2014-03-15 06:01:50 -05:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
|
|
// Use of this source code is governed by a MIT-style
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
|
|
|
package middleware
|
|
|
|
|
|
|
|
import (
|
2014-03-15 08:17:16 -05:00
|
|
|
"fmt"
|
2014-03-22 12:44:02 -05:00
|
|
|
"html/template"
|
2014-04-15 11:27:29 -05:00
|
|
|
"io"
|
2014-03-15 06:01:50 -05:00
|
|
|
"net/http"
|
2014-03-22 15:40:09 -05:00
|
|
|
"strings"
|
2014-03-19 08:57:55 -05:00
|
|
|
"time"
|
2014-03-15 06:01:50 -05:00
|
|
|
|
2015-10-15 20:28:12 -05:00
|
|
|
"github.com/go-macaron/cache"
|
|
|
|
"github.com/go-macaron/csrf"
|
|
|
|
"github.com/go-macaron/i18n"
|
|
|
|
"github.com/go-macaron/session"
|
|
|
|
"gopkg.in/macaron.v1"
|
2014-03-21 08:06:47 -05:00
|
|
|
|
2015-12-15 17:25:45 -05:00
|
|
|
"github.com/gogits/git-module"
|
2015-12-09 20:46:05 -05:00
|
|
|
|
2014-03-15 06:01:50 -05:00
|
|
|
"github.com/gogits/gogs/models"
|
|
|
|
"github.com/gogits/gogs/modules/auth"
|
2014-03-21 08:31:47 -05:00
|
|
|
"github.com/gogits/gogs/modules/base"
|
2014-03-15 06:01:50 -05:00
|
|
|
"github.com/gogits/gogs/modules/log"
|
2014-05-25 19:11:25 -05:00
|
|
|
"github.com/gogits/gogs/modules/setting"
|
2014-03-15 06:01:50 -05:00
|
|
|
)
|
|
|
|
|
2015-08-26 11:30:06 -05:00
|
|
|
type RepoContext struct {
|
|
|
|
AccessMode models.AccessMode
|
|
|
|
IsWatching bool
|
2015-12-09 00:32:53 -05:00
|
|
|
IsViewBranch bool
|
|
|
|
IsViewTag bool
|
|
|
|
IsViewCommit bool
|
2015-08-26 11:30:06 -05:00
|
|
|
Repository *models.Repository
|
|
|
|
Owner *models.User
|
|
|
|
Commit *git.Commit
|
|
|
|
Tag *git.Tag
|
|
|
|
GitRepo *git.Repository
|
|
|
|
BranchName string
|
|
|
|
TagName string
|
|
|
|
TreeName string
|
2015-08-31 02:24:28 -05:00
|
|
|
CommitID string
|
2015-08-26 11:30:06 -05:00
|
|
|
RepoLink string
|
|
|
|
CloneLink models.CloneLink
|
2015-12-09 20:46:05 -05:00
|
|
|
CommitsCount int64
|
2015-08-26 11:30:06 -05:00
|
|
|
Mirror *models.Mirror
|
|
|
|
}
|
|
|
|
|
2014-03-15 08:17:16 -05:00
|
|
|
// Context represents context of a request.
|
2014-03-15 06:01:50 -05:00
|
|
|
type Context struct {
|
2014-07-25 23:24:27 -05:00
|
|
|
*macaron.Context
|
2014-07-31 16:25:34 -05:00
|
|
|
Cache cache.Cache
|
|
|
|
csrf csrf.CSRF
|
2014-07-25 23:24:27 -05:00
|
|
|
Flash *session.Flash
|
|
|
|
Session session.Store
|
|
|
|
|
2014-11-18 11:07:16 -05:00
|
|
|
User *models.User
|
|
|
|
IsSigned bool
|
|
|
|
IsBasicAuth bool
|
2014-03-15 11:03:23 -05:00
|
|
|
|
2015-11-27 01:50:38 -05:00
|
|
|
Repo *RepoContext
|
2014-08-14 01:12:21 -05:00
|
|
|
|
|
|
|
Org struct {
|
|
|
|
IsOwner bool
|
|
|
|
IsMember bool
|
2016-01-31 08:28:42 -05:00
|
|
|
IsTeamMember bool // Is member of team.
|
2016-01-31 10:18:28 -05:00
|
|
|
IsTeamAdmin bool // In owner team or team that has admin permission level.
|
2014-08-14 01:12:21 -05:00
|
|
|
Organization *models.User
|
2014-08-15 05:29:41 -05:00
|
|
|
OrgLink string
|
2014-08-16 03:21:17 -05:00
|
|
|
|
|
|
|
Team *models.Team
|
2014-08-14 01:12:21 -05:00
|
|
|
}
|
2014-03-15 06:01:50 -05:00
|
|
|
}
|
|
|
|
|
2015-08-14 11:42:43 -05:00
|
|
|
// IsOwner returns true if current user is the owner of repository.
|
2015-11-27 01:50:38 -05:00
|
|
|
func (r *RepoContext) IsOwner() bool {
|
2015-08-14 11:42:43 -05:00
|
|
|
return r.AccessMode >= models.ACCESS_MODE_OWNER
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsAdmin returns true if current user has admin or higher access of repository.
|
2015-11-27 01:50:38 -05:00
|
|
|
func (r *RepoContext) IsAdmin() bool {
|
2015-08-14 11:42:43 -05:00
|
|
|
return r.AccessMode >= models.ACCESS_MODE_ADMIN
|
2015-02-16 05:51:56 -05:00
|
|
|
}
|
|
|
|
|
2016-03-05 20:45:23 -05:00
|
|
|
// IsWriter returns true if current user has write or higher access of repository.
|
|
|
|
func (r *RepoContext) IsWriter() bool {
|
2015-11-27 01:50:38 -05:00
|
|
|
return r.AccessMode >= models.ACCESS_MODE_WRITE
|
|
|
|
}
|
|
|
|
|
2016-03-05 20:45:23 -05:00
|
|
|
// HasAccess returns true if the current user has at least read access for this repository
|
2015-11-27 01:50:38 -05:00
|
|
|
func (r *RepoContext) HasAccess() bool {
|
2015-02-16 05:51:56 -05:00
|
|
|
return r.AccessMode >= models.ACCESS_MODE_READ
|
|
|
|
}
|
|
|
|
|
2014-05-05 12:08:01 -05:00
|
|
|
// HasError returns true if error occurs in form validation.
|
|
|
|
func (ctx *Context) HasApiError() bool {
|
|
|
|
hasErr, ok := ctx.Data["HasError"]
|
|
|
|
if !ok {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
return hasErr.(bool)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *Context) GetErrMsg() string {
|
|
|
|
return ctx.Data["ErrorMsg"].(string)
|
|
|
|
}
|
|
|
|
|
2014-03-15 09:52:14 -05:00
|
|
|
// HasError returns true if error occurs in form validation.
|
|
|
|
func (ctx *Context) HasError() bool {
|
|
|
|
hasErr, ok := ctx.Data["HasError"]
|
|
|
|
if !ok {
|
|
|
|
return false
|
|
|
|
}
|
2014-04-13 17:12:07 -05:00
|
|
|
ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
|
|
|
|
ctx.Data["Flash"] = ctx.Flash
|
2014-03-15 09:52:14 -05:00
|
|
|
return hasErr.(bool)
|
|
|
|
}
|
|
|
|
|
2015-07-08 06:47:56 -05:00
|
|
|
// HasValue returns true if value of given name exists.
|
|
|
|
func (ctx *Context) HasValue(name string) bool {
|
|
|
|
_, ok := ctx.Data[name]
|
|
|
|
return ok
|
|
|
|
}
|
|
|
|
|
2014-08-02 12:47:33 -05:00
|
|
|
// HTML calls Context.HTML and converts template name to string.
|
2014-07-25 23:24:27 -05:00
|
|
|
func (ctx *Context) HTML(status int, name base.TplName) {
|
2015-12-20 01:06:54 -05:00
|
|
|
log.Debug("Template: %s", name)
|
2014-08-02 12:47:33 -05:00
|
|
|
ctx.Context.HTML(status, string(name))
|
2014-03-20 06:50:26 -05:00
|
|
|
}
|
|
|
|
|
2014-03-15 09:52:14 -05:00
|
|
|
// RenderWithErr used for page has form validation but need to prompt error to users.
|
2014-07-25 23:24:27 -05:00
|
|
|
func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {
|
2014-04-03 14:50:55 -05:00
|
|
|
if form != nil {
|
|
|
|
auth.AssignForm(form, ctx.Data)
|
|
|
|
}
|
2014-04-10 15:36:50 -05:00
|
|
|
ctx.Flash.ErrorMsg = msg
|
|
|
|
ctx.Data["Flash"] = ctx.Flash
|
2014-03-20 06:50:26 -05:00
|
|
|
ctx.HTML(200, tpl)
|
2014-03-15 09:52:14 -05:00
|
|
|
}
|
|
|
|
|
2014-03-15 08:17:16 -05:00
|
|
|
// Handle handles and logs error by given status.
|
|
|
|
func (ctx *Context) Handle(status int, title string, err error) {
|
2014-05-01 17:53:41 -05:00
|
|
|
if err != nil {
|
2014-07-25 23:24:27 -05:00
|
|
|
log.Error(4, "%s: %v", title, err)
|
|
|
|
if macaron.Env != macaron.PROD {
|
2014-05-01 17:53:41 -05:00
|
|
|
ctx.Data["ErrorMsg"] = err
|
|
|
|
}
|
2014-03-19 03:48:45 -05:00
|
|
|
}
|
|
|
|
|
2014-05-01 17:53:41 -05:00
|
|
|
switch status {
|
|
|
|
case 404:
|
|
|
|
ctx.Data["Title"] = "Page Not Found"
|
|
|
|
case 500:
|
|
|
|
ctx.Data["Title"] = "Internal Server Error"
|
|
|
|
}
|
2014-06-22 12:14:03 -05:00
|
|
|
ctx.HTML(status, base.TplName(fmt.Sprintf("status/%d", status)))
|
2014-03-15 06:01:50 -05:00
|
|
|
}
|
|
|
|
|
2015-03-28 09:30:05 -05:00
|
|
|
func (ctx *Context) HandleText(status int, title string) {
|
2015-07-08 06:47:56 -05:00
|
|
|
if (status/100 == 4) || (status/100 == 5) {
|
2015-03-28 09:30:05 -05:00
|
|
|
log.Error(4, "%s", title)
|
|
|
|
}
|
2015-10-15 20:28:12 -05:00
|
|
|
ctx.PlainText(status, []byte(title))
|
2015-03-28 09:30:05 -05:00
|
|
|
}
|
|
|
|
|
2015-10-08 19:36:07 -05:00
|
|
|
// APIError logs error with title if status is 500.
|
|
|
|
func (ctx *Context) APIError(status int, title string, obj interface{}) {
|
2015-02-22 09:49:25 -05:00
|
|
|
var message string
|
|
|
|
if err, ok := obj.(error); ok {
|
|
|
|
message = err.Error()
|
|
|
|
} else {
|
|
|
|
message = obj.(string)
|
|
|
|
}
|
2015-10-08 19:36:07 -05:00
|
|
|
|
|
|
|
if status == 500 {
|
|
|
|
log.Error(4, "%s: %s", title, message)
|
|
|
|
}
|
|
|
|
|
2015-02-22 09:49:25 -05:00
|
|
|
ctx.JSON(status, map[string]string{
|
|
|
|
"message": message,
|
2015-10-08 19:36:07 -05:00
|
|
|
"url": base.DOC_URL,
|
2015-02-22 09:49:25 -05:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2014-04-15 11:27:29 -05:00
|
|
|
func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {
|
|
|
|
modtime := time.Now()
|
|
|
|
for _, p := range params {
|
|
|
|
switch v := p.(type) {
|
|
|
|
case time.Time:
|
|
|
|
modtime = v
|
|
|
|
}
|
|
|
|
}
|
2014-07-25 23:24:27 -05:00
|
|
|
ctx.Resp.Header().Set("Content-Description", "File Transfer")
|
|
|
|
ctx.Resp.Header().Set("Content-Type", "application/octet-stream")
|
|
|
|
ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)
|
|
|
|
ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")
|
|
|
|
ctx.Resp.Header().Set("Expires", "0")
|
|
|
|
ctx.Resp.Header().Set("Cache-Control", "must-revalidate")
|
|
|
|
ctx.Resp.Header().Set("Pragma", "public")
|
2014-10-18 22:26:55 -05:00
|
|
|
http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r)
|
2014-04-10 13:37:43 -05:00
|
|
|
}
|
|
|
|
|
2014-07-25 23:24:27 -05:00
|
|
|
// Contexter initializes a classic context for a request.
|
|
|
|
func Contexter() macaron.Handler {
|
2014-07-31 16:25:34 -05:00
|
|
|
return func(c *macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f *session.Flash, x csrf.CSRF) {
|
2014-03-15 06:01:50 -05:00
|
|
|
ctx := &Context{
|
2014-07-25 23:24:27 -05:00
|
|
|
Context: c,
|
2014-07-31 16:25:34 -05:00
|
|
|
Cache: cache,
|
|
|
|
csrf: x,
|
2014-07-25 23:24:27 -05:00
|
|
|
Flash: f,
|
|
|
|
Session: sess,
|
2015-12-04 17:20:23 -05:00
|
|
|
Repo: &RepoContext{},
|
2014-03-15 06:01:50 -05:00
|
|
|
}
|
2014-07-25 23:24:27 -05:00
|
|
|
// Compute current URL for real-time change language.
|
2015-11-13 16:43:43 -05:00
|
|
|
ctx.Data["Link"] = setting.AppSubUrl + strings.TrimSuffix(ctx.Req.URL.Path, "/")
|
2014-04-10 13:37:43 -05:00
|
|
|
|
2014-07-25 23:24:27 -05:00
|
|
|
ctx.Data["PageStartTime"] = time.Now()
|
2014-03-22 07:49:53 -05:00
|
|
|
|
2014-03-15 06:01:50 -05:00
|
|
|
// Get user from session if logined.
|
2015-09-02 01:40:15 -05:00
|
|
|
ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)
|
2014-11-07 14:46:13 -05:00
|
|
|
|
2014-07-25 23:24:27 -05:00
|
|
|
if ctx.User != nil {
|
|
|
|
ctx.IsSigned = true
|
|
|
|
ctx.Data["IsSigned"] = ctx.IsSigned
|
|
|
|
ctx.Data["SignedUser"] = ctx.User
|
2015-08-19 10:14:57 -05:00
|
|
|
ctx.Data["SignedUserID"] = ctx.User.Id
|
2014-11-06 22:06:41 -05:00
|
|
|
ctx.Data["SignedUserName"] = ctx.User.Name
|
2014-03-20 07:02:14 -05:00
|
|
|
ctx.Data["IsAdmin"] = ctx.User.IsAdmin
|
2014-11-06 22:06:41 -05:00
|
|
|
} else {
|
2015-08-19 10:14:57 -05:00
|
|
|
ctx.Data["SignedUserID"] = 0
|
2014-11-06 22:06:41 -05:00
|
|
|
ctx.Data["SignedUserName"] = ""
|
2014-03-15 07:50:17 -05:00
|
|
|
}
|
2014-03-15 06:01:50 -05:00
|
|
|
|
2014-07-24 08:19:59 -05:00
|
|
|
// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
|
2014-07-25 23:24:27 -05:00
|
|
|
if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
|
|
|
|
if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
|
|
|
|
ctx.Handle(500, "ParseMultipartForm", err)
|
2014-07-24 08:19:59 -05:00
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-07-31 16:25:34 -05:00
|
|
|
ctx.Data["CsrfToken"] = x.GetToken()
|
|
|
|
ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + x.GetToken() + `">`)
|
2015-12-21 07:24:11 -05:00
|
|
|
log.Debug("Session ID: %s", sess.ID())
|
|
|
|
log.Debug("CSRF Token: %v", ctx.Data["CsrfToken"])
|
2014-03-19 08:57:55 -05:00
|
|
|
|
2015-02-06 21:16:23 -05:00
|
|
|
ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton
|
2015-03-23 09:19:19 -05:00
|
|
|
ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding
|
2015-11-18 16:32:31 -05:00
|
|
|
ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion
|
2015-02-06 21:16:23 -05:00
|
|
|
|
2014-03-15 06:01:50 -05:00
|
|
|
c.Map(ctx)
|
|
|
|
}
|
|
|
|
}
|