Make gitea serv use api/internal (#4886)
* Start to move to internal/private * Add GetPublicKeyByID * Add HasDeployKey * Add private.UpdateDeployKeyUpdated * Add private.GetUserByKeyID * Add private.AccessLevel * Add private.CheckUnitUser * Fix mistakes I made * Some cleaning + moving code to separate files * Fix error handling * Remove useless error handling for setup * lint: fix comment on exported func * fix copyright header * Fix order of args
This commit is contained in:
parent
aefeb8c465
commit
617a2433a3
6 changed files with 332 additions and 52 deletions
55
cmd/serv.go
55
cmd/serv.go
|
@ -19,7 +19,6 @@ import (
|
||||||
"code.gitea.io/gitea/modules/pprof"
|
"code.gitea.io/gitea/modules/pprof"
|
||||||
"code.gitea.io/gitea/modules/private"
|
"code.gitea.io/gitea/modules/private"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/util"
|
|
||||||
|
|
||||||
"github.com/Unknwon/com"
|
"github.com/Unknwon/com"
|
||||||
"github.com/dgrijalva/jwt-go"
|
"github.com/dgrijalva/jwt-go"
|
||||||
|
@ -49,20 +48,9 @@ var CmdServ = cli.Command{
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
func setup(logPath string) error {
|
func setup(logPath string) {
|
||||||
setting.NewContext()
|
setting.NewContext()
|
||||||
log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath))
|
log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath))
|
||||||
models.LoadConfigs()
|
|
||||||
|
|
||||||
if setting.UseSQLite3 || setting.UseTiDB {
|
|
||||||
workPath := setting.AppWorkPath
|
|
||||||
if err := os.Chdir(workPath); err != nil {
|
|
||||||
log.GitLogger.Fatal(4, "Failed to change directory %s: %v", workPath, err)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
setting.NewXORMLogService(true)
|
|
||||||
return models.SetEngine()
|
|
||||||
}
|
}
|
||||||
|
|
||||||
func parseCmd(cmd string) (string, string) {
|
func parseCmd(cmd string) (string, string) {
|
||||||
|
@ -101,10 +89,7 @@ func runServ(c *cli.Context) error {
|
||||||
if c.IsSet("config") {
|
if c.IsSet("config") {
|
||||||
setting.CustomConf = c.String("config")
|
setting.CustomConf = c.String("config")
|
||||||
}
|
}
|
||||||
|
setup("serv.log")
|
||||||
if err := setup("serv.log"); err != nil {
|
|
||||||
fail("System init failed", fmt.Sprintf("setup: %v", err))
|
|
||||||
}
|
|
||||||
|
|
||||||
if setting.SSH.Disabled {
|
if setting.SSH.Disabled {
|
||||||
println("Gitea: SSH has been disabled")
|
println("Gitea: SSH has been disabled")
|
||||||
|
@ -175,9 +160,9 @@ func runServ(c *cli.Context) error {
|
||||||
}
|
}
|
||||||
os.Setenv(models.EnvRepoName, reponame)
|
os.Setenv(models.EnvRepoName, reponame)
|
||||||
|
|
||||||
repo, err := models.GetRepositoryByOwnerAndName(username, reponame)
|
repo, err := private.GetRepositoryByOwnerAndName(username, reponame)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if models.IsErrRepoNotExist(err) {
|
if strings.Contains(err.Error(), "Failed to get repository: repository does not exist") {
|
||||||
fail(accessDenied, "Repository does not exist: %s/%s", username, reponame)
|
fail(accessDenied, "Repository does not exist: %s/%s", username, reponame)
|
||||||
}
|
}
|
||||||
fail("Internal error", "Failed to get repository: %v", err)
|
fail("Internal error", "Failed to get repository: %v", err)
|
||||||
|
@ -214,7 +199,7 @@ func runServ(c *cli.Context) error {
|
||||||
fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
|
fail("Key ID format error", "Invalid key argument: %s", c.Args()[0])
|
||||||
}
|
}
|
||||||
|
|
||||||
key, err := models.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64())
|
key, err := private.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fail("Invalid key ID", "Invalid key ID[%s]: %v", c.Args()[0], err)
|
fail("Invalid key ID", "Invalid key ID[%s]: %v", c.Args()[0], err)
|
||||||
}
|
}
|
||||||
|
@ -225,23 +210,22 @@ func runServ(c *cli.Context) error {
|
||||||
if key.Mode < requestedMode {
|
if key.Mode < requestedMode {
|
||||||
fail("Key permission denied", "Cannot push with deployment key: %d", key.ID)
|
fail("Key permission denied", "Cannot push with deployment key: %d", key.ID)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if this deploy key belongs to current repository.
|
// Check if this deploy key belongs to current repository.
|
||||||
if !models.HasDeployKey(key.ID, repo.ID) {
|
has, err := private.HasDeployKey(key.ID, repo.ID)
|
||||||
|
if err != nil {
|
||||||
|
fail("Key access denied", "Failed to access internal api: [key_id: %d, repo_id: %d]", key.ID, repo.ID)
|
||||||
|
}
|
||||||
|
if !has {
|
||||||
fail("Key access denied", "Deploy key access denied: [key_id: %d, repo_id: %d]", key.ID, repo.ID)
|
fail("Key access denied", "Deploy key access denied: [key_id: %d, repo_id: %d]", key.ID, repo.ID)
|
||||||
}
|
}
|
||||||
|
|
||||||
// Update deploy key activity.
|
// Update deploy key activity.
|
||||||
deployKey, err := models.GetDeployKeyByRepo(key.ID, repo.ID)
|
if err = private.UpdateDeployKeyUpdated(key.ID, repo.ID); err != nil {
|
||||||
if err != nil {
|
|
||||||
fail("Internal error", "GetDeployKey: %v", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
deployKey.UpdatedUnix = util.TimeStampNow()
|
|
||||||
if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil {
|
|
||||||
fail("Internal error", "UpdateDeployKey: %v", err)
|
fail("Internal error", "UpdateDeployKey: %v", err)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
user, err = models.GetUserByKeyID(key.ID)
|
user, err = private.GetUserByKeyID(key.ID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
|
fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
|
||||||
}
|
}
|
||||||
|
@ -252,12 +236,12 @@ func runServ(c *cli.Context) error {
|
||||||
user.Name, repoPath)
|
user.Name, repoPath)
|
||||||
}
|
}
|
||||||
|
|
||||||
mode, err := models.AccessLevel(user.ID, repo)
|
mode, err := private.AccessLevel(user.ID, repo.ID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fail("Internal error", "Failed to check access: %v", err)
|
fail("Internal error", "Failed to check access: %v", err)
|
||||||
} else if mode < requestedMode {
|
} else if *mode < requestedMode {
|
||||||
clientMessage := accessDenied
|
clientMessage := accessDenied
|
||||||
if mode >= models.AccessModeRead {
|
if *mode >= models.AccessModeRead {
|
||||||
clientMessage = "You do not have sufficient authorization for this action"
|
clientMessage = "You do not have sufficient authorization for this action"
|
||||||
}
|
}
|
||||||
fail(clientMessage,
|
fail(clientMessage,
|
||||||
|
@ -265,7 +249,11 @@ func runServ(c *cli.Context) error {
|
||||||
user.Name, requestedMode, repoPath)
|
user.Name, requestedMode, repoPath)
|
||||||
}
|
}
|
||||||
|
|
||||||
if !repo.CheckUnitUser(user.ID, user.IsAdmin, unitType) {
|
check, err := private.CheckUnitUser(user.ID, repo.ID, user.IsAdmin, unitType)
|
||||||
|
if err != nil {
|
||||||
|
fail("You do not have allowed for this action", "Failed to access internal api: [user.Name: %s, repoPath: %s]", user.Name, repoPath)
|
||||||
|
}
|
||||||
|
if !check {
|
||||||
fail("You do not have allowed for this action",
|
fail("You do not have allowed for this action",
|
||||||
"User %s does not have allowed access to repository %s 's code",
|
"User %s does not have allowed access to repository %s 's code",
|
||||||
user.Name, repoPath)
|
user.Name, repoPath)
|
||||||
|
@ -325,7 +313,6 @@ func runServ(c *cli.Context) error {
|
||||||
} else {
|
} else {
|
||||||
gitcmd = exec.Command(verb, repoPath)
|
gitcmd = exec.Command(verb, repoPath)
|
||||||
}
|
}
|
||||||
|
|
||||||
if isWiki {
|
if isWiki {
|
||||||
if err = repo.InitWiki(); err != nil {
|
if err = repo.InitWiki(); err != nil {
|
||||||
fail("Internal error", "Failed to init wiki repo: %v", err)
|
fail("Internal error", "Failed to init wiki repo: %v", err)
|
||||||
|
|
|
@ -33,7 +33,7 @@ func GetProtectedBranchBy(repoID int64, branchName string) (*models.ProtectedBra
|
||||||
|
|
||||||
// All 2XX status codes are accepted and others will return an error
|
// All 2XX status codes are accepted and others will return an error
|
||||||
if resp.StatusCode/100 != 2 {
|
if resp.StatusCode/100 != 2 {
|
||||||
return nil, fmt.Errorf("Failed to update public key: %s", decodeJSONError(resp).Err)
|
return nil, fmt.Errorf("Failed to get protected branch: %s", decodeJSONError(resp).Err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return &branch, nil
|
return &branch, nil
|
||||||
|
|
|
@ -11,6 +11,7 @@ import (
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/models"
|
||||||
"code.gitea.io/gitea/modules/httplib"
|
"code.gitea.io/gitea/modules/httplib"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
|
@ -49,22 +50,66 @@ func newInternalRequest(url, method string) *httplib.Request {
|
||||||
return req
|
return req
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdatePublicKeyUpdated update publick key updates
|
// CheckUnitUser check whether user could visit the unit of this repository
|
||||||
func UpdatePublicKeyUpdated(keyID int64) error {
|
func CheckUnitUser(userID, repoID int64, isAdmin bool, unitType models.UnitType) (bool, error) {
|
||||||
// Ask for running deliver hook and test pull request tasks.
|
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/user/%d/checkunituser?isAdmin=%t&unitType=%d", repoID, userID, isAdmin, unitType)
|
||||||
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d/update", keyID)
|
log.GitLogger.Trace("AccessLevel: %s", reqURL)
|
||||||
log.GitLogger.Trace("UpdatePublicKeyUpdated: %s", reqURL)
|
|
||||||
|
|
||||||
resp, err := newInternalRequest(reqURL, "POST").Response()
|
resp, err := newInternalRequest(reqURL, "GET").Response()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return false, err
|
||||||
}
|
}
|
||||||
|
|
||||||
defer resp.Body.Close()
|
defer resp.Body.Close()
|
||||||
|
|
||||||
// All 2XX status codes are accepted and others will return an error
|
if resp.StatusCode == 200 {
|
||||||
if resp.StatusCode/100 != 2 {
|
return true, nil
|
||||||
return fmt.Errorf("Failed to update public key: %s", decodeJSONError(resp).Err)
|
|
||||||
}
|
}
|
||||||
return nil
|
return false, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// AccessLevel returns the Access a user has to a repository. Will return NoneAccess if the
|
||||||
|
// user does not have access.
|
||||||
|
func AccessLevel(userID, repoID int64) (*models.AccessMode, error) {
|
||||||
|
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/user/%d/accesslevel", repoID, userID)
|
||||||
|
log.GitLogger.Trace("AccessLevel: %s", reqURL)
|
||||||
|
|
||||||
|
resp, err := newInternalRequest(reqURL, "GET").Response()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
if resp.StatusCode != 200 {
|
||||||
|
return nil, fmt.Errorf("Failed to get user access level: %s", decodeJSONError(resp).Err)
|
||||||
|
}
|
||||||
|
|
||||||
|
var a models.AccessMode
|
||||||
|
if err := json.NewDecoder(resp.Body).Decode(&a); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &a, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetRepositoryByOwnerAndName returns the repository by given ownername and reponame.
|
||||||
|
func GetRepositoryByOwnerAndName(ownerName, repoName string) (*models.Repository, error) {
|
||||||
|
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repo/%s/%s", ownerName, repoName)
|
||||||
|
log.GitLogger.Trace("GetRepositoryByOwnerAndName: %s", reqURL)
|
||||||
|
|
||||||
|
resp, err := newInternalRequest(reqURL, "GET").Response()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
if resp.StatusCode != 200 {
|
||||||
|
return nil, fmt.Errorf("Failed to get repository: %s", decodeJSONError(resp).Err)
|
||||||
|
}
|
||||||
|
|
||||||
|
var repo models.Repository
|
||||||
|
if err := json.NewDecoder(resp.Body).Decode(&repo); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &repo, nil
|
||||||
}
|
}
|
||||||
|
|
116
modules/private/key.go
Normal file
116
modules/private/key.go
Normal file
|
@ -0,0 +1,116 @@
|
||||||
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package private
|
||||||
|
|
||||||
|
import (
|
||||||
|
"encoding/json"
|
||||||
|
"fmt"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/models"
|
||||||
|
"code.gitea.io/gitea/modules/log"
|
||||||
|
"code.gitea.io/gitea/modules/setting"
|
||||||
|
)
|
||||||
|
|
||||||
|
// UpdateDeployKeyUpdated update deploy key updates
|
||||||
|
func UpdateDeployKeyUpdated(keyID int64, repoID int64) error {
|
||||||
|
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/keys/%d/update", repoID, keyID)
|
||||||
|
log.GitLogger.Trace("UpdateDeployKeyUpdated: %s", reqURL)
|
||||||
|
|
||||||
|
resp, err := newInternalRequest(reqURL, "POST").Response()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
// All 2XX status codes are accepted and others will return an error
|
||||||
|
if resp.StatusCode/100 != 2 {
|
||||||
|
return fmt.Errorf("Failed to update deploy key: %s", decodeJSONError(resp).Err)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// HasDeployKey check if repo has deploy key
|
||||||
|
func HasDeployKey(keyID, repoID int64) (bool, error) {
|
||||||
|
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/has-keys/%d", repoID, keyID)
|
||||||
|
log.GitLogger.Trace("HasDeployKey: %s", reqURL)
|
||||||
|
|
||||||
|
resp, err := newInternalRequest(reqURL, "GET").Response()
|
||||||
|
if err != nil {
|
||||||
|
return false, err
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
if resp.StatusCode == 200 {
|
||||||
|
return true, nil
|
||||||
|
}
|
||||||
|
return false, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetPublicKeyByID get public ssh key by his ID
|
||||||
|
func GetPublicKeyByID(keyID int64) (*models.PublicKey, error) {
|
||||||
|
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d", keyID)
|
||||||
|
log.GitLogger.Trace("GetPublicKeyByID: %s", reqURL)
|
||||||
|
|
||||||
|
resp, err := newInternalRequest(reqURL, "GET").Response()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
if resp.StatusCode != 200 {
|
||||||
|
return nil, fmt.Errorf("Failed to get repository: %s", decodeJSONError(resp).Err)
|
||||||
|
}
|
||||||
|
|
||||||
|
var pKey models.PublicKey
|
||||||
|
if err := json.NewDecoder(resp.Body).Decode(&pKey); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return &pKey, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// GetUserByKeyID get user attached to key
|
||||||
|
func GetUserByKeyID(keyID int64) (*models.User, error) {
|
||||||
|
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d/user", keyID)
|
||||||
|
log.GitLogger.Trace("GetUserByKeyID: %s", reqURL)
|
||||||
|
|
||||||
|
resp, err := newInternalRequest(reqURL, "GET").Response()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
if resp.StatusCode != 200 {
|
||||||
|
return nil, fmt.Errorf("Failed to get user: %s", decodeJSONError(resp).Err)
|
||||||
|
}
|
||||||
|
|
||||||
|
var user models.User
|
||||||
|
if err := json.NewDecoder(resp.Body).Decode(&user); err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
return &user, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
// UpdatePublicKeyUpdated update public key updates
|
||||||
|
func UpdatePublicKeyUpdated(keyID int64) error {
|
||||||
|
// Ask for running deliver hook and test pull request tasks.
|
||||||
|
reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d/update", keyID)
|
||||||
|
log.GitLogger.Trace("UpdatePublicKeyUpdated: %s", reqURL)
|
||||||
|
|
||||||
|
resp, err := newInternalRequest(reqURL, "POST").Response()
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
defer resp.Body.Close()
|
||||||
|
|
||||||
|
// All 2XX status codes are accepted and others will return an error
|
||||||
|
if resp.StatusCode/100 != 2 {
|
||||||
|
return fmt.Errorf("Failed to update public key: %s", decodeJSONError(resp).Err)
|
||||||
|
}
|
||||||
|
return nil
|
||||||
|
}
|
|
@ -23,26 +23,74 @@ func CheckInternalToken(ctx *macaron.Context) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// UpdatePublicKey update publick key updates
|
//GetRepositoryByOwnerAndName chainload to models.GetRepositoryByOwnerAndName
|
||||||
func UpdatePublicKey(ctx *macaron.Context) {
|
func GetRepositoryByOwnerAndName(ctx *macaron.Context) {
|
||||||
keyID := ctx.ParamsInt64(":id")
|
//TODO use repo.Get(ctx *context.APIContext) ?
|
||||||
if err := models.UpdatePublicKeyUpdated(keyID); err != nil {
|
ownerName := ctx.Params(":owner")
|
||||||
|
repoName := ctx.Params(":repo")
|
||||||
|
repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName)
|
||||||
|
if err != nil {
|
||||||
ctx.JSON(500, map[string]interface{}{
|
ctx.JSON(500, map[string]interface{}{
|
||||||
"err": err.Error(),
|
"err": err.Error(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
ctx.JSON(200, repo)
|
||||||
|
}
|
||||||
|
|
||||||
|
//AccessLevel chainload to models.AccessLevel
|
||||||
|
func AccessLevel(ctx *macaron.Context) {
|
||||||
|
repoID := ctx.ParamsInt64(":repoid")
|
||||||
|
userID := ctx.ParamsInt64(":userid")
|
||||||
|
repo, err := models.GetRepositoryByID(repoID)
|
||||||
|
if err != nil {
|
||||||
|
ctx.JSON(500, map[string]interface{}{
|
||||||
|
"err": err.Error(),
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
al, err := models.AccessLevel(userID, repo)
|
||||||
|
if err != nil {
|
||||||
|
ctx.JSON(500, map[string]interface{}{
|
||||||
|
"err": err.Error(),
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
ctx.JSON(200, al)
|
||||||
|
}
|
||||||
|
|
||||||
|
//CheckUnitUser chainload to models.CheckUnitUser
|
||||||
|
func CheckUnitUser(ctx *macaron.Context) {
|
||||||
|
repoID := ctx.ParamsInt64(":repoid")
|
||||||
|
userID := ctx.ParamsInt64(":userid")
|
||||||
|
repo, err := models.GetRepositoryByID(repoID)
|
||||||
|
if err != nil {
|
||||||
|
ctx.JSON(500, map[string]interface{}{
|
||||||
|
"err": err.Error(),
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if repo.CheckUnitUser(userID, ctx.QueryBool("isAdmin"), models.UnitType(ctx.QueryInt("unitType"))) {
|
||||||
ctx.PlainText(200, []byte("success"))
|
ctx.PlainText(200, []byte("success"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
ctx.PlainText(404, []byte("no access"))
|
||||||
}
|
}
|
||||||
|
|
||||||
// RegisterRoutes registers all internal APIs routes to web application.
|
// RegisterRoutes registers all internal APIs routes to web application.
|
||||||
// These APIs will be invoked by internal commands for example `gitea serv` and etc.
|
// These APIs will be invoked by internal commands for example `gitea serv` and etc.
|
||||||
func RegisterRoutes(m *macaron.Macaron) {
|
func RegisterRoutes(m *macaron.Macaron) {
|
||||||
m.Group("/", func() {
|
m.Group("/", func() {
|
||||||
|
m.Get("/ssh/:id", GetPublicKeyByID)
|
||||||
|
m.Get("/ssh/:id/user", GetUserByKeyID)
|
||||||
m.Post("/ssh/:id/update", UpdatePublicKey)
|
m.Post("/ssh/:id/update", UpdatePublicKey)
|
||||||
|
m.Post("/repositories/:repoid/keys/:keyid/update", UpdateDeployKey)
|
||||||
|
m.Get("/repositories/:repoid/user/:userid/accesslevel", AccessLevel)
|
||||||
|
m.Get("/repositories/:repoid/user/:userid/checkunituser", CheckUnitUser)
|
||||||
|
m.Get("/repositories/:repoid/has-keys/:keyid", HasDeployKey)
|
||||||
m.Post("/push/update", PushUpdate)
|
m.Post("/push/update", PushUpdate)
|
||||||
m.Get("/protectedbranch/:pbid/:userid", CanUserPush)
|
m.Get("/protectedbranch/:pbid/:userid", CanUserPush)
|
||||||
|
m.Get("/repo/:owner/:repo", GetRepositoryByOwnerAndName)
|
||||||
m.Get("/branch/:id/*", GetProtectedBranchBy)
|
m.Get("/branch/:id/*", GetProtectedBranchBy)
|
||||||
m.Get("/repository/:rid", GetRepository)
|
m.Get("/repository/:rid", GetRepository)
|
||||||
m.Get("/active-pull-request", GetActivePullRequest)
|
m.Get("/active-pull-request", GetActivePullRequest)
|
||||||
|
|
84
routers/private/key.go
Normal file
84
routers/private/key.go
Normal file
|
@ -0,0 +1,84 @@
|
||||||
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
// Package private includes all internal routes. The package name internal is ideal but Golang is not allowed, so we use private as package name instead.
|
||||||
|
package private
|
||||||
|
|
||||||
|
import (
|
||||||
|
"code.gitea.io/gitea/models"
|
||||||
|
"code.gitea.io/gitea/modules/util"
|
||||||
|
|
||||||
|
macaron "gopkg.in/macaron.v1"
|
||||||
|
)
|
||||||
|
|
||||||
|
// UpdateDeployKey update deploy key updates
|
||||||
|
func UpdateDeployKey(ctx *macaron.Context) {
|
||||||
|
repoID := ctx.ParamsInt64(":repoid")
|
||||||
|
keyID := ctx.ParamsInt64(":keyid")
|
||||||
|
deployKey, err := models.GetDeployKeyByRepo(keyID, repoID)
|
||||||
|
if err != nil {
|
||||||
|
ctx.JSON(500, map[string]interface{}{
|
||||||
|
"err": err.Error(),
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
deployKey.UpdatedUnix = util.TimeStampNow()
|
||||||
|
if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil {
|
||||||
|
ctx.JSON(500, map[string]interface{}{
|
||||||
|
"err": err.Error(),
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
ctx.PlainText(200, []byte("success"))
|
||||||
|
}
|
||||||
|
|
||||||
|
// UpdatePublicKey update publick key updates
|
||||||
|
func UpdatePublicKey(ctx *macaron.Context) {
|
||||||
|
keyID := ctx.ParamsInt64(":id")
|
||||||
|
if err := models.UpdatePublicKeyUpdated(keyID); err != nil {
|
||||||
|
ctx.JSON(500, map[string]interface{}{
|
||||||
|
"err": err.Error(),
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx.PlainText(200, []byte("success"))
|
||||||
|
}
|
||||||
|
|
||||||
|
//GetPublicKeyByID chainload to models.GetPublicKeyByID
|
||||||
|
func GetPublicKeyByID(ctx *macaron.Context) {
|
||||||
|
keyID := ctx.ParamsInt64(":id")
|
||||||
|
key, err := models.GetPublicKeyByID(keyID)
|
||||||
|
if err != nil {
|
||||||
|
ctx.JSON(500, map[string]interface{}{
|
||||||
|
"err": err.Error(),
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
ctx.JSON(200, key)
|
||||||
|
}
|
||||||
|
|
||||||
|
//GetUserByKeyID chainload to models.GetUserByKeyID
|
||||||
|
func GetUserByKeyID(ctx *macaron.Context) {
|
||||||
|
keyID := ctx.ParamsInt64(":id")
|
||||||
|
user, err := models.GetUserByKeyID(keyID)
|
||||||
|
if err != nil {
|
||||||
|
ctx.JSON(500, map[string]interface{}{
|
||||||
|
"err": err.Error(),
|
||||||
|
})
|
||||||
|
return
|
||||||
|
}
|
||||||
|
ctx.JSON(200, user)
|
||||||
|
}
|
||||||
|
|
||||||
|
//HasDeployKey chainload to models.HasDeployKey
|
||||||
|
func HasDeployKey(ctx *macaron.Context) {
|
||||||
|
repoID := ctx.ParamsInt64(":repoid")
|
||||||
|
keyID := ctx.ParamsInt64(":keyid")
|
||||||
|
if models.HasDeployKey(keyID, repoID) {
|
||||||
|
ctx.PlainText(200, []byte("success"))
|
||||||
|
return
|
||||||
|
}
|
||||||
|
ctx.PlainText(404, []byte("not found"))
|
||||||
|
}
|
Reference in a new issue