From a910abbb451ea89b8279b43bd818a140fe0f3b51 Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Mon, 11 Nov 2024 07:37:24 +0800 Subject: [PATCH 1/9] Add a doctor check to disable the "Actions" unit for mirrors (#32424) Resolve #32232 Users can disable the "Actions" unit for all mirror repos by running ``` gitea doctor check --run disable-mirror-actions-unit --fix ``` --- services/doctor/actions.go | 70 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) create mode 100644 services/doctor/actions.go diff --git a/services/doctor/actions.go b/services/doctor/actions.go new file mode 100644 index 0000000000..7c44fb8392 --- /dev/null +++ b/services/doctor/actions.go @@ -0,0 +1,70 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package doctor + +import ( + "context" + "fmt" + + "code.gitea.io/gitea/models/db" + repo_model "code.gitea.io/gitea/models/repo" + unit_model "code.gitea.io/gitea/models/unit" + "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/optional" + repo_service "code.gitea.io/gitea/services/repository" +) + +func disableMirrorActionsUnit(ctx context.Context, logger log.Logger, autofix bool) error { + var reposToFix []*repo_model.Repository + + for page := 1; ; page++ { + repos, _, err := repo_model.SearchRepository(ctx, &repo_model.SearchRepoOptions{ + ListOptions: db.ListOptions{ + PageSize: repo_model.RepositoryListDefaultPageSize, + Page: page, + }, + Mirror: optional.Some(true), + }) + if err != nil { + return fmt.Errorf("SearchRepository: %w", err) + } + if len(repos) == 0 { + break + } + + for _, repo := range repos { + if repo.UnitEnabled(ctx, unit_model.TypeActions) { + reposToFix = append(reposToFix, repo) + } + } + } + + if len(reposToFix) == 0 { + logger.Info("Found no mirror with actions unit enabled") + } else { + logger.Warn("Found %d mirrors with actions unit enabled", len(reposToFix)) + } + if !autofix || len(reposToFix) == 0 { + return nil + } + + for _, repo := range reposToFix { + if err := repo_service.UpdateRepositoryUnits(ctx, repo, nil, []unit_model.Type{unit_model.TypeActions}); err != nil { + return err + } + } + logger.Info("Fixed %d mirrors with actions unit enabled", len(reposToFix)) + + return nil +} + +func init() { + Register(&Check{ + Title: "Disable the actions unit for all mirrors", + Name: "disable-mirror-actions-unit", + IsDefault: false, + Run: disableMirrorActionsUnit, + Priority: 9, + }) +} From b1f42a0cdddc8db9eef87041d6bcb328b2ef35fc Mon Sep 17 00:00:00 2001 From: Zettat123 Date: Mon, 11 Nov 2024 08:11:00 +0800 Subject: [PATCH 2/9] Add `DEFAULT_MIRROR_REPO_UNITS` and `DEFAULT_TEMPLATE_REPO_UNITS` options (#32416) Resolve #30350 The action unit of mirrors and templates should be disabled by default. This PR adds `DEFAULT_MIRROR_REPO_UNITS` and `DEFAULT_TEMPLATE_REPO_UNITS` options to allow users to specify default units for mirrors and templates. Thanks to @lng2020 for the [idea](https://github.com/go-gitea/gitea/issues/30350#issuecomment-2053942243) --- custom/conf/app.example.ini | 8 +++++++ models/unit/unit.go | 40 +++++++++++++++++++++++++++++++++++ modules/setting/repository.go | 4 ++++ services/repository/create.go | 7 +++++- 4 files changed, 58 insertions(+), 1 deletion(-) diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index f201ff1d19..7d5b3961bc 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -1007,6 +1007,14 @@ LEVEL = Info ;; The set of allowed values and rules are the same as DEFAULT_REPO_UNITS. ;DEFAULT_FORK_REPO_UNITS = repo.code,repo.pulls ;; +;; Comma separated list of default mirror repo units. +;; The set of allowed values and rules are the same as DEFAULT_REPO_UNITS. +;DEFAULT_MIRROR_REPO_UNITS = repo.code,repo.releases,repo.issues,repo.wiki,repo.projects,repo.packages +;; +;; Comma separated list of default template repo units. +;; The set of allowed values and rules are the same as DEFAULT_REPO_UNITS. +;DEFAULT_TEMPLATE_REPO_UNITS = repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects,repo.packages +;; ;; Prefix archive files by placing them in a directory named after the repository ;PREFIX_ARCHIVE_FILES = true ;; diff --git a/models/unit/unit.go b/models/unit/unit.go index 3b62e5f982..c816fc6c68 100644 --- a/models/unit/unit.go +++ b/models/unit/unit.go @@ -80,6 +80,27 @@ var ( TypePullRequests, } + // DefaultMirrorRepoUnits contains the default unit types for mirrors + DefaultMirrorRepoUnits = []Type{ + TypeCode, + TypeIssues, + TypeReleases, + TypeWiki, + TypeProjects, + TypePackages, + } + + // DefaultTemplateRepoUnits contains the default unit types for templates + DefaultTemplateRepoUnits = []Type{ + TypeCode, + TypeIssues, + TypePullRequests, + TypeReleases, + TypeWiki, + TypeProjects, + TypePackages, + } + // NotAllowedDefaultRepoUnits contains units that can't be default NotAllowedDefaultRepoUnits = []Type{ TypeExternalWiki, @@ -147,6 +168,7 @@ func LoadUnitConfig() error { if len(DefaultRepoUnits) == 0 { return errors.New("no default repository units found") } + // default fork repo units setDefaultForkRepoUnits, invalidKeys := FindUnitTypes(setting.Repository.DefaultForkRepoUnits...) if len(invalidKeys) > 0 { log.Warn("Invalid keys in default fork repo units: %s", strings.Join(invalidKeys, ", ")) @@ -155,6 +177,24 @@ func LoadUnitConfig() error { if len(DefaultForkRepoUnits) == 0 { return errors.New("no default fork repository units found") } + // default mirror repo units + setDefaultMirrorRepoUnits, invalidKeys := FindUnitTypes(setting.Repository.DefaultMirrorRepoUnits...) + if len(invalidKeys) > 0 { + log.Warn("Invalid keys in default mirror repo units: %s", strings.Join(invalidKeys, ", ")) + } + DefaultMirrorRepoUnits = validateDefaultRepoUnits(DefaultMirrorRepoUnits, setDefaultMirrorRepoUnits) + if len(DefaultMirrorRepoUnits) == 0 { + return errors.New("no default mirror repository units found") + } + // default template repo units + setDefaultTemplateRepoUnits, invalidKeys := FindUnitTypes(setting.Repository.DefaultTemplateRepoUnits...) + if len(invalidKeys) > 0 { + log.Warn("Invalid keys in default template repo units: %s", strings.Join(invalidKeys, ", ")) + } + DefaultTemplateRepoUnits = validateDefaultRepoUnits(DefaultTemplateRepoUnits, setDefaultTemplateRepoUnits) + if len(DefaultTemplateRepoUnits) == 0 { + return errors.New("no default template repository units found") + } return nil } diff --git a/modules/setting/repository.go b/modules/setting/repository.go index 8656ebc7ec..14cf5805c0 100644 --- a/modules/setting/repository.go +++ b/modules/setting/repository.go @@ -43,6 +43,8 @@ var ( DisabledRepoUnits []string DefaultRepoUnits []string DefaultForkRepoUnits []string + DefaultMirrorRepoUnits []string + DefaultTemplateRepoUnits []string PrefixArchiveFiles bool DisableMigrations bool DisableStars bool `ini:"DISABLE_STARS"` @@ -161,6 +163,8 @@ var ( DisabledRepoUnits: []string{}, DefaultRepoUnits: []string{}, DefaultForkRepoUnits: []string{}, + DefaultMirrorRepoUnits: []string{}, + DefaultTemplateRepoUnits: []string{}, PrefixArchiveFiles: true, DisableMigrations: false, DisableStars: false, diff --git a/services/repository/create.go b/services/repository/create.go index 261ac7fccc..0207f12a33 100644 --- a/services/repository/create.go +++ b/services/repository/create.go @@ -381,8 +381,13 @@ func CreateRepositoryByExample(ctx context.Context, doer, u *user_model.User, re // insert units for repo defaultUnits := unit.DefaultRepoUnits - if isFork { + switch { + case isFork: defaultUnits = unit.DefaultForkRepoUnits + case repo.IsMirror: + defaultUnits = unit.DefaultMirrorRepoUnits + case repo.IsTemplate: + defaultUnits = unit.DefaultTemplateRepoUnits } units := make([]repo_model.RepoUnit, 0, len(defaultUnits)) for _, tp := range defaultUnits { From 43c252dfeaf9ab03c4db3e7ac5169bc0d69901ac Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Mon, 11 Nov 2024 01:38:30 +0100 Subject: [PATCH 3/9] Calculate `PublicOnly` for org membership only once (#32234) Refactoring of #32211 this move the PublicOnly() filter calcuation next to the DB querys and let it be decided by the Doer --- *Sponsored by Kithara Software GmbH* --- models/organization/org.go | 18 ++++++--- models/organization/org_test.go | 60 +++++++++++++++------------- models/organization/org_user_test.go | 4 +- routers/api/v1/org/member.go | 22 +++++----- routers/web/org/home.go | 8 ++-- routers/web/org/members.go | 8 ++-- services/context/org.go | 7 ++-- 7 files changed, 73 insertions(+), 54 deletions(-) diff --git a/models/organization/org.go b/models/organization/org.go index b33d15d29c..28a46ec8f5 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -141,8 +141,9 @@ func (org *Organization) LoadTeams(ctx context.Context) ([]*Team, error) { } // GetMembers returns all members of organization. -func (org *Organization) GetMembers(ctx context.Context) (user_model.UserList, map[int64]bool, error) { +func (org *Organization) GetMembers(ctx context.Context, doer *user_model.User) (user_model.UserList, map[int64]bool, error) { return FindOrgMembers(ctx, &FindOrgMembersOpts{ + Doer: doer, OrgID: org.ID, }) } @@ -195,16 +196,22 @@ func (org *Organization) CanCreateRepo() bool { // FindOrgMembersOpts represensts find org members conditions type FindOrgMembersOpts struct { db.ListOptions - OrgID int64 - PublicOnly bool + Doer *user_model.User + IsDoerMember bool + OrgID int64 +} + +func (opts FindOrgMembersOpts) PublicOnly() bool { + return opts.Doer == nil || !(opts.IsDoerMember || opts.Doer.IsAdmin) } // CountOrgMembers counts the organization's members func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) - if opts.PublicOnly { + if opts.PublicOnly() { sess.And("is_public = ?", true) } + return sess.Count(new(OrgUser)) } @@ -525,9 +532,10 @@ func GetOrgsCanCreateRepoByUserID(ctx context.Context, userID int64) ([]*Organiz // GetOrgUsersByOrgID returns all organization-user relations by organization ID. func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUser, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) - if opts.PublicOnly { + if opts.PublicOnly() { sess.And("is_public = ?", true) } + if opts.ListOptions.PageSize > 0 { sess = db.SetSessionPagination(sess, opts) diff --git a/models/organization/org_test.go b/models/organization/org_test.go index 23ef22e2fb..5442c37ccc 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -4,6 +4,7 @@ package organization_test import ( + "sort" "testing" "code.gitea.io/gitea/models/db" @@ -103,7 +104,7 @@ func TestUser_GetTeams(t *testing.T) { func TestUser_GetMembers(t *testing.T) { assert.NoError(t, unittest.PrepareTestDatabase()) org := unittest.AssertExistsAndLoadBean(t, &organization.Organization{ID: 3}) - members, _, err := org.GetMembers(db.DefaultContext) + members, _, err := org.GetMembers(db.DefaultContext, &user_model.User{IsAdmin: true}) assert.NoError(t, err) if assert.Len(t, members, 3) { assert.Equal(t, int64(2), members[0].ID) @@ -210,37 +211,42 @@ func TestFindOrgs(t *testing.T) { func TestGetOrgUsersByOrgID(t *testing.T) { assert.NoError(t, unittest.PrepareTestDatabase()) - orgUsers, err := organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ - ListOptions: db.ListOptions{}, - OrgID: 3, - PublicOnly: false, - }) - assert.NoError(t, err) - if assert.Len(t, orgUsers, 3) { - assert.Equal(t, organization.OrgUser{ - ID: orgUsers[0].ID, - OrgID: 3, - UID: 2, - IsPublic: true, - }, *orgUsers[0]) - assert.Equal(t, organization.OrgUser{ - ID: orgUsers[1].ID, - OrgID: 3, - UID: 4, - IsPublic: false, - }, *orgUsers[1]) - assert.Equal(t, organization.OrgUser{ - ID: orgUsers[2].ID, - OrgID: 3, - UID: 28, - IsPublic: true, - }, *orgUsers[2]) + opts := &organization.FindOrgMembersOpts{ + Doer: &user_model.User{IsAdmin: true}, + OrgID: 3, } + assert.False(t, opts.PublicOnly()) + orgUsers, err := organization.GetOrgUsersByOrgID(db.DefaultContext, opts) + assert.NoError(t, err) + sort.Slice(orgUsers, func(i, j int) bool { + return orgUsers[i].ID < orgUsers[j].ID + }) + assert.EqualValues(t, []*organization.OrgUser{{ + ID: 1, + OrgID: 3, + UID: 2, + IsPublic: true, + }, { + ID: 2, + OrgID: 3, + UID: 4, + IsPublic: false, + }, { + ID: 9, + OrgID: 3, + UID: 28, + IsPublic: true, + }}, orgUsers) + + opts = &organization.FindOrgMembersOpts{OrgID: 3} + assert.True(t, opts.PublicOnly()) + orgUsers, err = organization.GetOrgUsersByOrgID(db.DefaultContext, opts) + assert.NoError(t, err) + assert.Len(t, orgUsers, 2) orgUsers, err = organization.GetOrgUsersByOrgID(db.DefaultContext, &organization.FindOrgMembersOpts{ ListOptions: db.ListOptions{}, OrgID: unittest.NonexistentID, - PublicOnly: false, }) assert.NoError(t, err) assert.Len(t, orgUsers, 0) diff --git a/models/organization/org_user_test.go b/models/organization/org_user_test.go index cf7acdf83b..55abb63203 100644 --- a/models/organization/org_user_test.go +++ b/models/organization/org_user_test.go @@ -94,7 +94,7 @@ func TestUserListIsPublicMember(t *testing.T) { func testUserListIsPublicMember(t *testing.T, orgID int64, expected map[int64]bool) { org, err := organization.GetOrgByID(db.DefaultContext, orgID) assert.NoError(t, err) - _, membersIsPublic, err := org.GetMembers(db.DefaultContext) + _, membersIsPublic, err := org.GetMembers(db.DefaultContext, &user_model.User{IsAdmin: true}) assert.NoError(t, err) assert.Equal(t, expected, membersIsPublic) } @@ -121,7 +121,7 @@ func TestUserListIsUserOrgOwner(t *testing.T) { func testUserListIsUserOrgOwner(t *testing.T, orgID int64, expected map[int64]bool) { org, err := organization.GetOrgByID(db.DefaultContext, orgID) assert.NoError(t, err) - members, _, err := org.GetMembers(db.DefaultContext) + members, _, err := org.GetMembers(db.DefaultContext, &user_model.User{IsAdmin: true}) assert.NoError(t, err) assert.Equal(t, expected, organization.IsUserOrgOwner(db.DefaultContext, members, orgID)) } diff --git a/routers/api/v1/org/member.go b/routers/api/v1/org/member.go index 9db9ad964b..edcee1e207 100644 --- a/routers/api/v1/org/member.go +++ b/routers/api/v1/org/member.go @@ -18,11 +18,12 @@ import ( ) // listMembers list an organization's members -func listMembers(ctx *context.APIContext, publicOnly bool) { +func listMembers(ctx *context.APIContext, isMember bool) { opts := &organization.FindOrgMembersOpts{ - OrgID: ctx.Org.Organization.ID, - PublicOnly: publicOnly, - ListOptions: utils.GetListOptions(ctx), + Doer: ctx.Doer, + IsDoerMember: isMember, + OrgID: ctx.Org.Organization.ID, + ListOptions: utils.GetListOptions(ctx), } count, err := organization.CountOrgMembers(ctx, opts) @@ -73,16 +74,19 @@ func ListMembers(ctx *context.APIContext) { // "404": // "$ref": "#/responses/notFound" - publicOnly := true + var ( + isMember bool + err error + ) + if ctx.Doer != nil { - isMember, err := ctx.Org.Organization.IsOrgMember(ctx, ctx.Doer.ID) + isMember, err = ctx.Org.Organization.IsOrgMember(ctx, ctx.Doer.ID) if err != nil { ctx.Error(http.StatusInternalServerError, "IsOrgMember", err) return } - publicOnly = !isMember && !ctx.Doer.IsAdmin } - listMembers(ctx, publicOnly) + listMembers(ctx, isMember) } // ListPublicMembers list an organization's public members @@ -112,7 +116,7 @@ func ListPublicMembers(ctx *context.APIContext) { // "404": // "$ref": "#/responses/notFound" - listMembers(ctx, true) + listMembers(ctx, false) } // IsMember check if a user is a member of an organization diff --git a/routers/web/org/home.go b/routers/web/org/home.go index 069bd549c1..544f5362b8 100644 --- a/routers/web/org/home.go +++ b/routers/web/org/home.go @@ -95,10 +95,12 @@ func home(ctx *context.Context, viewRepositories bool) { } opts := &organization.FindOrgMembersOpts{ - OrgID: org.ID, - PublicOnly: ctx.Org.PublicMemberOnly, - ListOptions: db.ListOptions{Page: 1, PageSize: 25}, + Doer: ctx.Doer, + OrgID: org.ID, + IsDoerMember: ctx.Org.IsMember, + ListOptions: db.ListOptions{Page: 1, PageSize: 25}, } + members, _, err := organization.FindOrgMembers(ctx, opts) if err != nil { ctx.ServerError("FindOrgMembers", err) diff --git a/routers/web/org/members.go b/routers/web/org/members.go index 8ff75b0651..97dfff3afe 100644 --- a/routers/web/org/members.go +++ b/routers/web/org/members.go @@ -34,8 +34,8 @@ func Members(ctx *context.Context) { } opts := &organization.FindOrgMembersOpts{ - OrgID: org.ID, - PublicOnly: true, + Doer: ctx.Doer, + OrgID: org.ID, } if ctx.Doer != nil { @@ -44,9 +44,9 @@ func Members(ctx *context.Context) { ctx.Error(http.StatusInternalServerError, "IsOrgMember") return } - opts.PublicOnly = !isMember && !ctx.Doer.IsAdmin + opts.IsDoerMember = isMember } - ctx.Data["PublicOnly"] = opts.PublicOnly + ctx.Data["PublicOnly"] = opts.PublicOnly() total, err := organization.CountOrgMembers(ctx, opts) if err != nil { diff --git a/services/context/org.go b/services/context/org.go index 7eba80ff96..e420629372 100644 --- a/services/context/org.go +++ b/services/context/org.go @@ -26,7 +26,6 @@ type Organization struct { Organization *organization.Organization OrgLink string CanCreateOrgRepo bool - PublicMemberOnly bool // Only display public members Team *organization.Team Teams []*organization.Team @@ -176,10 +175,10 @@ func HandleOrgAssignment(ctx *Context, args ...bool) { ctx.Data["OrgLink"] = ctx.Org.OrgLink // Member - ctx.Org.PublicMemberOnly = ctx.Doer == nil || !ctx.Org.IsMember && !ctx.Doer.IsAdmin opts := &organization.FindOrgMembersOpts{ - OrgID: org.ID, - PublicOnly: ctx.Org.PublicMemberOnly, + Doer: ctx.Doer, + OrgID: org.ID, + IsDoerMember: ctx.Org.IsMember, } ctx.Data["NumMembers"], err = organization.CountOrgMembers(ctx, opts) if err != nil { From a1892cf7e3d1aa9e806f6f695d252546a8719e08 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Sun, 10 Nov 2024 20:28:54 -0800 Subject: [PATCH 4/9] Move some functions from issue.go to standalone files (#32468) Just functions move, no code change. --------- Co-authored-by: wxiaoguang --- routers/web/repo/issue.go | 3146 --------------------------- routers/web/repo/issue_comment.go | 472 ++++ routers/web/repo/issue_list.go | 882 ++++++++ routers/web/repo/issue_new.go | 403 ++++ routers/web/repo/issue_page_meta.go | 444 ++++ routers/web/repo/issue_poster.go | 66 + routers/web/repo/issue_view.go | 914 ++++++++ routers/web/repo/pull_review.go | 117 + 8 files changed, 3298 insertions(+), 3146 deletions(-) create mode 100644 routers/web/repo/issue_comment.go create mode 100644 routers/web/repo/issue_list.go create mode 100644 routers/web/repo/issue_new.go create mode 100644 routers/web/repo/issue_page_meta.go create mode 100644 routers/web/repo/issue_poster.go create mode 100644 routers/web/repo/issue_view.go diff --git a/routers/web/repo/issue.go b/routers/web/repo/issue.go index 72f89bd27d..d1dbdd6bff 100644 --- a/routers/web/repo/issue.go +++ b/routers/web/repo/issue.go @@ -5,59 +5,36 @@ package repo import ( - "bytes" - stdCtx "context" "errors" "fmt" "html/template" - "math/big" "net/http" "net/url" - "slices" - "sort" "strconv" "strings" - activities_model "code.gitea.io/gitea/models/activities" "code.gitea.io/gitea/models/db" - git_model "code.gitea.io/gitea/models/git" issues_model "code.gitea.io/gitea/models/issues" "code.gitea.io/gitea/models/organization" access_model "code.gitea.io/gitea/models/perm/access" project_model "code.gitea.io/gitea/models/project" - pull_model "code.gitea.io/gitea/models/pull" repo_model "code.gitea.io/gitea/models/repo" "code.gitea.io/gitea/models/unit" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/base" - "code.gitea.io/gitea/modules/container" - "code.gitea.io/gitea/modules/emoji" - "code.gitea.io/gitea/modules/git" - issue_indexer "code.gitea.io/gitea/modules/indexer/issues" - issue_template "code.gitea.io/gitea/modules/issue/template" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/markup" "code.gitea.io/gitea/modules/markup/markdown" "code.gitea.io/gitea/modules/optional" - repo_module "code.gitea.io/gitea/modules/repository" - "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/templates" - "code.gitea.io/gitea/modules/templates/vars" "code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/common" - "code.gitea.io/gitea/routers/utils" - shared_user "code.gitea.io/gitea/routers/web/shared/user" - asymkey_service "code.gitea.io/gitea/services/asymkey" "code.gitea.io/gitea/services/context" - "code.gitea.io/gitea/services/context/upload" "code.gitea.io/gitea/services/convert" "code.gitea.io/gitea/services/forms" issue_service "code.gitea.io/gitea/services/issue" - pull_service "code.gitea.io/gitea/services/pull" - repo_service "code.gitea.io/gitea/services/repository" - user_service "code.gitea.io/gitea/services/user" ) const ( @@ -141,561 +118,6 @@ func MustAllowPulls(ctx *context.Context) { } } -func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption optional.Option[bool]) { - var err error - viewType := ctx.FormString("type") - sortType := ctx.FormString("sort") - types := []string{"all", "your_repositories", "assigned", "created_by", "mentioned", "review_requested", "reviewed_by"} - if !util.SliceContainsString(types, viewType, true) { - viewType = "all" - } - - var ( - assigneeID = ctx.FormInt64("assignee") - posterID = ctx.FormInt64("poster") - mentionedID int64 - reviewRequestedID int64 - reviewedID int64 - ) - - if ctx.IsSigned { - switch viewType { - case "created_by": - posterID = ctx.Doer.ID - case "mentioned": - mentionedID = ctx.Doer.ID - case "assigned": - assigneeID = ctx.Doer.ID - case "review_requested": - reviewRequestedID = ctx.Doer.ID - case "reviewed_by": - reviewedID = ctx.Doer.ID - } - } - - repo := ctx.Repo.Repository - var labelIDs []int64 - // 1,-2 means including label 1 and excluding label 2 - // 0 means issues with no label - // blank means labels will not be filtered for issues - selectLabels := ctx.FormString("labels") - if selectLabels == "" { - ctx.Data["AllLabels"] = true - } else if selectLabels == "0" { - ctx.Data["NoLabel"] = true - } - if len(selectLabels) > 0 { - labelIDs, err = base.StringsToInt64s(strings.Split(selectLabels, ",")) - if err != nil { - ctx.Flash.Error(ctx.Tr("invalid_data", selectLabels), true) - } - } - - keyword := strings.Trim(ctx.FormString("q"), " ") - if bytes.Contains([]byte(keyword), []byte{0x00}) { - keyword = "" - } - - var mileIDs []int64 - if milestoneID > 0 || milestoneID == db.NoConditionID { // -1 to get those issues which have no any milestone assigned - mileIDs = []int64{milestoneID} - } - - var issueStats *issues_model.IssueStats - statsOpts := &issues_model.IssuesOptions{ - RepoIDs: []int64{repo.ID}, - LabelIDs: labelIDs, - MilestoneIDs: mileIDs, - ProjectID: projectID, - AssigneeID: assigneeID, - MentionedID: mentionedID, - PosterID: posterID, - ReviewRequestedID: reviewRequestedID, - ReviewedID: reviewedID, - IsPull: isPullOption, - IssueIDs: nil, - } - if keyword != "" { - allIssueIDs, err := issueIDsFromSearch(ctx, keyword, statsOpts) - if err != nil { - if issue_indexer.IsAvailable(ctx) { - ctx.ServerError("issueIDsFromSearch", err) - return - } - ctx.Data["IssueIndexerUnavailable"] = true - return - } - statsOpts.IssueIDs = allIssueIDs - } - if keyword != "" && len(statsOpts.IssueIDs) == 0 { - // So it did search with the keyword, but no issue found. - // Just set issueStats to empty. - issueStats = &issues_model.IssueStats{} - } else { - // So it did search with the keyword, and found some issues. It needs to get issueStats of these issues. - // Or the keyword is empty, so it doesn't need issueIDs as filter, just get issueStats with statsOpts. - issueStats, err = issues_model.GetIssueStats(ctx, statsOpts) - if err != nil { - ctx.ServerError("GetIssueStats", err) - return - } - } - - var isShowClosed optional.Option[bool] - switch ctx.FormString("state") { - case "closed": - isShowClosed = optional.Some(true) - case "all": - isShowClosed = optional.None[bool]() - default: - isShowClosed = optional.Some(false) - } - // if there are closed issues and no open issues, default to showing all issues - if len(ctx.FormString("state")) == 0 && issueStats.OpenCount == 0 && issueStats.ClosedCount != 0 { - isShowClosed = optional.None[bool]() - } - - if repo.IsTimetrackerEnabled(ctx) { - totalTrackedTime, err := issues_model.GetIssueTotalTrackedTime(ctx, statsOpts, isShowClosed) - if err != nil { - ctx.ServerError("GetIssueTotalTrackedTime", err) - return - } - ctx.Data["TotalTrackedTime"] = totalTrackedTime - } - - archived := ctx.FormBool("archived") - - page := ctx.FormInt("page") - if page <= 1 { - page = 1 - } - - var total int - switch { - case isShowClosed.Value(): - total = int(issueStats.ClosedCount) - case !isShowClosed.Has(): - total = int(issueStats.OpenCount + issueStats.ClosedCount) - default: - total = int(issueStats.OpenCount) - } - pager := context.NewPagination(total, setting.UI.IssuePagingNum, page, 5) - - var issues issues_model.IssueList - { - ids, err := issueIDsFromSearch(ctx, keyword, &issues_model.IssuesOptions{ - Paginator: &db.ListOptions{ - Page: pager.Paginater.Current(), - PageSize: setting.UI.IssuePagingNum, - }, - RepoIDs: []int64{repo.ID}, - AssigneeID: assigneeID, - PosterID: posterID, - MentionedID: mentionedID, - ReviewRequestedID: reviewRequestedID, - ReviewedID: reviewedID, - MilestoneIDs: mileIDs, - ProjectID: projectID, - IsClosed: isShowClosed, - IsPull: isPullOption, - LabelIDs: labelIDs, - SortType: sortType, - }) - if err != nil { - if issue_indexer.IsAvailable(ctx) { - ctx.ServerError("issueIDsFromSearch", err) - return - } - ctx.Data["IssueIndexerUnavailable"] = true - return - } - issues, err = issues_model.GetIssuesByIDs(ctx, ids, true) - if err != nil { - ctx.ServerError("GetIssuesByIDs", err) - return - } - } - - approvalCounts, err := issues.GetApprovalCounts(ctx) - if err != nil { - ctx.ServerError("ApprovalCounts", err) - return - } - - if ctx.IsSigned { - if err := issues.LoadIsRead(ctx, ctx.Doer.ID); err != nil { - ctx.ServerError("LoadIsRead", err) - return - } - } else { - for i := range issues { - issues[i].IsRead = true - } - } - - commitStatuses, lastStatus, err := pull_service.GetIssuesAllCommitStatus(ctx, issues) - if err != nil { - ctx.ServerError("GetIssuesAllCommitStatus", err) - return - } - if !ctx.Repo.CanRead(unit.TypeActions) { - for key := range commitStatuses { - git_model.CommitStatusesHideActionsURL(ctx, commitStatuses[key]) - } - } - - if err := issues.LoadAttributes(ctx); err != nil { - ctx.ServerError("issues.LoadAttributes", err) - return - } - - ctx.Data["Issues"] = issues - ctx.Data["CommitLastStatus"] = lastStatus - ctx.Data["CommitStatuses"] = commitStatuses - - // Get assignees. - assigneeUsers, err := repo_model.GetRepoAssignees(ctx, repo) - if err != nil { - ctx.ServerError("GetRepoAssignees", err) - return - } - ctx.Data["Assignees"] = shared_user.MakeSelfOnTop(ctx.Doer, assigneeUsers) - - handleTeamMentions(ctx) - if ctx.Written() { - return - } - - labels, err := issues_model.GetLabelsByRepoID(ctx, repo.ID, "", db.ListOptions{}) - if err != nil { - ctx.ServerError("GetLabelsByRepoID", err) - return - } - - if repo.Owner.IsOrganization() { - orgLabels, err := issues_model.GetLabelsByOrgID(ctx, repo.Owner.ID, ctx.FormString("sort"), db.ListOptions{}) - if err != nil { - ctx.ServerError("GetLabelsByOrgID", err) - return - } - - ctx.Data["OrgLabels"] = orgLabels - labels = append(labels, orgLabels...) - } - - // Get the exclusive scope for every label ID - labelExclusiveScopes := make([]string, 0, len(labelIDs)) - for _, labelID := range labelIDs { - foundExclusiveScope := false - for _, label := range labels { - if label.ID == labelID || label.ID == -labelID { - labelExclusiveScopes = append(labelExclusiveScopes, label.ExclusiveScope()) - foundExclusiveScope = true - break - } - } - if !foundExclusiveScope { - labelExclusiveScopes = append(labelExclusiveScopes, "") - } - } - - for _, l := range labels { - l.LoadSelectedLabelsAfterClick(labelIDs, labelExclusiveScopes) - } - ctx.Data["Labels"] = labels - ctx.Data["NumLabels"] = len(labels) - - if ctx.FormInt64("assignee") == 0 { - assigneeID = 0 // Reset ID to prevent unexpected selection of assignee. - } - - ctx.Data["IssueRefEndNames"], ctx.Data["IssueRefURLs"] = issue_service.GetRefEndNamesAndURLs(issues, ctx.Repo.RepoLink) - - ctx.Data["ApprovalCounts"] = func(issueID int64, typ string) int64 { - counts, ok := approvalCounts[issueID] - if !ok || len(counts) == 0 { - return 0 - } - reviewTyp := issues_model.ReviewTypeApprove - if typ == "reject" { - reviewTyp = issues_model.ReviewTypeReject - } else if typ == "waiting" { - reviewTyp = issues_model.ReviewTypeRequest - } - for _, count := range counts { - if count.Type == reviewTyp { - return count.Count - } - } - return 0 - } - - retrieveProjectsForIssueList(ctx, repo) - if ctx.Written() { - return - } - - pinned, err := issues_model.GetPinnedIssues(ctx, repo.ID, isPullOption.Value()) - if err != nil { - ctx.ServerError("GetPinnedIssues", err) - return - } - - ctx.Data["PinnedIssues"] = pinned - ctx.Data["IsRepoAdmin"] = ctx.IsSigned && (ctx.Repo.IsAdmin() || ctx.Doer.IsAdmin) - ctx.Data["IssueStats"] = issueStats - ctx.Data["OpenCount"] = issueStats.OpenCount - ctx.Data["ClosedCount"] = issueStats.ClosedCount - linkStr := "%s?q=%s&type=%s&sort=%s&state=%s&labels=%s&milestone=%d&project=%d&assignee=%d&poster=%d&archived=%t" - ctx.Data["AllStatesLink"] = fmt.Sprintf(linkStr, ctx.Link, - url.QueryEscape(keyword), url.QueryEscape(viewType), url.QueryEscape(sortType), "all", url.QueryEscape(selectLabels), - milestoneID, projectID, assigneeID, posterID, archived) - ctx.Data["OpenLink"] = fmt.Sprintf(linkStr, ctx.Link, - url.QueryEscape(keyword), url.QueryEscape(viewType), url.QueryEscape(sortType), "open", url.QueryEscape(selectLabels), - milestoneID, projectID, assigneeID, posterID, archived) - ctx.Data["ClosedLink"] = fmt.Sprintf(linkStr, ctx.Link, - url.QueryEscape(keyword), url.QueryEscape(viewType), url.QueryEscape(sortType), "closed", url.QueryEscape(selectLabels), - milestoneID, projectID, assigneeID, posterID, archived) - ctx.Data["SelLabelIDs"] = labelIDs - ctx.Data["SelectLabels"] = selectLabels - ctx.Data["ViewType"] = viewType - ctx.Data["SortType"] = sortType - ctx.Data["MilestoneID"] = milestoneID - ctx.Data["ProjectID"] = projectID - ctx.Data["AssigneeID"] = assigneeID - ctx.Data["PosterID"] = posterID - ctx.Data["Keyword"] = keyword - ctx.Data["IsShowClosed"] = isShowClosed - switch { - case isShowClosed.Value(): - ctx.Data["State"] = "closed" - case !isShowClosed.Has(): - ctx.Data["State"] = "all" - default: - ctx.Data["State"] = "open" - } - ctx.Data["ShowArchivedLabels"] = archived - - pager.AddParamString("q", keyword) - pager.AddParamString("type", viewType) - pager.AddParamString("sort", sortType) - pager.AddParamString("state", fmt.Sprint(ctx.Data["State"])) - pager.AddParamString("labels", fmt.Sprint(selectLabels)) - pager.AddParamString("milestone", fmt.Sprint(milestoneID)) - pager.AddParamString("project", fmt.Sprint(projectID)) - pager.AddParamString("assignee", fmt.Sprint(assigneeID)) - pager.AddParamString("poster", fmt.Sprint(posterID)) - pager.AddParamString("archived", fmt.Sprint(archived)) - - ctx.Data["Page"] = pager -} - -func issueIDsFromSearch(ctx *context.Context, keyword string, opts *issues_model.IssuesOptions) ([]int64, error) { - ids, _, err := issue_indexer.SearchIssues(ctx, issue_indexer.ToSearchOptions(keyword, opts)) - if err != nil { - return nil, fmt.Errorf("SearchIssues: %w", err) - } - return ids, nil -} - -// Issues render issues page -func Issues(ctx *context.Context) { - isPullList := ctx.PathParam(":type") == "pulls" - if isPullList { - MustAllowPulls(ctx) - if ctx.Written() { - return - } - ctx.Data["Title"] = ctx.Tr("repo.pulls") - ctx.Data["PageIsPullList"] = true - } else { - MustEnableIssues(ctx) - if ctx.Written() { - return - } - ctx.Data["Title"] = ctx.Tr("repo.issues") - ctx.Data["PageIsIssueList"] = true - ctx.Data["NewIssueChooseTemplate"] = issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) - } - - issues(ctx, ctx.FormInt64("milestone"), ctx.FormInt64("project"), optional.Some(isPullList)) - if ctx.Written() { - return - } - - renderMilestones(ctx) - if ctx.Written() { - return - } - - ctx.Data["CanWriteIssuesOrPulls"] = ctx.Repo.CanWriteIssuesOrPulls(isPullList) - - ctx.HTML(http.StatusOK, tplIssues) -} - -func renderMilestones(ctx *context.Context) { - // Get milestones - milestones, err := db.Find[issues_model.Milestone](ctx, issues_model.FindMilestoneOptions{ - RepoID: ctx.Repo.Repository.ID, - }) - if err != nil { - ctx.ServerError("GetAllRepoMilestones", err) - return - } - - openMilestones, closedMilestones := issues_model.MilestoneList{}, issues_model.MilestoneList{} - for _, milestone := range milestones { - if milestone.IsClosed { - closedMilestones = append(closedMilestones, milestone) - } else { - openMilestones = append(openMilestones, milestone) - } - } - ctx.Data["OpenMilestones"] = openMilestones - ctx.Data["ClosedMilestones"] = closedMilestones -} - -type issueSidebarMilestoneData struct { - SelectedMilestoneID int64 - OpenMilestones []*issues_model.Milestone - ClosedMilestones []*issues_model.Milestone -} - -type issueSidebarAssigneesData struct { - SelectedAssigneeIDs string - CandidateAssignees []*user_model.User -} - -type IssuePageMetaData struct { - RepoLink string - Repository *repo_model.Repository - Issue *issues_model.Issue - IsPullRequest bool - CanModifyIssueOrPull bool - - ReviewersData *issueSidebarReviewersData - LabelsData *issueSidebarLabelsData - MilestonesData *issueSidebarMilestoneData - ProjectsData *issueSidebarProjectsData - AssigneesData *issueSidebarAssigneesData -} - -func retrieveRepoIssueMetaData(ctx *context.Context, repo *repo_model.Repository, issue *issues_model.Issue, isPull bool) *IssuePageMetaData { - data := &IssuePageMetaData{ - RepoLink: ctx.Repo.RepoLink, - Repository: repo, - Issue: issue, - IsPullRequest: isPull, - - ReviewersData: &issueSidebarReviewersData{}, - LabelsData: &issueSidebarLabelsData{}, - MilestonesData: &issueSidebarMilestoneData{}, - ProjectsData: &issueSidebarProjectsData{}, - AssigneesData: &issueSidebarAssigneesData{}, - } - ctx.Data["IssuePageMetaData"] = data - - if isPull { - data.retrieveReviewersData(ctx) - if ctx.Written() { - return data - } - } - data.retrieveLabelsData(ctx) - if ctx.Written() { - return data - } - - data.CanModifyIssueOrPull = ctx.Repo.CanWriteIssuesOrPulls(isPull) && !ctx.Repo.Repository.IsArchived - if !data.CanModifyIssueOrPull { - return data - } - - data.retrieveAssigneesDataForIssueWriter(ctx) - if ctx.Written() { - return data - } - - data.retrieveMilestonesDataForIssueWriter(ctx) - if ctx.Written() { - return data - } - - data.retrieveProjectsDataForIssueWriter(ctx) - if ctx.Written() { - return data - } - - PrepareBranchList(ctx) - if ctx.Written() { - return data - } - - ctx.Data["CanCreateIssueDependencies"] = ctx.Repo.CanCreateIssueDependencies(ctx, ctx.Doer, isPull) - return data -} - -func (d *IssuePageMetaData) retrieveMilestonesDataForIssueWriter(ctx *context.Context) { - var err error - if d.Issue != nil { - d.MilestonesData.SelectedMilestoneID = d.Issue.MilestoneID - } - d.MilestonesData.OpenMilestones, err = db.Find[issues_model.Milestone](ctx, issues_model.FindMilestoneOptions{ - RepoID: d.Repository.ID, - IsClosed: optional.Some(false), - }) - if err != nil { - ctx.ServerError("GetMilestones", err) - return - } - d.MilestonesData.ClosedMilestones, err = db.Find[issues_model.Milestone](ctx, issues_model.FindMilestoneOptions{ - RepoID: d.Repository.ID, - IsClosed: optional.Some(true), - }) - if err != nil { - ctx.ServerError("GetMilestones", err) - return - } -} - -func (d *IssuePageMetaData) retrieveAssigneesDataForIssueWriter(ctx *context.Context) { - var err error - d.AssigneesData.CandidateAssignees, err = repo_model.GetRepoAssignees(ctx, d.Repository) - if err != nil { - ctx.ServerError("GetRepoAssignees", err) - return - } - d.AssigneesData.CandidateAssignees = shared_user.MakeSelfOnTop(ctx.Doer, d.AssigneesData.CandidateAssignees) - if d.Issue != nil { - _ = d.Issue.LoadAssignees(ctx) - ids := make([]string, 0, len(d.Issue.Assignees)) - for _, a := range d.Issue.Assignees { - ids = append(ids, strconv.FormatInt(a.ID, 10)) - } - d.AssigneesData.SelectedAssigneeIDs = strings.Join(ids, ",") - } - // FIXME: this is a tricky part which writes ctx.Data["Mentionable*"] - handleTeamMentions(ctx) -} - -func retrieveProjectsForIssueList(ctx *context.Context, repo *repo_model.Repository) { - ctx.Data["OpenProjects"], ctx.Data["ClosedProjects"] = retrieveProjectsInternal(ctx, repo) -} - -type issueSidebarProjectsData struct { - SelectedProjectID int64 - OpenProjects []*project_model.Project - ClosedProjects []*project_model.Project -} - -func (d *IssuePageMetaData) retrieveProjectsDataForIssueWriter(ctx *context.Context) { - if d.Issue != nil && d.Issue.Project != nil { - d.ProjectsData.SelectedProjectID = d.Issue.Project.ID - } - d.ProjectsData.OpenProjects, d.ProjectsData.ClosedProjects = retrieveProjectsInternal(ctx, ctx.Repo.Repository) -} - func retrieveProjectsInternal(ctx *context.Context, repo *repo_model.Repository) (open, closed []*project_model.Project) { // Distinguish whether the owner of the repository // is an individual or an organization @@ -760,1432 +182,6 @@ func retrieveProjectsInternal(ctx *context.Context, repo *repo_model.Repository) return openProjects, closedProjects } -// repoReviewerSelection items to bee shown -type repoReviewerSelection struct { - IsTeam bool - Team *organization.Team - User *user_model.User - Review *issues_model.Review - CanBeDismissed bool - CanChange bool - Requested bool - ItemID int64 -} - -type issueSidebarReviewersData struct { - CanChooseReviewer bool - OriginalReviews issues_model.ReviewList - TeamReviewers []*repoReviewerSelection - Reviewers []*repoReviewerSelection - CurrentPullReviewers []*repoReviewerSelection -} - -// RetrieveRepoReviewers find all reviewers of a repository. If issue is nil, it means the doer is creating a new PR. -func (d *IssuePageMetaData) retrieveReviewersData(ctx *context.Context) { - data := d.ReviewersData - repo := d.Repository - if ctx.Doer != nil && ctx.IsSigned { - if d.Issue == nil { - data.CanChooseReviewer = true - } else { - data.CanChooseReviewer = issue_service.CanDoerChangeReviewRequests(ctx, ctx.Doer, repo, d.Issue) - } - } - - var posterID int64 - var isClosed bool - var reviews issues_model.ReviewList - - if d.Issue == nil { - posterID = ctx.Doer.ID - } else { - posterID = d.Issue.PosterID - if d.Issue.OriginalAuthorID > 0 { - posterID = 0 // for migrated PRs, no poster ID - } - - isClosed = d.Issue.IsClosed || d.Issue.PullRequest.HasMerged - - originalAuthorReviews, err := issues_model.GetReviewersFromOriginalAuthorsByIssueID(ctx, d.Issue.ID) - if err != nil { - ctx.ServerError("GetReviewersFromOriginalAuthorsByIssueID", err) - return - } - data.OriginalReviews = originalAuthorReviews - - reviews, err = issues_model.GetReviewsByIssueID(ctx, d.Issue.ID) - if err != nil { - ctx.ServerError("GetReviewersByIssueID", err) - return - } - if len(reviews) == 0 && !data.CanChooseReviewer { - return - } - } - - var ( - pullReviews []*repoReviewerSelection - reviewersResult []*repoReviewerSelection - teamReviewersResult []*repoReviewerSelection - teamReviewers []*organization.Team - reviewers []*user_model.User - ) - - if data.CanChooseReviewer { - var err error - reviewers, err = repo_model.GetReviewers(ctx, repo, ctx.Doer.ID, posterID) - if err != nil { - ctx.ServerError("GetReviewers", err) - return - } - - teamReviewers, err = repo_service.GetReviewerTeams(ctx, repo) - if err != nil { - ctx.ServerError("GetReviewerTeams", err) - return - } - - if len(reviewers) > 0 { - reviewersResult = make([]*repoReviewerSelection, 0, len(reviewers)) - } - - if len(teamReviewers) > 0 { - teamReviewersResult = make([]*repoReviewerSelection, 0, len(teamReviewers)) - } - } - - pullReviews = make([]*repoReviewerSelection, 0, len(reviews)) - - for _, review := range reviews { - tmp := &repoReviewerSelection{ - Requested: review.Type == issues_model.ReviewTypeRequest, - Review: review, - ItemID: review.ReviewerID, - } - if review.ReviewerTeamID > 0 { - tmp.IsTeam = true - tmp.ItemID = -review.ReviewerTeamID - } - - if data.CanChooseReviewer { - // Users who can choose reviewers can also remove review requests - tmp.CanChange = true - } else if ctx.Doer != nil && ctx.Doer.ID == review.ReviewerID && review.Type == issues_model.ReviewTypeRequest { - // A user can refuse review requests - tmp.CanChange = true - } - - pullReviews = append(pullReviews, tmp) - - if data.CanChooseReviewer { - if tmp.IsTeam { - teamReviewersResult = append(teamReviewersResult, tmp) - } else { - reviewersResult = append(reviewersResult, tmp) - } - } - } - - if len(pullReviews) > 0 { - // Drop all non-existing users and teams from the reviews - currentPullReviewers := make([]*repoReviewerSelection, 0, len(pullReviews)) - for _, item := range pullReviews { - if item.Review.ReviewerID > 0 { - if err := item.Review.LoadReviewer(ctx); err != nil { - if user_model.IsErrUserNotExist(err) { - continue - } - ctx.ServerError("LoadReviewer", err) - return - } - item.User = item.Review.Reviewer - } else if item.Review.ReviewerTeamID > 0 { - if err := item.Review.LoadReviewerTeam(ctx); err != nil { - if organization.IsErrTeamNotExist(err) { - continue - } - ctx.ServerError("LoadReviewerTeam", err) - return - } - item.Team = item.Review.ReviewerTeam - } else { - continue - } - item.CanBeDismissed = ctx.Repo.Permission.IsAdmin() && !isClosed && - (item.Review.Type == issues_model.ReviewTypeApprove || item.Review.Type == issues_model.ReviewTypeReject) - currentPullReviewers = append(currentPullReviewers, item) - } - data.CurrentPullReviewers = currentPullReviewers - } - - if data.CanChooseReviewer && reviewersResult != nil { - preadded := len(reviewersResult) - for _, reviewer := range reviewers { - found := false - reviewAddLoop: - for _, tmp := range reviewersResult[:preadded] { - if tmp.ItemID == reviewer.ID { - tmp.User = reviewer - found = true - break reviewAddLoop - } - } - - if found { - continue - } - - reviewersResult = append(reviewersResult, &repoReviewerSelection{ - IsTeam: false, - CanChange: true, - User: reviewer, - ItemID: reviewer.ID, - }) - } - - data.Reviewers = reviewersResult - } - - if data.CanChooseReviewer && teamReviewersResult != nil { - preadded := len(teamReviewersResult) - for _, team := range teamReviewers { - found := false - teamReviewAddLoop: - for _, tmp := range teamReviewersResult[:preadded] { - if tmp.ItemID == -team.ID { - tmp.Team = team - found = true - break teamReviewAddLoop - } - } - - if found { - continue - } - - teamReviewersResult = append(teamReviewersResult, &repoReviewerSelection{ - IsTeam: true, - CanChange: true, - Team: team, - ItemID: -team.ID, - }) - } - - data.TeamReviewers = teamReviewersResult - } -} - -type issueSidebarLabelsData struct { - AllLabels []*issues_model.Label - RepoLabels []*issues_model.Label - OrgLabels []*issues_model.Label - SelectedLabelIDs string -} - -func makeSelectedStringIDs[KeyType, ItemType comparable]( - allLabels []*issues_model.Label, candidateKey func(candidate *issues_model.Label) KeyType, - selectedItems []ItemType, selectedKey func(selected ItemType) KeyType, -) string { - selectedIDSet := make(container.Set[string]) - allLabelMap := map[KeyType]*issues_model.Label{} - for _, label := range allLabels { - allLabelMap[candidateKey(label)] = label - } - for _, item := range selectedItems { - if label, ok := allLabelMap[selectedKey(item)]; ok { - label.IsChecked = true - selectedIDSet.Add(strconv.FormatInt(label.ID, 10)) - } - } - ids := selectedIDSet.Values() - sort.Strings(ids) - return strings.Join(ids, ",") -} - -func (d *issueSidebarLabelsData) SetSelectedLabels(labels []*issues_model.Label) { - d.SelectedLabelIDs = makeSelectedStringIDs( - d.AllLabels, func(label *issues_model.Label) int64 { return label.ID }, - labels, func(label *issues_model.Label) int64 { return label.ID }, - ) -} - -func (d *issueSidebarLabelsData) SetSelectedLabelNames(labelNames []string) { - d.SelectedLabelIDs = makeSelectedStringIDs( - d.AllLabels, func(label *issues_model.Label) string { return strings.ToLower(label.Name) }, - labelNames, strings.ToLower, - ) -} - -func (d *issueSidebarLabelsData) SetSelectedLabelIDs(labelIDs []int64) { - d.SelectedLabelIDs = makeSelectedStringIDs( - d.AllLabels, func(label *issues_model.Label) int64 { return label.ID }, - labelIDs, func(labelID int64) int64 { return labelID }, - ) -} - -func (d *IssuePageMetaData) retrieveLabelsData(ctx *context.Context) { - repo := d.Repository - labelsData := d.LabelsData - - labels, err := issues_model.GetLabelsByRepoID(ctx, repo.ID, "", db.ListOptions{}) - if err != nil { - ctx.ServerError("GetLabelsByRepoID", err) - return - } - labelsData.RepoLabels = labels - - if repo.Owner.IsOrganization() { - orgLabels, err := issues_model.GetLabelsByOrgID(ctx, repo.Owner.ID, ctx.FormString("sort"), db.ListOptions{}) - if err != nil { - return - } - labelsData.OrgLabels = orgLabels - } - labelsData.AllLabels = append(labelsData.AllLabels, labelsData.RepoLabels...) - labelsData.AllLabels = append(labelsData.AllLabels, labelsData.OrgLabels...) -} - -// Tries to load and set an issue template. The first return value indicates if a template was loaded. -func setTemplateIfExists(ctx *context.Context, ctxDataKey string, possibleFiles []string, metaData *IssuePageMetaData) (bool, map[string]error) { - commit, err := ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch) - if err != nil { - return false, nil - } - - templateCandidates := make([]string, 0, 1+len(possibleFiles)) - if t := ctx.FormString("template"); t != "" { - templateCandidates = append(templateCandidates, t) - } - templateCandidates = append(templateCandidates, possibleFiles...) // Append files to the end because they should be fallback - - templateErrs := map[string]error{} - for _, filename := range templateCandidates { - if ok, _ := commit.HasFile(filename); !ok { - continue - } - template, err := issue_template.UnmarshalFromCommit(commit, filename) - if err != nil { - templateErrs[filename] = err - continue - } - ctx.Data[issueTemplateTitleKey] = template.Title - ctx.Data[ctxDataKey] = template.Content - - if template.Type() == api.IssueTemplateTypeYaml { - // Replace field default values by values from query - for _, field := range template.Fields { - fieldValue := ctx.FormString("field:" + field.ID) - if fieldValue != "" { - field.Attributes["value"] = fieldValue - } - } - - ctx.Data["Fields"] = template.Fields - ctx.Data["TemplateFile"] = template.FileName - } - - metaData.LabelsData.SetSelectedLabelNames(template.Labels) - - selectedAssigneeIDStrings := make([]string, 0, len(template.Assignees)) - if userIDs, err := user_model.GetUserIDsByNames(ctx, template.Assignees, true); err == nil { - for _, userID := range userIDs { - selectedAssigneeIDStrings = append(selectedAssigneeIDStrings, strconv.FormatInt(userID, 10)) - } - } - metaData.AssigneesData.SelectedAssigneeIDs = strings.Join(selectedAssigneeIDStrings, ",") - - if template.Ref != "" && !strings.HasPrefix(template.Ref, "refs/") { // Assume that the ref intended is always a branch - for tags users should use refs/tags/ - template.Ref = git.BranchPrefix + template.Ref - } - - ctx.Data["Reference"] = template.Ref - ctx.Data["RefEndName"] = git.RefName(template.Ref).ShortName() - return true, templateErrs - } - return false, templateErrs -} - -// NewIssue render creating issue page -func NewIssue(ctx *context.Context) { - issueConfig, _ := issue_service.GetTemplateConfigFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo) - hasTemplates := issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) - - ctx.Data["Title"] = ctx.Tr("repo.issues.new") - ctx.Data["PageIsIssueList"] = true - ctx.Data["NewIssueChooseTemplate"] = hasTemplates - ctx.Data["PullRequestWorkInProgressPrefixes"] = setting.Repository.PullRequest.WorkInProgressPrefixes - title := ctx.FormString("title") - ctx.Data["TitleQuery"] = title - body := ctx.FormString("body") - ctx.Data["BodyQuery"] = body - - isProjectsEnabled := ctx.Repo.CanRead(unit.TypeProjects) - ctx.Data["IsProjectsEnabled"] = isProjectsEnabled - ctx.Data["IsAttachmentEnabled"] = setting.Attachment.Enabled - upload.AddUploadContext(ctx, "comment") - - pageMetaData := retrieveRepoIssueMetaData(ctx, ctx.Repo.Repository, nil, false) - if ctx.Written() { - return - } - - pageMetaData.MilestonesData.SelectedMilestoneID = ctx.FormInt64("milestone") - pageMetaData.ProjectsData.SelectedProjectID = ctx.FormInt64("project") - if pageMetaData.ProjectsData.SelectedProjectID > 0 { - if len(ctx.Req.URL.Query().Get("project")) > 0 { - ctx.Data["redirect_after_creation"] = "project" - } - } - - tags, err := repo_model.GetTagNamesByRepoID(ctx, ctx.Repo.Repository.ID) - if err != nil { - ctx.ServerError("GetTagNamesByRepoID", err) - return - } - ctx.Data["Tags"] = tags - - ret := issue_service.ParseTemplatesFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo) - templateLoaded, errs := setTemplateIfExists(ctx, issueTemplateKey, IssueTemplateCandidates, pageMetaData) - for k, v := range errs { - ret.TemplateErrors[k] = v - } - if ctx.Written() { - return - } - - if len(ret.TemplateErrors) > 0 { - ctx.Flash.Warning(renderErrorOfTemplates(ctx, ret.TemplateErrors), true) - } - - ctx.Data["HasIssuesOrPullsWritePermission"] = ctx.Repo.CanWrite(unit.TypeIssues) - - if !issueConfig.BlankIssuesEnabled && hasTemplates && !templateLoaded { - // The "issues/new" and "issues/new/choose" share the same query parameters "project" and "milestone", if blank issues are disabled, just redirect to the "issues/choose" page with these parameters. - ctx.Redirect(fmt.Sprintf("%s/issues/new/choose?%s", ctx.Repo.Repository.Link(), ctx.Req.URL.RawQuery), http.StatusSeeOther) - return - } - - ctx.HTML(http.StatusOK, tplIssueNew) -} - -func renderErrorOfTemplates(ctx *context.Context, errs map[string]error) template.HTML { - var files []string - for k := range errs { - files = append(files, k) - } - sort.Strings(files) // keep the output stable - - var lines []string - for _, file := range files { - lines = append(lines, fmt.Sprintf("%s: %v", file, errs[file])) - } - - flashError, err := ctx.RenderToHTML(tplAlertDetails, map[string]any{ - "Message": ctx.Tr("repo.issues.choose.ignore_invalid_templates"), - "Summary": ctx.Tr("repo.issues.choose.invalid_templates", len(errs)), - "Details": utils.SanitizeFlashErrorString(strings.Join(lines, "\n")), - }) - if err != nil { - log.Debug("render flash error: %v", err) - flashError = ctx.Locale.Tr("repo.issues.choose.ignore_invalid_templates") - } - return flashError -} - -// NewIssueChooseTemplate render creating issue from template page -func NewIssueChooseTemplate(ctx *context.Context) { - ctx.Data["Title"] = ctx.Tr("repo.issues.new") - ctx.Data["PageIsIssueList"] = true - - ret := issue_service.ParseTemplatesFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo) - ctx.Data["IssueTemplates"] = ret.IssueTemplates - - if len(ret.TemplateErrors) > 0 { - ctx.Flash.Warning(renderErrorOfTemplates(ctx, ret.TemplateErrors), true) - } - - if !issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) { - // The "issues/new" and "issues/new/choose" share the same query parameters "project" and "milestone", if no template here, just redirect to the "issues/new" page with these parameters. - ctx.Redirect(fmt.Sprintf("%s/issues/new?%s", ctx.Repo.Repository.Link(), ctx.Req.URL.RawQuery), http.StatusSeeOther) - return - } - - issueConfig, err := issue_service.GetTemplateConfigFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo) - ctx.Data["IssueConfig"] = issueConfig - ctx.Data["IssueConfigError"] = err // ctx.Flash.Err makes problems here - - ctx.Data["milestone"] = ctx.FormInt64("milestone") - ctx.Data["project"] = ctx.FormInt64("project") - - ctx.HTML(http.StatusOK, tplIssueChoose) -} - -// DeleteIssue deletes an issue -func DeleteIssue(ctx *context.Context) { - issue := GetActionIssue(ctx) - if ctx.Written() { - return - } - - if err := issue_service.DeleteIssue(ctx, ctx.Doer, ctx.Repo.GitRepo, issue); err != nil { - ctx.ServerError("DeleteIssueByID", err) - return - } - - if issue.IsPull { - ctx.Redirect(fmt.Sprintf("%s/pulls", ctx.Repo.Repository.Link()), http.StatusSeeOther) - return - } - - ctx.Redirect(fmt.Sprintf("%s/issues", ctx.Repo.Repository.Link()), http.StatusSeeOther) -} - -func toSet[ItemType any, KeyType comparable](slice []ItemType, keyFunc func(ItemType) KeyType) container.Set[KeyType] { - s := make(container.Set[KeyType]) - for _, item := range slice { - s.Add(keyFunc(item)) - } - return s -} - -// ValidateRepoMetasForNewIssue check and returns repository's meta information -func ValidateRepoMetasForNewIssue(ctx *context.Context, form forms.CreateIssueForm, isPull bool) (ret struct { - LabelIDs, AssigneeIDs []int64 - MilestoneID, ProjectID int64 - - Reviewers []*user_model.User - TeamReviewers []*organization.Team -}, -) { - pageMetaData := retrieveRepoIssueMetaData(ctx, ctx.Repo.Repository, nil, isPull) - if ctx.Written() { - return ret - } - - inputLabelIDs, _ := base.StringsToInt64s(strings.Split(form.LabelIDs, ",")) - candidateLabels := toSet(pageMetaData.LabelsData.AllLabels, func(label *issues_model.Label) int64 { return label.ID }) - if len(inputLabelIDs) > 0 && !candidateLabels.Contains(inputLabelIDs...) { - ctx.NotFound("", nil) - return ret - } - pageMetaData.LabelsData.SetSelectedLabelIDs(inputLabelIDs) - - allMilestones := append(slices.Clone(pageMetaData.MilestonesData.OpenMilestones), pageMetaData.MilestonesData.ClosedMilestones...) - candidateMilestones := toSet(allMilestones, func(milestone *issues_model.Milestone) int64 { return milestone.ID }) - if form.MilestoneID > 0 && !candidateMilestones.Contains(form.MilestoneID) { - ctx.NotFound("", nil) - return ret - } - pageMetaData.MilestonesData.SelectedMilestoneID = form.MilestoneID - - allProjects := append(slices.Clone(pageMetaData.ProjectsData.OpenProjects), pageMetaData.ProjectsData.ClosedProjects...) - candidateProjects := toSet(allProjects, func(project *project_model.Project) int64 { return project.ID }) - if form.ProjectID > 0 && !candidateProjects.Contains(form.ProjectID) { - ctx.NotFound("", nil) - return ret - } - pageMetaData.ProjectsData.SelectedProjectID = form.ProjectID - - candidateAssignees := toSet(pageMetaData.AssigneesData.CandidateAssignees, func(user *user_model.User) int64 { return user.ID }) - inputAssigneeIDs, _ := base.StringsToInt64s(strings.Split(form.AssigneeIDs, ",")) - if len(inputAssigneeIDs) > 0 && !candidateAssignees.Contains(inputAssigneeIDs...) { - ctx.NotFound("", nil) - return ret - } - pageMetaData.AssigneesData.SelectedAssigneeIDs = form.AssigneeIDs - - // Check if the passed reviewers (user/team) actually exist - var reviewers []*user_model.User - var teamReviewers []*organization.Team - reviewerIDs, _ := base.StringsToInt64s(strings.Split(form.ReviewerIDs, ",")) - if isPull && len(reviewerIDs) > 0 { - userReviewersMap := map[int64]*user_model.User{} - teamReviewersMap := map[int64]*organization.Team{} - for _, r := range pageMetaData.ReviewersData.Reviewers { - userReviewersMap[r.User.ID] = r.User - } - for _, r := range pageMetaData.ReviewersData.TeamReviewers { - teamReviewersMap[r.Team.ID] = r.Team - } - for _, rID := range reviewerIDs { - if rID < 0 { // negative reviewIDs represent team requests - team, ok := teamReviewersMap[-rID] - if !ok { - ctx.NotFound("", nil) - return ret - } - teamReviewers = append(teamReviewers, team) - } else { - user, ok := userReviewersMap[rID] - if !ok { - ctx.NotFound("", nil) - return ret - } - reviewers = append(reviewers, user) - } - } - } - - ret.LabelIDs, ret.AssigneeIDs, ret.MilestoneID, ret.ProjectID = inputLabelIDs, inputAssigneeIDs, form.MilestoneID, form.ProjectID - ret.Reviewers, ret.TeamReviewers = reviewers, teamReviewers - return ret -} - -// NewIssuePost response for creating new issue -func NewIssuePost(ctx *context.Context) { - form := web.GetForm(ctx).(*forms.CreateIssueForm) - ctx.Data["Title"] = ctx.Tr("repo.issues.new") - ctx.Data["PageIsIssueList"] = true - ctx.Data["NewIssueChooseTemplate"] = issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) - ctx.Data["PullRequestWorkInProgressPrefixes"] = setting.Repository.PullRequest.WorkInProgressPrefixes - ctx.Data["IsAttachmentEnabled"] = setting.Attachment.Enabled - upload.AddUploadContext(ctx, "comment") - - var ( - repo = ctx.Repo.Repository - attachments []string - ) - - validateRet := ValidateRepoMetasForNewIssue(ctx, *form, false) - if ctx.Written() { - return - } - - labelIDs, assigneeIDs, milestoneID, projectID := validateRet.LabelIDs, validateRet.AssigneeIDs, validateRet.MilestoneID, validateRet.ProjectID - - if projectID > 0 { - if !ctx.Repo.CanRead(unit.TypeProjects) { - // User must also be able to see the project. - ctx.Error(http.StatusBadRequest, "user hasn't permissions to read projects") - return - } - } - - if setting.Attachment.Enabled { - attachments = form.Files - } - - if ctx.HasError() { - ctx.JSONError(ctx.GetErrMsg()) - return - } - - if util.IsEmptyString(form.Title) { - ctx.JSONError(ctx.Tr("repo.issues.new.title_empty")) - return - } - - content := form.Content - if filename := ctx.Req.Form.Get("template-file"); filename != "" { - if template, err := issue_template.UnmarshalFromRepo(ctx.Repo.GitRepo, ctx.Repo.Repository.DefaultBranch, filename); err == nil { - content = issue_template.RenderToMarkdown(template, ctx.Req.Form) - } - } - - issue := &issues_model.Issue{ - RepoID: repo.ID, - Repo: repo, - Title: form.Title, - PosterID: ctx.Doer.ID, - Poster: ctx.Doer, - MilestoneID: milestoneID, - Content: content, - Ref: form.Ref, - } - - if err := issue_service.NewIssue(ctx, repo, issue, labelIDs, attachments, assigneeIDs, projectID); err != nil { - if repo_model.IsErrUserDoesNotHaveAccessToRepo(err) { - ctx.Error(http.StatusBadRequest, "UserDoesNotHaveAccessToRepo", err.Error()) - } else if errors.Is(err, user_model.ErrBlockedUser) { - ctx.JSONError(ctx.Tr("repo.issues.new.blocked_user")) - } else { - ctx.ServerError("NewIssue", err) - } - return - } - - log.Trace("Issue created: %d/%d", repo.ID, issue.ID) - if ctx.FormString("redirect_after_creation") == "project" && projectID > 0 { - ctx.JSONRedirect(ctx.Repo.RepoLink + "/projects/" + strconv.FormatInt(projectID, 10)) - } else { - ctx.JSONRedirect(issue.Link()) - } -} - -// roleDescriptor returns the role descriptor for a comment in/with the given repo, poster and issue -func roleDescriptor(ctx stdCtx.Context, repo *repo_model.Repository, poster *user_model.User, issue *issues_model.Issue, hasOriginalAuthor bool) (issues_model.RoleDescriptor, error) { - roleDescriptor := issues_model.RoleDescriptor{} - - if hasOriginalAuthor { - return roleDescriptor, nil - } - - perm, err := access_model.GetUserRepoPermission(ctx, repo, poster) - if err != nil { - return roleDescriptor, err - } - - // If the poster is the actual poster of the issue, enable Poster role. - roleDescriptor.IsPoster = issue.IsPoster(poster.ID) - - // Check if the poster is owner of the repo. - if perm.IsOwner() { - // If the poster isn't an admin, enable the owner role. - if !poster.IsAdmin { - roleDescriptor.RoleInRepo = issues_model.RoleRepoOwner - return roleDescriptor, nil - } - - // Otherwise check if poster is the real repo admin. - ok, err := access_model.IsUserRealRepoAdmin(ctx, repo, poster) - if err != nil { - return roleDescriptor, err - } - if ok { - roleDescriptor.RoleInRepo = issues_model.RoleRepoOwner - return roleDescriptor, nil - } - } - - // If repo is organization, check Member role - if err := repo.LoadOwner(ctx); err != nil { - return roleDescriptor, err - } - if repo.Owner.IsOrganization() { - if isMember, err := organization.IsOrganizationMember(ctx, repo.Owner.ID, poster.ID); err != nil { - return roleDescriptor, err - } else if isMember { - roleDescriptor.RoleInRepo = issues_model.RoleRepoMember - return roleDescriptor, nil - } - } - - // If the poster is the collaborator of the repo - if isCollaborator, err := repo_model.IsCollaborator(ctx, repo.ID, poster.ID); err != nil { - return roleDescriptor, err - } else if isCollaborator { - roleDescriptor.RoleInRepo = issues_model.RoleRepoCollaborator - return roleDescriptor, nil - } - - hasMergedPR, err := issues_model.HasMergedPullRequestInRepo(ctx, repo.ID, poster.ID) - if err != nil { - return roleDescriptor, err - } else if hasMergedPR { - roleDescriptor.RoleInRepo = issues_model.RoleRepoContributor - } else if issue.IsPull { - // only display first time contributor in the first opening pull request - roleDescriptor.RoleInRepo = issues_model.RoleRepoFirstTimeContributor - } - - return roleDescriptor, nil -} - -func getBranchData(ctx *context.Context, issue *issues_model.Issue) { - ctx.Data["BaseBranch"] = nil - ctx.Data["HeadBranch"] = nil - ctx.Data["HeadUserName"] = nil - ctx.Data["BaseName"] = ctx.Repo.Repository.OwnerName - if issue.IsPull { - pull := issue.PullRequest - ctx.Data["BaseBranch"] = pull.BaseBranch - ctx.Data["HeadBranch"] = pull.HeadBranch - ctx.Data["HeadUserName"] = pull.MustHeadUserName(ctx) - } -} - -// ViewIssue render issue view page -func ViewIssue(ctx *context.Context) { - if ctx.PathParam(":type") == "issues" { - // If issue was requested we check if repo has external tracker and redirect - extIssueUnit, err := ctx.Repo.Repository.GetUnit(ctx, unit.TypeExternalTracker) - if err == nil && extIssueUnit != nil { - if extIssueUnit.ExternalTrackerConfig().ExternalTrackerStyle == markup.IssueNameStyleNumeric || extIssueUnit.ExternalTrackerConfig().ExternalTrackerStyle == "" { - metas := ctx.Repo.Repository.ComposeMetas(ctx) - metas["index"] = ctx.PathParam(":index") - res, err := vars.Expand(extIssueUnit.ExternalTrackerConfig().ExternalTrackerFormat, metas) - if err != nil { - log.Error("unable to expand template vars for issue url. issue: %s, err: %v", metas["index"], err) - ctx.ServerError("Expand", err) - return - } - ctx.Redirect(res) - return - } - } else if err != nil && !repo_model.IsErrUnitTypeNotExist(err) { - ctx.ServerError("GetUnit", err) - return - } - } - - issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.PathParamInt64(":index")) - if err != nil { - if issues_model.IsErrIssueNotExist(err) { - ctx.NotFound("GetIssueByIndex", err) - } else { - ctx.ServerError("GetIssueByIndex", err) - } - return - } - if issue.Repo == nil { - issue.Repo = ctx.Repo.Repository - } - - // Make sure type and URL matches. - if ctx.PathParam(":type") == "issues" && issue.IsPull { - ctx.Redirect(issue.Link()) - return - } else if ctx.PathParam(":type") == "pulls" && !issue.IsPull { - ctx.Redirect(issue.Link()) - return - } - - if issue.IsPull { - MustAllowPulls(ctx) - if ctx.Written() { - return - } - ctx.Data["PageIsPullList"] = true - ctx.Data["PageIsPullConversation"] = true - } else { - MustEnableIssues(ctx) - if ctx.Written() { - return - } - ctx.Data["PageIsIssueList"] = true - ctx.Data["NewIssueChooseTemplate"] = issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) - } - - if issue.IsPull && !ctx.Repo.CanRead(unit.TypeIssues) { - ctx.Data["IssueDependencySearchType"] = "pulls" - } else if !issue.IsPull && !ctx.Repo.CanRead(unit.TypePullRequests) { - ctx.Data["IssueDependencySearchType"] = "issues" - } else { - ctx.Data["IssueDependencySearchType"] = "all" - } - - ctx.Data["IsProjectsEnabled"] = ctx.Repo.CanRead(unit.TypeProjects) - ctx.Data["IsAttachmentEnabled"] = setting.Attachment.Enabled - upload.AddUploadContext(ctx, "comment") - - if err = issue.LoadAttributes(ctx); err != nil { - ctx.ServerError("LoadAttributes", err) - return - } - - if err = filterXRefComments(ctx, issue); err != nil { - ctx.ServerError("filterXRefComments", err) - return - } - - ctx.Data["Title"] = fmt.Sprintf("#%d - %s", issue.Index, emoji.ReplaceAliases(issue.Title)) - - iw := new(issues_model.IssueWatch) - if ctx.Doer != nil { - iw.UserID = ctx.Doer.ID - iw.IssueID = issue.ID - iw.IsWatching, err = issues_model.CheckIssueWatch(ctx, ctx.Doer, issue) - if err != nil { - ctx.ServerError("CheckIssueWatch", err) - return - } - } - ctx.Data["IssueWatch"] = iw - issue.RenderedContent, err = markdown.RenderString(&markup.RenderContext{ - Links: markup.Links{ - Base: ctx.Repo.RepoLink, - }, - Metas: ctx.Repo.Repository.ComposeMetas(ctx), - GitRepo: ctx.Repo.GitRepo, - Repo: ctx.Repo.Repository, - Ctx: ctx, - }, issue.Content) - if err != nil { - ctx.ServerError("RenderString", err) - return - } - - repo := ctx.Repo.Repository - - // Get more information if it's a pull request. - if issue.IsPull { - if issue.PullRequest.HasMerged { - ctx.Data["DisableStatusChange"] = issue.PullRequest.HasMerged - PrepareMergedViewPullInfo(ctx, issue) - } else { - PrepareViewPullInfo(ctx, issue) - ctx.Data["DisableStatusChange"] = ctx.Data["IsPullRequestBroken"] == true && issue.IsClosed - } - if ctx.Written() { - return - } - } - - pageMetaData := retrieveRepoIssueMetaData(ctx, repo, issue, issue.IsPull) - if ctx.Written() { - return - } - pageMetaData.LabelsData.SetSelectedLabels(issue.Labels) - - if ctx.IsSigned { - // Update issue-user. - if err = activities_model.SetIssueReadBy(ctx, issue.ID, ctx.Doer.ID); err != nil { - ctx.ServerError("ReadBy", err) - return - } - } - - var ( - role issues_model.RoleDescriptor - ok bool - marked = make(map[int64]issues_model.RoleDescriptor) - comment *issues_model.Comment - participants = make([]*user_model.User, 1, 10) - latestCloseCommentID int64 - ) - if ctx.Repo.Repository.IsTimetrackerEnabled(ctx) { - if ctx.IsSigned { - // Deal with the stopwatch - ctx.Data["IsStopwatchRunning"] = issues_model.StopwatchExists(ctx, ctx.Doer.ID, issue.ID) - if !ctx.Data["IsStopwatchRunning"].(bool) { - var exists bool - var swIssue *issues_model.Issue - if exists, _, swIssue, err = issues_model.HasUserStopwatch(ctx, ctx.Doer.ID); err != nil { - ctx.ServerError("HasUserStopwatch", err) - return - } - ctx.Data["HasUserStopwatch"] = exists - if exists { - // Add warning if the user has already a stopwatch - // Add link to the issue of the already running stopwatch - ctx.Data["OtherStopwatchURL"] = swIssue.Link() - } - } - ctx.Data["CanUseTimetracker"] = ctx.Repo.CanUseTimetracker(ctx, issue, ctx.Doer) - } else { - ctx.Data["CanUseTimetracker"] = false - } - if ctx.Data["WorkingUsers"], err = issues_model.TotalTimesForEachUser(ctx, &issues_model.FindTrackedTimesOptions{IssueID: issue.ID}); err != nil { - ctx.ServerError("TotalTimesForEachUser", err) - return - } - } - - // Check if the user can use the dependencies - ctx.Data["CanCreateIssueDependencies"] = ctx.Repo.CanCreateIssueDependencies(ctx, ctx.Doer, issue.IsPull) - - // check if dependencies can be created across repositories - ctx.Data["AllowCrossRepositoryDependencies"] = setting.Service.AllowCrossRepositoryDependencies - - if issue.ShowRole, err = roleDescriptor(ctx, repo, issue.Poster, issue, issue.HasOriginalAuthor()); err != nil { - ctx.ServerError("roleDescriptor", err) - return - } - marked[issue.PosterID] = issue.ShowRole - - // Render comments and fetch participants. - participants[0] = issue.Poster - - if err := issue.Comments.LoadAttachmentsByIssue(ctx); err != nil { - ctx.ServerError("LoadAttachmentsByIssue", err) - return - } - if err := issue.Comments.LoadPosters(ctx); err != nil { - ctx.ServerError("LoadPosters", err) - return - } - - for _, comment = range issue.Comments { - comment.Issue = issue - - if comment.Type == issues_model.CommentTypeComment || comment.Type == issues_model.CommentTypeReview { - comment.RenderedContent, err = markdown.RenderString(&markup.RenderContext{ - Links: markup.Links{ - Base: ctx.Repo.RepoLink, - }, - Metas: ctx.Repo.Repository.ComposeMetas(ctx), - GitRepo: ctx.Repo.GitRepo, - Repo: ctx.Repo.Repository, - Ctx: ctx, - }, comment.Content) - if err != nil { - ctx.ServerError("RenderString", err) - return - } - // Check tag. - role, ok = marked[comment.PosterID] - if ok { - comment.ShowRole = role - continue - } - - comment.ShowRole, err = roleDescriptor(ctx, repo, comment.Poster, issue, comment.HasOriginalAuthor()) - if err != nil { - ctx.ServerError("roleDescriptor", err) - return - } - marked[comment.PosterID] = comment.ShowRole - participants = addParticipant(comment.Poster, participants) - } else if comment.Type == issues_model.CommentTypeLabel { - if err = comment.LoadLabel(ctx); err != nil { - ctx.ServerError("LoadLabel", err) - return - } - } else if comment.Type == issues_model.CommentTypeMilestone { - if err = comment.LoadMilestone(ctx); err != nil { - ctx.ServerError("LoadMilestone", err) - return - } - ghostMilestone := &issues_model.Milestone{ - ID: -1, - Name: ctx.Locale.TrString("repo.issues.deleted_milestone"), - } - if comment.OldMilestoneID > 0 && comment.OldMilestone == nil { - comment.OldMilestone = ghostMilestone - } - if comment.MilestoneID > 0 && comment.Milestone == nil { - comment.Milestone = ghostMilestone - } - } else if comment.Type == issues_model.CommentTypeProject { - if err = comment.LoadProject(ctx); err != nil { - ctx.ServerError("LoadProject", err) - return - } - - ghostProject := &project_model.Project{ - ID: project_model.GhostProjectID, - Title: ctx.Locale.TrString("repo.issues.deleted_project"), - } - - if comment.OldProjectID > 0 && comment.OldProject == nil { - comment.OldProject = ghostProject - } - - if comment.ProjectID > 0 && comment.Project == nil { - comment.Project = ghostProject - } - } else if comment.Type == issues_model.CommentTypeProjectColumn { - if err = comment.LoadProject(ctx); err != nil { - ctx.ServerError("LoadProject", err) - return - } - } else if comment.Type == issues_model.CommentTypeAssignees || comment.Type == issues_model.CommentTypeReviewRequest { - if err = comment.LoadAssigneeUserAndTeam(ctx); err != nil { - ctx.ServerError("LoadAssigneeUserAndTeam", err) - return - } - } else if comment.Type == issues_model.CommentTypeRemoveDependency || comment.Type == issues_model.CommentTypeAddDependency { - if err = comment.LoadDepIssueDetails(ctx); err != nil { - if !issues_model.IsErrIssueNotExist(err) { - ctx.ServerError("LoadDepIssueDetails", err) - return - } - } - } else if comment.Type.HasContentSupport() { - comment.RenderedContent, err = markdown.RenderString(&markup.RenderContext{ - Links: markup.Links{ - Base: ctx.Repo.RepoLink, - }, - Metas: ctx.Repo.Repository.ComposeMetas(ctx), - GitRepo: ctx.Repo.GitRepo, - Repo: ctx.Repo.Repository, - Ctx: ctx, - }, comment.Content) - if err != nil { - ctx.ServerError("RenderString", err) - return - } - if err = comment.LoadReview(ctx); err != nil && !issues_model.IsErrReviewNotExist(err) { - ctx.ServerError("LoadReview", err) - return - } - participants = addParticipant(comment.Poster, participants) - if comment.Review == nil { - continue - } - if err = comment.Review.LoadAttributes(ctx); err != nil { - if !user_model.IsErrUserNotExist(err) { - ctx.ServerError("Review.LoadAttributes", err) - return - } - comment.Review.Reviewer = user_model.NewGhostUser() - } - if err = comment.Review.LoadCodeComments(ctx); err != nil { - ctx.ServerError("Review.LoadCodeComments", err) - return - } - for _, codeComments := range comment.Review.CodeComments { - for _, lineComments := range codeComments { - for _, c := range lineComments { - // Check tag. - role, ok = marked[c.PosterID] - if ok { - c.ShowRole = role - continue - } - - c.ShowRole, err = roleDescriptor(ctx, repo, c.Poster, issue, c.HasOriginalAuthor()) - if err != nil { - ctx.ServerError("roleDescriptor", err) - return - } - marked[c.PosterID] = c.ShowRole - participants = addParticipant(c.Poster, participants) - } - } - } - if err = comment.LoadResolveDoer(ctx); err != nil { - ctx.ServerError("LoadResolveDoer", err) - return - } - } else if comment.Type == issues_model.CommentTypePullRequestPush { - participants = addParticipant(comment.Poster, participants) - if err = comment.LoadPushCommits(ctx); err != nil { - ctx.ServerError("LoadPushCommits", err) - return - } - if !ctx.Repo.CanRead(unit.TypeActions) { - for _, commit := range comment.Commits { - commit.Status.HideActionsURL(ctx) - git_model.CommitStatusesHideActionsURL(ctx, commit.Statuses) - } - } - } else if comment.Type == issues_model.CommentTypeAddTimeManual || - comment.Type == issues_model.CommentTypeStopTracking || - comment.Type == issues_model.CommentTypeDeleteTimeManual { - // drop error since times could be pruned from DB.. - _ = comment.LoadTime(ctx) - if comment.Content != "" { - // Content before v1.21 did store the formatted string instead of seconds, - // so "|" is used as delimiter to mark the new format - if comment.Content[0] != '|' { - // handle old time comments that have formatted text stored - comment.RenderedContent = templates.SanitizeHTML(comment.Content) - comment.Content = "" - } else { - // else it's just a duration in seconds to pass on to the frontend - comment.Content = comment.Content[1:] - } - } - } - - if comment.Type == issues_model.CommentTypeClose || comment.Type == issues_model.CommentTypeMergePull { - // record ID of the latest closed/merged comment. - // if PR is closed, the comments whose type is CommentTypePullRequestPush(29) after latestCloseCommentID won't be rendered. - latestCloseCommentID = comment.ID - } - } - - ctx.Data["LatestCloseCommentID"] = latestCloseCommentID - - // Combine multiple label assignments into a single comment - combineLabelComments(issue) - - getBranchData(ctx, issue) - if issue.IsPull { - pull := issue.PullRequest - pull.Issue = issue - canDelete := false - allowMerge := false - canWriteToHeadRepo := false - - if ctx.IsSigned { - if err := pull.LoadHeadRepo(ctx); err != nil { - log.Error("LoadHeadRepo: %v", err) - } else if pull.HeadRepo != nil { - perm, err := access_model.GetUserRepoPermission(ctx, pull.HeadRepo, ctx.Doer) - if err != nil { - ctx.ServerError("GetUserRepoPermission", err) - return - } - if perm.CanWrite(unit.TypeCode) { - // Check if branch is not protected - if pull.HeadBranch != pull.HeadRepo.DefaultBranch { - if protected, err := git_model.IsBranchProtected(ctx, pull.HeadRepo.ID, pull.HeadBranch); err != nil { - log.Error("IsProtectedBranch: %v", err) - } else if !protected { - canDelete = true - ctx.Data["DeleteBranchLink"] = issue.Link() + "/cleanup" - } - } - canWriteToHeadRepo = true - } - } - - if err := pull.LoadBaseRepo(ctx); err != nil { - log.Error("LoadBaseRepo: %v", err) - } - perm, err := access_model.GetUserRepoPermission(ctx, pull.BaseRepo, ctx.Doer) - if err != nil { - ctx.ServerError("GetUserRepoPermission", err) - return - } - if !canWriteToHeadRepo { // maintainers maybe allowed to push to head repo even if they can't write to it - canWriteToHeadRepo = pull.AllowMaintainerEdit && perm.CanWrite(unit.TypeCode) - } - allowMerge, err = pull_service.IsUserAllowedToMerge(ctx, pull, perm, ctx.Doer) - if err != nil { - ctx.ServerError("IsUserAllowedToMerge", err) - return - } - - if ctx.Data["CanMarkConversation"], err = issues_model.CanMarkConversation(ctx, issue, ctx.Doer); err != nil { - ctx.ServerError("CanMarkConversation", err) - return - } - } - - ctx.Data["CanWriteToHeadRepo"] = canWriteToHeadRepo - ctx.Data["ShowMergeInstructions"] = canWriteToHeadRepo - ctx.Data["AllowMerge"] = allowMerge - - prUnit, err := repo.GetUnit(ctx, unit.TypePullRequests) - if err != nil { - ctx.ServerError("GetUnit", err) - return - } - prConfig := prUnit.PullRequestsConfig() - - ctx.Data["AutodetectManualMerge"] = prConfig.AutodetectManualMerge - - var mergeStyle repo_model.MergeStyle - // Check correct values and select default - if ms, ok := ctx.Data["MergeStyle"].(repo_model.MergeStyle); !ok || - !prConfig.IsMergeStyleAllowed(ms) { - defaultMergeStyle := prConfig.GetDefaultMergeStyle() - if prConfig.IsMergeStyleAllowed(defaultMergeStyle) && !ok { - mergeStyle = defaultMergeStyle - } else if prConfig.AllowMerge { - mergeStyle = repo_model.MergeStyleMerge - } else if prConfig.AllowRebase { - mergeStyle = repo_model.MergeStyleRebase - } else if prConfig.AllowRebaseMerge { - mergeStyle = repo_model.MergeStyleRebaseMerge - } else if prConfig.AllowSquash { - mergeStyle = repo_model.MergeStyleSquash - } else if prConfig.AllowFastForwardOnly { - mergeStyle = repo_model.MergeStyleFastForwardOnly - } else if prConfig.AllowManualMerge { - mergeStyle = repo_model.MergeStyleManuallyMerged - } - } - - ctx.Data["MergeStyle"] = mergeStyle - - defaultMergeMessage, defaultMergeBody, err := pull_service.GetDefaultMergeMessage(ctx, ctx.Repo.GitRepo, pull, mergeStyle) - if err != nil { - ctx.ServerError("GetDefaultMergeMessage", err) - return - } - ctx.Data["DefaultMergeMessage"] = defaultMergeMessage - ctx.Data["DefaultMergeBody"] = defaultMergeBody - - defaultSquashMergeMessage, defaultSquashMergeBody, err := pull_service.GetDefaultMergeMessage(ctx, ctx.Repo.GitRepo, pull, repo_model.MergeStyleSquash) - if err != nil { - ctx.ServerError("GetDefaultSquashMergeMessage", err) - return - } - ctx.Data["DefaultSquashMergeMessage"] = defaultSquashMergeMessage - ctx.Data["DefaultSquashMergeBody"] = defaultSquashMergeBody - - pb, err := git_model.GetFirstMatchProtectedBranchRule(ctx, pull.BaseRepoID, pull.BaseBranch) - if err != nil { - ctx.ServerError("LoadProtectedBranch", err) - return - } - - if pb != nil { - pb.Repo = pull.BaseRepo - ctx.Data["ProtectedBranch"] = pb - ctx.Data["IsBlockedByApprovals"] = !issues_model.HasEnoughApprovals(ctx, pb, pull) - ctx.Data["IsBlockedByRejection"] = issues_model.MergeBlockedByRejectedReview(ctx, pb, pull) - ctx.Data["IsBlockedByOfficialReviewRequests"] = issues_model.MergeBlockedByOfficialReviewRequests(ctx, pb, pull) - ctx.Data["IsBlockedByOutdatedBranch"] = issues_model.MergeBlockedByOutdatedBranch(pb, pull) - ctx.Data["GrantedApprovals"] = issues_model.GetGrantedApprovalsCount(ctx, pb, pull) - ctx.Data["RequireSigned"] = pb.RequireSignedCommits - ctx.Data["ChangedProtectedFiles"] = pull.ChangedProtectedFiles - ctx.Data["IsBlockedByChangedProtectedFiles"] = len(pull.ChangedProtectedFiles) != 0 - ctx.Data["ChangedProtectedFilesNum"] = len(pull.ChangedProtectedFiles) - ctx.Data["RequireApprovalsWhitelist"] = pb.EnableApprovalsWhitelist - } - ctx.Data["WillSign"] = false - if ctx.Doer != nil { - sign, key, _, err := asymkey_service.SignMerge(ctx, pull, ctx.Doer, pull.BaseRepo.RepoPath(), pull.BaseBranch, pull.GetGitRefName()) - ctx.Data["WillSign"] = sign - ctx.Data["SigningKey"] = key - if err != nil { - if asymkey_service.IsErrWontSign(err) { - ctx.Data["WontSignReason"] = err.(*asymkey_service.ErrWontSign).Reason - } else { - ctx.Data["WontSignReason"] = "error" - log.Error("Error whilst checking if could sign pr %d in repo %s. Error: %v", pull.ID, pull.BaseRepo.FullName(), err) - } - } - } else { - ctx.Data["WontSignReason"] = "not_signed_in" - } - - isPullBranchDeletable := canDelete && - pull.HeadRepo != nil && - git.IsBranchExist(ctx, pull.HeadRepo.RepoPath(), pull.HeadBranch) && - (!pull.HasMerged || ctx.Data["HeadBranchCommitID"] == ctx.Data["PullHeadCommitID"]) - - if isPullBranchDeletable && pull.HasMerged { - exist, err := issues_model.HasUnmergedPullRequestsByHeadInfo(ctx, pull.HeadRepoID, pull.HeadBranch) - if err != nil { - ctx.ServerError("HasUnmergedPullRequestsByHeadInfo", err) - return - } - - isPullBranchDeletable = !exist - } - ctx.Data["IsPullBranchDeletable"] = isPullBranchDeletable - - stillCanManualMerge := func() bool { - if pull.HasMerged || issue.IsClosed || !ctx.IsSigned { - return false - } - if pull.CanAutoMerge() || pull.IsWorkInProgress(ctx) || pull.IsChecking() { - return false - } - if allowMerge && prConfig.AllowManualMerge { - return true - } - - return false - } - - ctx.Data["StillCanManualMerge"] = stillCanManualMerge() - - // Check if there is a pending pr merge - ctx.Data["HasPendingPullRequestMerge"], ctx.Data["PendingPullRequestMerge"], err = pull_model.GetScheduledMergeByPullID(ctx, pull.ID) - if err != nil { - ctx.ServerError("GetScheduledMergeByPullID", err) - return - } - } - - // Get Dependencies - blockedBy, err := issue.BlockedByDependencies(ctx, db.ListOptions{}) - if err != nil { - ctx.ServerError("BlockedByDependencies", err) - return - } - ctx.Data["BlockedByDependencies"], ctx.Data["BlockedByDependenciesNotPermitted"] = checkBlockedByIssues(ctx, blockedBy) - if ctx.Written() { - return - } - - blocking, err := issue.BlockingDependencies(ctx) - if err != nil { - ctx.ServerError("BlockingDependencies", err) - return - } - - ctx.Data["BlockingDependencies"], ctx.Data["BlockingDependenciesNotPermitted"] = checkBlockedByIssues(ctx, blocking) - if ctx.Written() { - return - } - - var pinAllowed bool - if !issue.IsPinned() { - pinAllowed, err = issues_model.IsNewPinAllowed(ctx, issue.RepoID, issue.IsPull) - if err != nil { - ctx.ServerError("IsNewPinAllowed", err) - return - } - } else { - pinAllowed = true - } - - ctx.Data["Participants"] = participants - ctx.Data["NumParticipants"] = len(participants) - ctx.Data["Issue"] = issue - ctx.Data["Reference"] = issue.Ref - ctx.Data["SignInLink"] = setting.AppSubURL + "/user/login?redirect_to=" + url.QueryEscape(ctx.Data["Link"].(string)) - ctx.Data["IsIssuePoster"] = ctx.IsSigned && issue.IsPoster(ctx.Doer.ID) - ctx.Data["HasIssuesOrPullsWritePermission"] = ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) - ctx.Data["HasProjectsWritePermission"] = ctx.Repo.CanWrite(unit.TypeProjects) - ctx.Data["IsRepoAdmin"] = ctx.IsSigned && (ctx.Repo.IsAdmin() || ctx.Doer.IsAdmin) - ctx.Data["LockReasons"] = setting.Repository.Issue.LockReasons - ctx.Data["RefEndName"] = git.RefName(issue.Ref).ShortName() - ctx.Data["NewPinAllowed"] = pinAllowed - ctx.Data["PinEnabled"] = setting.Repository.Issue.MaxPinned != 0 - - var hiddenCommentTypes *big.Int - if ctx.IsSigned { - val, err := user_model.GetUserSetting(ctx, ctx.Doer.ID, user_model.SettingsKeyHiddenCommentTypes) - if err != nil { - ctx.ServerError("GetUserSetting", err) - return - } - hiddenCommentTypes, _ = new(big.Int).SetString(val, 10) // we can safely ignore the failed conversion here - } - ctx.Data["ShouldShowCommentType"] = func(commentType issues_model.CommentType) bool { - return hiddenCommentTypes == nil || hiddenCommentTypes.Bit(int(commentType)) == 0 - } - // For sidebar - PrepareBranchList(ctx) - - if ctx.Written() { - return - } - - tags, err := repo_model.GetTagNamesByRepoID(ctx, ctx.Repo.Repository.ID) - if err != nil { - ctx.ServerError("GetTagNamesByRepoID", err) - return - } - ctx.Data["Tags"] = tags - - ctx.Data["CanBlockUser"] = func(blocker, blockee *user_model.User) bool { - return user_service.CanBlockUser(ctx, ctx.Doer, blocker, blockee) - } - - ctx.HTML(http.StatusOK, tplIssueView) -} - -// checkBlockedByIssues return canRead and notPermitted -func checkBlockedByIssues(ctx *context.Context, blockers []*issues_model.DependencyInfo) (canRead, notPermitted []*issues_model.DependencyInfo) { - repoPerms := make(map[int64]access_model.Permission) - repoPerms[ctx.Repo.Repository.ID] = ctx.Repo.Permission - for _, blocker := range blockers { - // Get the permissions for this repository - // If the repo ID exists in the map, return the exist permissions - // else get the permission and add it to the map - var perm access_model.Permission - existPerm, ok := repoPerms[blocker.RepoID] - if ok { - perm = existPerm - } else { - var err error - perm, err = access_model.GetUserRepoPermission(ctx, &blocker.Repository, ctx.Doer) - if err != nil { - ctx.ServerError("GetUserRepoPermission", err) - return nil, nil - } - repoPerms[blocker.RepoID] = perm - } - if perm.CanReadIssuesOrPulls(blocker.Issue.IsPull) { - canRead = append(canRead, blocker) - } else { - notPermitted = append(notPermitted, blocker) - } - } - sortDependencyInfo(canRead) - sortDependencyInfo(notPermitted) - return canRead, notPermitted -} - -func sortDependencyInfo(blockers []*issues_model.DependencyInfo) { - sort.Slice(blockers, func(i, j int) bool { - if blockers[i].RepoID == blockers[j].RepoID { - return blockers[i].Issue.CreatedUnix < blockers[j].Issue.CreatedUnix - } - return blockers[i].RepoID < blockers[j].RepoID - }) -} - // GetActionIssue will return the issue which is used in the context. func GetActionIssue(ctx *context.Context) *issues_model.Issue { issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.PathParamInt64(":index")) @@ -2484,852 +480,6 @@ func UpdateIssueAssignee(ctx *context.Context) { ctx.JSONOK() } -// UpdatePullReviewRequest add or remove review request -func UpdatePullReviewRequest(ctx *context.Context) { - issues := getActionIssues(ctx) - if ctx.Written() { - return - } - - reviewID := ctx.FormInt64("id") - action := ctx.FormString("action") - - // TODO: Not support 'clear' now - if action != "attach" && action != "detach" { - ctx.Status(http.StatusForbidden) - return - } - - for _, issue := range issues { - if err := issue.LoadRepo(ctx); err != nil { - ctx.ServerError("issue.LoadRepo", err) - return - } - - if !issue.IsPull { - log.Warn( - "UpdatePullReviewRequest: refusing to add review request for non-PR issue %-v#%d", - issue.Repo, issue.Index, - ) - ctx.Status(http.StatusForbidden) - return - } - if reviewID < 0 { - // negative reviewIDs represent team requests - if err := issue.Repo.LoadOwner(ctx); err != nil { - ctx.ServerError("issue.Repo.LoadOwner", err) - return - } - - if !issue.Repo.Owner.IsOrganization() { - log.Warn( - "UpdatePullReviewRequest: refusing to add team review request for %s#%d owned by non organization UID[%d]", - issue.Repo.FullName(), issue.Index, issue.Repo.ID, - ) - ctx.Status(http.StatusForbidden) - return - } - - team, err := organization.GetTeamByID(ctx, -reviewID) - if err != nil { - ctx.ServerError("GetTeamByID", err) - return - } - - if team.OrgID != issue.Repo.OwnerID { - log.Warn( - "UpdatePullReviewRequest: refusing to add team review request for UID[%d] team %s to %s#%d owned by UID[%d]", - team.OrgID, team.Name, issue.Repo.FullName(), issue.Index, issue.Repo.ID) - ctx.Status(http.StatusForbidden) - return - } - - _, err = issue_service.TeamReviewRequest(ctx, issue, ctx.Doer, team, action == "attach") - if err != nil { - if issues_model.IsErrNotValidReviewRequest(err) { - log.Warn( - "UpdatePullReviewRequest: refusing to add invalid team review request for UID[%d] team %s to %s#%d owned by UID[%d]: Error: %v", - team.OrgID, team.Name, issue.Repo.FullName(), issue.Index, issue.Repo.ID, - err, - ) - ctx.Status(http.StatusForbidden) - return - } - ctx.ServerError("TeamReviewRequest", err) - return - } - continue - } - - reviewer, err := user_model.GetUserByID(ctx, reviewID) - if err != nil { - if user_model.IsErrUserNotExist(err) { - log.Warn( - "UpdatePullReviewRequest: requested reviewer [%d] for %-v to %-v#%d is not exist: Error: %v", - reviewID, issue.Repo, issue.Index, - err, - ) - ctx.Status(http.StatusForbidden) - return - } - ctx.ServerError("GetUserByID", err) - return - } - - _, err = issue_service.ReviewRequest(ctx, issue, ctx.Doer, &ctx.Repo.Permission, reviewer, action == "attach") - if err != nil { - if issues_model.IsErrNotValidReviewRequest(err) { - log.Warn( - "UpdatePullReviewRequest: refusing to add invalid review request for %-v to %-v#%d: Error: %v", - reviewer, issue.Repo, issue.Index, - err, - ) - ctx.Status(http.StatusForbidden) - return - } - if issues_model.IsErrReviewRequestOnClosedPR(err) { - ctx.Status(http.StatusForbidden) - return - } - ctx.ServerError("ReviewRequest", err) - return - } - } - - ctx.JSONOK() -} - -// SearchIssues searches for issues across the repositories that the user has access to -func SearchIssues(ctx *context.Context) { - before, since, err := context.GetQueryBeforeSince(ctx.Base) - if err != nil { - ctx.Error(http.StatusUnprocessableEntity, err.Error()) - return - } - - var isClosed optional.Option[bool] - switch ctx.FormString("state") { - case "closed": - isClosed = optional.Some(true) - case "all": - isClosed = optional.None[bool]() - default: - isClosed = optional.Some(false) - } - - var ( - repoIDs []int64 - allPublic bool - ) - { - // find repos user can access (for issue search) - opts := &repo_model.SearchRepoOptions{ - Private: false, - AllPublic: true, - TopicOnly: false, - Collaborate: optional.None[bool](), - // This needs to be a column that is not nil in fixtures or - // MySQL will return different results when sorting by null in some cases - OrderBy: db.SearchOrderByAlphabetically, - Actor: ctx.Doer, - } - if ctx.IsSigned { - opts.Private = true - opts.AllLimited = true - } - if ctx.FormString("owner") != "" { - owner, err := user_model.GetUserByName(ctx, ctx.FormString("owner")) - if err != nil { - if user_model.IsErrUserNotExist(err) { - ctx.Error(http.StatusBadRequest, "Owner not found", err.Error()) - } else { - ctx.Error(http.StatusInternalServerError, "GetUserByName", err.Error()) - } - return - } - opts.OwnerID = owner.ID - opts.AllLimited = false - opts.AllPublic = false - opts.Collaborate = optional.Some(false) - } - if ctx.FormString("team") != "" { - if ctx.FormString("owner") == "" { - ctx.Error(http.StatusBadRequest, "", "Owner organisation is required for filtering on team") - return - } - team, err := organization.GetTeam(ctx, opts.OwnerID, ctx.FormString("team")) - if err != nil { - if organization.IsErrTeamNotExist(err) { - ctx.Error(http.StatusBadRequest, "Team not found", err.Error()) - } else { - ctx.Error(http.StatusInternalServerError, "GetUserByName", err.Error()) - } - return - } - opts.TeamID = team.ID - } - - if opts.AllPublic { - allPublic = true - opts.AllPublic = false // set it false to avoid returning too many repos, we could filter by indexer - } - repoIDs, _, err = repo_model.SearchRepositoryIDs(ctx, opts) - if err != nil { - ctx.Error(http.StatusInternalServerError, "SearchRepositoryIDs", err.Error()) - return - } - if len(repoIDs) == 0 { - // no repos found, don't let the indexer return all repos - repoIDs = []int64{0} - } - } - - keyword := ctx.FormTrim("q") - if strings.IndexByte(keyword, 0) >= 0 { - keyword = "" - } - - isPull := optional.None[bool]() - switch ctx.FormString("type") { - case "pulls": - isPull = optional.Some(true) - case "issues": - isPull = optional.Some(false) - } - - var includedAnyLabels []int64 - { - labels := ctx.FormTrim("labels") - var includedLabelNames []string - if len(labels) > 0 { - includedLabelNames = strings.Split(labels, ",") - } - includedAnyLabels, err = issues_model.GetLabelIDsByNames(ctx, includedLabelNames) - if err != nil { - ctx.Error(http.StatusInternalServerError, "GetLabelIDsByNames", err.Error()) - return - } - } - - var includedMilestones []int64 - { - milestones := ctx.FormTrim("milestones") - var includedMilestoneNames []string - if len(milestones) > 0 { - includedMilestoneNames = strings.Split(milestones, ",") - } - includedMilestones, err = issues_model.GetMilestoneIDsByNames(ctx, includedMilestoneNames) - if err != nil { - ctx.Error(http.StatusInternalServerError, "GetMilestoneIDsByNames", err.Error()) - return - } - } - - projectID := optional.None[int64]() - if v := ctx.FormInt64("project"); v > 0 { - projectID = optional.Some(v) - } - - // this api is also used in UI, - // so the default limit is set to fit UI needs - limit := ctx.FormInt("limit") - if limit == 0 { - limit = setting.UI.IssuePagingNum - } else if limit > setting.API.MaxResponseItems { - limit = setting.API.MaxResponseItems - } - - searchOpt := &issue_indexer.SearchOptions{ - Paginator: &db.ListOptions{ - Page: ctx.FormInt("page"), - PageSize: limit, - }, - Keyword: keyword, - RepoIDs: repoIDs, - AllPublic: allPublic, - IsPull: isPull, - IsClosed: isClosed, - IncludedAnyLabelIDs: includedAnyLabels, - MilestoneIDs: includedMilestones, - ProjectID: projectID, - SortBy: issue_indexer.SortByCreatedDesc, - } - - if since != 0 { - searchOpt.UpdatedAfterUnix = optional.Some(since) - } - if before != 0 { - searchOpt.UpdatedBeforeUnix = optional.Some(before) - } - - if ctx.IsSigned { - ctxUserID := ctx.Doer.ID - if ctx.FormBool("created") { - searchOpt.PosterID = optional.Some(ctxUserID) - } - if ctx.FormBool("assigned") { - searchOpt.AssigneeID = optional.Some(ctxUserID) - } - if ctx.FormBool("mentioned") { - searchOpt.MentionID = optional.Some(ctxUserID) - } - if ctx.FormBool("review_requested") { - searchOpt.ReviewRequestedID = optional.Some(ctxUserID) - } - if ctx.FormBool("reviewed") { - searchOpt.ReviewedID = optional.Some(ctxUserID) - } - } - - // FIXME: It's unsupported to sort by priority repo when searching by indexer, - // it's indeed an regression, but I think it is worth to support filtering by indexer first. - _ = ctx.FormInt64("priority_repo_id") - - ids, total, err := issue_indexer.SearchIssues(ctx, searchOpt) - if err != nil { - ctx.Error(http.StatusInternalServerError, "SearchIssues", err.Error()) - return - } - issues, err := issues_model.GetIssuesByIDs(ctx, ids, true) - if err != nil { - ctx.Error(http.StatusInternalServerError, "FindIssuesByIDs", err.Error()) - return - } - - ctx.SetTotalCountHeader(total) - ctx.JSON(http.StatusOK, convert.ToIssueList(ctx, ctx.Doer, issues)) -} - -func getUserIDForFilter(ctx *context.Context, queryName string) int64 { - userName := ctx.FormString(queryName) - if len(userName) == 0 { - return 0 - } - - user, err := user_model.GetUserByName(ctx, userName) - if user_model.IsErrUserNotExist(err) { - ctx.NotFound("", err) - return 0 - } - - if err != nil { - ctx.Error(http.StatusInternalServerError, err.Error()) - return 0 - } - - return user.ID -} - -// ListIssues list the issues of a repository -func ListIssues(ctx *context.Context) { - before, since, err := context.GetQueryBeforeSince(ctx.Base) - if err != nil { - ctx.Error(http.StatusUnprocessableEntity, err.Error()) - return - } - - var isClosed optional.Option[bool] - switch ctx.FormString("state") { - case "closed": - isClosed = optional.Some(true) - case "all": - isClosed = optional.None[bool]() - default: - isClosed = optional.Some(false) - } - - keyword := ctx.FormTrim("q") - if strings.IndexByte(keyword, 0) >= 0 { - keyword = "" - } - - var labelIDs []int64 - if splitted := strings.Split(ctx.FormString("labels"), ","); len(splitted) > 0 { - labelIDs, err = issues_model.GetLabelIDsInRepoByNames(ctx, ctx.Repo.Repository.ID, splitted) - if err != nil { - ctx.Error(http.StatusInternalServerError, err.Error()) - return - } - } - - var mileIDs []int64 - if part := strings.Split(ctx.FormString("milestones"), ","); len(part) > 0 { - for i := range part { - // uses names and fall back to ids - // non existent milestones are discarded - mile, err := issues_model.GetMilestoneByRepoIDANDName(ctx, ctx.Repo.Repository.ID, part[i]) - if err == nil { - mileIDs = append(mileIDs, mile.ID) - continue - } - if !issues_model.IsErrMilestoneNotExist(err) { - ctx.Error(http.StatusInternalServerError, err.Error()) - return - } - id, err := strconv.ParseInt(part[i], 10, 64) - if err != nil { - continue - } - mile, err = issues_model.GetMilestoneByRepoID(ctx, ctx.Repo.Repository.ID, id) - if err == nil { - mileIDs = append(mileIDs, mile.ID) - continue - } - if issues_model.IsErrMilestoneNotExist(err) { - continue - } - ctx.Error(http.StatusInternalServerError, err.Error()) - } - } - - projectID := optional.None[int64]() - if v := ctx.FormInt64("project"); v > 0 { - projectID = optional.Some(v) - } - - isPull := optional.None[bool]() - switch ctx.FormString("type") { - case "pulls": - isPull = optional.Some(true) - case "issues": - isPull = optional.Some(false) - } - - // FIXME: we should be more efficient here - createdByID := getUserIDForFilter(ctx, "created_by") - if ctx.Written() { - return - } - assignedByID := getUserIDForFilter(ctx, "assigned_by") - if ctx.Written() { - return - } - mentionedByID := getUserIDForFilter(ctx, "mentioned_by") - if ctx.Written() { - return - } - - searchOpt := &issue_indexer.SearchOptions{ - Paginator: &db.ListOptions{ - Page: ctx.FormInt("page"), - PageSize: convert.ToCorrectPageSize(ctx.FormInt("limit")), - }, - Keyword: keyword, - RepoIDs: []int64{ctx.Repo.Repository.ID}, - IsPull: isPull, - IsClosed: isClosed, - ProjectID: projectID, - SortBy: issue_indexer.SortByCreatedDesc, - } - if since != 0 { - searchOpt.UpdatedAfterUnix = optional.Some(since) - } - if before != 0 { - searchOpt.UpdatedBeforeUnix = optional.Some(before) - } - if len(labelIDs) == 1 && labelIDs[0] == 0 { - searchOpt.NoLabelOnly = true - } else { - for _, labelID := range labelIDs { - if labelID > 0 { - searchOpt.IncludedLabelIDs = append(searchOpt.IncludedLabelIDs, labelID) - } else { - searchOpt.ExcludedLabelIDs = append(searchOpt.ExcludedLabelIDs, -labelID) - } - } - } - - if len(mileIDs) == 1 && mileIDs[0] == db.NoConditionID { - searchOpt.MilestoneIDs = []int64{0} - } else { - searchOpt.MilestoneIDs = mileIDs - } - - if createdByID > 0 { - searchOpt.PosterID = optional.Some(createdByID) - } - if assignedByID > 0 { - searchOpt.AssigneeID = optional.Some(assignedByID) - } - if mentionedByID > 0 { - searchOpt.MentionID = optional.Some(mentionedByID) - } - - ids, total, err := issue_indexer.SearchIssues(ctx, searchOpt) - if err != nil { - ctx.Error(http.StatusInternalServerError, "SearchIssues", err.Error()) - return - } - issues, err := issues_model.GetIssuesByIDs(ctx, ids, true) - if err != nil { - ctx.Error(http.StatusInternalServerError, "FindIssuesByIDs", err.Error()) - return - } - - ctx.SetTotalCountHeader(total) - ctx.JSON(http.StatusOK, convert.ToIssueList(ctx, ctx.Doer, issues)) -} - -func BatchDeleteIssues(ctx *context.Context) { - issues := getActionIssues(ctx) - if ctx.Written() { - return - } - for _, issue := range issues { - if err := issue_service.DeleteIssue(ctx, ctx.Doer, ctx.Repo.GitRepo, issue); err != nil { - ctx.ServerError("DeleteIssue", err) - return - } - } - ctx.JSONOK() -} - -// UpdateIssueStatus change issue's status -func UpdateIssueStatus(ctx *context.Context) { - issues := getActionIssues(ctx) - if ctx.Written() { - return - } - - var isClosed bool - switch action := ctx.FormString("action"); action { - case "open": - isClosed = false - case "close": - isClosed = true - default: - log.Warn("Unrecognized action: %s", action) - } - - if _, err := issues.LoadRepositories(ctx); err != nil { - ctx.ServerError("LoadRepositories", err) - return - } - if err := issues.LoadPullRequests(ctx); err != nil { - ctx.ServerError("LoadPullRequests", err) - return - } - - for _, issue := range issues { - if issue.IsPull && issue.PullRequest.HasMerged { - continue - } - if issue.IsClosed != isClosed { - if err := issue_service.ChangeStatus(ctx, issue, ctx.Doer, "", isClosed); err != nil { - if issues_model.IsErrDependenciesLeft(err) { - ctx.JSON(http.StatusPreconditionFailed, map[string]any{ - "error": ctx.Tr("repo.issues.dependency.issue_batch_close_blocked", issue.Index), - }) - return - } - ctx.ServerError("ChangeStatus", err) - return - } - } - } - ctx.JSONOK() -} - -// NewComment create a comment for issue -func NewComment(ctx *context.Context) { - form := web.GetForm(ctx).(*forms.CreateCommentForm) - issue := GetActionIssue(ctx) - if ctx.Written() { - return - } - - if !ctx.IsSigned || (ctx.Doer.ID != issue.PosterID && !ctx.Repo.CanReadIssuesOrPulls(issue.IsPull)) { - if log.IsTrace() { - if ctx.IsSigned { - issueType := "issues" - if issue.IsPull { - issueType = "pulls" - } - log.Trace("Permission Denied: User %-v not the Poster (ID: %d) and cannot read %s in Repo %-v.\n"+ - "User in Repo has Permissions: %-+v", - ctx.Doer, - issue.PosterID, - issueType, - ctx.Repo.Repository, - ctx.Repo.Permission) - } else { - log.Trace("Permission Denied: Not logged in") - } - } - - ctx.Error(http.StatusForbidden) - return - } - - if issue.IsLocked && !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) && !ctx.Doer.IsAdmin { - ctx.JSONError(ctx.Tr("repo.issues.comment_on_locked")) - return - } - - var attachments []string - if setting.Attachment.Enabled { - attachments = form.Files - } - - if ctx.HasError() { - ctx.JSONError(ctx.GetErrMsg()) - return - } - - var comment *issues_model.Comment - defer func() { - // Check if issue admin/poster changes the status of issue. - if (ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) || (ctx.IsSigned && issue.IsPoster(ctx.Doer.ID))) && - (form.Status == "reopen" || form.Status == "close") && - !(issue.IsPull && issue.PullRequest.HasMerged) { - // Duplication and conflict check should apply to reopen pull request. - var pr *issues_model.PullRequest - - if form.Status == "reopen" && issue.IsPull { - pull := issue.PullRequest - var err error - pr, err = issues_model.GetUnmergedPullRequest(ctx, pull.HeadRepoID, pull.BaseRepoID, pull.HeadBranch, pull.BaseBranch, pull.Flow) - if err != nil { - if !issues_model.IsErrPullRequestNotExist(err) { - ctx.JSONError(ctx.Tr("repo.issues.dependency.pr_close_blocked")) - return - } - } - - // Regenerate patch and test conflict. - if pr == nil { - issue.PullRequest.HeadCommitID = "" - pull_service.AddToTaskQueue(ctx, issue.PullRequest) - } - - // check whether the ref of PR in base repo is consistent with the head commit of head branch in the head repo - // get head commit of PR - if pull.Flow == issues_model.PullRequestFlowGithub { - prHeadRef := pull.GetGitRefName() - if err := pull.LoadBaseRepo(ctx); err != nil { - ctx.ServerError("Unable to load base repo", err) - return - } - prHeadCommitID, err := git.GetFullCommitID(ctx, pull.BaseRepo.RepoPath(), prHeadRef) - if err != nil { - ctx.ServerError("Get head commit Id of pr fail", err) - return - } - - // get head commit of branch in the head repo - if err := pull.LoadHeadRepo(ctx); err != nil { - ctx.ServerError("Unable to load head repo", err) - return - } - if ok := git.IsBranchExist(ctx, pull.HeadRepo.RepoPath(), pull.BaseBranch); !ok { - // todo localize - ctx.JSONError("The origin branch is delete, cannot reopen.") - return - } - headBranchRef := pull.GetGitHeadBranchRefName() - headBranchCommitID, err := git.GetFullCommitID(ctx, pull.HeadRepo.RepoPath(), headBranchRef) - if err != nil { - ctx.ServerError("Get head commit Id of head branch fail", err) - return - } - - err = pull.LoadIssue(ctx) - if err != nil { - ctx.ServerError("load the issue of pull request error", err) - return - } - - if prHeadCommitID != headBranchCommitID { - // force push to base repo - err := git.Push(ctx, pull.HeadRepo.RepoPath(), git.PushOptions{ - Remote: pull.BaseRepo.RepoPath(), - Branch: pull.HeadBranch + ":" + prHeadRef, - Force: true, - Env: repo_module.InternalPushingEnvironment(pull.Issue.Poster, pull.BaseRepo), - }) - if err != nil { - ctx.ServerError("force push error", err) - return - } - } - } - } - - if pr != nil { - ctx.Flash.Info(ctx.Tr("repo.pulls.open_unmerged_pull_exists", pr.Index)) - } else { - isClosed := form.Status == "close" - if err := issue_service.ChangeStatus(ctx, issue, ctx.Doer, "", isClosed); err != nil { - log.Error("ChangeStatus: %v", err) - - if issues_model.IsErrDependenciesLeft(err) { - if issue.IsPull { - ctx.JSONError(ctx.Tr("repo.issues.dependency.pr_close_blocked")) - } else { - ctx.JSONError(ctx.Tr("repo.issues.dependency.issue_close_blocked")) - } - return - } - } else { - if err := stopTimerIfAvailable(ctx, ctx.Doer, issue); err != nil { - ctx.ServerError("CreateOrStopIssueStopwatch", err) - return - } - - log.Trace("Issue [%d] status changed to closed: %v", issue.ID, issue.IsClosed) - } - } - } - - // Redirect to comment hashtag if there is any actual content. - typeName := "issues" - if issue.IsPull { - typeName = "pulls" - } - if comment != nil { - ctx.JSONRedirect(fmt.Sprintf("%s/%s/%d#%s", ctx.Repo.RepoLink, typeName, issue.Index, comment.HashTag())) - } else { - ctx.JSONRedirect(fmt.Sprintf("%s/%s/%d", ctx.Repo.RepoLink, typeName, issue.Index)) - } - }() - - // Fix #321: Allow empty comments, as long as we have attachments. - if len(form.Content) == 0 && len(attachments) == 0 { - return - } - - comment, err := issue_service.CreateIssueComment(ctx, ctx.Doer, ctx.Repo.Repository, issue, form.Content, attachments) - if err != nil { - if errors.Is(err, user_model.ErrBlockedUser) { - ctx.JSONError(ctx.Tr("repo.issues.comment.blocked_user")) - } else { - ctx.ServerError("CreateIssueComment", err) - } - return - } - - log.Trace("Comment created: %d/%d/%d", ctx.Repo.Repository.ID, issue.ID, comment.ID) -} - -// UpdateCommentContent change comment of issue's content -func UpdateCommentContent(ctx *context.Context) { - comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64(":id")) - if err != nil { - ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err) - return - } - - if err := comment.LoadIssue(ctx); err != nil { - ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err) - return - } - - if comment.Issue.RepoID != ctx.Repo.Repository.ID { - ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{}) - return - } - - if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) { - ctx.Error(http.StatusForbidden) - return - } - - if !comment.Type.HasContentSupport() { - ctx.Error(http.StatusNoContent) - return - } - - oldContent := comment.Content - newContent := ctx.FormString("content") - contentVersion := ctx.FormInt("content_version") - - // allow to save empty content - comment.Content = newContent - if err = issue_service.UpdateComment(ctx, comment, contentVersion, ctx.Doer, oldContent); err != nil { - if errors.Is(err, user_model.ErrBlockedUser) { - ctx.JSONError(ctx.Tr("repo.issues.comment.blocked_user")) - } else if errors.Is(err, issues_model.ErrCommentAlreadyChanged) { - ctx.JSONError(ctx.Tr("repo.comments.edit.already_changed")) - } else { - ctx.ServerError("UpdateComment", err) - } - return - } - - if err := comment.LoadAttachments(ctx); err != nil { - ctx.ServerError("LoadAttachments", err) - return - } - - // when the update request doesn't intend to update attachments (eg: change checkbox state), ignore attachment updates - if !ctx.FormBool("ignore_attachments") { - if err := updateAttachments(ctx, comment, ctx.FormStrings("files[]")); err != nil { - ctx.ServerError("UpdateAttachments", err) - return - } - } - - var renderedContent template.HTML - if comment.Content != "" { - renderedContent, err = markdown.RenderString(&markup.RenderContext{ - Links: markup.Links{ - Base: ctx.FormString("context"), // FIXME: <- IS THIS SAFE ? - }, - Metas: ctx.Repo.Repository.ComposeMetas(ctx), - GitRepo: ctx.Repo.GitRepo, - Repo: ctx.Repo.Repository, - Ctx: ctx, - }, comment.Content) - if err != nil { - ctx.ServerError("RenderString", err) - return - } - } else { - contentEmpty := fmt.Sprintf(`%s`, ctx.Tr("repo.issues.no_content")) - renderedContent = template.HTML(contentEmpty) - } - - ctx.JSON(http.StatusOK, map[string]any{ - "content": renderedContent, - "contentVersion": comment.ContentVersion, - "attachments": attachmentsHTML(ctx, comment.Attachments, comment.Content), - }) -} - -// DeleteComment delete comment of issue -func DeleteComment(ctx *context.Context) { - comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64(":id")) - if err != nil { - ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err) - return - } - - if err := comment.LoadIssue(ctx); err != nil { - ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err) - return - } - - if comment.Issue.RepoID != ctx.Repo.Repository.ID { - ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{}) - return - } - - if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) { - ctx.Error(http.StatusForbidden) - return - } else if !comment.Type.HasContentSupport() { - ctx.Error(http.StatusNoContent) - return - } - - if err = issue_service.DeleteComment(ctx, ctx.Doer, comment); err != nil { - ctx.ServerError("DeleteComment", err) - return - } - - ctx.Status(http.StatusOK) -} - // ChangeIssueReaction create a reaction for issue func ChangeIssueReaction(ctx *context.Context) { form := web.GetForm(ctx).(*forms.ReactionForm) @@ -3425,146 +575,6 @@ func ChangeIssueReaction(ctx *context.Context) { }) } -// ChangeCommentReaction create a reaction for comment -func ChangeCommentReaction(ctx *context.Context) { - form := web.GetForm(ctx).(*forms.ReactionForm) - comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64(":id")) - if err != nil { - ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err) - return - } - - if err := comment.LoadIssue(ctx); err != nil { - ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err) - return - } - - if comment.Issue.RepoID != ctx.Repo.Repository.ID { - ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{}) - return - } - - if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanReadIssuesOrPulls(comment.Issue.IsPull)) { - if log.IsTrace() { - if ctx.IsSigned { - issueType := "issues" - if comment.Issue.IsPull { - issueType = "pulls" - } - log.Trace("Permission Denied: User %-v not the Poster (ID: %d) and cannot read %s in Repo %-v.\n"+ - "User in Repo has Permissions: %-+v", - ctx.Doer, - comment.Issue.PosterID, - issueType, - ctx.Repo.Repository, - ctx.Repo.Permission) - } else { - log.Trace("Permission Denied: Not logged in") - } - } - - ctx.Error(http.StatusForbidden) - return - } - - if !comment.Type.HasContentSupport() { - ctx.Error(http.StatusNoContent) - return - } - - switch ctx.PathParam(":action") { - case "react": - reaction, err := issue_service.CreateCommentReaction(ctx, ctx.Doer, comment, form.Content) - if err != nil { - if issues_model.IsErrForbiddenIssueReaction(err) || errors.Is(err, user_model.ErrBlockedUser) { - ctx.ServerError("ChangeIssueReaction", err) - return - } - log.Info("CreateCommentReaction: %s", err) - break - } - // Reload new reactions - comment.Reactions = nil - if err = comment.LoadReactions(ctx, ctx.Repo.Repository); err != nil { - log.Info("comment.LoadReactions: %s", err) - break - } - - log.Trace("Reaction for comment created: %d/%d/%d/%d", ctx.Repo.Repository.ID, comment.Issue.ID, comment.ID, reaction.ID) - case "unreact": - if err := issues_model.DeleteCommentReaction(ctx, ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Content); err != nil { - ctx.ServerError("DeleteCommentReaction", err) - return - } - - // Reload new reactions - comment.Reactions = nil - if err = comment.LoadReactions(ctx, ctx.Repo.Repository); err != nil { - log.Info("comment.LoadReactions: %s", err) - break - } - - log.Trace("Reaction for comment removed: %d/%d/%d", ctx.Repo.Repository.ID, comment.Issue.ID, comment.ID) - default: - ctx.NotFound(fmt.Sprintf("Unknown action %s", ctx.PathParam(":action")), nil) - return - } - - if len(comment.Reactions) == 0 { - ctx.JSON(http.StatusOK, map[string]any{ - "empty": true, - "html": "", - }) - return - } - - html, err := ctx.RenderToHTML(tplReactions, map[string]any{ - "ActionURL": fmt.Sprintf("%s/comments/%d/reactions", ctx.Repo.RepoLink, comment.ID), - "Reactions": comment.Reactions.GroupByType(), - }) - if err != nil { - ctx.ServerError("ChangeCommentReaction.HTMLString", err) - return - } - ctx.JSON(http.StatusOK, map[string]any{ - "html": html, - }) -} - -func addParticipant(poster *user_model.User, participants []*user_model.User) []*user_model.User { - for _, part := range participants { - if poster.ID == part.ID { - return participants - } - } - return append(participants, poster) -} - -func filterXRefComments(ctx *context.Context, issue *issues_model.Issue) error { - // Remove comments that the user has no permissions to see - for i := 0; i < len(issue.Comments); { - c := issue.Comments[i] - if issues_model.CommentTypeIsRef(c.Type) && c.RefRepoID != issue.RepoID && c.RefRepoID != 0 { - var err error - // Set RefRepo for description in template - c.RefRepo, err = repo_model.GetRepositoryByID(ctx, c.RefRepoID) - if err != nil { - return err - } - perm, err := access_model.GetUserRepoPermission(ctx, c.RefRepo, ctx.Doer) - if err != nil { - return err - } - if !perm.CanReadIssuesOrPulls(c.RefIsPull) { - issue.Comments = append(issue.Comments[:i], issue.Comments[i+1:]...) - continue - } - } - i++ - } - return nil -} - // GetIssueAttachments returns attachments for the issue func GetIssueAttachments(ctx *context.Context) { issue := GetActionIssue(ctx) @@ -3578,45 +588,6 @@ func GetIssueAttachments(ctx *context.Context) { ctx.JSON(http.StatusOK, attachments) } -// GetCommentAttachments returns attachments for the comment -func GetCommentAttachments(ctx *context.Context) { - comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64(":id")) - if err != nil { - ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err) - return - } - - if err := comment.LoadIssue(ctx); err != nil { - ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err) - return - } - - if comment.Issue.RepoID != ctx.Repo.Repository.ID { - ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{}) - return - } - - if !ctx.Repo.Permission.CanReadIssuesOrPulls(comment.Issue.IsPull) { - ctx.NotFound("CanReadIssuesOrPulls", issues_model.ErrCommentNotExist{}) - return - } - - if !comment.Type.HasAttachmentSupport() { - ctx.ServerError("GetCommentAttachments", fmt.Errorf("comment type %v does not support attachments", comment.Type)) - return - } - - attachments := make([]*api.Attachment, 0) - if err := comment.LoadAttachments(ctx); err != nil { - ctx.ServerError("LoadAttachments", err) - return - } - for i := 0; i < len(comment.Attachments); i++ { - attachments = append(attachments, convert.ToAttachment(ctx.Repo.Repository, comment.Attachments[i])) - } - ctx.JSON(http.StatusOK, attachments) -} - func updateAttachments(ctx *context.Context, item any, files []string) error { var attachments []*repo_model.Attachment switch content := item.(type) { @@ -3673,73 +644,6 @@ func attachmentsHTML(ctx *context.Context, attachments []*repo_model.Attachment, return attachHTML } -// combineLabelComments combine the nearby label comments as one. -func combineLabelComments(issue *issues_model.Issue) { - var prev, cur *issues_model.Comment - for i := 0; i < len(issue.Comments); i++ { - cur = issue.Comments[i] - if i > 0 { - prev = issue.Comments[i-1] - } - if i == 0 || cur.Type != issues_model.CommentTypeLabel || - (prev != nil && prev.PosterID != cur.PosterID) || - (prev != nil && cur.CreatedUnix-prev.CreatedUnix >= 60) { - if cur.Type == issues_model.CommentTypeLabel && cur.Label != nil { - if cur.Content != "1" { - cur.RemovedLabels = append(cur.RemovedLabels, cur.Label) - } else { - cur.AddedLabels = append(cur.AddedLabels, cur.Label) - } - } - continue - } - - if cur.Label != nil { // now cur MUST be label comment - if prev.Type == issues_model.CommentTypeLabel { // we can combine them only prev is a label comment - if cur.Content != "1" { - // remove labels from the AddedLabels list if the label that was removed is already - // in this list, and if it's not in this list, add the label to RemovedLabels - addedAndRemoved := false - for i, label := range prev.AddedLabels { - if cur.Label.ID == label.ID { - prev.AddedLabels = append(prev.AddedLabels[:i], prev.AddedLabels[i+1:]...) - addedAndRemoved = true - break - } - } - if !addedAndRemoved { - prev.RemovedLabels = append(prev.RemovedLabels, cur.Label) - } - } else { - // remove labels from the RemovedLabels list if the label that was added is already - // in this list, and if it's not in this list, add the label to AddedLabels - removedAndAdded := false - for i, label := range prev.RemovedLabels { - if cur.Label.ID == label.ID { - prev.RemovedLabels = append(prev.RemovedLabels[:i], prev.RemovedLabels[i+1:]...) - removedAndAdded = true - break - } - } - if !removedAndAdded { - prev.AddedLabels = append(prev.AddedLabels, cur.Label) - } - } - prev.CreatedUnix = cur.CreatedUnix - // remove the current comment since it has been combined to prev comment - issue.Comments = append(issue.Comments[:i], issue.Comments[i+1:]...) - i-- - } else { // if prev is not a label comment, start a new group - if cur.Content != "1" { - cur.RemovedLabels = append(cur.RemovedLabels, cur.Label) - } else { - cur.AddedLabels = append(cur.AddedLabels, cur.Label) - } - } - } - } -} - // get all teams that current user can mention func handleTeamMentions(ctx *context.Context) { if ctx.Doer == nil || !ctx.Repo.Owner.IsOrganization() { @@ -3779,53 +683,3 @@ func handleTeamMentions(ctx *context.Context) { ctx.Data["MentionableTeamsOrg"] = ctx.Repo.Owner.Name ctx.Data["MentionableTeamsOrgAvatar"] = ctx.Repo.Owner.AvatarLink(ctx) } - -type userSearchInfo struct { - UserID int64 `json:"user_id"` - UserName string `json:"username"` - AvatarLink string `json:"avatar_link"` - FullName string `json:"full_name"` -} - -type userSearchResponse struct { - Results []*userSearchInfo `json:"results"` -} - -// IssuePosters get posters for current repo's issues/pull requests -func IssuePosters(ctx *context.Context) { - issuePosters(ctx, false) -} - -func PullPosters(ctx *context.Context) { - issuePosters(ctx, true) -} - -func issuePosters(ctx *context.Context, isPullList bool) { - repo := ctx.Repo.Repository - search := strings.TrimSpace(ctx.FormString("q")) - posters, err := repo_model.GetIssuePostersWithSearch(ctx, repo, isPullList, search, setting.UI.DefaultShowFullName) - if err != nil { - ctx.JSON(http.StatusInternalServerError, err) - return - } - - if search == "" && ctx.Doer != nil { - // the returned posters slice only contains limited number of users, - // to make the current user (doer) can quickly filter their own issues, always add doer to the posters slice - if !slices.ContainsFunc(posters, func(user *user_model.User) bool { return user.ID == ctx.Doer.ID }) { - posters = append(posters, ctx.Doer) - } - } - - posters = shared_user.MakeSelfOnTop(ctx.Doer, posters) - - resp := &userSearchResponse{} - resp.Results = make([]*userSearchInfo, len(posters)) - for i, user := range posters { - resp.Results[i] = &userSearchInfo{UserID: user.ID, UserName: user.Name, AvatarLink: user.AvatarLink(ctx)} - if setting.UI.DefaultShowFullName { - resp.Results[i].FullName = user.FullName - } - } - ctx.JSON(http.StatusOK, resp) -} diff --git a/routers/web/repo/issue_comment.go b/routers/web/repo/issue_comment.go new file mode 100644 index 0000000000..6f0fa938ce --- /dev/null +++ b/routers/web/repo/issue_comment.go @@ -0,0 +1,472 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package repo + +import ( + "errors" + "fmt" + "html/template" + "net/http" + + issues_model "code.gitea.io/gitea/models/issues" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/git" + "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/markup" + "code.gitea.io/gitea/modules/markup/markdown" + repo_module "code.gitea.io/gitea/modules/repository" + "code.gitea.io/gitea/modules/setting" + api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" + "code.gitea.io/gitea/services/context" + "code.gitea.io/gitea/services/convert" + "code.gitea.io/gitea/services/forms" + issue_service "code.gitea.io/gitea/services/issue" + pull_service "code.gitea.io/gitea/services/pull" +) + +// NewComment create a comment for issue +func NewComment(ctx *context.Context) { + form := web.GetForm(ctx).(*forms.CreateCommentForm) + issue := GetActionIssue(ctx) + if ctx.Written() { + return + } + + if !ctx.IsSigned || (ctx.Doer.ID != issue.PosterID && !ctx.Repo.CanReadIssuesOrPulls(issue.IsPull)) { + if log.IsTrace() { + if ctx.IsSigned { + issueType := "issues" + if issue.IsPull { + issueType = "pulls" + } + log.Trace("Permission Denied: User %-v not the Poster (ID: %d) and cannot read %s in Repo %-v.\n"+ + "User in Repo has Permissions: %-+v", + ctx.Doer, + issue.PosterID, + issueType, + ctx.Repo.Repository, + ctx.Repo.Permission) + } else { + log.Trace("Permission Denied: Not logged in") + } + } + + ctx.Error(http.StatusForbidden) + return + } + + if issue.IsLocked && !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) && !ctx.Doer.IsAdmin { + ctx.JSONError(ctx.Tr("repo.issues.comment_on_locked")) + return + } + + var attachments []string + if setting.Attachment.Enabled { + attachments = form.Files + } + + if ctx.HasError() { + ctx.JSONError(ctx.GetErrMsg()) + return + } + + var comment *issues_model.Comment + defer func() { + // Check if issue admin/poster changes the status of issue. + if (ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) || (ctx.IsSigned && issue.IsPoster(ctx.Doer.ID))) && + (form.Status == "reopen" || form.Status == "close") && + !(issue.IsPull && issue.PullRequest.HasMerged) { + // Duplication and conflict check should apply to reopen pull request. + var pr *issues_model.PullRequest + + if form.Status == "reopen" && issue.IsPull { + pull := issue.PullRequest + var err error + pr, err = issues_model.GetUnmergedPullRequest(ctx, pull.HeadRepoID, pull.BaseRepoID, pull.HeadBranch, pull.BaseBranch, pull.Flow) + if err != nil { + if !issues_model.IsErrPullRequestNotExist(err) { + ctx.JSONError(ctx.Tr("repo.issues.dependency.pr_close_blocked")) + return + } + } + + // Regenerate patch and test conflict. + if pr == nil { + issue.PullRequest.HeadCommitID = "" + pull_service.AddToTaskQueue(ctx, issue.PullRequest) + } + + // check whether the ref of PR in base repo is consistent with the head commit of head branch in the head repo + // get head commit of PR + if pull.Flow == issues_model.PullRequestFlowGithub { + prHeadRef := pull.GetGitRefName() + if err := pull.LoadBaseRepo(ctx); err != nil { + ctx.ServerError("Unable to load base repo", err) + return + } + prHeadCommitID, err := git.GetFullCommitID(ctx, pull.BaseRepo.RepoPath(), prHeadRef) + if err != nil { + ctx.ServerError("Get head commit Id of pr fail", err) + return + } + + // get head commit of branch in the head repo + if err := pull.LoadHeadRepo(ctx); err != nil { + ctx.ServerError("Unable to load head repo", err) + return + } + if ok := git.IsBranchExist(ctx, pull.HeadRepo.RepoPath(), pull.BaseBranch); !ok { + // todo localize + ctx.JSONError("The origin branch is delete, cannot reopen.") + return + } + headBranchRef := pull.GetGitHeadBranchRefName() + headBranchCommitID, err := git.GetFullCommitID(ctx, pull.HeadRepo.RepoPath(), headBranchRef) + if err != nil { + ctx.ServerError("Get head commit Id of head branch fail", err) + return + } + + err = pull.LoadIssue(ctx) + if err != nil { + ctx.ServerError("load the issue of pull request error", err) + return + } + + if prHeadCommitID != headBranchCommitID { + // force push to base repo + err := git.Push(ctx, pull.HeadRepo.RepoPath(), git.PushOptions{ + Remote: pull.BaseRepo.RepoPath(), + Branch: pull.HeadBranch + ":" + prHeadRef, + Force: true, + Env: repo_module.InternalPushingEnvironment(pull.Issue.Poster, pull.BaseRepo), + }) + if err != nil { + ctx.ServerError("force push error", err) + return + } + } + } + } + + if pr != nil { + ctx.Flash.Info(ctx.Tr("repo.pulls.open_unmerged_pull_exists", pr.Index)) + } else { + isClosed := form.Status == "close" + if err := issue_service.ChangeStatus(ctx, issue, ctx.Doer, "", isClosed); err != nil { + log.Error("ChangeStatus: %v", err) + + if issues_model.IsErrDependenciesLeft(err) { + if issue.IsPull { + ctx.JSONError(ctx.Tr("repo.issues.dependency.pr_close_blocked")) + } else { + ctx.JSONError(ctx.Tr("repo.issues.dependency.issue_close_blocked")) + } + return + } + } else { + if err := stopTimerIfAvailable(ctx, ctx.Doer, issue); err != nil { + ctx.ServerError("CreateOrStopIssueStopwatch", err) + return + } + + log.Trace("Issue [%d] status changed to closed: %v", issue.ID, issue.IsClosed) + } + } + } + + // Redirect to comment hashtag if there is any actual content. + typeName := "issues" + if issue.IsPull { + typeName = "pulls" + } + if comment != nil { + ctx.JSONRedirect(fmt.Sprintf("%s/%s/%d#%s", ctx.Repo.RepoLink, typeName, issue.Index, comment.HashTag())) + } else { + ctx.JSONRedirect(fmt.Sprintf("%s/%s/%d", ctx.Repo.RepoLink, typeName, issue.Index)) + } + }() + + // Fix #321: Allow empty comments, as long as we have attachments. + if len(form.Content) == 0 && len(attachments) == 0 { + return + } + + comment, err := issue_service.CreateIssueComment(ctx, ctx.Doer, ctx.Repo.Repository, issue, form.Content, attachments) + if err != nil { + if errors.Is(err, user_model.ErrBlockedUser) { + ctx.JSONError(ctx.Tr("repo.issues.comment.blocked_user")) + } else { + ctx.ServerError("CreateIssueComment", err) + } + return + } + + log.Trace("Comment created: %d/%d/%d", ctx.Repo.Repository.ID, issue.ID, comment.ID) +} + +// UpdateCommentContent change comment of issue's content +func UpdateCommentContent(ctx *context.Context) { + comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64(":id")) + if err != nil { + ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err) + return + } + + if err := comment.LoadIssue(ctx); err != nil { + ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err) + return + } + + if comment.Issue.RepoID != ctx.Repo.Repository.ID { + ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{}) + return + } + + if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) { + ctx.Error(http.StatusForbidden) + return + } + + if !comment.Type.HasContentSupport() { + ctx.Error(http.StatusNoContent) + return + } + + oldContent := comment.Content + newContent := ctx.FormString("content") + contentVersion := ctx.FormInt("content_version") + + // allow to save empty content + comment.Content = newContent + if err = issue_service.UpdateComment(ctx, comment, contentVersion, ctx.Doer, oldContent); err != nil { + if errors.Is(err, user_model.ErrBlockedUser) { + ctx.JSONError(ctx.Tr("repo.issues.comment.blocked_user")) + } else if errors.Is(err, issues_model.ErrCommentAlreadyChanged) { + ctx.JSONError(ctx.Tr("repo.comments.edit.already_changed")) + } else { + ctx.ServerError("UpdateComment", err) + } + return + } + + if err := comment.LoadAttachments(ctx); err != nil { + ctx.ServerError("LoadAttachments", err) + return + } + + // when the update request doesn't intend to update attachments (eg: change checkbox state), ignore attachment updates + if !ctx.FormBool("ignore_attachments") { + if err := updateAttachments(ctx, comment, ctx.FormStrings("files[]")); err != nil { + ctx.ServerError("UpdateAttachments", err) + return + } + } + + var renderedContent template.HTML + if comment.Content != "" { + renderedContent, err = markdown.RenderString(&markup.RenderContext{ + Links: markup.Links{ + Base: ctx.FormString("context"), // FIXME: <- IS THIS SAFE ? + }, + Metas: ctx.Repo.Repository.ComposeMetas(ctx), + GitRepo: ctx.Repo.GitRepo, + Repo: ctx.Repo.Repository, + Ctx: ctx, + }, comment.Content) + if err != nil { + ctx.ServerError("RenderString", err) + return + } + } else { + contentEmpty := fmt.Sprintf(`%s`, ctx.Tr("repo.issues.no_content")) + renderedContent = template.HTML(contentEmpty) + } + + ctx.JSON(http.StatusOK, map[string]any{ + "content": renderedContent, + "contentVersion": comment.ContentVersion, + "attachments": attachmentsHTML(ctx, comment.Attachments, comment.Content), + }) +} + +// DeleteComment delete comment of issue +func DeleteComment(ctx *context.Context) { + comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64(":id")) + if err != nil { + ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err) + return + } + + if err := comment.LoadIssue(ctx); err != nil { + ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err) + return + } + + if comment.Issue.RepoID != ctx.Repo.Repository.ID { + ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{}) + return + } + + if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) { + ctx.Error(http.StatusForbidden) + return + } else if !comment.Type.HasContentSupport() { + ctx.Error(http.StatusNoContent) + return + } + + if err = issue_service.DeleteComment(ctx, ctx.Doer, comment); err != nil { + ctx.ServerError("DeleteComment", err) + return + } + + ctx.Status(http.StatusOK) +} + +// ChangeCommentReaction create a reaction for comment +func ChangeCommentReaction(ctx *context.Context) { + form := web.GetForm(ctx).(*forms.ReactionForm) + comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64(":id")) + if err != nil { + ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err) + return + } + + if err := comment.LoadIssue(ctx); err != nil { + ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err) + return + } + + if comment.Issue.RepoID != ctx.Repo.Repository.ID { + ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{}) + return + } + + if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanReadIssuesOrPulls(comment.Issue.IsPull)) { + if log.IsTrace() { + if ctx.IsSigned { + issueType := "issues" + if comment.Issue.IsPull { + issueType = "pulls" + } + log.Trace("Permission Denied: User %-v not the Poster (ID: %d) and cannot read %s in Repo %-v.\n"+ + "User in Repo has Permissions: %-+v", + ctx.Doer, + comment.Issue.PosterID, + issueType, + ctx.Repo.Repository, + ctx.Repo.Permission) + } else { + log.Trace("Permission Denied: Not logged in") + } + } + + ctx.Error(http.StatusForbidden) + return + } + + if !comment.Type.HasContentSupport() { + ctx.Error(http.StatusNoContent) + return + } + + switch ctx.PathParam(":action") { + case "react": + reaction, err := issue_service.CreateCommentReaction(ctx, ctx.Doer, comment, form.Content) + if err != nil { + if issues_model.IsErrForbiddenIssueReaction(err) || errors.Is(err, user_model.ErrBlockedUser) { + ctx.ServerError("ChangeIssueReaction", err) + return + } + log.Info("CreateCommentReaction: %s", err) + break + } + // Reload new reactions + comment.Reactions = nil + if err = comment.LoadReactions(ctx, ctx.Repo.Repository); err != nil { + log.Info("comment.LoadReactions: %s", err) + break + } + + log.Trace("Reaction for comment created: %d/%d/%d/%d", ctx.Repo.Repository.ID, comment.Issue.ID, comment.ID, reaction.ID) + case "unreact": + if err := issues_model.DeleteCommentReaction(ctx, ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Content); err != nil { + ctx.ServerError("DeleteCommentReaction", err) + return + } + + // Reload new reactions + comment.Reactions = nil + if err = comment.LoadReactions(ctx, ctx.Repo.Repository); err != nil { + log.Info("comment.LoadReactions: %s", err) + break + } + + log.Trace("Reaction for comment removed: %d/%d/%d", ctx.Repo.Repository.ID, comment.Issue.ID, comment.ID) + default: + ctx.NotFound(fmt.Sprintf("Unknown action %s", ctx.PathParam(":action")), nil) + return + } + + if len(comment.Reactions) == 0 { + ctx.JSON(http.StatusOK, map[string]any{ + "empty": true, + "html": "", + }) + return + } + + html, err := ctx.RenderToHTML(tplReactions, map[string]any{ + "ActionURL": fmt.Sprintf("%s/comments/%d/reactions", ctx.Repo.RepoLink, comment.ID), + "Reactions": comment.Reactions.GroupByType(), + }) + if err != nil { + ctx.ServerError("ChangeCommentReaction.HTMLString", err) + return + } + ctx.JSON(http.StatusOK, map[string]any{ + "html": html, + }) +} + +// GetCommentAttachments returns attachments for the comment +func GetCommentAttachments(ctx *context.Context) { + comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64(":id")) + if err != nil { + ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err) + return + } + + if err := comment.LoadIssue(ctx); err != nil { + ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err) + return + } + + if comment.Issue.RepoID != ctx.Repo.Repository.ID { + ctx.NotFound("CompareRepoID", issues_model.ErrCommentNotExist{}) + return + } + + if !ctx.Repo.Permission.CanReadIssuesOrPulls(comment.Issue.IsPull) { + ctx.NotFound("CanReadIssuesOrPulls", issues_model.ErrCommentNotExist{}) + return + } + + if !comment.Type.HasAttachmentSupport() { + ctx.ServerError("GetCommentAttachments", fmt.Errorf("comment type %v does not support attachments", comment.Type)) + return + } + + attachments := make([]*api.Attachment, 0) + if err := comment.LoadAttachments(ctx); err != nil { + ctx.ServerError("LoadAttachments", err) + return + } + for i := 0; i < len(comment.Attachments); i++ { + attachments = append(attachments, convert.ToAttachment(ctx.Repo.Repository, comment.Attachments[i])) + } + ctx.JSON(http.StatusOK, attachments) +} diff --git a/routers/web/repo/issue_list.go b/routers/web/repo/issue_list.go new file mode 100644 index 0000000000..ee2fc080f5 --- /dev/null +++ b/routers/web/repo/issue_list.go @@ -0,0 +1,882 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package repo + +import ( + "bytes" + "fmt" + "net/http" + "net/url" + "strconv" + "strings" + + "code.gitea.io/gitea/models/db" + git_model "code.gitea.io/gitea/models/git" + issues_model "code.gitea.io/gitea/models/issues" + "code.gitea.io/gitea/models/organization" + repo_model "code.gitea.io/gitea/models/repo" + "code.gitea.io/gitea/models/unit" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/base" + issue_indexer "code.gitea.io/gitea/modules/indexer/issues" + "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/optional" + "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/util" + shared_user "code.gitea.io/gitea/routers/web/shared/user" + "code.gitea.io/gitea/services/context" + "code.gitea.io/gitea/services/convert" + issue_service "code.gitea.io/gitea/services/issue" + pull_service "code.gitea.io/gitea/services/pull" +) + +func issueIDsFromSearch(ctx *context.Context, keyword string, opts *issues_model.IssuesOptions) ([]int64, error) { + ids, _, err := issue_indexer.SearchIssues(ctx, issue_indexer.ToSearchOptions(keyword, opts)) + if err != nil { + return nil, fmt.Errorf("SearchIssues: %w", err) + } + return ids, nil +} + +func retrieveProjectsForIssueList(ctx *context.Context, repo *repo_model.Repository) { + ctx.Data["OpenProjects"], ctx.Data["ClosedProjects"] = retrieveProjectsInternal(ctx, repo) +} + +// SearchIssues searches for issues across the repositories that the user has access to +func SearchIssues(ctx *context.Context) { + before, since, err := context.GetQueryBeforeSince(ctx.Base) + if err != nil { + ctx.Error(http.StatusUnprocessableEntity, err.Error()) + return + } + + var isClosed optional.Option[bool] + switch ctx.FormString("state") { + case "closed": + isClosed = optional.Some(true) + case "all": + isClosed = optional.None[bool]() + default: + isClosed = optional.Some(false) + } + + var ( + repoIDs []int64 + allPublic bool + ) + { + // find repos user can access (for issue search) + opts := &repo_model.SearchRepoOptions{ + Private: false, + AllPublic: true, + TopicOnly: false, + Collaborate: optional.None[bool](), + // This needs to be a column that is not nil in fixtures or + // MySQL will return different results when sorting by null in some cases + OrderBy: db.SearchOrderByAlphabetically, + Actor: ctx.Doer, + } + if ctx.IsSigned { + opts.Private = true + opts.AllLimited = true + } + if ctx.FormString("owner") != "" { + owner, err := user_model.GetUserByName(ctx, ctx.FormString("owner")) + if err != nil { + if user_model.IsErrUserNotExist(err) { + ctx.Error(http.StatusBadRequest, "Owner not found", err.Error()) + } else { + ctx.Error(http.StatusInternalServerError, "GetUserByName", err.Error()) + } + return + } + opts.OwnerID = owner.ID + opts.AllLimited = false + opts.AllPublic = false + opts.Collaborate = optional.Some(false) + } + if ctx.FormString("team") != "" { + if ctx.FormString("owner") == "" { + ctx.Error(http.StatusBadRequest, "", "Owner organisation is required for filtering on team") + return + } + team, err := organization.GetTeam(ctx, opts.OwnerID, ctx.FormString("team")) + if err != nil { + if organization.IsErrTeamNotExist(err) { + ctx.Error(http.StatusBadRequest, "Team not found", err.Error()) + } else { + ctx.Error(http.StatusInternalServerError, "GetUserByName", err.Error()) + } + return + } + opts.TeamID = team.ID + } + + if opts.AllPublic { + allPublic = true + opts.AllPublic = false // set it false to avoid returning too many repos, we could filter by indexer + } + repoIDs, _, err = repo_model.SearchRepositoryIDs(ctx, opts) + if err != nil { + ctx.Error(http.StatusInternalServerError, "SearchRepositoryIDs", err.Error()) + return + } + if len(repoIDs) == 0 { + // no repos found, don't let the indexer return all repos + repoIDs = []int64{0} + } + } + + keyword := ctx.FormTrim("q") + if strings.IndexByte(keyword, 0) >= 0 { + keyword = "" + } + + isPull := optional.None[bool]() + switch ctx.FormString("type") { + case "pulls": + isPull = optional.Some(true) + case "issues": + isPull = optional.Some(false) + } + + var includedAnyLabels []int64 + { + labels := ctx.FormTrim("labels") + var includedLabelNames []string + if len(labels) > 0 { + includedLabelNames = strings.Split(labels, ",") + } + includedAnyLabels, err = issues_model.GetLabelIDsByNames(ctx, includedLabelNames) + if err != nil { + ctx.Error(http.StatusInternalServerError, "GetLabelIDsByNames", err.Error()) + return + } + } + + var includedMilestones []int64 + { + milestones := ctx.FormTrim("milestones") + var includedMilestoneNames []string + if len(milestones) > 0 { + includedMilestoneNames = strings.Split(milestones, ",") + } + includedMilestones, err = issues_model.GetMilestoneIDsByNames(ctx, includedMilestoneNames) + if err != nil { + ctx.Error(http.StatusInternalServerError, "GetMilestoneIDsByNames", err.Error()) + return + } + } + + projectID := optional.None[int64]() + if v := ctx.FormInt64("project"); v > 0 { + projectID = optional.Some(v) + } + + // this api is also used in UI, + // so the default limit is set to fit UI needs + limit := ctx.FormInt("limit") + if limit == 0 { + limit = setting.UI.IssuePagingNum + } else if limit > setting.API.MaxResponseItems { + limit = setting.API.MaxResponseItems + } + + searchOpt := &issue_indexer.SearchOptions{ + Paginator: &db.ListOptions{ + Page: ctx.FormInt("page"), + PageSize: limit, + }, + Keyword: keyword, + RepoIDs: repoIDs, + AllPublic: allPublic, + IsPull: isPull, + IsClosed: isClosed, + IncludedAnyLabelIDs: includedAnyLabels, + MilestoneIDs: includedMilestones, + ProjectID: projectID, + SortBy: issue_indexer.SortByCreatedDesc, + } + + if since != 0 { + searchOpt.UpdatedAfterUnix = optional.Some(since) + } + if before != 0 { + searchOpt.UpdatedBeforeUnix = optional.Some(before) + } + + if ctx.IsSigned { + ctxUserID := ctx.Doer.ID + if ctx.FormBool("created") { + searchOpt.PosterID = optional.Some(ctxUserID) + } + if ctx.FormBool("assigned") { + searchOpt.AssigneeID = optional.Some(ctxUserID) + } + if ctx.FormBool("mentioned") { + searchOpt.MentionID = optional.Some(ctxUserID) + } + if ctx.FormBool("review_requested") { + searchOpt.ReviewRequestedID = optional.Some(ctxUserID) + } + if ctx.FormBool("reviewed") { + searchOpt.ReviewedID = optional.Some(ctxUserID) + } + } + + // FIXME: It's unsupported to sort by priority repo when searching by indexer, + // it's indeed an regression, but I think it is worth to support filtering by indexer first. + _ = ctx.FormInt64("priority_repo_id") + + ids, total, err := issue_indexer.SearchIssues(ctx, searchOpt) + if err != nil { + ctx.Error(http.StatusInternalServerError, "SearchIssues", err.Error()) + return + } + issues, err := issues_model.GetIssuesByIDs(ctx, ids, true) + if err != nil { + ctx.Error(http.StatusInternalServerError, "FindIssuesByIDs", err.Error()) + return + } + + ctx.SetTotalCountHeader(total) + ctx.JSON(http.StatusOK, convert.ToIssueList(ctx, ctx.Doer, issues)) +} + +func getUserIDForFilter(ctx *context.Context, queryName string) int64 { + userName := ctx.FormString(queryName) + if len(userName) == 0 { + return 0 + } + + user, err := user_model.GetUserByName(ctx, userName) + if user_model.IsErrUserNotExist(err) { + ctx.NotFound("", err) + return 0 + } + + if err != nil { + ctx.Error(http.StatusInternalServerError, err.Error()) + return 0 + } + + return user.ID +} + +// ListIssues list the issues of a repository +func ListIssues(ctx *context.Context) { + before, since, err := context.GetQueryBeforeSince(ctx.Base) + if err != nil { + ctx.Error(http.StatusUnprocessableEntity, err.Error()) + return + } + + var isClosed optional.Option[bool] + switch ctx.FormString("state") { + case "closed": + isClosed = optional.Some(true) + case "all": + isClosed = optional.None[bool]() + default: + isClosed = optional.Some(false) + } + + keyword := ctx.FormTrim("q") + if strings.IndexByte(keyword, 0) >= 0 { + keyword = "" + } + + var labelIDs []int64 + if splitted := strings.Split(ctx.FormString("labels"), ","); len(splitted) > 0 { + labelIDs, err = issues_model.GetLabelIDsInRepoByNames(ctx, ctx.Repo.Repository.ID, splitted) + if err != nil { + ctx.Error(http.StatusInternalServerError, err.Error()) + return + } + } + + var mileIDs []int64 + if part := strings.Split(ctx.FormString("milestones"), ","); len(part) > 0 { + for i := range part { + // uses names and fall back to ids + // non existent milestones are discarded + mile, err := issues_model.GetMilestoneByRepoIDANDName(ctx, ctx.Repo.Repository.ID, part[i]) + if err == nil { + mileIDs = append(mileIDs, mile.ID) + continue + } + if !issues_model.IsErrMilestoneNotExist(err) { + ctx.Error(http.StatusInternalServerError, err.Error()) + return + } + id, err := strconv.ParseInt(part[i], 10, 64) + if err != nil { + continue + } + mile, err = issues_model.GetMilestoneByRepoID(ctx, ctx.Repo.Repository.ID, id) + if err == nil { + mileIDs = append(mileIDs, mile.ID) + continue + } + if issues_model.IsErrMilestoneNotExist(err) { + continue + } + ctx.Error(http.StatusInternalServerError, err.Error()) + } + } + + projectID := optional.None[int64]() + if v := ctx.FormInt64("project"); v > 0 { + projectID = optional.Some(v) + } + + isPull := optional.None[bool]() + switch ctx.FormString("type") { + case "pulls": + isPull = optional.Some(true) + case "issues": + isPull = optional.Some(false) + } + + // FIXME: we should be more efficient here + createdByID := getUserIDForFilter(ctx, "created_by") + if ctx.Written() { + return + } + assignedByID := getUserIDForFilter(ctx, "assigned_by") + if ctx.Written() { + return + } + mentionedByID := getUserIDForFilter(ctx, "mentioned_by") + if ctx.Written() { + return + } + + searchOpt := &issue_indexer.SearchOptions{ + Paginator: &db.ListOptions{ + Page: ctx.FormInt("page"), + PageSize: convert.ToCorrectPageSize(ctx.FormInt("limit")), + }, + Keyword: keyword, + RepoIDs: []int64{ctx.Repo.Repository.ID}, + IsPull: isPull, + IsClosed: isClosed, + ProjectID: projectID, + SortBy: issue_indexer.SortByCreatedDesc, + } + if since != 0 { + searchOpt.UpdatedAfterUnix = optional.Some(since) + } + if before != 0 { + searchOpt.UpdatedBeforeUnix = optional.Some(before) + } + if len(labelIDs) == 1 && labelIDs[0] == 0 { + searchOpt.NoLabelOnly = true + } else { + for _, labelID := range labelIDs { + if labelID > 0 { + searchOpt.IncludedLabelIDs = append(searchOpt.IncludedLabelIDs, labelID) + } else { + searchOpt.ExcludedLabelIDs = append(searchOpt.ExcludedLabelIDs, -labelID) + } + } + } + + if len(mileIDs) == 1 && mileIDs[0] == db.NoConditionID { + searchOpt.MilestoneIDs = []int64{0} + } else { + searchOpt.MilestoneIDs = mileIDs + } + + if createdByID > 0 { + searchOpt.PosterID = optional.Some(createdByID) + } + if assignedByID > 0 { + searchOpt.AssigneeID = optional.Some(assignedByID) + } + if mentionedByID > 0 { + searchOpt.MentionID = optional.Some(mentionedByID) + } + + ids, total, err := issue_indexer.SearchIssues(ctx, searchOpt) + if err != nil { + ctx.Error(http.StatusInternalServerError, "SearchIssues", err.Error()) + return + } + issues, err := issues_model.GetIssuesByIDs(ctx, ids, true) + if err != nil { + ctx.Error(http.StatusInternalServerError, "FindIssuesByIDs", err.Error()) + return + } + + ctx.SetTotalCountHeader(total) + ctx.JSON(http.StatusOK, convert.ToIssueList(ctx, ctx.Doer, issues)) +} + +func BatchDeleteIssues(ctx *context.Context) { + issues := getActionIssues(ctx) + if ctx.Written() { + return + } + for _, issue := range issues { + if err := issue_service.DeleteIssue(ctx, ctx.Doer, ctx.Repo.GitRepo, issue); err != nil { + ctx.ServerError("DeleteIssue", err) + return + } + } + ctx.JSONOK() +} + +// UpdateIssueStatus change issue's status +func UpdateIssueStatus(ctx *context.Context) { + issues := getActionIssues(ctx) + if ctx.Written() { + return + } + + var isClosed bool + switch action := ctx.FormString("action"); action { + case "open": + isClosed = false + case "close": + isClosed = true + default: + log.Warn("Unrecognized action: %s", action) + } + + if _, err := issues.LoadRepositories(ctx); err != nil { + ctx.ServerError("LoadRepositories", err) + return + } + if err := issues.LoadPullRequests(ctx); err != nil { + ctx.ServerError("LoadPullRequests", err) + return + } + + for _, issue := range issues { + if issue.IsPull && issue.PullRequest.HasMerged { + continue + } + if issue.IsClosed != isClosed { + if err := issue_service.ChangeStatus(ctx, issue, ctx.Doer, "", isClosed); err != nil { + if issues_model.IsErrDependenciesLeft(err) { + ctx.JSON(http.StatusPreconditionFailed, map[string]any{ + "error": ctx.Tr("repo.issues.dependency.issue_batch_close_blocked", issue.Index), + }) + return + } + ctx.ServerError("ChangeStatus", err) + return + } + } + } + ctx.JSONOK() +} + +func renderMilestones(ctx *context.Context) { + // Get milestones + milestones, err := db.Find[issues_model.Milestone](ctx, issues_model.FindMilestoneOptions{ + RepoID: ctx.Repo.Repository.ID, + }) + if err != nil { + ctx.ServerError("GetAllRepoMilestones", err) + return + } + + openMilestones, closedMilestones := issues_model.MilestoneList{}, issues_model.MilestoneList{} + for _, milestone := range milestones { + if milestone.IsClosed { + closedMilestones = append(closedMilestones, milestone) + } else { + openMilestones = append(openMilestones, milestone) + } + } + ctx.Data["OpenMilestones"] = openMilestones + ctx.Data["ClosedMilestones"] = closedMilestones +} + +func issues(ctx *context.Context, milestoneID, projectID int64, isPullOption optional.Option[bool]) { + var err error + viewType := ctx.FormString("type") + sortType := ctx.FormString("sort") + types := []string{"all", "your_repositories", "assigned", "created_by", "mentioned", "review_requested", "reviewed_by"} + if !util.SliceContainsString(types, viewType, true) { + viewType = "all" + } + + var ( + assigneeID = ctx.FormInt64("assignee") + posterID = ctx.FormInt64("poster") + mentionedID int64 + reviewRequestedID int64 + reviewedID int64 + ) + + if ctx.IsSigned { + switch viewType { + case "created_by": + posterID = ctx.Doer.ID + case "mentioned": + mentionedID = ctx.Doer.ID + case "assigned": + assigneeID = ctx.Doer.ID + case "review_requested": + reviewRequestedID = ctx.Doer.ID + case "reviewed_by": + reviewedID = ctx.Doer.ID + } + } + + repo := ctx.Repo.Repository + var labelIDs []int64 + // 1,-2 means including label 1 and excluding label 2 + // 0 means issues with no label + // blank means labels will not be filtered for issues + selectLabels := ctx.FormString("labels") + if selectLabels == "" { + ctx.Data["AllLabels"] = true + } else if selectLabels == "0" { + ctx.Data["NoLabel"] = true + } + if len(selectLabels) > 0 { + labelIDs, err = base.StringsToInt64s(strings.Split(selectLabels, ",")) + if err != nil { + ctx.Flash.Error(ctx.Tr("invalid_data", selectLabels), true) + } + } + + keyword := strings.Trim(ctx.FormString("q"), " ") + if bytes.Contains([]byte(keyword), []byte{0x00}) { + keyword = "" + } + + var mileIDs []int64 + if milestoneID > 0 || milestoneID == db.NoConditionID { // -1 to get those issues which have no any milestone assigned + mileIDs = []int64{milestoneID} + } + + var issueStats *issues_model.IssueStats + statsOpts := &issues_model.IssuesOptions{ + RepoIDs: []int64{repo.ID}, + LabelIDs: labelIDs, + MilestoneIDs: mileIDs, + ProjectID: projectID, + AssigneeID: assigneeID, + MentionedID: mentionedID, + PosterID: posterID, + ReviewRequestedID: reviewRequestedID, + ReviewedID: reviewedID, + IsPull: isPullOption, + IssueIDs: nil, + } + if keyword != "" { + allIssueIDs, err := issueIDsFromSearch(ctx, keyword, statsOpts) + if err != nil { + if issue_indexer.IsAvailable(ctx) { + ctx.ServerError("issueIDsFromSearch", err) + return + } + ctx.Data["IssueIndexerUnavailable"] = true + return + } + statsOpts.IssueIDs = allIssueIDs + } + if keyword != "" && len(statsOpts.IssueIDs) == 0 { + // So it did search with the keyword, but no issue found. + // Just set issueStats to empty. + issueStats = &issues_model.IssueStats{} + } else { + // So it did search with the keyword, and found some issues. It needs to get issueStats of these issues. + // Or the keyword is empty, so it doesn't need issueIDs as filter, just get issueStats with statsOpts. + issueStats, err = issues_model.GetIssueStats(ctx, statsOpts) + if err != nil { + ctx.ServerError("GetIssueStats", err) + return + } + } + + var isShowClosed optional.Option[bool] + switch ctx.FormString("state") { + case "closed": + isShowClosed = optional.Some(true) + case "all": + isShowClosed = optional.None[bool]() + default: + isShowClosed = optional.Some(false) + } + // if there are closed issues and no open issues, default to showing all issues + if len(ctx.FormString("state")) == 0 && issueStats.OpenCount == 0 && issueStats.ClosedCount != 0 { + isShowClosed = optional.None[bool]() + } + + if repo.IsTimetrackerEnabled(ctx) { + totalTrackedTime, err := issues_model.GetIssueTotalTrackedTime(ctx, statsOpts, isShowClosed) + if err != nil { + ctx.ServerError("GetIssueTotalTrackedTime", err) + return + } + ctx.Data["TotalTrackedTime"] = totalTrackedTime + } + + archived := ctx.FormBool("archived") + + page := ctx.FormInt("page") + if page <= 1 { + page = 1 + } + + var total int + switch { + case isShowClosed.Value(): + total = int(issueStats.ClosedCount) + case !isShowClosed.Has(): + total = int(issueStats.OpenCount + issueStats.ClosedCount) + default: + total = int(issueStats.OpenCount) + } + pager := context.NewPagination(total, setting.UI.IssuePagingNum, page, 5) + + var issues issues_model.IssueList + { + ids, err := issueIDsFromSearch(ctx, keyword, &issues_model.IssuesOptions{ + Paginator: &db.ListOptions{ + Page: pager.Paginater.Current(), + PageSize: setting.UI.IssuePagingNum, + }, + RepoIDs: []int64{repo.ID}, + AssigneeID: assigneeID, + PosterID: posterID, + MentionedID: mentionedID, + ReviewRequestedID: reviewRequestedID, + ReviewedID: reviewedID, + MilestoneIDs: mileIDs, + ProjectID: projectID, + IsClosed: isShowClosed, + IsPull: isPullOption, + LabelIDs: labelIDs, + SortType: sortType, + }) + if err != nil { + if issue_indexer.IsAvailable(ctx) { + ctx.ServerError("issueIDsFromSearch", err) + return + } + ctx.Data["IssueIndexerUnavailable"] = true + return + } + issues, err = issues_model.GetIssuesByIDs(ctx, ids, true) + if err != nil { + ctx.ServerError("GetIssuesByIDs", err) + return + } + } + + approvalCounts, err := issues.GetApprovalCounts(ctx) + if err != nil { + ctx.ServerError("ApprovalCounts", err) + return + } + + if ctx.IsSigned { + if err := issues.LoadIsRead(ctx, ctx.Doer.ID); err != nil { + ctx.ServerError("LoadIsRead", err) + return + } + } else { + for i := range issues { + issues[i].IsRead = true + } + } + + commitStatuses, lastStatus, err := pull_service.GetIssuesAllCommitStatus(ctx, issues) + if err != nil { + ctx.ServerError("GetIssuesAllCommitStatus", err) + return + } + if !ctx.Repo.CanRead(unit.TypeActions) { + for key := range commitStatuses { + git_model.CommitStatusesHideActionsURL(ctx, commitStatuses[key]) + } + } + + if err := issues.LoadAttributes(ctx); err != nil { + ctx.ServerError("issues.LoadAttributes", err) + return + } + + ctx.Data["Issues"] = issues + ctx.Data["CommitLastStatus"] = lastStatus + ctx.Data["CommitStatuses"] = commitStatuses + + // Get assignees. + assigneeUsers, err := repo_model.GetRepoAssignees(ctx, repo) + if err != nil { + ctx.ServerError("GetRepoAssignees", err) + return + } + ctx.Data["Assignees"] = shared_user.MakeSelfOnTop(ctx.Doer, assigneeUsers) + + handleTeamMentions(ctx) + if ctx.Written() { + return + } + + labels, err := issues_model.GetLabelsByRepoID(ctx, repo.ID, "", db.ListOptions{}) + if err != nil { + ctx.ServerError("GetLabelsByRepoID", err) + return + } + + if repo.Owner.IsOrganization() { + orgLabels, err := issues_model.GetLabelsByOrgID(ctx, repo.Owner.ID, ctx.FormString("sort"), db.ListOptions{}) + if err != nil { + ctx.ServerError("GetLabelsByOrgID", err) + return + } + + ctx.Data["OrgLabels"] = orgLabels + labels = append(labels, orgLabels...) + } + + // Get the exclusive scope for every label ID + labelExclusiveScopes := make([]string, 0, len(labelIDs)) + for _, labelID := range labelIDs { + foundExclusiveScope := false + for _, label := range labels { + if label.ID == labelID || label.ID == -labelID { + labelExclusiveScopes = append(labelExclusiveScopes, label.ExclusiveScope()) + foundExclusiveScope = true + break + } + } + if !foundExclusiveScope { + labelExclusiveScopes = append(labelExclusiveScopes, "") + } + } + + for _, l := range labels { + l.LoadSelectedLabelsAfterClick(labelIDs, labelExclusiveScopes) + } + ctx.Data["Labels"] = labels + ctx.Data["NumLabels"] = len(labels) + + if ctx.FormInt64("assignee") == 0 { + assigneeID = 0 // Reset ID to prevent unexpected selection of assignee. + } + + ctx.Data["IssueRefEndNames"], ctx.Data["IssueRefURLs"] = issue_service.GetRefEndNamesAndURLs(issues, ctx.Repo.RepoLink) + + ctx.Data["ApprovalCounts"] = func(issueID int64, typ string) int64 { + counts, ok := approvalCounts[issueID] + if !ok || len(counts) == 0 { + return 0 + } + reviewTyp := issues_model.ReviewTypeApprove + if typ == "reject" { + reviewTyp = issues_model.ReviewTypeReject + } else if typ == "waiting" { + reviewTyp = issues_model.ReviewTypeRequest + } + for _, count := range counts { + if count.Type == reviewTyp { + return count.Count + } + } + return 0 + } + + retrieveProjectsForIssueList(ctx, repo) + if ctx.Written() { + return + } + + pinned, err := issues_model.GetPinnedIssues(ctx, repo.ID, isPullOption.Value()) + if err != nil { + ctx.ServerError("GetPinnedIssues", err) + return + } + + ctx.Data["PinnedIssues"] = pinned + ctx.Data["IsRepoAdmin"] = ctx.IsSigned && (ctx.Repo.IsAdmin() || ctx.Doer.IsAdmin) + ctx.Data["IssueStats"] = issueStats + ctx.Data["OpenCount"] = issueStats.OpenCount + ctx.Data["ClosedCount"] = issueStats.ClosedCount + linkStr := "%s?q=%s&type=%s&sort=%s&state=%s&labels=%s&milestone=%d&project=%d&assignee=%d&poster=%d&archived=%t" + ctx.Data["AllStatesLink"] = fmt.Sprintf(linkStr, ctx.Link, + url.QueryEscape(keyword), url.QueryEscape(viewType), url.QueryEscape(sortType), "all", url.QueryEscape(selectLabels), + milestoneID, projectID, assigneeID, posterID, archived) + ctx.Data["OpenLink"] = fmt.Sprintf(linkStr, ctx.Link, + url.QueryEscape(keyword), url.QueryEscape(viewType), url.QueryEscape(sortType), "open", url.QueryEscape(selectLabels), + milestoneID, projectID, assigneeID, posterID, archived) + ctx.Data["ClosedLink"] = fmt.Sprintf(linkStr, ctx.Link, + url.QueryEscape(keyword), url.QueryEscape(viewType), url.QueryEscape(sortType), "closed", url.QueryEscape(selectLabels), + milestoneID, projectID, assigneeID, posterID, archived) + ctx.Data["SelLabelIDs"] = labelIDs + ctx.Data["SelectLabels"] = selectLabels + ctx.Data["ViewType"] = viewType + ctx.Data["SortType"] = sortType + ctx.Data["MilestoneID"] = milestoneID + ctx.Data["ProjectID"] = projectID + ctx.Data["AssigneeID"] = assigneeID + ctx.Data["PosterID"] = posterID + ctx.Data["Keyword"] = keyword + ctx.Data["IsShowClosed"] = isShowClosed + switch { + case isShowClosed.Value(): + ctx.Data["State"] = "closed" + case !isShowClosed.Has(): + ctx.Data["State"] = "all" + default: + ctx.Data["State"] = "open" + } + ctx.Data["ShowArchivedLabels"] = archived + + pager.AddParamString("q", keyword) + pager.AddParamString("type", viewType) + pager.AddParamString("sort", sortType) + pager.AddParamString("state", fmt.Sprint(ctx.Data["State"])) + pager.AddParamString("labels", fmt.Sprint(selectLabels)) + pager.AddParamString("milestone", fmt.Sprint(milestoneID)) + pager.AddParamString("project", fmt.Sprint(projectID)) + pager.AddParamString("assignee", fmt.Sprint(assigneeID)) + pager.AddParamString("poster", fmt.Sprint(posterID)) + pager.AddParamString("archived", fmt.Sprint(archived)) + + ctx.Data["Page"] = pager +} + +// Issues render issues page +func Issues(ctx *context.Context) { + isPullList := ctx.PathParam(":type") == "pulls" + if isPullList { + MustAllowPulls(ctx) + if ctx.Written() { + return + } + ctx.Data["Title"] = ctx.Tr("repo.pulls") + ctx.Data["PageIsPullList"] = true + } else { + MustEnableIssues(ctx) + if ctx.Written() { + return + } + ctx.Data["Title"] = ctx.Tr("repo.issues") + ctx.Data["PageIsIssueList"] = true + ctx.Data["NewIssueChooseTemplate"] = issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) + } + + issues(ctx, ctx.FormInt64("milestone"), ctx.FormInt64("project"), optional.Some(isPullList)) + if ctx.Written() { + return + } + + renderMilestones(ctx) + if ctx.Written() { + return + } + + ctx.Data["CanWriteIssuesOrPulls"] = ctx.Repo.CanWriteIssuesOrPulls(isPullList) + + ctx.HTML(http.StatusOK, tplIssues) +} diff --git a/routers/web/repo/issue_new.go b/routers/web/repo/issue_new.go new file mode 100644 index 0000000000..9a941ce857 --- /dev/null +++ b/routers/web/repo/issue_new.go @@ -0,0 +1,403 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package repo + +import ( + "errors" + "fmt" + "html/template" + "net/http" + "slices" + "sort" + "strconv" + "strings" + + issues_model "code.gitea.io/gitea/models/issues" + "code.gitea.io/gitea/models/organization" + project_model "code.gitea.io/gitea/models/project" + repo_model "code.gitea.io/gitea/models/repo" + "code.gitea.io/gitea/models/unit" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/base" + "code.gitea.io/gitea/modules/container" + "code.gitea.io/gitea/modules/git" + issue_template "code.gitea.io/gitea/modules/issue/template" + "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/setting" + api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" + "code.gitea.io/gitea/routers/utils" + "code.gitea.io/gitea/services/context" + "code.gitea.io/gitea/services/context/upload" + "code.gitea.io/gitea/services/forms" + issue_service "code.gitea.io/gitea/services/issue" +) + +// Tries to load and set an issue template. The first return value indicates if a template was loaded. +func setTemplateIfExists(ctx *context.Context, ctxDataKey string, possibleFiles []string, metaData *IssuePageMetaData) (bool, map[string]error) { + commit, err := ctx.Repo.GitRepo.GetBranchCommit(ctx.Repo.Repository.DefaultBranch) + if err != nil { + return false, nil + } + + templateCandidates := make([]string, 0, 1+len(possibleFiles)) + if t := ctx.FormString("template"); t != "" { + templateCandidates = append(templateCandidates, t) + } + templateCandidates = append(templateCandidates, possibleFiles...) // Append files to the end because they should be fallback + + templateErrs := map[string]error{} + for _, filename := range templateCandidates { + if ok, _ := commit.HasFile(filename); !ok { + continue + } + template, err := issue_template.UnmarshalFromCommit(commit, filename) + if err != nil { + templateErrs[filename] = err + continue + } + ctx.Data[issueTemplateTitleKey] = template.Title + ctx.Data[ctxDataKey] = template.Content + + if template.Type() == api.IssueTemplateTypeYaml { + // Replace field default values by values from query + for _, field := range template.Fields { + fieldValue := ctx.FormString("field:" + field.ID) + if fieldValue != "" { + field.Attributes["value"] = fieldValue + } + } + + ctx.Data["Fields"] = template.Fields + ctx.Data["TemplateFile"] = template.FileName + } + + metaData.LabelsData.SetSelectedLabelNames(template.Labels) + + selectedAssigneeIDStrings := make([]string, 0, len(template.Assignees)) + if userIDs, err := user_model.GetUserIDsByNames(ctx, template.Assignees, true); err == nil { + for _, userID := range userIDs { + selectedAssigneeIDStrings = append(selectedAssigneeIDStrings, strconv.FormatInt(userID, 10)) + } + } + metaData.AssigneesData.SelectedAssigneeIDs = strings.Join(selectedAssigneeIDStrings, ",") + + if template.Ref != "" && !strings.HasPrefix(template.Ref, "refs/") { // Assume that the ref intended is always a branch - for tags users should use refs/tags/ + template.Ref = git.BranchPrefix + template.Ref + } + + ctx.Data["Reference"] = template.Ref + ctx.Data["RefEndName"] = git.RefName(template.Ref).ShortName() + return true, templateErrs + } + return false, templateErrs +} + +// NewIssue render creating issue page +func NewIssue(ctx *context.Context) { + issueConfig, _ := issue_service.GetTemplateConfigFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo) + hasTemplates := issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) + + ctx.Data["Title"] = ctx.Tr("repo.issues.new") + ctx.Data["PageIsIssueList"] = true + ctx.Data["NewIssueChooseTemplate"] = hasTemplates + ctx.Data["PullRequestWorkInProgressPrefixes"] = setting.Repository.PullRequest.WorkInProgressPrefixes + title := ctx.FormString("title") + ctx.Data["TitleQuery"] = title + body := ctx.FormString("body") + ctx.Data["BodyQuery"] = body + + isProjectsEnabled := ctx.Repo.CanRead(unit.TypeProjects) + ctx.Data["IsProjectsEnabled"] = isProjectsEnabled + ctx.Data["IsAttachmentEnabled"] = setting.Attachment.Enabled + upload.AddUploadContext(ctx, "comment") + + pageMetaData := retrieveRepoIssueMetaData(ctx, ctx.Repo.Repository, nil, false) + if ctx.Written() { + return + } + + pageMetaData.MilestonesData.SelectedMilestoneID = ctx.FormInt64("milestone") + pageMetaData.ProjectsData.SelectedProjectID = ctx.FormInt64("project") + if pageMetaData.ProjectsData.SelectedProjectID > 0 { + if len(ctx.Req.URL.Query().Get("project")) > 0 { + ctx.Data["redirect_after_creation"] = "project" + } + } + + tags, err := repo_model.GetTagNamesByRepoID(ctx, ctx.Repo.Repository.ID) + if err != nil { + ctx.ServerError("GetTagNamesByRepoID", err) + return + } + ctx.Data["Tags"] = tags + + ret := issue_service.ParseTemplatesFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo) + templateLoaded, errs := setTemplateIfExists(ctx, issueTemplateKey, IssueTemplateCandidates, pageMetaData) + for k, v := range errs { + ret.TemplateErrors[k] = v + } + if ctx.Written() { + return + } + + if len(ret.TemplateErrors) > 0 { + ctx.Flash.Warning(renderErrorOfTemplates(ctx, ret.TemplateErrors), true) + } + + ctx.Data["HasIssuesOrPullsWritePermission"] = ctx.Repo.CanWrite(unit.TypeIssues) + + if !issueConfig.BlankIssuesEnabled && hasTemplates && !templateLoaded { + // The "issues/new" and "issues/new/choose" share the same query parameters "project" and "milestone", if blank issues are disabled, just redirect to the "issues/choose" page with these parameters. + ctx.Redirect(fmt.Sprintf("%s/issues/new/choose?%s", ctx.Repo.Repository.Link(), ctx.Req.URL.RawQuery), http.StatusSeeOther) + return + } + + ctx.HTML(http.StatusOK, tplIssueNew) +} + +func renderErrorOfTemplates(ctx *context.Context, errs map[string]error) template.HTML { + var files []string + for k := range errs { + files = append(files, k) + } + sort.Strings(files) // keep the output stable + + var lines []string + for _, file := range files { + lines = append(lines, fmt.Sprintf("%s: %v", file, errs[file])) + } + + flashError, err := ctx.RenderToHTML(tplAlertDetails, map[string]any{ + "Message": ctx.Tr("repo.issues.choose.ignore_invalid_templates"), + "Summary": ctx.Tr("repo.issues.choose.invalid_templates", len(errs)), + "Details": utils.SanitizeFlashErrorString(strings.Join(lines, "\n")), + }) + if err != nil { + log.Debug("render flash error: %v", err) + flashError = ctx.Locale.Tr("repo.issues.choose.ignore_invalid_templates") + } + return flashError +} + +// NewIssueChooseTemplate render creating issue from template page +func NewIssueChooseTemplate(ctx *context.Context) { + ctx.Data["Title"] = ctx.Tr("repo.issues.new") + ctx.Data["PageIsIssueList"] = true + + ret := issue_service.ParseTemplatesFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo) + ctx.Data["IssueTemplates"] = ret.IssueTemplates + + if len(ret.TemplateErrors) > 0 { + ctx.Flash.Warning(renderErrorOfTemplates(ctx, ret.TemplateErrors), true) + } + + if !issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) { + // The "issues/new" and "issues/new/choose" share the same query parameters "project" and "milestone", if no template here, just redirect to the "issues/new" page with these parameters. + ctx.Redirect(fmt.Sprintf("%s/issues/new?%s", ctx.Repo.Repository.Link(), ctx.Req.URL.RawQuery), http.StatusSeeOther) + return + } + + issueConfig, err := issue_service.GetTemplateConfigFromDefaultBranch(ctx.Repo.Repository, ctx.Repo.GitRepo) + ctx.Data["IssueConfig"] = issueConfig + ctx.Data["IssueConfigError"] = err // ctx.Flash.Err makes problems here + + ctx.Data["milestone"] = ctx.FormInt64("milestone") + ctx.Data["project"] = ctx.FormInt64("project") + + ctx.HTML(http.StatusOK, tplIssueChoose) +} + +// DeleteIssue deletes an issue +func DeleteIssue(ctx *context.Context) { + issue := GetActionIssue(ctx) + if ctx.Written() { + return + } + + if err := issue_service.DeleteIssue(ctx, ctx.Doer, ctx.Repo.GitRepo, issue); err != nil { + ctx.ServerError("DeleteIssueByID", err) + return + } + + if issue.IsPull { + ctx.Redirect(fmt.Sprintf("%s/pulls", ctx.Repo.Repository.Link()), http.StatusSeeOther) + return + } + + ctx.Redirect(fmt.Sprintf("%s/issues", ctx.Repo.Repository.Link()), http.StatusSeeOther) +} + +func toSet[ItemType any, KeyType comparable](slice []ItemType, keyFunc func(ItemType) KeyType) container.Set[KeyType] { + s := make(container.Set[KeyType]) + for _, item := range slice { + s.Add(keyFunc(item)) + } + return s +} + +// ValidateRepoMetasForNewIssue check and returns repository's meta information +func ValidateRepoMetasForNewIssue(ctx *context.Context, form forms.CreateIssueForm, isPull bool) (ret struct { + LabelIDs, AssigneeIDs []int64 + MilestoneID, ProjectID int64 + + Reviewers []*user_model.User + TeamReviewers []*organization.Team +}, +) { + pageMetaData := retrieveRepoIssueMetaData(ctx, ctx.Repo.Repository, nil, isPull) + if ctx.Written() { + return ret + } + + inputLabelIDs, _ := base.StringsToInt64s(strings.Split(form.LabelIDs, ",")) + candidateLabels := toSet(pageMetaData.LabelsData.AllLabels, func(label *issues_model.Label) int64 { return label.ID }) + if len(inputLabelIDs) > 0 && !candidateLabels.Contains(inputLabelIDs...) { + ctx.NotFound("", nil) + return ret + } + pageMetaData.LabelsData.SetSelectedLabelIDs(inputLabelIDs) + + allMilestones := append(slices.Clone(pageMetaData.MilestonesData.OpenMilestones), pageMetaData.MilestonesData.ClosedMilestones...) + candidateMilestones := toSet(allMilestones, func(milestone *issues_model.Milestone) int64 { return milestone.ID }) + if form.MilestoneID > 0 && !candidateMilestones.Contains(form.MilestoneID) { + ctx.NotFound("", nil) + return ret + } + pageMetaData.MilestonesData.SelectedMilestoneID = form.MilestoneID + + allProjects := append(slices.Clone(pageMetaData.ProjectsData.OpenProjects), pageMetaData.ProjectsData.ClosedProjects...) + candidateProjects := toSet(allProjects, func(project *project_model.Project) int64 { return project.ID }) + if form.ProjectID > 0 && !candidateProjects.Contains(form.ProjectID) { + ctx.NotFound("", nil) + return ret + } + pageMetaData.ProjectsData.SelectedProjectID = form.ProjectID + + candidateAssignees := toSet(pageMetaData.AssigneesData.CandidateAssignees, func(user *user_model.User) int64 { return user.ID }) + inputAssigneeIDs, _ := base.StringsToInt64s(strings.Split(form.AssigneeIDs, ",")) + if len(inputAssigneeIDs) > 0 && !candidateAssignees.Contains(inputAssigneeIDs...) { + ctx.NotFound("", nil) + return ret + } + pageMetaData.AssigneesData.SelectedAssigneeIDs = form.AssigneeIDs + + // Check if the passed reviewers (user/team) actually exist + var reviewers []*user_model.User + var teamReviewers []*organization.Team + reviewerIDs, _ := base.StringsToInt64s(strings.Split(form.ReviewerIDs, ",")) + if isPull && len(reviewerIDs) > 0 { + userReviewersMap := map[int64]*user_model.User{} + teamReviewersMap := map[int64]*organization.Team{} + for _, r := range pageMetaData.ReviewersData.Reviewers { + userReviewersMap[r.User.ID] = r.User + } + for _, r := range pageMetaData.ReviewersData.TeamReviewers { + teamReviewersMap[r.Team.ID] = r.Team + } + for _, rID := range reviewerIDs { + if rID < 0 { // negative reviewIDs represent team requests + team, ok := teamReviewersMap[-rID] + if !ok { + ctx.NotFound("", nil) + return ret + } + teamReviewers = append(teamReviewers, team) + } else { + user, ok := userReviewersMap[rID] + if !ok { + ctx.NotFound("", nil) + return ret + } + reviewers = append(reviewers, user) + } + } + } + + ret.LabelIDs, ret.AssigneeIDs, ret.MilestoneID, ret.ProjectID = inputLabelIDs, inputAssigneeIDs, form.MilestoneID, form.ProjectID + ret.Reviewers, ret.TeamReviewers = reviewers, teamReviewers + return ret +} + +// NewIssuePost response for creating new issue +func NewIssuePost(ctx *context.Context) { + form := web.GetForm(ctx).(*forms.CreateIssueForm) + ctx.Data["Title"] = ctx.Tr("repo.issues.new") + ctx.Data["PageIsIssueList"] = true + ctx.Data["NewIssueChooseTemplate"] = issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) + ctx.Data["PullRequestWorkInProgressPrefixes"] = setting.Repository.PullRequest.WorkInProgressPrefixes + ctx.Data["IsAttachmentEnabled"] = setting.Attachment.Enabled + upload.AddUploadContext(ctx, "comment") + + var ( + repo = ctx.Repo.Repository + attachments []string + ) + + validateRet := ValidateRepoMetasForNewIssue(ctx, *form, false) + if ctx.Written() { + return + } + + labelIDs, assigneeIDs, milestoneID, projectID := validateRet.LabelIDs, validateRet.AssigneeIDs, validateRet.MilestoneID, validateRet.ProjectID + + if projectID > 0 { + if !ctx.Repo.CanRead(unit.TypeProjects) { + // User must also be able to see the project. + ctx.Error(http.StatusBadRequest, "user hasn't permissions to read projects") + return + } + } + + if setting.Attachment.Enabled { + attachments = form.Files + } + + if ctx.HasError() { + ctx.JSONError(ctx.GetErrMsg()) + return + } + + if util.IsEmptyString(form.Title) { + ctx.JSONError(ctx.Tr("repo.issues.new.title_empty")) + return + } + + content := form.Content + if filename := ctx.Req.Form.Get("template-file"); filename != "" { + if template, err := issue_template.UnmarshalFromRepo(ctx.Repo.GitRepo, ctx.Repo.Repository.DefaultBranch, filename); err == nil { + content = issue_template.RenderToMarkdown(template, ctx.Req.Form) + } + } + + issue := &issues_model.Issue{ + RepoID: repo.ID, + Repo: repo, + Title: form.Title, + PosterID: ctx.Doer.ID, + Poster: ctx.Doer, + MilestoneID: milestoneID, + Content: content, + Ref: form.Ref, + } + + if err := issue_service.NewIssue(ctx, repo, issue, labelIDs, attachments, assigneeIDs, projectID); err != nil { + if repo_model.IsErrUserDoesNotHaveAccessToRepo(err) { + ctx.Error(http.StatusBadRequest, "UserDoesNotHaveAccessToRepo", err.Error()) + } else if errors.Is(err, user_model.ErrBlockedUser) { + ctx.JSONError(ctx.Tr("repo.issues.new.blocked_user")) + } else { + ctx.ServerError("NewIssue", err) + } + return + } + + log.Trace("Issue created: %d/%d", repo.ID, issue.ID) + if ctx.FormString("redirect_after_creation") == "project" && projectID > 0 { + ctx.JSONRedirect(ctx.Repo.RepoLink + "/projects/" + strconv.FormatInt(projectID, 10)) + } else { + ctx.JSONRedirect(issue.Link()) + } +} diff --git a/routers/web/repo/issue_page_meta.go b/routers/web/repo/issue_page_meta.go new file mode 100644 index 0000000000..ac0b1c6425 --- /dev/null +++ b/routers/web/repo/issue_page_meta.go @@ -0,0 +1,444 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package repo + +import ( + "sort" + "strconv" + "strings" + + "code.gitea.io/gitea/models/db" + issues_model "code.gitea.io/gitea/models/issues" + "code.gitea.io/gitea/models/organization" + project_model "code.gitea.io/gitea/models/project" + repo_model "code.gitea.io/gitea/models/repo" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/container" + "code.gitea.io/gitea/modules/optional" + shared_user "code.gitea.io/gitea/routers/web/shared/user" + "code.gitea.io/gitea/services/context" + issue_service "code.gitea.io/gitea/services/issue" + repo_service "code.gitea.io/gitea/services/repository" +) + +type issueSidebarMilestoneData struct { + SelectedMilestoneID int64 + OpenMilestones []*issues_model.Milestone + ClosedMilestones []*issues_model.Milestone +} + +type issueSidebarAssigneesData struct { + SelectedAssigneeIDs string + CandidateAssignees []*user_model.User +} + +type issueSidebarProjectsData struct { + SelectedProjectID int64 + OpenProjects []*project_model.Project + ClosedProjects []*project_model.Project +} + +type IssuePageMetaData struct { + RepoLink string + Repository *repo_model.Repository + Issue *issues_model.Issue + IsPullRequest bool + CanModifyIssueOrPull bool + + ReviewersData *issueSidebarReviewersData + LabelsData *issueSidebarLabelsData + MilestonesData *issueSidebarMilestoneData + ProjectsData *issueSidebarProjectsData + AssigneesData *issueSidebarAssigneesData +} + +func retrieveRepoIssueMetaData(ctx *context.Context, repo *repo_model.Repository, issue *issues_model.Issue, isPull bool) *IssuePageMetaData { + data := &IssuePageMetaData{ + RepoLink: ctx.Repo.RepoLink, + Repository: repo, + Issue: issue, + IsPullRequest: isPull, + + ReviewersData: &issueSidebarReviewersData{}, + LabelsData: &issueSidebarLabelsData{}, + MilestonesData: &issueSidebarMilestoneData{}, + ProjectsData: &issueSidebarProjectsData{}, + AssigneesData: &issueSidebarAssigneesData{}, + } + ctx.Data["IssuePageMetaData"] = data + + if isPull { + data.retrieveReviewersData(ctx) + if ctx.Written() { + return data + } + } + data.retrieveLabelsData(ctx) + if ctx.Written() { + return data + } + + data.CanModifyIssueOrPull = ctx.Repo.CanWriteIssuesOrPulls(isPull) && !ctx.Repo.Repository.IsArchived + if !data.CanModifyIssueOrPull { + return data + } + + data.retrieveAssigneesDataForIssueWriter(ctx) + if ctx.Written() { + return data + } + + data.retrieveMilestonesDataForIssueWriter(ctx) + if ctx.Written() { + return data + } + + data.retrieveProjectsDataForIssueWriter(ctx) + if ctx.Written() { + return data + } + + PrepareBranchList(ctx) + if ctx.Written() { + return data + } + + ctx.Data["CanCreateIssueDependencies"] = ctx.Repo.CanCreateIssueDependencies(ctx, ctx.Doer, isPull) + return data +} + +func (d *IssuePageMetaData) retrieveMilestonesDataForIssueWriter(ctx *context.Context) { + var err error + if d.Issue != nil { + d.MilestonesData.SelectedMilestoneID = d.Issue.MilestoneID + } + d.MilestonesData.OpenMilestones, err = db.Find[issues_model.Milestone](ctx, issues_model.FindMilestoneOptions{ + RepoID: d.Repository.ID, + IsClosed: optional.Some(false), + }) + if err != nil { + ctx.ServerError("GetMilestones", err) + return + } + d.MilestonesData.ClosedMilestones, err = db.Find[issues_model.Milestone](ctx, issues_model.FindMilestoneOptions{ + RepoID: d.Repository.ID, + IsClosed: optional.Some(true), + }) + if err != nil { + ctx.ServerError("GetMilestones", err) + return + } +} + +func (d *IssuePageMetaData) retrieveAssigneesDataForIssueWriter(ctx *context.Context) { + var err error + d.AssigneesData.CandidateAssignees, err = repo_model.GetRepoAssignees(ctx, d.Repository) + if err != nil { + ctx.ServerError("GetRepoAssignees", err) + return + } + d.AssigneesData.CandidateAssignees = shared_user.MakeSelfOnTop(ctx.Doer, d.AssigneesData.CandidateAssignees) + if d.Issue != nil { + _ = d.Issue.LoadAssignees(ctx) + ids := make([]string, 0, len(d.Issue.Assignees)) + for _, a := range d.Issue.Assignees { + ids = append(ids, strconv.FormatInt(a.ID, 10)) + } + d.AssigneesData.SelectedAssigneeIDs = strings.Join(ids, ",") + } + // FIXME: this is a tricky part which writes ctx.Data["Mentionable*"] + handleTeamMentions(ctx) +} + +func (d *IssuePageMetaData) retrieveProjectsDataForIssueWriter(ctx *context.Context) { + if d.Issue != nil && d.Issue.Project != nil { + d.ProjectsData.SelectedProjectID = d.Issue.Project.ID + } + d.ProjectsData.OpenProjects, d.ProjectsData.ClosedProjects = retrieveProjectsInternal(ctx, ctx.Repo.Repository) +} + +// repoReviewerSelection items to bee shown +type repoReviewerSelection struct { + IsTeam bool + Team *organization.Team + User *user_model.User + Review *issues_model.Review + CanBeDismissed bool + CanChange bool + Requested bool + ItemID int64 +} + +type issueSidebarReviewersData struct { + CanChooseReviewer bool + OriginalReviews issues_model.ReviewList + TeamReviewers []*repoReviewerSelection + Reviewers []*repoReviewerSelection + CurrentPullReviewers []*repoReviewerSelection +} + +// RetrieveRepoReviewers find all reviewers of a repository. If issue is nil, it means the doer is creating a new PR. +func (d *IssuePageMetaData) retrieveReviewersData(ctx *context.Context) { + data := d.ReviewersData + repo := d.Repository + if ctx.Doer != nil && ctx.IsSigned { + if d.Issue == nil { + data.CanChooseReviewer = true + } else { + data.CanChooseReviewer = issue_service.CanDoerChangeReviewRequests(ctx, ctx.Doer, repo, d.Issue) + } + } + + var posterID int64 + var isClosed bool + var reviews issues_model.ReviewList + + if d.Issue == nil { + posterID = ctx.Doer.ID + } else { + posterID = d.Issue.PosterID + if d.Issue.OriginalAuthorID > 0 { + posterID = 0 // for migrated PRs, no poster ID + } + + isClosed = d.Issue.IsClosed || d.Issue.PullRequest.HasMerged + + originalAuthorReviews, err := issues_model.GetReviewersFromOriginalAuthorsByIssueID(ctx, d.Issue.ID) + if err != nil { + ctx.ServerError("GetReviewersFromOriginalAuthorsByIssueID", err) + return + } + data.OriginalReviews = originalAuthorReviews + + reviews, err = issues_model.GetReviewsByIssueID(ctx, d.Issue.ID) + if err != nil { + ctx.ServerError("GetReviewersByIssueID", err) + return + } + if len(reviews) == 0 && !data.CanChooseReviewer { + return + } + } + + var ( + pullReviews []*repoReviewerSelection + reviewersResult []*repoReviewerSelection + teamReviewersResult []*repoReviewerSelection + teamReviewers []*organization.Team + reviewers []*user_model.User + ) + + if data.CanChooseReviewer { + var err error + reviewers, err = repo_model.GetReviewers(ctx, repo, ctx.Doer.ID, posterID) + if err != nil { + ctx.ServerError("GetReviewers", err) + return + } + + teamReviewers, err = repo_service.GetReviewerTeams(ctx, repo) + if err != nil { + ctx.ServerError("GetReviewerTeams", err) + return + } + + if len(reviewers) > 0 { + reviewersResult = make([]*repoReviewerSelection, 0, len(reviewers)) + } + + if len(teamReviewers) > 0 { + teamReviewersResult = make([]*repoReviewerSelection, 0, len(teamReviewers)) + } + } + + pullReviews = make([]*repoReviewerSelection, 0, len(reviews)) + + for _, review := range reviews { + tmp := &repoReviewerSelection{ + Requested: review.Type == issues_model.ReviewTypeRequest, + Review: review, + ItemID: review.ReviewerID, + } + if review.ReviewerTeamID > 0 { + tmp.IsTeam = true + tmp.ItemID = -review.ReviewerTeamID + } + + if data.CanChooseReviewer { + // Users who can choose reviewers can also remove review requests + tmp.CanChange = true + } else if ctx.Doer != nil && ctx.Doer.ID == review.ReviewerID && review.Type == issues_model.ReviewTypeRequest { + // A user can refuse review requests + tmp.CanChange = true + } + + pullReviews = append(pullReviews, tmp) + + if data.CanChooseReviewer { + if tmp.IsTeam { + teamReviewersResult = append(teamReviewersResult, tmp) + } else { + reviewersResult = append(reviewersResult, tmp) + } + } + } + + if len(pullReviews) > 0 { + // Drop all non-existing users and teams from the reviews + currentPullReviewers := make([]*repoReviewerSelection, 0, len(pullReviews)) + for _, item := range pullReviews { + if item.Review.ReviewerID > 0 { + if err := item.Review.LoadReviewer(ctx); err != nil { + if user_model.IsErrUserNotExist(err) { + continue + } + ctx.ServerError("LoadReviewer", err) + return + } + item.User = item.Review.Reviewer + } else if item.Review.ReviewerTeamID > 0 { + if err := item.Review.LoadReviewerTeam(ctx); err != nil { + if organization.IsErrTeamNotExist(err) { + continue + } + ctx.ServerError("LoadReviewerTeam", err) + return + } + item.Team = item.Review.ReviewerTeam + } else { + continue + } + item.CanBeDismissed = ctx.Repo.Permission.IsAdmin() && !isClosed && + (item.Review.Type == issues_model.ReviewTypeApprove || item.Review.Type == issues_model.ReviewTypeReject) + currentPullReviewers = append(currentPullReviewers, item) + } + data.CurrentPullReviewers = currentPullReviewers + } + + if data.CanChooseReviewer && reviewersResult != nil { + preadded := len(reviewersResult) + for _, reviewer := range reviewers { + found := false + reviewAddLoop: + for _, tmp := range reviewersResult[:preadded] { + if tmp.ItemID == reviewer.ID { + tmp.User = reviewer + found = true + break reviewAddLoop + } + } + + if found { + continue + } + + reviewersResult = append(reviewersResult, &repoReviewerSelection{ + IsTeam: false, + CanChange: true, + User: reviewer, + ItemID: reviewer.ID, + }) + } + + data.Reviewers = reviewersResult + } + + if data.CanChooseReviewer && teamReviewersResult != nil { + preadded := len(teamReviewersResult) + for _, team := range teamReviewers { + found := false + teamReviewAddLoop: + for _, tmp := range teamReviewersResult[:preadded] { + if tmp.ItemID == -team.ID { + tmp.Team = team + found = true + break teamReviewAddLoop + } + } + + if found { + continue + } + + teamReviewersResult = append(teamReviewersResult, &repoReviewerSelection{ + IsTeam: true, + CanChange: true, + Team: team, + ItemID: -team.ID, + }) + } + + data.TeamReviewers = teamReviewersResult + } +} + +type issueSidebarLabelsData struct { + AllLabels []*issues_model.Label + RepoLabels []*issues_model.Label + OrgLabels []*issues_model.Label + SelectedLabelIDs string +} + +func makeSelectedStringIDs[KeyType, ItemType comparable]( + allLabels []*issues_model.Label, candidateKey func(candidate *issues_model.Label) KeyType, + selectedItems []ItemType, selectedKey func(selected ItemType) KeyType, +) string { + selectedIDSet := make(container.Set[string]) + allLabelMap := map[KeyType]*issues_model.Label{} + for _, label := range allLabels { + allLabelMap[candidateKey(label)] = label + } + for _, item := range selectedItems { + if label, ok := allLabelMap[selectedKey(item)]; ok { + label.IsChecked = true + selectedIDSet.Add(strconv.FormatInt(label.ID, 10)) + } + } + ids := selectedIDSet.Values() + sort.Strings(ids) + return strings.Join(ids, ",") +} + +func (d *issueSidebarLabelsData) SetSelectedLabels(labels []*issues_model.Label) { + d.SelectedLabelIDs = makeSelectedStringIDs( + d.AllLabels, func(label *issues_model.Label) int64 { return label.ID }, + labels, func(label *issues_model.Label) int64 { return label.ID }, + ) +} + +func (d *issueSidebarLabelsData) SetSelectedLabelNames(labelNames []string) { + d.SelectedLabelIDs = makeSelectedStringIDs( + d.AllLabels, func(label *issues_model.Label) string { return strings.ToLower(label.Name) }, + labelNames, strings.ToLower, + ) +} + +func (d *issueSidebarLabelsData) SetSelectedLabelIDs(labelIDs []int64) { + d.SelectedLabelIDs = makeSelectedStringIDs( + d.AllLabels, func(label *issues_model.Label) int64 { return label.ID }, + labelIDs, func(labelID int64) int64 { return labelID }, + ) +} + +func (d *IssuePageMetaData) retrieveLabelsData(ctx *context.Context) { + repo := d.Repository + labelsData := d.LabelsData + + labels, err := issues_model.GetLabelsByRepoID(ctx, repo.ID, "", db.ListOptions{}) + if err != nil { + ctx.ServerError("GetLabelsByRepoID", err) + return + } + labelsData.RepoLabels = labels + + if repo.Owner.IsOrganization() { + orgLabels, err := issues_model.GetLabelsByOrgID(ctx, repo.Owner.ID, ctx.FormString("sort"), db.ListOptions{}) + if err != nil { + return + } + labelsData.OrgLabels = orgLabels + } + labelsData.AllLabels = append(labelsData.AllLabels, labelsData.RepoLabels...) + labelsData.AllLabels = append(labelsData.AllLabels, labelsData.OrgLabels...) +} diff --git a/routers/web/repo/issue_poster.go b/routers/web/repo/issue_poster.go new file mode 100644 index 0000000000..91ef947cb4 --- /dev/null +++ b/routers/web/repo/issue_poster.go @@ -0,0 +1,66 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package repo + +import ( + "net/http" + "slices" + "strings" + + repo_model "code.gitea.io/gitea/models/repo" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/setting" + shared_user "code.gitea.io/gitea/routers/web/shared/user" + "code.gitea.io/gitea/services/context" +) + +type userSearchInfo struct { + UserID int64 `json:"user_id"` + UserName string `json:"username"` + AvatarLink string `json:"avatar_link"` + FullName string `json:"full_name"` +} + +type userSearchResponse struct { + Results []*userSearchInfo `json:"results"` +} + +// IssuePosters get posters for current repo's issues/pull requests +func IssuePosters(ctx *context.Context) { + issuePosters(ctx, false) +} + +func PullPosters(ctx *context.Context) { + issuePosters(ctx, true) +} + +func issuePosters(ctx *context.Context, isPullList bool) { + repo := ctx.Repo.Repository + search := strings.TrimSpace(ctx.FormString("q")) + posters, err := repo_model.GetIssuePostersWithSearch(ctx, repo, isPullList, search, setting.UI.DefaultShowFullName) + if err != nil { + ctx.JSON(http.StatusInternalServerError, err) + return + } + + if search == "" && ctx.Doer != nil { + // the returned posters slice only contains limited number of users, + // to make the current user (doer) can quickly filter their own issues, always add doer to the posters slice + if !slices.ContainsFunc(posters, func(user *user_model.User) bool { return user.ID == ctx.Doer.ID }) { + posters = append(posters, ctx.Doer) + } + } + + posters = shared_user.MakeSelfOnTop(ctx.Doer, posters) + + resp := &userSearchResponse{} + resp.Results = make([]*userSearchInfo, len(posters)) + for i, user := range posters { + resp.Results[i] = &userSearchInfo{UserID: user.ID, UserName: user.Name, AvatarLink: user.AvatarLink(ctx)} + if setting.UI.DefaultShowFullName { + resp.Results[i].FullName = user.FullName + } + } + ctx.JSON(http.StatusOK, resp) +} diff --git a/routers/web/repo/issue_view.go b/routers/web/repo/issue_view.go new file mode 100644 index 0000000000..284928856f --- /dev/null +++ b/routers/web/repo/issue_view.go @@ -0,0 +1,914 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package repo + +import ( + stdCtx "context" + "fmt" + "math/big" + "net/http" + "net/url" + "sort" + + activities_model "code.gitea.io/gitea/models/activities" + "code.gitea.io/gitea/models/db" + git_model "code.gitea.io/gitea/models/git" + issues_model "code.gitea.io/gitea/models/issues" + "code.gitea.io/gitea/models/organization" + access_model "code.gitea.io/gitea/models/perm/access" + project_model "code.gitea.io/gitea/models/project" + pull_model "code.gitea.io/gitea/models/pull" + repo_model "code.gitea.io/gitea/models/repo" + "code.gitea.io/gitea/models/unit" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/emoji" + "code.gitea.io/gitea/modules/git" + "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/markup" + "code.gitea.io/gitea/modules/markup/markdown" + "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/templates" + "code.gitea.io/gitea/modules/templates/vars" + asymkey_service "code.gitea.io/gitea/services/asymkey" + "code.gitea.io/gitea/services/context" + "code.gitea.io/gitea/services/context/upload" + issue_service "code.gitea.io/gitea/services/issue" + pull_service "code.gitea.io/gitea/services/pull" + user_service "code.gitea.io/gitea/services/user" +) + +// roleDescriptor returns the role descriptor for a comment in/with the given repo, poster and issue +func roleDescriptor(ctx stdCtx.Context, repo *repo_model.Repository, poster *user_model.User, issue *issues_model.Issue, hasOriginalAuthor bool) (issues_model.RoleDescriptor, error) { + roleDescriptor := issues_model.RoleDescriptor{} + + if hasOriginalAuthor { + return roleDescriptor, nil + } + + perm, err := access_model.GetUserRepoPermission(ctx, repo, poster) + if err != nil { + return roleDescriptor, err + } + + // If the poster is the actual poster of the issue, enable Poster role. + roleDescriptor.IsPoster = issue.IsPoster(poster.ID) + + // Check if the poster is owner of the repo. + if perm.IsOwner() { + // If the poster isn't an admin, enable the owner role. + if !poster.IsAdmin { + roleDescriptor.RoleInRepo = issues_model.RoleRepoOwner + return roleDescriptor, nil + } + + // Otherwise check if poster is the real repo admin. + ok, err := access_model.IsUserRealRepoAdmin(ctx, repo, poster) + if err != nil { + return roleDescriptor, err + } + if ok { + roleDescriptor.RoleInRepo = issues_model.RoleRepoOwner + return roleDescriptor, nil + } + } + + // If repo is organization, check Member role + if err := repo.LoadOwner(ctx); err != nil { + return roleDescriptor, err + } + if repo.Owner.IsOrganization() { + if isMember, err := organization.IsOrganizationMember(ctx, repo.Owner.ID, poster.ID); err != nil { + return roleDescriptor, err + } else if isMember { + roleDescriptor.RoleInRepo = issues_model.RoleRepoMember + return roleDescriptor, nil + } + } + + // If the poster is the collaborator of the repo + if isCollaborator, err := repo_model.IsCollaborator(ctx, repo.ID, poster.ID); err != nil { + return roleDescriptor, err + } else if isCollaborator { + roleDescriptor.RoleInRepo = issues_model.RoleRepoCollaborator + return roleDescriptor, nil + } + + hasMergedPR, err := issues_model.HasMergedPullRequestInRepo(ctx, repo.ID, poster.ID) + if err != nil { + return roleDescriptor, err + } else if hasMergedPR { + roleDescriptor.RoleInRepo = issues_model.RoleRepoContributor + } else if issue.IsPull { + // only display first time contributor in the first opening pull request + roleDescriptor.RoleInRepo = issues_model.RoleRepoFirstTimeContributor + } + + return roleDescriptor, nil +} + +func getBranchData(ctx *context.Context, issue *issues_model.Issue) { + ctx.Data["BaseBranch"] = nil + ctx.Data["HeadBranch"] = nil + ctx.Data["HeadUserName"] = nil + ctx.Data["BaseName"] = ctx.Repo.Repository.OwnerName + if issue.IsPull { + pull := issue.PullRequest + ctx.Data["BaseBranch"] = pull.BaseBranch + ctx.Data["HeadBranch"] = pull.HeadBranch + ctx.Data["HeadUserName"] = pull.MustHeadUserName(ctx) + } +} + +// checkBlockedByIssues return canRead and notPermitted +func checkBlockedByIssues(ctx *context.Context, blockers []*issues_model.DependencyInfo) (canRead, notPermitted []*issues_model.DependencyInfo) { + repoPerms := make(map[int64]access_model.Permission) + repoPerms[ctx.Repo.Repository.ID] = ctx.Repo.Permission + for _, blocker := range blockers { + // Get the permissions for this repository + // If the repo ID exists in the map, return the exist permissions + // else get the permission and add it to the map + var perm access_model.Permission + existPerm, ok := repoPerms[blocker.RepoID] + if ok { + perm = existPerm + } else { + var err error + perm, err = access_model.GetUserRepoPermission(ctx, &blocker.Repository, ctx.Doer) + if err != nil { + ctx.ServerError("GetUserRepoPermission", err) + return nil, nil + } + repoPerms[blocker.RepoID] = perm + } + if perm.CanReadIssuesOrPulls(blocker.Issue.IsPull) { + canRead = append(canRead, blocker) + } else { + notPermitted = append(notPermitted, blocker) + } + } + sortDependencyInfo(canRead) + sortDependencyInfo(notPermitted) + return canRead, notPermitted +} + +func sortDependencyInfo(blockers []*issues_model.DependencyInfo) { + sort.Slice(blockers, func(i, j int) bool { + if blockers[i].RepoID == blockers[j].RepoID { + return blockers[i].Issue.CreatedUnix < blockers[j].Issue.CreatedUnix + } + return blockers[i].RepoID < blockers[j].RepoID + }) +} + +func addParticipant(poster *user_model.User, participants []*user_model.User) []*user_model.User { + for _, part := range participants { + if poster.ID == part.ID { + return participants + } + } + return append(participants, poster) +} + +func filterXRefComments(ctx *context.Context, issue *issues_model.Issue) error { + // Remove comments that the user has no permissions to see + for i := 0; i < len(issue.Comments); { + c := issue.Comments[i] + if issues_model.CommentTypeIsRef(c.Type) && c.RefRepoID != issue.RepoID && c.RefRepoID != 0 { + var err error + // Set RefRepo for description in template + c.RefRepo, err = repo_model.GetRepositoryByID(ctx, c.RefRepoID) + if err != nil { + return err + } + perm, err := access_model.GetUserRepoPermission(ctx, c.RefRepo, ctx.Doer) + if err != nil { + return err + } + if !perm.CanReadIssuesOrPulls(c.RefIsPull) { + issue.Comments = append(issue.Comments[:i], issue.Comments[i+1:]...) + continue + } + } + i++ + } + return nil +} + +// combineLabelComments combine the nearby label comments as one. +func combineLabelComments(issue *issues_model.Issue) { + var prev, cur *issues_model.Comment + for i := 0; i < len(issue.Comments); i++ { + cur = issue.Comments[i] + if i > 0 { + prev = issue.Comments[i-1] + } + if i == 0 || cur.Type != issues_model.CommentTypeLabel || + (prev != nil && prev.PosterID != cur.PosterID) || + (prev != nil && cur.CreatedUnix-prev.CreatedUnix >= 60) { + if cur.Type == issues_model.CommentTypeLabel && cur.Label != nil { + if cur.Content != "1" { + cur.RemovedLabels = append(cur.RemovedLabels, cur.Label) + } else { + cur.AddedLabels = append(cur.AddedLabels, cur.Label) + } + } + continue + } + + if cur.Label != nil { // now cur MUST be label comment + if prev.Type == issues_model.CommentTypeLabel { // we can combine them only prev is a label comment + if cur.Content != "1" { + // remove labels from the AddedLabels list if the label that was removed is already + // in this list, and if it's not in this list, add the label to RemovedLabels + addedAndRemoved := false + for i, label := range prev.AddedLabels { + if cur.Label.ID == label.ID { + prev.AddedLabels = append(prev.AddedLabels[:i], prev.AddedLabels[i+1:]...) + addedAndRemoved = true + break + } + } + if !addedAndRemoved { + prev.RemovedLabels = append(prev.RemovedLabels, cur.Label) + } + } else { + // remove labels from the RemovedLabels list if the label that was added is already + // in this list, and if it's not in this list, add the label to AddedLabels + removedAndAdded := false + for i, label := range prev.RemovedLabels { + if cur.Label.ID == label.ID { + prev.RemovedLabels = append(prev.RemovedLabels[:i], prev.RemovedLabels[i+1:]...) + removedAndAdded = true + break + } + } + if !removedAndAdded { + prev.AddedLabels = append(prev.AddedLabels, cur.Label) + } + } + prev.CreatedUnix = cur.CreatedUnix + // remove the current comment since it has been combined to prev comment + issue.Comments = append(issue.Comments[:i], issue.Comments[i+1:]...) + i-- + } else { // if prev is not a label comment, start a new group + if cur.Content != "1" { + cur.RemovedLabels = append(cur.RemovedLabels, cur.Label) + } else { + cur.AddedLabels = append(cur.AddedLabels, cur.Label) + } + } + } + } +} + +// ViewIssue render issue view page +func ViewIssue(ctx *context.Context) { + if ctx.PathParam(":type") == "issues" { + // If issue was requested we check if repo has external tracker and redirect + extIssueUnit, err := ctx.Repo.Repository.GetUnit(ctx, unit.TypeExternalTracker) + if err == nil && extIssueUnit != nil { + if extIssueUnit.ExternalTrackerConfig().ExternalTrackerStyle == markup.IssueNameStyleNumeric || extIssueUnit.ExternalTrackerConfig().ExternalTrackerStyle == "" { + metas := ctx.Repo.Repository.ComposeMetas(ctx) + metas["index"] = ctx.PathParam(":index") + res, err := vars.Expand(extIssueUnit.ExternalTrackerConfig().ExternalTrackerFormat, metas) + if err != nil { + log.Error("unable to expand template vars for issue url. issue: %s, err: %v", metas["index"], err) + ctx.ServerError("Expand", err) + return + } + ctx.Redirect(res) + return + } + } else if err != nil && !repo_model.IsErrUnitTypeNotExist(err) { + ctx.ServerError("GetUnit", err) + return + } + } + + issue, err := issues_model.GetIssueByIndex(ctx, ctx.Repo.Repository.ID, ctx.PathParamInt64(":index")) + if err != nil { + if issues_model.IsErrIssueNotExist(err) { + ctx.NotFound("GetIssueByIndex", err) + } else { + ctx.ServerError("GetIssueByIndex", err) + } + return + } + if issue.Repo == nil { + issue.Repo = ctx.Repo.Repository + } + + // Make sure type and URL matches. + if ctx.PathParam(":type") == "issues" && issue.IsPull { + ctx.Redirect(issue.Link()) + return + } else if ctx.PathParam(":type") == "pulls" && !issue.IsPull { + ctx.Redirect(issue.Link()) + return + } + + if issue.IsPull { + MustAllowPulls(ctx) + if ctx.Written() { + return + } + ctx.Data["PageIsPullList"] = true + ctx.Data["PageIsPullConversation"] = true + } else { + MustEnableIssues(ctx) + if ctx.Written() { + return + } + ctx.Data["PageIsIssueList"] = true + ctx.Data["NewIssueChooseTemplate"] = issue_service.HasTemplatesOrContactLinks(ctx.Repo.Repository, ctx.Repo.GitRepo) + } + + if issue.IsPull && !ctx.Repo.CanRead(unit.TypeIssues) { + ctx.Data["IssueDependencySearchType"] = "pulls" + } else if !issue.IsPull && !ctx.Repo.CanRead(unit.TypePullRequests) { + ctx.Data["IssueDependencySearchType"] = "issues" + } else { + ctx.Data["IssueDependencySearchType"] = "all" + } + + ctx.Data["IsProjectsEnabled"] = ctx.Repo.CanRead(unit.TypeProjects) + ctx.Data["IsAttachmentEnabled"] = setting.Attachment.Enabled + upload.AddUploadContext(ctx, "comment") + + if err = issue.LoadAttributes(ctx); err != nil { + ctx.ServerError("LoadAttributes", err) + return + } + + if err = filterXRefComments(ctx, issue); err != nil { + ctx.ServerError("filterXRefComments", err) + return + } + + ctx.Data["Title"] = fmt.Sprintf("#%d - %s", issue.Index, emoji.ReplaceAliases(issue.Title)) + + iw := new(issues_model.IssueWatch) + if ctx.Doer != nil { + iw.UserID = ctx.Doer.ID + iw.IssueID = issue.ID + iw.IsWatching, err = issues_model.CheckIssueWatch(ctx, ctx.Doer, issue) + if err != nil { + ctx.ServerError("CheckIssueWatch", err) + return + } + } + ctx.Data["IssueWatch"] = iw + issue.RenderedContent, err = markdown.RenderString(&markup.RenderContext{ + Links: markup.Links{ + Base: ctx.Repo.RepoLink, + }, + Metas: ctx.Repo.Repository.ComposeMetas(ctx), + GitRepo: ctx.Repo.GitRepo, + Repo: ctx.Repo.Repository, + Ctx: ctx, + }, issue.Content) + if err != nil { + ctx.ServerError("RenderString", err) + return + } + + repo := ctx.Repo.Repository + + // Get more information if it's a pull request. + if issue.IsPull { + if issue.PullRequest.HasMerged { + ctx.Data["DisableStatusChange"] = issue.PullRequest.HasMerged + PrepareMergedViewPullInfo(ctx, issue) + } else { + PrepareViewPullInfo(ctx, issue) + ctx.Data["DisableStatusChange"] = ctx.Data["IsPullRequestBroken"] == true && issue.IsClosed + } + if ctx.Written() { + return + } + } + + pageMetaData := retrieveRepoIssueMetaData(ctx, repo, issue, issue.IsPull) + if ctx.Written() { + return + } + pageMetaData.LabelsData.SetSelectedLabels(issue.Labels) + + if ctx.IsSigned { + // Update issue-user. + if err = activities_model.SetIssueReadBy(ctx, issue.ID, ctx.Doer.ID); err != nil { + ctx.ServerError("ReadBy", err) + return + } + } + + var ( + role issues_model.RoleDescriptor + ok bool + marked = make(map[int64]issues_model.RoleDescriptor) + comment *issues_model.Comment + participants = make([]*user_model.User, 1, 10) + latestCloseCommentID int64 + ) + if ctx.Repo.Repository.IsTimetrackerEnabled(ctx) { + if ctx.IsSigned { + // Deal with the stopwatch + ctx.Data["IsStopwatchRunning"] = issues_model.StopwatchExists(ctx, ctx.Doer.ID, issue.ID) + if !ctx.Data["IsStopwatchRunning"].(bool) { + var exists bool + var swIssue *issues_model.Issue + if exists, _, swIssue, err = issues_model.HasUserStopwatch(ctx, ctx.Doer.ID); err != nil { + ctx.ServerError("HasUserStopwatch", err) + return + } + ctx.Data["HasUserStopwatch"] = exists + if exists { + // Add warning if the user has already a stopwatch + // Add link to the issue of the already running stopwatch + ctx.Data["OtherStopwatchURL"] = swIssue.Link() + } + } + ctx.Data["CanUseTimetracker"] = ctx.Repo.CanUseTimetracker(ctx, issue, ctx.Doer) + } else { + ctx.Data["CanUseTimetracker"] = false + } + if ctx.Data["WorkingUsers"], err = issues_model.TotalTimesForEachUser(ctx, &issues_model.FindTrackedTimesOptions{IssueID: issue.ID}); err != nil { + ctx.ServerError("TotalTimesForEachUser", err) + return + } + } + + // Check if the user can use the dependencies + ctx.Data["CanCreateIssueDependencies"] = ctx.Repo.CanCreateIssueDependencies(ctx, ctx.Doer, issue.IsPull) + + // check if dependencies can be created across repositories + ctx.Data["AllowCrossRepositoryDependencies"] = setting.Service.AllowCrossRepositoryDependencies + + if issue.ShowRole, err = roleDescriptor(ctx, repo, issue.Poster, issue, issue.HasOriginalAuthor()); err != nil { + ctx.ServerError("roleDescriptor", err) + return + } + marked[issue.PosterID] = issue.ShowRole + + // Render comments and fetch participants. + participants[0] = issue.Poster + + if err := issue.Comments.LoadAttachmentsByIssue(ctx); err != nil { + ctx.ServerError("LoadAttachmentsByIssue", err) + return + } + if err := issue.Comments.LoadPosters(ctx); err != nil { + ctx.ServerError("LoadPosters", err) + return + } + + for _, comment = range issue.Comments { + comment.Issue = issue + + if comment.Type == issues_model.CommentTypeComment || comment.Type == issues_model.CommentTypeReview { + comment.RenderedContent, err = markdown.RenderString(&markup.RenderContext{ + Links: markup.Links{ + Base: ctx.Repo.RepoLink, + }, + Metas: ctx.Repo.Repository.ComposeMetas(ctx), + GitRepo: ctx.Repo.GitRepo, + Repo: ctx.Repo.Repository, + Ctx: ctx, + }, comment.Content) + if err != nil { + ctx.ServerError("RenderString", err) + return + } + // Check tag. + role, ok = marked[comment.PosterID] + if ok { + comment.ShowRole = role + continue + } + + comment.ShowRole, err = roleDescriptor(ctx, repo, comment.Poster, issue, comment.HasOriginalAuthor()) + if err != nil { + ctx.ServerError("roleDescriptor", err) + return + } + marked[comment.PosterID] = comment.ShowRole + participants = addParticipant(comment.Poster, participants) + } else if comment.Type == issues_model.CommentTypeLabel { + if err = comment.LoadLabel(ctx); err != nil { + ctx.ServerError("LoadLabel", err) + return + } + } else if comment.Type == issues_model.CommentTypeMilestone { + if err = comment.LoadMilestone(ctx); err != nil { + ctx.ServerError("LoadMilestone", err) + return + } + ghostMilestone := &issues_model.Milestone{ + ID: -1, + Name: ctx.Locale.TrString("repo.issues.deleted_milestone"), + } + if comment.OldMilestoneID > 0 && comment.OldMilestone == nil { + comment.OldMilestone = ghostMilestone + } + if comment.MilestoneID > 0 && comment.Milestone == nil { + comment.Milestone = ghostMilestone + } + } else if comment.Type == issues_model.CommentTypeProject { + if err = comment.LoadProject(ctx); err != nil { + ctx.ServerError("LoadProject", err) + return + } + + ghostProject := &project_model.Project{ + ID: project_model.GhostProjectID, + Title: ctx.Locale.TrString("repo.issues.deleted_project"), + } + + if comment.OldProjectID > 0 && comment.OldProject == nil { + comment.OldProject = ghostProject + } + + if comment.ProjectID > 0 && comment.Project == nil { + comment.Project = ghostProject + } + } else if comment.Type == issues_model.CommentTypeProjectColumn { + if err = comment.LoadProject(ctx); err != nil { + ctx.ServerError("LoadProject", err) + return + } + } else if comment.Type == issues_model.CommentTypeAssignees || comment.Type == issues_model.CommentTypeReviewRequest { + if err = comment.LoadAssigneeUserAndTeam(ctx); err != nil { + ctx.ServerError("LoadAssigneeUserAndTeam", err) + return + } + } else if comment.Type == issues_model.CommentTypeRemoveDependency || comment.Type == issues_model.CommentTypeAddDependency { + if err = comment.LoadDepIssueDetails(ctx); err != nil { + if !issues_model.IsErrIssueNotExist(err) { + ctx.ServerError("LoadDepIssueDetails", err) + return + } + } + } else if comment.Type.HasContentSupport() { + comment.RenderedContent, err = markdown.RenderString(&markup.RenderContext{ + Links: markup.Links{ + Base: ctx.Repo.RepoLink, + }, + Metas: ctx.Repo.Repository.ComposeMetas(ctx), + GitRepo: ctx.Repo.GitRepo, + Repo: ctx.Repo.Repository, + Ctx: ctx, + }, comment.Content) + if err != nil { + ctx.ServerError("RenderString", err) + return + } + if err = comment.LoadReview(ctx); err != nil && !issues_model.IsErrReviewNotExist(err) { + ctx.ServerError("LoadReview", err) + return + } + participants = addParticipant(comment.Poster, participants) + if comment.Review == nil { + continue + } + if err = comment.Review.LoadAttributes(ctx); err != nil { + if !user_model.IsErrUserNotExist(err) { + ctx.ServerError("Review.LoadAttributes", err) + return + } + comment.Review.Reviewer = user_model.NewGhostUser() + } + if err = comment.Review.LoadCodeComments(ctx); err != nil { + ctx.ServerError("Review.LoadCodeComments", err) + return + } + for _, codeComments := range comment.Review.CodeComments { + for _, lineComments := range codeComments { + for _, c := range lineComments { + // Check tag. + role, ok = marked[c.PosterID] + if ok { + c.ShowRole = role + continue + } + + c.ShowRole, err = roleDescriptor(ctx, repo, c.Poster, issue, c.HasOriginalAuthor()) + if err != nil { + ctx.ServerError("roleDescriptor", err) + return + } + marked[c.PosterID] = c.ShowRole + participants = addParticipant(c.Poster, participants) + } + } + } + if err = comment.LoadResolveDoer(ctx); err != nil { + ctx.ServerError("LoadResolveDoer", err) + return + } + } else if comment.Type == issues_model.CommentTypePullRequestPush { + participants = addParticipant(comment.Poster, participants) + if err = comment.LoadPushCommits(ctx); err != nil { + ctx.ServerError("LoadPushCommits", err) + return + } + if !ctx.Repo.CanRead(unit.TypeActions) { + for _, commit := range comment.Commits { + commit.Status.HideActionsURL(ctx) + git_model.CommitStatusesHideActionsURL(ctx, commit.Statuses) + } + } + } else if comment.Type == issues_model.CommentTypeAddTimeManual || + comment.Type == issues_model.CommentTypeStopTracking || + comment.Type == issues_model.CommentTypeDeleteTimeManual { + // drop error since times could be pruned from DB.. + _ = comment.LoadTime(ctx) + if comment.Content != "" { + // Content before v1.21 did store the formatted string instead of seconds, + // so "|" is used as delimiter to mark the new format + if comment.Content[0] != '|' { + // handle old time comments that have formatted text stored + comment.RenderedContent = templates.SanitizeHTML(comment.Content) + comment.Content = "" + } else { + // else it's just a duration in seconds to pass on to the frontend + comment.Content = comment.Content[1:] + } + } + } + + if comment.Type == issues_model.CommentTypeClose || comment.Type == issues_model.CommentTypeMergePull { + // record ID of the latest closed/merged comment. + // if PR is closed, the comments whose type is CommentTypePullRequestPush(29) after latestCloseCommentID won't be rendered. + latestCloseCommentID = comment.ID + } + } + + ctx.Data["LatestCloseCommentID"] = latestCloseCommentID + + // Combine multiple label assignments into a single comment + combineLabelComments(issue) + + getBranchData(ctx, issue) + if issue.IsPull { + pull := issue.PullRequest + pull.Issue = issue + canDelete := false + allowMerge := false + canWriteToHeadRepo := false + + if ctx.IsSigned { + if err := pull.LoadHeadRepo(ctx); err != nil { + log.Error("LoadHeadRepo: %v", err) + } else if pull.HeadRepo != nil { + perm, err := access_model.GetUserRepoPermission(ctx, pull.HeadRepo, ctx.Doer) + if err != nil { + ctx.ServerError("GetUserRepoPermission", err) + return + } + if perm.CanWrite(unit.TypeCode) { + // Check if branch is not protected + if pull.HeadBranch != pull.HeadRepo.DefaultBranch { + if protected, err := git_model.IsBranchProtected(ctx, pull.HeadRepo.ID, pull.HeadBranch); err != nil { + log.Error("IsProtectedBranch: %v", err) + } else if !protected { + canDelete = true + ctx.Data["DeleteBranchLink"] = issue.Link() + "/cleanup" + } + } + canWriteToHeadRepo = true + } + } + + if err := pull.LoadBaseRepo(ctx); err != nil { + log.Error("LoadBaseRepo: %v", err) + } + perm, err := access_model.GetUserRepoPermission(ctx, pull.BaseRepo, ctx.Doer) + if err != nil { + ctx.ServerError("GetUserRepoPermission", err) + return + } + if !canWriteToHeadRepo { // maintainers maybe allowed to push to head repo even if they can't write to it + canWriteToHeadRepo = pull.AllowMaintainerEdit && perm.CanWrite(unit.TypeCode) + } + allowMerge, err = pull_service.IsUserAllowedToMerge(ctx, pull, perm, ctx.Doer) + if err != nil { + ctx.ServerError("IsUserAllowedToMerge", err) + return + } + + if ctx.Data["CanMarkConversation"], err = issues_model.CanMarkConversation(ctx, issue, ctx.Doer); err != nil { + ctx.ServerError("CanMarkConversation", err) + return + } + } + + ctx.Data["CanWriteToHeadRepo"] = canWriteToHeadRepo + ctx.Data["ShowMergeInstructions"] = canWriteToHeadRepo + ctx.Data["AllowMerge"] = allowMerge + + prUnit, err := repo.GetUnit(ctx, unit.TypePullRequests) + if err != nil { + ctx.ServerError("GetUnit", err) + return + } + prConfig := prUnit.PullRequestsConfig() + + ctx.Data["AutodetectManualMerge"] = prConfig.AutodetectManualMerge + + var mergeStyle repo_model.MergeStyle + // Check correct values and select default + if ms, ok := ctx.Data["MergeStyle"].(repo_model.MergeStyle); !ok || + !prConfig.IsMergeStyleAllowed(ms) { + defaultMergeStyle := prConfig.GetDefaultMergeStyle() + if prConfig.IsMergeStyleAllowed(defaultMergeStyle) && !ok { + mergeStyle = defaultMergeStyle + } else if prConfig.AllowMerge { + mergeStyle = repo_model.MergeStyleMerge + } else if prConfig.AllowRebase { + mergeStyle = repo_model.MergeStyleRebase + } else if prConfig.AllowRebaseMerge { + mergeStyle = repo_model.MergeStyleRebaseMerge + } else if prConfig.AllowSquash { + mergeStyle = repo_model.MergeStyleSquash + } else if prConfig.AllowFastForwardOnly { + mergeStyle = repo_model.MergeStyleFastForwardOnly + } else if prConfig.AllowManualMerge { + mergeStyle = repo_model.MergeStyleManuallyMerged + } + } + + ctx.Data["MergeStyle"] = mergeStyle + + defaultMergeMessage, defaultMergeBody, err := pull_service.GetDefaultMergeMessage(ctx, ctx.Repo.GitRepo, pull, mergeStyle) + if err != nil { + ctx.ServerError("GetDefaultMergeMessage", err) + return + } + ctx.Data["DefaultMergeMessage"] = defaultMergeMessage + ctx.Data["DefaultMergeBody"] = defaultMergeBody + + defaultSquashMergeMessage, defaultSquashMergeBody, err := pull_service.GetDefaultMergeMessage(ctx, ctx.Repo.GitRepo, pull, repo_model.MergeStyleSquash) + if err != nil { + ctx.ServerError("GetDefaultSquashMergeMessage", err) + return + } + ctx.Data["DefaultSquashMergeMessage"] = defaultSquashMergeMessage + ctx.Data["DefaultSquashMergeBody"] = defaultSquashMergeBody + + pb, err := git_model.GetFirstMatchProtectedBranchRule(ctx, pull.BaseRepoID, pull.BaseBranch) + if err != nil { + ctx.ServerError("LoadProtectedBranch", err) + return + } + + if pb != nil { + pb.Repo = pull.BaseRepo + ctx.Data["ProtectedBranch"] = pb + ctx.Data["IsBlockedByApprovals"] = !issues_model.HasEnoughApprovals(ctx, pb, pull) + ctx.Data["IsBlockedByRejection"] = issues_model.MergeBlockedByRejectedReview(ctx, pb, pull) + ctx.Data["IsBlockedByOfficialReviewRequests"] = issues_model.MergeBlockedByOfficialReviewRequests(ctx, pb, pull) + ctx.Data["IsBlockedByOutdatedBranch"] = issues_model.MergeBlockedByOutdatedBranch(pb, pull) + ctx.Data["GrantedApprovals"] = issues_model.GetGrantedApprovalsCount(ctx, pb, pull) + ctx.Data["RequireSigned"] = pb.RequireSignedCommits + ctx.Data["ChangedProtectedFiles"] = pull.ChangedProtectedFiles + ctx.Data["IsBlockedByChangedProtectedFiles"] = len(pull.ChangedProtectedFiles) != 0 + ctx.Data["ChangedProtectedFilesNum"] = len(pull.ChangedProtectedFiles) + ctx.Data["RequireApprovalsWhitelist"] = pb.EnableApprovalsWhitelist + } + ctx.Data["WillSign"] = false + if ctx.Doer != nil { + sign, key, _, err := asymkey_service.SignMerge(ctx, pull, ctx.Doer, pull.BaseRepo.RepoPath(), pull.BaseBranch, pull.GetGitRefName()) + ctx.Data["WillSign"] = sign + ctx.Data["SigningKey"] = key + if err != nil { + if asymkey_service.IsErrWontSign(err) { + ctx.Data["WontSignReason"] = err.(*asymkey_service.ErrWontSign).Reason + } else { + ctx.Data["WontSignReason"] = "error" + log.Error("Error whilst checking if could sign pr %d in repo %s. Error: %v", pull.ID, pull.BaseRepo.FullName(), err) + } + } + } else { + ctx.Data["WontSignReason"] = "not_signed_in" + } + + isPullBranchDeletable := canDelete && + pull.HeadRepo != nil && + git.IsBranchExist(ctx, pull.HeadRepo.RepoPath(), pull.HeadBranch) && + (!pull.HasMerged || ctx.Data["HeadBranchCommitID"] == ctx.Data["PullHeadCommitID"]) + + if isPullBranchDeletable && pull.HasMerged { + exist, err := issues_model.HasUnmergedPullRequestsByHeadInfo(ctx, pull.HeadRepoID, pull.HeadBranch) + if err != nil { + ctx.ServerError("HasUnmergedPullRequestsByHeadInfo", err) + return + } + + isPullBranchDeletable = !exist + } + ctx.Data["IsPullBranchDeletable"] = isPullBranchDeletable + + stillCanManualMerge := func() bool { + if pull.HasMerged || issue.IsClosed || !ctx.IsSigned { + return false + } + if pull.CanAutoMerge() || pull.IsWorkInProgress(ctx) || pull.IsChecking() { + return false + } + if allowMerge && prConfig.AllowManualMerge { + return true + } + + return false + } + + ctx.Data["StillCanManualMerge"] = stillCanManualMerge() + + // Check if there is a pending pr merge + ctx.Data["HasPendingPullRequestMerge"], ctx.Data["PendingPullRequestMerge"], err = pull_model.GetScheduledMergeByPullID(ctx, pull.ID) + if err != nil { + ctx.ServerError("GetScheduledMergeByPullID", err) + return + } + } + + // Get Dependencies + blockedBy, err := issue.BlockedByDependencies(ctx, db.ListOptions{}) + if err != nil { + ctx.ServerError("BlockedByDependencies", err) + return + } + ctx.Data["BlockedByDependencies"], ctx.Data["BlockedByDependenciesNotPermitted"] = checkBlockedByIssues(ctx, blockedBy) + if ctx.Written() { + return + } + + blocking, err := issue.BlockingDependencies(ctx) + if err != nil { + ctx.ServerError("BlockingDependencies", err) + return + } + + ctx.Data["BlockingDependencies"], ctx.Data["BlockingDependenciesNotPermitted"] = checkBlockedByIssues(ctx, blocking) + if ctx.Written() { + return + } + + var pinAllowed bool + if !issue.IsPinned() { + pinAllowed, err = issues_model.IsNewPinAllowed(ctx, issue.RepoID, issue.IsPull) + if err != nil { + ctx.ServerError("IsNewPinAllowed", err) + return + } + } else { + pinAllowed = true + } + + ctx.Data["Participants"] = participants + ctx.Data["NumParticipants"] = len(participants) + ctx.Data["Issue"] = issue + ctx.Data["Reference"] = issue.Ref + ctx.Data["SignInLink"] = setting.AppSubURL + "/user/login?redirect_to=" + url.QueryEscape(ctx.Data["Link"].(string)) + ctx.Data["IsIssuePoster"] = ctx.IsSigned && issue.IsPoster(ctx.Doer.ID) + ctx.Data["HasIssuesOrPullsWritePermission"] = ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) + ctx.Data["HasProjectsWritePermission"] = ctx.Repo.CanWrite(unit.TypeProjects) + ctx.Data["IsRepoAdmin"] = ctx.IsSigned && (ctx.Repo.IsAdmin() || ctx.Doer.IsAdmin) + ctx.Data["LockReasons"] = setting.Repository.Issue.LockReasons + ctx.Data["RefEndName"] = git.RefName(issue.Ref).ShortName() + ctx.Data["NewPinAllowed"] = pinAllowed + ctx.Data["PinEnabled"] = setting.Repository.Issue.MaxPinned != 0 + + var hiddenCommentTypes *big.Int + if ctx.IsSigned { + val, err := user_model.GetUserSetting(ctx, ctx.Doer.ID, user_model.SettingsKeyHiddenCommentTypes) + if err != nil { + ctx.ServerError("GetUserSetting", err) + return + } + hiddenCommentTypes, _ = new(big.Int).SetString(val, 10) // we can safely ignore the failed conversion here + } + ctx.Data["ShouldShowCommentType"] = func(commentType issues_model.CommentType) bool { + return hiddenCommentTypes == nil || hiddenCommentTypes.Bit(int(commentType)) == 0 + } + // For sidebar + PrepareBranchList(ctx) + + if ctx.Written() { + return + } + + tags, err := repo_model.GetTagNamesByRepoID(ctx, ctx.Repo.Repository.ID) + if err != nil { + ctx.ServerError("GetTagNamesByRepoID", err) + return + } + ctx.Data["Tags"] = tags + + ctx.Data["CanBlockUser"] = func(blocker, blockee *user_model.User) bool { + return user_service.CanBlockUser(ctx, ctx.Doer, blocker, blockee) + } + + ctx.HTML(http.StatusOK, tplIssueView) +} diff --git a/routers/web/repo/pull_review.go b/routers/web/repo/pull_review.go index 62f6d71c5e..aa2e689e42 100644 --- a/routers/web/repo/pull_review.go +++ b/routers/web/repo/pull_review.go @@ -9,6 +9,7 @@ import ( "net/http" issues_model "code.gitea.io/gitea/models/issues" + "code.gitea.io/gitea/models/organization" pull_model "code.gitea.io/gitea/models/pull" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/base" @@ -19,6 +20,7 @@ import ( "code.gitea.io/gitea/services/context" "code.gitea.io/gitea/services/context/upload" "code.gitea.io/gitea/services/forms" + issue_service "code.gitea.io/gitea/services/issue" pull_service "code.gitea.io/gitea/services/pull" user_service "code.gitea.io/gitea/services/user" ) @@ -332,3 +334,118 @@ func UpdateViewedFiles(ctx *context.Context) { ctx.ServerError("UpdateReview", err) } } + +// UpdatePullReviewRequest add or remove review request +func UpdatePullReviewRequest(ctx *context.Context) { + issues := getActionIssues(ctx) + if ctx.Written() { + return + } + + reviewID := ctx.FormInt64("id") + action := ctx.FormString("action") + + // TODO: Not support 'clear' now + if action != "attach" && action != "detach" { + ctx.Status(http.StatusForbidden) + return + } + + for _, issue := range issues { + if err := issue.LoadRepo(ctx); err != nil { + ctx.ServerError("issue.LoadRepo", err) + return + } + + if !issue.IsPull { + log.Warn( + "UpdatePullReviewRequest: refusing to add review request for non-PR issue %-v#%d", + issue.Repo, issue.Index, + ) + ctx.Status(http.StatusForbidden) + return + } + if reviewID < 0 { + // negative reviewIDs represent team requests + if err := issue.Repo.LoadOwner(ctx); err != nil { + ctx.ServerError("issue.Repo.LoadOwner", err) + return + } + + if !issue.Repo.Owner.IsOrganization() { + log.Warn( + "UpdatePullReviewRequest: refusing to add team review request for %s#%d owned by non organization UID[%d]", + issue.Repo.FullName(), issue.Index, issue.Repo.ID, + ) + ctx.Status(http.StatusForbidden) + return + } + + team, err := organization.GetTeamByID(ctx, -reviewID) + if err != nil { + ctx.ServerError("GetTeamByID", err) + return + } + + if team.OrgID != issue.Repo.OwnerID { + log.Warn( + "UpdatePullReviewRequest: refusing to add team review request for UID[%d] team %s to %s#%d owned by UID[%d]", + team.OrgID, team.Name, issue.Repo.FullName(), issue.Index, issue.Repo.ID) + ctx.Status(http.StatusForbidden) + return + } + + _, err = issue_service.TeamReviewRequest(ctx, issue, ctx.Doer, team, action == "attach") + if err != nil { + if issues_model.IsErrNotValidReviewRequest(err) { + log.Warn( + "UpdatePullReviewRequest: refusing to add invalid team review request for UID[%d] team %s to %s#%d owned by UID[%d]: Error: %v", + team.OrgID, team.Name, issue.Repo.FullName(), issue.Index, issue.Repo.ID, + err, + ) + ctx.Status(http.StatusForbidden) + return + } + ctx.ServerError("TeamReviewRequest", err) + return + } + continue + } + + reviewer, err := user_model.GetUserByID(ctx, reviewID) + if err != nil { + if user_model.IsErrUserNotExist(err) { + log.Warn( + "UpdatePullReviewRequest: requested reviewer [%d] for %-v to %-v#%d is not exist: Error: %v", + reviewID, issue.Repo, issue.Index, + err, + ) + ctx.Status(http.StatusForbidden) + return + } + ctx.ServerError("GetUserByID", err) + return + } + + _, err = issue_service.ReviewRequest(ctx, issue, ctx.Doer, &ctx.Repo.Permission, reviewer, action == "attach") + if err != nil { + if issues_model.IsErrNotValidReviewRequest(err) { + log.Warn( + "UpdatePullReviewRequest: refusing to add invalid review request for %-v to %-v#%d: Error: %v", + reviewer, issue.Repo, issue.Index, + err, + ) + ctx.Status(http.StatusForbidden) + return + } + if issues_model.IsErrReviewRequestOnClosedPR(err) { + ctx.Status(http.StatusForbidden) + return + } + ctx.ServerError("ReviewRequest", err) + return + } + } + + ctx.JSONOK() +} From f888e45432ccb86b18e6709fbd25223e07f2c422 Mon Sep 17 00:00:00 2001 From: ChristopherHX Date: Mon, 11 Nov 2024 05:58:37 +0100 Subject: [PATCH 5/9] Harden runner updateTask and updateLog api (#32462) Per proposal https://github.com/go-gitea/gitea/issues/32461 --- models/actions/task.go | 4 +++- routers/api/actions/runner/runner.go | 8 +++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/models/actions/task.go b/models/actions/task.go index b62a0c351b..af74faf937 100644 --- a/models/actions/task.go +++ b/models/actions/task.go @@ -341,7 +341,7 @@ func UpdateTask(ctx context.Context, task *ActionTask, cols ...string) error { // UpdateTaskByState updates the task by the state. // It will always update the task if the state is not final, even there is no change. // So it will update ActionTask.Updated to avoid the task being judged as a zombie task. -func UpdateTaskByState(ctx context.Context, state *runnerv1.TaskState) (*ActionTask, error) { +func UpdateTaskByState(ctx context.Context, runnerID int64, state *runnerv1.TaskState) (*ActionTask, error) { stepStates := map[int64]*runnerv1.StepState{} for _, v := range state.Steps { stepStates[v.Id] = v @@ -360,6 +360,8 @@ func UpdateTaskByState(ctx context.Context, state *runnerv1.TaskState) (*ActionT return nil, err } else if !has { return nil, util.ErrNotExist + } else if runnerID != task.RunnerID { + return nil, fmt.Errorf("invalid runner for task") } if task.Status.IsDone() { diff --git a/routers/api/actions/runner/runner.go b/routers/api/actions/runner/runner.go index d4078d8af2..8f365cc926 100644 --- a/routers/api/actions/runner/runner.go +++ b/routers/api/actions/runner/runner.go @@ -175,7 +175,9 @@ func (s *Service) UpdateTask( ctx context.Context, req *connect.Request[runnerv1.UpdateTaskRequest], ) (*connect.Response[runnerv1.UpdateTaskResponse], error) { - task, err := actions_model.UpdateTaskByState(ctx, req.Msg.State) + runner := GetRunner(ctx) + + task, err := actions_model.UpdateTaskByState(ctx, runner.ID, req.Msg.State) if err != nil { return nil, status.Errorf(codes.Internal, "update task: %v", err) } @@ -237,11 +239,15 @@ func (s *Service) UpdateLog( ctx context.Context, req *connect.Request[runnerv1.UpdateLogRequest], ) (*connect.Response[runnerv1.UpdateLogResponse], error) { + runner := GetRunner(ctx) + res := connect.NewResponse(&runnerv1.UpdateLogResponse{}) task, err := actions_model.GetTaskByID(ctx, req.Msg.TaskId) if err != nil { return nil, status.Errorf(codes.Internal, "get task: %v", err) + } else if runner.ID != task.RunnerID { + return nil, status.Errorf(codes.Internal, "invalid runner for task") } ack := task.LogLength From f35e2b0cd1aaee389e4efda5a54976520b9bd4cb Mon Sep 17 00:00:00 2001 From: silverwind Date: Mon, 11 Nov 2024 12:13:57 +0100 Subject: [PATCH 6/9] Fix a number of typescript issues (#32459) Fixes 69 typescript errors found in the `admin` and `markup` folders. --------- Co-authored-by: Giteabot --- web_src/js/features/admin/common.ts | 105 +++++++++++++------------ web_src/js/features/admin/config.ts | 10 +-- web_src/js/features/admin/emails.ts | 7 +- web_src/js/features/admin/selfcheck.ts | 6 +- web_src/js/features/admin/users.ts | 12 +-- web_src/js/markup/anchors.ts | 20 ++--- web_src/js/markup/codecopy.ts | 4 +- web_src/js/markup/common.ts | 4 +- web_src/js/markup/content.ts | 4 +- web_src/js/markup/html2markdown.ts | 34 ++++---- web_src/js/markup/math.ts | 4 +- web_src/js/markup/mermaid.ts | 2 +- web_src/js/markup/tasklist.ts | 8 +- web_src/js/svg.ts | 2 +- 14 files changed, 109 insertions(+), 113 deletions(-) diff --git a/web_src/js/features/admin/common.ts b/web_src/js/features/admin/common.ts index 934a30a3ee..6c725a3efe 100644 --- a/web_src/js/features/admin/common.ts +++ b/web_src/js/features/admin/common.ts @@ -5,15 +5,15 @@ import {POST} from '../../modules/fetch.ts'; const {appSubUrl} = window.config; -function onSecurityProtocolChange() { - if (Number(document.querySelector('#security_protocol')?.value) > 0) { +function onSecurityProtocolChange(): void { + if (Number(document.querySelector('#security_protocol')?.value) > 0) { showElem('.has-tls'); } else { hideElem('.has-tls'); } } -export function initAdminCommon() { +export function initAdminCommon(): void { if (!document.querySelector('.page-content.admin')) return; // check whether appUrl(ROOT_URL) is correct, if not, show an error message @@ -21,34 +21,34 @@ export function initAdminCommon() { // New user if ($('.admin.new.user').length > 0 || $('.admin.edit.user').length > 0) { - document.querySelector('#login_type')?.addEventListener('change', function () { - if (this.value?.substring(0, 1) === '0') { - document.querySelector('#user_name')?.removeAttribute('disabled'); - document.querySelector('#login_name')?.removeAttribute('required'); + document.querySelector('#login_type')?.addEventListener('change', function () { + if (this.value?.startsWith('0')) { + document.querySelector('#user_name')?.removeAttribute('disabled'); + document.querySelector('#login_name')?.removeAttribute('required'); hideElem('.non-local'); showElem('.local'); - document.querySelector('#user_name')?.focus(); + document.querySelector('#user_name')?.focus(); if (this.getAttribute('data-password') === 'required') { document.querySelector('#password')?.setAttribute('required', 'required'); } } else { - if (document.querySelector('.admin.edit.user')) { - document.querySelector('#user_name')?.setAttribute('disabled', 'disabled'); + if (document.querySelector('.admin.edit.user')) { + document.querySelector('#user_name')?.setAttribute('disabled', 'disabled'); } - document.querySelector('#login_name')?.setAttribute('required', 'required'); + document.querySelector('#login_name')?.setAttribute('required', 'required'); showElem('.non-local'); hideElem('.local'); - document.querySelector('#login_name')?.focus(); + document.querySelector('#login_name')?.focus(); - document.querySelector('#password')?.removeAttribute('required'); + document.querySelector('#password')?.removeAttribute('required'); } }); } function onUsePagedSearchChange() { - const searchPageSizeElements = document.querySelectorAll('.search-page-size'); - if (document.querySelector('#use_paged_search').checked) { + const searchPageSizeElements = document.querySelectorAll('.search-page-size'); + if (document.querySelector('#use_paged_search').checked) { showElem('.search-page-size'); for (const el of searchPageSizeElements) { el.querySelector('input')?.setAttribute('required', 'required'); @@ -61,20 +61,20 @@ export function initAdminCommon() { } } - function onOAuth2Change(applyDefaultValues) { + function onOAuth2Change(applyDefaultValues: boolean) { hideElem('.open_id_connect_auto_discovery_url, .oauth2_use_custom_url'); - for (const input of document.querySelectorAll('.open_id_connect_auto_discovery_url input[required]')) { + for (const input of document.querySelectorAll('.open_id_connect_auto_discovery_url input[required]')) { input.removeAttribute('required'); } - const provider = document.querySelector('#oauth2_provider').value; + const provider = document.querySelector('#oauth2_provider').value; switch (provider) { case 'openidConnect': - document.querySelector('.open_id_connect_auto_discovery_url input').setAttribute('required', 'required'); + document.querySelector('.open_id_connect_auto_discovery_url input').setAttribute('required', 'required'); showElem('.open_id_connect_auto_discovery_url'); break; default: { - const elProviderCustomUrlSettings = document.querySelector(`#${provider}_customURLSettings`); + const elProviderCustomUrlSettings = document.querySelector(`#${provider}_customURLSettings`); if (!elProviderCustomUrlSettings) break; // some providers do not have custom URL settings const couldChangeCustomURLs = elProviderCustomUrlSettings.getAttribute('data-available') === 'true'; const mustProvideCustomURLs = elProviderCustomUrlSettings.getAttribute('data-required') === 'true'; @@ -82,7 +82,7 @@ export function initAdminCommon() { showElem('.oauth2_use_custom_url'); // show the checkbox } if (mustProvideCustomURLs) { - document.querySelector('#oauth2_use_custom_url').checked = true; // make the checkbox checked + document.querySelector('#oauth2_use_custom_url').checked = true; // make the checkbox checked } break; } @@ -91,17 +91,17 @@ export function initAdminCommon() { } function onOAuth2UseCustomURLChange(applyDefaultValues) { - const provider = document.querySelector('#oauth2_provider').value; + const provider = document.querySelector('#oauth2_provider').value; hideElem('.oauth2_use_custom_url_field'); - for (const input of document.querySelectorAll('.oauth2_use_custom_url_field input[required]')) { + for (const input of document.querySelectorAll('.oauth2_use_custom_url_field input[required]')) { input.removeAttribute('required'); } const elProviderCustomUrlSettings = document.querySelector(`#${provider}_customURLSettings`); - if (elProviderCustomUrlSettings && document.querySelector('#oauth2_use_custom_url').checked) { + if (elProviderCustomUrlSettings && document.querySelector('#oauth2_use_custom_url').checked) { for (const custom of ['token_url', 'auth_url', 'profile_url', 'email_url', 'tenant']) { if (applyDefaultValues) { - document.querySelector(`#oauth2_${custom}`).value = document.querySelector(`#${provider}_${custom}`).value; + document.querySelector(`#oauth2_${custom}`).value = document.querySelector(`#${provider}_${custom}`).value; } const customInput = document.querySelector(`#${provider}_${custom}`); if (customInput && customInput.getAttribute('data-available') === 'true') { @@ -115,25 +115,26 @@ export function initAdminCommon() { } function onEnableLdapGroupsChange() { - toggleElem(document.querySelector('#ldap-group-options'), $('.js-ldap-group-toggle')[0].checked); + const checked = document.querySelector('.js-ldap-group-toggle')?.checked; + toggleElem(document.querySelector('#ldap-group-options'), checked); } // New authentication - if (document.querySelector('.admin.new.authentication')) { - document.querySelector('#auth_type')?.addEventListener('change', function () { + if (document.querySelector('.admin.new.authentication')) { + document.querySelector('#auth_type')?.addEventListener('change', function () { hideElem('.ldap, .dldap, .smtp, .pam, .oauth2, .has-tls, .search-page-size, .sspi'); - for (const input of document.querySelectorAll('.ldap input[required], .binddnrequired input[required], .dldap input[required], .smtp input[required], .pam input[required], .oauth2 input[required], .has-tls input[required], .sspi input[required]')) { + for (const input of document.querySelectorAll('.ldap input[required], .binddnrequired input[required], .dldap input[required], .smtp input[required], .pam input[required], .oauth2 input[required], .has-tls input[required], .sspi input[required]')) { input.removeAttribute('required'); } - document.querySelector('.binddnrequired')?.classList.remove('required'); + document.querySelector('.binddnrequired')?.classList.remove('required'); const authType = this.value; switch (authType) { case '2': // LDAP showElem('.ldap'); - for (const input of document.querySelectorAll('.binddnrequired input, .ldap div.required:not(.dldap) input')) { + for (const input of document.querySelectorAll('.binddnrequired input, .ldap div.required:not(.dldap) input')) { input.setAttribute('required', 'required'); } document.querySelector('.binddnrequired')?.classList.add('required'); @@ -141,32 +142,32 @@ export function initAdminCommon() { case '3': // SMTP showElem('.smtp'); showElem('.has-tls'); - for (const input of document.querySelectorAll('.smtp div.required input, .has-tls')) { + for (const input of document.querySelectorAll('.smtp div.required input, .has-tls')) { input.setAttribute('required', 'required'); } break; case '4': // PAM showElem('.pam'); - for (const input of document.querySelectorAll('.pam input')) { + for (const input of document.querySelectorAll('.pam input')) { input.setAttribute('required', 'required'); } break; case '5': // LDAP showElem('.dldap'); - for (const input of document.querySelectorAll('.dldap div.required:not(.ldap) input')) { + for (const input of document.querySelectorAll('.dldap div.required:not(.ldap) input')) { input.setAttribute('required', 'required'); } break; case '6': // OAuth2 showElem('.oauth2'); - for (const input of document.querySelectorAll('.oauth2 div.required:not(.oauth2_use_custom_url,.oauth2_use_custom_url_field,.open_id_connect_auto_discovery_url) input')) { + for (const input of document.querySelectorAll('.oauth2 div.required:not(.oauth2_use_custom_url,.oauth2_use_custom_url_field,.open_id_connect_auto_discovery_url) input')) { input.setAttribute('required', 'required'); } onOAuth2Change(true); break; case '7': // SSPI showElem('.sspi'); - for (const input of document.querySelectorAll('.sspi div.required input')) { + for (const input of document.querySelectorAll('.sspi div.required input')) { input.setAttribute('required', 'required'); } break; @@ -180,39 +181,39 @@ export function initAdminCommon() { } }); $('#auth_type').trigger('change'); - document.querySelector('#security_protocol')?.addEventListener('change', onSecurityProtocolChange); - document.querySelector('#use_paged_search')?.addEventListener('change', onUsePagedSearchChange); - document.querySelector('#oauth2_provider')?.addEventListener('change', () => onOAuth2Change(true)); - document.querySelector('#oauth2_use_custom_url')?.addEventListener('change', () => onOAuth2UseCustomURLChange(true)); + document.querySelector('#security_protocol')?.addEventListener('change', onSecurityProtocolChange); + document.querySelector('#use_paged_search')?.addEventListener('change', onUsePagedSearchChange); + document.querySelector('#oauth2_provider')?.addEventListener('change', () => onOAuth2Change(true)); + document.querySelector('#oauth2_use_custom_url')?.addEventListener('change', () => onOAuth2UseCustomURLChange(true)); $('.js-ldap-group-toggle').on('change', onEnableLdapGroupsChange); } // Edit authentication - if (document.querySelector('.admin.edit.authentication')) { - const authType = document.querySelector('#auth_type')?.value; + if (document.querySelector('.admin.edit.authentication')) { + const authType = document.querySelector('#auth_type')?.value; if (authType === '2' || authType === '5') { - document.querySelector('#security_protocol')?.addEventListener('change', onSecurityProtocolChange); + document.querySelector('#security_protocol')?.addEventListener('change', onSecurityProtocolChange); $('.js-ldap-group-toggle').on('change', onEnableLdapGroupsChange); onEnableLdapGroupsChange(); if (authType === '2') { - document.querySelector('#use_paged_search')?.addEventListener('change', onUsePagedSearchChange); + document.querySelector('#use_paged_search')?.addEventListener('change', onUsePagedSearchChange); } } else if (authType === '6') { - document.querySelector('#oauth2_provider')?.addEventListener('change', () => onOAuth2Change(true)); - document.querySelector('#oauth2_use_custom_url')?.addEventListener('change', () => onOAuth2UseCustomURLChange(false)); + document.querySelector('#oauth2_provider')?.addEventListener('change', () => onOAuth2Change(true)); + document.querySelector('#oauth2_use_custom_url')?.addEventListener('change', () => onOAuth2UseCustomURLChange(false)); onOAuth2Change(false); } } - if (document.querySelector('.admin.authentication')) { + if (document.querySelector('.admin.authentication')) { $('#auth_name').on('input', function () { // appSubUrl is either empty or is a path that starts with `/` and doesn't have a trailing slash. - document.querySelector('#oauth2-callback-url').textContent = `${window.location.origin}${appSubUrl}/user/oauth2/${encodeURIComponent(this.value)}/callback`; + document.querySelector('#oauth2-callback-url').textContent = `${window.location.origin}${appSubUrl}/user/oauth2/${encodeURIComponent((this as HTMLInputElement).value)}/callback`; }).trigger('input'); } // Notice - if (document.querySelector('.admin.notice')) { - const detailModal = document.querySelector('#detail-modal'); + if (document.querySelector('.admin.notice')) { + const detailModal = document.querySelector('#detail-modal'); // Attach view detail modals $('.view-detail').on('click', function () { @@ -223,7 +224,7 @@ export function initAdminCommon() { }); // Select actions - const checkboxes = document.querySelectorAll('.select.table .ui.checkbox input'); + const checkboxes = document.querySelectorAll('.select.table .ui.checkbox input'); $('.select.action').on('click', function () { switch ($(this).data('action')) { @@ -244,7 +245,7 @@ export function initAdminCommon() { break; } }); - document.querySelector('#delete-selection')?.addEventListener('click', async function (e) { + document.querySelector('#delete-selection')?.addEventListener('click', async function (e) { e.preventDefault(); this.classList.add('is-loading', 'disabled'); const data = new FormData(); diff --git a/web_src/js/features/admin/config.ts b/web_src/js/features/admin/config.ts index 0d130703ae..16d7a2426f 100644 --- a/web_src/js/features/admin/config.ts +++ b/web_src/js/features/admin/config.ts @@ -3,17 +3,17 @@ import {POST} from '../../modules/fetch.ts'; const {appSubUrl} = window.config; -export function initAdminConfigs() { - const elAdminConfig = document.querySelector('.page-content.admin.config'); +export function initAdminConfigs(): void { + const elAdminConfig = document.querySelector('.page-content.admin.config'); if (!elAdminConfig) return; - for (const el of elAdminConfig.querySelectorAll('input[type="checkbox"][data-config-dyn-key]')) { + for (const el of elAdminConfig.querySelectorAll('input[type="checkbox"][data-config-dyn-key]')) { el.addEventListener('change', async () => { try { const resp = await POST(`${appSubUrl}/-/admin/config`, { - data: new URLSearchParams({key: el.getAttribute('data-config-dyn-key'), value: el.checked}), + data: new URLSearchParams({key: el.getAttribute('data-config-dyn-key'), value: String(el.checked)}), }); - const json = await resp.json(); + const json: Record = await resp.json(); if (json.errorMessage) throw new Error(json.errorMessage); } catch (ex) { showTemporaryTooltip(el, ex.toString()); diff --git a/web_src/js/features/admin/emails.ts b/web_src/js/features/admin/emails.ts index 46fafa7eff..8e97b67bf9 100644 --- a/web_src/js/features/admin/emails.ts +++ b/web_src/js/features/admin/emails.ts @@ -1,7 +1,7 @@ import $ from 'jquery'; -export function initAdminEmails() { - function linkEmailAction(e) { +export function initAdminEmails(): void { + $('.link-email-action').on('click', (e) => { const $this = $(this); $('#form-uid').val($this.data('uid')); $('#form-email').val($this.data('email')); @@ -9,6 +9,5 @@ export function initAdminEmails() { $('#form-activate').val($this.data('activate')); $('#change-email-modal').modal('show'); e.preventDefault(); - } - $('.link-email-action').on('click', linkEmailAction); + }); } diff --git a/web_src/js/features/admin/selfcheck.ts b/web_src/js/features/admin/selfcheck.ts index 925a50130f..9f53378b52 100644 --- a/web_src/js/features/admin/selfcheck.ts +++ b/web_src/js/features/admin/selfcheck.ts @@ -7,16 +7,16 @@ export async function initAdminSelfCheck() { const elCheckByFrontend = document.querySelector('#self-check-by-frontend'); if (!elCheckByFrontend) return; - const elContent = document.querySelector('.page-content.admin .admin-setting-content'); + const elContent = document.querySelector('.page-content.admin .admin-setting-content'); // send frontend self-check request const resp = await POST(`${appSubUrl}/-/admin/self_check`, { data: new URLSearchParams({ location_origin: window.location.origin, - now: Date.now(), // TODO: check time difference between server and client + now: String(Date.now()), // TODO: check time difference between server and client }), }); - const json = await resp.json(); + const json: Record = await resp.json(); toggleElem(elCheckByFrontend, Boolean(json.problems?.length)); for (const problem of json.problems ?? []) { const elProblem = document.createElement('div'); diff --git a/web_src/js/features/admin/users.ts b/web_src/js/features/admin/users.ts index 7cac603b5c..16276773e1 100644 --- a/web_src/js/features/admin/users.ts +++ b/web_src/js/features/admin/users.ts @@ -1,8 +1,8 @@ -export function initAdminUserListSearchForm() { +export function initAdminUserListSearchForm(): void { const searchForm = window.config.pageData.adminUserListSearchForm; if (!searchForm) return; - const form = document.querySelector('#user-list-search-form'); + const form = document.querySelector('#user-list-search-form'); if (!form) return; for (const button of form.querySelectorAll(`button[name=sort][value="${searchForm.SortType}"]`)) { @@ -12,23 +12,23 @@ export function initAdminUserListSearchForm() { if (searchForm.StatusFilterMap) { for (const [k, v] of Object.entries(searchForm.StatusFilterMap)) { if (!v) continue; - for (const input of form.querySelectorAll(`input[name="status_filter[${k}]"][value="${v}"]`)) { + for (const input of form.querySelectorAll(`input[name="status_filter[${k}]"][value="${v}"]`)) { input.checked = true; } } } - for (const radio of form.querySelectorAll('input[type=radio]')) { + for (const radio of form.querySelectorAll('input[type=radio]')) { radio.addEventListener('click', () => { form.submit(); }); } - const resetButtons = form.querySelectorAll('.j-reset-status-filter'); + const resetButtons = form.querySelectorAll('.j-reset-status-filter'); for (const button of resetButtons) { button.addEventListener('click', (e) => { e.preventDefault(); - for (const input of form.querySelectorAll('input[type=radio]')) { + for (const input of form.querySelectorAll('input[type=radio]')) { if (input.name.startsWith('status_filter[')) { input.checked = false; } diff --git a/web_src/js/markup/anchors.ts b/web_src/js/markup/anchors.ts index 8f0a88f130..483d72bd5b 100644 --- a/web_src/js/markup/anchors.ts +++ b/web_src/js/markup/anchors.ts @@ -1,11 +1,11 @@ import {svg} from '../svg.ts'; -const addPrefix = (str) => `user-content-${str}`; -const removePrefix = (str) => str.replace(/^user-content-/, ''); -const hasPrefix = (str) => str.startsWith('user-content-'); +const addPrefix = (str: string): string => `user-content-${str}`; +const removePrefix = (str: string): string => str.replace(/^user-content-/, ''); +const hasPrefix = (str: string): boolean => str.startsWith('user-content-'); // scroll to anchor while respecting the `user-content` prefix that exists on the target -function scrollToAnchor(encodedId) { +function scrollToAnchor(encodedId: string): void { if (!encodedId) return; const id = decodeURIComponent(encodedId); const prefixedId = addPrefix(id); @@ -24,7 +24,7 @@ function scrollToAnchor(encodedId) { el?.scrollIntoView(); } -export function initMarkupAnchors() { +export function initMarkupAnchors(): void { const markupEls = document.querySelectorAll('.markup'); if (!markupEls.length) return; @@ -39,7 +39,7 @@ export function initMarkupAnchors() { } // remove `user-content-` prefix from links so they don't show in url bar when clicked - for (const a of markupEl.querySelectorAll('a[href^="#"]')) { + for (const a of markupEl.querySelectorAll('a[href^="#"]')) { const href = a.getAttribute('href'); if (!href.startsWith('#user-content-')) continue; a.setAttribute('href', `#${removePrefix(href.substring(1))}`); @@ -47,15 +47,15 @@ export function initMarkupAnchors() { // add `user-content-` prefix to user-generated `a[name]` link targets // TODO: this prefix should be added in backend instead - for (const a of markupEl.querySelectorAll('a[name]')) { + for (const a of markupEl.querySelectorAll('a[name]')) { const name = a.getAttribute('name'); if (!name) continue; - a.setAttribute('name', addPrefix(a.name)); + a.setAttribute('name', addPrefix(name)); } - for (const a of markupEl.querySelectorAll('a[href^="#"]')) { + for (const a of markupEl.querySelectorAll('a[href^="#"]')) { a.addEventListener('click', (e) => { - scrollToAnchor(e.currentTarget.getAttribute('href')?.substring(1)); + scrollToAnchor((e.currentTarget as HTMLAnchorElement).getAttribute('href')?.substring(1)); }); } } diff --git a/web_src/js/markup/codecopy.ts b/web_src/js/markup/codecopy.ts index 0fac4a0a39..f45b7a8e04 100644 --- a/web_src/js/markup/codecopy.ts +++ b/web_src/js/markup/codecopy.ts @@ -1,13 +1,13 @@ import {svg} from '../svg.ts'; -export function makeCodeCopyButton() { +export function makeCodeCopyButton(): HTMLButtonElement { const button = document.createElement('button'); button.classList.add('code-copy', 'ui', 'button'); button.innerHTML = svg('octicon-copy'); return button; } -export function renderCodeCopy() { +export function renderCodeCopy(): void { const els = document.querySelectorAll('.markup .code-block code'); if (!els.length) return; diff --git a/web_src/js/markup/common.ts b/web_src/js/markup/common.ts index aff4a32423..e826c8fd86 100644 --- a/web_src/js/markup/common.ts +++ b/web_src/js/markup/common.ts @@ -1,8 +1,8 @@ -export function displayError(el, err) { +export function displayError(el: Element, err: Error): void { el.classList.remove('is-loading'); const errorNode = document.createElement('pre'); errorNode.setAttribute('class', 'ui message error markup-block-error'); - errorNode.textContent = err.str || err.message || String(err); + errorNode.textContent = err.message || String(err); el.before(errorNode); el.setAttribute('data-render-done', 'true'); } diff --git a/web_src/js/markup/content.ts b/web_src/js/markup/content.ts index e7f7b7f0c4..b9190b15ce 100644 --- a/web_src/js/markup/content.ts +++ b/web_src/js/markup/content.ts @@ -5,7 +5,7 @@ import {renderAsciicast} from './asciicast.ts'; import {initMarkupTasklist} from './tasklist.ts'; // code that runs for all markup content -export function initMarkupContent() { +export function initMarkupContent(): void { renderMermaid(); renderMath(); renderCodeCopy(); @@ -13,6 +13,6 @@ export function initMarkupContent() { } // code that only runs for comments -export function initCommentContent() { +export function initCommentContent(): void { initMarkupTasklist(); } diff --git a/web_src/js/markup/html2markdown.ts b/web_src/js/markup/html2markdown.ts index c690e0c8b1..3f7ef38002 100644 --- a/web_src/js/markup/html2markdown.ts +++ b/web_src/js/markup/html2markdown.ts @@ -12,21 +12,20 @@ type ProcessorContext = { function prepareProcessors(ctx:ProcessorContext): Processors { const processors = { - H1(el) { + H1(el: HTMLHeadingElement) { const level = parseInt(el.tagName.slice(1)); el.textContent = `${'#'.repeat(level)} ${el.textContent.trim()}`; }, - STRONG(el) { + STRONG(el: HTMLElement) { return `**${el.textContent}**`; }, - EM(el) { + EM(el: HTMLElement) { return `_${el.textContent}_`; }, - DEL(el) { + DEL(el: HTMLElement) { return `~~${el.textContent}~~`; }, - - A(el) { + A(el: HTMLAnchorElement) { const text = el.textContent || 'link'; const href = el.getAttribute('href'); if (/^https?:/.test(text) && text === href) { @@ -34,7 +33,7 @@ function prepareProcessors(ctx:ProcessorContext): Processors { } return href ? `[${text}](${href})` : text; }, - IMG(el) { + IMG(el: HTMLImageElement) { const alt = el.getAttribute('alt') || 'image'; const src = el.getAttribute('src'); const widthAttr = el.hasAttribute('width') ? ` width="${htmlEscape(el.getAttribute('width') || '')}"` : ''; @@ -44,32 +43,29 @@ function prepareProcessors(ctx:ProcessorContext): Processors { } return `![${alt}](${src})`; }, - - P(el) { + P(el: HTMLParagraphElement) { el.textContent = `${el.textContent}\n`; }, - BLOCKQUOTE(el) { + BLOCKQUOTE(el: HTMLElement) { el.textContent = `${el.textContent.replace(/^/mg, '> ')}\n`; }, - - OL(el) { + OL(el: HTMLElement) { const preNewLine = ctx.listNestingLevel ? '\n' : ''; el.textContent = `${preNewLine}${el.textContent}\n`; }, - LI(el) { + LI(el: HTMLElement) { const parent = el.parentNode; - const bullet = parent.tagName === 'OL' ? `1. ` : '* '; + const bullet = (parent as HTMLElement).tagName === 'OL' ? `1. ` : '* '; const nestingIdentLevel = Math.max(0, ctx.listNestingLevel - 1); el.textContent = `${' '.repeat(nestingIdentLevel * 4)}${bullet}${el.textContent}${ctx.elementIsLast ? '' : '\n'}`; return el; }, - INPUT(el) { + INPUT(el: HTMLInputElement) { return el.checked ? '[x] ' : '[ ] '; }, - - CODE(el) { + CODE(el: HTMLElement) { const text = el.textContent; - if (el.parentNode && el.parentNode.tagName === 'PRE') { + if (el.parentNode && (el.parentNode as HTMLElement).tagName === 'PRE') { el.textContent = `\`\`\`\n${text}\n\`\`\`\n`; return el; } @@ -86,7 +82,7 @@ function prepareProcessors(ctx:ProcessorContext): Processors { return processors; } -function processElement(ctx :ProcessorContext, processors: Processors, el: HTMLElement) { +function processElement(ctx :ProcessorContext, processors: Processors, el: HTMLElement): string | void { if (el.hasAttribute('data-markdown-generated-content')) return el.textContent; if (el.tagName === 'A' && el.children.length === 1 && el.children[0].tagName === 'IMG') { return processElement(ctx, processors, el.children[0] as HTMLElement); diff --git a/web_src/js/markup/math.ts b/web_src/js/markup/math.ts index e10d90fa2a..34ca79f493 100644 --- a/web_src/js/markup/math.ts +++ b/web_src/js/markup/math.ts @@ -1,12 +1,12 @@ import {displayError} from './common.ts'; -function targetElement(el) { +function targetElement(el: Element) { // The target element is either the current element if it has the // `is-loading` class or the pre that contains it return el.classList.contains('is-loading') ? el : el.closest('pre'); } -export async function renderMath() { +export async function renderMath(): void { const els = document.querySelectorAll('.markup code.language-math'); if (!els.length) return; diff --git a/web_src/js/markup/mermaid.ts b/web_src/js/markup/mermaid.ts index 5c27d6ca1c..004795d367 100644 --- a/web_src/js/markup/mermaid.ts +++ b/web_src/js/markup/mermaid.ts @@ -10,7 +10,7 @@ body {margin: 0; padding: 0; overflow: hidden} #mermaid {display: block; margin: 0 auto} blockquote, dd, dl, figure, h1, h2, h3, h4, h5, h6, hr, p, pre {margin: 0}`; -export async function renderMermaid() { +export async function renderMermaid(): Promise { const els = document.querySelectorAll('.markup code.language-mermaid'); if (!els.length) return; diff --git a/web_src/js/markup/tasklist.ts b/web_src/js/markup/tasklist.ts index 93896ccf07..95db7fc845 100644 --- a/web_src/js/markup/tasklist.ts +++ b/web_src/js/markup/tasklist.ts @@ -1,7 +1,7 @@ import {POST} from '../modules/fetch.ts'; import {showErrorToast} from '../modules/toast.ts'; -const preventListener = (e) => e.preventDefault(); +const preventListener = (e: Event) => e.preventDefault(); /** * Attaches `input` handlers to markdown rendered tasklist checkboxes in comments. @@ -10,10 +10,10 @@ const preventListener = (e) => e.preventDefault(); * is set accordingly and sent to the server. On success it updates the raw-content on * error it resets the checkbox to its original value. */ -export function initMarkupTasklist() { +export function initMarkupTasklist(): void { for (const el of document.querySelectorAll(`.markup[data-can-edit=true]`) || []) { const container = el.parentNode; - const checkboxes = el.querySelectorAll(`.task-list-item input[type=checkbox]`); + const checkboxes = el.querySelectorAll(`.task-list-item input[type=checkbox]`); for (const checkbox of checkboxes) { if (checkbox.hasAttribute('data-editable')) { @@ -52,7 +52,7 @@ export function initMarkupTasklist() { } try { - const editContentZone = container.querySelector('.edit-content-zone'); + const editContentZone = container.querySelector('.edit-content-zone'); const updateUrl = editContentZone.getAttribute('data-update-url'); const context = editContentZone.getAttribute('data-context'); const contentVersion = editContentZone.getAttribute('data-content-version'); diff --git a/web_src/js/svg.ts b/web_src/js/svg.ts index 6227a85e33..d04f63793f 100644 --- a/web_src/js/svg.ts +++ b/web_src/js/svg.ts @@ -153,7 +153,7 @@ export type SvgName = keyof typeof svgs; // most of the SVG icons in assets couldn't be used directly. // retrieve an HTML string for given SVG icon name, size and additional classes -export function svg(name: SvgName, size = 16, classNames: string|string[]): string { +export function svg(name: SvgName, size = 16, classNames?: string|string[]): string { const className = Array.isArray(classNames) ? classNames.join(' ') : classNames; if (!(name in svgs)) throw new Error(`Unknown SVG icon: ${name}`); if (size === 16 && !className) return svgs[name]; From 580e21dd2e9dfb3a3f86f51c4eb188c1bbfa8b11 Mon Sep 17 00:00:00 2001 From: wxiaoguang Date: Tue, 12 Nov 2024 10:38:22 +0800 Subject: [PATCH 7/9] Refactor LFS SSH and internal routers (#32473) Gitea instance keeps reporting a lot of errors like "LFS SSH transfer connection denied, pure SSH protocol is disabled". When starting debugging the problem, there are more problems found. Try to address most of them: * avoid unnecessary server side error logs (change `fail()` to not log them) * figure out the broken tests/user2/lfs.git (added comments) * avoid `migratePushMirrors` failure when a repository doesn't exist (ignore them) * avoid "Authorization" (internal&lfs) header conflicts, remove the tricky "swapAuth" and use "X-Gitea-Internal-Auth" * make internal token comparing constant time (it wasn't a serous problem because in a real world it's nearly impossible to timing-attack the token, but good to fix and backport) * avoid duplicate routers (introduce AddOwnerRepoGitLFSRoutes) * avoid "internal (private)" routes using session/web context (they should use private context) * fix incorrect "path" usages (use "filepath") * fix incorrect mocked route point handling (need to check func nil correctly) * split some tests from "git general tests" to "git misc tests" (to keep "git_general_test.go" simple) Still no correct result for Git LFS SSH tests. So the code is kept there (`tests/integration/git_lfs_ssh_test.go`) and a FIXME explains the details. --- cmd/serv.go | 14 +- models/fixtures/lfs_meta_object.yml | 18 +- models/migrations/v1_21/v276.go | 5 +- modules/git/batch_reader.go | 5 +- modules/lfstransfer/backend/backend.go | 48 ++--- modules/lfstransfer/backend/lock.go | 38 ++-- modules/lfstransfer/backend/util.go | 10 +- modules/private/internal.go | 2 +- modules/web/route.go | 13 +- routers/common/lfs.go | 29 +++ routers/private/internal.go | 55 ++---- routers/web/web.go | 18 +- tests/integration/api_repo_file_get_test.go | 2 +- .../{git_test.go => git_general_test.go} | 173 ++++-------------- tests/integration/git_lfs_ssh_test.go | 61 ++++++ tests/integration/git_misc_test.go | 138 ++++++++++++++ tests/test_utils.go | 11 +- 17 files changed, 376 insertions(+), 264 deletions(-) create mode 100644 routers/common/lfs.go rename tests/integration/{git_test.go => git_general_test.go} (85%) create mode 100644 tests/integration/git_lfs_ssh_test.go create mode 100644 tests/integration/git_misc_test.go diff --git a/cmd/serv.go b/cmd/serv.go index 2d2df8aa23..d2271b68d2 100644 --- a/cmd/serv.go +++ b/cmd/serv.go @@ -111,12 +111,10 @@ func fail(ctx context.Context, userMessage, logMsgFmt string, args ...any) error if !setting.IsProd { _, _ = fmt.Fprintln(os.Stderr, "Gitea:", logMsg) } - if userMessage != "" { - if unicode.IsPunct(rune(userMessage[len(userMessage)-1])) { - logMsg = userMessage + " " + logMsg - } else { - logMsg = userMessage + ". " + logMsg - } + if unicode.IsPunct(rune(userMessage[len(userMessage)-1])) { + logMsg = userMessage + " " + logMsg + } else { + logMsg = userMessage + ". " + logMsg } _ = private.SSHLog(ctx, true, logMsg) } @@ -288,10 +286,10 @@ func runServ(c *cli.Context) error { if allowedCommands.Contains(verb) { if allowedCommandsLfs.Contains(verb) { if !setting.LFS.StartServer { - return fail(ctx, "Unknown git command", "LFS authentication request over SSH denied, LFS support is disabled") + return fail(ctx, "LFS Server is not enabled", "") } if verb == verbLfsTransfer && !setting.LFS.AllowPureSSH { - return fail(ctx, "Unknown git command", "LFS SSH transfer connection denied, pure SSH protocol is disabled") + return fail(ctx, "LFS SSH transfer is not enabled", "") } if len(words) > 2 { lfsVerb = words[2] diff --git a/models/fixtures/lfs_meta_object.yml b/models/fixtures/lfs_meta_object.yml index 1c29e02d44..5430506d70 100644 --- a/models/fixtures/lfs_meta_object.yml +++ b/models/fixtures/lfs_meta_object.yml @@ -1,4 +1,11 @@ # These are the LFS objects in user2/lfs.git +# user2/lfs is an INVALID repository +# +# commit e9c32647bab825977942598c0efa415de300304b (HEAD -> master) +# Author: Rowan Bohde +# Date: Thu Aug 1 14:38:23 2024 -0500 +# +# add invalid lfs file - id: 1 @@ -11,7 +18,7 @@ id: 2 oid: 2eccdb43825d2a49d99d542daa20075cff1d97d9d2349a8977efe9c03661737c - size: 107 + size: 107 # real size is 2048 repository_id: 54 created_unix: 1671607299 @@ -30,3 +37,12 @@ size: 25 repository_id: 54 created_unix: 1671607299 + +# this file is missing +# - +# +# id: 5 +# oid: 9d178b5f15046343fd32f451df93acc2bdd9e6373be478b968e4cad6b6647351 +# size: 25 +# repository_id: 54 +# created_unix: 1671607299 diff --git a/models/migrations/v1_21/v276.go b/models/migrations/v1_21/v276.go index ed1bc3bda5..15177bf040 100644 --- a/models/migrations/v1_21/v276.go +++ b/models/migrations/v1_21/v276.go @@ -12,6 +12,7 @@ import ( "code.gitea.io/gitea/modules/git" giturl "code.gitea.io/gitea/modules/git/url" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/util" "xorm.io/xorm" ) @@ -163,7 +164,9 @@ func migratePushMirrors(x *xorm.Engine) error { func getRemoteAddress(ownerName, repoName, remoteName string) (string, error) { repoPath := filepath.Join(setting.RepoRootPath, strings.ToLower(ownerName), strings.ToLower(repoName)+".git") - + if exist, _ := util.IsExist(repoPath); !exist { + return "", nil + } remoteURL, err := git.GetRemoteAddress(context.Background(), repoPath, remoteName) if err != nil { return "", fmt.Errorf("get remote %s's address of %s/%s failed: %v", remoteName, ownerName, repoName, err) diff --git a/modules/git/batch_reader.go b/modules/git/batch_reader.go index 3b1a466b2e..7dfda72155 100644 --- a/modules/git/batch_reader.go +++ b/modules/git/batch_reader.go @@ -146,9 +146,8 @@ func catFileBatch(ctx context.Context, repoPath string) (WriteCloserError, *bufi } // ReadBatchLine reads the header line from cat-file --batch -// We expect: -// SP SP LF -// sha is a hex encoded here +// We expect: SP SP LF +// then leaving the rest of the stream " LF" to be read func ReadBatchLine(rd *bufio.Reader) (sha []byte, typ string, size int64, err error) { typ, err = rd.ReadString('\n') if err != nil { diff --git a/modules/lfstransfer/backend/backend.go b/modules/lfstransfer/backend/backend.go index d4523e1abf..2b1fe49fda 100644 --- a/modules/lfstransfer/backend/backend.go +++ b/modules/lfstransfer/backend/backend.go @@ -33,12 +33,12 @@ var _ transfer.Backend = &GiteaBackend{} // GiteaBackend is an adapter between git-lfs-transfer library and Gitea's internal LFS API type GiteaBackend struct { - ctx context.Context - server *url.URL - op string - token string - itoken string - logger transfer.Logger + ctx context.Context + server *url.URL + op string + authToken string + internalAuth string + logger transfer.Logger } func New(ctx context.Context, repo, op, token string, logger transfer.Logger) (transfer.Backend, error) { @@ -48,7 +48,7 @@ func New(ctx context.Context, repo, op, token string, logger transfer.Logger) (t return nil, err } server = server.JoinPath("api/internal/repo", repo, "info/lfs") - return &GiteaBackend{ctx: ctx, server: server, op: op, token: token, itoken: fmt.Sprintf("Bearer %s", setting.InternalToken), logger: logger}, nil + return &GiteaBackend{ctx: ctx, server: server, op: op, authToken: token, internalAuth: fmt.Sprintf("Bearer %s", setting.InternalToken), logger: logger}, nil } // Batch implements transfer.Backend @@ -73,10 +73,10 @@ func (g *GiteaBackend) Batch(_ string, pointers []transfer.BatchItem, args trans } url := g.server.JoinPath("objects/batch").String() headers := map[string]string{ - headerAuthorisation: g.itoken, - headerAuthX: g.token, - headerAccept: mimeGitLFS, - headerContentType: mimeGitLFS, + headerAuthorization: g.authToken, + headerGiteaInternalAuth: g.internalAuth, + headerAccept: mimeGitLFS, + headerContentType: mimeGitLFS, } req := newInternalRequest(g.ctx, url, http.MethodPost, headers, bodyBytes) resp, err := req.Response() @@ -119,7 +119,7 @@ func (g *GiteaBackend) Batch(_ string, pointers []transfer.BatchItem, args trans } idMapStr := base64.StdEncoding.EncodeToString(idMapBytes) item.Args[argID] = idMapStr - if authHeader, ok := action.Header[headerAuthorisation]; ok { + if authHeader, ok := action.Header[headerAuthorization]; ok { authHeaderB64 := base64.StdEncoding.EncodeToString([]byte(authHeader)) item.Args[argToken] = authHeaderB64 } @@ -142,7 +142,7 @@ func (g *GiteaBackend) Batch(_ string, pointers []transfer.BatchItem, args trans } idMapStr := base64.StdEncoding.EncodeToString(idMapBytes) item.Args[argID] = idMapStr - if authHeader, ok := action.Header[headerAuthorisation]; ok { + if authHeader, ok := action.Header[headerAuthorization]; ok { authHeaderB64 := base64.StdEncoding.EncodeToString([]byte(authHeader)) item.Args[argToken] = authHeaderB64 } @@ -183,9 +183,9 @@ func (g *GiteaBackend) Download(oid string, args transfer.Args) (io.ReadCloser, } url := action.Href headers := map[string]string{ - headerAuthorisation: g.itoken, - headerAuthX: g.token, - headerAccept: mimeOctetStream, + headerAuthorization: g.authToken, + headerGiteaInternalAuth: g.internalAuth, + headerAccept: mimeOctetStream, } req := newInternalRequest(g.ctx, url, http.MethodGet, headers, nil) resp, err := req.Response() @@ -229,10 +229,10 @@ func (g *GiteaBackend) Upload(oid string, size int64, r io.Reader, args transfer } url := action.Href headers := map[string]string{ - headerAuthorisation: g.itoken, - headerAuthX: g.token, - headerContentType: mimeOctetStream, - headerContentLength: strconv.FormatInt(size, 10), + headerAuthorization: g.authToken, + headerGiteaInternalAuth: g.internalAuth, + headerContentType: mimeOctetStream, + headerContentLength: strconv.FormatInt(size, 10), } reqBytes, err := io.ReadAll(r) if err != nil { @@ -279,10 +279,10 @@ func (g *GiteaBackend) Verify(oid string, size int64, args transfer.Args) (trans } url := action.Href headers := map[string]string{ - headerAuthorisation: g.itoken, - headerAuthX: g.token, - headerAccept: mimeGitLFS, - headerContentType: mimeGitLFS, + headerAuthorization: g.authToken, + headerGiteaInternalAuth: g.internalAuth, + headerAccept: mimeGitLFS, + headerContentType: mimeGitLFS, } req := newInternalRequest(g.ctx, url, http.MethodPost, headers, bodyBytes) resp, err := req.Response() diff --git a/modules/lfstransfer/backend/lock.go b/modules/lfstransfer/backend/lock.go index f72ffd5b6f..f094cce1db 100644 --- a/modules/lfstransfer/backend/lock.go +++ b/modules/lfstransfer/backend/lock.go @@ -21,17 +21,17 @@ import ( var _ transfer.LockBackend = &giteaLockBackend{} type giteaLockBackend struct { - ctx context.Context - g *GiteaBackend - server *url.URL - token string - itoken string - logger transfer.Logger + ctx context.Context + g *GiteaBackend + server *url.URL + authToken string + internalAuth string + logger transfer.Logger } func newGiteaLockBackend(g *GiteaBackend) transfer.LockBackend { server := g.server.JoinPath("locks") - return &giteaLockBackend{ctx: g.ctx, g: g, server: server, token: g.token, itoken: g.itoken, logger: g.logger} + return &giteaLockBackend{ctx: g.ctx, g: g, server: server, authToken: g.authToken, internalAuth: g.internalAuth, logger: g.logger} } // Create implements transfer.LockBackend @@ -45,10 +45,10 @@ func (g *giteaLockBackend) Create(path, refname string) (transfer.Lock, error) { } url := g.server.String() headers := map[string]string{ - headerAuthorisation: g.itoken, - headerAuthX: g.token, - headerAccept: mimeGitLFS, - headerContentType: mimeGitLFS, + headerAuthorization: g.authToken, + headerGiteaInternalAuth: g.internalAuth, + headerAccept: mimeGitLFS, + headerContentType: mimeGitLFS, } req := newInternalRequest(g.ctx, url, http.MethodPost, headers, bodyBytes) resp, err := req.Response() @@ -97,10 +97,10 @@ func (g *giteaLockBackend) Unlock(lock transfer.Lock) error { } url := g.server.JoinPath(lock.ID(), "unlock").String() headers := map[string]string{ - headerAuthorisation: g.itoken, - headerAuthX: g.token, - headerAccept: mimeGitLFS, - headerContentType: mimeGitLFS, + headerAuthorization: g.authToken, + headerGiteaInternalAuth: g.internalAuth, + headerAccept: mimeGitLFS, + headerContentType: mimeGitLFS, } req := newInternalRequest(g.ctx, url, http.MethodPost, headers, bodyBytes) resp, err := req.Response() @@ -180,10 +180,10 @@ func (g *giteaLockBackend) queryLocks(v url.Values) ([]transfer.Lock, string, er urlq.RawQuery = v.Encode() url := urlq.String() headers := map[string]string{ - headerAuthorisation: g.itoken, - headerAuthX: g.token, - headerAccept: mimeGitLFS, - headerContentType: mimeGitLFS, + headerAuthorization: g.authToken, + headerGiteaInternalAuth: g.internalAuth, + headerAccept: mimeGitLFS, + headerContentType: mimeGitLFS, } req := newInternalRequest(g.ctx, url, http.MethodGet, headers, nil) resp, err := req.Response() diff --git a/modules/lfstransfer/backend/util.go b/modules/lfstransfer/backend/util.go index 126ac00175..cffefef375 100644 --- a/modules/lfstransfer/backend/util.go +++ b/modules/lfstransfer/backend/util.go @@ -20,11 +20,11 @@ import ( // HTTP headers const ( - headerAccept = "Accept" - headerAuthorisation = "Authorization" - headerAuthX = "X-Auth" - headerContentType = "Content-Type" - headerContentLength = "Content-Length" + headerAccept = "Accept" + headerAuthorization = "Authorization" + headerGiteaInternalAuth = "X-Gitea-Internal-Auth" + headerContentType = "Content-Type" + headerContentLength = "Content-Length" ) // MIME types diff --git a/modules/private/internal.go b/modules/private/internal.go index 9c330a24a8..c7e7773524 100644 --- a/modules/private/internal.go +++ b/modules/private/internal.go @@ -43,7 +43,7 @@ Ensure you are running in the correct environment or set the correct configurati req := httplib.NewRequest(url, method). SetContext(ctx). Header("X-Real-IP", getClientIP()). - Header("Authorization", fmt.Sprintf("Bearer %s", setting.InternalToken)). + Header("X-Gitea-Internal-Auth", fmt.Sprintf("Bearer %s", setting.InternalToken)). SetTLSClientConfig(&tls.Config{ InsecureSkipVerify: true, ServerName: setting.Domain, diff --git a/modules/web/route.go b/modules/web/route.go index b02f66802e..77c411a97b 100644 --- a/modules/web/route.go +++ b/modules/web/route.go @@ -6,6 +6,7 @@ package web import ( "net/http" "net/url" + "reflect" "strings" "code.gitea.io/gitea/modules/setting" @@ -82,15 +83,23 @@ func (r *Router) getPattern(pattern string) string { return strings.TrimSuffix(newPattern, "/") } +func isNilOrFuncNil(v any) bool { + if v == nil { + return true + } + r := reflect.ValueOf(v) + return r.Kind() == reflect.Func && r.IsNil() +} + func (r *Router) wrapMiddlewareAndHandler(h []any) ([]func(http.Handler) http.Handler, http.HandlerFunc) { handlerProviders := make([]func(http.Handler) http.Handler, 0, len(r.curMiddlewares)+len(h)+1) for _, m := range r.curMiddlewares { - if m != nil { + if !isNilOrFuncNil(m) { handlerProviders = append(handlerProviders, toHandlerProvider(m)) } } for _, m := range h { - if h != nil { + if !isNilOrFuncNil(m) { handlerProviders = append(handlerProviders, toHandlerProvider(m)) } } diff --git a/routers/common/lfs.go b/routers/common/lfs.go new file mode 100644 index 0000000000..ba6e1163f1 --- /dev/null +++ b/routers/common/lfs.go @@ -0,0 +1,29 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package common + +import ( + "net/http" + + "code.gitea.io/gitea/modules/web" + "code.gitea.io/gitea/services/lfs" +) + +func AddOwnerRepoGitLFSRoutes(m *web.Router, middlewares ...any) { + // shared by web and internal routers + m.Group("/{username}/{reponame}/info/lfs", func() { + m.Post("/objects/batch", lfs.CheckAcceptMediaType, lfs.BatchHandler) + m.Put("/objects/{oid}/{size}", lfs.UploadHandler) + m.Get("/objects/{oid}/{filename}", lfs.DownloadHandler) + m.Get("/objects/{oid}", lfs.DownloadHandler) + m.Post("/verify", lfs.CheckAcceptMediaType, lfs.VerifyHandler) + m.Group("/locks", func() { + m.Get("/", lfs.GetListLockHandler) + m.Post("/", lfs.PostLockHandler) + m.Post("/verify", lfs.VerifyLockHandler) + m.Post("/{lid}/unlock", lfs.UnLockHandler) + }, lfs.CheckAcceptMediaType) + m.Any("/*", http.NotFound) + }, middlewares...) +} diff --git a/routers/private/internal.go b/routers/private/internal.go index f9adff388c..db074238c6 100644 --- a/routers/private/internal.go +++ b/routers/private/internal.go @@ -5,6 +5,7 @@ package private import ( + "crypto/subtle" "net/http" "strings" @@ -14,28 +15,30 @@ import ( "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/common" "code.gitea.io/gitea/services/context" - "code.gitea.io/gitea/services/lfs" "gitea.com/go-chi/binding" chi_middleware "github.com/go-chi/chi/v5/middleware" ) -// CheckInternalToken check internal token is set -func CheckInternalToken(next http.Handler) http.Handler { +const RouterMockPointInternalLFS = "internal-lfs" + +func authInternal(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - tokens := req.Header.Get("Authorization") - fields := strings.SplitN(tokens, " ", 2) if setting.InternalToken == "" { log.Warn(`The INTERNAL_TOKEN setting is missing from the configuration file: %q, internal API can't work.`, setting.CustomConf) http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) return } - if len(fields) != 2 || fields[0] != "Bearer" || fields[1] != setting.InternalToken { + + tokens := req.Header.Get("X-Gitea-Internal-Auth") // TODO: use something like JWT or HMAC to avoid passing the token in the clear + after, found := strings.CutPrefix(tokens, "Bearer ") + authSucceeded := found && subtle.ConstantTimeCompare([]byte(after), []byte(setting.InternalToken)) == 1 + if !authSucceeded { log.Debug("Forbidden attempt to access internal url: Authorization header: %s", tokens) http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) - } else { - next.ServeHTTP(w, req) + return } + next.ServeHTTP(w, req) }) } @@ -48,20 +51,12 @@ func bind[T any](_ T) any { } } -// SwapAuthToken swaps Authorization header with X-Auth header -func swapAuthToken(next http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { - req.Header.Set("Authorization", req.Header.Get("X-Auth")) - next.ServeHTTP(w, req) - }) -} - // Routes registers all internal APIs routes to web application. // These APIs will be invoked by internal commands for example `gitea serv` and etc. func Routes() *web.Router { r := web.NewRouter() r.Use(context.PrivateContexter()) - r.Use(CheckInternalToken) + r.Use(authInternal) // Log the real ip address of the request from SSH is really helpful for diagnosing sometimes. // Since internal API will be sent only from Gitea sub commands and it's under control (checked by InternalToken), we can trust the headers. r.Use(chi_middleware.RealIP) @@ -90,25 +85,13 @@ func Routes() *web.Router { r.Post("/restore_repo", RestoreRepo) r.Post("/actions/generate_actions_runner_token", GenerateActionsRunnerToken) - r.Group("/repo/{username}/{reponame}", func() { - r.Group("/info/lfs", func() { - r.Post("/objects/batch", lfs.CheckAcceptMediaType, lfs.BatchHandler) - r.Put("/objects/{oid}/{size}", lfs.UploadHandler) - r.Get("/objects/{oid}/{filename}", lfs.DownloadHandler) - r.Get("/objects/{oid}", lfs.DownloadHandler) - r.Post("/verify", lfs.CheckAcceptMediaType, lfs.VerifyHandler) - r.Group("/locks", func() { - r.Get("/", lfs.GetListLockHandler) - r.Post("/", lfs.PostLockHandler) - r.Post("/verify", lfs.VerifyLockHandler) - r.Post("/{lid}/unlock", lfs.UnLockHandler) - }, lfs.CheckAcceptMediaType) - r.Any("/*", func(ctx *context.Context) { - ctx.NotFound("", nil) - }) - }, swapAuthToken) - }, common.Sessioner(), context.Contexter()) - // end "/repo/{username}/{reponame}": git (LFS) API mirror + r.Group("/repo", func() { + // FIXME: it is not right to use context.Contexter here because all routes here should use PrivateContext + common.AddOwnerRepoGitLFSRoutes(r, func(ctx *context.PrivateContext) { + webContext := &context.Context{Base: ctx.Base} + ctx.AppendContextValue(context.WebContextKey, webContext) + }, web.RouterMockPoint(RouterMockPointInternalLFS)) + }) return r } diff --git a/routers/web/web.go b/routers/web/web.go index 907bf88f6f..e0915e6a6e 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -44,7 +44,6 @@ import ( auth_service "code.gitea.io/gitea/services/auth" "code.gitea.io/gitea/services/context" "code.gitea.io/gitea/services/forms" - "code.gitea.io/gitea/services/lfs" _ "code.gitea.io/gitea/modules/session" // to registers all internal adapters @@ -1598,23 +1597,8 @@ func registerRoutes(m *web.Router) { m.Post("/action/{action}", reqSignIn, repo.Action) }, ignSignIn, context.RepoAssignment, context.RepoRef()) + common.AddOwnerRepoGitLFSRoutes(m, ignSignInAndCsrf, lfsServerEnabled) m.Group("/{username}/{reponame}", func() { - m.Group("/info/lfs", func() { - m.Post("/objects/batch", lfs.CheckAcceptMediaType, lfs.BatchHandler) - m.Put("/objects/{oid}/{size}", lfs.UploadHandler) - m.Get("/objects/{oid}/{filename}", lfs.DownloadHandler) - m.Get("/objects/{oid}", lfs.DownloadHandler) - m.Post("/verify", lfs.CheckAcceptMediaType, lfs.VerifyHandler) - m.Group("/locks", func() { - m.Get("/", lfs.GetListLockHandler) - m.Post("/", lfs.PostLockHandler) - m.Post("/verify", lfs.VerifyLockHandler) - m.Post("/{lid}/unlock", lfs.UnLockHandler) - }, lfs.CheckAcceptMediaType) - m.Any("/*", func(ctx *context.Context) { - ctx.NotFound("", nil) - }) - }, ignSignInAndCsrf, lfsServerEnabled) gitHTTPRouters(m) }) // end "/{username}/{reponame}.git": git support diff --git a/tests/integration/api_repo_file_get_test.go b/tests/integration/api_repo_file_get_test.go index 4649babad1..27bc9e25bf 100644 --- a/tests/integration/api_repo_file_get_test.go +++ b/tests/integration/api_repo_file_get_test.go @@ -39,7 +39,7 @@ func TestAPIGetRawFileOrLFS(t *testing.T) { t.Run("Partial Clone", doPartialGitClone(dstPath2, u)) - lfs, _ := lfsCommitAndPushTest(t, dstPath) + lfs := lfsCommitAndPushTest(t, dstPath, littleSize)[0] reqLFS := NewRequest(t, "GET", "/api/v1/repos/user2/repo1/media/"+lfs) respLFS := MakeRequestNilResponseRecorder(t, reqLFS, http.StatusOK) diff --git a/tests/integration/git_test.go b/tests/integration/git_general_test.go similarity index 85% rename from tests/integration/git_test.go rename to tests/integration/git_general_test.go index 76db3c6932..7fd19e7edd 100644 --- a/tests/integration/git_test.go +++ b/tests/integration/git_general_test.go @@ -4,8 +4,6 @@ package integration import ( - "bytes" - "context" "crypto/rand" "encoding/hex" "fmt" @@ -26,27 +24,25 @@ import ( "code.gitea.io/gitea/models/unittest" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/git" - "code.gitea.io/gitea/modules/gitrepo" "code.gitea.io/gitea/modules/lfs" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" gitea_context "code.gitea.io/gitea/services/context" - files_service "code.gitea.io/gitea/services/repository/files" "code.gitea.io/gitea/tests" "github.com/stretchr/testify/assert" ) const ( - littleSize = 1024 // 1ko - bigSize = 128 * 1024 * 1024 // 128Mo + littleSize = 1024 // 1K + bigSize = 128 * 1024 * 1024 // 128M ) -func TestGit(t *testing.T) { - onGiteaRun(t, testGit) +func TestGitGeneral(t *testing.T) { + onGiteaRun(t, testGitGeneral) } -func testGit(t *testing.T, u *url.URL) { +func testGitGeneral(t *testing.T, u *url.URL) { username := "user2" baseAPITestContext := NewAPITestContext(t, username, "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser) @@ -77,10 +73,10 @@ func testGit(t *testing.T, u *url.URL) { t.Run("Partial Clone", doPartialGitClone(dstPath2, u)) - little, big := standardCommitAndPushTest(t, dstPath) - littleLFS, bigLFS := lfsCommitAndPushTest(t, dstPath) - rawTest(t, &httpContext, little, big, littleLFS, bigLFS) - mediaTest(t, &httpContext, little, big, littleLFS, bigLFS) + pushedFilesStandard := standardCommitAndPushTest(t, dstPath, littleSize, bigSize) + pushedFilesLFS := lfsCommitAndPushTest(t, dstPath, littleSize, bigSize) + rawTest(t, &httpContext, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1]) + mediaTest(t, &httpContext, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1]) t.Run("CreateAgitFlowPull", doCreateAgitFlowPull(dstPath, &httpContext, "test/head")) t.Run("BranchProtectMerge", doBranchProtectPRMerge(&httpContext, dstPath)) @@ -89,8 +85,8 @@ func testGit(t *testing.T, u *url.URL) { t.Run("MergeFork", func(t *testing.T) { defer tests.PrintCurrentTest(t)() t.Run("CreatePRAndMerge", doMergeFork(httpContext, forkedUserCtx, "master", httpContext.Username+":master")) - rawTest(t, &forkedUserCtx, little, big, littleLFS, bigLFS) - mediaTest(t, &forkedUserCtx, little, big, littleLFS, bigLFS) + rawTest(t, &forkedUserCtx, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1]) + mediaTest(t, &forkedUserCtx, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1]) }) t.Run("PushCreate", doPushCreate(httpContext, u)) @@ -118,18 +114,18 @@ func testGit(t *testing.T, u *url.URL) { t.Run("Clone", doGitClone(dstPath, sshURL)) - little, big := standardCommitAndPushTest(t, dstPath) - littleLFS, bigLFS := lfsCommitAndPushTest(t, dstPath) - rawTest(t, &sshContext, little, big, littleLFS, bigLFS) - mediaTest(t, &sshContext, little, big, littleLFS, bigLFS) + pushedFilesStandard := standardCommitAndPushTest(t, dstPath, littleSize, bigSize) + pushedFilesLFS := lfsCommitAndPushTest(t, dstPath, littleSize, bigSize) + rawTest(t, &sshContext, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1]) + mediaTest(t, &sshContext, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1]) t.Run("CreateAgitFlowPull", doCreateAgitFlowPull(dstPath, &sshContext, "test/head2")) t.Run("BranchProtectMerge", doBranchProtectPRMerge(&sshContext, dstPath)) t.Run("MergeFork", func(t *testing.T) { defer tests.PrintCurrentTest(t)() t.Run("CreatePRAndMerge", doMergeFork(sshContext, forkedUserCtx, "master", sshContext.Username+":master")) - rawTest(t, &forkedUserCtx, little, big, littleLFS, bigLFS) - mediaTest(t, &forkedUserCtx, little, big, littleLFS, bigLFS) + rawTest(t, &forkedUserCtx, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1]) + mediaTest(t, &forkedUserCtx, pushedFilesStandard[0], pushedFilesStandard[1], pushedFilesLFS[0], pushedFilesLFS[1]) }) t.Run("PushCreate", doPushCreate(sshContext, sshURL)) @@ -142,16 +138,16 @@ func ensureAnonymousClone(t *testing.T, u *url.URL) { t.Run("CloneAnonymous", doGitClone(dstLocalPath, u)) } -func standardCommitAndPushTest(t *testing.T, dstPath string) (little, big string) { - t.Run("Standard", func(t *testing.T) { +func standardCommitAndPushTest(t *testing.T, dstPath string, sizes ...int) (pushedFiles []string) { + t.Run("CommitAndPushStandard", func(t *testing.T) { defer tests.PrintCurrentTest(t)() - little, big = commitAndPushTest(t, dstPath, "data-file-") + pushedFiles = commitAndPushTest(t, dstPath, "data-file-", sizes...) }) - return little, big + return pushedFiles } -func lfsCommitAndPushTest(t *testing.T, dstPath string) (littleLFS, bigLFS string) { - t.Run("LFS", func(t *testing.T) { +func lfsCommitAndPushTest(t *testing.T, dstPath string, sizes ...int) (pushedFiles []string) { + t.Run("CommitAndPushLFS", func(t *testing.T) { defer tests.PrintCurrentTest(t)() prefix := "lfs-data-file-" err := git.NewCommand(git.DefaultContext, "lfs").AddArguments("install").Run(&git.RunOpts{Dir: dstPath}) @@ -176,33 +172,23 @@ func lfsCommitAndPushTest(t *testing.T, dstPath string) (littleLFS, bigLFS strin }) assert.NoError(t, err) - littleLFS, bigLFS = commitAndPushTest(t, dstPath, prefix) - + pushedFiles = commitAndPushTest(t, dstPath, prefix, sizes...) t.Run("Locks", func(t *testing.T) { defer tests.PrintCurrentTest(t)() lockTest(t, dstPath) }) }) - return littleLFS, bigLFS + return pushedFiles } -func commitAndPushTest(t *testing.T, dstPath, prefix string) (little, big string) { - t.Run("PushCommit", func(t *testing.T) { - defer tests.PrintCurrentTest(t)() - t.Run("Little", func(t *testing.T) { +func commitAndPushTest(t *testing.T, dstPath, prefix string, sizes ...int) (pushedFiles []string) { + for _, size := range sizes { + t.Run("PushCommit Size-"+strconv.Itoa(size), func(t *testing.T) { defer tests.PrintCurrentTest(t)() - little = doCommitAndPush(t, littleSize, dstPath, prefix) + pushedFiles = append(pushedFiles, doCommitAndPush(t, size, dstPath, prefix)) }) - t.Run("Big", func(t *testing.T) { - if testing.Short() { - t.Skip("Skipping test in short mode.") - return - } - defer tests.PrintCurrentTest(t)() - big = doCommitAndPush(t, bigSize, dstPath, prefix) - }) - }) - return little, big + } + return pushedFiles } func rawTest(t *testing.T, ctx *APITestContext, little, big, littleLFS, bigLFS string) { @@ -903,100 +889,3 @@ func doCreateAgitFlowPull(dstPath string, ctx *APITestContext, headBranch string t.Run("CheckoutMasterAgain", doGitCheckoutBranch(dstPath, "master")) } } - -func TestDataAsync_Issue29101(t *testing.T) { - onGiteaRun(t, func(t *testing.T, u *url.URL) { - user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}) - repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1}) - - resp, err := files_service.ChangeRepoFiles(db.DefaultContext, repo, user, &files_service.ChangeRepoFilesOptions{ - Files: []*files_service.ChangeRepoFile{ - { - Operation: "create", - TreePath: "test.txt", - ContentReader: bytes.NewReader(make([]byte, 10000)), - }, - }, - OldBranch: repo.DefaultBranch, - NewBranch: repo.DefaultBranch, - }) - assert.NoError(t, err) - - sha := resp.Commit.SHA - - gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, repo) - assert.NoError(t, err) - - commit, err := gitRepo.GetCommit(sha) - assert.NoError(t, err) - - entry, err := commit.GetTreeEntryByPath("test.txt") - assert.NoError(t, err) - - b := entry.Blob() - - r, err := b.DataAsync() - assert.NoError(t, err) - defer r.Close() - - r2, err := b.DataAsync() - assert.NoError(t, err) - defer r2.Close() - }) -} - -func TestAgitPullPush(t *testing.T) { - onGiteaRun(t, func(t *testing.T, u *url.URL) { - baseAPITestContext := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser) - - u.Path = baseAPITestContext.GitPath() - u.User = url.UserPassword("user2", userPassword) - - dstPath := t.TempDir() - doGitClone(dstPath, u)(t) - - gitRepo, err := git.OpenRepository(context.Background(), dstPath) - assert.NoError(t, err) - defer gitRepo.Close() - - doGitCreateBranch(dstPath, "test-agit-push") - - // commit 1 - _, err = generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-") - assert.NoError(t, err) - - // push to create an agit pull request - err = git.NewCommand(git.DefaultContext, "push", "origin", - "-o", "title=test-title", "-o", "description=test-description", - "HEAD:refs/for/master/test-agit-push", - ).Run(&git.RunOpts{Dir: dstPath}) - assert.NoError(t, err) - - // check pull request exist - pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: 1, Flow: issues_model.PullRequestFlowAGit, HeadBranch: "user2/test-agit-push"}) - assert.NoError(t, pr.LoadIssue(db.DefaultContext)) - assert.Equal(t, "test-title", pr.Issue.Title) - assert.Equal(t, "test-description", pr.Issue.Content) - - // commit 2 - _, err = generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-2-") - assert.NoError(t, err) - - // push 2 - err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push").Run(&git.RunOpts{Dir: dstPath}) - assert.NoError(t, err) - - // reset to first commit - err = git.NewCommand(git.DefaultContext, "reset", "--hard", "HEAD~1").Run(&git.RunOpts{Dir: dstPath}) - assert.NoError(t, err) - - // test force push without confirm - _, stderr, err := git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push").RunStdString(&git.RunOpts{Dir: dstPath}) - assert.Error(t, err) - assert.Contains(t, stderr, "[remote rejected] HEAD -> refs/for/master/test-agit-push (request `force-push` push option)") - - // test force push with confirm - err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push", "-o", "force-push").Run(&git.RunOpts{Dir: dstPath}) - assert.NoError(t, err) - }) -} diff --git a/tests/integration/git_lfs_ssh_test.go b/tests/integration/git_lfs_ssh_test.go new file mode 100644 index 0000000000..33c2fba620 --- /dev/null +++ b/tests/integration/git_lfs_ssh_test.go @@ -0,0 +1,61 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package integration + +import ( + "net/url" + "sync" + "testing" + + auth_model "code.gitea.io/gitea/models/auth" + "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" + "code.gitea.io/gitea/routers/private" + "code.gitea.io/gitea/services/context" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestGitLFSSSH(t *testing.T) { + onGiteaRun(t, func(t *testing.T, u *url.URL) { + dstPath := t.TempDir() + apiTestContext := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser) + + var mu sync.Mutex + var routerCalls []string + web.RouteMock(private.RouterMockPointInternalLFS, func(ctx *context.PrivateContext) { + mu.Lock() + routerCalls = append(routerCalls, ctx.Req.Method+" "+ctx.Req.URL.Path) + mu.Unlock() + }) + + withKeyFile(t, "my-testing-key", func(keyFile string) { + t.Run("CreateUserKey", doAPICreateUserKey(apiTestContext, "test-key", keyFile)) + cloneURL := createSSHUrl(apiTestContext.GitPath(), u) + t.Run("Clone", doGitClone(dstPath, cloneURL)) + + cfg, err := setting.CfgProvider.PrepareSaving() + require.NoError(t, err) + cfg.Section("server").Key("LFS_ALLOW_PURE_SSH").SetValue("true") + setting.LFS.AllowPureSSH = true + require.NoError(t, cfg.Save()) + + // do LFS SSH transfer? + lfsCommitAndPushTest(t, dstPath, 10) + }) + + // FIXME: Here we only see the following calls, but actually there should be calls to "PUT"? + // 0 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks" + // 1 = {string} "POST /api/internal/repo/user2/repo1.git/info/lfs/objects/batch" + // 2 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks" + // 3 = {string} "POST /api/internal/repo/user2/repo1.git/info/lfs/locks" + // 4 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks" + // 5 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks" + // 6 = {string} "GET /api/internal/repo/user2/repo1.git/info/lfs/locks" + // 7 = {string} "POST /api/internal/repo/user2/repo1.git/info/lfs/locks/24/unlock" + assert.NotEmpty(t, routerCalls) + // assert.Contains(t, routerCalls, "PUT /api/internal/repo/user2/repo1.git/info/lfs/objects/....") + }) +} diff --git a/tests/integration/git_misc_test.go b/tests/integration/git_misc_test.go new file mode 100644 index 0000000000..82ab184bb0 --- /dev/null +++ b/tests/integration/git_misc_test.go @@ -0,0 +1,138 @@ +// Copyright 2024 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package integration + +import ( + "bytes" + "context" + "io" + "net/url" + "sync" + "testing" + + auth_model "code.gitea.io/gitea/models/auth" + "code.gitea.io/gitea/models/db" + issues_model "code.gitea.io/gitea/models/issues" + repo_model "code.gitea.io/gitea/models/repo" + "code.gitea.io/gitea/models/unittest" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/git" + "code.gitea.io/gitea/modules/gitrepo" + files_service "code.gitea.io/gitea/services/repository/files" + + "github.com/stretchr/testify/assert" +) + +func TestDataAsyncDoubleRead_Issue29101(t *testing.T) { + onGiteaRun(t, func(t *testing.T, u *url.URL) { + user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}) + repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1}) + + testContent := bytes.Repeat([]byte{'a'}, 10000) + resp, err := files_service.ChangeRepoFiles(db.DefaultContext, repo, user, &files_service.ChangeRepoFilesOptions{ + Files: []*files_service.ChangeRepoFile{ + { + Operation: "create", + TreePath: "test.txt", + ContentReader: bytes.NewReader(testContent), + }, + }, + OldBranch: repo.DefaultBranch, + NewBranch: repo.DefaultBranch, + }) + assert.NoError(t, err) + + sha := resp.Commit.SHA + + gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, repo) + assert.NoError(t, err) + + commit, err := gitRepo.GetCommit(sha) + assert.NoError(t, err) + + entry, err := commit.GetTreeEntryByPath("test.txt") + assert.NoError(t, err) + + b := entry.Blob() + r1, err := b.DataAsync() + assert.NoError(t, err) + defer r1.Close() + r2, err := b.DataAsync() + assert.NoError(t, err) + defer r2.Close() + + var data1, data2 []byte + wg := sync.WaitGroup{} + wg.Add(2) + go func() { + data1, _ = io.ReadAll(r1) + assert.NoError(t, err) + wg.Done() + }() + go func() { + data2, _ = io.ReadAll(r2) + assert.NoError(t, err) + wg.Done() + }() + wg.Wait() + assert.Equal(t, testContent, data1) + assert.Equal(t, testContent, data2) + }) +} + +func TestAgitPullPush(t *testing.T) { + onGiteaRun(t, func(t *testing.T, u *url.URL) { + baseAPITestContext := NewAPITestContext(t, "user2", "repo1", auth_model.AccessTokenScopeWriteRepository, auth_model.AccessTokenScopeWriteUser) + + u.Path = baseAPITestContext.GitPath() + u.User = url.UserPassword("user2", userPassword) + + dstPath := t.TempDir() + doGitClone(dstPath, u)(t) + + gitRepo, err := git.OpenRepository(context.Background(), dstPath) + assert.NoError(t, err) + defer gitRepo.Close() + + doGitCreateBranch(dstPath, "test-agit-push") + + // commit 1 + _, err = generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-") + assert.NoError(t, err) + + // push to create an agit pull request + err = git.NewCommand(git.DefaultContext, "push", "origin", + "-o", "title=test-title", "-o", "description=test-description", + "HEAD:refs/for/master/test-agit-push", + ).Run(&git.RunOpts{Dir: dstPath}) + assert.NoError(t, err) + + // check pull request exist + pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{BaseRepoID: 1, Flow: issues_model.PullRequestFlowAGit, HeadBranch: "user2/test-agit-push"}) + assert.NoError(t, pr.LoadIssue(db.DefaultContext)) + assert.Equal(t, "test-title", pr.Issue.Title) + assert.Equal(t, "test-description", pr.Issue.Content) + + // commit 2 + _, err = generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "branch-data-file-2-") + assert.NoError(t, err) + + // push 2 + err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push").Run(&git.RunOpts{Dir: dstPath}) + assert.NoError(t, err) + + // reset to first commit + err = git.NewCommand(git.DefaultContext, "reset", "--hard", "HEAD~1").Run(&git.RunOpts{Dir: dstPath}) + assert.NoError(t, err) + + // test force push without confirm + _, stderr, err := git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push").RunStdString(&git.RunOpts{Dir: dstPath}) + assert.Error(t, err) + assert.Contains(t, stderr, "[remote rejected] HEAD -> refs/for/master/test-agit-push (request `force-push` push option)") + + // test force push with confirm + err = git.NewCommand(git.DefaultContext, "push", "origin", "HEAD:refs/for/master/test-agit-push", "-o", "force-push").Run(&git.RunOpts{Dir: dstPath}) + assert.NoError(t, err) + }) +} diff --git a/tests/test_utils.go b/tests/test_utils.go index e6ce3cce0e..3503ca1975 100644 --- a/tests/test_utils.go +++ b/tests/test_utils.go @@ -9,7 +9,6 @@ import ( "database/sql" "fmt" "os" - "path" "path/filepath" "testing" @@ -53,7 +52,7 @@ func InitTest(requireGitea bool) { if setting.IsWindows { giteaBinary += ".exe" } - setting.AppPath = path.Join(giteaRoot, giteaBinary) + setting.AppPath = filepath.Join(giteaRoot, giteaBinary) if _, err := os.Stat(setting.AppPath); err != nil { exitf("Could not find gitea binary at %s", setting.AppPath) } @@ -70,7 +69,7 @@ func InitTest(requireGitea bool) { exitf(`sqlite3 requires: import _ "github.com/mattn/go-sqlite3" or -tags sqlite,sqlite_unlock_notify`) } } - if !path.IsAbs(giteaConf) { + if !filepath.IsAbs(giteaConf) { setting.CustomConf = filepath.Join(giteaRoot, giteaConf) } else { setting.CustomConf = giteaConf @@ -193,8 +192,12 @@ func PrepareAttachmentsStorage(t testing.TB) { } func PrepareGitRepoDirectory(t testing.TB) { + if !assert.NotEmpty(t, setting.RepoRootPath) { + return + } + assert.NoError(t, util.RemoveAll(setting.RepoRootPath)) - assert.NoError(t, unittest.CopyDir(path.Join(filepath.Dir(setting.AppPath), "tests/gitea-repositories-meta"), setting.RepoRootPath)) + assert.NoError(t, unittest.CopyDir(filepath.Join(filepath.Dir(setting.AppPath), "tests/gitea-repositories-meta"), setting.RepoRootPath)) ownerDirs, err := os.ReadDir(setting.RepoRootPath) if err != nil { From 2763766f8563bd1abbc5806938103ae5e479a311 Mon Sep 17 00:00:00 2001 From: Albin Hedman Date: Tue, 12 Nov 2024 03:57:30 +0100 Subject: [PATCH 8/9] cargo registry - respect renamed dependencies (#32430) rust allows renaming dependencies such as when depending on multiple versions of the same package. This is not supported by gitea as discovered in #31500 . This PR tries to address that. --------- Co-authored-by: wxiaoguang --- modules/packages/cargo/parser.go | 11 ++++- modules/packages/cargo/parser_test.go | 58 +++++++++++++++++++-------- 2 files changed, 52 insertions(+), 17 deletions(-) diff --git a/modules/packages/cargo/parser.go b/modules/packages/cargo/parser.go index 36cd44df84..d82e0e2f05 100644 --- a/modules/packages/cargo/parser.go +++ b/modules/packages/cargo/parser.go @@ -136,8 +136,16 @@ func parsePackage(r io.Reader) (*Package, error) { dependencies := make([]*Dependency, 0, len(meta.Deps)) for _, dep := range meta.Deps { + // https://doc.rust-lang.org/cargo/reference/registry-web-api.html#publish + // It is a string of the new package name if the dependency is renamed, otherwise empty + name := dep.ExplicitNameInToml + pkg := &dep.Name + if name == "" { + name = dep.Name + pkg = nil + } dependencies = append(dependencies, &Dependency{ - Name: dep.Name, + Name: name, Req: dep.VersionReq, Features: dep.Features, Optional: dep.Optional, @@ -145,6 +153,7 @@ func parsePackage(r io.Reader) (*Package, error) { Target: dep.Target, Kind: dep.Kind, Registry: dep.Registry, + Package: pkg, }) } diff --git a/modules/packages/cargo/parser_test.go b/modules/packages/cargo/parser_test.go index 2230a5b499..0a120b8074 100644 --- a/modules/packages/cargo/parser_test.go +++ b/modules/packages/cargo/parser_test.go @@ -13,16 +13,16 @@ import ( "github.com/stretchr/testify/assert" ) -const ( - description = "Package Description" - author = "KN4CK3R" - homepage = "https://gitea.io/" - license = "MIT" -) - func TestParsePackage(t *testing.T) { - createPackage := func(name, version string) io.Reader { - metadata := `{ + const ( + description = "Package Description" + author = "KN4CK3R" + homepage = "https://gitea.io/" + license = "MIT" + payload = "gitea test dummy payload" // a fake payload for test only + ) + makeDefaultPackageMeta := func(name, version string) string { + return `{ "name":"` + name + `", "vers":"` + version + `", "description":"` + description + `", @@ -36,18 +36,19 @@ func TestParsePackage(t *testing.T) { "homepage":"` + homepage + `", "license":"` + license + `" }` - + } + createPackage := func(metadata string) io.Reader { var buf bytes.Buffer binary.Write(&buf, binary.LittleEndian, uint32(len(metadata))) buf.WriteString(metadata) - binary.Write(&buf, binary.LittleEndian, uint32(4)) - buf.WriteString("test") + binary.Write(&buf, binary.LittleEndian, uint32(len(payload))) + buf.WriteString(payload) return &buf } t.Run("InvalidName", func(t *testing.T) { for _, name := range []string{"", "0test", "-test", "_test", strings.Repeat("a", 65)} { - data := createPackage(name, "1.0.0") + data := createPackage(makeDefaultPackageMeta(name, "1.0.0")) cp, err := ParsePackage(data) assert.Nil(t, cp) @@ -57,7 +58,7 @@ func TestParsePackage(t *testing.T) { t.Run("InvalidVersion", func(t *testing.T) { for _, version := range []string{"", "1.", "-1.0", "1.0.0/1"} { - data := createPackage("test", version) + data := createPackage(makeDefaultPackageMeta("test", version)) cp, err := ParsePackage(data) assert.Nil(t, cp) @@ -66,7 +67,7 @@ func TestParsePackage(t *testing.T) { }) t.Run("Valid", func(t *testing.T) { - data := createPackage("test", "1.0.0") + data := createPackage(makeDefaultPackageMeta("test", "1.0.0")) cp, err := ParsePackage(data) assert.NotNil(t, cp) @@ -78,9 +79,34 @@ func TestParsePackage(t *testing.T) { assert.Equal(t, []string{author}, cp.Metadata.Authors) assert.Len(t, cp.Metadata.Dependencies, 1) assert.Equal(t, "dep", cp.Metadata.Dependencies[0].Name) + assert.Nil(t, cp.Metadata.Dependencies[0].Package) assert.Equal(t, homepage, cp.Metadata.ProjectURL) assert.Equal(t, license, cp.Metadata.License) content, _ := io.ReadAll(cp.Content) - assert.Equal(t, "test", string(content)) + assert.Equal(t, payload, string(content)) + }) + + t.Run("Renamed", func(t *testing.T) { + data := createPackage(`{ + "name":"test-pkg", + "vers":"1.0", + "description":"test-desc", + "authors": ["test-author"], + "deps":[ + { + "name":"dep-renamed", + "explicit_name_in_toml":"dep-explicit", + "version_req":"1.0" + } + ], + "homepage":"https://gitea.io/", + "license":"MIT" +}`) + cp, err := ParsePackage(data) + assert.NoError(t, err) + assert.Equal(t, "test-pkg", cp.Name) + assert.Equal(t, "https://gitea.io/", cp.Metadata.ProjectURL) + assert.Equal(t, "dep-explicit", cp.Metadata.Dependencies[0].Name) + assert.Equal(t, "dep-renamed", *cp.Metadata.Dependencies[0].Package) }) } From 4c924bf43cdc944c6ce34cce54f216c455a346a2 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Tue, 12 Nov 2024 04:44:24 +0100 Subject: [PATCH 9/9] Limit org member view of restricted users (#32211) currently restricted users can only see the repos of teams in orgs they are part at. they also should only see the users that are also part at the same team. --- *Sponsored by Kithara Software GmbH* --- models/fixtures/org_user.yml | 6 +++ models/fixtures/user.yml | 2 +- models/organization/org.go | 33 +++++++++++++++- models/organization/org_test.go | 70 +++++++++++++++++++++++++++++++++ 4 files changed, 108 insertions(+), 3 deletions(-) diff --git a/models/fixtures/org_user.yml b/models/fixtures/org_user.yml index cf21b84aa9..73a3e9dba9 100644 --- a/models/fixtures/org_user.yml +++ b/models/fixtures/org_user.yml @@ -129,3 +129,9 @@ uid: 2 org_id: 35 is_public: true + +- + id: 23 + uid: 20 + org_id: 17 + is_public: false diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml index c0296deec5..1044e487f8 100644 --- a/models/fixtures/user.yml +++ b/models/fixtures/user.yml @@ -623,7 +623,7 @@ num_stars: 0 num_repos: 2 num_teams: 3 - num_members: 4 + num_members: 5 visibility: 0 repo_admin_change_team_access: false theme: "" diff --git a/models/organization/org.go b/models/organization/org.go index 28a46ec8f5..6231f1eeed 100644 --- a/models/organization/org.go +++ b/models/organization/org.go @@ -22,6 +22,7 @@ import ( "code.gitea.io/gitea/modules/util" "xorm.io/builder" + "xorm.io/xorm" ) // ________ .__ __ .__ @@ -205,11 +206,28 @@ func (opts FindOrgMembersOpts) PublicOnly() bool { return opts.Doer == nil || !(opts.IsDoerMember || opts.Doer.IsAdmin) } +// applyTeamMatesOnlyFilter make sure restricted users only see public team members and there own team mates +func (opts FindOrgMembersOpts) applyTeamMatesOnlyFilter(sess *xorm.Session) { + if opts.Doer != nil && opts.IsDoerMember && opts.Doer.IsRestricted { + teamMates := builder.Select("DISTINCT team_user.uid"). + From("team_user"). + Where(builder.In("team_user.team_id", getUserTeamIDsQueryBuilder(opts.OrgID, opts.Doer.ID))). + And(builder.Eq{"team_user.org_id": opts.OrgID}) + + sess.And( + builder.In("org_user.uid", teamMates). + Or(builder.Eq{"org_user.is_public": true}), + ) + } +} + // CountOrgMembers counts the organization's members func CountOrgMembers(ctx context.Context, opts *FindOrgMembersOpts) (int64, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) if opts.PublicOnly() { - sess.And("is_public = ?", true) + sess = sess.And("is_public = ?", true) + } else { + opts.applyTeamMatesOnlyFilter(sess) } return sess.Count(new(OrgUser)) @@ -533,7 +551,9 @@ func GetOrgsCanCreateRepoByUserID(ctx context.Context, userID int64) ([]*Organiz func GetOrgUsersByOrgID(ctx context.Context, opts *FindOrgMembersOpts) ([]*OrgUser, error) { sess := db.GetEngine(ctx).Where("org_id=?", opts.OrgID) if opts.PublicOnly() { - sess.And("is_public = ?", true) + sess = sess.And("is_public = ?", true) + } else { + opts.applyTeamMatesOnlyFilter(sess) } if opts.ListOptions.PageSize > 0 { @@ -664,6 +684,15 @@ func (org *Organization) getUserTeamIDs(ctx context.Context, userID int64) ([]in Find(&teamIDs) } +func getUserTeamIDsQueryBuilder(orgID, userID int64) *builder.Builder { + return builder.Select("team.id").From("team"). + InnerJoin("team_user", "team_user.team_id = team.id"). + Where(builder.Eq{ + "team_user.org_id": orgID, + "team_user.uid": userID, + }) +} + // TeamsWithAccessToRepo returns all teams that have given access level to the repository. func (org *Organization) TeamsWithAccessToRepo(ctx context.Context, repoID int64, mode perm.AccessMode) ([]*Team, error) { return GetTeamsWithAccessToRepo(ctx, org.ID, repoID, mode) diff --git a/models/organization/org_test.go b/models/organization/org_test.go index 5442c37ccc..c614aaacf5 100644 --- a/models/organization/org_test.go +++ b/models/organization/org_test.go @@ -4,6 +4,7 @@ package organization_test import ( + "slices" "sort" "testing" @@ -181,6 +182,75 @@ func TestIsPublicMembership(t *testing.T) { test(unittest.NonexistentID, unittest.NonexistentID, false) } +func TestRestrictedUserOrgMembers(t *testing.T) { + assert.NoError(t, unittest.PrepareTestDatabase()) + + restrictedUser := unittest.AssertExistsAndLoadBean(t, &user_model.User{ + ID: 29, + IsRestricted: true, + }) + if !assert.True(t, restrictedUser.IsRestricted) { + return // ensure fixtures return restricted user + } + + testCases := []struct { + name string + opts *organization.FindOrgMembersOpts + expectedUIDs []int64 + }{ + { + name: "restricted user sees public members and teammates", + opts: &organization.FindOrgMembersOpts{ + OrgID: 17, // org17 where user29 is in team9 + Doer: restrictedUser, + IsDoerMember: true, + }, + expectedUIDs: []int64{2, 15, 20, 29}, // Public members (2) + teammates in team9 (15, 20, 29) + }, + { + name: "restricted user sees only public members when not member", + opts: &organization.FindOrgMembersOpts{ + OrgID: 3, // org3 where user29 is not a member + Doer: restrictedUser, + }, + expectedUIDs: []int64{2, 28}, // Only public members + }, + { + name: "non logged in only shows public members", + opts: &organization.FindOrgMembersOpts{ + OrgID: 3, + }, + expectedUIDs: []int64{2, 28}, // Only public members + }, + { + name: "non restricted user sees all members", + opts: &organization.FindOrgMembersOpts{ + OrgID: 17, + Doer: unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 15}), + IsDoerMember: true, + }, + expectedUIDs: []int64{2, 15, 18, 20, 29}, // All members + }, + } + + for _, tc := range testCases { + t.Run(tc.name, func(t *testing.T) { + count, err := organization.CountOrgMembers(db.DefaultContext, tc.opts) + assert.NoError(t, err) + assert.EqualValues(t, len(tc.expectedUIDs), count) + + members, err := organization.GetOrgUsersByOrgID(db.DefaultContext, tc.opts) + assert.NoError(t, err) + memberUIDs := make([]int64, 0, len(members)) + for _, member := range members { + memberUIDs = append(memberUIDs, member.UID) + } + slices.Sort(memberUIDs) + assert.EqualValues(t, tc.expectedUIDs, memberUIDs) + }) + } +} + func TestFindOrgs(t *testing.T) { assert.NoError(t, unittest.PrepareTestDatabase())