2019-04-17 16:06:35 +00:00
|
|
|
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
2022-11-27 18:20:29 +00:00
|
|
|
|
// SPDX-License-Identifier: MIT
|
2019-04-17 16:06:35 +00:00
|
|
|
|
|
2021-11-24 07:56:24 +00:00
|
|
|
|
package files
|
2019-04-17 16:06:35 +00:00
|
|
|
|
|
|
|
|
|
import (
|
2019-04-26 12:00:30 +00:00
|
|
|
|
"bytes"
|
2022-01-19 23:26:57 +00:00
|
|
|
|
"context"
|
2019-04-17 16:06:35 +00:00
|
|
|
|
"fmt"
|
|
|
|
|
"path"
|
|
|
|
|
"strings"
|
2019-12-24 02:33:52 +00:00
|
|
|
|
"time"
|
2019-04-17 16:06:35 +00:00
|
|
|
|
|
|
|
|
|
"code.gitea.io/gitea/models"
|
2023-01-09 03:50:54 +00:00
|
|
|
|
"code.gitea.io/gitea/models/db"
|
2022-06-12 15:51:54 +00:00
|
|
|
|
git_model "code.gitea.io/gitea/models/git"
|
2021-12-10 01:27:50 +00:00
|
|
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
2021-11-24 09:49:20 +00:00
|
|
|
|
user_model "code.gitea.io/gitea/models/user"
|
2019-08-15 12:07:28 +00:00
|
|
|
|
"code.gitea.io/gitea/modules/charset"
|
2019-04-17 16:06:35 +00:00
|
|
|
|
"code.gitea.io/gitea/modules/git"
|
|
|
|
|
"code.gitea.io/gitea/modules/lfs"
|
2019-04-26 12:00:30 +00:00
|
|
|
|
"code.gitea.io/gitea/modules/log"
|
2019-04-17 16:06:35 +00:00
|
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2019-05-11 10:21:34 +00:00
|
|
|
|
"code.gitea.io/gitea/modules/structs"
|
2021-10-24 21:12:43 +00:00
|
|
|
|
"code.gitea.io/gitea/modules/util"
|
2021-12-10 08:14:24 +00:00
|
|
|
|
asymkey_service "code.gitea.io/gitea/services/asymkey"
|
2019-08-15 12:07:28 +00:00
|
|
|
|
|
|
|
|
|
stdcharset "golang.org/x/net/html/charset"
|
|
|
|
|
"golang.org/x/text/transform"
|
2019-04-17 16:06:35 +00:00
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// IdentityOptions for a person's identity like an author or committer
|
|
|
|
|
type IdentityOptions struct {
|
|
|
|
|
Name string
|
|
|
|
|
Email string
|
|
|
|
|
}
|
|
|
|
|
|
2019-12-24 02:33:52 +00:00
|
|
|
|
// CommitDateOptions store dates for GIT_AUTHOR_DATE and GIT_COMMITTER_DATE
|
|
|
|
|
type CommitDateOptions struct {
|
|
|
|
|
Author time.Time
|
|
|
|
|
Committer time.Time
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-17 16:06:35 +00:00
|
|
|
|
// UpdateRepoFileOptions holds the repository file update options
|
|
|
|
|
type UpdateRepoFileOptions struct {
|
|
|
|
|
LastCommitID string
|
|
|
|
|
OldBranch string
|
|
|
|
|
NewBranch string
|
|
|
|
|
TreePath string
|
|
|
|
|
FromTreePath string
|
|
|
|
|
Message string
|
|
|
|
|
Content string
|
|
|
|
|
SHA string
|
|
|
|
|
IsNewFile bool
|
|
|
|
|
Author *IdentityOptions
|
|
|
|
|
Committer *IdentityOptions
|
2019-12-24 02:33:52 +00:00
|
|
|
|
Dates *CommitDateOptions
|
2021-01-29 08:57:45 +00:00
|
|
|
|
Signoff bool
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
2021-12-10 01:27:50 +00:00
|
|
|
|
func detectEncodingAndBOM(entry *git.TreeEntry, repo *repo_model.Repository) (string, bool) {
|
2019-04-26 12:00:30 +00:00
|
|
|
|
reader, err := entry.Blob().DataAsync()
|
|
|
|
|
if err != nil {
|
|
|
|
|
// return default
|
|
|
|
|
return "UTF-8", false
|
|
|
|
|
}
|
|
|
|
|
defer reader.Close()
|
|
|
|
|
buf := make([]byte, 1024)
|
2021-10-24 21:12:43 +00:00
|
|
|
|
n, err := util.ReadAtMost(reader, buf)
|
2019-04-26 12:00:30 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
// return default
|
|
|
|
|
return "UTF-8", false
|
|
|
|
|
}
|
|
|
|
|
buf = buf[:n]
|
|
|
|
|
|
|
|
|
|
if setting.LFS.StartServer {
|
2021-04-08 22:25:57 +00:00
|
|
|
|
pointer, _ := lfs.ReadPointerFromBuffer(buf)
|
|
|
|
|
if pointer.IsValid() {
|
2023-01-09 03:50:54 +00:00
|
|
|
|
meta, err := git_model.GetLFSMetaObjectByOid(db.DefaultContext, repo.ID, pointer.Oid)
|
2022-06-12 15:51:54 +00:00
|
|
|
|
if err != nil && err != git_model.ErrLFSObjectNotExist {
|
2019-04-26 12:00:30 +00:00
|
|
|
|
// return default
|
|
|
|
|
return "UTF-8", false
|
|
|
|
|
}
|
2021-04-08 22:25:57 +00:00
|
|
|
|
if meta != nil {
|
|
|
|
|
dataRc, err := lfs.ReadMetaObject(pointer)
|
|
|
|
|
if err != nil {
|
|
|
|
|
// return default
|
|
|
|
|
return "UTF-8", false
|
|
|
|
|
}
|
|
|
|
|
defer dataRc.Close()
|
|
|
|
|
buf = make([]byte, 1024)
|
2021-10-24 21:12:43 +00:00
|
|
|
|
n, err = util.ReadAtMost(dataRc, buf)
|
2021-04-08 22:25:57 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
// return default
|
|
|
|
|
return "UTF-8", false
|
|
|
|
|
}
|
|
|
|
|
buf = buf[:n]
|
2019-04-26 12:00:30 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-08-15 12:07:28 +00:00
|
|
|
|
encoding, err := charset.DetectEncoding(buf)
|
2019-04-26 12:00:30 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
// just default to utf-8 and no bom
|
|
|
|
|
return "UTF-8", false
|
|
|
|
|
}
|
|
|
|
|
if encoding == "UTF-8" {
|
2019-08-15 12:07:28 +00:00
|
|
|
|
return encoding, bytes.Equal(buf[0:3], charset.UTF8BOM)
|
2019-04-26 12:00:30 +00:00
|
|
|
|
}
|
2019-08-15 12:07:28 +00:00
|
|
|
|
charsetEncoding, _ := stdcharset.Lookup(encoding)
|
2019-04-26 12:00:30 +00:00
|
|
|
|
if charsetEncoding == nil {
|
|
|
|
|
return "UTF-8", false
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
result, n, err := transform.String(charsetEncoding.NewDecoder(), string(buf))
|
2019-06-12 19:41:28 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
// return default
|
|
|
|
|
return "UTF-8", false
|
|
|
|
|
}
|
2019-04-26 12:00:30 +00:00
|
|
|
|
|
|
|
|
|
if n > 2 {
|
2019-08-15 12:07:28 +00:00
|
|
|
|
return encoding, bytes.Equal([]byte(result)[0:3], charset.UTF8BOM)
|
2019-04-26 12:00:30 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return encoding, false
|
|
|
|
|
}
|
|
|
|
|
|
2019-04-17 16:06:35 +00:00
|
|
|
|
// CreateOrUpdateRepoFile adds or updates a file in the given repository
|
2022-01-19 23:26:57 +00:00
|
|
|
|
func CreateOrUpdateRepoFile(ctx context.Context, repo *repo_model.Repository, doer *user_model.User, opts *UpdateRepoFileOptions) (*structs.FileResponse, error) {
|
2020-10-13 18:50:57 +00:00
|
|
|
|
// If no branch name is set, assume default branch
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if opts.OldBranch == "" {
|
|
|
|
|
opts.OldBranch = repo.DefaultBranch
|
|
|
|
|
}
|
|
|
|
|
if opts.NewBranch == "" {
|
|
|
|
|
opts.NewBranch = opts.OldBranch
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-19 23:26:57 +00:00
|
|
|
|
gitRepo, closer, err := git.RepositoryFromContextOrOpen(ctx, repo.RepoPath())
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
defer closer.Close()
|
|
|
|
|
|
2019-04-17 16:06:35 +00:00
|
|
|
|
// oldBranch must exist for this operation
|
2022-03-28 19:48:41 +00:00
|
|
|
|
if _, err := gitRepo.GetBranch(opts.OldBranch); err != nil && !repo.IsEmpty {
|
2019-04-17 16:06:35 +00:00
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// A NewBranch can be specified for the file to be created/updated in a new branch.
|
|
|
|
|
// Check to make sure the branch does not already exist, otherwise we can't proceed.
|
|
|
|
|
// If we aren't branching to a new branch, make sure user can commit to the given branch
|
|
|
|
|
if opts.NewBranch != opts.OldBranch {
|
2022-01-19 23:26:57 +00:00
|
|
|
|
existingBranch, err := gitRepo.GetBranch(opts.NewBranch)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if existingBranch != nil {
|
|
|
|
|
return nil, models.ErrBranchAlreadyExists{
|
|
|
|
|
BranchName: opts.NewBranch,
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-04-19 12:17:27 +00:00
|
|
|
|
if err != nil && !git.IsErrBranchNotExist(err) {
|
2019-04-17 16:06:35 +00:00
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2022-01-19 23:26:57 +00:00
|
|
|
|
} else if err := VerifyBranchProtection(ctx, repo, doer, opts.OldBranch, opts.TreePath); err != nil {
|
2021-09-11 14:21:17 +00:00
|
|
|
|
return nil, err
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// If FromTreePath is not set, set it to the opts.TreePath
|
|
|
|
|
if opts.TreePath != "" && opts.FromTreePath == "" {
|
|
|
|
|
opts.FromTreePath = opts.TreePath
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check that the path given in opts.treePath is valid (not a git path)
|
|
|
|
|
treePath := CleanUploadFileName(opts.TreePath)
|
|
|
|
|
if treePath == "" {
|
|
|
|
|
return nil, models.ErrFilenameInvalid{
|
|
|
|
|
Path: opts.TreePath,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// If there is a fromTreePath (we are copying it), also clean it up
|
|
|
|
|
fromTreePath := CleanUploadFileName(opts.FromTreePath)
|
|
|
|
|
if fromTreePath == "" && opts.FromTreePath != "" {
|
|
|
|
|
return nil, models.ErrFilenameInvalid{
|
|
|
|
|
Path: opts.FromTreePath,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
message := strings.TrimSpace(opts.Message)
|
|
|
|
|
|
2019-12-09 13:11:24 +00:00
|
|
|
|
author, committer := GetAuthorAndCommitterUsers(opts.Author, opts.Committer, doer)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
|
2022-01-19 23:26:57 +00:00
|
|
|
|
t, err := NewTemporaryUploadRepository(ctx, repo)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if err != nil {
|
2019-06-12 19:41:28 +00:00
|
|
|
|
log.Error("%v", err)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2019-06-12 19:41:28 +00:00
|
|
|
|
defer t.Close()
|
2022-03-28 19:48:41 +00:00
|
|
|
|
hasOldBranch := true
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if err := t.Clone(opts.OldBranch); err != nil {
|
2022-03-28 19:48:41 +00:00
|
|
|
|
if !git.IsErrBranchNotExist(err) || !repo.IsEmpty {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if err := t.Init(); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
hasOldBranch = false
|
|
|
|
|
opts.LastCommitID = ""
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2022-03-28 19:48:41 +00:00
|
|
|
|
if hasOldBranch {
|
|
|
|
|
if err := t.SetDefaultIndex(); err != nil {
|
|
|
|
|
return nil, err
|
2019-08-05 20:39:39 +00:00
|
|
|
|
}
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
2019-04-26 12:00:30 +00:00
|
|
|
|
encoding := "UTF-8"
|
|
|
|
|
bom := false
|
2020-03-04 23:46:12 +00:00
|
|
|
|
executable := false
|
2019-04-26 12:00:30 +00:00
|
|
|
|
|
2022-03-28 19:48:41 +00:00
|
|
|
|
if hasOldBranch {
|
|
|
|
|
// Get the commit of the original branch
|
|
|
|
|
commit, err := t.GetBranchCommit(opts.OldBranch)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if err != nil {
|
2022-03-28 19:48:41 +00:00
|
|
|
|
return nil, err // Couldn't get a commit for the branch
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2022-03-28 19:48:41 +00:00
|
|
|
|
|
|
|
|
|
// Assigned LastCommitID in opts if it hasn't been set
|
|
|
|
|
if opts.LastCommitID == "" {
|
|
|
|
|
opts.LastCommitID = commit.ID.String()
|
|
|
|
|
} else {
|
|
|
|
|
lastCommitID, err := t.gitRepo.ConvertToSHA1(opts.LastCommitID)
|
|
|
|
|
if err != nil {
|
2022-10-24 19:29:17 +00:00
|
|
|
|
return nil, fmt.Errorf("ConvertToSHA1: Invalid last commit ID: %w", err)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2022-03-28 19:48:41 +00:00
|
|
|
|
opts.LastCommitID = lastCommitID.String()
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if !opts.IsNewFile {
|
|
|
|
|
fromEntry, err := commit.GetTreeEntryByPath(fromTreePath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if opts.SHA != "" {
|
|
|
|
|
// If a SHA was given and the SHA given doesn't match the SHA of the fromTreePath, throw error
|
|
|
|
|
if opts.SHA != fromEntry.ID.String() {
|
|
|
|
|
return nil, models.ErrSHADoesNotMatch{
|
|
|
|
|
Path: treePath,
|
|
|
|
|
GivenSHA: opts.SHA,
|
|
|
|
|
CurrentSHA: fromEntry.ID.String(),
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else if opts.LastCommitID != "" {
|
|
|
|
|
// If a lastCommitID was given and it doesn't match the commitID of the head of the branch throw
|
|
|
|
|
// an error, but only if we aren't creating a new branch.
|
|
|
|
|
if commit.ID.String() != opts.LastCommitID && opts.OldBranch == opts.NewBranch {
|
|
|
|
|
if changed, err := commit.FileChangedSinceCommit(treePath, opts.LastCommitID); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
} else if changed {
|
|
|
|
|
return nil, models.ErrCommitIDDoesNotMatch{
|
|
|
|
|
GivenCommitID: opts.LastCommitID,
|
|
|
|
|
CurrentCommitID: opts.LastCommitID,
|
|
|
|
|
}
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2022-03-28 19:48:41 +00:00
|
|
|
|
// The file wasn't modified, so we are good to delete it
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2022-03-28 19:48:41 +00:00
|
|
|
|
} else {
|
|
|
|
|
// When updating a file, a lastCommitID or SHA needs to be given to make sure other commits
|
|
|
|
|
// haven't been made. We throw an error if one wasn't provided.
|
|
|
|
|
return nil, models.ErrSHAOrCommitIDNotProvided{}
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2022-03-28 19:48:41 +00:00
|
|
|
|
encoding, bom = detectEncodingAndBOM(fromEntry, repo)
|
|
|
|
|
executable = fromEntry.IsExecutable()
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2022-03-28 19:48:41 +00:00
|
|
|
|
|
|
|
|
|
// For the path where this file will be created/updated, we need to make
|
|
|
|
|
// sure no parts of the path are existing files or links except for the last
|
|
|
|
|
// item in the path which is the file name, and that shouldn't exist IF it is
|
|
|
|
|
// a new file OR is being moved to a new path.
|
|
|
|
|
treePathParts := strings.Split(treePath, "/")
|
|
|
|
|
subTreePath := ""
|
|
|
|
|
for index, part := range treePathParts {
|
|
|
|
|
subTreePath = path.Join(subTreePath, part)
|
|
|
|
|
entry, err := commit.GetTreeEntryByPath(subTreePath)
|
|
|
|
|
if err != nil {
|
|
|
|
|
if git.IsErrNotExist(err) {
|
|
|
|
|
// Means there is no item with that name, so we're good
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
return nil, err
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
2022-03-28 19:48:41 +00:00
|
|
|
|
if index < len(treePathParts)-1 {
|
|
|
|
|
if !entry.IsDir() {
|
|
|
|
|
return nil, models.ErrFilePathInvalid{
|
|
|
|
|
Message: fmt.Sprintf("a file exists where you’re trying to create a subdirectory [path: %s]", subTreePath),
|
|
|
|
|
Path: subTreePath,
|
|
|
|
|
Name: part,
|
|
|
|
|
Type: git.EntryModeBlob,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
} else if entry.IsLink() {
|
2019-04-17 16:06:35 +00:00
|
|
|
|
return nil, models.ErrFilePathInvalid{
|
2022-03-28 19:48:41 +00:00
|
|
|
|
Message: fmt.Sprintf("a symbolic link exists where you’re trying to create a subdirectory [path: %s]", subTreePath),
|
2019-04-17 16:06:35 +00:00
|
|
|
|
Path: subTreePath,
|
|
|
|
|
Name: part,
|
2022-03-28 19:48:41 +00:00
|
|
|
|
Type: git.EntryModeSymlink,
|
|
|
|
|
}
|
|
|
|
|
} else if entry.IsDir() {
|
|
|
|
|
return nil, models.ErrFilePathInvalid{
|
|
|
|
|
Message: fmt.Sprintf("a directory exists where you’re trying to create a file [path: %s]", subTreePath),
|
|
|
|
|
Path: subTreePath,
|
|
|
|
|
Name: part,
|
|
|
|
|
Type: git.EntryModeTree,
|
|
|
|
|
}
|
|
|
|
|
} else if fromTreePath != treePath || opts.IsNewFile {
|
|
|
|
|
// The entry shouldn't exist if we are creating new file or moving to a new path
|
|
|
|
|
return nil, models.ErrRepoFileAlreadyExists{
|
|
|
|
|
Path: treePath,
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-28 19:48:41 +00:00
|
|
|
|
}
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get the two paths (might be the same if not moving) from the index if they exist
|
|
|
|
|
filesInIndex, err := t.LsFiles(opts.TreePath, opts.FromTreePath)
|
|
|
|
|
if err != nil {
|
2022-10-24 19:29:17 +00:00
|
|
|
|
return nil, fmt.Errorf("UpdateRepoFile: %w", err)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
|
|
|
|
// If is a new file (not updating) then the given path shouldn't exist
|
|
|
|
|
if opts.IsNewFile {
|
|
|
|
|
for _, file := range filesInIndex {
|
|
|
|
|
if file == opts.TreePath {
|
|
|
|
|
return nil, models.ErrRepoFileAlreadyExists{
|
|
|
|
|
Path: opts.TreePath,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Remove the old path from the tree
|
|
|
|
|
if fromTreePath != treePath && len(filesInIndex) > 0 {
|
|
|
|
|
for _, file := range filesInIndex {
|
|
|
|
|
if file == fromTreePath {
|
|
|
|
|
if err := t.RemoveFilesFromIndex(opts.FromTreePath); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
content := opts.Content
|
2019-04-26 12:00:30 +00:00
|
|
|
|
if bom {
|
2019-08-15 12:07:28 +00:00
|
|
|
|
content = string(charset.UTF8BOM) + content
|
2019-04-26 12:00:30 +00:00
|
|
|
|
}
|
|
|
|
|
if encoding != "UTF-8" {
|
2019-08-15 12:07:28 +00:00
|
|
|
|
charsetEncoding, _ := stdcharset.Lookup(encoding)
|
2019-04-26 12:00:30 +00:00
|
|
|
|
if charsetEncoding != nil {
|
2019-07-23 18:50:39 +00:00
|
|
|
|
result, _, err := transform.String(charsetEncoding.NewEncoder(), content)
|
2019-04-26 12:00:30 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
// Look if we can't encode back in to the original we should just stick with utf-8
|
|
|
|
|
log.Error("Error re-encoding %s (%s) as %s - will stay as UTF-8: %v", opts.TreePath, opts.FromTreePath, encoding, err)
|
|
|
|
|
result = content
|
|
|
|
|
}
|
|
|
|
|
content = result
|
|
|
|
|
} else {
|
|
|
|
|
log.Error("Unknown encoding: %s", encoding)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// Reset the opts.Content to our adjusted content to ensure that LFS gets the correct content
|
|
|
|
|
opts.Content = content
|
2022-06-12 15:51:54 +00:00
|
|
|
|
var lfsMetaObject *git_model.LFSMetaObject
|
2019-04-17 16:06:35 +00:00
|
|
|
|
|
2022-03-28 19:48:41 +00:00
|
|
|
|
if setting.LFS.StartServer && hasOldBranch {
|
2019-10-12 00:13:27 +00:00
|
|
|
|
// Check there is no way this can return multiple infos
|
2021-03-01 12:14:17 +00:00
|
|
|
|
filename2attribute2info, err := t.gitRepo.CheckAttribute(git.CheckAttributeOpts{
|
Refactor git command package to improve security and maintainability (#22678)
This PR follows #21535 (and replace #22592)
## Review without space diff
https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1
## Purpose of this PR
1. Make git module command completely safe (risky user inputs won't be
passed as argument option anymore)
2. Avoid low-level mistakes like
https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918
3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg`
type
4. Simplify code when using git command
## The main idea of this PR
* Move the `git.CmdArg` to the `internal` package, then no other package
except `git` could use it. Then developers could never do
`AddArguments(git.CmdArg(userInput))` any more.
* Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already
trusted arguments. It's only used in a few cases, for example: use git
arguments from config file, help unit test with some arguments.
* Introduce `AddOptionValues` and `AddOptionFormat`, they make code more
clear and simple:
* Before: `AddArguments("-m").AddDynamicArguments(message)`
* After: `AddOptionValues("-m", message)`
* -
* Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'",
sig.Name, sig.Email)))`
* After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)`
## FAQ
### Why these changes were not done in #21535 ?
#21535 is mainly a search&replace, it did its best to not change too
much logic.
Making the framework better needs a lot of changes, so this separate PR
is needed as the second step.
### The naming of `AddOptionXxx`
According to git's manual, the `--xxx` part is called `option`.
### How can it guarantee that `internal.CmdArg` won't be not misused?
Go's specification guarantees that. Trying to access other package's
internal package causes compilation error.
And, `golangci-lint` also denies the git/internal package. Only the
`git/command.go` can use it carefully.
### There is still a `ToTrustedCmdArgs`, will it still allow developers
to make mistakes and pass untrusted arguments?
Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code
will be very complex (see the changes for examples). Then developers and
reviewers can know that something might be unreasonable.
### Why there was a `CmdArgCheck` and why it's removed?
At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck`
was introduced as a hacky patch. Now, almost all code could be written
as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for
`CmdArgCheck` anymore.
### Why many codes for `signArg == ""` is deleted?
Because in the old code, `signArg` could never be empty string, it's
either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just
dead code.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 02:30:43 +00:00
|
|
|
|
Attributes: []string{"filter"},
|
2021-03-01 12:14:17 +00:00
|
|
|
|
Filenames: []string{treePath},
|
2022-01-18 07:44:30 +00:00
|
|
|
|
CachedOnly: true,
|
2021-03-01 12:14:17 +00:00
|
|
|
|
})
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2019-10-12 00:13:27 +00:00
|
|
|
|
if filename2attribute2info[treePath] != nil && filename2attribute2info[treePath]["filter"] == "lfs" {
|
|
|
|
|
// OK so we are supposed to LFS this data!
|
2021-04-08 22:25:57 +00:00
|
|
|
|
pointer, err := lfs.GeneratePointer(strings.NewReader(opts.Content))
|
2019-10-12 00:13:27 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2022-06-12 15:51:54 +00:00
|
|
|
|
lfsMetaObject = &git_model.LFSMetaObject{Pointer: pointer, RepositoryID: repo.ID}
|
2021-04-08 22:25:57 +00:00
|
|
|
|
content = pointer.StringContent()
|
2019-10-12 00:13:27 +00:00
|
|
|
|
}
|
|
|
|
|
}
|
2019-04-17 16:06:35 +00:00
|
|
|
|
// Add the object to the database
|
|
|
|
|
objectHash, err := t.HashObject(strings.NewReader(content))
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Add the object to the index
|
2020-03-04 23:46:12 +00:00
|
|
|
|
if executable {
|
|
|
|
|
if err := t.AddObjectToIndex("100755", objectHash, treePath); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if err := t.AddObjectToIndex("100644", objectHash, treePath); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Now write the tree
|
|
|
|
|
treeHash, err := t.WriteTree()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Now commit the tree
|
2019-12-24 02:33:52 +00:00
|
|
|
|
var commitHash string
|
|
|
|
|
if opts.Dates != nil {
|
2022-03-28 19:48:41 +00:00
|
|
|
|
commitHash, err = t.CommitTreeWithDate(opts.LastCommitID, author, committer, treeHash, message, opts.Signoff, opts.Dates.Author, opts.Dates.Committer)
|
2019-12-24 02:33:52 +00:00
|
|
|
|
} else {
|
2022-03-28 19:48:41 +00:00
|
|
|
|
commitHash, err = t.CommitTree(opts.LastCommitID, author, committer, treeHash, message, opts.Signoff)
|
2019-12-24 02:33:52 +00:00
|
|
|
|
}
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if lfsMetaObject != nil {
|
|
|
|
|
// We have an LFS object - create it
|
2023-01-09 03:50:54 +00:00
|
|
|
|
lfsMetaObject, err = git_model.NewLFSMetaObject(ctx, lfsMetaObject)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
2021-04-08 22:25:57 +00:00
|
|
|
|
contentStore := lfs.NewContentStore()
|
|
|
|
|
exist, err := contentStore.Exists(lfsMetaObject.Pointer)
|
2020-09-08 15:45:10 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if !exist {
|
2021-04-08 22:25:57 +00:00
|
|
|
|
if err := contentStore.Put(lfsMetaObject.Pointer, strings.NewReader(opts.Content)); err != nil {
|
2023-01-09 03:50:54 +00:00
|
|
|
|
if _, err2 := git_model.RemoveLFSMetaObjectByOid(ctx, repo.ID, lfsMetaObject.Oid); err2 != nil {
|
2022-10-24 19:29:17 +00:00
|
|
|
|
return nil, fmt.Errorf("Error whilst removing failed inserted LFS object %s: %v (Prev Error: %w)", lfsMetaObject.Oid, err2, err)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
}
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Then push this tree to NewBranch
|
|
|
|
|
if err := t.Push(doer, commitHash, opts.NewBranch); err != nil {
|
2020-03-28 04:13:18 +00:00
|
|
|
|
log.Error("%T %v", err, err)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-28 19:48:41 +00:00
|
|
|
|
commit, err := t.GetCommit(commitHash)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-19 23:26:57 +00:00
|
|
|
|
file, err := GetFileResponseFromCommit(ctx, repo, commit, opts.NewBranch, treePath)
|
2019-04-17 16:06:35 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return file, nil
|
|
|
|
|
}
|
2021-09-11 14:21:17 +00:00
|
|
|
|
|
|
|
|
|
// VerifyBranchProtection verify the branch protection for modifying the given treePath on the given branch
|
2022-01-19 23:26:57 +00:00
|
|
|
|
func VerifyBranchProtection(ctx context.Context, repo *repo_model.Repository, doer *user_model.User, branchName, treePath string) error {
|
2023-01-16 08:00:22 +00:00
|
|
|
|
protectedBranch, err := git_model.GetFirstMatchProtectedBranchRule(ctx, repo.ID, branchName)
|
2021-09-11 14:21:17 +00:00
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
if protectedBranch != nil {
|
2023-01-16 08:00:22 +00:00
|
|
|
|
protectedBranch.Repo = repo
|
2021-09-11 14:21:17 +00:00
|
|
|
|
isUnprotectedFile := false
|
|
|
|
|
glob := protectedBranch.GetUnprotectedFilePatterns()
|
|
|
|
|
if len(glob) != 0 {
|
|
|
|
|
isUnprotectedFile = protectedBranch.IsUnprotectedFile(glob, treePath)
|
|
|
|
|
}
|
2023-01-16 08:00:22 +00:00
|
|
|
|
if !protectedBranch.CanUserPush(ctx, doer) && !isUnprotectedFile {
|
2021-09-11 14:21:17 +00:00
|
|
|
|
return models.ErrUserCannotCommit{
|
|
|
|
|
UserName: doer.LowerName,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if protectedBranch.RequireSignedCommits {
|
2022-01-19 23:26:57 +00:00
|
|
|
|
_, _, _, err := asymkey_service.SignCRUDAction(ctx, repo.RepoPath(), doer, repo.RepoPath(), branchName)
|
2021-09-11 14:21:17 +00:00
|
|
|
|
if err != nil {
|
2021-12-10 08:14:24 +00:00
|
|
|
|
if !asymkey_service.IsErrWontSign(err) {
|
2021-09-11 14:21:17 +00:00
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
return models.ErrUserCannotCommit{
|
|
|
|
|
UserName: doer.LowerName,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
patterns := protectedBranch.GetProtectedFilePatterns()
|
|
|
|
|
for _, pat := range patterns {
|
|
|
|
|
if pat.Match(strings.ToLower(treePath)) {
|
|
|
|
|
return models.ErrFilePathProtected{
|
|
|
|
|
Path: treePath,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return nil
|
|
|
|
|
}
|