func TriggerTask(ctx *context.Context) { pusherID := ctx.QueryInt64("pusher") branch := ctx.Query("branch") secret := ctx.Query("secret") if len(branch) == 0 || len(secret) == 0 || pusherID <= 0 { ctx.Error(404) log.Trace("TriggerTask: branch or secret is empty, or pusher ID is not valid") return } owner, repo := parseOwnerAndRepo(ctx) if ctx.Written() { return } if secret != base.EncodeMD5(owner.Salt) { ctx.Error(404) log.Trace("TriggerTask [%s/%s]: invalid secret", owner.Name, repo.Name) return } pusher, err := models.GetUserByID(pusherID) if err != nil { if models.IsErrUserNotExist(err) { ctx.Error(404) } else { ctx.Handle(500, "GetUserByID", err) } return } log.Trace("TriggerTask '%s/%s' by %s", repo.Name, branch, pusher.Name) go models.HookQueue.Add(repo.ID) go models.AddTestPullRequestTask(pusher, repo.ID, branch, true) ctx.Status(202) }
func SettingsPost(ctx *middleware.Context, form auth.UpdateProfileForm) { ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsProfile"] = true if ctx.HasError() { ctx.HTML(200, SETTINGS_PROFILE) return } handlerUsernameChange(ctx, form.Name) if ctx.Written() { return } ctx.User.FullName = form.FullName ctx.User.Email = form.Email ctx.User.Website = form.Website ctx.User.Location = form.Location if len(form.Gravatar) > 0 { ctx.User.Avatar = base.EncodeMD5(form.Gravatar) ctx.User.AvatarEmail = form.Gravatar } if err := models.UpdateUser(ctx.User); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("User setting updated: %s", ctx.User.Name) ctx.Flash.Success(ctx.Tr("settings.update_profile_success")) ctx.Redirect(setting.AppSubUrl + "/user/settings") }
func SignInPost(ctx *middleware.Context, form auth.SignInForm) { ctx.Data["Title"] = ctx.Tr("sign_in") if ctx.HasError() { ctx.HTML(200, SIGNIN) return } u, err := models.UserSignIn(form.UserName, form.Password) if err != nil { if models.IsErrUserNotExist(err) { ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), SIGNIN, &form) } else { ctx.Handle(500, "UserSignIn", err) } return } if form.Remember { days := 86400 * setting.LogInRememberDays ctx.SetCookie(setting.CookieUserName, u.Name, days, setting.AppSubUrl) ctx.SetSuperSecureCookie(base.EncodeMD5(u.Rands+u.Passwd), setting.CookieRememberName, u.Name, days, setting.AppSubUrl) } ctx.Session.Set("uid", u.Id) ctx.Session.Set("uname", u.Name) if redirectTo, _ := url.QueryUnescape(ctx.GetCookie("redirect_to")); len(redirectTo) > 0 { ctx.SetCookie("redirect_to", "", -1, setting.AppSubUrl) ctx.Redirect(redirectTo) return } ctx.Redirect(setting.AppSubUrl + "/") }
func SettingsPost(ctx *middleware.Context, form auth.UpdateProfileForm) { ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsProfile"] = true if ctx.HasError() { ctx.HTML(200, SETTINGS_PROFILE) return } // Check if user name has been changed. if ctx.User.LowerName != strings.ToLower(form.Name) { if err := models.ChangeUserName(ctx.User, form.Name); err != nil { switch { case models.IsErrUserAlreadyExist(err): ctx.Flash.Error(ctx.Tr("form.name_been_taken")) ctx.Redirect(setting.AppSubUrl + "/user/settings") case models.IsErrEmailAlreadyUsed(err): ctx.Flash.Error(ctx.Tr("form.email_been_used")) ctx.Redirect(setting.AppSubUrl + "/user/settings") case models.IsErrNameReserved(err): ctx.Flash.Error(ctx.Tr("user.form.name_reserved")) ctx.Redirect(setting.AppSubUrl + "/user/settings") case models.IsErrNamePatternNotAllowed(err): ctx.Flash.Error(ctx.Tr("user.form.name_pattern_not_allowed")) ctx.Redirect(setting.AppSubUrl + "/user/settings") default: ctx.Handle(500, "ChangeUserName", err) } return } log.Trace("User name changed: %s -> %s", ctx.User.Name, form.Name) } // In case it's just a case change. ctx.User.Name = form.Name ctx.User.LowerName = strings.ToLower(form.Name) ctx.User.FullName = form.FullName ctx.User.Email = form.Email ctx.User.Website = form.Website ctx.User.Location = form.Location ctx.User.Avatar = base.EncodeMD5(form.Gravatar) ctx.User.AvatarEmail = form.Gravatar if err := models.UpdateUser(ctx.User); err != nil { ctx.Handle(500, "UpdateUser", err) return } log.Trace("User setting updated: %s", ctx.User.Name) ctx.Flash.Success(ctx.Tr("settings.update_profile_success")) ctx.Redirect(setting.AppSubUrl + "/user/settings") }
func handleUpdateTask(uuid string, user, repoUser *models.User, reponame string, isWiki bool) { task, err := models.GetUpdateTaskByUUID(uuid) if err != nil { if models.IsErrUpdateTaskNotExist(err) { log.GitLogger.Trace("No update task is presented: %s", uuid) return } log.GitLogger.Fatal(2, "GetUpdateTaskByUUID: %v", err) } else if err = models.DeleteUpdateTaskByUUID(uuid); err != nil { log.GitLogger.Fatal(2, "DeleteUpdateTaskByUUID: %v", err) } if isWiki { return } if err = models.PushUpdate(models.PushUpdateOptions{ RefName: task.RefName, OldCommitID: task.OldCommitID, NewCommitID: task.NewCommitID, PusherID: user.Id, PusherName: user.Name, RepoUserName: repoUser.Name, RepoName: reponame, }); err != nil { log.GitLogger.Error(2, "Update: %v", err) } // Ask for running deliver hook and test pull request tasks. reqURL := setting.LocalURL + repoUser.Name + "/" + reponame + "/tasks/trigger?branch=" + strings.TrimPrefix(task.RefName, "refs/heads/") + "&secret=" + base.EncodeMD5(repoUser.Salt) log.GitLogger.Trace("Trigger task: %s", reqURL) resp, err := httplib.Head(reqURL).SetTLSClientConfig(&tls.Config{ InsecureSkipVerify: true, }).Response() if err == nil { resp.Body.Close() if resp.StatusCode/100 != 2 { log.GitLogger.Error(2, "Fail to trigger task: not 2xx response code") } } else { log.GitLogger.Error(2, "Fail to trigger task: %v", err) } }
// FIXME: limit size. func UpdateAvatarSetting(ctx *context.Context, form auth.AvatarForm, ctxUser *models.User) error { ctxUser.UseCustomAvatar = form.Source == auth.AVATAR_LOCAL if len(form.Gravatar) > 0 { ctxUser.Avatar = base.EncodeMD5(form.Gravatar) ctxUser.AvatarEmail = form.Gravatar } if form.Avatar != nil { fr, err := form.Avatar.Open() if err != nil { return fmt.Errorf("Avatar.Open: %v", err) } defer fr.Close() data, err := ioutil.ReadAll(fr) if err != nil { return fmt.Errorf("ioutil.ReadAll: %v", err) } if !base.IsImageFile(data) { return errors.New(ctx.Tr("settings.uploaded_avatar_not_a_image")) } if err = ctxUser.UploadAvatar(data); err != nil { return fmt.Errorf("UploadAvatar: %v", err) } } else { // No avatar is uploaded but setting has been changed to enable, // generate a random one when needed. if ctxUser.UseCustomAvatar && !com.IsFile(ctxUser.CustomAvatarPath()) { if err := ctxUser.GenerateRandomAvatar(); err != nil { log.Error(4, "GenerateRandomAvatar[%d]: %v", ctxUser.ID, err) } } } if err := models.UpdateUser(ctxUser); err != nil { return fmt.Errorf("UpdateUser: %v", err) } return nil }
// AutoSignIn reads cookie and try to auto-login. func AutoSignIn(ctx *context.Context) (bool, error) { if !models.HasEngine { return false, nil } uname := ctx.GetCookie(setting.CookieUserName) if len(uname) == 0 { return false, nil } isSucceed := false defer func() { if !isSucceed { log.Trace("auto-login cookie cleared: %s", uname) ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubUrl) ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubUrl) } }() u, err := models.GetUserByName(uname) if err != nil { if !models.IsErrUserNotExist(err) { return false, fmt.Errorf("GetUserByName: %v", err) } return false, nil } if val, _ := ctx.GetSuperSecureCookie( base.EncodeMD5(u.Rands+u.Passwd), setting.CookieRememberName); val != u.Name { return false, nil } isSucceed = true ctx.Session.Set("uid", u.Id) ctx.Session.Set("uname", u.Name) ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubUrl) return true, nil }
func TriggerTask(ctx *middleware.Context) { branch := ctx.Query("branch") secret := ctx.Query("secret") if len(branch) == 0 || len(secret) == 0 { ctx.Error(404) log.Trace("TriggerTask: branch or secret is empty") return } owner, repo := parseOwnerAndRepo(ctx) if ctx.Written() { return } if secret != base.EncodeMD5(owner.Salt) { ctx.Error(404) log.Trace("TriggerTask [%s/%s]: invalid secret", owner.Name, repo.Name) return } log.Trace("TriggerTask [%d].(new request): %s", repo.ID, branch) go models.HookQueue.Add(repo.ID) go models.AddTestPullRequestTask(repo.ID, branch) ctx.Status(202) }