diff --git a/.fswatch.json b/.fswatch.json index 90a6e4eae7..7b12022c12 100644 --- a/.fswatch.json +++ b/.fswatch.json @@ -2,12 +2,11 @@ "paths": ["."], "depth": 2, "exclude": [], - "include": ["\\.go$"], + "include": ["\\.go$", "\\.ini$"], "command": [ "bash", "-c", "go build && ./gogs web" ], "env": { "POWERED_BY": "github.com/shxsun/fswatch" - }, - "enable-restart": true + } } diff --git a/.gitignore b/.gitignore index 158421d04a..f8d8a2869c 100644 --- a/.gitignore +++ b/.gitignore @@ -33,3 +33,4 @@ _testmain.go *.exe~ gogs __pycache__ +*.pem diff --git a/README.md b/README.md index fe15328b1b..619f9a9dd6 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Gogs(Go Git Service) is a Self Hosted Git Service in the Go Programming Language ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### Current version: 0.2.2 Alpha +##### Current version: 0.2.3 Alpha #### Due to testing purpose, data of [try.gogits.org](http://try.gogits.org) has been reset in April 6, 2014 and will reset multiple times after. Please do NOT put your important data on the site. @@ -29,7 +29,7 @@ More importantly, Gogs only needs one binary to setup your own project hosting o ## Features - Activity timeline -- SSH/HTTPS(Clone only) protocol support. +- SSH/HTTP(S) protocol support. - Register/delete/rename account. - Create/delete/watch/rename/transfer public repository. - Repository viewer. diff --git a/README_ZH.md b/README_ZH.md index 015ee0af99..35a0b7630d 100644 --- a/README_ZH.md +++ b/README_ZH.md @@ -5,7 +5,7 @@ Gogs(Go Git Service) 是一个由 Go 语言编写的自助 Git 托管服务。 ![Demo](http://gowalker.org/public/gogs_demo.gif) -##### 当前版本:0.2.2 Alpha +##### 当前版本:0.2.3 Alpha ## 开发目的 @@ -23,7 +23,7 @@ Gogs 完全使用 Go 语言来实现对 Git 数据的操作,实现 **零** 依 ## 功能特性 - 活动时间线 -- SSH/HTTPS(仅限 Clone) 协议支持 +- SSH/HTTP(S) 协议支持 - 注册/删除/重命名用户 - 创建/删除/关注/重命名/转移公开仓库 - 仓库浏览器 diff --git a/gogs.go b/gogs.go index df268980f5..2971007154 100644 --- a/gogs.go +++ b/gogs.go @@ -19,7 +19,7 @@ import ( // Test that go1.2 tag above is included in builds. main.go refers to this definition. const go12tag = true -const APP_VER = "0.2.2.0407 Alpha" +const APP_VER = "0.2.3.0409 Alpha" func init() { base.AppVer = APP_VER diff --git a/models/git.go b/models/git.go index 46345d0ffc..77b7ef2d7e 100644 --- a/models/git.go +++ b/models/git.go @@ -142,7 +142,8 @@ func GetReposFiles(userName, repoName, commitId, rpath string) ([]*RepoFile, err } func getReposFiles(userName, repoName, commitId string, rpath string) ([]*RepoFile, error) { - repo, err := git.OpenRepository(RepoPath(userName, repoName)) + repopath := RepoPath(userName, repoName) + repo, err := git.OpenRepository(repopath) if err != nil { return nil, err } @@ -162,77 +163,23 @@ func getReposFiles(userName, repoName, commitId string, rpath string) ([]*RepoFi return 0 } - var cm = commit - var i int - for { - i = i + 1 - //fmt.Println(".....", i, cm.Id(), cm.ParentCount()) - if cm.ParentCount() == 0 { - break - } else if cm.ParentCount() == 1 { - pt, _ := repo.SubTree(cm.Parent(0).Tree, dirname) - if pt == nil { - break - } - pEntry := pt.EntryByName(entry.Name) - if pEntry == nil || !pEntry.Id.Equal(entry.Id) { - break - } else { - cm = cm.Parent(0) - } - } else { - var emptyCnt = 0 - var sameIdcnt = 0 - var lastSameCm *git.Commit - //fmt.Println(".....", cm.ParentCount()) - for i := 0; i < cm.ParentCount(); i++ { - //fmt.Println("parent", i, cm.Parent(i).Id()) - p := cm.Parent(i) - pt, _ := repo.SubTree(p.Tree, dirname) - var pEntry *git.TreeEntry - if pt != nil { - pEntry = pt.EntryByName(entry.Name) - } - - //fmt.Println("pEntry", pEntry) - - if pEntry == nil { - emptyCnt = emptyCnt + 1 - if emptyCnt+sameIdcnt == cm.ParentCount() { - if lastSameCm == nil { - goto loop - } else { - cm = lastSameCm - break - } - } - } else { - //fmt.Println(i, "pEntry", pEntry.Id, "entry", entry.Id) - if !pEntry.Id.Equal(entry.Id) { - goto loop - } else { - lastSameCm = cm.Parent(i) - sameIdcnt = sameIdcnt + 1 - if emptyCnt+sameIdcnt == cm.ParentCount() { - // TODO: now follow the first parent commit? - cm = lastSameCm - //fmt.Println("sameId...") - break - } - } - } - } - } + cmd := exec.Command("git", "log", "-1", "--pretty=format:%H", commitId, "--", path.Join(dirname, entry.Name)) + cmd.Dir = repopath + out, err := cmd.Output() + if err != nil { + return 0 + } + filecm, err := repo.GetCommit(string(out)) + if err != nil { + return 0 } - - loop: rp := &RepoFile{ entry, path.Join(dirname, entry.Name), size, repo, - cm, + filecm, } if entry.IsFile() { diff --git a/models/oauth2.go b/models/oauth2.go index a17d4e30fa..45728b0d51 100644 --- a/models/oauth2.go +++ b/models/oauth2.go @@ -1,6 +1,10 @@ +// Copyright 2014 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + package models -import "fmt" +import "errors" // OT: Oauth2 Type const ( @@ -9,12 +13,18 @@ const ( OT_TWITTER ) +var ( + ErrOauth2RecordNotExists = errors.New("not exists oauth2 record") + ErrOauth2NotAssociatedWithUser = errors.New("not associated with user") +) + type Oauth2 struct { - Uid int64 `xorm:"pk"` // userId + Id int64 + Uid int64 // userId + User *User `xorm:"-"` Type int `xorm:"pk unique(oauth)"` // twitter,github,google... Identity string `xorm:"pk unique(oauth)"` // id.. Token string `xorm:"VARCHAR(200) not null"` - //RefreshTime time.Time `xorm:"created"` } func AddOauth2(oa *Oauth2) (err error) { @@ -24,16 +34,16 @@ func AddOauth2(oa *Oauth2) (err error) { return nil } -func GetOauth2User(identity string) (u *User, err error) { - oa := &Oauth2{} - oa.Identity = identity - exists, err := orm.Get(oa) +func GetOauth2(identity string) (oa *Oauth2, err error) { + oa = &Oauth2{Identity: identity} + isExist, err := orm.Get(oa) if err != nil { return + } else if !isExist { + return nil, ErrOauth2RecordNotExists + } else if oa.Uid == 0 { + return oa, ErrOauth2NotAssociatedWithUser } - if !exists { - err = fmt.Errorf("not exists oauth2: %s", identity) - return - } - return GetUserById(oa.Uid) + oa.User, err = GetUserById(oa.Uid) + return oa, err } diff --git a/models/repo.go b/models/repo.go index bb5c36372e..573e0f4e6f 100644 --- a/models/repo.go +++ b/models/repo.go @@ -79,6 +79,7 @@ type Repository struct { NumOpenIssues int `xorm:"-"` IsPrivate bool IsBare bool + IsGoget bool Created time.Time `xorm:"created"` Updated time.Time `xorm:"updated"` } @@ -261,6 +262,13 @@ func createHookUpdate(hookPath, content string) error { return err } +// SetRepoEnvs sets environment variables for command update. +func SetRepoEnvs(userId int64, userName, repoName string) { + os.Setenv("userId", base.ToStr(userId)) + os.Setenv("userName", userName) + os.Setenv("repoName", repoName) +} + // InitRepository initializes README and .gitignore if needed. func initRepository(f string, user *User, repo *Repository, initReadme bool, repoLang, license string) error { repoPath := RepoPath(user.Name, repo.Name) @@ -333,10 +341,7 @@ func initRepository(f string, user *User, repo *Repository, initReadme bool, rep return nil } - // for update use - os.Setenv("userName", user.Name) - os.Setenv("userId", base.ToStr(user.Id)) - os.Setenv("repoName", repo.Name) + SetRepoEnvs(user.Id, user.Name, repo.Name) // Apply changes and commit. return initRepoCommit(tmpDir, user.NewGitSig()) diff --git a/models/user.go b/models/user.go index 0fcf72437e..b2fddd0a1d 100644 --- a/models/user.go +++ b/models/user.go @@ -289,11 +289,21 @@ func DeleteUser(user *User) error { // TODO: check issues, other repos' commits + // Delete all followers. + if _, err = orm.Delete(&Follow{FollowId: user.Id}); err != nil { + return err + } + // Delete all feeds. if _, err = orm.Delete(&Action{UserId: user.Id}); err != nil { return err } + // Delete all watches. + if _, err = orm.Delete(&Watch{UserId: user.Id}); err != nil { + return err + } + // Delete all accesses. if _, err = orm.Delete(&Access{UserName: user.LowerName}); err != nil { return err @@ -316,7 +326,6 @@ func DeleteUser(user *User) error { } _, err = orm.Delete(user) - // TODO: delete and update follower information. return err } diff --git a/modules/base/conf.go b/modules/base/conf.go index 69df49dc48..871595e476 100644 --- a/modules/base/conf.go +++ b/modules/base/conf.go @@ -43,6 +43,7 @@ var ( AppName string AppLogo string AppUrl string + IsProdMode bool Domain string SecretKey string RunUser string diff --git a/modules/base/markdown.go b/modules/base/markdown.go index 1893ccee6e..cc1807750d 100644 --- a/modules/base/markdown.go +++ b/modules/base/markdown.go @@ -133,14 +133,14 @@ func RenderSpecialLink(rawBytes []byte, urlPrefix string) []byte { } func RenderMarkdown(rawBytes []byte, urlPrefix string) []byte { - // body := RenderSpecialLink(rawBytes, urlPrefix) + body := RenderSpecialLink(rawBytes, urlPrefix) // fmt.Println(string(body)) htmlFlags := 0 // htmlFlags |= gfm.HTML_USE_XHTML // htmlFlags |= gfm.HTML_USE_SMARTYPANTS // htmlFlags |= gfm.HTML_SMARTYPANTS_FRACTIONS // htmlFlags |= gfm.HTML_SMARTYPANTS_LATEX_DASHES - htmlFlags |= gfm.HTML_SKIP_HTML + // htmlFlags |= gfm.HTML_SKIP_HTML htmlFlags |= gfm.HTML_SKIP_STYLE htmlFlags |= gfm.HTML_SKIP_SCRIPT htmlFlags |= gfm.HTML_GITHUB_BLOCKCODE @@ -162,7 +162,7 @@ func RenderMarkdown(rawBytes []byte, urlPrefix string) []byte { extensions |= gfm.EXTENSION_SPACE_HEADERS extensions |= gfm.EXTENSION_NO_EMPTY_LINE_BEFORE_BLOCK - body := gfm.Markdown(rawBytes, renderer, extensions) + body = gfm.Markdown(body, renderer, extensions) // fmt.Println(string(body)) return body } diff --git a/modules/base/template.go b/modules/base/template.go index 6cd8ade611..5a42107c45 100644 --- a/modules/base/template.go +++ b/modules/base/template.go @@ -56,6 +56,9 @@ var TemplateFuncs template.FuncMap = map[string]interface{}{ "AppDomain": func() string { return Domain }, + "IsProdMode": func() bool { + return IsProdMode + }, "LoadTimes": func(startTime time.Time) string { return fmt.Sprint(time.Since(startTime).Nanoseconds()/1e6) + "ms" }, diff --git a/modules/middleware/render.go b/modules/middleware/render.go index 98d485afec..662899883f 100644 --- a/modules/middleware/render.go +++ b/modules/middleware/render.go @@ -146,7 +146,7 @@ func compile(options RenderOptions) *template.Template { tmpl := t.New(filepath.ToSlash(name)) for _, funcs := range options.Funcs { - tmpl.Funcs(funcs) + tmpl = tmpl.Funcs(funcs) } template.Must(tmpl.Funcs(helperFuncs).Parse(string(buf))) diff --git a/modules/oauth2/oauth2.go b/modules/oauth2/oauth2.go index 180c52ca0a..05ae4606a5 100644 --- a/modules/oauth2/oauth2.go +++ b/modules/oauth2/oauth2.go @@ -1,16 +1,7 @@ // Copyright 2014 Google Inc. All Rights Reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. +// Copyright 2014 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. // Package oauth2 contains Martini handlers to provide // user login via an OAuth 2.0 backend. diff --git a/public/css/gogs.css b/public/css/gogs.css index da2a7fd1a2..2850d15e2e 100755 --- a/public/css/gogs.css +++ b/public/css/gogs.css @@ -309,6 +309,18 @@ html, body { height: 8em; } +#repo-import-auth { + width: 100%; + margin-top: 48px; + box-sizing: border-box; +} + +#repo-import-auth .form-group { + box-sizing: border-box; + margin-left: 0; + margin-right: 0; +} + /* gogits user setting */ #user-setting-nav > h4, #user-setting-container > h4, #user-setting-container > div > h4, @@ -444,6 +456,43 @@ html, body { margin-right: 1em; } +#user-dashboard-repo-new .btn-sm.dropdown-toggle { + padding: 3px 8px; +} + +#user-dashboard-repo-new .dropdown-menu, #nav-repo-new .dropdown-menu { + padding: 0; + margin: 0; +} + +#user-dashboard-repo-new ul, #nav-repo-new ul { + margin: 0; + width: 200px; +} + +#user-dashboard-repo-new li a, #nav-repo-new li a { + line-height: 36px; + display: block; + padding: 0 18px; + color: #444; +} + +#user-dashboard-repo-new li a:hover, #nav-repo-new li a:hover { + background: #0093c4; + color: #FFF; +} + +#nav-repo-new button { + border: none; + background: transparent; + padding: 0; + width: 15px; +} + +#nav-repo-new li .fa { + margin: 0 .5em; +} + /* gogits repo single page */ #body-nav.repo-nav { @@ -1372,6 +1421,6 @@ html, body { margin: 16px 0; } -#release-preview{ +#release-preview { margin: 6px 0; } \ No newline at end of file diff --git a/routers/install.go b/routers/install.go index 1c4e6181d5..5d6c65ef9b 100644 --- a/routers/install.go +++ b/routers/install.go @@ -7,6 +7,7 @@ package routers import ( "errors" "os" + "os/exec" "strings" "github.com/Unknwon/goconfig" @@ -27,6 +28,7 @@ func checkRunMode() { switch base.Cfg.MustValue("", "RUN_MODE") { case "prod": martini.Env = martini.Prod + base.IsProdMode = true case "test": martini.Env = martini.Test } @@ -102,6 +104,11 @@ func Install(ctx *middleware.Context, form auth.InstallForm) { return } + if _, err := exec.LookPath("git"); err != nil { + ctx.RenderWithErr("Fail to test 'git' command: "+err.Error(), "install", &form) + return + } + // Pass basic check, now test configuration. // Test database setting. dbTypes := map[string]string{"mysql": "mysql", "pgsql": "postgres", "sqlite": "sqlite3"} diff --git a/routers/repo/git.go b/routers/repo/git.go new file mode 100644 index 0000000000..30c1042e0a --- /dev/null +++ b/routers/repo/git.go @@ -0,0 +1,55 @@ +package repo + +import ( + "fmt" + "strings" +) + +const advertise_refs = "--advertise-refs" + +func command(cmd string, opts ...string) string { + return fmt.Sprintf("git %s %s", cmd, strings.Join(opts, " ")) +} + +/*func upload_pack(repository_path string, opts ...string) string { + cmd = "upload-pack" + opts = append(opts, "--stateless-rpc", repository_path) + return command(cmd, opts...) +} + +func receive_pack(repository_path string, opts ...string) string { + cmd = "receive-pack" + opts = append(opts, "--stateless-rpc", repository_path) + return command(cmd, opts...) +}*/ + +/*func update_server_info(repository_path, opts = {}, &block) + cmd = "update-server-info" + args = [] + opts.each {|k,v| args << command_options[k] if command_options.has_key?(k) } + opts[:args] = args + Dir.chdir(repository_path) do # "git update-server-info" does not take a parameter to specify the repository, so set the working directory to the repository + self.command(cmd, opts, &block) + end + end + + def get_config_setting(repository_path, key) + path = get_config_location(repository_path) + raise "Config file could not be found for repository in #{repository_path}." unless path + self.command("config", {:args => ["-f #{path}", key]}).chomp + end + + def get_config_location(repository_path) + non_bare = File.join(repository_path,'.git') # This is where the config file will be if the repository is non-bare + if File.exists?(non_bare) then # The repository is non-bare + non_bare_config = File.join(non_bare, 'config') + return non_bare_config if File.exists?(non_bare_config) + else # We are dealing with a bare repository + bare_config = File.join(repository_path, "config") + return bare_config if File.exists?(bare_config) + end + return nil + end + + end +*/ diff --git a/routers/repo/http.go b/routers/repo/http.go new file mode 100644 index 0000000000..5aa3139f85 --- /dev/null +++ b/routers/repo/http.go @@ -0,0 +1,471 @@ +package repo + +import ( + "fmt" + "io" + "io/ioutil" + "log" + "net/http" + "os" + "os/exec" + "path" + "regexp" + "strconv" + "strings" + "time" + + "github.com/go-martini/martini" + "github.com/gogits/gogs/models" + "github.com/gogits/gogs/modules/base" + "github.com/gogits/gogs/modules/middleware" +) + +func Http(ctx *middleware.Context, params martini.Params) { + username := params["username"] + reponame := params["reponame"] + if strings.HasSuffix(reponame, ".git") { + reponame = reponame[:len(reponame)-4] + } + + var isPull bool + service := ctx.Query("service") + if service == "git-receive-pack" || + strings.HasSuffix(ctx.Req.URL.Path, "git-receive-pack") { + isPull = false + } else if service == "git-upload-pack" || + strings.HasSuffix(ctx.Req.URL.Path, "git-upload-pack") { + isPull = true + } else { + isPull = (ctx.Req.Method == "GET") + } + + repoUser, err := models.GetUserByName(username) + if err != nil { + ctx.Handle(500, "repo.GetUserByName", nil) + return + } + + repo, err := models.GetRepositoryByName(repoUser.Id, reponame) + if err != nil { + ctx.Handle(500, "repo.GetRepositoryByName", nil) + return + } + + // only public pull don't need auth + var askAuth = !(!repo.IsPrivate && isPull) + + // check access + if askAuth { + baHead := ctx.Req.Header.Get("Authorization") + if baHead == "" { + // ask auth + authRequired(ctx) + return + } + + auths := strings.Fields(baHead) + // currently check basic auth + // TODO: support digit auth + if len(auths) != 2 || auths[0] != "Basic" { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + authUsername, passwd, err := basicDecode(auths[1]) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + + authUser, err := models.GetUserByName(authUsername) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + + newUser := &models.User{Passwd: passwd, Salt: authUser.Salt} + + newUser.EncodePasswd() + if authUser.Passwd != newUser.Passwd { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + + var tp = models.AU_WRITABLE + if isPull { + tp = models.AU_READABLE + } + + has, err := models.HasAccess(authUsername, username+"/"+reponame, tp) + if err != nil { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } else if !has { + if tp == models.AU_READABLE { + has, err = models.HasAccess(authUsername, username+"/"+reponame, models.AU_WRITABLE) + if err != nil || !has { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + } else { + ctx.Handle(401, "no basic auth and digit auth", nil) + return + } + } + } + + config := Config{base.RepoRootPath, "git", true, true, func(rpc string, input []byte) { + //fmt.Println("rpc:", rpc) + //fmt.Println("input:", string(input)) + }} + + handler := HttpBackend(&config) + handler(ctx.ResponseWriter, ctx.Req) + + /* Webdav + dir := models.RepoPath(username, reponame) + + prefix := path.Join("/", username, params["reponame"]) + server := webdav.NewServer( + dir, prefix, true) + + server.ServeHTTP(ctx.ResponseWriter, ctx.Req) + */ +} + +type route struct { + cr *regexp.Regexp + method string + handler func(handler) +} + +type Config struct { + ReposRoot string + GitBinPath string + UploadPack bool + ReceivePack bool + OnSucceed func(rpc string, input []byte) +} + +type handler struct { + *Config + w http.ResponseWriter + r *http.Request + Dir string + File string +} + +var routes = []route{ + {regexp.MustCompile("(.*?)/git-upload-pack$"), "POST", serviceUploadPack}, + {regexp.MustCompile("(.*?)/git-receive-pack$"), "POST", serviceReceivePack}, + {regexp.MustCompile("(.*?)/info/refs$"), "GET", getInfoRefs}, + {regexp.MustCompile("(.*?)/HEAD$"), "GET", getTextFile}, + {regexp.MustCompile("(.*?)/objects/info/alternates$"), "GET", getTextFile}, + {regexp.MustCompile("(.*?)/objects/info/http-alternates$"), "GET", getTextFile}, + {regexp.MustCompile("(.*?)/objects/info/packs$"), "GET", getInfoPacks}, + {regexp.MustCompile("(.*?)/objects/info/[^/]*$"), "GET", getTextFile}, + {regexp.MustCompile("(.*?)/objects/[0-9a-f]{2}/[0-9a-f]{38}$"), "GET", getLooseObject}, + {regexp.MustCompile("(.*?)/objects/pack/pack-[0-9a-f]{40}\\.pack$"), "GET", getPackFile}, + {regexp.MustCompile("(.*?)/objects/pack/pack-[0-9a-f]{40}\\.idx$"), "GET", getIdxFile}, +} + +// Request handling function +func HttpBackend(config *Config) http.HandlerFunc { + return func(w http.ResponseWriter, r *http.Request) { + //log.Printf("%s %s %s %s", r.RemoteAddr, r.Method, r.URL.Path, r.Proto) + for _, route := range routes { + if m := route.cr.FindStringSubmatch(r.URL.Path); m != nil { + if route.method != r.Method { + renderMethodNotAllowed(w, r) + return + } + + file := strings.Replace(r.URL.Path, m[1]+"/", "", 1) + dir, err := getGitDir(config, m[1]) + + if err != nil { + log.Print(err) + renderNotFound(w) + return + } + + hr := handler{config, w, r, dir, file} + route.handler(hr) + return + } + } + renderNotFound(w) + return + } +} + +// Actual command handling functions + +func serviceUploadPack(hr handler) { + serviceRpc("upload-pack", hr) +} + +func serviceReceivePack(hr handler) { + serviceRpc("receive-pack", hr) +} + +func serviceRpc(rpc string, hr handler) { + w, r, dir := hr.w, hr.r, hr.Dir + access := hasAccess(r, hr.Config, dir, rpc, true) + + if access == false { + renderNoAccess(w) + return + } + + input, _ := ioutil.ReadAll(r.Body) + + w.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-result", rpc)) + w.WriteHeader(http.StatusOK) + + args := []string{rpc, "--stateless-rpc", dir} + cmd := exec.Command(hr.Config.GitBinPath, args...) + cmd.Dir = dir + in, err := cmd.StdinPipe() + if err != nil { + log.Print(err) + return + } + + stdout, err := cmd.StdoutPipe() + if err != nil { + log.Print(err) + return + } + + err = cmd.Start() + if err != nil { + log.Print(err) + return + } + + in.Write(input) + io.Copy(w, stdout) + cmd.Wait() + + if hr.Config.OnSucceed != nil { + hr.Config.OnSucceed(rpc, input) + } +} + +func getInfoRefs(hr handler) { + w, r, dir := hr.w, hr.r, hr.Dir + serviceName := getServiceType(r) + access := hasAccess(r, hr.Config, dir, serviceName, false) + + if access { + args := []string{serviceName, "--stateless-rpc", "--advertise-refs", "."} + refs := gitCommand(hr.Config.GitBinPath, dir, args...) + + hdrNocache(w) + w.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-advertisement", serviceName)) + w.WriteHeader(http.StatusOK) + w.Write(packetWrite("# service=git-" + serviceName + "\n")) + w.Write(packetFlush()) + w.Write(refs) + } else { + updateServerInfo(hr.Config.GitBinPath, dir) + hdrNocache(w) + sendFile("text/plain; charset=utf-8", hr) + } +} + +func getInfoPacks(hr handler) { + hdrCacheForever(hr.w) + sendFile("text/plain; charset=utf-8", hr) +} + +func getLooseObject(hr handler) { + hdrCacheForever(hr.w) + sendFile("application/x-git-loose-object", hr) +} + +func getPackFile(hr handler) { + hdrCacheForever(hr.w) + sendFile("application/x-git-packed-objects", hr) +} + +func getIdxFile(hr handler) { + hdrCacheForever(hr.w) + sendFile("application/x-git-packed-objects-toc", hr) +} + +func getTextFile(hr handler) { + hdrNocache(hr.w) + sendFile("text/plain", hr) +} + +// Logic helping functions + +func sendFile(contentType string, hr handler) { + w, r := hr.w, hr.r + reqFile := path.Join(hr.Dir, hr.File) + + //fmt.Println("sendFile:", reqFile) + + f, err := os.Stat(reqFile) + if os.IsNotExist(err) { + renderNotFound(w) + return + } + + w.Header().Set("Content-Type", contentType) + w.Header().Set("Content-Length", fmt.Sprintf("%d", f.Size())) + w.Header().Set("Last-Modified", f.ModTime().Format(http.TimeFormat)) + http.ServeFile(w, r, reqFile) +} + +func getGitDir(config *Config, filePath string) (string, error) { + root := config.ReposRoot + + if root == "" { + cwd, err := os.Getwd() + + if err != nil { + log.Print(err) + return "", err + } + + root = cwd + } + + f := path.Join(root, filePath) + if _, err := os.Stat(f); os.IsNotExist(err) { + return "", err + } + + return f, nil +} + +func getServiceType(r *http.Request) string { + serviceType := r.FormValue("service") + + if s := strings.HasPrefix(serviceType, "git-"); !s { + return "" + } + + return strings.Replace(serviceType, "git-", "", 1) +} + +func hasAccess(r *http.Request, config *Config, dir string, rpc string, checkContentType bool) bool { + if checkContentType { + if r.Header.Get("Content-Type") != fmt.Sprintf("application/x-git-%s-request", rpc) { + return false + } + } + + if !(rpc == "upload-pack" || rpc == "receive-pack") { + return false + } + if rpc == "receive-pack" { + return config.ReceivePack + } + if rpc == "upload-pack" { + return config.UploadPack + } + + return getConfigSetting(config.GitBinPath, rpc, dir) +} + +func getConfigSetting(gitBinPath, serviceName string, dir string) bool { + serviceName = strings.Replace(serviceName, "-", "", -1) + setting := getGitConfig(gitBinPath, "http."+serviceName, dir) + + if serviceName == "uploadpack" { + return setting != "false" + } + + return setting == "true" +} + +func getGitConfig(gitBinPath, configName string, dir string) string { + args := []string{"config", configName} + out := string(gitCommand(gitBinPath, dir, args...)) + return out[0 : len(out)-1] +} + +func updateServerInfo(gitBinPath, dir string) []byte { + args := []string{"update-server-info"} + return gitCommand(gitBinPath, dir, args...) +} + +func gitCommand(gitBinPath, dir string, args ...string) []byte { + command := exec.Command(gitBinPath, args...) + command.Dir = dir + out, err := command.Output() + + if err != nil { + log.Print(err) + } + + return out +} + +// HTTP error response handling functions + +func renderMethodNotAllowed(w http.ResponseWriter, r *http.Request) { + if r.Proto == "HTTP/1.1" { + w.WriteHeader(http.StatusMethodNotAllowed) + w.Write([]byte("Method Not Allowed")) + } else { + w.WriteHeader(http.StatusBadRequest) + w.Write([]byte("Bad Request")) + } +} + +func renderNotFound(w http.ResponseWriter) { + w.WriteHeader(http.StatusNotFound) + w.Write([]byte("Not Found")) +} + +func renderNoAccess(w http.ResponseWriter) { + w.WriteHeader(http.StatusForbidden) + w.Write([]byte("Forbidden")) +} + +// Packet-line handling function + +func packetFlush() []byte { + return []byte("0000") +} + +func packetWrite(str string) []byte { + s := strconv.FormatInt(int64(len(str)+4), 16) + + if len(s)%4 != 0 { + s = strings.Repeat("0", 4-len(s)%4) + s + } + + return []byte(s + str) +} + +// Header writing functions + +func hdrNocache(w http.ResponseWriter) { + w.Header().Set("Expires", "Fri, 01 Jan 1980 00:00:00 GMT") + w.Header().Set("Pragma", "no-cache") + w.Header().Set("Cache-Control", "no-cache, max-age=0, must-revalidate") +} + +func hdrCacheForever(w http.ResponseWriter) { + now := time.Now().Unix() + expires := now + 31536000 + w.Header().Set("Date", fmt.Sprintf("%d", now)) + w.Header().Set("Expires", fmt.Sprintf("%d", expires)) + w.Header().Set("Cache-Control", "public, max-age=31536000") +} + +// Main +/* +func main() { + http.HandleFunc("/", requestHandler()) + + err := http.ListenAndServe(":8080", nil) + if err != nil { + log.Fatal("ListenAndServe: ", err) + } +}*/ diff --git a/routers/repo/repo.go b/routers/repo/repo.go index d223600c52..d4d52ba0d7 100644 --- a/routers/repo/repo.go +++ b/routers/repo/repo.go @@ -14,8 +14,6 @@ import ( "github.com/go-martini/martini" - "github.com/gogits/webdav" - "github.com/gogits/gogs/models" "github.com/gogits/gogs/modules/auth" "github.com/gogits/gogs/modules/base" @@ -55,6 +53,36 @@ func Create(ctx *middleware.Context, form auth.CreateRepoForm) { ctx.Handle(200, "repo.Create", err) } +func Mirror(ctx *middleware.Context, form auth.CreateRepoForm) { + ctx.Data["Title"] = "Mirror repository" + ctx.Data["PageIsNewRepo"] = true // For navbar arrow. + + if ctx.Req.Method == "GET" { + ctx.HTML(200, "repo/mirror") + return + } + + if ctx.HasError() { + ctx.HTML(200, "repo/mirror") + return + } + + _, err := models.CreateRepository(ctx.User, form.RepoName, form.Description, + "", form.License, form.Visibility == "private", false) + if err == nil { + log.Trace("%s Repository created: %s/%s", ctx.Req.RequestURI, ctx.User.LowerName, form.RepoName) + ctx.Redirect("/" + ctx.User.Name + "/" + form.RepoName) + return + } else if err == models.ErrRepoAlreadyExist { + ctx.RenderWithErr("Repository name has already been used", "repo/mirror", &form) + return + } else if err == models.ErrRepoNameIllegal { + ctx.RenderWithErr(models.ErrRepoNameIllegal.Error(), "repo/mirror", &form) + return + } + ctx.Handle(200, "repo.Mirror", err) +} + func Single(ctx *middleware.Context, params martini.Params) { branchName := ctx.Repo.BranchName commitId := ctx.Repo.CommitId @@ -266,89 +294,6 @@ func authRequired(ctx *middleware.Context) { ctx.HTML(401, fmt.Sprintf("status/401")) } -func Http(ctx *middleware.Context, params martini.Params) { - username := params["username"] - reponame := params["reponame"] - if strings.HasSuffix(reponame, ".git") { - reponame = reponame[:len(reponame)-4] - } - - //fmt.Println("req:", ctx.Req.Header) - - repoUser, err := models.GetUserByName(username) - if err != nil { - ctx.Handle(500, "repo.GetUserByName", nil) - return - } - - repo, err := models.GetRepositoryByName(repoUser.Id, reponame) - if err != nil { - ctx.Handle(500, "repo.GetRepositoryByName", nil) - return - } - - isPull := webdav.IsPullMethod(ctx.Req.Method) - var askAuth = !(!repo.IsPrivate && isPull) - - //authRequired(ctx) - //return - - // check access - if askAuth { - // check digit auth - - // check basic auth - baHead := ctx.Req.Header.Get("Authorization") - if baHead == "" { - authRequired(ctx) - return - } - - auths := strings.Fields(baHead) - if len(auths) != 2 || auths[0] != "Basic" { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - authUsername, passwd, err := basicDecode(auths[1]) - if err != nil { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - - authUser, err := models.GetUserByName(authUsername) - if err != nil { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - - newUser := &models.User{Passwd: passwd} - newUser.EncodePasswd() - if authUser.Passwd != newUser.Passwd { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - - var tp = models.AU_WRITABLE - if isPull { - tp = models.AU_READABLE - } - - has, err := models.HasAccess(authUsername, username+"/"+reponame, tp) - if err != nil || !has { - ctx.Handle(401, "no basic auth and digit auth", nil) - return - } - } - - dir := models.RepoPath(username, reponame) - - prefix := path.Join("/", username, params["reponame"]) - server := webdav.NewServer( - dir, prefix, true) - - server.ServeHTTP(ctx.ResponseWriter, ctx.Req) -} - func Setting(ctx *middleware.Context, params martini.Params) { if !ctx.Repo.IsOwner { ctx.Handle(404, "repo.Setting", nil) @@ -397,6 +342,7 @@ func SettingPost(ctx *middleware.Context) { ctx.Repo.Repository.Description = ctx.Query("desc") ctx.Repo.Repository.Website = ctx.Query("site") + ctx.Repo.Repository.IsGoget = ctx.Query("goget") == "on" if err := models.UpdateRepository(ctx.Repo.Repository); err != nil { ctx.Handle(404, "repo.SettingPost(update)", err) return diff --git a/routers/user/social.go b/routers/user/social.go index 08cfcd83f2..b87c313f5d 100644 --- a/routers/user/social.go +++ b/routers/user/social.go @@ -6,7 +6,10 @@ package user import ( "encoding/json" + "net/http" + "net/url" "strconv" + "strings" "code.google.com/p/goauth2/oauth" @@ -70,53 +73,87 @@ func (s *SocialGithub) Update() error { return json.NewDecoder(r.Body).Decode(&s.data) } +func extractPath(next string) string { + n, err := url.Parse(next) + if err != nil { + return "/" + } + return n.Path +} + // github && google && ... func SocialSignIn(ctx *middleware.Context, tokens oauth2.Tokens) { - gh := &SocialGithub{ - WebToken: &oauth.Token{ - AccessToken: tokens.Access(), - RefreshToken: tokens.Refresh(), - Expiry: tokens.ExpiryTime(), - Extra: tokens.ExtraData(), - }, - } - if len(tokens.Access()) == 0 { - log.Error("empty access") + var socid int64 + var ok bool + next := extractPath(ctx.Query("next")) + log.Debug("social signed check %s", next) + if socid, ok = ctx.Session.Get("socialId").(int64); ok && socid != 0 { + // already login + ctx.Redirect(next) + log.Info("login soc id: %v", socid) return } - var err error - var u *models.User + config := &oauth.Config{ + //ClientId: base.OauthService.Github.ClientId, + //ClientSecret: base.OauthService.Github.ClientSecret, // FIXME: I don't know why compile error here + ClientId: "09383403ff2dc16daaa1", + ClientSecret: "0e4aa0c3630df396cdcea01a9d45cacf79925fea", + RedirectURL: strings.TrimSuffix(base.AppUrl, "/") + ctx.Req.URL.RequestURI(), + Scope: base.OauthService.GitHub.Scopes, + AuthURL: "https://github.com/login/oauth/authorize", + TokenURL: "https://github.com/login/oauth/access_token", + } + transport := &oauth.Transport{ + Config: config, + Transport: http.DefaultTransport, + } + code := ctx.Query("code") + if code == "" { + // redirect to social login page + ctx.Redirect(config.AuthCodeURL(next)) + return + } + + // handle call back + tk, err := transport.Exchange(code) + if err != nil { + log.Error("oauth2 handle callback error: %v", err) + return // FIXME, need error page 501 + } + next = extractPath(ctx.Query("state")) + log.Debug("success token: %v", tk) + + gh := &SocialGithub{WebToken: tk} if err = gh.Update(); err != nil { - // FIXME: handle error page + // FIXME: handle error page 501 log.Error("connect with github error: %s", err) return } var soc SocialConnector = gh log.Info("login: %s", soc.Name()) - // FIXME: login here, user email to check auth, if not registe, then generate a uniq username - if u, err = models.GetOauth2User(soc.Identity()); err != nil { - u = &models.User{ - Name: soc.Name(), - Email: soc.Email(), - Passwd: "123456", - IsActive: !base.Service.RegisterEmailConfirm, - } - if u, err = models.RegisterUser(u); err != nil { - log.Error("register user: %v", err) - return - } - oa := &models.Oauth2{} - oa.Uid = u.Id + oa, err := models.GetOauth2(soc.Identity()) + switch err { + case nil: + ctx.Session.Set("userId", oa.User.Id) + ctx.Session.Set("userName", oa.User.Name) + case models.ErrOauth2RecordNotExists: + oa = &models.Oauth2{} + oa.Uid = 0 oa.Type = soc.Type() oa.Token = soc.Token() oa.Identity = soc.Identity() - log.Info("oa: %v", oa) + log.Debug("oa: %v", oa) if err = models.AddOauth2(oa); err != nil { - log.Error("add oauth2 %v", err) + log.Error("add oauth2 %v", err) // 501 return } + case models.ErrOauth2NotAssociatedWithUser: + // ignore it. judge in /usr/login page + default: + log.Error(err.Error()) // FIXME: handle error page + return } - ctx.Session.Set("userId", u.Id) - ctx.Session.Set("userName", u.Name) - ctx.Redirect("/") + ctx.Session.Set("socialId", oa.Id) + log.Debug("socialId: %v", oa.Id) + ctx.Redirect(next) } diff --git a/routers/user/user.go b/routers/user/user.go index f6a39b86c7..084d0bbde2 100644 --- a/routers/user/user.go +++ b/routers/user/user.go @@ -396,6 +396,10 @@ func Activate(ctx *middleware.Context) { } else { ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60 mailer.SendActiveMail(ctx.Render, ctx.User) + + if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil { + log.Error("Set cache(MailResendLimit) fail: %v", err) + } } } else { ctx.Data["ServiceNotEnabled"] = true @@ -451,7 +455,17 @@ func ForgotPasswd(ctx *middleware.Context) { return } + if ctx.Cache.IsExist("MailResendLimit_" + u.LowerName) { + ctx.Data["ResendLimited"] = true + ctx.HTML(200, "user/forgot_passwd") + return + } + mailer.SendResetPasswdMail(ctx.Render, u) + if err = ctx.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil { + log.Error("Set cache(MailResendLimit) fail: %v", err) + } + ctx.Data["Email"] = email ctx.Data["Hours"] = base.Service.ActiveCodeLives / 60 ctx.Data["IsResetSent"] = true diff --git a/serve.go b/serve.go index 7e00db4734..3843da617e 100644 --- a/serve.go +++ b/serve.go @@ -177,10 +177,7 @@ func runServ(k *cli.Context) { qlog.Fatal("Unknown command") } - // for update use - os.Setenv("userName", user.Name) - os.Setenv("userId", strconv.Itoa(int(user.Id))) - os.Setenv("repoName", repoName) + models.SetRepoEnvs(user.Id, user.Name, repoName) gitcmd := exec.Command(verb, repoPath) gitcmd.Dir = base.RepoRootPath diff --git a/templates/base/head.tmpl b/templates/base/head.tmpl index 7f56ed7080..648eb7c467 100644 --- a/templates/base/head.tmpl +++ b/templates/base/head.tmpl @@ -9,16 +9,27 @@ + {{if .Repository.IsGoget}}{{end}} + {{if IsProdMode}} + + + + + + {{else}} - - - + {{end}} + + + + + {{if .Title}}{{.Title}} - {{end}}{{AppName}} diff --git a/templates/base/navbar.tmpl b/templates/base/navbar.tmpl index 7d1f64e495..c0855d81ef 100644 --- a/templates/base/navbar.tmpl +++ b/templates/base/navbar.tmpl @@ -8,9 +8,18 @@ user-avatar - {{if .IsAdmin}}{{end}} + {{else}}Sign In Sign Up{{end}} diff --git a/templates/install.tmpl b/templates/install.tmpl index 1fbc74bc7d..c70cfa3e6b 100644 --- a/templates/install.tmpl +++ b/templates/install.tmpl @@ -156,11 +156,11 @@
- +
- +
diff --git a/templates/repo/mirror.tmpl b/templates/repo/mirror.tmpl new file mode 100644 index 0000000000..2ac21dd617 --- /dev/null +++ b/templates/repo/mirror.tmpl @@ -0,0 +1,81 @@ +{{template "base/head" .}} +{{template "base/navbar" .}} +
+
+ {{.CsrfTokenHtml}} +

Create Repository Mirror

+
{{.ErrorMsg}}
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+
+ +
+ +
+
+
+ +
+ +
+
+
+
+
+
+ +
+

{{.SignedUserName}}

+ +
+
+ +
+ +
+ + Great repository names are short and memorable. +
+
+ +
+ +
+

Public

+ +
+
+ +
+ +
+ +
+
+ +
+
+ + Cancel +
+
+
+
+{{template "base/footer" .}} \ No newline at end of file diff --git a/templates/repo/setting.tmpl b/templates/repo/setting.tmpl index 85d08c5973..1adf0090c7 100644 --- a/templates/repo/setting.tmpl +++ b/templates/repo/setting.tmpl @@ -43,6 +43,7 @@
+
+ +
+
+
+ +
+
+
+
diff --git a/templates/repo/single_bare.tmpl b/templates/repo/single_bare.tmpl index fc0a3bd96c..3f63915352 100644 --- a/templates/repo/single_bare.tmpl +++ b/templates/repo/single_bare.tmpl @@ -9,6 +9,20 @@

Quick Guide

+
+ {{.CsrfTokenHtml}} +

Clone from existing repository

+
+ + + + + + + +
+
+

Clone this repository

diff --git a/templates/repo/toolbar.tmpl b/templates/repo/toolbar.tmpl index d8ab26214c..9c137e5179 100644 --- a/templates/repo/toolbar.tmpl +++ b/templates/repo/toolbar.tmpl @@ -11,7 +11,7 @@
  • {{if .Repository.NumOpenIssues}}{{.Repository.NumOpenIssues}} {{end}}Issues
  • {{if .IsRepoToolbarIssues}}
  • {{if .IsRepoToolbarIssuesList}} - {{else}}{{end}}
  • + {{end}} {{end}}
  • {{if .Repository.NumReleases}}{{.Repository.NumReleases}} {{end}}Releases
  • {{if .IsRepoToolbarReleases}} diff --git a/templates/user/dashboard.tmpl b/templates/user/dashboard.tmpl index bc0853fb0d..e2d7a5093f 100644 --- a/templates/user/dashboard.tmpl +++ b/templates/user/dashboard.tmpl @@ -29,7 +29,16 @@
    Your Repositories - New Repo +
    + + +
      {{range .MyRepos}} diff --git a/templates/user/forgot_passwd.tmpl b/templates/user/forgot_passwd.tmpl index ff25406fd0..a099ff2744 100644 --- a/templates/user/forgot_passwd.tmpl +++ b/templates/user/forgot_passwd.tmpl @@ -24,6 +24,8 @@
    {{else if .IsResetDisable}}

    Sorry, mail service is not enabled.

    + {{else if .ResendLimited}} +

    Sorry, you are sending e-mail too frequently, please wait 3 minutes.

    {{end}}
    diff --git a/update.go b/update.go index c9cbb35b9b..141d6fe868 100644 --- a/update.go +++ b/update.go @@ -42,32 +42,7 @@ func newUpdateLogger(execDir string) { qlog.Info("Start logging update...") } -// for command: ./gogs update -func runUpdate(c *cli.Context) { - execDir, _ := base.ExecDir() - newUpdateLogger(execDir) - - base.NewConfigContext() - models.LoadModelsConfig() - - if models.UseSQLite3 { - os.Chdir(execDir) - } - - models.SetEngine() - - args := c.Args() - if len(args) != 3 { - qlog.Fatal("received less 3 parameters") - } - - refName := args[0] - if refName == "" { - qlog.Fatal("refName is empty, shouldn't use") - } - oldCommitId := args[1] - newCommitId := args[2] - +func update(refName, oldCommitId, newCommitId string) { isNew := strings.HasPrefix(oldCommitId, "0000000") if isNew && strings.HasPrefix(newCommitId, "0000000") { @@ -158,3 +133,32 @@ func runUpdate(c *cli.Context) { qlog.Fatalf("runUpdate.models.CommitRepoAction: %v", err) } } + +// for command: ./gogs update +func runUpdate(c *cli.Context) { + execDir, _ := base.ExecDir() + newUpdateLogger(execDir) + + base.NewConfigContext() + models.LoadModelsConfig() + + if models.UseSQLite3 { + os.Chdir(execDir) + } + + models.SetEngine() + + args := c.Args() + if len(args) != 3 { + qlog.Fatal("received less 3 parameters") + } + + refName := args[0] + if refName == "" { + qlog.Fatal("refName is empty, shouldn't use") + } + oldCommitId := args[1] + newCommitId := args[2] + + update(refName, oldCommitId, newCommitId) +} diff --git a/web.go b/web.go index b8fa9eb7ae..ecf11ecee0 100644 --- a/web.go +++ b/web.go @@ -11,10 +11,10 @@ import ( "github.com/codegangsta/cli" "github.com/go-martini/martini" + qlog "github.com/qiniu/log" "github.com/gogits/binding" - "github.com/gogits/gogs/modules/auth" "github.com/gogits/gogs/modules/avatar" "github.com/gogits/gogs/modules/base" @@ -72,6 +72,11 @@ func runWeb(*cli.Context) { reqSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true}) ignSignIn := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: base.Service.RequireSignInView}) + ignSignInAndCsrf := middleware.Toggle(&middleware.ToggleOptions{ + SignInRequire: base.Service.RequireSignInView, + DisableCsrf: true, + }) + reqSignOut := middleware.Toggle(&middleware.ToggleOptions{SignOutRequire: true}) // Routers. @@ -91,7 +96,7 @@ func runWeb(*cli.Context) { m.Group("/user", func(r martini.Router) { r.Any("/login", binding.BindIgnErr(auth.LogInForm{}), user.SignIn) - r.Any("/login/github", oauth2.LoginRequired, user.SocialSignIn) + r.Any("/login/github", user.SocialSignIn) r.Any("/sign_up", binding.BindIgnErr(auth.RegisterForm{}), user.SignUp) r.Any("/forget_password", user.ForgotPasswd) r.Any("/reset_password", user.ResetPasswd) @@ -116,6 +121,7 @@ func runWeb(*cli.Context) { m.Get("/user/:username", ignSignIn, user.Profile) m.Any("/repo/create", reqSignIn, binding.BindIgnErr(auth.CreateRepoForm{}), repo.Create) + m.Any("/repo/mirror", reqSignIn, binding.BindIgnErr(auth.CreateRepoForm{}), repo.Mirror) adminReq := middleware.Toggle(&middleware.ToggleOptions{SignInRequire: true, AdminRequire: true}) @@ -165,7 +171,7 @@ func runWeb(*cli.Context) { m.Group("/:username", func(r martini.Router) { r.Any("/:reponame/**", repo.Http) r.Get("/:reponame", middleware.RepoAssignment(true, true, true), repo.Single) - }, ignSignIn) + }, ignSignInAndCsrf) // Not found handler. m.NotFound(routers.NotFound)