closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3103 Commits
2 Branches
178 MiB
Tree: d2808e38fe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'd2808e38fe'
${ noResults }
gitea/modules/middleware/context.go

251 lines
6.6 KiB
Raw Normal View History

move templateFuncs to one file, add middleware context.
10 years ago
Clean code
10 years ago
add csrf check
10 years ago
zip archive download
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
Add auto-login
10 years ago
fork render
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
fix import path, fix #1782
9 years ago
add cache
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
fix
10 years ago
New UI merge in progress
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
Fixed #209
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
new create webhook UI
9 years ago
rename fields
9 years ago
new create webhook UI
9 years ago
Clean code
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
New UI merge in progress
10 years ago
Convert captcha, cache, csrf as middlewares
10 years ago
New UI merge in progress
10 years ago
more APIs on #12
10 years ago
modify RepoAssignment
10 years ago
Updating context and fixing permission issues The boolean flags in the repo context have been replaced with mode and two methods Also, the permissions have been brought more in line with https://help.github.com/articles/permission-levels-for-an-organization-repository/ , Admin Team members are able to change settings of their repositories.
9 years ago
Page: `/org/:orgname/settings`
10 years ago
Finish new organization members and invitation page
10 years ago
Page: `/org/:orgname/settings`
10 years ago
Finish new organization members and invitation page
10 years ago
Finish team list, create new team, join/leave team page
10 years ago
Page: `/org/:orgname/settings`
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
able edit issue labels/milestone/assignee
9 years ago
Updating context and fixing permission issues The boolean flags in the repo context have been replaced with mode and two methods Also, the permissions have been brought more in line with https://help.github.com/articles/permission-levels-for-an-organization-repository/ , Admin Team members are able to change settings of their repositories.
9 years ago
able edit issue labels/milestone/assignee
9 years ago
Updating context and fixing permission issues The boolean flags in the repo context have been replaced with mode and two methods Also, the permissions have been brought more in line with https://help.github.com/articles/permission-levels-for-an-organization-repository/ , Admin Team members are able to change settings of their repositories.
9 years ago
Clean api code
10 years ago
Clean code
10 years ago
Clean oauth code
10 years ago
Clean code
10 years ago
UI: install - new version
9 years ago
Finish new repo settings page
10 years ago
New UI merge in progress
10 years ago
Finish new repo settings page
10 years ago
Work on admin
10 years ago
Clean code
10 years ago
New UI merge in progress
10 years ago
Add: rename repository
10 years ago
Add flash
10 years ago
Work on admin
10 years ago
Clean code
10 years ago
Clean code
10 years ago
Add router log config option
10 years ago
New UI merge in progress
10 years ago
Add router log config option
10 years ago
Add some log
10 years ago
Add router log config option
10 years ago
In progress of name template name constant
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain.
9 years ago
UI: install - new version
9 years ago
Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain.
9 years ago
fix import path, fix #1782
9 years ago
Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain.
9 years ago
unified API error response
9 years ago
routers: able to migrate repo from local path - modules/middleware/context.go: add HandleAPI method
9 years ago
unified API error response
9 years ago
routers: able to migrate repo from local path - modules/middleware/context.go: add HandleAPI method
9 years ago
unified API error response
9 years ago
routers: able to migrate repo from local path - modules/middleware/context.go: add HandleAPI method
9 years ago
zip archive download
10 years ago
New UI merge in progress
10 years ago
Fix API broken
10 years ago
Work on form resubmit
10 years ago
New UI merge in progress
10 years ago
Convert captcha, cache, csrf as middlewares
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
New UI merge in progress
10 years ago
Convert captcha, cache, csrf as middlewares
10 years ago
New UI merge in progress
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
New UI merge in progress
10 years ago
save custom avatar as PNG
9 years ago
Work on form resubmit
10 years ago
New UI merge in progress
10 years ago
update session
10 years ago
Show owner/poster tags of comments and fix #1312
9 years ago
move templateFuncs to one file, add middleware context.
10 years ago
#842 able to use access token replace basic auth
9 years ago
work on #609
10 years ago
New UI merge in progress
10 years ago
able edit issue title
9 years ago
Fix #605, fix #255, fix #101
10 years ago
Work on admin
10 years ago
Fix #605, fix #255, fix #101
10 years ago
able edit issue title
9 years ago
Fix #605, fix #255, fix #101
10 years ago
fix context
10 years ago
move templateFuncs to one file, add middleware context.
10 years ago
Add file upload for attachments
10 years ago
New UI merge in progress
10 years ago
Add file upload for attachments
10 years ago
Convert captcha, cache, csrf as middlewares
10 years ago
fork render
10 years ago
code fix for #908, and work for #884
9 years ago
#1080: Remove footer ads/branding from default template
9 years ago
code fix for #908, and work for #884
9 years ago
move templateFuncs to one file, add middleware context.
10 years ago
 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package middleware
  6. 

  7. import (
  8. 	"fmt"
  9. 	"html/template"
  10. 	"io"
  11. 	"net/http"
  12. 	"strings"
  13. 	"time"
  14. 

  15. 	"github.com/go-macaron/cache"
  16. 	"github.com/go-macaron/csrf"
  17. 	"github.com/go-macaron/i18n"
  18. 	"github.com/go-macaron/session"
  19. 	"gopkg.in/macaron.v1"
  20. 

  21. 	"github.com/gogits/gogs/models"
  22. 	"github.com/gogits/gogs/modules/auth"
  23. 	"github.com/gogits/gogs/modules/base"
  24. 	"github.com/gogits/gogs/modules/git"
  25. 	"github.com/gogits/gogs/modules/log"
  26. 	"github.com/gogits/gogs/modules/setting"
  27. )
  28. 

  29. type RepoContext struct {
  30. 	AccessMode   models.AccessMode
  31. 	IsWatching   bool
  32. 	IsBranch     bool
  33. 	IsTag        bool
  34. 	IsCommit     bool
  35. 	Repository   *models.Repository
  36. 	Owner        *models.User
  37. 	Commit       *git.Commit
  38. 	Tag          *git.Tag
  39. 	GitRepo      *git.Repository
  40. 	BranchName   string
  41. 	TagName      string
  42. 	TreeName     string
  43. 	CommitID     string
  44. 	RepoLink     string
  45. 	CloneLink    models.CloneLink
  46. 	CommitsCount int
  47. 	Mirror       *models.Mirror
  48. }
  49. 

  50. // Context represents context of a request.

  51. type Context struct {
  52. 	*macaron.Context
  53. 	Cache   cache.Cache
  54. 	csrf    csrf.CSRF
  55. 	Flash   *session.Flash
  56. 	Session session.Store
  57. 

  58. 	User        *models.User
  59. 	IsSigned    bool
  60. 	IsBasicAuth bool
  61. 

  62. 	Repo RepoContext
  63. 

  64. 	Org struct {
  65. 		IsOwner      bool
  66. 		IsMember     bool
  67. 		IsAdminTeam  bool // In owner team or team that has admin permission level.

  68. 		Organization *models.User
  69. 		OrgLink      string
  70. 

  71. 		Team *models.Team
  72. 	}
  73. }
  74. 

  75. // IsOwner returns true if current user is the owner of repository.

  76. func (r RepoContext) IsOwner() bool {
  77. 	return r.AccessMode >= models.ACCESS_MODE_OWNER
  78. }
  79. 

  80. // IsAdmin returns true if current user has admin or higher access of repository.

  81. func (r RepoContext) IsAdmin() bool {
  82. 	return r.AccessMode >= models.ACCESS_MODE_ADMIN
  83. }
  84. 

  85. // Return if the current user has read access for this repository

  86. func (r RepoContext) HasAccess() bool {
  87. 	return r.AccessMode >= models.ACCESS_MODE_READ
  88. }
  89. 

  90. // HasError returns true if error occurs in form validation.

  91. func (ctx *Context) HasApiError() bool {
  92. 	hasErr, ok := ctx.Data["HasError"]
  93. 	if !ok {
  94. 		return false
  95. 	}
  96. 	return hasErr.(bool)
  97. }
  98. 

  99. func (ctx *Context) GetErrMsg() string {
  100. 	return ctx.Data["ErrorMsg"].(string)
  101. }
  102. 

  103. // HasError returns true if error occurs in form validation.

  104. func (ctx *Context) HasError() bool {
  105. 	hasErr, ok := ctx.Data["HasError"]
  106. 	if !ok {
  107. 		return false
  108. 	}
  109. 	ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
  110. 	ctx.Data["Flash"] = ctx.Flash
  111. 	return hasErr.(bool)
  112. }
  113. 

  114. // HasValue returns true if value of given name exists.

  115. func (ctx *Context) HasValue(name string) bool {
  116. 	_, ok := ctx.Data[name]
  117. 	return ok
  118. }
  119. 

  120. // HTML calls Context.HTML and converts template name to string.

  121. func (ctx *Context) HTML(status int, name base.TplName) {
  122. 	ctx.Context.HTML(status, string(name))
  123. }
  124. 

  125. // RenderWithErr used for page has form validation but need to prompt error to users.

  126. func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {
  127. 	if form != nil {
  128. 		auth.AssignForm(form, ctx.Data)
  129. 	}
  130. 	ctx.Flash.ErrorMsg = msg
  131. 	ctx.Data["Flash"] = ctx.Flash
  132. 	ctx.HTML(200, tpl)
  133. }
  134. 

  135. // Handle handles and logs error by given status.

  136. func (ctx *Context) Handle(status int, title string, err error) {
  137. 	if err != nil {
  138. 		log.Error(4, "%s: %v", title, err)
  139. 		if macaron.Env != macaron.PROD {
  140. 			ctx.Data["ErrorMsg"] = err
  141. 		}
  142. 	}
  143. 

  144. 	switch status {
  145. 	case 404:
  146. 		ctx.Data["Title"] = "Page Not Found"
  147. 	case 500:
  148. 		ctx.Data["Title"] = "Internal Server Error"
  149. 	}
  150. 	ctx.HTML(status, base.TplName(fmt.Sprintf("status/%d", status)))
  151. }
  152. 

  153. func (ctx *Context) HandleText(status int, title string) {
  154. 	if (status/100 == 4) || (status/100 == 5) {
  155. 		log.Error(4, "%s", title)
  156. 	}
  157. 	ctx.PlainText(status, []byte(title))
  158. }
  159. 

  160. // APIError logs error with title if status is 500.

  161. func (ctx *Context) APIError(status int, title string, obj interface{}) {
  162. 	var message string
  163. 	if err, ok := obj.(error); ok {
  164. 		message = err.Error()
  165. 	} else {
  166. 		message = obj.(string)
  167. 	}
  168. 

  169. 	if status == 500 {
  170. 		log.Error(4, "%s: %s", title, message)
  171. 	}
  172. 

  173. 	ctx.JSON(status, map[string]string{
  174. 		"message": message,
  175. 		"url":     base.DOC_URL,
  176. 	})
  177. }
  178. 

  179. func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {
  180. 	modtime := time.Now()
  181. 	for _, p := range params {
  182. 		switch v := p.(type) {
  183. 		case time.Time:
  184. 			modtime = v
  185. 		}
  186. 	}
  187. 	ctx.Resp.Header().Set("Content-Description", "File Transfer")
  188. 	ctx.Resp.Header().Set("Content-Type", "application/octet-stream")
  189. 	ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)
  190. 	ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")
  191. 	ctx.Resp.Header().Set("Expires", "0")
  192. 	ctx.Resp.Header().Set("Cache-Control", "must-revalidate")
  193. 	ctx.Resp.Header().Set("Pragma", "public")
  194. 	http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r)
  195. }
  196. 

  197. // Contexter initializes a classic context for a request.

  198. func Contexter() macaron.Handler {
  199. 	return func(c *macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f *session.Flash, x csrf.CSRF) {
  200. 		ctx := &Context{
  201. 			Context: c,
  202. 			Cache:   cache,
  203. 			csrf:    x,
  204. 			Flash:   f,
  205. 			Session: sess,
  206. 		}
  207. 		// Compute current URL for real-time change language.

  208. 		ctx.Data["Link"] = setting.AppSubUrl + strings.TrimSuffix(ctx.Req.URL.Path, "/")
  209. 

  210. 		ctx.Data["PageStartTime"] = time.Now()
  211. 

  212. 		// Check auto-signin.

  213. 		if sess.Get("uid") == nil {
  214. 			if _, err := AutoSignIn(ctx); err != nil {
  215. 				ctx.Handle(500, "AutoSignIn", err)
  216. 				return
  217. 			}
  218. 		}
  219. 

  220. 		// Get user from session if logined.

  221. 		ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)
  222. 

  223. 		if ctx.User != nil {
  224. 			ctx.IsSigned = true
  225. 			ctx.Data["IsSigned"] = ctx.IsSigned
  226. 			ctx.Data["SignedUser"] = ctx.User
  227. 			ctx.Data["SignedUserID"] = ctx.User.Id
  228. 			ctx.Data["SignedUserName"] = ctx.User.Name
  229. 			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
  230. 		} else {
  231. 			ctx.Data["SignedUserID"] = 0
  232. 			ctx.Data["SignedUserName"] = ""
  233. 		}
  234. 

  235. 		// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.

  236. 		if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
  237. 			if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size

  238. 				ctx.Handle(500, "ParseMultipartForm", err)
  239. 				return
  240. 			}
  241. 		}
  242. 

  243. 		ctx.Data["CsrfToken"] = x.GetToken()
  244. 		ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + x.GetToken() + `">`)
  245. 

  246. 		ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton
  247. 		ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding
  248. 

  249. 		c.Map(ctx)
  250. 	}
  251. }