Merge branch 'master'

2025-12-07 13:28:25 +00:00 · 2019-05-08 23:57:57 +02:00
parent c097a29d69
commit 3a3ccf801b
326 changed files with 37528 additions and 829 deletions
@@ -326,7 +326,7 @@ func GetAllUsers(ctx *context.APIContext) {

 	results := make([]*api.User, len(users))
 	for i := range users {
-		results[i] = convert.ToUser(users[i], ctx.IsSigned, ctx.User.IsAdmin)
+		results[i] = convert.ToUser(users[i], ctx.IsSigned, ctx.User != nil && ctx.User.IsAdmin)
 	}

 	ctx.JSON(200, &results)
@@ -624,7 +624,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 		headUser, err = models.GetUserByName(headInfos[0])
 		if err != nil {
 			if models.IsErrUserNotExist(err) {
-				ctx.NotFound("GetUserByName", nil)
+				ctx.NotFound("GetUserByName")
 			} else {
 				ctx.ServerError("GetUserByName", err)
 			}
@@ -642,7 +642,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 	log.Info("Repo path: %s", ctx.Repo.GitRepo.Path)
 	// Check if base branch is valid.
 	if !ctx.Repo.GitRepo.IsBranchExist(baseBranch) {
-		ctx.NotFound()
+		ctx.NotFound("IsBranchExist")
 		return nil, nil, nil, nil, "", ""
 	}

@@ -650,7 +650,7 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 	headRepo, has := models.HasForkedRepo(headUser.ID, baseRepo.ID)
 	if !has && !isSameRepo {
 		log.Trace("parseCompareInfo[%d]: does not have fork or in same repository", baseRepo.ID)
-		ctx.NotFound()
+		ctx.NotFound("HasForkedRepo")
 		return nil, nil, nil, nil, "", ""
 	}

@@ -666,19 +666,37 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
 		}
 	}

-	perm, err := models.GetUserRepoPermission(headRepo, ctx.User)
+	// user should have permission to read baseRepo's codes and pulls, NOT headRepo's
+	permBase, err := models.GetUserRepoPermission(baseRepo, ctx.User)
 	if err != nil {
 		ctx.ServerError("GetUserRepoPermission", err)
 		return nil, nil, nil, nil, "", ""
 	}
-	if !perm.CanReadIssuesOrPulls(true) {
+	if !permBase.CanReadIssuesOrPulls(true) || !permBase.CanRead(models.UnitTypeCode) {
 		if log.IsTrace() {
-			log.Trace("Permission Denied: User %-v cannot create/read pull requests in Repo %-v\nUser in headRepo has Permissions: %-+v",
+			log.Trace("Permission Denied: User %-v cannot create/read pull requests or cannot read code in Repo %-v\nUser in baseRepo has Permissions: %-+v",
+				ctx.User,
+				baseRepo,
+				permBase)
+		}
+		ctx.NotFound("Can't read pulls or can't read UnitTypeCode")
+		return nil, nil, nil, nil, "", ""
+	}
+
+	// user should have permission to read headrepo's codes
+	permHead, err := models.GetUserRepoPermission(headRepo, ctx.User)
+	if err != nil {
+		ctx.ServerError("GetUserRepoPermission", err)
+		return nil, nil, nil, nil, "", ""
+	}
+	if !permHead.CanRead(models.UnitTypeCode) {
+		if log.IsTrace() {
+			log.Trace("Permission Denied: User: %-v cannot read code in Repo: %-v\nUser in headRepo has Permissions: %-+v",
 				ctx.User,
 				headRepo,
-				perm)
+				permHead)
 		}
-		ctx.NotFound()
+		ctx.NotFound("Can't read headRepo UnitTypeCode")
 		return nil, nil, nil, nil, "", ""
 	}

@@ -14,6 +14,7 @@ import (
 	"code.gitea.io/gitea/modules/auth"
 	"code.gitea.io/gitea/modules/context"
 	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/migrations"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
 	"code.gitea.io/gitea/routers/api/v1/convert"
@@ -401,31 +402,63 @@ func Migrate(ctx *context.APIContext, form auth.MigrateRepoForm) {
 		return
 	}

-	repo, err := models.MigrateRepository(ctx.User, ctxUser, models.MigrateRepoOptions{
-		Name:        form.RepoName,
-		Description: form.Description,
-		IsPrivate:   form.Private || setting.Repository.ForcePrivate,
-		IsMirror:    form.Mirror,
-		RemoteAddr:  remoteAddr,
-	})
-	if err != nil {
-		if models.IsErrRepoAlreadyExist(err) {
-			ctx.Error(409, "", "The repository with the same name already exists.")
-			return
-		}
+	var opts = migrations.MigrateOptions{
+		RemoteURL:    remoteAddr,
+		Name:         form.RepoName,
+		Description:  form.Description,
+		Private:      form.Private || setting.Repository.ForcePrivate,
+		Mirror:       form.Mirror,
+		AuthUsername: form.AuthUsername,
+		AuthPassword: form.AuthPassword,
+		Wiki:         form.Wiki,
+		Issues:       form.Issues,
+		Milestones:   form.Milestones,
+		Labels:       form.Labels,
+		Comments:     true,
+		PullRequests: form.PullRequests,
+		Releases:     form.Releases,
+	}
+	if opts.Mirror {
+		opts.Issues = false
+		opts.Milestones = false
+		opts.Labels = false
+		opts.Comments = false
+		opts.PullRequests = false
+		opts.Releases = false
+	}

-		err = util.URLSanitizedError(err, remoteAddr)
-		if repo != nil {
-			if errDelete := models.DeleteRepository(ctx.User, ctxUser.ID, repo.ID); errDelete != nil {
-				log.Error("DeleteRepository: %v", errDelete)
-			}
-		}
-		ctx.Error(500, "MigrateRepository", err)
+	repo, err := migrations.MigrateRepository(ctx.User, ctxUser.Name, opts)
+	if err == nil {
+		log.Trace("Repository migrated: %s/%s", ctxUser.Name, form.RepoName)
+		ctx.JSON(201, repo.APIFormat(models.AccessModeAdmin))
 		return
 	}

-	log.Trace("Repository migrated: %s/%s", ctxUser.Name, form.RepoName)
-	ctx.JSON(201, repo.APIFormat(models.AccessModeAdmin))
+	switch {
+	case models.IsErrRepoAlreadyExist(err):
+		ctx.Error(409, "", "The repository with the same name already exists.")
+	case migrations.IsRateLimitError(err):
+		ctx.Error(422, "", "Remote visit addressed rate limitation.")
+	case migrations.IsTwoFactorAuthError(err):
+		ctx.Error(422, "", "Remote visit required two factors authentication.")
+	case models.IsErrReachLimitOfRepo(err):
+		ctx.Error(422, "", fmt.Sprintf("You have already reached your limit of %d repositories.", ctxUser.MaxCreationLimit()))
+	case models.IsErrNameReserved(err):
+		ctx.Error(422, "", fmt.Sprintf("The username '%s' is reserved.", err.(models.ErrNameReserved).Name))
+	case models.IsErrNamePatternNotAllowed(err):
+		ctx.Error(422, "", fmt.Sprintf("The pattern '%s' is not allowed in a username.", err.(models.ErrNamePatternNotAllowed).Pattern))
+	default:
+		err = util.URLSanitizedError(err, remoteAddr)
+		if strings.Contains(err.Error(), "Authentication failed") ||
+			strings.Contains(err.Error(), "Bad credentials") ||
+			strings.Contains(err.Error(), "could not read Username") {
+			ctx.Error(422, "", fmt.Sprintf("Authentication failed: %v.", err))
+		} else if strings.Contains(err.Error(), "fatal:") {
+			ctx.Error(422, "", fmt.Sprintf("Migration failed: %v.", err))
+		} else {
+			ctx.Error(500, "MigrateRepository", err)
+		}
+	}
 }

 // Get one repository
@@ -37,9 +37,9 @@ func ListAccessTokens(ctx *context.APIContext) {
 	apiTokens := make([]*api.AccessToken, len(tokens))
 	for i := range tokens {
 		apiTokens[i] = &api.AccessToken{
-			ID:   tokens[i].ID,
-			Name: tokens[i].Name,
-			Sha1: tokens[i].Sha1,
+			ID:             tokens[i].ID,
+			Name:           tokens[i].Name,
+			TokenLastEight: tokens[i].TokenLastEight,
 		}
 	}
 	ctx.JSON(200, &apiTokens)
@@ -81,9 +81,9 @@ func CreateAccessToken(ctx *context.APIContext, form api.CreateAccessTokenOption
 		return
 	}
 	ctx.JSON(201, &api.AccessToken{
-		Name: t.Name,
-		Sha1: t.Sha1,
-		ID:   t.ID,
+		Name:  t.Name,
+		Token: t.Token,
+		ID:    t.ID,
 	})
 }

@@ -67,7 +67,7 @@ func Search(ctx *context.APIContext) {

 	results := make([]*api.User, len(users))
 	for i := range users {
-		results[i] = convert.ToUser(users[i], ctx.IsSigned, ctx.User.IsAdmin)
+		results[i] = convert.ToUser(users[i], ctx.IsSigned, ctx.User != nil && ctx.User.IsAdmin)
 	}

 	ctx.JSON(200, map[string]interface{}{