExist {
ctx.Handle(404, "issue.UpdateIssueLabel(GetLabelById)", err)
} else {
ctx.Handle(500, "issue.UpdateIssueLabel(GetLabelById)", err)
}
return
}
isHad := strings.Contains(issue.LabelIds, "$"+labelStrId+"|")
isNeedUpdate := false
if isAttach {
if !isHad {
issue.LabelIds += "$" + labelStrId + "|"
isNeedUpdate = true
}
} else {
if isHad {
issue.LabelIds = strings.Replace(issue.LabelIds, "$"+labelStrId+"|", "", -1)
isNeedUpdate = true
}
}
if isNeedUpdate {
if err = models.UpdateIssue(issue); err != nil {
ctx.Handle(500, "issue.UpdateIssueLabel(UpdateIssue)", err)
return
}
if isAttach {
label.NumIssues++
if issue.IsClosed {
label.NumClosedIssues++
}
} else {
label.NumIssues--
if issue.IsClosed {
label.NumClosedIssues--
}
}
if err = models.UpdateLabel(label); err != nil {
ctx.Handle(500, "issue.UpdateIssueLabel(UpdateLabel)", err)
return
}
}
ctx.JSON(200, map[string]interface{}{
"ok": true,
})
}
func MigratePost(ctx *middleware.Context, form auth.MigrateRepoForm) {
ctx.Data["Title"] = ctx.Tr("new_migrate")
ctxUser := ctx.User
// Not equal means current user is an organization.
if form.Uid != ctx.User.Id {
var err error
ctxUser, err = checkContextUser(ctx, form.Uid)
if err != nil {
ctx.Handle(500, "checkContextUser", err)
return
}
if !ctxUser.IsOrganization() {
ctx.Error(403)
return
}
}
ctx.Data["ContextUser"] = ctxUser
if err := ctx.User.GetOrganizations(); err != nil {
ctx.Handle(500, "GetOrganizations", err)
return
}
ctx.Data["Orgs"] = ctx.User.Orgs
if ctx.HasError() {
ctx.HTML(200, MIGRATE)
return
}
if ctxUser.IsOrganization() {
// Check ownership of organization.
if !ctxUser.IsOwnedBy(ctx.User.Id) {
ctx.Error(403)
return
}
}
// Remote address can be HTTP/HTTPS/Git URL or local path.
// Note: remember to change api/v1/repo.go: MigrateRepo
// FIXME: merge these two functions with better error handling
remoteAddr := form.CloneAddr
if strings.HasPrefix(form.CloneAddr, "http://") ||
strings.HasPrefix(form.CloneAddr, "https://") ||
strings.HasPrefix(form.CloneAddr, "git://") {
u, err := url.Parse(form.CloneAddr)
if err != nil {
ctx.Data["Err_CloneAddr"] = true
ctx.RenderWithErr(ctx.Tr("form.url_error"), MIGRATE, &form)
return
}
if len(form.AuthUsername) > 0 || len(form.AuthPassword) > 0 {
u.User = url.UserPassword(form.AuthUsername, form.AuthPassword)
}
remoteAddr = u.String()
} else if !com.IsDir(remoteAddr) {
ctx.Data["Err_CloneAddr"] = true
ctx.RenderWithErr(ctx.Tr("repo.migrate.invalid_local_path"), MIGRATE, &form)
return
}
repo, err := models.MigrateRepository(ctxUser, form.RepoName, form.Description, form.Private, form.Mirror, remoteAddr)
if err == nil {
log.Trace("Repository migrated: %s/%s", ctxUser.Name, form.RepoName)
ctx.Redirect(setting.AppSubUrl + "/" + ctxUser.Name + "/" + form.RepoName)
return
} else if err == models.ErrRepoAlreadyExist {
ctx.Data["Err_RepoName"] = true
ctx.RenderWithErr(ctx.Tr("form.repo_name_been_taken"), MIGRATE, &form)
return
} else if err == models.ErrRepoNameIllegal {
ctx.Data["Err_RepoName"] = true
ctx.RenderWithErr(ctx.Tr("form.illegal_repo_name"), MIGRATE, &form)
return
}
if repo != nil {
if errDelete := models.DeleteRepository(ctxUser.Id, repo.Id, ctxUser.Name); errDelete != nil {
log.Error(4, "DeleteRepository: %v", errDelete)
}
}
if strings.Contains(err.Error(), "Authentication failed") {
ctx.Data["Err_Auth"] = true
ctx.RenderWithErr(ctx.Tr("form.auth_failed", err), MIGRATE, &form)
return
}
ctx.Handle(500, "MigratePost", err)
}
func SignUpPost(ctx *middleware.Context, cpt *captcha.Captcha, form auth.RegisterForm) {
ctx.Data["Title"] = ctx.Tr("sign_up")
if setting.Service.DisableRegistration {
ctx.Error(403)
return
}
isOauth := false
sid, isOauth := ctx.Session.Get("socialId").(int64)
if isOauth {
ctx.Data["IsSocialLogin"] = true
}
// May redirect from home page.
if ctx.Query("from") == "home" {
// Clear input error box.
ctx.Data["Err_UserName"] = false
ctx.Data["Err_Email"] = false
// Make the best guess.
uname := ctx.Query("uname")
i := strings.Index(uname, "@")
if i > -1 {
ctx.Data["email"] = uname
ctx.Data["uname"] = uname[:i]
} else {
ctx.Data["uname"] = uname
}
ctx.Data["password"] = ctx.Query("password")
ctx.HTML(200, SIGNUP)
return
}
if ctx.HasError() {
ctx.HTML(200, SIGNUP)
return
}
if !cpt.VerifyReq(ctx.Req) {
ctx.Data["Err_Captcha"] = true
ctx.RenderWithErr(ctx.Tr("form.captcha_incorrect"), SIGNUP, &form)
return
} else if form.Password != form.Retype {
ctx.Data["Err_Password"] = true
ctx.RenderWithErr(ctx.Tr("form.password_not_match"), SIGNUP, &form)
return
}
u := &models.User{
Name: form.UserName,
Email: form.Email,
Passwd: form.Password,
IsActive: !setting.Service.RegisterEmailConfirm || isOauth,
}
if err := models.CreateUser(u); err != nil {
switch err {
case models.ErrUserAlreadyExist:
ctx.Data["Err_UserName"] = true
ctx.RenderWithErr(ctx.Tr("form.username_been_taken"), SIGNUP, &form)
case models.ErrEmailAlreadyUsed:
ctx.Data["Err_Email"] = true
ctx.RenderWithErr(ctx.Tr("form.email_been_used"), SIGNUP, &form)
case models.ErrUserNameIllegal:
ctx.Data["Err_UserName"] = true
ctx.RenderWithErr(ctx.Tr("form.illegal_username"), SIGNUP, &form)
default:
ctx.Handle(500, "CreateUser", err)
}
return
}
log.Trace("Account created: %s", u.Name)
// Bind social account.
if isOauth {
if err := models.BindUserOauth2(u.Id, sid); err != nil {
ctx.Handle(500, "BindUserOauth2", err)
return
}
ctx.Session.Delete("socialId")
log.Trace("%s OAuth binded: %s -> %d", ctx.Req.RequestURI, form.UserName, sid)
}
// Send confirmation e-mail, no need for social account.
if !isOauth && setting.Service.RegisterEmailConfirm && u.Id > 1 {
mailer.SendRegisterMail(ctx.Render, u)
ctx.Data["IsSendRegisterMail"] = true
ctx.Data["Email"] = u.Email
ctx.Data["Hours"] = setting.Service.ActiveCodeLives / 60
ctx.HTML(200, ACTIVATE)
if err := ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
}
return
}
ctx.Redirect(setting.AppSubUrl + "/user/login")
}
func CreatePost(ctx *middleware.Context, form auth.CreateRepoForm) {
ctx.Data["Title"] = ctx.Tr("new_repo")
ctx.Data["Gitignores"] = models.Gitignores
ctx.Data["Licenses"] = models.Licenses
ctxUser := ctx.User
// Not equal means current user is an organization.
if form.Uid != ctx.User.Id {
var err error
ctxUser, err = checkContextUser(ctx, form.Uid)
if err != nil {
ctx.Handle(500, "checkContextUser", err)
return
}
if !ctxUser.IsOrganization() {
ctx.Error(403)
return
}
}
ctx.Data["ContextUser"] = ctxUser
if err := ctx.User.GetOrganizations(); err != nil {
ctx.Handle(500, "GetOrganizations", err)
return
}
ctx.Data["Orgs"] = ctx.User.Orgs
if ctx.HasError() {
ctx.HTML(200, CREATE)
return
}
if ctxUser.IsOrganization() {
// Check ownership of organization.
if !ctxUser.IsOwnedBy(ctx.User.Id) {
ctx.Error(403)
return
}
}
repo, err := models.CreateRepository(ctxUser, form.RepoName, form.Description,
form.Gitignore, form.License, form.Private, false, form.AutoInit)
if err == nil {
log.Trace("Repository created: %s/%s", ctxUser.Name, repo.Name)
ctx.Redirect(setting.AppSubUrl + "/" + ctxUser.Name + "/" + repo.Name)
return
} else if err == models.ErrRepoAlreadyExist {
ctx.Data["Err_RepoName"] = true
ctx.RenderWithErr(ctx.Tr("form.repo_name_been_taken"), CREATE, &form)
return
} else if err == models.ErrRepoNameIllegal {
ctx.Data["Err_RepoName"] = true
ctx.RenderWithErr(ctx.Tr("form.illegal_repo_name"), CREATE, &form)
return
}
if repo != nil {
if errDelete := models.DeleteRepository(ctxUser.Id, repo.Id, ctxUser.Name); errDelete != nil {
log.Error(4, "DeleteRepository: %v", errDelete)
}
}
ctx.Handle(500, "CreatePost", err)
}
func EditAuthSourcePost(ctx *middleware.Context, form auth.AuthenticationForm) {
ctx.Data["Title"] = ctx.Tr("admin.auths.edit")
ctx.Data["PageIsAdmin"] = true
ctx.Data["PageIsAdminAuthentications"] = true
ctx.Data["PageIsAuths"] = true
ctx.Data["LoginTypes"] = models.LoginTypes
ctx.Data["SMTPAuths"] = models.SMTPAuths
if ctx.HasError() {
ctx.HTML(200, AUTH_EDIT)
return
}
var config core.Conversion
switch models.LoginType(form.Type) {
case models.LDAP:
config = &models.LDAPConfig{
Ldapsource: ldap.Ldapsource{
Host: form.Host,
Port: form.Port,
UseSSL: form.UseSSL,
BaseDN: form.BaseDN,
AttributeUsername: form.AttributeUsername,
AttributeName: form.AttributeName,
AttributeSurname: form.AttributeSurname,
AttributeMail: form.AttributeMail,
Filter: form.Filter,
MsAdSAFormat: form.MsAdSA,
Enabled: true,
Name: form.Name,
},
}
case models.SMTP:
config = &models.SMTPConfig{
Auth: form.SMTPAuth,
Host: form.SMTPHost,
Port: form.SMTPPort,
TLS: form.TLS,
}
default:
ctx.Error(400)
return
}
u := models.LoginSource{
Id: form.ID,
Name: form.Name,
IsActived: form.IsActived,
Type: models.LoginType(form.Type),
AllowAutoRegister: form.AllowAutoRegister,
Cfg: config,
}
if err := models.UpdateSource(&u); err != nil {
ctx.Handle(500, "UpdateSource", err)
return
}
log.Trace("Authentication changed by admin(%s): %s", ctx.User.Name, form.Name)
ctx.Flash.Success(ctx.Tr("admin.auths.update_success"))
ctx.Redirect(setting.AppSubUrl + "/admin/auths/" + ctx.Params(":authid"))
}
func Comment(ctx *middleware.Context) {
send := func(status int, data interface{}, err error) {
if err != nil {
log.Error(4, "issue.Comment(?): %s", err)
ctx.JSON(status, map[string]interface{}{
"ok": false,
"status": status,
"error": err.Error(),
})
} else {
ctx.JSON(status, map[string]interface{}{
"ok": true,
"status": status,
"data": data,
})
}
}
index := com.StrTo(ctx.Query("issueIndex")).MustInt64()
if index == 0 {
ctx.Error(404)
return
}
issue, err := models.GetIssueByIndex(ctx.Repo.Repository.Id, index)
if err != nil {
if err == models.ErrIssueNotExist {
send(404, nil, err)
} else {
send(200, nil, err)
}
return
}
// Check if issue owner changes the status of issue.
var newStatus string
if ctx.Repo.IsOwner() || issue.PosterId == ctx.User.Id {
newStatus = ctx.Query("change_status")
}
if len(newStatus) > 0 {
if (strings.Contains(newStatus, "Reopen") && issue.IsClosed) ||
(strings.Contains(newStatus, "Close") && !issue.IsClosed) {
issue.IsClosed = !issue.IsClosed
if err = models.UpdateIssue(issue); err != nil {
send(500, nil, err)
return
} else if err = models.UpdateIssueUserPairsByStatus(issue.Id, issue.IsClosed); err != nil {
send(500, nil, err)
return
}
if err = issue.GetLabels(); err != nil {
send(500, nil, err)
return
}
for _, label := range issue.Labels {
if issue.IsClosed {
label.NumClosedIssues++
} else {
label.NumClosedIssues--
}
if err = models.UpdateLabel(label); err != nil {
send(500, nil, err)
return
}
}
// Change open/closed issue counter for the associated milestone
if issue.MilestoneId > 0 {
if err = models.ChangeMilestoneIssueStats(issue); err != nil {
send(500, nil, err)
}
}
cmtType := models.COMMENT_TYPE_CLOSE
if !issue.IsClosed {
cmtType = models.COMMENT_TYPE_REOPEN
}
if _, err = models.CreateComment(ctx.User.Id, ctx.Repo.Repository.Id, issue.Id, 0, 0, cmtType, "", nil); err != nil {
send(200, nil, err)
return
}
log.Trace("%s Issue(%d) status changed: %v", ctx.Req.RequestURI, issue.Id, !issue.IsClosed)
}
}
var comment *models.Comment
var ms []string
content := ctx.Query("content")
// Fix #321. Allow empty comments, as long as we have attachments.
if len(content) > 0 || len(ctx.Req.MultipartForm.File["attachments"]) > 0 {
switch ctx.Params(":action") {
case "new":
if comment, err = models.CreateComment(ctx.User.Id, ctx.Repo.Repository.Id, issue.Id, 0, 0, models.COMMENT_TYPE_COMMENT, content, nil); err != nil {
send(500, nil, err)
return
}
// Update mentions.
ms = base.MentionPattern.FindAllString(issue.Content, -1)
if len(ms) > 0 {
for i := range ms {
ms[i] = ms[i][1:]
}
if err := models.UpdateMentions(ms, issue.Id); err != nil {
send(500, nil, err)
return
}
}
log.Trace("%s Comment created: %d", ctx.Req.RequestURI, issue.Id)
default:
ctx.Handle(404, "issue.Comment", err)
return
}
}
if comment != nil {
uploadFiles(ctx, issue.Id, comment.Id)
}
// Notify watchers.
act := &models.Action{
ActUserID: ctx.User.Id,
ActUserName: ctx.User.LowerName,
ActEmail: ctx.User.Email,
OpType: models.COMMENT_ISSUE,
Content: fmt.Sprintf("%d|%s", issue.Index, strings.Split(content, "\n")[0]),
RepoID: ctx.Repo.Repository.Id,
RepoUserName: ctx.Repo.Owner.LowerName,
RepoName: ctx.Repo.Repository.LowerName,
}
if err = models.NotifyWatchers(act); err != nil {
send(500, nil, err)
return
}
// Mail watchers and mentions.
if setting.Service.EnableNotifyMail {
issue.Content = content
tos, err := mailer.SendIssueNotifyMail(ctx.User, ctx.Repo.Owner, ctx.Repo.Repository, issue)
if err != nil {
send(500, nil, err)
return
}
tos = append(tos, ctx.User.LowerName)
newTos := make([]string, 0, len(ms))
for _, m := range ms {
if com.IsSliceContainsStr(tos, m) {
continue
}
newTos = append(newTos, m)
}
if err = mailer.SendIssueMentionMail(ctx.Render, ctx.User, ctx.Repo.Owner,
ctx.Repo.Repository, issue, models.GetUserEmailsByNames(newTos)); err != nil {
send(500, nil, err)
return
}
}
send(200, fmt.Sprintf("%s/issues/%d", ctx.Repo.RepoLink, index), nil)
}
func Download(ctx *middleware.Context) {
var (
uri = ctx.Params("*")
refName string
ext string
archivePath string
archiveType git.ArchiveType
)
switch {
case strings.HasSuffix(uri, ".zip"):
ext = ".zip"
archivePath = path.Join(ctx.Repo.GitRepo.Path, "archives/zip")
archiveType = git.ZIP
case strings.HasSuffix(uri, ".tar.gz"):
ext = ".tar.gz"
archivePath = path.Join(ctx.Repo.GitRepo.Path, "archives/targz")
archiveType = git.TARGZ
default:
ctx.Error(404)
return
}
refName = strings.TrimSuffix(uri, ext)
if !com.IsDir(archivePath) {
if err := os.MkdirAll(archivePath, os.ModePerm); err != nil {
ctx.Handle(500, "Download -> os.MkdirAll(archivePath)", err)
return
}
}
// Get corresponding commit.
var (
commit *git.Commit
err error
)
gitRepo := ctx.Repo.GitRepo
if gitRepo.IsBranchExist(refName) {
commit, err = gitRepo.GetCommitOfBranch(refName)
if err != nil {
ctx.Handle(500, "Download", err)
return
}
} else if gitRepo.IsTagExist(refName) {
commit, err = gitRepo.GetCommitOfTag(refName)
if err != nil {
ctx.Handle(500, "Download", err)
return
}
} else if len(refName) == 40 {
commit, err = gitRepo.GetCommit(refName)
if err != nil {
ctx.Handle(404, "Download", nil)
return
}
} else {
ctx.Error(404)
return
}
archivePath = path.Join(archivePath, base.ShortSha(commit.Id.String())+ext)
if !com.IsFile(archivePath) {
if err := commit.CreateArchive(archivePath, archiveType); err != nil {
ctx.Handle(500, "Download -> CreateArchive "+archivePath, err)
return
}
}
ctx.ServeFile(archivePath, ctx.Repo.Repository.Name+"-"+base.ShortSha(commit.Id.String())+ext)
}
func SettingsPost(ctx *middleware.Context, form auth.RepoSettingForm) {
ctx.Data["Title"] = ctx.Tr("repo.settings")
ctx.Data["PageIsSettingsOptions"] = true
switch ctx.Query("action") {
case "update":
if ctx.HasError() {
ctx.HTML(200, SETTINGS_OPTIONS)
return
}
newRepoName := form.RepoName
// Check if repository name has been changed.
if ctx.Repo.Repository.Name != newRepoName {
if models.IsRepositoryExist(ctx.Repo.Owner, newRepoName) {
ctx.Data["Err_RepoName"] = true
ctx.RenderWithErr(ctx.Tr("form.repo_name_been_taken"), SETTINGS_OPTIONS, nil)
return
} else if err := models.ChangeRepositoryName(ctx.Repo.Owner.Name, ctx.Repo.Repository.Name, newRepoName); err != nil {
if err == models.ErrRepoNameIllegal {
ctx.Data["Err_RepoName"] = true
ctx.RenderWithErr(ctx.Tr("form.illegal_repo_name"), SETTINGS_OPTIONS, nil)
} else {
ctx.Handle(500, "ChangeRepositoryName", err)
}
return
}
log.Trace("Repository name changed: %s/%s -> %s", ctx.Repo.Owner.Name, ctx.Repo.Repository.Name, newRepoName)
ctx.Repo.Repository.Name = newRepoName
ctx.Repo.Repository.LowerName = strings.ToLower(newRepoName)
}
br := form.Branch
if ctx.Repo.GitRepo.IsBranchExist(br) {
ctx.Repo.Repository.DefaultBranch = br
}
ctx.Repo.Repository.Description = form.Description
ctx.Repo.Repository.Website = form.Website
visibilityChanged := ctx.Repo.Repository.IsPrivate != form.Private
ctx.Repo.Repository.IsPrivate = form.Private
if err := models.UpdateRepository(ctx.Repo.Repository, visibilityChanged); err != nil {
ctx.Handle(404, "UpdateRepository", err)
return
}
log.Trace("Repository updated: %s/%s", ctx.Repo.Owner.Name, ctx.Repo.Repository.Name)
if ctx.Repo.Repository.IsMirror {
if form.Interval > 0 {
ctx.Repo.Mirror.Interval = form.Interval
ctx.Repo.Mirror.NextUpdate = time.Now().Add(time.Duration(form.Interval) * time.Hour)
if err := models.UpdateMirror(ctx.Repo.Mirror); err != nil {
log.Error(4, "UpdateMirror: %v", err)
}
}
}
ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success"))
ctx.Redirect(fmt.Sprintf("%s/%s/%s/settings", setting.AppSubUrl, ctx.Repo.Owner.Name, ctx.Repo.Repository.Name))
case "transfer":
if ctx.Repo.Repository.Name != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil)
return
}
newOwner := ctx.Query("new_owner_name")
isExist, err := models.IsUserExist(0, newOwner)
if err != nil {
ctx.Handle(500, "IsUserExist", err)
return
} else if !isExist {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), SETTINGS_OPTIONS, nil)
return
}
if _, err = models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil {
if err == models.ErrUserNotExist {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil)
} else {
ctx.Handle(500, "UserSignIn", err)
}
return
}
if err = models.TransferOwnership(ctx.User, newOwner, ctx.Repo.Repository); err != nil {
if err == models.ErrRepoAlreadyExist {
ctx.RenderWithErr(ctx.Tr("repo.settings.new_owner_has_same_repo"), SETTINGS_OPTIONS, nil)
} else {
ctx.Handle(500, "TransferOwnership", err)
}
return
}
log.Trace("Repository transfered: %s/%s -> %s", ctx.Repo.Owner.Name, ctx.Repo.Repository.Name, newOwner)
ctx.Flash.Success(ctx.Tr("repo.settings.transfer_succeed"))
ctx.Redirect(setting.AppSubUrl + "/")
case "delete":
if ctx.Repo.Repository.Name != form.RepoName {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil)
return
}
if ctx.Repo.Owner.IsOrganization() {
if !ctx.Repo.Owner.IsOwnedBy(ctx.User.Id) {
ctx.Error(404)
return
}
}
if _, err := models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil {
if err == models.ErrUserNotExist {
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil)
} else {
ctx.Handle(500, "UserSignIn", err)
}
return
}
if err := models.DeleteRepository(ctx.Repo.Owner.Id, ctx.Repo.Repository.Id, ctx.Repo.Owner.Name); err != nil {
ctx.Handle(500, "DeleteRepository", err)
return
}
log.Trace("Repository deleted: %s/%s", ctx.Repo.Owner.Name, ctx.Repo.Repository.Name)
if ctx.Repo.Owner.IsOrganization() {
ctx.Redirect(setting.AppSubUrl + "/org/" + ctx.Repo.Owner.Name + "/dashboard")
} else {
ctx.Redirect(setting.AppSubUrl + "/")
}
}
}
