2014-03-15 11:01:50 +00:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
|
|
// Use of this source code is governed by a MIT-style
|
|
|
|
// license that can be found in the LICENSE file.
|
|
|
|
|
2016-03-11 16:56:52 +00:00
|
|
|
package context
|
2014-03-15 11:01:50 +00:00
|
|
|
|
|
|
|
import (
|
2016-11-29 21:49:06 +00:00
|
|
|
"html"
|
2014-03-22 17:44:02 +00:00
|
|
|
"html/template"
|
2014-04-15 16:27:29 +00:00
|
|
|
"io"
|
2014-03-15 11:01:50 +00:00
|
|
|
"net/http"
|
2018-03-15 21:13:34 +00:00
|
|
|
"net/url"
|
2017-06-26 01:06:40 +00:00
|
|
|
"path"
|
2014-03-22 20:40:09 +00:00
|
|
|
"strings"
|
2014-03-19 13:57:55 +00:00
|
|
|
"time"
|
2014-03-15 11:01:50 +00:00
|
|
|
|
2016-11-10 16:24:48 +00:00
|
|
|
"code.gitea.io/gitea/models"
|
|
|
|
"code.gitea.io/gitea/modules/auth"
|
|
|
|
"code.gitea.io/gitea/modules/base"
|
|
|
|
"code.gitea.io/gitea/modules/log"
|
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2019-03-18 14:00:23 +00:00
|
|
|
"code.gitea.io/gitea/modules/util"
|
2017-06-26 01:06:40 +00:00
|
|
|
"github.com/Unknwon/com"
|
2016-11-05 16:56:35 +00:00
|
|
|
"github.com/go-macaron/cache"
|
|
|
|
"github.com/go-macaron/csrf"
|
|
|
|
"github.com/go-macaron/i18n"
|
|
|
|
"github.com/go-macaron/session"
|
2019-04-07 22:49:34 +00:00
|
|
|
"gopkg.in/macaron.v1"
|
2014-03-15 11:01:50 +00:00
|
|
|
)
|
|
|
|
|
2014-03-15 13:17:16 +00:00
|
|
|
// Context represents context of a request.
|
2014-03-15 11:01:50 +00:00
|
|
|
type Context struct {
|
2014-07-26 04:24:27 +00:00
|
|
|
*macaron.Context
|
2014-07-31 21:25:34 +00:00
|
|
|
Cache cache.Cache
|
|
|
|
csrf csrf.CSRF
|
2014-07-26 04:24:27 +00:00
|
|
|
Flash *session.Flash
|
|
|
|
Session session.Store
|
|
|
|
|
2017-06-26 01:06:40 +00:00
|
|
|
Link string // current request URL
|
2017-11-28 09:43:51 +00:00
|
|
|
EscapedLink string
|
2014-11-18 16:07:16 +00:00
|
|
|
User *models.User
|
|
|
|
IsSigned bool
|
|
|
|
IsBasicAuth bool
|
2014-03-15 16:03:23 +00:00
|
|
|
|
2016-03-11 16:56:52 +00:00
|
|
|
Repo *Repository
|
2016-03-13 21:37:44 +00:00
|
|
|
Org *Organization
|
2014-03-15 11:01:50 +00:00
|
|
|
}
|
|
|
|
|
2019-04-07 22:49:34 +00:00
|
|
|
// IsUserSiteAdmin returns true if current user is a site admin
|
|
|
|
func (ctx *Context) IsUserSiteAdmin() bool {
|
|
|
|
return ctx.IsSigned && ctx.User.IsAdmin
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsUserRepoOwner returns true if current user owns current repo
|
|
|
|
func (ctx *Context) IsUserRepoOwner() bool {
|
|
|
|
return ctx.Repo.IsOwner()
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsUserRepoAdmin returns true if current user is admin in current repo
|
|
|
|
func (ctx *Context) IsUserRepoAdmin() bool {
|
|
|
|
return ctx.Repo.IsAdmin()
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsUserRepoWriter returns true if current user has write privilege in current repo
|
|
|
|
func (ctx *Context) IsUserRepoWriter(unitTypes []models.UnitType) bool {
|
|
|
|
for _, unitType := range unitTypes {
|
|
|
|
if ctx.Repo.CanWrite(unitType) {
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsUserRepoReaderSpecific returns true if current user can read current repo's specific part
|
|
|
|
func (ctx *Context) IsUserRepoReaderSpecific(unitType models.UnitType) bool {
|
|
|
|
return ctx.Repo.CanRead(unitType)
|
|
|
|
}
|
|
|
|
|
|
|
|
// IsUserRepoReaderAny returns true if current user can read any part of current repo
|
|
|
|
func (ctx *Context) IsUserRepoReaderAny() bool {
|
|
|
|
return ctx.Repo.HasAccess()
|
|
|
|
}
|
|
|
|
|
2016-11-25 06:51:01 +00:00
|
|
|
// HasAPIError returns true if error occurs in form validation.
|
|
|
|
func (ctx *Context) HasAPIError() bool {
|
2014-05-05 17:08:01 +00:00
|
|
|
hasErr, ok := ctx.Data["HasError"]
|
|
|
|
if !ok {
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
return hasErr.(bool)
|
|
|
|
}
|
|
|
|
|
2016-11-25 06:51:01 +00:00
|
|
|
// GetErrMsg returns error message
|
2014-05-05 17:08:01 +00:00
|
|
|
func (ctx *Context) GetErrMsg() string {
|
|
|
|
return ctx.Data["ErrorMsg"].(string)
|
|
|
|
}
|
|
|
|
|
2014-03-15 14:52:14 +00:00
|
|
|
// HasError returns true if error occurs in form validation.
|
|
|
|
func (ctx *Context) HasError() bool {
|
|
|
|
hasErr, ok := ctx.Data["HasError"]
|
|
|
|
if !ok {
|
|
|
|
return false
|
|
|
|
}
|
2014-04-13 22:12:07 +00:00
|
|
|
ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
|
|
|
|
ctx.Data["Flash"] = ctx.Flash
|
2014-03-15 14:52:14 +00:00
|
|
|
return hasErr.(bool)
|
|
|
|
}
|
|
|
|
|
2015-07-08 11:47:56 +00:00
|
|
|
// HasValue returns true if value of given name exists.
|
|
|
|
func (ctx *Context) HasValue(name string) bool {
|
|
|
|
_, ok := ctx.Data[name]
|
|
|
|
return ok
|
|
|
|
}
|
|
|
|
|
2018-03-15 21:13:34 +00:00
|
|
|
// RedirectToFirst redirects to first not empty URL
|
|
|
|
func (ctx *Context) RedirectToFirst(location ...string) {
|
|
|
|
for _, loc := range location {
|
|
|
|
if len(loc) == 0 {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
u, err := url.Parse(loc)
|
|
|
|
if err != nil || (u.Scheme != "" && !strings.HasPrefix(strings.ToLower(loc), strings.ToLower(setting.AppURL))) {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
ctx.Redirect(loc)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
ctx.Redirect(setting.AppSubURL + "/")
|
|
|
|
}
|
|
|
|
|
2014-08-02 17:47:33 +00:00
|
|
|
// HTML calls Context.HTML and converts template name to string.
|
2014-07-26 04:24:27 +00:00
|
|
|
func (ctx *Context) HTML(status int, name base.TplName) {
|
2015-12-20 06:06:54 +00:00
|
|
|
log.Debug("Template: %s", name)
|
2014-08-02 17:47:33 +00:00
|
|
|
ctx.Context.HTML(status, string(name))
|
2014-03-20 11:50:26 +00:00
|
|
|
}
|
|
|
|
|
2014-03-15 14:52:14 +00:00
|
|
|
// RenderWithErr used for page has form validation but need to prompt error to users.
|
2014-07-26 04:24:27 +00:00
|
|
|
func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {
|
2014-04-03 19:50:55 +00:00
|
|
|
if form != nil {
|
|
|
|
auth.AssignForm(form, ctx.Data)
|
|
|
|
}
|
2014-04-10 20:36:50 +00:00
|
|
|
ctx.Flash.ErrorMsg = msg
|
|
|
|
ctx.Data["Flash"] = ctx.Flash
|
2014-03-20 11:50:26 +00:00
|
|
|
ctx.HTML(200, tpl)
|
2014-03-15 14:52:14 +00:00
|
|
|
}
|
|
|
|
|
2018-01-10 21:34:17 +00:00
|
|
|
// NotFound displays a 404 (Not Found) page and prints the given error, if any.
|
|
|
|
func (ctx *Context) NotFound(title string, err error) {
|
2019-04-09 18:10:42 +00:00
|
|
|
ctx.notFoundInternal(title, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *Context) notFoundInternal(title string, err error) {
|
2014-05-01 22:53:41 +00:00
|
|
|
if err != nil {
|
2019-04-09 18:10:42 +00:00
|
|
|
log.ErrorWithSkip(2, "%s: %v", title, err)
|
2014-07-26 04:24:27 +00:00
|
|
|
if macaron.Env != macaron.PROD {
|
2014-05-01 22:53:41 +00:00
|
|
|
ctx.Data["ErrorMsg"] = err
|
|
|
|
}
|
2014-03-19 08:48:45 +00:00
|
|
|
}
|
|
|
|
|
2019-02-19 23:09:47 +00:00
|
|
|
ctx.Data["IsRepo"] = ctx.Repo.Repository != nil
|
2018-01-10 21:34:17 +00:00
|
|
|
ctx.Data["Title"] = "Page Not Found"
|
|
|
|
ctx.HTML(http.StatusNotFound, base.TplName("status/404"))
|
|
|
|
}
|
|
|
|
|
|
|
|
// ServerError displays a 500 (Internal Server Error) page and prints the given
|
|
|
|
// error, if any.
|
|
|
|
func (ctx *Context) ServerError(title string, err error) {
|
2019-04-09 18:10:42 +00:00
|
|
|
ctx.serverErrorInternal(title, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (ctx *Context) serverErrorInternal(title string, err error) {
|
2018-01-10 21:34:17 +00:00
|
|
|
if err != nil {
|
2019-04-09 18:10:42 +00:00
|
|
|
log.ErrorWithSkip(2, "%s: %v", title, err)
|
2018-01-10 21:34:17 +00:00
|
|
|
if macaron.Env != macaron.PROD {
|
|
|
|
ctx.Data["ErrorMsg"] = err
|
|
|
|
}
|
2014-05-01 22:53:41 +00:00
|
|
|
}
|
2018-01-10 21:34:17 +00:00
|
|
|
|
|
|
|
ctx.Data["Title"] = "Internal Server Error"
|
2019-01-30 22:00:00 +00:00
|
|
|
ctx.HTML(http.StatusInternalServerError, base.TplName("status/500"))
|
2014-03-15 11:01:50 +00:00
|
|
|
}
|
|
|
|
|
2016-08-30 09:08:38 +00:00
|
|
|
// NotFoundOrServerError use error check function to determine if the error
|
|
|
|
// is about not found. It responses with 404 status code for not found error,
|
|
|
|
// or error context description for logging purpose of 500 server error.
|
|
|
|
func (ctx *Context) NotFoundOrServerError(title string, errck func(error) bool, err error) {
|
2016-07-25 18:48:17 +00:00
|
|
|
if errck(err) {
|
2019-04-09 18:10:42 +00:00
|
|
|
ctx.notFoundInternal(title, err)
|
2016-07-25 18:48:17 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-04-09 18:10:42 +00:00
|
|
|
ctx.serverErrorInternal(title, err)
|
2016-07-25 18:48:17 +00:00
|
|
|
}
|
|
|
|
|
2016-11-25 06:51:01 +00:00
|
|
|
// HandleText handles HTTP status code
|
2015-03-28 14:30:05 +00:00
|
|
|
func (ctx *Context) HandleText(status int, title string) {
|
2015-07-08 11:47:56 +00:00
|
|
|
if (status/100 == 4) || (status/100 == 5) {
|
2019-04-02 07:48:31 +00:00
|
|
|
log.Error("%s", title)
|
2015-03-28 14:30:05 +00:00
|
|
|
}
|
2015-10-16 01:28:12 +00:00
|
|
|
ctx.PlainText(status, []byte(title))
|
2015-03-28 14:30:05 +00:00
|
|
|
}
|
|
|
|
|
2016-11-25 06:51:01 +00:00
|
|
|
// ServeContent serves content to http request
|
2014-04-15 16:27:29 +00:00
|
|
|
func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {
|
|
|
|
modtime := time.Now()
|
|
|
|
for _, p := range params {
|
|
|
|
switch v := p.(type) {
|
|
|
|
case time.Time:
|
|
|
|
modtime = v
|
|
|
|
}
|
|
|
|
}
|
2014-07-26 04:24:27 +00:00
|
|
|
ctx.Resp.Header().Set("Content-Description", "File Transfer")
|
|
|
|
ctx.Resp.Header().Set("Content-Type", "application/octet-stream")
|
|
|
|
ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)
|
|
|
|
ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")
|
|
|
|
ctx.Resp.Header().Set("Expires", "0")
|
|
|
|
ctx.Resp.Header().Set("Cache-Control", "must-revalidate")
|
|
|
|
ctx.Resp.Header().Set("Pragma", "public")
|
2014-10-19 03:26:55 +00:00
|
|
|
http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r)
|
2014-04-10 18:37:43 +00:00
|
|
|
}
|
|
|
|
|
2014-07-26 04:24:27 +00:00
|
|
|
// Contexter initializes a classic context for a request.
|
|
|
|
func Contexter() macaron.Handler {
|
2014-07-31 21:25:34 +00:00
|
|
|
return func(c *macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f *session.Flash, x csrf.CSRF) {
|
2014-03-15 11:01:50 +00:00
|
|
|
ctx := &Context{
|
2014-07-26 04:24:27 +00:00
|
|
|
Context: c,
|
2014-07-31 21:25:34 +00:00
|
|
|
Cache: cache,
|
|
|
|
csrf: x,
|
2014-07-26 04:24:27 +00:00
|
|
|
Flash: f,
|
|
|
|
Session: sess,
|
2017-11-28 09:43:51 +00:00
|
|
|
Link: setting.AppSubURL + strings.TrimSuffix(c.Req.URL.EscapedPath(), "/"),
|
2016-03-11 16:56:52 +00:00
|
|
|
Repo: &Repository{
|
|
|
|
PullRequest: &PullRequest{},
|
2016-03-07 04:57:46 +00:00
|
|
|
},
|
2016-03-13 21:37:44 +00:00
|
|
|
Org: &Organization{},
|
2014-03-15 11:01:50 +00:00
|
|
|
}
|
2019-03-18 12:49:01 +00:00
|
|
|
ctx.Data["Language"] = ctx.Locale.Language()
|
2017-06-26 01:06:40 +00:00
|
|
|
c.Data["Link"] = ctx.Link
|
2014-07-26 04:24:27 +00:00
|
|
|
ctx.Data["PageStartTime"] = time.Now()
|
2017-06-26 01:06:40 +00:00
|
|
|
// Quick responses appropriate go-get meta with status 200
|
|
|
|
// regardless of if user have access to the repository,
|
|
|
|
// or the repository does not exist at all.
|
|
|
|
// This is particular a workaround for "go get" command which does not respect
|
|
|
|
// .netrc file.
|
|
|
|
if ctx.Query("go-get") == "1" {
|
|
|
|
ownerName := c.Params(":username")
|
|
|
|
repoName := c.Params(":reponame")
|
|
|
|
branchName := "master"
|
|
|
|
|
2017-12-02 07:34:39 +00:00
|
|
|
repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName)
|
|
|
|
if err == nil && len(repo.DefaultBranch) > 0 {
|
|
|
|
branchName = repo.DefaultBranch
|
2017-06-26 01:06:40 +00:00
|
|
|
}
|
2019-03-18 14:00:23 +00:00
|
|
|
prefix := setting.AppURL + path.Join(url.PathEscape(ownerName), url.PathEscape(repoName), "src", "branch", util.PathEscapeSegments(branchName))
|
2019-05-27 21:08:38 +00:00
|
|
|
|
|
|
|
appURL, _ := url.Parse(setting.AppURL)
|
|
|
|
|
|
|
|
insecure := ""
|
|
|
|
if appURL.Scheme == string(setting.HTTP) {
|
|
|
|
insecure = "--insecure "
|
|
|
|
}
|
2018-01-29 17:50:04 +00:00
|
|
|
c.Header().Set("Content-Type", "text/html")
|
|
|
|
c.WriteHeader(http.StatusOK)
|
2019-06-12 19:41:28 +00:00
|
|
|
_, _ = c.Write([]byte(com.Expand(`<!doctype html>
|
2017-06-26 01:06:40 +00:00
|
|
|
<html>
|
|
|
|
<head>
|
|
|
|
<meta name="go-import" content="{GoGetImport} git {CloneLink}">
|
|
|
|
<meta name="go-source" content="{GoGetImport} _ {GoDocDirectory} {GoDocFile}">
|
|
|
|
</head>
|
|
|
|
<body>
|
2019-05-27 21:08:38 +00:00
|
|
|
go get {Insecure}{GoGetImport}
|
2017-06-26 01:06:40 +00:00
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
`, map[string]string{
|
2017-10-02 13:55:09 +00:00
|
|
|
"GoGetImport": ComposeGoGetImport(ownerName, strings.TrimSuffix(repoName, ".git")),
|
2017-06-26 01:06:40 +00:00
|
|
|
"CloneLink": models.ComposeHTTPSCloneURL(ownerName, repoName),
|
|
|
|
"GoDocDirectory": prefix + "{/dir}",
|
|
|
|
"GoDocFile": prefix + "{/dir}/{file}#L{line}",
|
2019-05-27 21:08:38 +00:00
|
|
|
"Insecure": insecure,
|
2017-06-26 01:06:40 +00:00
|
|
|
})))
|
|
|
|
return
|
|
|
|
}
|
2014-03-22 12:49:53 +00:00
|
|
|
|
2017-03-15 00:52:01 +00:00
|
|
|
// Get user from session if logged in.
|
2015-09-02 06:40:15 +00:00
|
|
|
ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)
|
2014-11-07 19:46:13 +00:00
|
|
|
|
2014-07-26 04:24:27 +00:00
|
|
|
if ctx.User != nil {
|
|
|
|
ctx.IsSigned = true
|
|
|
|
ctx.Data["IsSigned"] = ctx.IsSigned
|
|
|
|
ctx.Data["SignedUser"] = ctx.User
|
2016-07-23 17:08:22 +00:00
|
|
|
ctx.Data["SignedUserID"] = ctx.User.ID
|
2014-11-07 03:06:41 +00:00
|
|
|
ctx.Data["SignedUserName"] = ctx.User.Name
|
2014-03-20 12:02:14 +00:00
|
|
|
ctx.Data["IsAdmin"] = ctx.User.IsAdmin
|
2014-11-07 03:06:41 +00:00
|
|
|
} else {
|
2017-12-03 23:14:26 +00:00
|
|
|
ctx.Data["SignedUserID"] = int64(0)
|
2014-11-07 03:06:41 +00:00
|
|
|
ctx.Data["SignedUserName"] = ""
|
2014-03-15 12:50:17 +00:00
|
|
|
}
|
2014-03-15 11:01:50 +00:00
|
|
|
|
2014-07-24 13:19:59 +00:00
|
|
|
// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
|
2014-07-26 04:24:27 +00:00
|
|
|
if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
|
|
|
|
if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
|
2018-01-10 21:34:17 +00:00
|
|
|
ctx.ServerError("ParseMultipartForm", err)
|
2014-07-24 13:19:59 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-11-29 21:49:06 +00:00
|
|
|
ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`)
|
|
|
|
|
|
|
|
ctx.Data["CsrfToken"] = html.EscapeString(x.GetToken())
|
|
|
|
ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + ctx.Data["CsrfToken"].(string) + `">`)
|
2015-12-21 12:24:11 +00:00
|
|
|
log.Debug("Session ID: %s", sess.ID())
|
|
|
|
log.Debug("CSRF Token: %v", ctx.Data["CsrfToken"])
|
2014-03-19 13:57:55 +00:00
|
|
|
|
2018-08-27 02:23:27 +00:00
|
|
|
ctx.Data["IsLandingPageHome"] = setting.LandingPageURL == setting.LandingPageHome
|
|
|
|
ctx.Data["IsLandingPageExplore"] = setting.LandingPageURL == setting.LandingPageExplore
|
|
|
|
ctx.Data["IsLandingPageOrganizations"] = setting.LandingPageURL == setting.LandingPageOrganizations
|
|
|
|
|
2015-02-07 02:16:23 +00:00
|
|
|
ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton
|
2015-03-23 14:19:19 +00:00
|
|
|
ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding
|
2015-11-18 21:32:31 +00:00
|
|
|
ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion
|
2018-08-27 02:23:27 +00:00
|
|
|
|
2018-07-28 00:19:01 +00:00
|
|
|
ctx.Data["EnableSwagger"] = setting.API.EnableSwagger
|
2017-03-29 10:57:43 +00:00
|
|
|
ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn
|
2015-02-07 02:16:23 +00:00
|
|
|
|
2014-03-15 11:01:50 +00:00
|
|
|
c.Map(ctx)
|
|
|
|
}
|
|
|
|
}
|