diff --git a/.golangci.yml b/.golangci.yml index 34752127e0..2d098f6fcc 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -70,7 +70,7 @@ issues: - path: modules/log/ linters: - errcheck - - path: routers/routes/macaron.go + - path: routers/routes/web.go linters: - dupl - path: routers/api/v1/repo/issue_subscription.go diff --git a/cmd/dump.go b/cmd/dump.go index 1a2e625767..65e2c817f9 100644 --- a/cmd/dump.go +++ b/cmd/dump.go @@ -21,7 +21,7 @@ import ( "code.gitea.io/gitea/modules/storage" "code.gitea.io/gitea/modules/util" - "gitea.com/macaron/session" + "gitea.com/go-chi/session" archiver "github.com/mholt/archiver/v3" "github.com/urfave/cli" ) diff --git a/cmd/web.go b/cmd/web.go index 2e8c45a76e..79915ad194 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -102,8 +102,7 @@ func runWeb(ctx *cli.Context) error { return err } } - c := routes.NewChi() - routes.RegisterInstallRoute(c) + c := routes.InstallRoutes() err := listen(c, false) select { case <-graceful.GetManager().IsShutdown(): @@ -134,11 +133,9 @@ func runWeb(ctx *cli.Context) error { return err } } - // Set up Chi routes - c := routes.NewChi() - c.Mount("/", routes.NormalRoutes()) - routes.DelegateToMacaron(c) + // Set up Chi routes + c := routes.NormalRoutes() err := listen(c, true) <-graceful.GetManager().Done() log.Info("PID: %d Gitea Web Finished", os.Getpid()) diff --git a/contrib/pr/checkout.go b/contrib/pr/checkout.go index 9346577bd6..63eca484a5 100644 --- a/contrib/pr/checkout.go +++ b/contrib/pr/checkout.go @@ -116,9 +116,7 @@ func runPR() { //routers.GlobalInit() external.RegisterParsers() markup.Init() - c := routes.NewChi() - c.Mount("/", routes.NormalRoutes()) - routes.DelegateToMacaron(c) + c := routes.NormalRoutes() log.Printf("[PR] Ready for testing !\n") log.Printf("[PR] Login with user1, user2, user3, ... with pass: password\n") diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md index 5d2670151c..e8866ab333 100644 --- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -549,7 +549,7 @@ Define allowed algorithms and their minimum key length (use -1 to disable a type ## Session (`session`) -- `PROVIDER`: **memory**: Session engine provider \[memory, file, redis, mysql, couchbase, memcache, nodb, postgres\]. +- `PROVIDER`: **memory**: Session engine provider \[memory, file, redis, mysql, couchbase, memcache, postgres\]. - `PROVIDER_CONFIG`: **data/sessions**: For file, the root path; for others, the connection string. - `COOKIE_SECURE`: **false**: Enable this to force using HTTPS for all session access. - `COOKIE_NAME`: **i\_like\_gitea**: The name of the cookie used for the session ID. @@ -609,8 +609,6 @@ Default templates for project boards: - `MODE`: **console**: Logging mode. For multiple modes, use a comma to separate values. You can configure each mode in per mode log subsections `\[log.modename\]`. By default the file mode will log to `$ROOT_PATH/gitea.log`. - `LEVEL`: **Info**: General log level. \[Trace, Debug, Info, Warn, Error, Critical, Fatal, None\] - `STACKTRACE_LEVEL`: **None**: Default log level at which to log create stack traces. \[Trace, Debug, Info, Warn, Error, Critical, Fatal, None\] -- `REDIRECT_MACARON_LOG`: **false**: Redirects the Macaron log to its own logger or the default logger. -- `MACARON`: **file**: Logging mode for the macaron logger, use a comma to separate values. Configure each mode in per mode log subsections `\[log.modename.macaron\]`. By default the file mode will log to `$ROOT_PATH/macaron.log`. (If you set this to `,` it will log to default gitea logger.) - `ROUTER_LOG_LEVEL`: **Info**: The log level that the router should log at. (If you are setting the access log, its recommended to place this at Debug.) - `ROUTER`: **console**: The mode or name of the log the router should log to. (If you set this to `,` it will log to default gitea logger.) NB: You must `REDIRECT_MACARON_LOG` and have `DISABLE_ROUTER_LOG` set to `false` for this option to take effect. Configure each mode in per mode log subsections `\[log.modename.router\]`. @@ -618,7 +616,7 @@ NB: You must `REDIRECT_MACARON_LOG` and have `DISABLE_ROUTER_LOG` set to `false` - `ACCESS`: **file**: Logging mode for the access logger, use a comma to separate values. Configure each mode in per mode log subsections `\[log.modename.access\]`. By default the file mode will log to `$ROOT_PATH/access.log`. (If you set this to `,` it will log to the default gitea logger.) - `ACCESS_LOG_TEMPLATE`: **`{{.Ctx.RemoteAddr}} - {{.Identity}} {{.Start.Format "[02/Jan/2006:15:04:05 -0700]" }} "{{.Ctx.Req.Method}} {{.Ctx.Req.URL.RequestURI}} {{.Ctx.Req.Proto}}" {{.ResponseWriter.Status}} {{.ResponseWriter.Size}} "{{.Ctx.Req.Referer}}\" \"{{.Ctx.Req.UserAgent}}"`**: Sets the template used to create the access log. - The following variables are available: - - `Ctx`: the `macaron.Context` of the request. + - `Ctx`: the `context.Context` of the request. - `Identity`: the SignedUserName or `"-"` if not logged in. - `Start`: the start time of the request. - `ResponseWriter`: the responseWriter from the request. diff --git a/docs/content/doc/advanced/logging-documentation.en-us.md b/docs/content/doc/advanced/logging-documentation.en-us.md index bf9fc48881..195820329d 100644 --- a/docs/content/doc/advanced/logging-documentation.en-us.md +++ b/docs/content/doc/advanced/logging-documentation.en-us.md @@ -67,40 +67,11 @@ The provider type of the sublogger can be set using the `MODE` value in its subsection, but will default to the name. This allows you to have multiple subloggers that will log to files. -### The "Macaron" logger - -By default Macaron will log to its own go `log` instance. This writes -to `os.Stdout`. You can redirect this log to a Gitea configurable logger -through setting the `REDIRECT_MACARON_LOG` setting in the `[log]` -section which you can configure the outputs of by setting the `MACARON` -value in the `[log]` section of the configuration. `MACARON` defaults -to `file` if unset. - -Please note, the macaron logger will log at `INFO` level, setting the -`LEVEL` of this logger to `WARN` or above will result in no macaron logs. - -Each output sublogger for this logger is configured in -`[log.sublogger.macaron]` sections. There are certain default values -which will not be inherited from the `[log]` or relevant -`[log.sublogger]` sections: - -- `FLAGS` is `stdflags` (Equal to - `date,time,medfile,shortfuncname,levelinitial`) -- `FILE_NAME` will default to `%(ROOT_PATH)/macaron.log` -- `EXPRESSION` will default to `""` -- `PREFIX` will default to `""` - -NB: You can redirect the macaron logger to send its events to the gitea -log using the value: `MACARON = ,` - ### The "Router" logger -There are two types of Router log. By default Macaron send its own -router log which will be directed to Macaron's go `log`, however if you -`REDIRECT_MACARON_LOG` you will enable Gitea's router log. You can -disable both types of Router log by setting `DISABLE_ROUTER_LOG`. +You can disable Router log by setting `DISABLE_ROUTER_LOG`. -If you enable the redirect, you can configure the outputs of this +You can configure the outputs of this router log by setting the `ROUTER` value in the `[log]` section of the configuration. `ROUTER` will default to `console` if unset. The Gitea Router logs the same data as the Macaron log but has slightly different @@ -162,11 +133,11 @@ This value represent a go template. It's default value is: The template is passed following options: -- `Ctx` is the `macaron.Context` +- `Ctx` is the `context.Context` - `Identity` is the `SignedUserName` or `"-"` if the user is not logged in - `Start` is the start time of the request -- `ResponseWriter` is the `macaron.ResponseWriter` +- `ResponseWriter` is the `http.ResponseWriter` Caution must be taken when changing this template as it runs outside of the standard panic recovery trap. The template should also be as simple diff --git a/docs/content/page/index.en-us.md b/docs/content/page/index.en-us.md index d190b20ae5..6bf163ecbc 100644 --- a/docs/content/page/index.en-us.md +++ b/docs/content/page/index.en-us.md @@ -267,7 +267,7 @@ Windows, on architectures like amd64, i386, ARM, PowerPC, and others. ## Components -* Web framework: [Macaron](http://go-macaron.com/) +* Web framework: [Chi](http://github.com/go-chi/chi) * ORM: [XORM](https://xorm.io) * UI components: * [Semantic UI](http://semantic-ui.com/) diff --git a/docs/content/page/index.fr-fr.md b/docs/content/page/index.fr-fr.md index 4bbf08c4d9..17e22e8b59 100755 --- a/docs/content/page/index.fr-fr.md +++ b/docs/content/page/index.fr-fr.md @@ -254,7 +254,7 @@ Le but de ce projet est de fournir de la manière la plus simple, la plus rapide ## Composants -* Framework web : [Macaron](http://go-macaron.com/) +* Framework web : [Chi](http://github.com/go-chi/chi) * ORM: [XORM](https://xorm.io) * Interface graphique : * [Semantic UI](http://semantic-ui.com/) diff --git a/docs/content/page/index.zh-cn.md b/docs/content/page/index.zh-cn.md index 453715a84d..cb6a1da793 100644 --- a/docs/content/page/index.zh-cn.md +++ b/docs/content/page/index.zh-cn.md @@ -47,7 +47,7 @@ Gitea的首要目标是创建一个极易安装,运行非常快速,安装和 ## 组件 -* Web框架: [Macaron](http://go-macaron.com/) +* Web框架: [Chi](http://github.com/go-chi/chi) * ORM: [XORM](https://xorm.io) * UI组件: * [Semantic UI](http://semantic-ui.com/) diff --git a/docs/content/page/index.zh-tw.md b/docs/content/page/index.zh-tw.md index 4c7979f41c..86c182a7d0 100644 --- a/docs/content/page/index.zh-tw.md +++ b/docs/content/page/index.zh-tw.md @@ -47,7 +47,7 @@ Gitea 的首要目標是建立一個容易安裝,運行快速,安装和使 ## 元件 -* Web 框架: [Macaron](http://go-macaron.com/) +* Web 框架: [Chi](http://github.com/go-chi/chi) * ORM: [XORM](https://xorm.io) * UI 元件: * [Semantic UI](http://semantic-ui.com/) diff --git a/go.mod b/go.mod index 5d7fba0b7b..ad10dadd29 100644 --- a/go.mod +++ b/go.mod @@ -5,19 +5,12 @@ go 1.14 require ( code.gitea.io/gitea-vet v0.2.1 code.gitea.io/sdk/gitea v0.13.1 + gitea.com/go-chi/binding v0.0.0-20210113025129-03f1d313373c + gitea.com/go-chi/cache v0.0.0-20210110083709-82c4c9ce2d5e + gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee gitea.com/lunny/levelqueue v0.3.0 - gitea.com/macaron/binding v0.0.0-20190822013154-a5f53841ed2b - gitea.com/macaron/cache v0.0.0-20200924044943-905232fba10b - gitea.com/macaron/captcha v0.0.0-20200825161008-e8597820aaca - gitea.com/macaron/cors v0.0.0-20190826180238-95aec09ea8b4 - gitea.com/macaron/csrf v0.0.0-20190822024205-3dc5a4474439 - gitea.com/macaron/gzip v0.0.0-20200827120000-efa5e8477cf5 - gitea.com/macaron/i18n v0.0.0-20200911004404-4ca3dd0cbd60 - gitea.com/macaron/inject v0.0.0-20190805023432-d4c86e31027a - gitea.com/macaron/macaron v1.5.1-0.20201027213641-0db5d4584804 - gitea.com/macaron/session v0.0.0-20201103015045-a177a2701dee - gitea.com/macaron/toolbox v0.0.0-20190822013122-05ff0fc766b7 + github.com/NYTimes/gziphandler v1.1.1 github.com/PuerkitoBio/goquery v1.5.1 github.com/RoaringBitmap/roaring v0.5.5 // indirect github.com/alecthomas/chroma v0.8.2 @@ -36,6 +29,7 @@ require ( github.com/gliderlabs/ssh v0.3.1 github.com/glycerine/go-unsnap-stream v0.0.0-20190901134440-81cf024a9e0a // indirect github.com/go-chi/chi v1.5.1 + github.com/go-chi/cors v1.1.1 github.com/go-enry/go-enry/v2 v2.6.0 github.com/go-git/go-billy/v5 v5.0.0 github.com/go-git/go-git/v5 v5.2.0 diff --git a/go.sum b/go.sum index 458d0ab60e..79cba8d26b 100644 --- a/go.sum +++ b/go.sum @@ -40,44 +40,16 @@ code.gitea.io/gitea-vet v0.2.1/go.mod h1:zcNbT/aJEmivCAhfmkHOlT645KNOf9W2KnkLgFj code.gitea.io/sdk/gitea v0.13.1 h1:Y7bpH2iO6Q0KhhMJfjP/LZ0AmiYITeRQlCD8b0oYqhk= code.gitea.io/sdk/gitea v0.13.1/go.mod h1:z3uwDV/b9Ls47NGukYM9XhnHtqPh/J+t40lsUrR6JDY= dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= +gitea.com/go-chi/binding v0.0.0-20210113025129-03f1d313373c h1:NTtrGYjR40WUdkCdn26Y5LGFT52rIkFPkjmtgCAyiTs= +gitea.com/go-chi/binding v0.0.0-20210113025129-03f1d313373c/go.mod h1:9bGA9dIsrz+wVQKH1DzvxuAvrudHaQ8Wx8hLme/GVGQ= +gitea.com/go-chi/cache v0.0.0-20210110083709-82c4c9ce2d5e h1:zgPGaf3kXP0cVm9J0l8ZA2+XDzILYATg0CXbihR6N+o= +gitea.com/go-chi/cache v0.0.0-20210110083709-82c4c9ce2d5e/go.mod h1:k2V/gPDEtXGjjMGuBJiapffAXTv76H4snSmlJRLUhH0= +gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e h1:YjaQU6XFicdhPN+MlGolcXO8seYY2+EY5g7vZPB17CQ= +gitea.com/go-chi/captcha v0.0.0-20210110083842-e7696c336a1e/go.mod h1:nfA7JaGv3hbGQ1ktdhAsZhdS84qKffI8NMlHr+Opsog= gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee h1:9U6HuKUBt/cGK6T/64dEuz0r7Yp97WAAEJvXHDlY3ws= gitea.com/go-chi/session v0.0.0-20210108030337-0cb48c5ba8ee/go.mod h1:Ozg8IchVNb/Udg+ui39iHRYqVHSvf3C99ixdpLR8Vu0= gitea.com/lunny/levelqueue v0.3.0 h1:MHn1GuSZkxvVEDMyAPqlc7A3cOW+q8RcGhRgH/xtm6I= gitea.com/lunny/levelqueue v0.3.0/go.mod h1:HBqmLbz56JWpfEGG0prskAV97ATNRoj5LDmPicD22hU= -gitea.com/lunny/log v0.0.0-20190322053110-01b5df579c4e h1:r1en/D7xJmcY24VkHkjkcJFa+7ZWubVWPBrvsHkmHxk= -gitea.com/lunny/log v0.0.0-20190322053110-01b5df579c4e/go.mod h1:uJEsN4LQpeGYRCjuPXPZBClU7N5pWzGuyF4uqLpE/e0= -gitea.com/lunny/nodb v0.0.0-20200923032308-3238c4655727 h1:ZF2Bd6rqVlwhIDhYiS0uGYcT+GaVNGjuKVJkTNqWMIs= -gitea.com/lunny/nodb v0.0.0-20200923032308-3238c4655727/go.mod h1:h0OwsgcpJLSYtHcM5+Xciw9OEeuxi6ty4HDiO8C7aIY= -gitea.com/macaron/binding v0.0.0-20190822013154-a5f53841ed2b h1:vXt85uYV17KURaUlhU7v4GbCShkqRZDSfo0TkC0YCjQ= -gitea.com/macaron/binding v0.0.0-20190822013154-a5f53841ed2b/go.mod h1:Cxadig6POWpPYYSfg23E7jo35Yf0yvsdC1lifoKWmPo= -gitea.com/macaron/cache v0.0.0-20190822004001-a6e7fee4ee76 h1:mMsMEg90c5KXQgRWsH8D6GHXfZIW1RAe5S9VYIb12lM= -gitea.com/macaron/cache v0.0.0-20190822004001-a6e7fee4ee76/go.mod h1:NFHb9Of+LUnU86bU20CiXXg6ZlgCJ4XytP14UsHOXFs= -gitea.com/macaron/cache v0.0.0-20200924044943-905232fba10b h1:2ZE0JE3bKVBcP1VTrWeE1jqWwCAMIzfOQm1U9EGbBKU= -gitea.com/macaron/cache v0.0.0-20200924044943-905232fba10b/go.mod h1:W5hKG8T1GBfypp5CRQlgoJU4figIL0jhx02y4XA/NOA= -gitea.com/macaron/captcha v0.0.0-20200825161008-e8597820aaca h1:f5P41nXmXd/YOh8f6098Q0F1Y0QfpyRPSSIkni2XH4Q= -gitea.com/macaron/captcha v0.0.0-20200825161008-e8597820aaca/go.mod h1:J5h3N+1nKTXtU1x4GxexaQKgAz8UiWecNwi/CfX7CtQ= -gitea.com/macaron/cors v0.0.0-20190826180238-95aec09ea8b4 h1:e2rAFDejB0qN8OrY4xP4XSu8/yT6QmWxDZpB3J7r2GU= -gitea.com/macaron/cors v0.0.0-20190826180238-95aec09ea8b4/go.mod h1:rtOK4J20kpMD9XcNsnO5YA843YSTe/MUMbDj/TJ/Q7A= -gitea.com/macaron/csrf v0.0.0-20190822024205-3dc5a4474439 h1:88c34YM29a1GlWLrLBaG/GTT2htDdJz1u3n9+lmPolg= -gitea.com/macaron/csrf v0.0.0-20190822024205-3dc5a4474439/go.mod h1:IsQPHx73HnnqFBYiVHjg87q4XBZyGXXu77xANukvZuk= -gitea.com/macaron/gzip v0.0.0-20200827120000-efa5e8477cf5 h1:6rbhThlqfOb+sSmhrsVFz3bZoAeoloe7TZqyeiPbbWI= -gitea.com/macaron/gzip v0.0.0-20200827120000-efa5e8477cf5/go.mod h1:z8vCjuhqDfvzPUJDowGqbsgoeYBvDbl95S5k6y43Pxo= -gitea.com/macaron/i18n v0.0.0-20200911004404-4ca3dd0cbd60 h1:tNWNe5HBIlsfapFMtT4twTbXQmInRQWmdWNi8Di1ct0= -gitea.com/macaron/i18n v0.0.0-20200911004404-4ca3dd0cbd60/go.mod h1:g5ope1b+iWhBdHzAn6EJ9u9Gp3FRESxpG+CDf7HYc/A= -gitea.com/macaron/inject v0.0.0-20190803172902-8375ba841591/go.mod h1:h6E4kLao1Yko6DOU6QDnQPcuoNzvbZqzj2mtPcEn1aM= -gitea.com/macaron/inject v0.0.0-20190805023432-d4c86e31027a h1:aOKEXkDTnh4euoH0so/THLXeHtQuqHmDPb1xEk6Ehok= -gitea.com/macaron/inject v0.0.0-20190805023432-d4c86e31027a/go.mod h1:h6E4kLao1Yko6DOU6QDnQPcuoNzvbZqzj2mtPcEn1aM= -gitea.com/macaron/macaron v1.3.3-0.20190803174002-53e005ff4827/go.mod h1:/rvxMjIkOq4BM8uPUb+VHuU02ZfAO6R4+wD//tiCiRw= -gitea.com/macaron/macaron v1.3.3-0.20190821202302-9646c0587edb/go.mod h1:0coI+mSPSwbsyAbOuFllVS38awuk9mevhLD52l50Gjs= -gitea.com/macaron/macaron v1.5.0 h1:TvWEcHw1/zaHlo0GTuKEukLh3A99+QsU2mjBrXLXjVQ= -gitea.com/macaron/macaron v1.5.0/go.mod h1:P7hfDbQjcW22lkYkXlxdRIfWOXxH2+K4EogN4Q0UlLY= -gitea.com/macaron/macaron v1.5.1-0.20201027213641-0db5d4584804 h1:yUiJVZKzdXsBe2tumTAXHBZa1qPGoGXM3fBG4RJ5fQg= -gitea.com/macaron/macaron v1.5.1-0.20201027213641-0db5d4584804/go.mod h1:P7hfDbQjcW22lkYkXlxdRIfWOXxH2+K4EogN4Q0UlLY= -gitea.com/macaron/session v0.0.0-20190821211443-122c47c5f705/go.mod h1:1ujH0jD6Ca4iK9NL0Q2a7fG2chvXx5hVa7hBfABwpkA= -gitea.com/macaron/session v0.0.0-20201103015045-a177a2701dee h1:8/N3a56RXRJ66nnep0z+T7oHCB0bY6lpvtjv9Y9FPhE= -gitea.com/macaron/session v0.0.0-20201103015045-a177a2701dee/go.mod h1:5tJCkDbrwpGv+MQUSIZSOW0wFrkh0exsonJgOvBs1Dw= -gitea.com/macaron/toolbox v0.0.0-20190822013122-05ff0fc766b7 h1:N9QFoeNsUXLhl14mefLzGluqV7w2mGU3u+iZU+jCeWk= -gitea.com/macaron/toolbox v0.0.0-20190822013122-05ff0fc766b7/go.mod h1:kgsbFPPS4P+acDYDOPDa3N4IWWOuDJt5/INKRUz7aks= gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s= gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU= github.com/6543-forks/go-gogs-client v0.0.0-20210116182316-f2f8bc0ea9cc h1:FLylYVXDwK+YtrmXYnv2Q1Y5lQ9TU1Xp5F2vndIOTb4= @@ -92,6 +64,8 @@ github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym github.com/GeertJohan/go.incremental v1.0.0/go.mod h1:6fAjUhbVuX1KcMD3c8TEgVUqmo4seqhv0i0kdATSkM0= github.com/GeertJohan/go.rice v1.0.0/go.mod h1:eH6gbSOAUv07dQuZVnBmoDP8mgsM1rtixis4Tib9if0= github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0= +github.com/NYTimes/gziphandler v1.1.1 h1:ZUDjpQae29j0ryrS0u/B8HZfJBtBQHjqw2rQ2cqUQ3I= +github.com/NYTimes/gziphandler v1.1.1/go.mod h1:n/CVRwUEOgIxrgPvAQhUUr9oeUtvrhMomdKFjzJNB0c= github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU= github.com/PuerkitoBio/goquery v1.5.1 h1:PSPBGne8NIUWw+/7vFBV+kG2J/5MOjbzc7154OaKCSE= github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc= @@ -106,7 +80,6 @@ github.com/RoaringBitmap/roaring v0.5.5 h1:naNqvO1mNnghk2UvcsqnzHDBn9DRbCIRy94Gm github.com/RoaringBitmap/roaring v0.5.5/go.mod h1:puNo5VdzwbaIQxSiDIwfXl4Hnc+fbovcX4IW/dSTtUk= github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo= github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI= -github.com/Unknwon/com v0.0.0-20190321035513-0fed4efef755/go.mod h1:voKvFVpXBJxdIPeqjoJuLK+UVcRlo/JLjeToGxPYu68= github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g= github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c= github.com/akavel/rsrc v0.8.0/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkKq+c= @@ -233,19 +206,13 @@ github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfc github.com/couchbase/ghistogram v0.1.0/go.mod h1:s1Jhy76zqfEecpNWJfWUiKZookAFaiGOEoyzgHt9i7k= github.com/couchbase/go-couchbase v0.0.0-20201026062457-7b3be89bbd89 h1:uNLXQ6QO1TocD8BaN/KkRki0Xw0brCM1PKl/ZA5pgfs= github.com/couchbase/go-couchbase v0.0.0-20201026062457-7b3be89bbd89/go.mod h1:+/bddYDxXsf9qt0xpDUtRR47A2GjaXmGGAqQ/k3GJ8A= -github.com/couchbase/gomemcached v0.0.0-20190515232915-c4b4ca0eb21d/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c= -github.com/couchbase/gomemcached v0.1.0 h1:whUde87n8CScx8ckMp2En5liqAlcuG3aKy/BQeBPu84= -github.com/couchbase/gomemcached v0.1.0/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c= github.com/couchbase/gomemcached v0.1.1 h1:xCS8ZglJDhrlQg3jmK7Rn1V8f7bPjXABLC05CgLQauc= github.com/couchbase/gomemcached v0.1.1/go.mod h1:mxliKQxOv84gQ0bJWbI+w9Wxdpt9HjDvgW9MjCym5Vo= -github.com/couchbase/goutils v0.0.0-20190315194238-f9d42b11473b/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs= github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67 h1:NCqJ6fwen6YP0WlV/IyibaT0kPt3JEI1rA62V/UPKT4= github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs= github.com/couchbase/moss v0.1.0/go.mod h1:9MaHIaRuy9pvLPUJxB8sh8OrLfyDczECVL37grCIubs= github.com/couchbase/vellum v1.0.2 h1:BrbP0NKiyDdndMPec8Jjhy0U47CZ0Lgx3xUC2r9rZqw= github.com/couchbase/vellum v1.0.2/go.mod h1:FcwrEivFpNi24R3jLOs3n+fs5RnuQnQqCLBJ1uAg1W4= -github.com/couchbaselabs/go-couchbase v0.0.0-20190708161019-23e7ca2ce2b7 h1:1XjEY/gnjQ+AfXef2U6dxCquhiRzkEpxZuWqs+QxTL8= -github.com/couchbaselabs/go-couchbase v0.0.0-20190708161019-23e7ca2ce2b7/go.mod h1:mby/05p8HE5yHEAKiIH/555NoblMs7PtW6NrYshDruc= github.com/cpuguy83/go-md2man v1.0.10 h1:BSKMNlYxDvnunlTymqtgONjNnaRV1sTpcovwwjF22jk= github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwcJI5acqYI6dE= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= @@ -331,6 +298,8 @@ github.com/go-asn1-ber/asn1-ber v1.5.1 h1:pDbRAunXzIUXfx4CB2QJFv5IuPiuoW+sWvr/Us github.com/go-asn1-ber/asn1-ber v1.5.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-chi/chi v1.5.1 h1:kfTK3Cxd/dkMu/rKs5ZceWYp+t5CtiE7vmaTv3LjC6w= github.com/go-chi/chi v1.5.1/go.mod h1:REp24E+25iKvxgeTfHmdUoL5x15kBiDBlnIl5bCwe2k= +github.com/go-chi/cors v1.1.1 h1:eHuqxsIw89iXcWnWUN8R72JMibABJTN/4IOYI5WERvw= +github.com/go-chi/cors v1.1.1/go.mod h1:K2Yje0VW/SJzxiyMYu6iPQYa7hMjQX2i/F491VChg1I= github.com/go-enry/go-enry/v2 v2.6.0 h1:nbGWQBpO+D+cJuRxNgSDFnFY9QWz3QM/CeZxU7VAH20= github.com/go-enry/go-enry/v2 v2.6.0/go.mod h1:GVzIiAytiS5uT/QiuakK7TF1u4xDab87Y8V5EJRpsIQ= github.com/go-enry/go-oniguruma v1.2.1 h1:k8aAMuJfMrqm/56SG2lV9Cfti6tC4x8673aHCcBk+eo= @@ -548,7 +517,6 @@ github.com/googleapis/gax-go/v2 v2.0.4/go.mod h1:0Wqv26UfaUD9n4G6kQubkQ+KchISgw+ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5mhpdKc/us6bOk= github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gopherjs/gopherjs v0.0.0-20190430165422-3e4dfb77656c/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gopherjs/gopherjs v0.0.0-20190910122728-9d188e94fb99 h1:twflg0XRTjwKpxb/jFExr4HGq6on2dEOmnL6FV+fgPw= github.com/gopherjs/gopherjs v0.0.0-20190910122728-9d188e94fb99/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= github.com/gorilla/context v1.1.1 h1:AWwleXJkX/nhcU9bZSnZoi3h/qGYqQAGhq6zZe/aQW8= @@ -700,7 +668,6 @@ github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvW github.com/kisielk/errcheck v1.2.0/go.mod h1:/BMXB+zMLi60iA8Vv6Ksmxu/1UDYcXs4uQLJ+jE2L00= github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.4.1/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= -github.com/klauspost/compress v1.9.2/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= github.com/klauspost/compress v1.9.5/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A= github.com/klauspost/compress v1.10.10/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.3 h1:dB4Bn0tN3wdCzQxnS8r06kV74qN/TAfaIS0bVE8h3jc= @@ -995,7 +962,6 @@ github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrf github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/assertions v1.0.1/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM= github.com/smartystreets/assertions v1.1.1 h1:T/YLemO5Yp7KPzS+lVtu+WsHn8yoSwTfItdAd1r3cck= github.com/smartystreets/assertions v1.1.1/go.mod h1:tcbTF8ujkAEcZ8TElKY+i30BzYlVhC/LOxJk7iOWnoo= github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h1:SnhjPscd9TpLiy1LpzGSKh3bXCfxxXuqd9xmQJy3slM= @@ -1068,7 +1034,6 @@ github.com/ulikunitz/xz v0.5.8/go.mod h1:nbz6k7qbPmH4IRqmfOplQw/tblSgqTqBwxkY0oW github.com/unknwon/com v0.0.0-20190804042917-757f69c95f3e/go.mod h1:tOOxU81rwgoCLoOVVPHb6T/wt8HZygqH5id+GNnlCXM= github.com/unknwon/com v1.0.1 h1:3d1LTxD+Lnf3soQiD4Cp/0BRB+Rsa/+RTvz8GMMzIXs= github.com/unknwon/com v1.0.1/go.mod h1:tOOxU81rwgoCLoOVVPHb6T/wt8HZygqH5id+GNnlCXM= -github.com/unknwon/i18n v0.0.0-20190805065654-5c6446a380b6/go.mod h1:+5rDk6sDGpl3azws3O+f+GpFSyN9GVr0K8cvQLQM2ZQ= github.com/unknwon/i18n v0.0.0-20200823051745-09abd91c7f2c h1:679/gJXwrsHC3RATr0YYjZvDMJPYN7W9FGSGNoLmKxM= github.com/unknwon/i18n v0.0.0-20200823051745-09abd91c7f2c/go.mod h1:+5rDk6sDGpl3azws3O+f+GpFSyN9GVr0K8cvQLQM2ZQ= github.com/unknwon/paginater v0.0.0-20200328080006-042474bd0eae h1:ihaXiJkaca54IaCSnEXtE/uSZOmPxKZhDfVLrzZLFDs= @@ -1171,9 +1136,6 @@ golang.org/x/crypto v0.0.0-20200604202706-70a84ac30bf9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a h1:vclmkQCjlDX5OydZ9wv8rBCcS0QyQY66Mpf/7BZbInM= -golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201217014255-9d1352758620 h1:3wPMTskHO3+O6jqTEXyFcsnuxMQOqYSaHsDxcbUXpqA= golang.org/x/crypto v0.0.0-20201217014255-9d1352758620/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= @@ -1535,12 +1497,10 @@ gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o= gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df h1:n7WqCuqOuCbNr617RXOY0AWRXxgwEyPp2z+p0+hgMuE= gopkg.in/gomail.v2 v2.0.0-20160411212932-81ebce5c23df/go.mod h1:LRQQ+SO6ZHR7tOkpBDuZnXENFzX8qRjMDMyPD6BRkCw= gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s= -gopkg.in/ini.v1 v1.44.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.44.2/go.mod h1:M3Cogqpuv0QCi3ExAY5V4uOt4qb/R3xZubo9m8lK5wg= gopkg.in/ini.v1 v1.46.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.57.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.60.1/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.62.0 h1:duBzk771uxoUuOlyRLkHsygud9+5lrlGjdFBb4mSKDU= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= diff --git a/integrations/api_helper_for_declarative_test.go b/integrations/api_helper_for_declarative_test.go index b8e513958e..551a9bb751 100644 --- a/integrations/api_helper_for_declarative_test.go +++ b/integrations/api_helper_for_declarative_test.go @@ -14,7 +14,7 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/queue" api "code.gitea.io/gitea/modules/structs" diff --git a/integrations/api_pull_test.go b/integrations/api_pull_test.go index 61daf917ff..369f4ce31f 100644 --- a/integrations/api_pull_test.go +++ b/integrations/api_pull_test.go @@ -10,7 +10,7 @@ import ( "testing" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" issue_service "code.gitea.io/gitea/services/issue" diff --git a/integrations/api_releases_test.go b/integrations/api_releases_test.go index 8328b014d6..870d7d0e64 100644 --- a/integrations/api_releases_test.go +++ b/integrations/api_releases_test.go @@ -131,7 +131,7 @@ func TestAPIGetReleaseByTag(t *testing.T) { tag := "v1.1" - urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/releases/tags/%s/", + urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/releases/tags/%s", owner.Name, repo.Name, tag) req := NewRequestf(t, "GET", urlStr) @@ -144,7 +144,7 @@ func TestAPIGetReleaseByTag(t *testing.T) { nonexistingtag := "nonexistingtag" - urlStr = fmt.Sprintf("/api/v1/repos/%s/%s/releases/tags/%s/", + urlStr = fmt.Sprintf("/api/v1/repos/%s/%s/releases/tags/%s", owner.Name, repo.Name, nonexistingtag) req = NewRequestf(t, "GET", urlStr) @@ -163,7 +163,7 @@ func TestAPIDeleteTagByName(t *testing.T) { session := loginUser(t, owner.LowerName) token := getTokenForLoggedInUser(t, session) - urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/releases/tags/delete-tag/?token=%s", + urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/releases/tags/delete-tag?token=%s", owner.Name, repo.Name, token) req := NewRequestf(t, http.MethodDelete, urlStr) @@ -171,7 +171,7 @@ func TestAPIDeleteTagByName(t *testing.T) { // Make sure that actual releases can't be deleted outright createNewReleaseUsingAPI(t, session, token, owner, repo, "release-tag", "", "Release Tag", "test") - urlStr = fmt.Sprintf("/api/v1/repos/%s/%s/releases/tags/release-tag/?token=%s", + urlStr = fmt.Sprintf("/api/v1/repos/%s/%s/releases/tags/release-tag?token=%s", owner.Name, repo.Name, token) req = NewRequestf(t, http.MethodDelete, urlStr) diff --git a/integrations/create_no_session_test.go b/integrations/create_no_session_test.go index ae0d9f8120..89682e95cf 100644 --- a/integrations/create_no_session_test.go +++ b/integrations/create_no_session_test.go @@ -17,7 +17,7 @@ import ( "code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/routers/routes" - "gitea.com/macaron/session" + "gitea.com/go-chi/session" "github.com/stretchr/testify/assert" ) @@ -58,9 +58,7 @@ func TestSessionFileCreation(t *testing.T) { oldSessionConfig := setting.SessionConfig.ProviderConfig defer func() { setting.SessionConfig.ProviderConfig = oldSessionConfig - c = routes.NewChi() - c.Mount("/", routes.NormalRoutes()) - routes.DelegateToMacaron(c) + c = routes.NormalRoutes() }() var config session.Options @@ -84,9 +82,7 @@ func TestSessionFileCreation(t *testing.T) { setting.SessionConfig.ProviderConfig = string(newConfigBytes) - c = routes.NewChi() - c.Mount("/", routes.NormalRoutes()) - routes.DelegateToMacaron(c) + c = routes.NormalRoutes() t.Run("NoSessionOnViewIssue", func(t *testing.T) { defer PrintCurrentTest(t)() diff --git a/integrations/integration_test.go b/integrations/integration_test.go index f3b2644c78..ee005c087d 100644 --- a/integrations/integration_test.go +++ b/integrations/integration_test.go @@ -31,15 +31,15 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/storage" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers" "code.gitea.io/gitea/routers/routes" "github.com/PuerkitoBio/goquery" - "github.com/go-chi/chi" "github.com/stretchr/testify/assert" ) -var c chi.Router +var c *web.Route type NilResponseRecorder struct { httptest.ResponseRecorder @@ -66,9 +66,7 @@ func TestMain(m *testing.M) { defer cancel() initIntegrationTest() - c = routes.NewChi() - c.Mount("/", routes.NormalRoutes()) - routes.DelegateToMacaron(c) + c = routes.NormalRoutes() // integration test settings... if setting.Cfg != nil { @@ -387,6 +385,9 @@ func NewRequestWithJSON(t testing.TB, method, urlStr string, v interface{}) *htt func NewRequestWithBody(t testing.TB, method, urlStr string, body io.Reader) *http.Request { t.Helper() + if !strings.HasPrefix(urlStr, "http") && !strings.HasPrefix(urlStr, "/") { + urlStr = "/" + urlStr + } request, err := http.NewRequest(method, urlStr, body) assert.NoError(t, err) request.RequestURI = urlStr diff --git a/integrations/lfs_getobject_test.go b/integrations/lfs_getobject_test.go index 180182dd42..f364349ef1 100644 --- a/integrations/lfs_getobject_test.go +++ b/integrations/lfs_getobject_test.go @@ -19,8 +19,8 @@ import ( "code.gitea.io/gitea/modules/lfs" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/storage" + "code.gitea.io/gitea/routers/routes" - "gitea.com/macaron/gzip" gzipp "github.com/klauspost/compress/gzip" "github.com/stretchr/testify/assert" ) @@ -121,7 +121,7 @@ func TestGetLFSLarge(t *testing.T) { t.Skip() return } - content := make([]byte, gzip.MinSize*10) + content := make([]byte, routes.GzipMinSize*10) for i := range content { content[i] = byte(i % 256) } @@ -137,7 +137,7 @@ func TestGetLFSGzip(t *testing.T) { t.Skip() return } - b := make([]byte, gzip.MinSize*10) + b := make([]byte, routes.GzipMinSize*10) for i := range b { b[i] = byte(i % 256) } @@ -158,7 +158,7 @@ func TestGetLFSZip(t *testing.T) { t.Skip() return } - b := make([]byte, gzip.MinSize*10) + b := make([]byte, routes.GzipMinSize*10) for i := range b { b[i] = byte(i % 256) } diff --git a/integrations/links_test.go b/integrations/links_test.go index 2c674c104a..e16b688c8d 100644 --- a/integrations/links_test.go +++ b/integrations/links_test.go @@ -32,7 +32,6 @@ func TestLinksNoLogin(t *testing.T) { "/user/login", "/user/forgot_password", "/api/swagger", - "/api/v1/swagger", "/user2/repo1", "/user2/repo1/projects", "/user2/repo1/projects/1", @@ -53,6 +52,7 @@ func TestRedirectsNoLogin(t *testing.T) { "/user2/repo1/src/master/file.txt": "/user2/repo1/src/branch/master/file.txt", "/user2/repo1/src/master/directory/file.txt": "/user2/repo1/src/branch/master/directory/file.txt", "/user/avatar/Ghost/-1": "/img/avatar_default.png", + "/api/v1/swagger": "/api/swagger", } for link, redirectLink := range redirects { req := NewRequest(t, "GET", link) @@ -86,7 +86,6 @@ func testLinksAsUser(userName string, t *testing.T) { "/", "/user/forgot_password", "/api/swagger", - "/api/v1/swagger", "/issues", "/issues?type=your_repositories&repos=[0]&sort=&state=open", "/issues?type=assigned&repos=[0]&sort=&state=open", diff --git a/modules/auth/sso/interface.go b/modules/auth/sso/interface.go index c957fad02f..7efe79a69c 100644 --- a/modules/auth/sso/interface.go +++ b/modules/auth/sso/interface.go @@ -8,19 +8,15 @@ import ( "net/http" "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/middlewares" + "code.gitea.io/gitea/modules/session" ) // DataStore represents a data store -type DataStore interface { - GetData() map[string]interface{} -} +type DataStore middlewares.DataStore // SessionStore represents a session store -type SessionStore interface { - Get(interface{}) interface{} - Set(interface{}, interface{}) error - Delete(interface{}) error -} +type SessionStore session.Store // SingleSignOn represents a SSO authentication method (plugin) for HTTP requests. type SingleSignOn interface { diff --git a/modules/auth/sso/oauth2.go b/modules/auth/sso/oauth2.go index fc22e27282..c3f6f08fb2 100644 --- a/modules/auth/sso/oauth2.go +++ b/modules/auth/sso/oauth2.go @@ -62,6 +62,8 @@ func (o *OAuth2) Free() error { // userIDFromToken returns the user id corresponding to the OAuth token. func (o *OAuth2) userIDFromToken(req *http.Request, store DataStore) int64 { + _ = req.ParseForm() + // Check access token. tokenSHA := req.Form.Get("token") if len(tokenSHA) == 0 { diff --git a/modules/cache/cache.go b/modules/cache/cache.go index 42227f9289..3f8885ee30 100644 --- a/modules/cache/cache.go +++ b/modules/cache/cache.go @@ -10,9 +10,9 @@ import ( "code.gitea.io/gitea/modules/setting" - mc "gitea.com/macaron/cache" + mc "gitea.com/go-chi/cache" - _ "gitea.com/macaron/cache/memcache" // memcache plugin for cache + _ "gitea.com/go-chi/cache/memcache" // memcache plugin for cache ) var ( @@ -20,7 +20,7 @@ var ( ) func newCache(cacheConfig setting.Cache) (mc.Cache, error) { - return mc.NewCacher(cacheConfig.Adapter, mc.Options{ + return mc.NewCacher(mc.Options{ Adapter: cacheConfig.Adapter, AdapterConfig: cacheConfig.Conn, Interval: cacheConfig.Interval, diff --git a/modules/cache/cache_redis.go b/modules/cache/cache_redis.go index 96e865a382..3cb0292e21 100644 --- a/modules/cache/cache_redis.go +++ b/modules/cache/cache_redis.go @@ -10,7 +10,7 @@ import ( "code.gitea.io/gitea/modules/nosql" - "gitea.com/macaron/cache" + "gitea.com/go-chi/cache" "github.com/go-redis/redis/v7" "github.com/unknwon/com" ) diff --git a/modules/context/api.go b/modules/context/api.go index 7771ec1b14..cf6dc265cd 100644 --- a/modules/context/api.go +++ b/modules/context/api.go @@ -6,18 +6,21 @@ package context import ( + "context" "fmt" + "html" "net/http" "net/url" "strings" "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/auth/sso" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/setting" - "gitea.com/macaron/csrf" - "gitea.com/macaron/macaron" + "gitea.com/go-chi/session" ) // APIContext is a specific macaron context for API service @@ -91,7 +94,7 @@ func (ctx *APIContext) Error(status int, title string, obj interface{}) { if status == http.StatusInternalServerError { log.ErrorWithSkip(1, "%s: %s", title, message) - if macaron.Env == macaron.PROD && !(ctx.User != nil && ctx.User.IsAdmin) { + if setting.IsProd() && !(ctx.User != nil && ctx.User.IsAdmin) { message = "" } } @@ -108,7 +111,7 @@ func (ctx *APIContext) InternalServerError(err error) { log.ErrorWithSkip(1, "InternalServerError: %v", err) var message string - if macaron.Env != macaron.PROD || (ctx.User != nil && ctx.User.IsAdmin) { + if !setting.IsProd() || (ctx.User != nil && ctx.User.IsAdmin) { message = err.Error() } @@ -118,6 +121,20 @@ func (ctx *APIContext) InternalServerError(err error) { }) } +var ( + apiContextKey interface{} = "default_api_context" +) + +// WithAPIContext set up api context in request +func WithAPIContext(req *http.Request, ctx *APIContext) *http.Request { + return req.WithContext(context.WithValue(req.Context(), apiContextKey, ctx)) +} + +// GetAPIContext returns a context for API routes +func GetAPIContext(req *http.Request) *APIContext { + return req.Context().Value(apiContextKey).(*APIContext) +} + func genAPILinks(curURL *url.URL, total, pageSize, curPage int) []string { page := NewPagination(total, pageSize, curPage, 0) paginater := page.Paginater @@ -172,7 +189,7 @@ func (ctx *APIContext) RequireCSRF() { headerToken := ctx.Req.Header.Get(ctx.csrf.GetHeaderName()) formValueToken := ctx.Req.FormValue(ctx.csrf.GetFormName()) if len(headerToken) > 0 || len(formValueToken) > 0 { - csrf.Validate(ctx.Context.Context, ctx.csrf) + Validate(ctx.Context, ctx.csrf) } else { ctx.Context.Error(401, "Missing CSRF token.") } @@ -201,42 +218,91 @@ func (ctx *APIContext) CheckForOTP() { } // APIContexter returns apicontext as macaron middleware -func APIContexter() macaron.Handler { - return func(c *Context) { - ctx := &APIContext{ - Context: c, - } - c.Map(ctx) +func APIContexter() func(http.Handler) http.Handler { + var csrfOpts = getCsrfOpts() + + return func(next http.Handler) http.Handler { + + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + var locale = middlewares.Locale(w, req) + var ctx = APIContext{ + Context: &Context{ + Resp: NewResponse(w), + Data: map[string]interface{}{}, + Locale: locale, + Session: session.GetSession(req), + Repo: &Repository{ + PullRequest: &PullRequest{}, + }, + Org: &Organization{}, + }, + Org: &APIOrganization{}, + } + + ctx.Req = WithAPIContext(WithContext(req, ctx.Context), &ctx) + ctx.csrf = Csrfer(csrfOpts, ctx.Context) + + // If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid. + if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") { + if err := ctx.Req.ParseMultipartForm(setting.Attachment.MaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size + ctx.InternalServerError(err) + return + } + } + + // Get user from session if logged in. + ctx.User, ctx.IsBasicAuth = sso.SignedInUser(ctx.Req, ctx.Resp, &ctx, ctx.Session) + if ctx.User != nil { + ctx.IsSigned = true + ctx.Data["IsSigned"] = ctx.IsSigned + ctx.Data["SignedUser"] = ctx.User + ctx.Data["SignedUserID"] = ctx.User.ID + ctx.Data["SignedUserName"] = ctx.User.Name + ctx.Data["IsAdmin"] = ctx.User.IsAdmin + } else { + ctx.Data["SignedUserID"] = int64(0) + ctx.Data["SignedUserName"] = "" + } + + ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`) + + ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken()) + + next.ServeHTTP(ctx.Resp, ctx.Req) + }) } } // ReferencesGitRepo injects the GitRepo into the Context -func ReferencesGitRepo(allowEmpty bool) macaron.Handler { - return func(ctx *APIContext) { - // Empty repository does not have reference information. - if !allowEmpty && ctx.Repo.Repository.IsEmpty { - return - } - - // For API calls. - if ctx.Repo.GitRepo == nil { - repoPath := models.RepoPath(ctx.Repo.Owner.Name, ctx.Repo.Repository.Name) - gitRepo, err := git.OpenRepository(repoPath) - if err != nil { - ctx.Error(500, "RepoRef Invalid repo "+repoPath, err) +func ReferencesGitRepo(allowEmpty bool) func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + ctx := GetAPIContext(req) + // Empty repository does not have reference information. + if !allowEmpty && ctx.Repo.Repository.IsEmpty { return } - ctx.Repo.GitRepo = gitRepo - // We opened it, we should close it - defer func() { - // If it's been set to nil then assume someone else has closed it. - if ctx.Repo.GitRepo != nil { - ctx.Repo.GitRepo.Close() - } - }() - } - ctx.Next() + // For API calls. + if ctx.Repo.GitRepo == nil { + repoPath := models.RepoPath(ctx.Repo.Owner.Name, ctx.Repo.Repository.Name) + gitRepo, err := git.OpenRepository(repoPath) + if err != nil { + ctx.Error(500, "RepoRef Invalid repo "+repoPath, err) + return + } + ctx.Repo.GitRepo = gitRepo + // We opened it, we should close it + defer func() { + // If it's been set to nil then assume someone else has closed it. + if ctx.Repo.GitRepo != nil { + ctx.Repo.GitRepo.Close() + } + }() + } + + next.ServeHTTP(w, req) + }) } } @@ -266,8 +332,9 @@ func (ctx *APIContext) NotFound(objs ...interface{}) { } // RepoRefForAPI handles repository reference names when the ref name is not explicitly given -func RepoRefForAPI() macaron.Handler { - return func(ctx *APIContext) { +func RepoRefForAPI(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + ctx := GetAPIContext(req) // Empty repository does not have reference information. if ctx.Repo.Repository.IsEmpty { return @@ -319,6 +386,6 @@ func RepoRefForAPI() macaron.Handler { return } - ctx.Next() - } + next.ServeHTTP(w, req) + }) } diff --git a/modules/context/auth.go b/modules/context/auth.go index 02248384e1..8be6ed1907 100644 --- a/modules/context/auth.go +++ b/modules/context/auth.go @@ -7,12 +7,8 @@ package context import ( "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" - - "gitea.com/macaron/csrf" - "gitea.com/macaron/macaron" ) // ToggleOptions contains required or check options @@ -24,42 +20,23 @@ type ToggleOptions struct { } // Toggle returns toggle options as middleware -func Toggle(options *ToggleOptions) macaron.Handler { +func Toggle(options *ToggleOptions) func(ctx *Context) { return func(ctx *Context) { - isAPIPath := auth.IsAPIPath(ctx.Req.URL.Path) - // Check prohibit login users. if ctx.IsSigned { if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm { ctx.Data["Title"] = ctx.Tr("auth.active_your_account") - if isAPIPath { - ctx.JSON(403, map[string]string{ - "message": "This account is not activated.", - }) - return - } ctx.HTML(200, "user/auth/activate") return - } else if !ctx.User.IsActive || ctx.User.ProhibitLogin { + } + if !ctx.User.IsActive || ctx.User.ProhibitLogin { log.Info("Failed authentication attempt for %s from %s", ctx.User.Name, ctx.RemoteAddr()) ctx.Data["Title"] = ctx.Tr("auth.prohibit_login") - if isAPIPath { - ctx.JSON(403, map[string]string{ - "message": "This account is prohibited from signing in, please contact your site administrator.", - }) - return - } ctx.HTML(200, "user/auth/prohibit_login") return } if ctx.User.MustChangePassword { - if isAPIPath { - ctx.JSON(403, map[string]string{ - "message": "You must change your password. Change it at: " + setting.AppURL + "/user/change_password", - }) - return - } if ctx.Req.URL.Path != "/user/settings/change_password" { ctx.Data["Title"] = ctx.Tr("auth.must_change_password") ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password" @@ -82,8 +59,8 @@ func Toggle(options *ToggleOptions) macaron.Handler { return } - if !options.SignOutRequired && !options.DisableCSRF && ctx.Req.Method == "POST" && !auth.IsAPIPath(ctx.Req.URL.Path) { - csrf.Validate(ctx.Context, ctx.csrf) + if !options.SignOutRequired && !options.DisableCSRF && ctx.Req.Method == "POST" { + Validate(ctx, ctx.csrf) if ctx.Written() { return } @@ -91,13 +68,6 @@ func Toggle(options *ToggleOptions) macaron.Handler { if options.SignInRequired { if !ctx.IsSigned { - // Restrict API calls with error message. - if isAPIPath { - ctx.JSON(403, map[string]string{ - "message": "Only signed in user is allowed to call APIs.", - }) - return - } if ctx.Req.URL.Path != "/user/events" { ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.URL.RequestURI(), 0, setting.AppSubURL) } @@ -108,32 +78,10 @@ func Toggle(options *ToggleOptions) macaron.Handler { ctx.HTML(200, "user/auth/activate") return } - if ctx.IsSigned && isAPIPath && ctx.IsBasicAuth { - twofa, err := models.GetTwoFactorByUID(ctx.User.ID) - if err != nil { - if models.IsErrTwoFactorNotEnrolled(err) { - return // No 2FA enrollment for this user - } - ctx.Error(500) - return - } - otpHeader := ctx.Req.Header.Get("X-Gitea-OTP") - ok, err := twofa.ValidateTOTP(otpHeader) - if err != nil { - ctx.Error(500) - return - } - if !ok { - ctx.JSON(403, map[string]string{ - "message": "Only signed in user is allowed to call APIs.", - }) - return - } - } } // Redirect to log in page if auto-signin info is provided and has not signed in. - if !options.SignOutRequired && !ctx.IsSigned && !isAPIPath && + if !options.SignOutRequired && !ctx.IsSigned && len(ctx.GetCookie(setting.CookieUserName)) > 0 { if ctx.Req.URL.Path != "/user/events" { ctx.SetCookie("redirect_to", setting.AppSubURL+ctx.Req.URL.RequestURI(), 0, setting.AppSubURL) @@ -151,3 +99,86 @@ func Toggle(options *ToggleOptions) macaron.Handler { } } } + +// ToggleAPI returns toggle options as middleware +func ToggleAPI(options *ToggleOptions) func(ctx *APIContext) { + return func(ctx *APIContext) { + // Check prohibit login users. + if ctx.IsSigned { + if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm { + ctx.Data["Title"] = ctx.Tr("auth.active_your_account") + ctx.JSON(403, map[string]string{ + "message": "This account is not activated.", + }) + return + } + if !ctx.User.IsActive || ctx.User.ProhibitLogin { + log.Info("Failed authentication attempt for %s from %s", ctx.User.Name, ctx.RemoteAddr()) + ctx.Data["Title"] = ctx.Tr("auth.prohibit_login") + ctx.JSON(403, map[string]string{ + "message": "This account is prohibited from signing in, please contact your site administrator.", + }) + return + } + + if ctx.User.MustChangePassword { + ctx.JSON(403, map[string]string{ + "message": "You must change your password. Change it at: " + setting.AppURL + "/user/change_password", + }) + return + } + } + + // Redirect to dashboard if user tries to visit any non-login page. + if options.SignOutRequired && ctx.IsSigned && ctx.Req.URL.RequestURI() != "/" { + ctx.Redirect(setting.AppSubURL + "/") + return + } + + if options.SignInRequired { + if !ctx.IsSigned { + // Restrict API calls with error message. + ctx.JSON(403, map[string]string{ + "message": "Only signed in user is allowed to call APIs.", + }) + return + } else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm { + ctx.Data["Title"] = ctx.Tr("auth.active_your_account") + ctx.HTML(200, "user/auth/activate") + return + } + if ctx.IsSigned && ctx.IsBasicAuth { + twofa, err := models.GetTwoFactorByUID(ctx.User.ID) + if err != nil { + if models.IsErrTwoFactorNotEnrolled(err) { + return // No 2FA enrollment for this user + } + ctx.InternalServerError(err) + return + } + otpHeader := ctx.Req.Header.Get("X-Gitea-OTP") + ok, err := twofa.ValidateTOTP(otpHeader) + if err != nil { + ctx.InternalServerError(err) + return + } + if !ok { + ctx.JSON(403, map[string]string{ + "message": "Only signed in user is allowed to call APIs.", + }) + return + } + } + } + + if options.AdminRequired { + if !ctx.User.IsAdmin { + ctx.JSON(403, map[string]string{ + "message": "You have no permission to request for this.", + }) + return + } + ctx.Data["PageIsAdmin"] = true + } + } +} diff --git a/modules/context/captcha.go b/modules/context/captcha.go new file mode 100644 index 0000000000..956380ed73 --- /dev/null +++ b/modules/context/captcha.go @@ -0,0 +1,26 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package context + +import ( + "sync" + + "code.gitea.io/gitea/modules/setting" + + "gitea.com/go-chi/captcha" +) + +var imageCaptchaOnce sync.Once +var cpt *captcha.Captcha + +// GetImageCaptcha returns global image captcha +func GetImageCaptcha() *captcha.Captcha { + imageCaptchaOnce.Do(func() { + cpt = captcha.NewCaptcha(captcha.Options{ + SubURL: setting.AppSubURL, + }) + }) + return cpt +} diff --git a/modules/context/context.go b/modules/context/context.go index e4121649ae..630129b8c1 100644 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -6,37 +6,55 @@ package context import ( + "context" + "crypto/sha256" + "encoding/hex" + "encoding/json" "html" "html/template" "io" "net/http" "net/url" "path" + "strconv" "strings" "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/auth/sso" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/templates" + "code.gitea.io/gitea/modules/translation" "code.gitea.io/gitea/modules/util" - "gitea.com/macaron/cache" - "gitea.com/macaron/csrf" - "gitea.com/macaron/i18n" - "gitea.com/macaron/macaron" - "gitea.com/macaron/session" + "gitea.com/go-chi/cache" + "gitea.com/go-chi/session" + "github.com/go-chi/chi" "github.com/unknwon/com" + "github.com/unknwon/i18n" + "github.com/unrolled/render" + "golang.org/x/crypto/pbkdf2" ) +// Render represents a template render +type Render interface { + TemplateLookup(tmpl string) *template.Template + HTML(w io.Writer, status int, name string, binding interface{}, htmlOpt ...render.HTMLOptions) error +} + // Context represents context of a request. type Context struct { - *macaron.Context + Resp ResponseWriter + Req *http.Request + Data map[string]interface{} + Render Render + translation.Locale Cache cache.Cache - csrf csrf.CSRF - Flash *session.Flash + csrf CSRF + Flash *middlewares.Flash Session session.Store Link string // current request URL @@ -163,13 +181,22 @@ func (ctx *Context) RedirectToFirst(location ...string) { // HTML calls Context.HTML and converts template name to string. func (ctx *Context) HTML(status int, name base.TplName) { log.Debug("Template: %s", name) - ctx.Context.HTML(status, string(name)) + if err := ctx.Render.HTML(ctx.Resp, status, string(name), ctx.Data); err != nil { + ctx.ServerError("Render failed", err) + } +} + +// HTMLString render content to a string but not http.ResponseWriter +func (ctx *Context) HTMLString(name string, data interface{}) (string, error) { + var buf strings.Builder + err := ctx.Render.HTML(&buf, 200, string(name), data) + return buf.String(), err } // RenderWithErr used for page has form validation but need to prompt error to users. func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) { if form != nil { - auth.AssignForm(form, ctx.Data) + middlewares.AssignForm(form, ctx.Data) } ctx.Flash.ErrorMsg = msg ctx.Data["Flash"] = ctx.Flash @@ -184,7 +211,7 @@ func (ctx *Context) NotFound(title string, err error) { func (ctx *Context) notFoundInternal(title string, err error) { if err != nil { log.ErrorWithSkip(2, "%s: %v", title, err) - if macaron.Env != macaron.PROD { + if !setting.IsProd() { ctx.Data["ErrorMsg"] = err } } @@ -203,7 +230,7 @@ func (ctx *Context) ServerError(title string, err error) { func (ctx *Context) serverErrorInternal(title string, err error) { if err != nil { log.ErrorWithSkip(2, "%s: %v", title, err) - if macaron.Env != macaron.PROD { + if !setting.IsProd() { ctx.Data["ErrorMsg"] = err } } @@ -224,6 +251,44 @@ func (ctx *Context) NotFoundOrServerError(title string, errck func(error) bool, ctx.serverErrorInternal(title, err) } +// Header returns a header +func (ctx *Context) Header() http.Header { + return ctx.Resp.Header() +} + +// FIXME: We should differ Query and Form, currently we just use form as query +// Currently to be compatible with macaron, we keep it. + +// Query returns request form as string with default +func (ctx *Context) Query(key string, defaults ...string) string { + return (*Forms)(ctx.Req).MustString(key, defaults...) +} + +// QueryTrim returns request form as string with default and trimmed spaces +func (ctx *Context) QueryTrim(key string, defaults ...string) string { + return (*Forms)(ctx.Req).MustTrimmed(key, defaults...) +} + +// QueryStrings returns request form as strings with default +func (ctx *Context) QueryStrings(key string, defaults ...[]string) []string { + return (*Forms)(ctx.Req).MustStrings(key, defaults...) +} + +// QueryInt returns request form as int with default +func (ctx *Context) QueryInt(key string, defaults ...int) int { + return (*Forms)(ctx.Req).MustInt(key, defaults...) +} + +// QueryInt64 returns request form as int64 with default +func (ctx *Context) QueryInt64(key string, defaults ...int64) int64 { + return (*Forms)(ctx.Req).MustInt64(key, defaults...) +} + +// QueryBool returns request form as bool with default +func (ctx *Context) QueryBool(key string, defaults ...bool) bool { + return (*Forms)(ctx.Req).MustBool(key, defaults...) +} + // HandleText handles HTTP status code func (ctx *Context) HandleText(status int, title string) { if (status/100 == 4) || (status/100 == 5) { @@ -249,66 +314,324 @@ func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interfa ctx.Resp.Header().Set("Cache-Control", "must-revalidate") ctx.Resp.Header().Set("Pragma", "public") ctx.Resp.Header().Set("Access-Control-Expose-Headers", "Content-Disposition") - http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r) + http.ServeContent(ctx.Resp, ctx.Req, name, modtime, r) +} + +// PlainText render content as plain text +func (ctx *Context) PlainText(status int, bs []byte) { + ctx.Resp.WriteHeader(status) + ctx.Resp.Header().Set("Content-Type", "text/plain;charset=utf8") + if _, err := ctx.Resp.Write(bs); err != nil { + ctx.ServerError("Render JSON failed", err) + } +} + +// ServeFile serves given file to response. +func (ctx *Context) ServeFile(file string, names ...string) { + var name string + if len(names) > 0 { + name = names[0] + } else { + name = path.Base(file) + } + ctx.Resp.Header().Set("Content-Description", "File Transfer") + ctx.Resp.Header().Set("Content-Type", "application/octet-stream") + ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name) + ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary") + ctx.Resp.Header().Set("Expires", "0") + ctx.Resp.Header().Set("Cache-Control", "must-revalidate") + ctx.Resp.Header().Set("Pragma", "public") + http.ServeFile(ctx.Resp, ctx.Req, file) +} + +// Error returned an error to web browser +func (ctx *Context) Error(status int, contents ...string) { + var v = http.StatusText(status) + if len(contents) > 0 { + v = contents[0] + } + http.Error(ctx.Resp, v, status) +} + +// JSON render content as JSON +func (ctx *Context) JSON(status int, content interface{}) { + ctx.Resp.WriteHeader(status) + ctx.Resp.Header().Set("Content-Type", "application/json;charset=utf8") + if err := json.NewEncoder(ctx.Resp).Encode(content); err != nil { + ctx.ServerError("Render JSON failed", err) + } +} + +// Redirect redirect the request +func (ctx *Context) Redirect(location string, status ...int) { + code := http.StatusFound + if len(status) == 1 { + code = status[0] + } + + http.Redirect(ctx.Resp, ctx.Req, location, code) +} + +// SetCookie set cookies to web browser +func (ctx *Context) SetCookie(name string, value string, others ...interface{}) { + middlewares.SetCookie(ctx.Resp, name, value, others...) +} + +// GetCookie returns given cookie value from request header. +func (ctx *Context) GetCookie(name string) string { + return middlewares.GetCookie(ctx.Req, name) +} + +// GetSuperSecureCookie returns given cookie value from request header with secret string. +func (ctx *Context) GetSuperSecureCookie(secret, name string) (string, bool) { + val := ctx.GetCookie(name) + if val == "" { + return "", false + } + + text, err := hex.DecodeString(val) + if err != nil { + return "", false + } + + key := pbkdf2.Key([]byte(secret), []byte(secret), 1000, 16, sha256.New) + text, err = com.AESGCMDecrypt(key, text) + return string(text), err == nil +} + +// SetSuperSecureCookie sets given cookie value to response header with secret string. +func (ctx *Context) SetSuperSecureCookie(secret, name, value string, others ...interface{}) { + key := pbkdf2.Key([]byte(secret), []byte(secret), 1000, 16, sha256.New) + text, err := com.AESGCMEncrypt(key, []byte(value)) + if err != nil { + panic("error encrypting cookie: " + err.Error()) + } + + ctx.SetCookie(name, hex.EncodeToString(text), others...) +} + +// GetCookieInt returns cookie result in int type. +func (ctx *Context) GetCookieInt(name string) int { + r, _ := strconv.Atoi(ctx.GetCookie(name)) + return r +} + +// GetCookieInt64 returns cookie result in int64 type. +func (ctx *Context) GetCookieInt64(name string) int64 { + r, _ := strconv.ParseInt(ctx.GetCookie(name), 10, 64) + return r +} + +// GetCookieFloat64 returns cookie result in float64 type. +func (ctx *Context) GetCookieFloat64(name string) float64 { + v, _ := strconv.ParseFloat(ctx.GetCookie(name), 64) + return v +} + +// RemoteAddr returns the client machie ip address +func (ctx *Context) RemoteAddr() string { + return ctx.Req.RemoteAddr +} + +// Params returns the param on route +func (ctx *Context) Params(p string) string { + s, _ := url.PathUnescape(chi.URLParam(ctx.Req, strings.TrimPrefix(p, ":"))) + return s +} + +// ParamsInt64 returns the param on route as int64 +func (ctx *Context) ParamsInt64(p string) int64 { + v, _ := strconv.ParseInt(ctx.Params(p), 10, 64) + return v +} + +// SetParams set params into routes +func (ctx *Context) SetParams(k, v string) { + chiCtx := chi.RouteContext(ctx.Req.Context()) + chiCtx.URLParams.Add(strings.TrimPrefix(k, ":"), url.PathEscape(v)) +} + +// Write writes data to webbrowser +func (ctx *Context) Write(bs []byte) (int, error) { + return ctx.Resp.Write(bs) +} + +// Written returns true if there are something sent to web browser +func (ctx *Context) Written() bool { + return ctx.Resp.Status() > 0 +} + +// Status writes status code +func (ctx *Context) Status(status int) { + ctx.Resp.WriteHeader(status) +} + +// Handler represents a custom handler +type Handler func(*Context) + +// enumerate all content +var ( + contextKey interface{} = "default_context" +) + +// WithContext set up install context in request +func WithContext(req *http.Request, ctx *Context) *http.Request { + return req.WithContext(context.WithValue(req.Context(), contextKey, ctx)) +} + +// GetContext retrieves install context from request +func GetContext(req *http.Request) *Context { + return req.Context().Value(contextKey).(*Context) +} + +func getCsrfOpts() CsrfOptions { + return CsrfOptions{ + Secret: setting.SecretKey, + Cookie: setting.CSRFCookieName, + SetCookie: true, + Secure: setting.SessionConfig.Secure, + CookieHTTPOnly: setting.CSRFCookieHTTPOnly, + Header: "X-Csrf-Token", + CookieDomain: setting.SessionConfig.Domain, + CookiePath: setting.SessionConfig.CookiePath, + } } // Contexter initializes a classic context for a request. -func Contexter() macaron.Handler { - return func(c *macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f *session.Flash, x csrf.CSRF) { - ctx := &Context{ - Context: c, - Cache: cache, - csrf: x, - Flash: f, - Session: sess, - Link: setting.AppSubURL + strings.TrimSuffix(c.Req.URL.EscapedPath(), "/"), - Repo: &Repository{ - PullRequest: &PullRequest{}, - }, - Org: &Organization{}, - } - ctx.Data["Language"] = ctx.Locale.Language() - c.Data["Link"] = ctx.Link - ctx.Data["CurrentURL"] = setting.AppSubURL + c.Req.URL.RequestURI() - ctx.Data["PageStartTime"] = time.Now() - // Quick responses appropriate go-get meta with status 200 - // regardless of if user have access to the repository, - // or the repository does not exist at all. - // This is particular a workaround for "go get" command which does not respect - // .netrc file. - if ctx.Query("go-get") == "1" { - ownerName := c.Params(":username") - repoName := c.Params(":reponame") - trimmedRepoName := strings.TrimSuffix(repoName, ".git") +func Contexter() func(next http.Handler) http.Handler { + rnd := templates.HTMLRenderer() - if ownerName == "" || trimmedRepoName == "" { - _, _ = c.Write([]byte(` + var c cache.Cache + var err error + if setting.CacheService.Enabled { + c, err = cache.NewCacher(cache.Options{ + Adapter: setting.CacheService.Adapter, + AdapterConfig: setting.CacheService.Conn, + Interval: setting.CacheService.Interval, + }) + if err != nil { + panic(err) + } + } + + var csrfOpts = getCsrfOpts() + //var flashEncryptionKey, _ = NewSecret() + + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + var locale = middlewares.Locale(resp, req) + var startTime = time.Now() + var link = setting.AppSubURL + strings.TrimSuffix(req.URL.EscapedPath(), "/") + var ctx = Context{ + Resp: NewResponse(resp), + Cache: c, + Locale: locale, + Link: link, + Render: rnd, + Session: session.GetSession(req), + Repo: &Repository{ + PullRequest: &PullRequest{}, + }, + Org: &Organization{}, + Data: map[string]interface{}{ + "CurrentURL": setting.AppSubURL + req.URL.RequestURI(), + "PageStartTime": startTime, + "TmplLoadTimes": func() string { + return time.Since(startTime).String() + }, + "Link": link, + }, + } + + ctx.Req = WithContext(req, &ctx) + ctx.csrf = Csrfer(csrfOpts, &ctx) + + // Get flash. + flashCookie := ctx.GetCookie("macaron_flash") + vals, _ := url.ParseQuery(flashCookie) + if len(vals) > 0 { + f := &middlewares.Flash{ + DataStore: &ctx, + Values: vals, + ErrorMsg: vals.Get("error"), + SuccessMsg: vals.Get("success"), + InfoMsg: vals.Get("info"), + WarningMsg: vals.Get("warning"), + } + ctx.Data["Flash"] = f + } + + f := &middlewares.Flash{ + DataStore: &ctx, + Values: url.Values{}, + ErrorMsg: "", + WarningMsg: "", + InfoMsg: "", + SuccessMsg: "", + } + ctx.Resp.Before(func(resp ResponseWriter) { + if flash := f.Encode(); len(flash) > 0 { + if err == nil { + middlewares.SetCookie(resp, "macaron_flash", flash, 0, + setting.SessionConfig.CookiePath, + middlewares.Domain(setting.SessionConfig.Domain), + middlewares.HTTPOnly(true), + middlewares.Secure(setting.SessionConfig.Secure), + //middlewares.SameSite(opt.SameSite), FIXME: we need a samesite config + ) + return + } + } + + ctx.SetCookie("macaron_flash", "", -1, + setting.SessionConfig.CookiePath, + middlewares.Domain(setting.SessionConfig.Domain), + middlewares.HTTPOnly(true), + middlewares.Secure(setting.SessionConfig.Secure), + //middlewares.SameSite(), FIXME: we need a samesite config + ) + }) + + ctx.Flash = f + + // Quick responses appropriate go-get meta with status 200 + // regardless of if user have access to the repository, + // or the repository does not exist at all. + // This is particular a workaround for "go get" command which does not respect + // .netrc file. + if ctx.Query("go-get") == "1" { + ownerName := ctx.Params(":username") + repoName := ctx.Params(":reponame") + trimmedRepoName := strings.TrimSuffix(repoName, ".git") + + if ownerName == "" || trimmedRepoName == "" { + _, _ = ctx.Write([]byte(`
invalid import path `)) - c.WriteHeader(400) - return - } - branchName := "master" + ctx.Status(400) + return + } + branchName := "master" - repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName) - if err == nil && len(repo.DefaultBranch) > 0 { - branchName = repo.DefaultBranch - } - prefix := setting.AppURL + path.Join(url.PathEscape(ownerName), url.PathEscape(repoName), "src", "branch", util.PathEscapeSegments(branchName)) + repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName) + if err == nil && len(repo.DefaultBranch) > 0 { + branchName = repo.DefaultBranch + } + prefix := setting.AppURL + path.Join(url.PathEscape(ownerName), url.PathEscape(repoName), "src", "branch", util.PathEscapeSegments(branchName)) - appURL, _ := url.Parse(setting.AppURL) + appURL, _ := url.Parse(setting.AppURL) - insecure := "" - if appURL.Scheme == string(setting.HTTP) { - insecure = "--insecure " - } - c.Header().Set("Content-Type", "text/html") - c.WriteHeader(http.StatusOK) - _, _ = c.Write([]byte(com.Expand(` + insecure := "" + if appURL.Scheme == string(setting.HTTP) { + insecure = "--insecure " + } + ctx.Header().Set("Content-Type", "text/html") + ctx.Status(http.StatusOK) + _, _ = ctx.Write([]byte(com.Expand(` @@ -319,60 +642,72 @@ func Contexter() macaron.Handler { `, map[string]string{ - "GoGetImport": ComposeGoGetImport(ownerName, trimmedRepoName), - "CloneLink": models.ComposeHTTPSCloneURL(ownerName, repoName), - "GoDocDirectory": prefix + "{/dir}", - "GoDocFile": prefix + "{/dir}/{file}#L{line}", - "Insecure": insecure, - }))) - return - } - - // Get user from session if logged in. - ctx.User, ctx.IsBasicAuth = sso.SignedInUser(ctx.Req.Request, c.Resp, ctx, ctx.Session) - - if ctx.User != nil { - ctx.IsSigned = true - ctx.Data["IsSigned"] = ctx.IsSigned - ctx.Data["SignedUser"] = ctx.User - ctx.Data["SignedUserID"] = ctx.User.ID - ctx.Data["SignedUserName"] = ctx.User.Name - ctx.Data["IsAdmin"] = ctx.User.IsAdmin - } else { - ctx.Data["SignedUserID"] = int64(0) - ctx.Data["SignedUserName"] = "" - } - - // If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid. - if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") { - if err := ctx.Req.ParseMultipartForm(setting.Attachment.MaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size - ctx.ServerError("ParseMultipartForm", err) + "GoGetImport": ComposeGoGetImport(ownerName, trimmedRepoName), + "CloneLink": models.ComposeHTTPSCloneURL(ownerName, repoName), + "GoDocDirectory": prefix + "{/dir}", + "GoDocFile": prefix + "{/dir}/{file}#L{line}", + "Insecure": insecure, + }))) return } - } - ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`) + // If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid. + if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") { + if err := ctx.Req.ParseMultipartForm(setting.Attachment.MaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size + ctx.ServerError("ParseMultipartForm", err) + return + } + } - ctx.Data["CsrfToken"] = html.EscapeString(x.GetToken()) - ctx.Data["CsrfTokenHtml"] = template.HTML(``) - log.Debug("Session ID: %s", sess.ID()) - log.Debug("CSRF Token: %v", ctx.Data["CsrfToken"]) + // Get user from session if logged in. + ctx.User, ctx.IsBasicAuth = sso.SignedInUser(ctx.Req, ctx.Resp, &ctx, ctx.Session) - ctx.Data["IsLandingPageHome"] = setting.LandingPageURL == setting.LandingPageHome - ctx.Data["IsLandingPageExplore"] = setting.LandingPageURL == setting.LandingPageExplore - ctx.Data["IsLandingPageOrganizations"] = setting.LandingPageURL == setting.LandingPageOrganizations + if ctx.User != nil { + ctx.IsSigned = true + ctx.Data["IsSigned"] = ctx.IsSigned + ctx.Data["SignedUser"] = ctx.User + ctx.Data["SignedUserID"] = ctx.User.ID + ctx.Data["SignedUserName"] = ctx.User.Name + ctx.Data["IsAdmin"] = ctx.User.IsAdmin + } else { + ctx.Data["SignedUserID"] = int64(0) + ctx.Data["SignedUserName"] = "" + } - ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton - ctx.Data["ShowMilestonesDashboardPage"] = setting.Service.ShowMilestonesDashboardPage - ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding - ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion + ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`) - ctx.Data["EnableSwagger"] = setting.API.EnableSwagger - ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn - ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations + ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken()) + ctx.Data["CsrfTokenHtml"] = template.HTML(``) + log.Debug("Session ID: %s", ctx.Session.ID()) + log.Debug("CSRF Token: %v", ctx.Data["CsrfToken"]) - ctx.Data["ManifestData"] = setting.ManifestData + ctx.Data["IsLandingPageHome"] = setting.LandingPageURL == setting.LandingPageHome + ctx.Data["IsLandingPageExplore"] = setting.LandingPageURL == setting.LandingPageExplore + ctx.Data["IsLandingPageOrganizations"] = setting.LandingPageURL == setting.LandingPageOrganizations - c.Map(ctx) + ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton + ctx.Data["ShowMilestonesDashboardPage"] = setting.Service.ShowMilestonesDashboardPage + ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding + ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion + + ctx.Data["EnableSwagger"] = setting.API.EnableSwagger + ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn + ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations + + ctx.Data["ManifestData"] = setting.ManifestData + + ctx.Data["i18n"] = locale + ctx.Data["Tr"] = i18n.Tr + ctx.Data["Lang"] = locale.Language() + ctx.Data["AllLangs"] = translation.AllLangs() + for _, lang := range translation.AllLangs() { + if lang.Lang == locale.Language() { + ctx.Data["LangName"] = lang.Name + break + } + } + + next.ServeHTTP(ctx.Resp, ctx.Req) + }) } } diff --git a/vendor/gitea.com/macaron/csrf/csrf.go b/modules/context/csrf.go similarity index 69% rename from vendor/gitea.com/macaron/csrf/csrf.go rename to modules/context/csrf.go index 66f5b40a8e..4a26664bf3 100644 --- a/vendor/gitea.com/macaron/csrf/csrf.go +++ b/modules/context/csrf.go @@ -1,5 +1,6 @@ // Copyright 2013 Martini Authors // Copyright 2014 The Macaron Authors +// Copyright 2021 The Gitea Authors // // Licensed under the Apache License, Version 2.0 (the "License"): you may // not use this file except in compliance with the License. You may obtain @@ -13,24 +14,17 @@ // License for the specific language governing permissions and limitations // under the License. -// Package csrf is a middleware that generates and validates CSRF tokens for Macaron. -package csrf +// a middleware that generates and validates CSRF tokens. + +package context import ( "net/http" "time" - "gitea.com/macaron/macaron" - "gitea.com/macaron/session" "github.com/unknwon/com" ) -const _VERSION = "0.1.1" - -func Version() string { - return _VERSION -} - // CSRF represents a CSRF service and is used to get the current token and validate a suspect token. type CSRF interface { // Return HTTP header to search for token. @@ -42,7 +36,7 @@ type CSRF interface { // Return cookie path GetCookiePath() string // Return the flag value used for the csrf token. - GetCookieHttpOnly() bool + GetCookieHTTPOnly() bool // Return the token. GetToken() string // Validate by token. @@ -63,7 +57,7 @@ type csrf struct { //Cookie path CookiePath string // Cookie HttpOnly flag value used for the csrf token. - CookieHttpOnly bool + CookieHTTPOnly bool // Token generated to pass via header, cookie, or hidden form value. Token string // This value must be unique per user. @@ -94,9 +88,9 @@ func (c *csrf) GetCookiePath() string { return c.CookiePath } -// GetCookieHttpOnly returns the flag value used for the csrf token. -func (c *csrf) GetCookieHttpOnly() bool { - return c.CookieHttpOnly +// GetCookieHTTPOnly returns the flag value used for the csrf token. +func (c *csrf) GetCookieHTTPOnly() bool { + return c.CookieHTTPOnly } // GetToken returns the current token. This is typically used @@ -115,8 +109,8 @@ func (c *csrf) Error(w http.ResponseWriter) { c.ErrorFunc(w) } -// Options maintains options to manage behavior of Generate. -type Options struct { +// CsrfOptions maintains options to manage behavior of Generate. +type CsrfOptions struct { // The global secret value used to generate Tokens. Secret string // HTTP header used to set and get token. @@ -129,11 +123,13 @@ type Options struct { CookieDomain string // Cookie path. CookiePath string - CookieHttpOnly bool + CookieHTTPOnly bool + // SameSite set the cookie SameSite type + SameSite http.SameSite // Key used for getting the unique ID per user. SessionKey string - // oldSeesionKey saves old value corresponding to SessionKey. - oldSeesionKey string + // oldSessionKey saves old value corresponding to SessionKey. + oldSessionKey string // If true, send token via X-CSRFToken header. SetHeader bool // If true, send token via _csrf cookie. @@ -144,10 +140,12 @@ type Options struct { Origin bool // The function called when Validate fails. ErrorFunc func(w http.ResponseWriter) + // Cookie life time. Default is 0 + CookieLifeTime int } -func prepareOptions(options []Options) Options { - var opt Options +func prepareOptions(options []CsrfOptions) CsrfOptions { + var opt CsrfOptions if len(options) > 0 { opt = options[0] } @@ -171,7 +169,7 @@ func prepareOptions(options []Options) Options { if len(opt.SessionKey) == 0 { opt.SessionKey = "uid" } - opt.oldSeesionKey = "_old_" + opt.SessionKey + opt.oldSessionKey = "_old_" + opt.SessionKey if opt.ErrorFunc == nil { opt.ErrorFunc = func(w http.ResponseWriter) { http.Error(w, "Invalid csrf token.", http.StatusBadRequest) @@ -181,73 +179,73 @@ func prepareOptions(options []Options) Options { return opt } -// Generate maps CSRF to each request. If this request is a Get request, it will generate a new token. -// Additionally, depending on options set, generated tokens will be sent via Header and/or Cookie. -func Generate(options ...Options) macaron.Handler { - opt := prepareOptions(options) - return func(ctx *macaron.Context, sess session.Store) { - x := &csrf{ - Secret: opt.Secret, - Header: opt.Header, - Form: opt.Form, - Cookie: opt.Cookie, - CookieDomain: opt.CookieDomain, - CookiePath: opt.CookiePath, - CookieHttpOnly: opt.CookieHttpOnly, - ErrorFunc: opt.ErrorFunc, - } - ctx.MapTo(x, (*CSRF)(nil)) - - if opt.Origin && len(ctx.Req.Header.Get("Origin")) > 0 { - return - } - - x.ID = "0" - uid := sess.Get(opt.SessionKey) - if uid != nil { - x.ID = com.ToStr(uid) - } - - needsNew := false - oldUid := sess.Get(opt.oldSeesionKey) - if oldUid == nil || oldUid.(string) != x.ID { - needsNew = true - sess.Set(opt.oldSeesionKey, x.ID) - } else { - // If cookie present, map existing token, else generate a new one. - if val := ctx.GetCookie(opt.Cookie); len(val) > 0 { - // FIXME: test coverage. - x.Token = val - } else { - needsNew = true - } - } - - if needsNew { - // FIXME: actionId. - x.Token = GenerateToken(x.Secret, x.ID, "POST") - if opt.SetCookie { - ctx.SetCookie(opt.Cookie, x.Token, 0, opt.CookiePath, opt.CookieDomain, opt.Secure, opt.CookieHttpOnly, time.Now().AddDate(0, 0, 1)) - } - } - - if opt.SetHeader { - ctx.Resp.Header().Add(opt.Header, x.Token) - } - } -} - // Csrfer maps CSRF to each request. If this request is a Get request, it will generate a new token. // Additionally, depending on options set, generated tokens will be sent via Header and/or Cookie. -func Csrfer(options ...Options) macaron.Handler { - return Generate(options...) +func Csrfer(opt CsrfOptions, ctx *Context) CSRF { + opt = prepareOptions([]CsrfOptions{opt}) + x := &csrf{ + Secret: opt.Secret, + Header: opt.Header, + Form: opt.Form, + Cookie: opt.Cookie, + CookieDomain: opt.CookieDomain, + CookiePath: opt.CookiePath, + CookieHTTPOnly: opt.CookieHTTPOnly, + ErrorFunc: opt.ErrorFunc, + } + + if opt.Origin && len(ctx.Req.Header.Get("Origin")) > 0 { + return x + } + + x.ID = "0" + uid := ctx.Session.Get(opt.SessionKey) + if uid != nil { + x.ID = com.ToStr(uid) + } + + needsNew := false + oldUID := ctx.Session.Get(opt.oldSessionKey) + if oldUID == nil || oldUID.(string) != x.ID { + needsNew = true + _ = ctx.Session.Set(opt.oldSessionKey, x.ID) + } else { + // If cookie present, map existing token, else generate a new one. + if val := ctx.GetCookie(opt.Cookie); len(val) > 0 { + // FIXME: test coverage. + x.Token = val + } else { + needsNew = true + } + } + + if needsNew { + // FIXME: actionId. + x.Token = GenerateToken(x.Secret, x.ID, "POST") + if opt.SetCookie { + var expires interface{} + if opt.CookieLifeTime == 0 { + expires = time.Now().AddDate(0, 0, 1) + } + ctx.SetCookie(opt.Cookie, x.Token, opt.CookieLifeTime, opt.CookiePath, opt.CookieDomain, opt.Secure, opt.CookieHTTPOnly, expires, + func(c *http.Cookie) { + c.SameSite = opt.SameSite + }, + ) + } + } + + if opt.SetHeader { + ctx.Resp.Header().Add(opt.Header, x.Token) + } + return x } // Validate should be used as a per route middleware. It attempts to get a token from a "X-CSRFToken" // HTTP header and then a "_csrf" form value. If one of these is found, the token will be validated // using ValidToken. If this validation fails, custom Error is sent in the reply. // If neither a header or form value is found, http.StatusBadRequest is sent. -func Validate(ctx *macaron.Context, x CSRF) { +func Validate(ctx *Context, x CSRF) { if token := ctx.Req.Header.Get(x.GetHeaderName()); len(token) > 0 { if !x.ValidToken(token) { ctx.SetCookie(x.GetCookieName(), "", -1, x.GetCookiePath()) diff --git a/modules/context/form.go b/modules/context/form.go new file mode 100644 index 0000000000..c7b76c614c --- /dev/null +++ b/modules/context/form.go @@ -0,0 +1,227 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package context + +import ( + "errors" + "net/http" + "net/url" + "strconv" + "strings" + "text/template" + + "code.gitea.io/gitea/modules/log" +) + +// Forms a new enhancement of http.Request +type Forms http.Request + +// Values returns http.Request values +func (f *Forms) Values() url.Values { + return (*http.Request)(f).Form +} + +// String returns request form as string +func (f *Forms) String(key string) (string, error) { + return (*http.Request)(f).FormValue(key), nil +} + +// Trimmed returns request form as string with trimed spaces left and right +func (f *Forms) Trimmed(key string) (string, error) { + return strings.TrimSpace((*http.Request)(f).FormValue(key)), nil +} + +// Strings returns request form as strings +func (f *Forms) Strings(key string) ([]string, error) { + if (*http.Request)(f).Form == nil { + if err := (*http.Request)(f).ParseMultipartForm(32 << 20); err != nil { + return nil, err + } + } + if v, ok := (*http.Request)(f).Form[key]; ok { + return v, nil + } + return nil, errors.New("not exist") +} + +// Escape returns request form as escaped string +func (f *Forms) Escape(key string) (string, error) { + return template.HTMLEscapeString((*http.Request)(f).FormValue(key)), nil +} + +// Int returns request form as int +func (f *Forms) Int(key string) (int, error) { + return strconv.Atoi((*http.Request)(f).FormValue(key)) +} + +// Int32 returns request form as int32 +func (f *Forms) Int32(key string) (int32, error) { + v, err := strconv.ParseInt((*http.Request)(f).FormValue(key), 10, 32) + return int32(v), err +} + +// Int64 returns request form as int64 +func (f *Forms) Int64(key string) (int64, error) { + return strconv.ParseInt((*http.Request)(f).FormValue(key), 10, 64) +} + +// Uint returns request form as uint +func (f *Forms) Uint(key string) (uint, error) { + v, err := strconv.ParseUint((*http.Request)(f).FormValue(key), 10, 64) + return uint(v), err +} + +// Uint32 returns request form as uint32 +func (f *Forms) Uint32(key string) (uint32, error) { + v, err := strconv.ParseUint((*http.Request)(f).FormValue(key), 10, 32) + return uint32(v), err +} + +// Uint64 returns request form as uint64 +func (f *Forms) Uint64(key string) (uint64, error) { + return strconv.ParseUint((*http.Request)(f).FormValue(key), 10, 64) +} + +// Bool returns request form as bool +func (f *Forms) Bool(key string) (bool, error) { + return strconv.ParseBool((*http.Request)(f).FormValue(key)) +} + +// Float32 returns request form as float32 +func (f *Forms) Float32(key string) (float32, error) { + v, err := strconv.ParseFloat((*http.Request)(f).FormValue(key), 64) + return float32(v), err +} + +// Float64 returns request form as float64 +func (f *Forms) Float64(key string) (float64, error) { + return strconv.ParseFloat((*http.Request)(f).FormValue(key), 64) +} + +// MustString returns request form as string with default +func (f *Forms) MustString(key string, defaults ...string) string { + if v := (*http.Request)(f).FormValue(key); len(v) > 0 { + return v + } + if len(defaults) > 0 { + return defaults[0] + } + return "" +} + +// MustTrimmed returns request form as string with default +func (f *Forms) MustTrimmed(key string, defaults ...string) string { + return strings.TrimSpace(f.MustString(key, defaults...)) +} + +// MustStrings returns request form as strings with default +func (f *Forms) MustStrings(key string, defaults ...[]string) []string { + if (*http.Request)(f).Form == nil { + if err := (*http.Request)(f).ParseMultipartForm(32 << 20); err != nil { + log.Error("ParseMultipartForm: %v", err) + return []string{} + } + } + + if v, ok := (*http.Request)(f).Form[key]; ok { + return v + } + if len(defaults) > 0 { + return defaults[0] + } + return []string{} +} + +// MustEscape returns request form as escaped string with default +func (f *Forms) MustEscape(key string, defaults ...string) string { + if v := (*http.Request)(f).FormValue(key); len(v) > 0 { + return template.HTMLEscapeString(v) + } + if len(defaults) > 0 { + return defaults[0] + } + return "" +} + +// MustInt returns request form as int with default +func (f *Forms) MustInt(key string, defaults ...int) int { + v, err := strconv.Atoi((*http.Request)(f).FormValue(key)) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return v +} + +// MustInt32 returns request form as int32 with default +func (f *Forms) MustInt32(key string, defaults ...int32) int32 { + v, err := strconv.ParseInt((*http.Request)(f).FormValue(key), 10, 32) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return int32(v) +} + +// MustInt64 returns request form as int64 with default +func (f *Forms) MustInt64(key string, defaults ...int64) int64 { + v, err := strconv.ParseInt((*http.Request)(f).FormValue(key), 10, 64) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return v +} + +// MustUint returns request form as uint with default +func (f *Forms) MustUint(key string, defaults ...uint) uint { + v, err := strconv.ParseUint((*http.Request)(f).FormValue(key), 10, 64) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return uint(v) +} + +// MustUint32 returns request form as uint32 with default +func (f *Forms) MustUint32(key string, defaults ...uint32) uint32 { + v, err := strconv.ParseUint((*http.Request)(f).FormValue(key), 10, 32) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return uint32(v) +} + +// MustUint64 returns request form as uint64 with default +func (f *Forms) MustUint64(key string, defaults ...uint64) uint64 { + v, err := strconv.ParseUint((*http.Request)(f).FormValue(key), 10, 64) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return v +} + +// MustFloat32 returns request form as float32 with default +func (f *Forms) MustFloat32(key string, defaults ...float32) float32 { + v, err := strconv.ParseFloat((*http.Request)(f).FormValue(key), 32) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return float32(v) +} + +// MustFloat64 returns request form as float64 with default +func (f *Forms) MustFloat64(key string, defaults ...float64) float64 { + v, err := strconv.ParseFloat((*http.Request)(f).FormValue(key), 64) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return v +} + +// MustBool returns request form as bool with default +func (f *Forms) MustBool(key string, defaults ...bool) bool { + v, err := strconv.ParseBool((*http.Request)(f).FormValue(key)) + if len(defaults) > 0 && err != nil { + return defaults[0] + } + return v +} diff --git a/modules/context/org.go b/modules/context/org.go index f61a39c666..83d385a1e9 100644 --- a/modules/context/org.go +++ b/modules/context/org.go @@ -10,8 +10,6 @@ import ( "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/setting" - - "gitea.com/macaron/macaron" ) // Organization contains organization context @@ -173,7 +171,7 @@ func HandleOrgAssignment(ctx *Context, args ...bool) { } // OrgAssignment returns a macaron middleware to handle organization assignment -func OrgAssignment(args ...bool) macaron.Handler { +func OrgAssignment(args ...bool) func(ctx *Context) { return func(ctx *Context) { HandleOrgAssignment(ctx, args...) } diff --git a/modules/context/permission.go b/modules/context/permission.go index 151be9f832..6fb8237e22 100644 --- a/modules/context/permission.go +++ b/modules/context/permission.go @@ -7,12 +7,10 @@ package context import ( "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/log" - - "gitea.com/macaron/macaron" ) // RequireRepoAdmin returns a macaron middleware for requiring repository admin permission -func RequireRepoAdmin() macaron.Handler { +func RequireRepoAdmin() func(ctx *Context) { return func(ctx *Context) { if !ctx.IsSigned || !ctx.Repo.IsAdmin() { ctx.NotFound(ctx.Req.URL.RequestURI(), nil) @@ -22,7 +20,7 @@ func RequireRepoAdmin() macaron.Handler { } // RequireRepoWriter returns a macaron middleware for requiring repository write to the specify unitType -func RequireRepoWriter(unitType models.UnitType) macaron.Handler { +func RequireRepoWriter(unitType models.UnitType) func(ctx *Context) { return func(ctx *Context) { if !ctx.Repo.CanWrite(unitType) { ctx.NotFound(ctx.Req.URL.RequestURI(), nil) @@ -32,7 +30,7 @@ func RequireRepoWriter(unitType models.UnitType) macaron.Handler { } // RequireRepoWriterOr returns a macaron middleware for requiring repository write to one of the unit permission -func RequireRepoWriterOr(unitTypes ...models.UnitType) macaron.Handler { +func RequireRepoWriterOr(unitTypes ...models.UnitType) func(ctx *Context) { return func(ctx *Context) { for _, unitType := range unitTypes { if ctx.Repo.CanWrite(unitType) { @@ -44,7 +42,7 @@ func RequireRepoWriterOr(unitTypes ...models.UnitType) macaron.Handler { } // RequireRepoReader returns a macaron middleware for requiring repository read to the specify unitType -func RequireRepoReader(unitType models.UnitType) macaron.Handler { +func RequireRepoReader(unitType models.UnitType) func(ctx *Context) { return func(ctx *Context) { if !ctx.Repo.CanRead(unitType) { if log.IsTrace() { @@ -70,7 +68,7 @@ func RequireRepoReader(unitType models.UnitType) macaron.Handler { } // RequireRepoReaderOr returns a macaron middleware for requiring repository write to one of the unit permission -func RequireRepoReaderOr(unitTypes ...models.UnitType) macaron.Handler { +func RequireRepoReaderOr(unitTypes ...models.UnitType) func(ctx *Context) { return func(ctx *Context) { for _, unitType := range unitTypes { if ctx.Repo.CanRead(unitType) { diff --git a/modules/context/private.go b/modules/context/private.go new file mode 100644 index 0000000000..a246100050 --- /dev/null +++ b/modules/context/private.go @@ -0,0 +1,45 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package context + +import ( + "context" + "net/http" +) + +// PrivateContext represents a context for private routes +type PrivateContext struct { + *Context +} + +var ( + privateContextKey interface{} = "default_private_context" +) + +// WithPrivateContext set up private context in request +func WithPrivateContext(req *http.Request, ctx *PrivateContext) *http.Request { + return req.WithContext(context.WithValue(req.Context(), privateContextKey, ctx)) +} + +// GetPrivateContext returns a context for Private routes +func GetPrivateContext(req *http.Request) *PrivateContext { + return req.Context().Value(privateContextKey).(*PrivateContext) +} + +// PrivateContexter returns apicontext as macaron middleware +func PrivateContexter() func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + ctx := &PrivateContext{ + Context: &Context{ + Resp: NewResponse(w), + Data: map[string]interface{}{}, + }, + } + ctx.Req = WithPrivateContext(req, ctx) + next.ServeHTTP(ctx.Resp, ctx.Req) + }) + } +} diff --git a/modules/context/repo.go b/modules/context/repo.go index 63cb02dc06..79192267fb 100644 --- a/modules/context/repo.go +++ b/modules/context/repo.go @@ -8,6 +8,7 @@ package context import ( "fmt" "io/ioutil" + "net/http" "net/url" "path" "strings" @@ -21,7 +22,6 @@ import ( api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/util" - "gitea.com/macaron/macaron" "github.com/editorconfig/editorconfig-core-go/v2" "github.com/unknwon/com" ) @@ -81,7 +81,7 @@ func (r *Repository) CanCreateBranch() bool { } // RepoMustNotBeArchived checks if a repo is archived -func RepoMustNotBeArchived() macaron.Handler { +func RepoMustNotBeArchived() func(ctx *Context) { return func(ctx *Context) { if ctx.Repo.Repository.IsArchived { ctx.NotFound("IsArchived", fmt.Errorf(ctx.Tr("repo.archive.title"))) @@ -374,7 +374,7 @@ func repoAssignment(ctx *Context, repo *models.Repository) { } // RepoIDAssignment returns a macaron handler which assigns the repo to the context. -func RepoIDAssignment() macaron.Handler { +func RepoIDAssignment() func(ctx *Context) { return func(ctx *Context) { repoID := ctx.ParamsInt64(":repoid") @@ -394,223 +394,220 @@ func RepoIDAssignment() macaron.Handler { } // RepoAssignment returns a macaron to handle repository assignment -func RepoAssignment() macaron.Handler { - return func(ctx *Context) { - var ( - owner *models.User - err error - ) +func RepoAssignment() func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + var ( + owner *models.User + err error + ctx = GetContext(req) + ) - userName := ctx.Params(":username") - repoName := ctx.Params(":reponame") + userName := ctx.Params(":username") + repoName := ctx.Params(":reponame") + repoName = strings.TrimSuffix(repoName, ".git") - // Check if the user is the same as the repository owner - if ctx.IsSigned && ctx.User.LowerName == strings.ToLower(userName) { - owner = ctx.User - } else { - owner, err = models.GetUserByName(userName) - if err != nil { - if models.IsErrUserNotExist(err) { - redirectUserID, err := models.LookupUserRedirect(userName) - if err == nil { - RedirectToUser(ctx, userName, redirectUserID) - } else if models.IsErrUserRedirectNotExist(err) { + // Check if the user is the same as the repository owner + if ctx.IsSigned && ctx.User.LowerName == strings.ToLower(userName) { + owner = ctx.User + } else { + owner, err = models.GetUserByName(userName) + if err != nil { + if models.IsErrUserNotExist(err) { if ctx.Query("go-get") == "1" { EarlyResponseForGoGetMeta(ctx) return } ctx.NotFound("GetUserByName", nil) } else { - ctx.ServerError("LookupUserRedirect", err) + ctx.ServerError("GetUserByName", err) + } + return + } + } + ctx.Repo.Owner = owner + ctx.Data["Username"] = ctx.Repo.Owner.Name + + // Get repository. + repo, err := models.GetRepositoryByName(owner.ID, repoName) + if err != nil { + if models.IsErrRepoNotExist(err) { + redirectRepoID, err := models.LookupRepoRedirect(owner.ID, repoName) + if err == nil { + RedirectToRepo(ctx, redirectRepoID) + } else if models.IsErrRepoRedirectNotExist(err) { + if ctx.Query("go-get") == "1" { + EarlyResponseForGoGetMeta(ctx) + return + } + ctx.NotFound("GetRepositoryByName", nil) + } else { + ctx.ServerError("LookupRepoRedirect", err) } } else { - ctx.ServerError("GetUserByName", err) + ctx.ServerError("GetRepositoryByName", err) } return } - } - ctx.Repo.Owner = owner - ctx.Data["Username"] = ctx.Repo.Owner.Name + repo.Owner = owner - // Get repository. - repo, err := models.GetRepositoryByName(owner.ID, repoName) - if err != nil { - if models.IsErrRepoNotExist(err) { - redirectRepoID, err := models.LookupRepoRedirect(owner.ID, repoName) - if err == nil { - RedirectToRepo(ctx, redirectRepoID) - } else if models.IsErrRepoRedirectNotExist(err) { - if ctx.Query("go-get") == "1" { - EarlyResponseForGoGetMeta(ctx) - return - } - ctx.NotFound("GetRepositoryByName", nil) - } else { - ctx.ServerError("LookupRepoRedirect", err) - } - } else { - ctx.ServerError("GetRepositoryByName", err) + repoAssignment(ctx, repo) + if ctx.Written() { + return } - return - } - repo.Owner = owner - repoAssignment(ctx, repo) - if ctx.Written() { - return - } + ctx.Repo.RepoLink = repo.Link() + ctx.Data["RepoLink"] = ctx.Repo.RepoLink + ctx.Data["RepoRelPath"] = ctx.Repo.Owner.Name + "/" + ctx.Repo.Repository.Name - ctx.Repo.RepoLink = repo.Link() - ctx.Data["RepoLink"] = ctx.Repo.RepoLink - ctx.Data["RepoRelPath"] = ctx.Repo.Owner.Name + "/" + ctx.Repo.Repository.Name + unit, err := ctx.Repo.Repository.GetUnit(models.UnitTypeExternalTracker) + if err == nil { + ctx.Data["RepoExternalIssuesLink"] = unit.ExternalTrackerConfig().ExternalTrackerURL + } - unit, err := ctx.Repo.Repository.GetUnit(models.UnitTypeExternalTracker) - if err == nil { - ctx.Data["RepoExternalIssuesLink"] = unit.ExternalTrackerConfig().ExternalTrackerURL - } + ctx.Data["NumTags"], err = models.GetReleaseCountByRepoID(ctx.Repo.Repository.ID, models.FindReleasesOptions{ + IncludeTags: true, + }) + if err != nil { + ctx.ServerError("GetReleaseCountByRepoID", err) + return + } + ctx.Data["NumReleases"], err = models.GetReleaseCountByRepoID(ctx.Repo.Repository.ID, models.FindReleasesOptions{}) + if err != nil { + ctx.ServerError("GetReleaseCountByRepoID", err) + return + } - ctx.Data["NumTags"], err = models.GetReleaseCountByRepoID(ctx.Repo.Repository.ID, models.FindReleasesOptions{ - IncludeTags: true, + ctx.Data["Title"] = owner.Name + "/" + repo.Name + ctx.Data["Repository"] = repo + ctx.Data["Owner"] = ctx.Repo.Repository.Owner + ctx.Data["IsRepositoryOwner"] = ctx.Repo.IsOwner() + ctx.Data["IsRepositoryAdmin"] = ctx.Repo.IsAdmin() + ctx.Data["RepoOwnerIsOrganization"] = repo.Owner.IsOrganization() + ctx.Data["CanWriteCode"] = ctx.Repo.CanWrite(models.UnitTypeCode) + ctx.Data["CanWriteIssues"] = ctx.Repo.CanWrite(models.UnitTypeIssues) + ctx.Data["CanWritePulls"] = ctx.Repo.CanWrite(models.UnitTypePullRequests) + + if ctx.Data["CanSignedUserFork"], err = ctx.Repo.Repository.CanUserFork(ctx.User); err != nil { + ctx.ServerError("CanUserFork", err) + return + } + + ctx.Data["DisableSSH"] = setting.SSH.Disabled + ctx.Data["ExposeAnonSSH"] = setting.SSH.ExposeAnonymous + ctx.Data["DisableHTTP"] = setting.Repository.DisableHTTPGit + ctx.Data["RepoSearchEnabled"] = setting.Indexer.RepoIndexerEnabled + ctx.Data["CloneLink"] = repo.CloneLink() + ctx.Data["WikiCloneLink"] = repo.WikiCloneLink() + + if ctx.IsSigned { + ctx.Data["IsWatchingRepo"] = models.IsWatching(ctx.User.ID, repo.ID) + ctx.Data["IsStaringRepo"] = models.IsStaring(ctx.User.ID, repo.ID) + } + + if repo.IsFork { + RetrieveBaseRepo(ctx, repo) + if ctx.Written() { + return + } + } + + if repo.IsGenerated() { + RetrieveTemplateRepo(ctx, repo) + if ctx.Written() { + return + } + } + + // Disable everything when the repo is being created + if ctx.Repo.Repository.IsBeingCreated() { + ctx.Data["BranchName"] = ctx.Repo.Repository.DefaultBranch + return + } + + gitRepo, err := git.OpenRepository(models.RepoPath(userName, repoName)) + if err != nil { + ctx.ServerError("RepoAssignment Invalid repo "+models.RepoPath(userName, repoName), err) + return + } + ctx.Repo.GitRepo = gitRepo + + // We opened it, we should close it + defer func() { + // If it's been set to nil then assume someone else has closed it. + if ctx.Repo.GitRepo != nil { + ctx.Repo.GitRepo.Close() + } + }() + + // Stop at this point when the repo is empty. + if ctx.Repo.Repository.IsEmpty { + ctx.Data["BranchName"] = ctx.Repo.Repository.DefaultBranch + next.ServeHTTP(w, req) + return + } + + tags, err := ctx.Repo.GitRepo.GetTags() + if err != nil { + ctx.ServerError("GetTags", err) + return + } + ctx.Data["Tags"] = tags + + brs, err := ctx.Repo.GitRepo.GetBranches() + if err != nil { + ctx.ServerError("GetBranches", err) + return + } + ctx.Data["Branches"] = brs + ctx.Data["BranchesCount"] = len(brs) + + ctx.Data["TagName"] = ctx.Repo.TagName + + // If not branch selected, try default one. + // If default branch doesn't exists, fall back to some other branch. + if len(ctx.Repo.BranchName) == 0 { + if len(ctx.Repo.Repository.DefaultBranch) > 0 && gitRepo.IsBranchExist(ctx.Repo.Repository.DefaultBranch) { + ctx.Repo.BranchName = ctx.Repo.Repository.DefaultBranch + } else if len(brs) > 0 { + ctx.Repo.BranchName = brs[0] + } + } + ctx.Data["BranchName"] = ctx.Repo.BranchName + ctx.Data["CommitID"] = ctx.Repo.CommitID + + // People who have push access or have forked repository can propose a new pull request. + canPush := ctx.Repo.CanWrite(models.UnitTypeCode) || (ctx.IsSigned && ctx.User.HasForkedRepo(ctx.Repo.Repository.ID)) + canCompare := false + + // Pull request is allowed if this is a fork repository + // and base repository accepts pull requests. + if repo.BaseRepo != nil && repo.BaseRepo.AllowsPulls() { + canCompare = true + ctx.Data["BaseRepo"] = repo.BaseRepo + ctx.Repo.PullRequest.BaseRepo = repo.BaseRepo + ctx.Repo.PullRequest.Allowed = canPush + ctx.Repo.PullRequest.HeadInfo = ctx.Repo.Owner.Name + ":" + ctx.Repo.BranchName + } else if repo.AllowsPulls() { + // Or, this is repository accepts pull requests between branches. + canCompare = true + ctx.Data["BaseRepo"] = repo + ctx.Repo.PullRequest.BaseRepo = repo + ctx.Repo.PullRequest.Allowed = canPush + ctx.Repo.PullRequest.SameRepo = true + ctx.Repo.PullRequest.HeadInfo = ctx.Repo.BranchName + } + ctx.Data["CanCompareOrPull"] = canCompare + ctx.Data["PullRequestCtx"] = ctx.Repo.PullRequest + + if ctx.Query("go-get") == "1" { + ctx.Data["GoGetImport"] = ComposeGoGetImport(owner.Name, repo.Name) + prefix := setting.AppURL + path.Join(owner.Name, repo.Name, "src", "branch", ctx.Repo.BranchName) + ctx.Data["GoDocDirectory"] = prefix + "{/dir}" + ctx.Data["GoDocFile"] = prefix + "{/dir}/{file}#L{line}" + } + next.ServeHTTP(w, req) }) - if err != nil { - ctx.ServerError("GetReleaseCountByRepoID", err) - return - } - ctx.Data["NumReleases"], err = models.GetReleaseCountByRepoID(ctx.Repo.Repository.ID, models.FindReleasesOptions{}) - if err != nil { - ctx.ServerError("GetReleaseCountByRepoID", err) - return - } - - ctx.Data["Title"] = owner.Name + "/" + repo.Name - ctx.Data["Repository"] = repo - ctx.Data["Owner"] = ctx.Repo.Repository.Owner - ctx.Data["IsRepositoryOwner"] = ctx.Repo.IsOwner() - ctx.Data["IsRepositoryAdmin"] = ctx.Repo.IsAdmin() - ctx.Data["RepoOwnerIsOrganization"] = repo.Owner.IsOrganization() - ctx.Data["CanWriteCode"] = ctx.Repo.CanWrite(models.UnitTypeCode) - ctx.Data["CanWriteIssues"] = ctx.Repo.CanWrite(models.UnitTypeIssues) - ctx.Data["CanWritePulls"] = ctx.Repo.CanWrite(models.UnitTypePullRequests) - - if ctx.Data["CanSignedUserFork"], err = ctx.Repo.Repository.CanUserFork(ctx.User); err != nil { - ctx.ServerError("CanUserFork", err) - return - } - - ctx.Data["DisableSSH"] = setting.SSH.Disabled - ctx.Data["ExposeAnonSSH"] = setting.SSH.ExposeAnonymous - ctx.Data["DisableHTTP"] = setting.Repository.DisableHTTPGit - ctx.Data["RepoSearchEnabled"] = setting.Indexer.RepoIndexerEnabled - ctx.Data["CloneLink"] = repo.CloneLink() - ctx.Data["WikiCloneLink"] = repo.WikiCloneLink() - - if ctx.IsSigned { - ctx.Data["IsWatchingRepo"] = models.IsWatching(ctx.User.ID, repo.ID) - ctx.Data["IsStaringRepo"] = models.IsStaring(ctx.User.ID, repo.ID) - } - - if repo.IsFork { - RetrieveBaseRepo(ctx, repo) - if ctx.Written() { - return - } - } - - if repo.IsGenerated() { - RetrieveTemplateRepo(ctx, repo) - if ctx.Written() { - return - } - } - - // Disable everything when the repo is being created - if ctx.Repo.Repository.IsBeingCreated() { - ctx.Data["BranchName"] = ctx.Repo.Repository.DefaultBranch - return - } - - gitRepo, err := git.OpenRepository(models.RepoPath(userName, repoName)) - if err != nil { - ctx.ServerError("RepoAssignment Invalid repo "+models.RepoPath(userName, repoName), err) - return - } - ctx.Repo.GitRepo = gitRepo - - // We opened it, we should close it - defer func() { - // If it's been set to nil then assume someone else has closed it. - if ctx.Repo.GitRepo != nil { - ctx.Repo.GitRepo.Close() - } - }() - - // Stop at this point when the repo is empty. - if ctx.Repo.Repository.IsEmpty { - ctx.Data["BranchName"] = ctx.Repo.Repository.DefaultBranch - ctx.Next() - return - } - - tags, err := ctx.Repo.GitRepo.GetTags() - if err != nil { - ctx.ServerError("GetTags", err) - return - } - ctx.Data["Tags"] = tags - - brs, err := ctx.Repo.GitRepo.GetBranches() - if err != nil { - ctx.ServerError("GetBranches", err) - return - } - ctx.Data["Branches"] = brs - ctx.Data["BranchesCount"] = len(brs) - - ctx.Data["TagName"] = ctx.Repo.TagName - - // If not branch selected, try default one. - // If default branch doesn't exists, fall back to some other branch. - if len(ctx.Repo.BranchName) == 0 { - if len(ctx.Repo.Repository.DefaultBranch) > 0 && gitRepo.IsBranchExist(ctx.Repo.Repository.DefaultBranch) { - ctx.Repo.BranchName = ctx.Repo.Repository.DefaultBranch - } else if len(brs) > 0 { - ctx.Repo.BranchName = brs[0] - } - } - ctx.Data["BranchName"] = ctx.Repo.BranchName - ctx.Data["CommitID"] = ctx.Repo.CommitID - - // People who have push access or have forked repository can propose a new pull request. - canPush := ctx.Repo.CanWrite(models.UnitTypeCode) || (ctx.IsSigned && ctx.User.HasForkedRepo(ctx.Repo.Repository.ID)) - canCompare := false - - // Pull request is allowed if this is a fork repository - // and base repository accepts pull requests. - if repo.BaseRepo != nil && repo.BaseRepo.AllowsPulls() { - canCompare = true - ctx.Data["BaseRepo"] = repo.BaseRepo - ctx.Repo.PullRequest.BaseRepo = repo.BaseRepo - ctx.Repo.PullRequest.Allowed = canPush - ctx.Repo.PullRequest.HeadInfo = ctx.Repo.Owner.Name + ":" + ctx.Repo.BranchName - } else if repo.AllowsPulls() { - // Or, this is repository accepts pull requests between branches. - canCompare = true - ctx.Data["BaseRepo"] = repo - ctx.Repo.PullRequest.BaseRepo = repo - ctx.Repo.PullRequest.Allowed = canPush - ctx.Repo.PullRequest.SameRepo = true - ctx.Repo.PullRequest.HeadInfo = ctx.Repo.BranchName - } - ctx.Data["CanCompareOrPull"] = canCompare - ctx.Data["PullRequestCtx"] = ctx.Repo.PullRequest - - if ctx.Query("go-get") == "1" { - ctx.Data["GoGetImport"] = ComposeGoGetImport(owner.Name, repo.Name) - prefix := setting.AppURL + path.Join(owner.Name, repo.Name, "src", "branch", ctx.Repo.BranchName) - ctx.Data["GoDocDirectory"] = prefix + "{/dir}" - ctx.Data["GoDocFile"] = prefix + "{/dir}/{file}#L{line}" - } - ctx.Next() } } @@ -636,7 +633,7 @@ const ( // RepoRef handles repository reference names when the ref name is not // explicitly given -func RepoRef() macaron.Handler { +func RepoRef() func(http.Handler) http.Handler { // since no ref name is explicitly specified, ok to just use branch return RepoRefByType(RepoRefBranch) } @@ -715,132 +712,135 @@ func getRefName(ctx *Context, pathType RepoRefType) string { // RepoRefByType handles repository reference name for a specific type // of repository reference -func RepoRefByType(refType RepoRefType) macaron.Handler { - return func(ctx *Context) { - // Empty repository does not have reference information. - if ctx.Repo.Repository.IsEmpty { - return - } - - var ( - refName string - err error - ) - - if ctx.Repo.GitRepo == nil { - repoPath := models.RepoPath(ctx.Repo.Owner.Name, ctx.Repo.Repository.Name) - ctx.Repo.GitRepo, err = git.OpenRepository(repoPath) - if err != nil { - ctx.ServerError("RepoRef Invalid repo "+repoPath, err) +func RepoRefByType(refType RepoRefType) func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + ctx := GetContext(req) + // Empty repository does not have reference information. + if ctx.Repo.Repository.IsEmpty { return } - // We opened it, we should close it - defer func() { - // If it's been set to nil then assume someone else has closed it. - if ctx.Repo.GitRepo != nil { - ctx.Repo.GitRepo.Close() - } - }() - } - // Get default branch. - if len(ctx.Params("*")) == 0 { - refName = ctx.Repo.Repository.DefaultBranch - ctx.Repo.BranchName = refName - if !ctx.Repo.GitRepo.IsBranchExist(refName) { - brs, err := ctx.Repo.GitRepo.GetBranches() + var ( + refName string + err error + ) + + if ctx.Repo.GitRepo == nil { + repoPath := models.RepoPath(ctx.Repo.Owner.Name, ctx.Repo.Repository.Name) + ctx.Repo.GitRepo, err = git.OpenRepository(repoPath) if err != nil { - ctx.ServerError("GetBranches", err) - return - } else if len(brs) == 0 { - err = fmt.Errorf("No branches in non-empty repository %s", - ctx.Repo.GitRepo.Path) - ctx.ServerError("GetBranches", err) + ctx.ServerError("RepoRef Invalid repo "+repoPath, err) return } - refName = brs[0] + // We opened it, we should close it + defer func() { + // If it's been set to nil then assume someone else has closed it. + if ctx.Repo.GitRepo != nil { + ctx.Repo.GitRepo.Close() + } + }() } - ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetBranchCommit(refName) - if err != nil { - ctx.ServerError("GetBranchCommit", err) - return - } - ctx.Repo.CommitID = ctx.Repo.Commit.ID.String() - ctx.Repo.IsViewBranch = true - - } else { - refName = getRefName(ctx, refType) - ctx.Repo.BranchName = refName - if refType.RefTypeIncludesBranches() && ctx.Repo.GitRepo.IsBranchExist(refName) { - ctx.Repo.IsViewBranch = true + // Get default branch. + if len(ctx.Params("*")) == 0 { + refName = ctx.Repo.Repository.DefaultBranch + ctx.Repo.BranchName = refName + if !ctx.Repo.GitRepo.IsBranchExist(refName) { + brs, err := ctx.Repo.GitRepo.GetBranches() + if err != nil { + ctx.ServerError("GetBranches", err) + return + } else if len(brs) == 0 { + err = fmt.Errorf("No branches in non-empty repository %s", + ctx.Repo.GitRepo.Path) + ctx.ServerError("GetBranches", err) + return + } + refName = brs[0] + } ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetBranchCommit(refName) if err != nil { ctx.ServerError("GetBranchCommit", err) return } ctx.Repo.CommitID = ctx.Repo.Commit.ID.String() + ctx.Repo.IsViewBranch = true - } else if refType.RefTypeIncludesTags() && ctx.Repo.GitRepo.IsTagExist(refName) { - ctx.Repo.IsViewTag = true - ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetTagCommit(refName) - if err != nil { - ctx.ServerError("GetTagCommit", err) - return - } - ctx.Repo.CommitID = ctx.Repo.Commit.ID.String() - } else if len(refName) >= 7 && len(refName) <= 40 { - ctx.Repo.IsViewCommit = true - ctx.Repo.CommitID = refName - - ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetCommit(refName) - if err != nil { - ctx.NotFound("GetCommit", err) - return - } - // If short commit ID add canonical link header - if len(refName) < 40 { - ctx.Header().Set("Link", fmt.Sprintf("<%s>; rel=\"canonical\"", - util.URLJoin(setting.AppURL, strings.Replace(ctx.Req.URL.RequestURI(), refName, ctx.Repo.Commit.ID.String(), 1)))) - } } else { - ctx.NotFound("RepoRef invalid repo", fmt.Errorf("branch or tag not exist: %s", refName)) - return + refName = getRefName(ctx, refType) + ctx.Repo.BranchName = refName + if refType.RefTypeIncludesBranches() && ctx.Repo.GitRepo.IsBranchExist(refName) { + ctx.Repo.IsViewBranch = true + + ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetBranchCommit(refName) + if err != nil { + ctx.ServerError("GetBranchCommit", err) + return + } + ctx.Repo.CommitID = ctx.Repo.Commit.ID.String() + + } else if refType.RefTypeIncludesTags() && ctx.Repo.GitRepo.IsTagExist(refName) { + ctx.Repo.IsViewTag = true + ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetTagCommit(refName) + if err != nil { + ctx.ServerError("GetTagCommit", err) + return + } + ctx.Repo.CommitID = ctx.Repo.Commit.ID.String() + } else if len(refName) >= 7 && len(refName) <= 40 { + ctx.Repo.IsViewCommit = true + ctx.Repo.CommitID = refName + + ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetCommit(refName) + if err != nil { + ctx.NotFound("GetCommit", err) + return + } + // If short commit ID add canonical link header + if len(refName) < 40 { + ctx.Header().Set("Link", fmt.Sprintf("<%s>; rel=\"canonical\"", + util.URLJoin(setting.AppURL, strings.Replace(ctx.Req.URL.RequestURI(), refName, ctx.Repo.Commit.ID.String(), 1)))) + } + } else { + ctx.NotFound("RepoRef invalid repo", fmt.Errorf("branch or tag not exist: %s", refName)) + return + } + + if refType == RepoRefLegacy { + // redirect from old URL scheme to new URL scheme + ctx.Redirect(path.Join( + setting.AppSubURL, + strings.TrimSuffix(ctx.Req.URL.Path, ctx.Params("*")), + ctx.Repo.BranchNameSubURL(), + ctx.Repo.TreePath)) + return + } } - if refType == RepoRefLegacy { - // redirect from old URL scheme to new URL scheme - ctx.Redirect(path.Join( - setting.AppSubURL, - strings.TrimSuffix(ctx.Req.URL.Path, ctx.Params("*")), - ctx.Repo.BranchNameSubURL(), - ctx.Repo.TreePath)) + ctx.Data["BranchName"] = ctx.Repo.BranchName + ctx.Data["BranchNameSubURL"] = ctx.Repo.BranchNameSubURL() + ctx.Data["CommitID"] = ctx.Repo.CommitID + ctx.Data["TreePath"] = ctx.Repo.TreePath + ctx.Data["IsViewBranch"] = ctx.Repo.IsViewBranch + ctx.Data["IsViewTag"] = ctx.Repo.IsViewTag + ctx.Data["IsViewCommit"] = ctx.Repo.IsViewCommit + ctx.Data["CanCreateBranch"] = ctx.Repo.CanCreateBranch() + + ctx.Repo.CommitsCount, err = ctx.Repo.GetCommitsCount() + if err != nil { + ctx.ServerError("GetCommitsCount", err) return } - } + ctx.Data["CommitsCount"] = ctx.Repo.CommitsCount - ctx.Data["BranchName"] = ctx.Repo.BranchName - ctx.Data["BranchNameSubURL"] = ctx.Repo.BranchNameSubURL() - ctx.Data["CommitID"] = ctx.Repo.CommitID - ctx.Data["TreePath"] = ctx.Repo.TreePath - ctx.Data["IsViewBranch"] = ctx.Repo.IsViewBranch - ctx.Data["IsViewTag"] = ctx.Repo.IsViewTag - ctx.Data["IsViewCommit"] = ctx.Repo.IsViewCommit - ctx.Data["CanCreateBranch"] = ctx.Repo.CanCreateBranch() - - ctx.Repo.CommitsCount, err = ctx.Repo.GetCommitsCount() - if err != nil { - ctx.ServerError("GetCommitsCount", err) - return - } - ctx.Data["CommitsCount"] = ctx.Repo.CommitsCount - - ctx.Next() + next.ServeHTTP(w, req) + }) } } // GitHookService checks if repository Git hooks service has been enabled. -func GitHookService() macaron.Handler { +func GitHookService() func(ctx *Context) { return func(ctx *Context) { if !ctx.User.CanEditGitHook() { ctx.NotFound("GitHookService", nil) @@ -850,7 +850,7 @@ func GitHookService() macaron.Handler { } // UnitTypes returns a macaron middleware to set unit types to context variables. -func UnitTypes() macaron.Handler { +func UnitTypes() func(ctx *Context) { return func(ctx *Context) { ctx.Data["UnitTypeCode"] = models.UnitTypeCode ctx.Data["UnitTypeIssues"] = models.UnitTypeIssues diff --git a/modules/context/response.go b/modules/context/response.go index 549bd30ee0..1881ec7b33 100644 --- a/modules/context/response.go +++ b/modules/context/response.go @@ -11,6 +11,7 @@ type ResponseWriter interface { http.ResponseWriter Flush() Status() int + Before(func(ResponseWriter)) } var ( @@ -20,11 +21,19 @@ var ( // Response represents a response type Response struct { http.ResponseWriter - status int + status int + befores []func(ResponseWriter) + beforeExecuted bool } // Write writes bytes to HTTP endpoint func (r *Response) Write(bs []byte) (int, error) { + if !r.beforeExecuted { + for _, before := range r.befores { + before(r) + } + r.beforeExecuted = true + } size, err := r.ResponseWriter.Write(bs) if err != nil { return 0, err @@ -37,6 +46,12 @@ func (r *Response) Write(bs []byte) (int, error) { // WriteHeader write status code func (r *Response) WriteHeader(statusCode int) { + if !r.beforeExecuted { + for _, before := range r.befores { + before(r) + } + r.beforeExecuted = true + } r.status = statusCode r.ResponseWriter.WriteHeader(statusCode) } @@ -53,10 +68,20 @@ func (r *Response) Status() int { return r.status } +// Before allows for a function to be called before the ResponseWriter has been written to. This is +// useful for setting headers or any other operations that must happen before a response has been written. +func (r *Response) Before(f func(ResponseWriter)) { + r.befores = append(r.befores, f) +} + // NewResponse creates a response func NewResponse(resp http.ResponseWriter) *Response { if v, ok := resp.(*Response); ok { return v } - return &Response{resp, 0} + return &Response{ + ResponseWriter: resp, + status: 0, + befores: make([]func(ResponseWriter), 0), + } } diff --git a/modules/context/secret.go b/modules/context/secret.go new file mode 100644 index 0000000000..fcb488d211 --- /dev/null +++ b/modules/context/secret.go @@ -0,0 +1,100 @@ +// Copyright 2019 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package context + +import ( + "crypto/aes" + "crypto/cipher" + "crypto/rand" + "crypto/sha256" + "encoding/base64" + "errors" + "io" +) + +// NewSecret creates a new secret +func NewSecret() (string, error) { + return NewSecretWithLength(32) +} + +// NewSecretWithLength creates a new secret for a given length +func NewSecretWithLength(length int64) (string, error) { + return randomString(length) +} + +func randomBytes(len int64) ([]byte, error) { + b := make([]byte, len) + if _, err := rand.Read(b); err != nil { + return nil, err + } + return b, nil +} + +func randomString(len int64) (string, error) { + b, err := randomBytes(len) + return base64.URLEncoding.EncodeToString(b), err +} + +// AesEncrypt encrypts text and given key with AES. +func AesEncrypt(key, text []byte) ([]byte, error) { + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + b := base64.StdEncoding.EncodeToString(text) + ciphertext := make([]byte, aes.BlockSize+len(b)) + iv := ciphertext[:aes.BlockSize] + if _, err := io.ReadFull(rand.Reader, iv); err != nil { + return nil, err + } + cfb := cipher.NewCFBEncrypter(block, iv) + cfb.XORKeyStream(ciphertext[aes.BlockSize:], []byte(b)) + return ciphertext, nil +} + +// AesDecrypt decrypts text and given key with AES. +func AesDecrypt(key, text []byte) ([]byte, error) { + block, err := aes.NewCipher(key) + if err != nil { + return nil, err + } + if len(text) < aes.BlockSize { + return nil, errors.New("ciphertext too short") + } + iv := text[:aes.BlockSize] + text = text[aes.BlockSize:] + cfb := cipher.NewCFBDecrypter(block, iv) + cfb.XORKeyStream(text, text) + data, err := base64.StdEncoding.DecodeString(string(text)) + if err != nil { + return nil, err + } + return data, nil +} + +// EncryptSecret encrypts a string with given key into a hex string +func EncryptSecret(key string, str string) (string, error) { + keyHash := sha256.Sum256([]byte(key)) + plaintext := []byte(str) + ciphertext, err := AesEncrypt(keyHash[:], plaintext) + if err != nil { + return "", err + } + return base64.StdEncoding.EncodeToString(ciphertext), nil +} + +// DecryptSecret decrypts a previously encrypted hex string +func DecryptSecret(key string, cipherhex string) (string, error) { + keyHash := sha256.Sum256([]byte(key)) + ciphertext, err := base64.StdEncoding.DecodeString(cipherhex) + if err != nil { + return "", err + } + plaintext, err := AesDecrypt(keyHash[:], ciphertext) + if err != nil { + return "", err + } + return string(plaintext), nil +} diff --git a/vendor/gitea.com/macaron/csrf/xsrf.go b/modules/context/xsrf.go similarity index 90% rename from vendor/gitea.com/macaron/csrf/xsrf.go rename to modules/context/xsrf.go index 7f31894f95..10e63a4180 100644 --- a/vendor/gitea.com/macaron/csrf/xsrf.go +++ b/modules/context/xsrf.go @@ -1,5 +1,6 @@ // Copyright 2012 Google Inc. All Rights Reserved. // Copyright 2014 The Macaron Authors +// Copyright 2020 The Gitea Authors // // Licensed under the Apache License, Version 2.0 (the "License"); // you may not use this file except in compliance with the License. @@ -13,7 +14,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -package csrf +package context import ( "bytes" @@ -27,13 +28,13 @@ import ( "time" ) -// The duration that XSRF tokens are valid. +// Timeout represents the duration that XSRF tokens are valid. // It is exported so clients may set cookie timeouts that match generated tokens. -const TIMEOUT = 24 * time.Hour +const Timeout = 24 * time.Hour // clean sanitizes a string for inclusion in a token by replacing all ":"s. func clean(s string) string { - return strings.Replace(s, ":", "_", -1) + return strings.ReplaceAll(s, ":", "_") } // GenerateToken returns a URL-safe secure XSRF token that expires in 24 hours. @@ -53,7 +54,7 @@ func generateTokenAtTime(key, userID, actionID string, now time.Time) string { return base64.RawURLEncoding.EncodeToString([]byte(tok)) } -// Valid returns true if token is a valid, unexpired token returned by Generate. +// ValidToken returns true if token is a valid, unexpired token returned by Generate. func ValidToken(token, key, userID, actionID string) bool { return validTokenAtTime(token, key, userID, actionID, time.Now()) } @@ -78,7 +79,7 @@ func validTokenAtTime(token, key, userID, actionID string, now time.Time) bool { issueTime := time.Unix(0, nanos) // Check that the token is not expired. - if now.Sub(issueTime) >= TIMEOUT { + if now.Sub(issueTime) >= Timeout { return false } diff --git a/modules/context/xsrf_test.go b/modules/context/xsrf_test.go new file mode 100644 index 0000000000..c0c711bf07 --- /dev/null +++ b/modules/context/xsrf_test.go @@ -0,0 +1,90 @@ +// Copyright 2012 Google Inc. All Rights Reserved. +// Copyright 2014 The Macaron Authors +// Copyright 2020 The Gitea Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package context + +import ( + "encoding/base64" + "testing" + "time" + + "github.com/stretchr/testify/assert" +) + +const ( + key = "quay" + userID = "12345678" + actionID = "POST /form" +) + +var ( + now = time.Now() + oneMinuteFromNow = now.Add(1 * time.Minute) +) + +func Test_ValidToken(t *testing.T) { + t.Run("Validate token", func(t *testing.T) { + tok := generateTokenAtTime(key, userID, actionID, now) + assert.True(t, validTokenAtTime(tok, key, userID, actionID, oneMinuteFromNow)) + assert.True(t, validTokenAtTime(tok, key, userID, actionID, now.Add(Timeout-1*time.Nanosecond))) + assert.True(t, validTokenAtTime(tok, key, userID, actionID, now.Add(-1*time.Minute))) + }) +} + +// Test_SeparatorReplacement tests that separators are being correctly substituted +func Test_SeparatorReplacement(t *testing.T) { + t.Run("Test two separator replacements", func(t *testing.T) { + assert.NotEqual(t, generateTokenAtTime("foo:bar", "baz", "wah", now), + generateTokenAtTime("foo", "bar:baz", "wah", now)) + }) +} + +func Test_InvalidToken(t *testing.T) { + t.Run("Test invalid tokens", func(t *testing.T) { + invalidTokenTests := []struct { + name, key, userID, actionID string + t time.Time + }{ + {"Bad key", "foobar", userID, actionID, oneMinuteFromNow}, + {"Bad userID", key, "foobar", actionID, oneMinuteFromNow}, + {"Bad actionID", key, userID, "foobar", oneMinuteFromNow}, + {"Expired", key, userID, actionID, now.Add(Timeout)}, + {"More than 1 minute from the future", key, userID, actionID, now.Add(-1*time.Nanosecond - 1*time.Minute)}, + } + + tok := generateTokenAtTime(key, userID, actionID, now) + for _, itt := range invalidTokenTests { + assert.False(t, validTokenAtTime(tok, itt.key, itt.userID, itt.actionID, itt.t)) + } + }) +} + +// Test_ValidateBadData primarily tests that no unexpected panics are triggered during parsing +func Test_ValidateBadData(t *testing.T) { + t.Run("Validate bad data", func(t *testing.T) { + badDataTests := []struct { + name, tok string + }{ + {"Invalid Base64", "ASDab24(@)$*=="}, + {"No delimiter", base64.URLEncoding.EncodeToString([]byte("foobar12345678"))}, + {"Invalid time", base64.URLEncoding.EncodeToString([]byte("foobar:foobar"))}, + } + + for _, bdt := range badDataTests { + assert.False(t, validTokenAtTime(bdt.tok, key, userID, actionID, oneMinuteFromNow)) + } + }) +} diff --git a/modules/auth/admin.go b/modules/forms/admin.go similarity index 70% rename from modules/auth/admin.go rename to modules/forms/admin.go index f2d0263551..09ad420e15 100644 --- a/modules/auth/admin.go +++ b/modules/forms/admin.go @@ -2,11 +2,15 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "net/http" + + "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/middlewares" + + "gitea.com/go-chi/binding" ) // AdminCreateUserForm form for admin to create user @@ -21,8 +25,9 @@ type AdminCreateUserForm struct { } // Validate validates form fields -func (f *AdminCreateUserForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AdminCreateUserForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // AdminEditUserForm form for admin to create user @@ -47,8 +52,9 @@ type AdminEditUserForm struct { } // Validate validates form fields -func (f *AdminEditUserForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AdminEditUserForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // AdminDashboardForm form for admin dashboard operations @@ -58,6 +64,7 @@ type AdminDashboardForm struct { } // Validate validates form fields -func (f *AdminDashboardForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AdminDashboardForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } diff --git a/modules/auth/auth_form.go b/modules/forms/auth_form.go similarity index 87% rename from modules/auth/auth_form.go rename to modules/forms/auth_form.go index e348b01e91..10d0f82959 100644 --- a/modules/auth/auth_form.go +++ b/modules/forms/auth_form.go @@ -2,11 +2,15 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "net/http" + + "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/middlewares" + + "gitea.com/go-chi/binding" ) // AuthenticationForm form for authentication @@ -65,6 +69,7 @@ type AuthenticationForm struct { } // Validate validates fields -func (f *AuthenticationForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AuthenticationForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } diff --git a/modules/auth/org.go b/modules/forms/org.go similarity index 76% rename from modules/auth/org.go rename to modules/forms/org.go index 20e2b09997..513f80768f 100644 --- a/modules/auth/org.go +++ b/modules/forms/org.go @@ -3,14 +3,17 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( + "net/http" + "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/structs" - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "gitea.com/go-chi/binding" ) // ________ .__ __ .__ @@ -28,8 +31,9 @@ type CreateOrgForm struct { } // Validate validates the fields -func (f *CreateOrgForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *CreateOrgForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // UpdateOrgSettingForm form for updating organization settings @@ -45,8 +49,9 @@ type UpdateOrgSettingForm struct { } // Validate validates the fields -func (f *UpdateOrgSettingForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *UpdateOrgSettingForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ___________ @@ -67,6 +72,7 @@ type CreateTeamForm struct { } // Validate validates the fields -func (f *CreateTeamForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *CreateTeamForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } diff --git a/modules/auth/repo_branch_form.go b/modules/forms/repo_branch_form.go similarity index 52% rename from modules/auth/repo_branch_form.go rename to modules/forms/repo_branch_form.go index a4baabe354..afb7f8d4f0 100644 --- a/modules/auth/repo_branch_form.go +++ b/modules/forms/repo_branch_form.go @@ -2,11 +2,15 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "net/http" + + "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/middlewares" + + "gitea.com/go-chi/binding" ) // NewBranchForm form for creating a new branch @@ -15,6 +19,7 @@ type NewBranchForm struct { } // Validate validates the fields -func (f *NewBranchForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewBranchForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } diff --git a/modules/auth/repo_form.go b/modules/forms/repo_form.go similarity index 78% rename from modules/auth/repo_form.go rename to modules/forms/repo_form.go index 78b2197a2d..4a478c7d35 100644 --- a/modules/auth/repo_form.go +++ b/modules/forms/repo_form.go @@ -3,21 +3,23 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( + "net/http" "net/url" "strings" "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/routers/utils" - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "gitea.com/go-chi/binding" ) // _______________________________________ _________.______________________ _______________.___. @@ -52,8 +54,9 @@ type CreateRepoForm struct { } // Validate validates the fields -func (f *CreateRepoForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *CreateRepoForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // MigrateRepoForm form for migrating repository @@ -82,8 +85,9 @@ type MigrateRepoForm struct { } // Validate validates the fields -func (f *MigrateRepoForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *MigrateRepoForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ParseRemoteAddr checks if given remote address is valid, @@ -166,8 +170,9 @@ type RepoSettingForm struct { } // Validate validates the fields -func (f *RepoSettingForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *RepoSettingForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // __________ .__ @@ -202,8 +207,9 @@ type ProtectBranchForm struct { } // Validate validates the fields -func (f *ProtectBranchForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *ProtectBranchForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // __ __ ___. .__ .__ __ @@ -263,8 +269,9 @@ type NewWebhookForm struct { } // Validate validates the fields -func (f *NewWebhookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewWebhookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // NewGogshookForm form for creating gogs hook @@ -276,8 +283,9 @@ type NewGogshookForm struct { } // Validate validates the fields -func (f *NewGogshookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewGogshookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // NewSlackHookForm form for creating slack hook @@ -291,8 +299,9 @@ type NewSlackHookForm struct { } // Validate validates the fields -func (f *NewSlackHookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewSlackHookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // HasInvalidChannel validates the channel name is in the right format @@ -309,8 +318,9 @@ type NewDiscordHookForm struct { } // Validate validates the fields -func (f *NewDiscordHookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewDiscordHookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // NewDingtalkHookForm form for creating dingtalk hook @@ -320,8 +330,9 @@ type NewDingtalkHookForm struct { } // Validate validates the fields -func (f *NewDingtalkHookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewDingtalkHookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // NewTelegramHookForm form for creating telegram hook @@ -332,8 +343,9 @@ type NewTelegramHookForm struct { } // Validate validates the fields -func (f *NewTelegramHookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewTelegramHookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // NewMatrixHookForm form for creating Matrix hook @@ -346,8 +358,9 @@ type NewMatrixHookForm struct { } // Validate validates the fields -func (f *NewMatrixHookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewMatrixHookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // NewMSTeamsHookForm form for creating MS Teams hook @@ -357,8 +370,9 @@ type NewMSTeamsHookForm struct { } // Validate validates the fields -func (f *NewMSTeamsHookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewMSTeamsHookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // NewFeishuHookForm form for creating feishu hook @@ -368,8 +382,9 @@ type NewFeishuHookForm struct { } // Validate validates the fields -func (f *NewFeishuHookForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewFeishuHookForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // .___ @@ -393,8 +408,9 @@ type CreateIssueForm struct { } // Validate validates the fields -func (f *CreateIssueForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *CreateIssueForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // CreateCommentForm form for creating comment @@ -405,8 +421,9 @@ type CreateCommentForm struct { } // Validate validates the fields -func (f *CreateCommentForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *CreateCommentForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ReactionForm form for adding and removing reaction @@ -415,8 +432,9 @@ type ReactionForm struct { } // Validate validates the fields -func (f *ReactionForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *ReactionForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // IssueLockForm form for locking an issue @@ -425,8 +443,9 @@ type IssueLockForm struct { } // Validate validates the fields -func (i *IssueLockForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, i, ctx.Locale) +func (i *IssueLockForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, i, ctx.Locale) } // HasValidReason checks to make sure that the reason submitted in @@ -489,8 +508,9 @@ type CreateMilestoneForm struct { } // Validate validates the fields -func (f *CreateMilestoneForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *CreateMilestoneForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // .____ ___. .__ @@ -509,8 +529,9 @@ type CreateLabelForm struct { } // Validate validates the fields -func (f *CreateLabelForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *CreateLabelForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // InitializeLabelsForm form for initializing labels @@ -519,8 +540,9 @@ type InitializeLabelsForm struct { } // Validate validates the fields -func (f *InitializeLabelsForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *InitializeLabelsForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // __________ .__ .__ __________ __ @@ -542,8 +564,9 @@ type MergePullRequestForm struct { } // Validate validates the fields -func (f *MergePullRequestForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *MergePullRequestForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // CodeCommentForm form for adding code comments for PRs @@ -559,8 +582,9 @@ type CodeCommentForm struct { } // Validate validates the fields -func (f *CodeCommentForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *CodeCommentForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // SubmitReviewForm for submitting a finished code review @@ -571,8 +595,9 @@ type SubmitReviewForm struct { } // Validate validates the fields -func (f *SubmitReviewForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *SubmitReviewForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ReviewType will return the corresponding reviewtype for type @@ -616,8 +641,9 @@ type NewReleaseForm struct { } // Validate validates the fields -func (f *NewReleaseForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewReleaseForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // EditReleaseForm form for changing release @@ -630,8 +656,9 @@ type EditReleaseForm struct { } // Validate validates the fields -func (f *EditReleaseForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *EditReleaseForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // __ __.__ __ .__ @@ -650,8 +677,9 @@ type NewWikiForm struct { // Validate validates the fields // FIXME: use code generation to generate this method. -func (f *NewWikiForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewWikiForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ___________ .___.__ __ @@ -673,8 +701,9 @@ type EditRepoFileForm struct { } // Validate validates the fields -func (f *EditRepoFileForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *EditRepoFileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // EditPreviewDiffForm form for changing preview diff @@ -683,8 +712,9 @@ type EditPreviewDiffForm struct { } // Validate validates the fields -func (f *EditPreviewDiffForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *EditPreviewDiffForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ____ ___ .__ .___ @@ -706,8 +736,9 @@ type UploadRepoFileForm struct { } // Validate validates the fields -func (f *UploadRepoFileForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *UploadRepoFileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // RemoveUploadFileForm form for removing uploaded file @@ -716,8 +747,9 @@ type RemoveUploadFileForm struct { } // Validate validates the fields -func (f *RemoveUploadFileForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *RemoveUploadFileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ________ .__ __ @@ -737,8 +769,9 @@ type DeleteRepoFileForm struct { } // Validate validates the fields -func (f *DeleteRepoFileForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *DeleteRepoFileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ___________.__ ___________ __ @@ -755,8 +788,9 @@ type AddTimeManuallyForm struct { } // Validate validates the fields -func (f *AddTimeManuallyForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AddTimeManuallyForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // SaveTopicForm form for save topics for repository @@ -770,6 +804,7 @@ type DeadlineForm struct { } // Validate validates the fields -func (f *DeadlineForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *DeadlineForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } diff --git a/modules/auth/repo_form_test.go b/modules/forms/repo_form_test.go similarity index 99% rename from modules/auth/repo_form_test.go rename to modules/forms/repo_form_test.go index 6bad5d50ba..4f65d59ca6 100644 --- a/modules/auth/repo_form_test.go +++ b/modules/forms/repo_form_test.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( "testing" diff --git a/modules/auth/user_form.go b/modules/forms/user_form.go similarity index 71% rename from modules/auth/user_form.go rename to modules/forms/user_form.go index b94b8e0a4e..e3090f9ae5 100644 --- a/modules/auth/user_form.go +++ b/modules/forms/user_form.go @@ -3,16 +3,18 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( "mime/multipart" + "net/http" "strings" + "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/setting" - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "gitea.com/go-chi/binding" ) // InstallForm form for installation page @@ -65,8 +67,9 @@ type InstallForm struct { } // Validate validates the fields -func (f *InstallForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *InstallForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // _____ ____ _________________ ___ @@ -87,8 +90,9 @@ type RegisterForm struct { } // Validate validates the fields -func (f *RegisterForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *RegisterForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // IsEmailDomainWhitelisted validates that the email address @@ -124,8 +128,9 @@ type MustChangePasswordForm struct { } // Validate validates the fields -func (f *MustChangePasswordForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *MustChangePasswordForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // SignInForm form for signing in with user/password @@ -137,8 +142,9 @@ type SignInForm struct { } // Validate validates the fields -func (f *SignInForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *SignInForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // AuthorizationForm form for authorizing oauth2 clients @@ -156,8 +162,9 @@ type AuthorizationForm struct { } // Validate validates the fields -func (f *AuthorizationForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AuthorizationForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // GrantApplicationForm form for authorizing oauth2 clients @@ -170,8 +177,9 @@ type GrantApplicationForm struct { } // Validate validates the fields -func (f *GrantApplicationForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *GrantApplicationForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // AccessTokenForm for issuing access tokens from authorization codes or refresh tokens @@ -188,8 +196,9 @@ type AccessTokenForm struct { } // Validate validates the fields -func (f *AccessTokenForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AccessTokenForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // __________________________________________.___ _______ ________ _________ @@ -212,8 +221,9 @@ type UpdateProfileForm struct { } // Validate validates the fields -func (f *UpdateProfileForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *UpdateProfileForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // Avatar types @@ -231,8 +241,9 @@ type AvatarForm struct { } // Validate validates the fields -func (f *AvatarForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AvatarForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // AddEmailForm form for adding new email @@ -241,8 +252,9 @@ type AddEmailForm struct { } // Validate validates the fields -func (f *AddEmailForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AddEmailForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // UpdateThemeForm form for updating a users' theme @@ -251,8 +263,9 @@ type UpdateThemeForm struct { } // Validate validates the field -func (f *UpdateThemeForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *UpdateThemeForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // IsThemeExists checks if the theme is a theme available in the config. @@ -277,8 +290,9 @@ type ChangePasswordForm struct { } // Validate validates the fields -func (f *ChangePasswordForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *ChangePasswordForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // AddOpenIDForm is for changing openid uri @@ -287,8 +301,9 @@ type AddOpenIDForm struct { } // Validate validates the fields -func (f *AddOpenIDForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AddOpenIDForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // AddKeyForm form for adding SSH/GPG key @@ -300,8 +315,9 @@ type AddKeyForm struct { } // Validate validates the fields -func (f *AddKeyForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *AddKeyForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // NewAccessTokenForm form for creating access token @@ -310,8 +326,9 @@ type NewAccessTokenForm struct { } // Validate validates the fields -func (f *NewAccessTokenForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *NewAccessTokenForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // EditOAuth2ApplicationForm form for editing oauth2 applications @@ -321,8 +338,9 @@ type EditOAuth2ApplicationForm struct { } // Validate validates the fields -func (f *EditOAuth2ApplicationForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *EditOAuth2ApplicationForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // TwoFactorAuthForm for logging in with 2FA token. @@ -331,8 +349,9 @@ type TwoFactorAuthForm struct { } // Validate validates the fields -func (f *TwoFactorAuthForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *TwoFactorAuthForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // TwoFactorScratchAuthForm for logging in with 2FA scratch token. @@ -341,8 +360,9 @@ type TwoFactorScratchAuthForm struct { } // Validate validates the fields -func (f *TwoFactorScratchAuthForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *TwoFactorScratchAuthForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // U2FRegistrationForm for reserving an U2F name @@ -351,8 +371,9 @@ type U2FRegistrationForm struct { } // Validate validates the fields -func (f *U2FRegistrationForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *U2FRegistrationForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // U2FDeleteForm for deleting U2F keys @@ -361,6 +382,7 @@ type U2FDeleteForm struct { } // Validate validates the fields -func (f *U2FDeleteForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *U2FDeleteForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } diff --git a/modules/auth/user_form_auth_openid.go b/modules/forms/user_form_auth_openid.go similarity index 58% rename from modules/auth/user_form_auth_openid.go rename to modules/forms/user_form_auth_openid.go index 841dbd840a..06601d7e15 100644 --- a/modules/auth/user_form_auth_openid.go +++ b/modules/forms/user_form_auth_openid.go @@ -2,11 +2,14 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "net/http" + + "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/middlewares" + "gitea.com/go-chi/binding" ) // SignInOpenIDForm form for signing in with OpenID @@ -16,8 +19,9 @@ type SignInOpenIDForm struct { } // Validate validates the fields -func (f *SignInOpenIDForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *SignInOpenIDForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // SignUpOpenIDForm form for signin up with OpenID @@ -29,8 +33,9 @@ type SignUpOpenIDForm struct { } // Validate validates the fields -func (f *SignUpOpenIDForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *SignUpOpenIDForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } // ConnectOpenIDForm form for connecting an existing account to an OpenID URI @@ -40,6 +45,7 @@ type ConnectOpenIDForm struct { } // Validate validates the fields -func (f *ConnectOpenIDForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors { - return validate(errs, ctx.Data, f, ctx.Locale) +func (f *ConnectOpenIDForm) Validate(req *http.Request, errs binding.Errors) binding.Errors { + ctx := context.GetContext(req) + return middlewares.Validate(errs, ctx.Data, f, ctx.Locale) } diff --git a/modules/auth/user_form_test.go b/modules/forms/user_form_test.go similarity index 98% rename from modules/auth/user_form_test.go rename to modules/forms/user_form_test.go index 084174622e..6e0518789c 100644 --- a/modules/auth/user_form_test.go +++ b/modules/forms/user_form_test.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package forms import ( "testing" diff --git a/modules/lfs/locks.go b/modules/lfs/locks.go index a529afe1b9..cf62492c7e 100644 --- a/modules/lfs/locks.go +++ b/modules/lfs/locks.go @@ -182,7 +182,7 @@ func PostLockHandler(ctx *context.Context) { } var req api.LFSLockRequest - bodyReader := ctx.Req.Body().ReadCloser() + bodyReader := ctx.Req.Body defer bodyReader.Close() dec := json.NewDecoder(bodyReader) if err := dec.Decode(&req); err != nil { @@ -317,7 +317,7 @@ func UnLockHandler(ctx *context.Context) { } var req api.LFSLockDeleteRequest - bodyReader := ctx.Req.Body().ReadCloser() + bodyReader := ctx.Req.Body defer bodyReader.Close() dec := json.NewDecoder(bodyReader) if err := dec.Decode(&req); err != nil { diff --git a/modules/lfs/server.go b/modules/lfs/server.go index 226bcbf55a..be21a4de82 100644 --- a/modules/lfs/server.go +++ b/modules/lfs/server.go @@ -22,7 +22,6 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/storage" - "gitea.com/macaron/macaron" "github.com/dgrijalva/jwt-go" ) @@ -413,8 +412,8 @@ func PutHandler(ctx *context.Context) { } contentStore := &ContentStore{ObjectStorage: storage.LFS} - defer ctx.Req.Request.Body.Close() - if err := contentStore.Put(meta, ctx.Req.Request.Body); err != nil { + defer ctx.Req.Body.Close() + if err := contentStore.Put(meta, ctx.Req.Body); err != nil { // Put will log the error itself ctx.Resp.WriteHeader(500) if err == errSizeMismatch || err == errHashMismatch { @@ -513,7 +512,7 @@ func Represent(rv *RequestVars, meta *models.LFSMetaObject, download, upload boo // MetaMatcher provides a mux.MatcherFunc that only allows requests that contain // an Accept header with the metaMediaType -func MetaMatcher(r macaron.Request) bool { +func MetaMatcher(r *http.Request) bool { mediaParts := strings.Split(r.Header.Get("Accept"), ";") mt := mediaParts[0] return mt == metaMediaType @@ -530,7 +529,7 @@ func unpack(ctx *context.Context) *RequestVars { if r.Method == "POST" { // Maybe also check if +json var p RequestVars - bodyReader := r.Body().ReadCloser() + bodyReader := r.Body defer bodyReader.Close() dec := json.NewDecoder(bodyReader) err := dec.Decode(&p) @@ -553,7 +552,7 @@ func unpackbatch(ctx *context.Context) *BatchVars { r := ctx.Req var bv BatchVars - bodyReader := r.Body().ReadCloser() + bodyReader := r.Body defer bodyReader.Close() dec := json.NewDecoder(bodyReader) err := dec.Decode(&bv) @@ -586,7 +585,7 @@ func writeStatus(ctx *context.Context, status int) { logRequest(ctx.Req, status) } -func logRequest(r macaron.Request, status int) { +func logRequest(r *http.Request, status int) { log.Debug("LFS request - Method: %s, URL: %s, Status %d", r.Method, r.URL, status) } diff --git a/modules/auth/auth.go b/modules/middlewares/binding.go similarity index 92% rename from modules/auth/auth.go rename to modules/middlewares/binding.go index 1f4b9ec5be..1dabdbb62e 100644 --- a/modules/auth/auth.go +++ b/modules/middlewares/binding.go @@ -3,24 +3,19 @@ // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. -package auth +package middlewares import ( "reflect" "strings" + "code.gitea.io/gitea/modules/translation" "code.gitea.io/gitea/modules/validation" - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "gitea.com/go-chi/binding" "github.com/unknwon/com" ) -// IsAPIPath if URL is an api path -func IsAPIPath(url string) bool { - return strings.HasPrefix(url, "/api/") -} - // Form form binding interface type Form interface { binding.Validator @@ -35,7 +30,7 @@ func AssignForm(form interface{}, data map[string]interface{}) { typ := reflect.TypeOf(form) val := reflect.ValueOf(form) - if typ.Kind() == reflect.Ptr { + for typ.Kind() == reflect.Ptr { typ = typ.Elem() val = val.Elem() } @@ -84,7 +79,8 @@ func GetInclude(field reflect.StructField) string { return getRuleBody(field, "Include(") } -func validate(errs binding.Errors, data map[string]interface{}, f Form, l macaron.Locale) binding.Errors { +// Validate validate TODO: +func Validate(errs binding.Errors, data map[string]interface{}, f Form, l translation.Locale) binding.Errors { if errs.Len() == 0 { return errs } diff --git a/modules/middlewares/cookie.go b/modules/middlewares/cookie.go index 80d0e3b453..d18541833f 100644 --- a/modules/middlewares/cookie.go +++ b/modules/middlewares/cookie.go @@ -1,3 +1,4 @@ +// Copyright 2020 The Macaron Authors // Copyright 2020 The Gitea Authors. All rights reserved. // Use of this source code is governed by a MIT-style // license that can be found in the LICENSE file. @@ -12,6 +13,56 @@ import ( "code.gitea.io/gitea/modules/setting" ) +// MaxAge sets the maximum age for a provided cookie +func MaxAge(maxAge int) func(*http.Cookie) { + return func(c *http.Cookie) { + c.MaxAge = maxAge + } +} + +// Path sets the path for a provided cookie +func Path(path string) func(*http.Cookie) { + return func(c *http.Cookie) { + c.Path = path + } +} + +// Domain sets the domain for a provided cookie +func Domain(domain string) func(*http.Cookie) { + return func(c *http.Cookie) { + c.Domain = domain + } +} + +// Secure sets the secure setting for a provided cookie +func Secure(secure bool) func(*http.Cookie) { + return func(c *http.Cookie) { + c.Secure = secure + } +} + +// HTTPOnly sets the HttpOnly setting for a provided cookie +func HTTPOnly(httpOnly bool) func(*http.Cookie) { + return func(c *http.Cookie) { + c.HttpOnly = httpOnly + } +} + +// Expires sets the expires and rawexpires for a provided cookie +func Expires(expires time.Time) func(*http.Cookie) { + return func(c *http.Cookie) { + c.Expires = expires + c.RawExpires = expires.Format(time.UnixDate) + } +} + +// SameSite sets the SameSite for a provided cookie +func SameSite(sameSite http.SameSite) func(*http.Cookie) { + return func(c *http.Cookie) { + c.SameSite = sameSite + } +} + // NewCookie creates a cookie func NewCookie(name, value string, maxAge int) *http.Cookie { return &http.Cookie{ @@ -102,3 +153,13 @@ func SetCookie(resp http.ResponseWriter, name string, value string, others ...in resp.Header().Add("Set-Cookie", cookie.String()) } + +// GetCookie returns given cookie value from request header. +func GetCookie(req *http.Request, name string) string { + cookie, err := req.Cookie(name) + if err != nil { + return "" + } + val, _ := url.QueryUnescape(cookie.Value) + return val +} diff --git a/modules/middlewares/data.go b/modules/middlewares/data.go new file mode 100644 index 0000000000..2690289362 --- /dev/null +++ b/modules/middlewares/data.go @@ -0,0 +1,10 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package middlewares + +// DataStore represents a data store +type DataStore interface { + GetData() map[string]interface{} +} diff --git a/modules/middlewares/flash.go b/modules/middlewares/flash.go new file mode 100644 index 0000000000..38217288e8 --- /dev/null +++ b/modules/middlewares/flash.go @@ -0,0 +1,65 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package middlewares + +import "net/url" + +// flashes enumerates all the flash types +const ( + SuccessFlash = "SuccessMsg" + ErrorFlash = "ErrorMsg" + WarnFlash = "WarningMsg" + InfoFlash = "InfoMsg" +) + +var ( + // FlashNow FIXME: + FlashNow bool +) + +// Flash represents a one time data transfer between two requests. +type Flash struct { + DataStore + url.Values + ErrorMsg, WarningMsg, InfoMsg, SuccessMsg string +} + +func (f *Flash) set(name, msg string, current ...bool) { + isShow := false + if (len(current) == 0 && FlashNow) || + (len(current) > 0 && current[0]) { + isShow = true + } + + if isShow { + f.GetData()["Flash"] = f + } else { + f.Set(name, msg) + } +} + +// Error sets error message +func (f *Flash) Error(msg string, current ...bool) { + f.ErrorMsg = msg + f.set("error", msg, current...) +} + +// Warning sets warning message +func (f *Flash) Warning(msg string, current ...bool) { + f.WarningMsg = msg + f.set("warning", msg, current...) +} + +// Info sets info message +func (f *Flash) Info(msg string, current ...bool) { + f.InfoMsg = msg + f.set("info", msg, current...) +} + +// Success sets success message +func (f *Flash) Success(msg string, current ...bool) { + f.SuccessMsg = msg + f.set("success", msg, current...) +} diff --git a/modules/middlewares/locale.go b/modules/middlewares/locale.go index 98af890cfd..7cfba81bda 100644 --- a/modules/middlewares/locale.go +++ b/modules/middlewares/locale.go @@ -23,12 +23,14 @@ func Locale(resp http.ResponseWriter, req *http.Request) translation.Locale { // 2. Get language information from cookies. if len(lang) == 0 { ck, _ := req.Cookie("lang") - lang = ck.Value - hasCookie = true + if ck != nil { + lang = ck.Value + hasCookie = true + } } // Check again in case someone modify by purpose. - if !i18n.IsExist(lang) { + if lang != "" && !i18n.IsExist(lang) { lang = "" hasCookie = false } diff --git a/modules/middlewares/redis.go b/modules/middlewares/redis.go deleted file mode 100644 index ced1c1ee81..0000000000 --- a/modules/middlewares/redis.go +++ /dev/null @@ -1,217 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// Copyright 2020 The Gitea Authors. All rights reserved. -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package middlewares - -import ( - "fmt" - "sync" - "time" - - "code.gitea.io/gitea/modules/nosql" - - "gitea.com/go-chi/session" - "github.com/go-redis/redis/v7" -) - -// RedisStore represents a redis session store implementation. -// TODO: copied from modules/session/redis.go and should remove that one until macaron removed. -type RedisStore struct { - c redis.UniversalClient - prefix, sid string - duration time.Duration - lock sync.RWMutex - data map[interface{}]interface{} -} - -// NewRedisStore creates and returns a redis session store. -func NewRedisStore(c redis.UniversalClient, prefix, sid string, dur time.Duration, kv map[interface{}]interface{}) *RedisStore { - return &RedisStore{ - c: c, - prefix: prefix, - sid: sid, - duration: dur, - data: kv, - } -} - -// Set sets value to given key in session. -func (s *RedisStore) Set(key, val interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = val - return nil -} - -// Get gets value by given key in session. -func (s *RedisStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete delete a key from session. -func (s *RedisStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *RedisStore) ID() string { - return s.sid -} - -// Release releases resource and save data to provider. -func (s *RedisStore) Release() error { - // Skip encoding if the data is empty - if len(s.data) == 0 { - return nil - } - - data, err := session.EncodeGob(s.data) - if err != nil { - return err - } - - return s.c.Set(s.prefix+s.sid, string(data), s.duration).Err() -} - -// Flush deletes all session data. -func (s *RedisStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} - -// RedisProvider represents a redis session provider implementation. -type RedisProvider struct { - c redis.UniversalClient - duration time.Duration - prefix string -} - -// Init initializes redis session provider. -// configs: network=tcp,addr=:6379,password=macaron,db=0,pool_size=100,idle_timeout=180,prefix=session; -func (p *RedisProvider) Init(maxlifetime int64, configs string) (err error) { - p.duration, err = time.ParseDuration(fmt.Sprintf("%ds", maxlifetime)) - if err != nil { - return err - } - - uri := nosql.ToRedisURI(configs) - - for k, v := range uri.Query() { - switch k { - case "prefix": - p.prefix = v[0] - } - } - - p.c = nosql.GetManager().GetRedisClient(uri.String()) - return p.c.Ping().Err() -} - -// Read returns raw session store by session ID. -func (p *RedisProvider) Read(sid string) (session.RawStore, error) { - psid := p.prefix + sid - if !p.Exist(sid) { - if err := p.c.Set(psid, "", p.duration).Err(); err != nil { - return nil, err - } - } - - var kv map[interface{}]interface{} - kvs, err := p.c.Get(psid).Result() - if err != nil { - return nil, err - } - if len(kvs) == 0 { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob([]byte(kvs)) - if err != nil { - return nil, err - } - } - - return NewRedisStore(p.c, p.prefix, sid, p.duration, kv), nil -} - -// Exist returns true if session with given ID exists. -func (p *RedisProvider) Exist(sid string) bool { - v, err := p.c.Exists(p.prefix + sid).Result() - return err == nil && v == 1 -} - -// Destroy deletes a session by session ID. -func (p *RedisProvider) Destroy(sid string) error { - return p.c.Del(p.prefix + sid).Err() -} - -// Regenerate regenerates a session store from old session ID to new one. -func (p *RedisProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) { - poldsid := p.prefix + oldsid - psid := p.prefix + sid - - if p.Exist(sid) { - return nil, fmt.Errorf("new sid '%s' already exists", sid) - } else if !p.Exist(oldsid) { - // Make a fake old session. - if err = p.c.Set(poldsid, "", p.duration).Err(); err != nil { - return nil, err - } - } - - if err = p.c.Rename(poldsid, psid).Err(); err != nil { - return nil, err - } - - var kv map[interface{}]interface{} - kvs, err := p.c.Get(psid).Result() - if err != nil { - return nil, err - } - - if len(kvs) == 0 { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob([]byte(kvs)) - if err != nil { - return nil, err - } - } - - return NewRedisStore(p.c, p.prefix, sid, p.duration, kv), nil -} - -// Count counts and returns number of sessions. -func (p *RedisProvider) Count() int { - return int(p.c.DBSize().Val()) -} - -// GC calls GC to clean expired sessions. -func (*RedisProvider) GC() {} - -func init() { - session.Register("redis", &RedisProvider{}) -} diff --git a/modules/middlewares/virtual.go b/modules/middlewares/virtual.go deleted file mode 100644 index 70d780d65d..0000000000 --- a/modules/middlewares/virtual.go +++ /dev/null @@ -1,196 +0,0 @@ -// Copyright 2019 The Gitea Authors. All rights reserved. -// Use of this source code is governed by a MIT-style -// license that can be found in the LICENSE file. - -package middlewares - -import ( - "encoding/json" - "fmt" - "sync" - - "gitea.com/go-chi/session" - couchbase "gitea.com/go-chi/session/couchbase" - memcache "gitea.com/go-chi/session/memcache" - mysql "gitea.com/go-chi/session/mysql" - postgres "gitea.com/go-chi/session/postgres" -) - -// VirtualSessionProvider represents a shadowed session provider implementation. -// TODO: copied from modules/session/redis.go and should remove that one until macaron removed. -type VirtualSessionProvider struct { - lock sync.RWMutex - provider session.Provider -} - -// Init initializes the cookie session provider with given root path. -func (o *VirtualSessionProvider) Init(gclifetime int64, config string) error { - var opts session.Options - if err := json.Unmarshal([]byte(config), &opts); err != nil { - return err - } - // Note that these options are unprepared so we can't just use NewManager here. - // Nor can we access the provider map in session. - // So we will just have to do this by hand. - // This is only slightly more wrong than modules/setting/session.go:23 - switch opts.Provider { - case "memory": - o.provider = &session.MemProvider{} - case "file": - o.provider = &session.FileProvider{} - case "redis": - o.provider = &RedisProvider{} - case "mysql": - o.provider = &mysql.MysqlProvider{} - case "postgres": - o.provider = &postgres.PostgresProvider{} - case "couchbase": - o.provider = &couchbase.CouchbaseProvider{} - case "memcache": - o.provider = &memcache.MemcacheProvider{} - default: - return fmt.Errorf("VirtualSessionProvider: Unknown Provider: %s", opts.Provider) - } - return o.provider.Init(gclifetime, opts.ProviderConfig) -} - -// Read returns raw session store by session ID. -func (o *VirtualSessionProvider) Read(sid string) (session.RawStore, error) { - o.lock.RLock() - defer o.lock.RUnlock() - if o.provider.Exist(sid) { - return o.provider.Read(sid) - } - kv := make(map[interface{}]interface{}) - kv["_old_uid"] = "0" - return NewVirtualStore(o, sid, kv), nil -} - -// Exist returns true if session with given ID exists. -func (o *VirtualSessionProvider) Exist(sid string) bool { - return true -} - -// Destroy deletes a session by session ID. -func (o *VirtualSessionProvider) Destroy(sid string) error { - o.lock.Lock() - defer o.lock.Unlock() - return o.provider.Destroy(sid) -} - -// Regenerate regenerates a session store from old session ID to new one. -func (o *VirtualSessionProvider) Regenerate(oldsid, sid string) (session.RawStore, error) { - o.lock.Lock() - defer o.lock.Unlock() - return o.provider.Regenerate(oldsid, sid) -} - -// Count counts and returns number of sessions. -func (o *VirtualSessionProvider) Count() int { - o.lock.RLock() - defer o.lock.RUnlock() - return o.provider.Count() -} - -// GC calls GC to clean expired sessions. -func (o *VirtualSessionProvider) GC() { - o.provider.GC() -} - -func init() { - session.Register("VirtualSession", &VirtualSessionProvider{}) -} - -// VirtualStore represents a virtual session store implementation. -type VirtualStore struct { - p *VirtualSessionProvider - sid string - lock sync.RWMutex - data map[interface{}]interface{} - released bool -} - -// NewVirtualStore creates and returns a virtual session store. -func NewVirtualStore(p *VirtualSessionProvider, sid string, kv map[interface{}]interface{}) *VirtualStore { - return &VirtualStore{ - p: p, - sid: sid, - data: kv, - } -} - -// Set sets value to given key in session. -func (s *VirtualStore) Set(key, val interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = val - return nil -} - -// Get gets value by given key in session. -func (s *VirtualStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete delete a key from session. -func (s *VirtualStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *VirtualStore) ID() string { - return s.sid -} - -// Release releases resource and save data to provider. -func (s *VirtualStore) Release() error { - s.lock.Lock() - defer s.lock.Unlock() - // Now need to lock the provider - s.p.lock.Lock() - defer s.p.lock.Unlock() - if oldUID, ok := s.data["_old_uid"]; (ok && (oldUID != "0" || len(s.data) > 1)) || (!ok && len(s.data) > 0) { - // Now ensure that we don't exist! - realProvider := s.p.provider - - if !s.released && realProvider.Exist(s.sid) { - // This is an error! - return fmt.Errorf("new sid '%s' already exists", s.sid) - } - realStore, err := realProvider.Read(s.sid) - if err != nil { - return err - } - if err := realStore.Flush(); err != nil { - return err - } - for key, value := range s.data { - if err := realStore.Set(key, value); err != nil { - return err - } - } - err = realStore.Release() - if err == nil { - s.released = true - } - return err - } - return nil -} - -// Flush deletes all session data. -func (s *VirtualStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} diff --git a/modules/session/redis.go b/modules/session/redis.go index c88ebd5769..55e7a85168 100644 --- a/modules/session/redis.go +++ b/modules/session/redis.go @@ -23,7 +23,7 @@ import ( "code.gitea.io/gitea/modules/nosql" - "gitea.com/macaron/session" + "gitea.com/go-chi/session" "github.com/go-redis/redis/v7" ) diff --git a/modules/session/store.go b/modules/session/store.go new file mode 100644 index 0000000000..529187d3be --- /dev/null +++ b/modules/session/store.go @@ -0,0 +1,12 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package session + +// Store represents a session store +type Store interface { + Get(interface{}) interface{} + Set(interface{}, interface{}) error + Delete(interface{}) error +} diff --git a/modules/session/virtual.go b/modules/session/virtual.go index 1139cfe89c..3da499d71a 100644 --- a/modules/session/virtual.go +++ b/modules/session/virtual.go @@ -9,12 +9,11 @@ import ( "fmt" "sync" - "gitea.com/macaron/session" - couchbase "gitea.com/macaron/session/couchbase" - memcache "gitea.com/macaron/session/memcache" - mysql "gitea.com/macaron/session/mysql" - nodb "gitea.com/macaron/session/nodb" - postgres "gitea.com/macaron/session/postgres" + "gitea.com/go-chi/session" + couchbase "gitea.com/go-chi/session/couchbase" + memcache "gitea.com/go-chi/session/memcache" + mysql "gitea.com/go-chi/session/mysql" + postgres "gitea.com/go-chi/session/postgres" ) // VirtualSessionProvider represents a shadowed session provider implementation. @@ -48,8 +47,6 @@ func (o *VirtualSessionProvider) Init(gclifetime int64, config string) error { o.provider = &couchbase.CouchbaseProvider{} case "memcache": o.provider = &memcache.MemcacheProvider{} - case "nodb": - o.provider = &nodb.NodbProvider{} default: return fmt.Errorf("VirtualSessionProvider: Unknown Provider: %s", opts.Provider) } diff --git a/modules/setting/log.go b/modules/setting/log.go index 35bf021ac2..daa449a5ca 100644 --- a/modules/setting/log.go +++ b/modules/setting/log.go @@ -254,17 +254,6 @@ func generateNamedLogger(key string, options defaultLogOptions) *LogDescription return &description } -func newMacaronLogService() { - options := newDefaultLogOptions() - options.filename = filepath.Join(LogRootPath, "macaron.log") - options.bufferLength = Cfg.Section("log").Key("BUFFER_LEN").MustInt64(10000) - - Cfg.Section("log").Key("MACARON").MustString("file") - if RedirectMacaronLog { - generateNamedLogger("macaron", options) - } -} - func newAccessLogService() { EnableAccessLog = Cfg.Section("log").Key("ENABLE_ACCESS_LOG").MustBool(false) AccessLogTemplate = Cfg.Section("log").Key("ACCESS_LOG_TEMPLATE").MustString( @@ -360,7 +349,6 @@ func RestartLogsWithPIDSuffix() { // NewLogServices creates all the log services func NewLogServices(disableConsole bool) { newLogService() - newMacaronLogService() newRouterLogService() newAccessLogService() NewXORMLogService(disableConsole) diff --git a/modules/setting/session.go b/modules/setting/session.go index bd51c420a0..222c246e11 100644 --- a/modules/setting/session.go +++ b/modules/setting/session.go @@ -41,7 +41,7 @@ var ( func newSessionService() { sec := Cfg.Section("session") SessionConfig.Provider = sec.Key("PROVIDER").In("memory", - []string{"memory", "file", "redis", "mysql", "postgres", "couchbase", "memcache", "nodb"}) + []string{"memory", "file", "redis", "mysql", "postgres", "couchbase", "memcache"}) SessionConfig.ProviderConfig = strings.Trim(sec.Key("PROVIDER_CONFIG").MustString(path.Join(AppDataPath, "sessions")), "\" ") if SessionConfig.Provider == "file" && !filepath.IsAbs(SessionConfig.ProviderConfig) { SessionConfig.ProviderConfig = path.Join(AppWorkPath, SessionConfig.ProviderConfig) diff --git a/modules/templates/base.go b/modules/templates/base.go index a9b6b2737c..ff31c12899 100644 --- a/modules/templates/base.go +++ b/modules/templates/base.go @@ -12,6 +12,8 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" + + "github.com/unrolled/render" ) // Vars represents variables to be render in golang templates @@ -80,3 +82,15 @@ func getDirAssetNames(dir string) []string { } return tmpls } + +// HTMLRenderer returns a render. +func HTMLRenderer() *render.Render { + return render.New(render.Options{ + Extensions: []string{".tmpl"}, + Directory: "templates", + Funcs: NewFuncMap(), + Asset: GetAsset, + AssetNames: GetAssetNames, + IsDevelopment: !setting.IsProd(), + }) +} diff --git a/modules/templates/dynamic.go b/modules/templates/dynamic.go index f7f05e9b7c..160e4e05f2 100644 --- a/modules/templates/dynamic.go +++ b/modules/templates/dynamic.go @@ -18,8 +18,6 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" - - "gitea.com/macaron/macaron" ) var ( @@ -46,29 +44,6 @@ func GetAssetNames() []string { return append(tmpls, tmpls2...) } -// HTMLRenderer implements the macaron handler for serving HTML templates. -func HTMLRenderer() macaron.Handler { - return macaron.Renderer(macaron.RenderOptions{ - Funcs: NewFuncMap(), - Directory: path.Join(setting.StaticRootPath, "templates"), - AppendDirectories: []string{ - path.Join(setting.CustomPath, "templates"), - }, - }) -} - -// JSONRenderer implements the macaron handler for serving JSON templates. -func JSONRenderer() macaron.Handler { - return macaron.Renderer(macaron.RenderOptions{ - Funcs: NewFuncMap(), - Directory: path.Join(setting.StaticRootPath, "templates"), - AppendDirectories: []string{ - path.Join(setting.CustomPath, "templates"), - }, - HTMLContentType: "application/json", - }) -} - // Mailer provides the templates required for sending notification mails. func Mailer() (*texttmpl.Template, *template.Template) { for _, funcs := range NewTextFuncMap() { diff --git a/modules/templates/static.go b/modules/templates/static.go index 1dd3d217fc..7f95d77ad3 100644 --- a/modules/templates/static.go +++ b/modules/templates/static.go @@ -7,10 +7,7 @@ package templates import ( - "bytes" - "fmt" "html/template" - "io" "io/ioutil" "os" "path" @@ -21,8 +18,6 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" - - "gitea.com/macaron/macaron" ) var ( @@ -30,24 +25,6 @@ var ( bodyTemplates = template.New("") ) -type templateFileSystem struct { - files []macaron.TemplateFile -} - -func (templates templateFileSystem) ListFiles() []macaron.TemplateFile { - return templates.files -} - -func (templates templateFileSystem) Get(name string) (io.Reader, error) { - for i := range templates.files { - if templates.files[i].Name()+templates.files[i].Ext() == name { - return bytes.NewReader(templates.files[i].Data()), nil - } - } - - return nil, fmt.Errorf("file '%s' not found", name) -} - // GetAsset get a special asset, only for chi func GetAsset(name string) ([]byte, error) { bs, err := ioutil.ReadFile(filepath.Join(setting.CustomPath, name)) @@ -72,95 +49,6 @@ func GetAssetNames() []string { return append(tmpls, customTmpls...) } -func NewTemplateFileSystem() templateFileSystem { - fs := templateFileSystem{} - fs.files = make([]macaron.TemplateFile, 0, 10) - - for _, assetPath := range AssetNames() { - if strings.HasPrefix(assetPath, "mail/") { - continue - } - - if !strings.HasSuffix(assetPath, ".tmpl") { - continue - } - - content, err := Asset(assetPath) - - if err != nil { - log.Warn("Failed to read embedded %s template. %v", assetPath, err) - continue - } - - fs.files = append(fs.files, macaron.NewTplFile( - strings.TrimSuffix( - assetPath, - ".tmpl", - ), - content, - ".tmpl", - )) - } - - customDir := path.Join(setting.CustomPath, "templates") - isDir, err := util.IsDir(customDir) - if err != nil { - log.Warn("Unable to check if templates dir %s is a directory. Error: %v", customDir, err) - } - if isDir { - files, err := util.StatDir(customDir) - - if err != nil { - log.Warn("Failed to read %s templates dir. %v", customDir, err) - } else { - for _, filePath := range files { - if strings.HasPrefix(filePath, "mail/") { - continue - } - - if !strings.HasSuffix(filePath, ".tmpl") { - continue - } - - content, err := ioutil.ReadFile(path.Join(customDir, filePath)) - - if err != nil { - log.Warn("Failed to read custom %s template. %v", filePath, err) - continue - } - - fs.files = append(fs.files, macaron.NewTplFile( - strings.TrimSuffix( - filePath, - ".tmpl", - ), - content, - ".tmpl", - )) - } - } - } - - return fs -} - -// HTMLRenderer implements the macaron handler for serving HTML templates. -func HTMLRenderer() macaron.Handler { - return macaron.Renderer(macaron.RenderOptions{ - Funcs: NewFuncMap(), - TemplateFileSystem: NewTemplateFileSystem(), - }) -} - -// JSONRenderer implements the macaron handler for serving JSON templates. -func JSONRenderer() macaron.Handler { - return macaron.Renderer(macaron.RenderOptions{ - Funcs: NewFuncMap(), - TemplateFileSystem: NewTemplateFileSystem(), - HTMLContentType: "application/json", - }) -} - // Mailer provides the templates required for sending notification mails. func Mailer() (*texttmpl.Template, *template.Template) { for _, funcs := range NewTextFuncMap() { diff --git a/modules/test/context_tests.go b/modules/test/context_tests.go index 874d7db196..e219a8e56a 100644 --- a/modules/test/context_tests.go +++ b/modules/test/context_tests.go @@ -5,6 +5,9 @@ package test import ( + scontext "context" + "html/template" + "io" "net/http" "net/http/httptest" "net/url" @@ -13,32 +16,37 @@ import ( "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/git" + "code.gitea.io/gitea/modules/middlewares" - "gitea.com/macaron/macaron" - "gitea.com/macaron/session" + "github.com/go-chi/chi" "github.com/stretchr/testify/assert" + "github.com/unrolled/render" ) // MockContext mock context for unit tests func MockContext(t *testing.T, path string) *context.Context { - var macaronContext macaron.Context - macaronContext.ReplaceAllParams(macaron.Params{}) - macaronContext.Locale = &mockLocale{} - requestURL, err := url.Parse(path) - assert.NoError(t, err) - macaronContext.Req = macaron.Request{Request: &http.Request{ - URL: requestURL, - Form: url.Values{}, - }} - macaronContext.Resp = &mockResponseWriter{} - macaronContext.Render = &mockRender{ResponseWriter: macaronContext.Resp} - macaronContext.Data = map[string]interface{}{} - return &context.Context{ - Context: &macaronContext, - Flash: &session.Flash{ + var resp = &mockResponseWriter{} + var ctx = context.Context{ + Render: &mockRender{}, + Data: make(map[string]interface{}), + Flash: &middlewares.Flash{ Values: make(url.Values), }, + Resp: context.NewResponse(resp), + Locale: &mockLocale{}, } + + requestURL, err := url.Parse(path) + assert.NoError(t, err) + var req = &http.Request{ + URL: requestURL, + Form: url.Values{}, + } + + chiCtx := chi.NewRouteContext() + req = req.WithContext(scontext.WithValue(req.Context(), chi.RouteCtxKey, chiCtx)) + ctx.Req = context.WithContext(req, &ctx) + return &ctx } // LoadRepo load a repo into a test context. @@ -113,77 +121,20 @@ func (rw *mockResponseWriter) Size() int { return rw.size } -func (rw *mockResponseWriter) Before(b macaron.BeforeFunc) { - b(rw) -} - func (rw *mockResponseWriter) Push(target string, opts *http.PushOptions) error { return nil } type mockRender struct { - http.ResponseWriter } -func (tr *mockRender) SetResponseWriter(rw http.ResponseWriter) { - tr.ResponseWriter = rw +func (tr *mockRender) TemplateLookup(tmpl string) *template.Template { + return nil } -func (tr *mockRender) JSON(status int, _ interface{}) { - tr.Status(status) -} - -func (tr *mockRender) JSONString(interface{}) (string, error) { - return "", nil -} - -func (tr *mockRender) RawData(status int, _ []byte) { - tr.Status(status) -} - -func (tr *mockRender) PlainText(status int, _ []byte) { - tr.Status(status) -} - -func (tr *mockRender) HTML(status int, _ string, _ interface{}, _ ...macaron.HTMLOptions) { - tr.Status(status) -} - -func (tr *mockRender) HTMLSet(status int, _ string, _ string, _ interface{}, _ ...macaron.HTMLOptions) { - tr.Status(status) -} - -func (tr *mockRender) HTMLSetString(string, string, interface{}, ...macaron.HTMLOptions) (string, error) { - return "", nil -} - -func (tr *mockRender) HTMLString(string, interface{}, ...macaron.HTMLOptions) (string, error) { - return "", nil -} - -func (tr *mockRender) HTMLSetBytes(string, string, interface{}, ...macaron.HTMLOptions) ([]byte, error) { - return nil, nil -} - -func (tr *mockRender) HTMLBytes(string, interface{}, ...macaron.HTMLOptions) ([]byte, error) { - return nil, nil -} - -func (tr *mockRender) XML(status int, _ interface{}) { - tr.Status(status) -} - -func (tr *mockRender) Error(status int, _ ...string) { - tr.Status(status) -} - -func (tr *mockRender) Status(status int) { - tr.ResponseWriter.WriteHeader(status) -} - -func (tr *mockRender) SetTemplatePath(string, string) { -} - -func (tr *mockRender) HasTemplateSet(string) bool { - return true +func (tr *mockRender) HTML(w io.Writer, status int, _ string, _ interface{}, _ ...render.HTMLOptions) error { + if resp, ok := w.(http.ResponseWriter); ok { + resp.WriteHeader(status) + } + return nil } diff --git a/modules/timeutil/since_test.go b/modules/timeutil/since_test.go index 65d481a6aa..5710e91db5 100644 --- a/modules/timeutil/since_test.go +++ b/modules/timeutil/since_test.go @@ -10,8 +10,8 @@ import ( "time" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/translation" - macaroni18n "gitea.com/macaron/i18n" "github.com/stretchr/testify/assert" "github.com/unknwon/i18n" ) @@ -27,13 +27,11 @@ const ( ) func TestMain(m *testing.M) { + setting.StaticRootPath = "../../" + setting.Names = []string{"english"} + setting.Langs = []string{"en-US"} // setup - macaroni18n.I18n(macaroni18n.Options{ - Directory: "../../options/locale/", - DefaultLang: "en-US", - Langs: []string{"en-US"}, - Names: []string{"english"}, - }) + translation.InitLocales() BaseDate = time.Date(2000, time.January, 1, 0, 0, 0, 0, time.UTC) // run the tests diff --git a/modules/translation/translation.go b/modules/translation/translation.go index e39bf8b213..94a93a40ae 100644 --- a/modules/translation/translation.go +++ b/modules/translation/translation.go @@ -9,7 +9,6 @@ import ( "code.gitea.io/gitea/modules/options" "code.gitea.io/gitea/modules/setting" - macaron_i18n "gitea.com/macaron/i18n" "github.com/unknwon/i18n" "golang.org/x/text/language" ) @@ -20,49 +19,57 @@ type Locale interface { Tr(string, ...interface{}) string } +// LangType represents a lang type +type LangType struct { + Lang, Name string +} + var ( - matcher language.Matcher + matcher language.Matcher + allLangs []LangType ) +// AllLangs returns all supported langauages +func AllLangs() []LangType { + return allLangs +} + // InitLocales loads the locales func InitLocales() { localeNames, err := options.Dir("locale") - if err != nil { log.Fatal("Failed to list locale files: %v", err) } - localFiles := make(map[string][]byte) + localFiles := make(map[string][]byte) for _, name := range localeNames { localFiles[name], err = options.Locale(name) - if err != nil { log.Fatal("Failed to load %s locale file. %v", name, err) } } // These codes will be used once macaron removed - /*tags := make([]language.Tag, len(setting.Langs)) + tags := make([]language.Tag, len(setting.Langs)) for i, lang := range setting.Langs { tags[i] = language.Raw.Make(lang) } - matcher = language.NewMatcher(tags) - for i, name := range setting.Names { - i18n.SetMessage(setting.Langs[i], localFiles[name]) - } - i18n.SetDefaultLang("en-US")*/ - // To be compatible with macaron, we now have to use macaron i18n, once macaron - // removed, we can use i18n directly - macaron_i18n.I18n(macaron_i18n.Options{ - SubURL: setting.AppSubURL, - Files: localFiles, - Langs: setting.Langs, - Names: setting.Names, - DefaultLang: "en-US", - Redirect: false, - CookieDomain: setting.SessionConfig.Domain, - }) + matcher = language.NewMatcher(tags) + for i := range setting.Names { + key := "locale_" + setting.Langs[i] + ".ini" + if err := i18n.SetMessageWithDesc(setting.Langs[i], setting.Names[i], localFiles[key]); err != nil { + log.Fatal("Failed to set messages to %s: %v", setting.Langs[i], err) + } + } + i18n.SetDefaultLang("en-US") + + allLangs = make([]LangType, 0, i18n.Count()-1) + langs := i18n.ListLangs() + names := i18n.ListLangDescs() + for i, v := range langs { + allLangs = append(allLangs, LangType{v, names[i]}) + } } // Match matches accept languages diff --git a/modules/validation/binding.go b/modules/validation/binding.go index 1c67878ea1..5cfd994d2d 100644 --- a/modules/validation/binding.go +++ b/modules/validation/binding.go @@ -9,7 +9,7 @@ import ( "regexp" "strings" - "gitea.com/macaron/binding" + "gitea.com/go-chi/binding" "github.com/gobwas/glob" ) diff --git a/modules/validation/binding_test.go b/modules/validation/binding_test.go index 9fc9a6db08..e0daba89e5 100644 --- a/modules/validation/binding_test.go +++ b/modules/validation/binding_test.go @@ -9,8 +9,8 @@ import ( "net/http/httptest" "testing" - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "gitea.com/go-chi/binding" + "github.com/go-chi/chi" "github.com/stretchr/testify/assert" ) @@ -34,9 +34,10 @@ type ( func performValidationTest(t *testing.T, testCase validationTestCase) { httpRecorder := httptest.NewRecorder() - m := macaron.Classic() + m := chi.NewRouter() - m.Post(testRoute, binding.Validate(testCase.data), func(actual binding.Errors) { + m.Post(testRoute, func(resp http.ResponseWriter, req *http.Request) { + actual := binding.Validate(req, testCase.data) // see https://github.com/stretchr/testify/issues/435 if actual == nil { actual = binding.Errors{} @@ -49,7 +50,7 @@ func performValidationTest(t *testing.T, testCase validationTestCase) { if err != nil { panic(err) } - + req.Header.Add("Content-Type", "x-www-form-urlencoded") m.ServeHTTP(httpRecorder, req) switch httpRecorder.Code { diff --git a/modules/validation/glob_pattern_test.go b/modules/validation/glob_pattern_test.go index 26775167b4..cbaed7e66a 100644 --- a/modules/validation/glob_pattern_test.go +++ b/modules/validation/glob_pattern_test.go @@ -7,7 +7,7 @@ package validation import ( "testing" - "gitea.com/macaron/binding" + "gitea.com/go-chi/binding" "github.com/gobwas/glob" ) diff --git a/modules/validation/refname_test.go b/modules/validation/refname_test.go index 521a83fa04..974d956563 100644 --- a/modules/validation/refname_test.go +++ b/modules/validation/refname_test.go @@ -7,7 +7,7 @@ package validation import ( "testing" - "gitea.com/macaron/binding" + "gitea.com/go-chi/binding" ) var gitRefNameValidationTestCases = []validationTestCase{ diff --git a/modules/validation/validurl_test.go b/modules/validation/validurl_test.go index aed7406c0a..3cb6206602 100644 --- a/modules/validation/validurl_test.go +++ b/modules/validation/validurl_test.go @@ -7,7 +7,7 @@ package validation import ( "testing" - "gitea.com/macaron/binding" + "gitea.com/go-chi/binding" ) var urlValidationTestCases = []validationTestCase{ diff --git a/modules/web/route.go b/modules/web/route.go new file mode 100644 index 0000000000..701b3beed2 --- /dev/null +++ b/modules/web/route.go @@ -0,0 +1,322 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package web + +import ( + "fmt" + "net/http" + "reflect" + "strings" + + "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/middlewares" + + "gitea.com/go-chi/binding" + "github.com/go-chi/chi" +) + +// Wrap converts all kinds of routes to standard library one +func Wrap(handlers ...interface{}) http.HandlerFunc { + if len(handlers) == 0 { + panic("No handlers found") + } + + for _, handler := range handlers { + switch t := handler.(type) { + case http.HandlerFunc, func(http.ResponseWriter, *http.Request), + func(ctx *context.Context), + func(*context.APIContext), + func(*context.PrivateContext), + func(http.Handler) http.Handler: + default: + panic(fmt.Sprintf("Unsupported handler type: %#v", t)) + } + } + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + for i := 0; i < len(handlers); i++ { + handler := handlers[i] + switch t := handler.(type) { + case http.HandlerFunc: + t(resp, req) + if r, ok := resp.(context.ResponseWriter); ok && r.Status() > 0 { + return + } + case func(http.ResponseWriter, *http.Request): + t(resp, req) + if r, ok := resp.(context.ResponseWriter); ok && r.Status() > 0 { + return + } + case func(ctx *context.Context): + ctx := context.GetContext(req) + t(ctx) + if ctx.Written() { + return + } + case func(*context.APIContext): + ctx := context.GetAPIContext(req) + t(ctx) + if ctx.Written() { + return + } + case func(*context.PrivateContext): + ctx := context.GetPrivateContext(req) + t(ctx) + if ctx.Written() { + return + } + case func(http.Handler) http.Handler: + var next = http.HandlerFunc(func(http.ResponseWriter, *http.Request) {}) + t(next).ServeHTTP(resp, req) + if r, ok := resp.(context.ResponseWriter); ok && r.Status() > 0 { + return + } + default: + panic(fmt.Sprintf("Unsupported handler type: %#v", t)) + } + } + }) +} + +// Middle wrap a context function as a chi middleware +func Middle(f func(ctx *context.Context)) func(netx http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + ctx := context.GetContext(req) + f(ctx) + if ctx.Written() { + return + } + next.ServeHTTP(ctx.Resp, ctx.Req) + }) + } +} + +// MiddleAPI wrap a context function as a chi middleware +func MiddleAPI(f func(ctx *context.APIContext)) func(netx http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + ctx := context.GetAPIContext(req) + f(ctx) + if ctx.Written() { + return + } + next.ServeHTTP(ctx.Resp, ctx.Req) + }) + } +} + +// Bind binding an obj to a handler +func Bind(obj interface{}) http.HandlerFunc { + var tp = reflect.TypeOf(obj) + if tp.Kind() == reflect.Ptr { + tp = tp.Elem() + } + if tp.Kind() != reflect.Struct { + panic("Only structs are allowed to bind") + } + return Wrap(func(ctx *context.Context) { + var theObj = reflect.New(tp).Interface() // create a new form obj for every request but not use obj directly + binding.Bind(ctx.Req, theObj) + SetForm(ctx, theObj) + middlewares.AssignForm(theObj, ctx.Data) + }) +} + +// SetForm set the form object +func SetForm(data middlewares.DataStore, obj interface{}) { + data.GetData()["__form"] = obj +} + +// GetForm returns the validate form information +func GetForm(data middlewares.DataStore) interface{} { + return data.GetData()["__form"] +} + +// Route defines a route based on chi's router +type Route struct { + R chi.Router + curGroupPrefix string + curMiddlewares []interface{} +} + +// NewRoute creates a new route +func NewRoute() *Route { + r := chi.NewRouter() + return &Route{ + R: r, + curGroupPrefix: "", + curMiddlewares: []interface{}{}, + } +} + +// Use supports two middlewares +func (r *Route) Use(middlewares ...interface{}) { + if r.curGroupPrefix != "" { + r.curMiddlewares = append(r.curMiddlewares, middlewares...) + } else { + for _, middle := range middlewares { + switch t := middle.(type) { + case func(http.Handler) http.Handler: + r.R.Use(t) + case func(*context.Context): + r.R.Use(Middle(t)) + case func(*context.APIContext): + r.R.Use(MiddleAPI(t)) + default: + panic(fmt.Sprintf("Unsupported middleware type: %#v", t)) + } + } + } +} + +// Group mounts a sub-Router along a `pattern` string. +func (r *Route) Group(pattern string, fn func(), middlewares ...interface{}) { + var previousGroupPrefix = r.curGroupPrefix + var previousMiddlewares = r.curMiddlewares + r.curGroupPrefix += pattern + r.curMiddlewares = append(r.curMiddlewares, middlewares...) + + fn() + + r.curGroupPrefix = previousGroupPrefix + r.curMiddlewares = previousMiddlewares +} + +func (r *Route) getPattern(pattern string) string { + newPattern := r.curGroupPrefix + pattern + if !strings.HasPrefix(newPattern, "/") { + newPattern = "/" + newPattern + } + if newPattern == "/" { + return newPattern + } + return strings.TrimSuffix(newPattern, "/") +} + +// Mount attaches another Route along ./pattern/* +func (r *Route) Mount(pattern string, subR *Route) { + var middlewares = make([]interface{}, len(r.curMiddlewares)) + copy(middlewares, r.curMiddlewares) + subR.Use(middlewares...) + r.R.Mount(r.getPattern(pattern), subR.R) +} + +// Any delegate requests for all methods +func (r *Route) Any(pattern string, h ...interface{}) { + var middlewares = r.getMiddlewares(h) + r.R.HandleFunc(r.getPattern(pattern), Wrap(middlewares...)) +} + +// Route delegate special methods +func (r *Route) Route(pattern string, methods string, h ...interface{}) { + p := r.getPattern(pattern) + ms := strings.Split(methods, ",") + var middlewares = r.getMiddlewares(h) + for _, method := range ms { + r.R.MethodFunc(strings.TrimSpace(method), p, Wrap(middlewares...)) + } +} + +// Delete delegate delete method +func (r *Route) Delete(pattern string, h ...interface{}) { + var middlewares = r.getMiddlewares(h) + r.R.Delete(r.getPattern(pattern), Wrap(middlewares...)) +} + +func (r *Route) getMiddlewares(h []interface{}) []interface{} { + var middlewares = make([]interface{}, len(r.curMiddlewares), len(r.curMiddlewares)+len(h)) + copy(middlewares, r.curMiddlewares) + middlewares = append(middlewares, h...) + return middlewares +} + +// Get delegate get method +func (r *Route) Get(pattern string, h ...interface{}) { + var middlewares = r.getMiddlewares(h) + r.R.Get(r.getPattern(pattern), Wrap(middlewares...)) +} + +// Head delegate head method +func (r *Route) Head(pattern string, h ...interface{}) { + var middlewares = r.getMiddlewares(h) + r.R.Head(r.getPattern(pattern), Wrap(middlewares...)) +} + +// Post delegate post method +func (r *Route) Post(pattern string, h ...interface{}) { + var middlewares = r.getMiddlewares(h) + r.R.Post(r.getPattern(pattern), Wrap(middlewares...)) +} + +// Put delegate put method +func (r *Route) Put(pattern string, h ...interface{}) { + var middlewares = r.getMiddlewares(h) + r.R.Put(r.getPattern(pattern), Wrap(middlewares...)) +} + +// Patch delegate patch method +func (r *Route) Patch(pattern string, h ...interface{}) { + var middlewares = r.getMiddlewares(h) + r.R.Patch(r.getPattern(pattern), Wrap(middlewares...)) +} + +// ServeHTTP implements http.Handler +func (r *Route) ServeHTTP(w http.ResponseWriter, req *http.Request) { + r.R.ServeHTTP(w, req) +} + +// NotFound defines a handler to respond whenever a route could +// not be found. +func (r *Route) NotFound(h http.HandlerFunc) { + r.R.NotFound(h) +} + +// MethodNotAllowed defines a handler to respond whenever a method is +// not allowed. +func (r *Route) MethodNotAllowed(h http.HandlerFunc) { + r.R.MethodNotAllowed(h) +} + +// Combo deletegate requests to Combo +func (r *Route) Combo(pattern string, h ...interface{}) *Combo { + return &Combo{r, pattern, h} +} + +// Combo represents a tiny group routes with same pattern +type Combo struct { + r *Route + pattern string + h []interface{} +} + +// Get deletegate Get method +func (c *Combo) Get(h ...interface{}) *Combo { + c.r.Get(c.pattern, append(c.h, h...)...) + return c +} + +// Post deletegate Post method +func (c *Combo) Post(h ...interface{}) *Combo { + c.r.Post(c.pattern, append(c.h, h...)...) + return c +} + +// Delete deletegate Delete method +func (c *Combo) Delete(h ...interface{}) *Combo { + c.r.Delete(c.pattern, append(c.h, h...)...) + return c +} + +// Put deletegate Put method +func (c *Combo) Put(h ...interface{}) *Combo { + c.r.Put(c.pattern, append(c.h, h...)...) + return c +} + +// Patch deletegate Patch method +func (c *Combo) Patch(h ...interface{}) *Combo { + c.r.Patch(c.pattern, append(c.h, h...)...) + return c +} diff --git a/modules/web/route_test.go b/modules/web/route_test.go new file mode 100644 index 0000000000..03955f0f2d --- /dev/null +++ b/modules/web/route_test.go @@ -0,0 +1,169 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package web + +import ( + "bytes" + "net/http" + "net/http/httptest" + "testing" + + "github.com/go-chi/chi" + "github.com/stretchr/testify/assert" +) + +func TestRoute1(t *testing.T) { + buff := bytes.NewBufferString("") + recorder := httptest.NewRecorder() + recorder.Body = buff + + r := NewRoute() + r.Get("/{username}/{reponame}/{type:issues|pulls}", func(resp http.ResponseWriter, req *http.Request) { + username := chi.URLParam(req, "username") + assert.EqualValues(t, "gitea", username) + reponame := chi.URLParam(req, "reponame") + assert.EqualValues(t, "gitea", reponame) + tp := chi.URLParam(req, "type") + assert.EqualValues(t, "issues", tp) + }) + + req, err := http.NewRequest("GET", "http://localhost:8000/gitea/gitea/issues", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code) +} + +func TestRoute2(t *testing.T) { + buff := bytes.NewBufferString("") + recorder := httptest.NewRecorder() + recorder.Body = buff + + var route int + + r := NewRoute() + r.Group("/{username}/{reponame}", func() { + r.Group("", func() { + r.Get("/{type:issues|pulls}", func(resp http.ResponseWriter, req *http.Request) { + username := chi.URLParam(req, "username") + assert.EqualValues(t, "gitea", username) + reponame := chi.URLParam(req, "reponame") + assert.EqualValues(t, "gitea", reponame) + tp := chi.URLParam(req, "type") + assert.EqualValues(t, "issues", tp) + route = 0 + }) + + r.Get("/{type:issues|pulls}/{index}", func(resp http.ResponseWriter, req *http.Request) { + username := chi.URLParam(req, "username") + assert.EqualValues(t, "gitea", username) + reponame := chi.URLParam(req, "reponame") + assert.EqualValues(t, "gitea", reponame) + tp := chi.URLParam(req, "type") + assert.EqualValues(t, "issues", tp) + index := chi.URLParam(req, "index") + assert.EqualValues(t, "1", index) + route = 1 + }) + }, func(resp http.ResponseWriter, req *http.Request) { + resp.WriteHeader(200) + }) + + r.Group("/issues/{index}", func() { + r.Get("/view", func(resp http.ResponseWriter, req *http.Request) { + username := chi.URLParam(req, "username") + assert.EqualValues(t, "gitea", username) + reponame := chi.URLParam(req, "reponame") + assert.EqualValues(t, "gitea", reponame) + index := chi.URLParam(req, "index") + assert.EqualValues(t, "1", index) + route = 2 + }) + }) + }) + + req, err := http.NewRequest("GET", "http://localhost:8000/gitea/gitea/issues", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code) + assert.EqualValues(t, 0, route) + + req, err = http.NewRequest("GET", "http://localhost:8000/gitea/gitea/issues/1", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code) + assert.EqualValues(t, 1, route) + + req, err = http.NewRequest("GET", "http://localhost:8000/gitea/gitea/issues/1/view", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code) + assert.EqualValues(t, 2, route) +} + +func TestRoute3(t *testing.T) { + buff := bytes.NewBufferString("") + recorder := httptest.NewRecorder() + recorder.Body = buff + + var route int + + m := NewRoute() + r := NewRoute() + r.Mount("/api/v1", m) + + m.Group("/repos", func() { + m.Group("/{username}/{reponame}", func() { + m.Group("/branch_protections", func() { + m.Get("", func(resp http.ResponseWriter, req *http.Request) { + route = 0 + }) + m.Post("", func(resp http.ResponseWriter, req *http.Request) { + route = 1 + }) + m.Group("/{name}", func() { + m.Get("", func(resp http.ResponseWriter, req *http.Request) { + route = 2 + }) + m.Patch("", func(resp http.ResponseWriter, req *http.Request) { + route = 3 + }) + m.Delete("", func(resp http.ResponseWriter, req *http.Request) { + route = 4 + }) + }) + }) + }) + }) + + req, err := http.NewRequest("GET", "http://localhost:8000/api/v1/repos/gitea/gitea/branch_protections", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code) + assert.EqualValues(t, 0, route) + + req, err = http.NewRequest("POST", "http://localhost:8000/api/v1/repos/gitea/gitea/branch_protections", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code, http.StatusOK) + assert.EqualValues(t, 1, route) + + req, err = http.NewRequest("GET", "http://localhost:8000/api/v1/repos/gitea/gitea/branch_protections/master", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code) + assert.EqualValues(t, 2, route) + + req, err = http.NewRequest("PATCH", "http://localhost:8000/api/v1/repos/gitea/gitea/branch_protections/master", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code) + assert.EqualValues(t, 3, route) + + req, err = http.NewRequest("DELETE", "http://localhost:8000/api/v1/repos/gitea/gitea/branch_protections/master", nil) + assert.NoError(t, err) + r.ServeHTTP(recorder, req) + assert.EqualValues(t, http.StatusOK, recorder.Code) + assert.EqualValues(t, 4, route) +} diff --git a/options/locale/locale_de-DE.ini b/options/locale/locale_de-DE.ini index 31b55b499c..76433e6daa 100644 --- a/options/locale/locale_de-DE.ini +++ b/options/locale/locale_de-DE.ini @@ -1538,8 +1538,7 @@ settings.trust_model.collaborator.long=Mitarbeiter: Vertraue Signaturen von Mita settings.trust_model.collaborator.desc=Gültige Signaturen von Mitarbeitern dieses Projekts werden als "vertrauenswürdig" markiert - ( egal ob sie mit dem Committer übereinstimmen oder nicht). Andernfalls werden gültige Signaturen als "nicht vertrauenswürdig" markiert, unabhängig ob die Signatur mit dem Committer übereinstimmt oder nicht. settings.trust_model.committer=Committer settings.trust_model.committer.long=Committer: Vertraue Signaturen, die zu Committern passen (Dies stimmt mit GitHub überein und zwingt signierte Commits von Gitea dazu, Gitea als Committer zu haben) -settings.trust_model.committer.desc=Gültige Signaturen von Mitwirkenden werden als "vertrauenswürdig" gekennzeichnet, wenn sie mit ihrem Committer übereinstimmen. Ansonsten werden sie als "nicht übereinstimmend" markiert. Das führt dazu, dass Gitea auf signierten Commits, bei denen der echte Committer als Co-authored-by: oder Co-committed-by in der Beschreibung eingetragen wurde, als Committer gilt. -Der Standard Gitea Schlüssel muss auf einen User in der Datenbank zeigen. +settings.trust_model.committer.desc=Gültige Signaturen von Mitwirkenden werden als "vertrauenswürdig" gekennzeichnet, wenn sie mit ihrem Committer übereinstimmen. Ansonsten werden sie als "nicht übereinstimmend" markiert. Das führt dazu, dass Gitea auf signierten Commits, bei denen der echte Committer als Co-authored-by: oder Co-committed-by in der Beschreibung eingetragen wurde, als Committer gilt. Der Standard Gitea Schlüssel muss auf einen User in der Datenbank zeigen. settings.trust_model.collaboratorcommitter=Mitarbeiter+Committer settings.trust_model.collaboratorcommitter.long=Mitarbeiter+Committer: Signaturen der Mitarbeiter vertrauen die mit dem Committer übereinstimmen settings.trust_model.collaboratorcommitter.desc=Gültige Signaturen von Mitarbeitern dieses Projekts werden als "vertrauenswürdig" markiert, wenn sie mit dem Committer übereinstimmen. Andernfalls werden gültige Signaturen als "nicht vertrauenswürdig" markiert, wenn die Signatur mit dem Committer übereinstimmt als "nicht übereinstimmend". Dies zwingt Gitea als Committer bei signierten Commits mit dem tatsächlichen Committer als Co-Authored-By: und Co-Committed-By: Trailer im Commit. Der Standard-Gitea-Schlüssel muss mit einem Benutzer in der Datenbank übereinstimmen. diff --git a/routers/admin/admin.go b/routers/admin/admin.go index 4180076b08..250bc5da5e 100644 --- a/routers/admin/admin.go +++ b/routers/admin/admin.go @@ -16,20 +16,20 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/cron" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/process" "code.gitea.io/gitea/modules/queue" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/services/mailer" - "gitea.com/macaron/macaron" - "gitea.com/macaron/session" + "gitea.com/go-chi/session" ) const ( @@ -132,7 +132,8 @@ func Dashboard(ctx *context.Context) { } // DashboardPost run an admin operation -func DashboardPost(ctx *context.Context, form auth.AdminDashboardForm) { +func DashboardPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AdminDashboardForm) ctx.Data["Title"] = ctx.Tr("admin.dashboard") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminDashboard"] = true @@ -239,7 +240,7 @@ func Config(ctx *context.Context) { ctx.Data["OfflineMode"] = setting.OfflineMode ctx.Data["DisableRouterLog"] = setting.DisableRouterLog ctx.Data["RunUser"] = setting.RunUser - ctx.Data["RunMode"] = strings.Title(macaron.Env) + ctx.Data["RunMode"] = strings.Title(setting.RunMode) if version, err := git.LocalVersion(); err == nil { ctx.Data["GitVersion"] = version.Original() } diff --git a/routers/admin/auths.go b/routers/admin/auths.go index 7a9d286373..12d0a2ccfa 100644 --- a/routers/admin/auths.go +++ b/routers/admin/auths.go @@ -10,15 +10,16 @@ import ( "regexp" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/auth/ldap" "code.gitea.io/gitea/modules/auth/oauth2" "code.gitea.io/gitea/modules/auth/pam" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "xorm.io/xorm/convert" ) @@ -206,7 +207,8 @@ func parseSSPIConfig(ctx *context.Context, form auth.AuthenticationForm) (*model } // NewAuthSourcePost response for adding an auth source -func NewAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) { +func NewAuthSourcePost(ctx *context.Context) { + form := *web.GetForm(ctx).(*auth.AuthenticationForm) ctx.Data["Title"] = ctx.Tr("admin.auths.new") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminAuthentications"] = true @@ -312,7 +314,8 @@ func EditAuthSource(ctx *context.Context) { } // EditAuthSourcePost response for editing auth source -func EditAuthSourcePost(ctx *context.Context, form auth.AuthenticationForm) { +func EditAuthSourcePost(ctx *context.Context) { + form := *web.GetForm(ctx).(*auth.AuthenticationForm) ctx.Data["Title"] = ctx.Tr("admin.auths.edit") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminAuthentications"] = true diff --git a/routers/admin/users.go b/routers/admin/users.go index 74fce9a10c..2d40a883af 100644 --- a/routers/admin/users.go +++ b/routers/admin/users.go @@ -11,12 +11,13 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/password" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers" router_user_setting "code.gitea.io/gitea/routers/user/setting" "code.gitea.io/gitea/services/mailer" @@ -63,7 +64,8 @@ func NewUser(ctx *context.Context) { } // NewUserPost response for adding a new user -func NewUserPost(ctx *context.Context, form auth.AdminCreateUserForm) { +func NewUserPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AdminCreateUserForm) ctx.Data["Title"] = ctx.Tr("admin.users.new_account") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminUsers"] = true @@ -214,7 +216,8 @@ func EditUser(ctx *context.Context) { } // EditUserPost response for editting user -func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) { +func EditUserPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AdminEditUserForm) ctx.Data["Title"] = ctx.Tr("admin.users.edit_account") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminUsers"] = true diff --git a/routers/admin/users_test.go b/routers/admin/users_test.go index a282507f56..bd00bb2bf1 100644 --- a/routers/admin/users_test.go +++ b/routers/admin/users_test.go @@ -8,8 +8,9 @@ import ( "testing" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/test" + "code.gitea.io/gitea/modules/web" "github.com/stretchr/testify/assert" ) @@ -39,7 +40,8 @@ func TestNewUserPost_MustChangePassword(t *testing.T) { MustChangePassword: true, } - NewUserPost(ctx, form) + web.SetForm(ctx, &form) + NewUserPost(ctx) assert.NotEmpty(t, ctx.Flash.SuccessMsg) @@ -76,7 +78,8 @@ func TestNewUserPost_MustChangePasswordFalse(t *testing.T) { MustChangePassword: false, } - NewUserPost(ctx, form) + web.SetForm(ctx, &form) + NewUserPost(ctx) assert.NotEmpty(t, ctx.Flash.SuccessMsg) @@ -113,7 +116,8 @@ func TestNewUserPost_InvalidEmail(t *testing.T) { MustChangePassword: false, } - NewUserPost(ctx, form) + web.SetForm(ctx, &form) + NewUserPost(ctx) assert.NotEmpty(t, ctx.Flash.ErrorMsg) } diff --git a/routers/api/v1/admin/org.go b/routers/api/v1/admin/org.go index 0fd9e17f41..1356276f07 100644 --- a/routers/api/v1/admin/org.go +++ b/routers/api/v1/admin/org.go @@ -13,12 +13,13 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/user" "code.gitea.io/gitea/routers/api/v1/utils" ) // CreateOrg api for create organization -func CreateOrg(ctx *context.APIContext, form api.CreateOrgOption) { +func CreateOrg(ctx *context.APIContext) { // swagger:operation POST /admin/users/{username}/orgs admin adminCreateOrg // --- // summary: Create an organization @@ -43,7 +44,7 @@ func CreateOrg(ctx *context.APIContext, form api.CreateOrgOption) { // "$ref": "#/responses/forbidden" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateOrgOption) u := user.GetUserByParams(ctx) if ctx.Written() { return diff --git a/routers/api/v1/admin/repo.go b/routers/api/v1/admin/repo.go index 73c7d740f8..467f8a22ff 100644 --- a/routers/api/v1/admin/repo.go +++ b/routers/api/v1/admin/repo.go @@ -7,12 +7,13 @@ package admin import ( "code.gitea.io/gitea/modules/context" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/repo" "code.gitea.io/gitea/routers/api/v1/user" ) // CreateRepo api for creating a repository -func CreateRepo(ctx *context.APIContext, form api.CreateRepoOption) { +func CreateRepo(ctx *context.APIContext) { // swagger:operation POST /admin/users/{username}/repos admin adminCreateRepo // --- // summary: Create a repository on behalf of a user @@ -41,11 +42,11 @@ func CreateRepo(ctx *context.APIContext, form api.CreateRepoOption) { // "$ref": "#/responses/error" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateRepoOption) owner := user.GetUserByParams(ctx) if ctx.Written() { return } - repo.CreateUserRepo(ctx, owner, form) + repo.CreateUserRepo(ctx, owner, *form) } diff --git a/routers/api/v1/admin/user.go b/routers/api/v1/admin/user.go index 670baf020b..f148710c79 100644 --- a/routers/api/v1/admin/user.go +++ b/routers/api/v1/admin/user.go @@ -16,6 +16,7 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/password" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/user" "code.gitea.io/gitea/routers/api/v1/utils" "code.gitea.io/gitea/services/mailer" @@ -42,7 +43,7 @@ func parseLoginSource(ctx *context.APIContext, u *models.User, sourceID int64, l } // CreateUser create a user -func CreateUser(ctx *context.APIContext, form api.CreateUserOption) { +func CreateUser(ctx *context.APIContext) { // swagger:operation POST /admin/users admin adminCreateUser // --- // summary: Create a user @@ -64,7 +65,7 @@ func CreateUser(ctx *context.APIContext, form api.CreateUserOption) { // "$ref": "#/responses/forbidden" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateUserOption) u := &models.User{ Name: form.Username, FullName: form.FullName, @@ -119,7 +120,7 @@ func CreateUser(ctx *context.APIContext, form api.CreateUserOption) { } // EditUser api for modifying a user's information -func EditUser(ctx *context.APIContext, form api.EditUserOption) { +func EditUser(ctx *context.APIContext) { // swagger:operation PATCH /admin/users/{username} admin adminEditUser // --- // summary: Edit an existing user @@ -144,7 +145,7 @@ func EditUser(ctx *context.APIContext, form api.EditUserOption) { // "$ref": "#/responses/forbidden" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.EditUserOption) u := user.GetUserByParams(ctx) if ctx.Written() { return @@ -283,7 +284,7 @@ func DeleteUser(ctx *context.APIContext) { } // CreatePublicKey api for creating a public key to a user -func CreatePublicKey(ctx *context.APIContext, form api.CreateKeyOption) { +func CreatePublicKey(ctx *context.APIContext) { // swagger:operation POST /admin/users/{username}/keys admin adminCreatePublicKey // --- // summary: Add a public key on behalf of a user @@ -308,12 +309,12 @@ func CreatePublicKey(ctx *context.APIContext, form api.CreateKeyOption) { // "$ref": "#/responses/forbidden" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateKeyOption) u := user.GetUserByParams(ctx) if ctx.Written() { return } - user.CreateUserPublicKey(ctx, form, u.ID) + user.CreateUserPublicKey(ctx, *form, u.ID) } // DeleteUserPublicKey api for deleting a user's public key diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index 876f48ca5c..593551d770 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -66,14 +66,16 @@ package v1 import ( "net/http" + "reflect" "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/admin" "code.gitea.io/gitea/routers/api/v1/misc" "code.gitea.io/gitea/routers/api/v1/notify" @@ -83,11 +85,12 @@ import ( _ "code.gitea.io/gitea/routers/api/v1/swagger" // for swagger generation "code.gitea.io/gitea/routers/api/v1/user" - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "gitea.com/go-chi/binding" + "gitea.com/go-chi/session" + "github.com/go-chi/cors" ) -func sudo() macaron.Handler { +func sudo() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { sudo := ctx.Query("sudo") if len(sudo) == 0 { @@ -117,10 +120,10 @@ func sudo() macaron.Handler { } } -func repoAssignment() macaron.Handler { +func repoAssignment() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { - userName := ctx.Params(":username") - repoName := ctx.Params(":reponame") + userName := ctx.Params("username") + repoName := ctx.Params("reponame") var ( owner *models.User @@ -184,7 +187,7 @@ func repoAssignment() macaron.Handler { } // Contexter middleware already checks token for user sign in process. -func reqToken() macaron.Handler { +func reqToken() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if true == ctx.Data["IsApiToken"] { return @@ -201,7 +204,7 @@ func reqToken() macaron.Handler { } } -func reqBasicAuth() macaron.Handler { +func reqBasicAuth() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if !ctx.Context.IsBasicAuth { ctx.Error(http.StatusUnauthorized, "reqBasicAuth", "basic auth required") @@ -212,7 +215,7 @@ func reqBasicAuth() macaron.Handler { } // reqSiteAdmin user should be the site admin -func reqSiteAdmin() macaron.Handler { +func reqSiteAdmin() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if !ctx.IsUserSiteAdmin() { ctx.Error(http.StatusForbidden, "reqSiteAdmin", "user should be the site admin") @@ -222,7 +225,7 @@ func reqSiteAdmin() macaron.Handler { } // reqOwner user should be the owner of the repo or site admin. -func reqOwner() macaron.Handler { +func reqOwner() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if !ctx.IsUserRepoOwner() && !ctx.IsUserSiteAdmin() { ctx.Error(http.StatusForbidden, "reqOwner", "user should be the owner of the repo") @@ -232,7 +235,7 @@ func reqOwner() macaron.Handler { } // reqAdmin user should be an owner or a collaborator with admin write of a repository, or site admin -func reqAdmin() macaron.Handler { +func reqAdmin() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() { ctx.Error(http.StatusForbidden, "reqAdmin", "user should be an owner or a collaborator with admin write of a repository") @@ -242,7 +245,7 @@ func reqAdmin() macaron.Handler { } // reqRepoWriter user should have a permission to write to a repo, or be a site admin -func reqRepoWriter(unitTypes ...models.UnitType) macaron.Handler { +func reqRepoWriter(unitTypes ...models.UnitType) func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if !ctx.IsUserRepoWriter(unitTypes) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() { ctx.Error(http.StatusForbidden, "reqRepoWriter", "user should have a permission to write to a repo") @@ -252,7 +255,7 @@ func reqRepoWriter(unitTypes ...models.UnitType) macaron.Handler { } // reqRepoReader user should have specific read permission or be a repo admin or a site admin -func reqRepoReader(unitType models.UnitType) macaron.Handler { +func reqRepoReader(unitType models.UnitType) func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if !ctx.IsUserRepoReaderSpecific(unitType) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() { ctx.Error(http.StatusForbidden, "reqRepoReader", "user should have specific read permission or be a repo admin or a site admin") @@ -262,7 +265,7 @@ func reqRepoReader(unitType models.UnitType) macaron.Handler { } // reqAnyRepoReader user should have any permission to read repository or permissions of site admin -func reqAnyRepoReader() macaron.Handler { +func reqAnyRepoReader() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if !ctx.IsUserRepoReaderAny() && !ctx.IsUserSiteAdmin() { ctx.Error(http.StatusForbidden, "reqAnyRepoReader", "user should have any permission to read repository or permissions of site admin") @@ -272,7 +275,7 @@ func reqAnyRepoReader() macaron.Handler { } // reqOrgOwnership user should be an organization owner, or a site admin -func reqOrgOwnership() macaron.Handler { +func reqOrgOwnership() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if ctx.Context.IsUserSiteAdmin() { return @@ -304,7 +307,7 @@ func reqOrgOwnership() macaron.Handler { } // reqTeamMembership user should be an team member, or a site admin -func reqTeamMembership() macaron.Handler { +func reqTeamMembership() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if ctx.Context.IsUserSiteAdmin() { return @@ -341,7 +344,7 @@ func reqTeamMembership() macaron.Handler { } // reqOrgMembership user should be an organization member, or a site admin -func reqOrgMembership() macaron.Handler { +func reqOrgMembership() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if ctx.Context.IsUserSiteAdmin() { return @@ -371,7 +374,7 @@ func reqOrgMembership() macaron.Handler { } } -func reqGitHook() macaron.Handler { +func reqGitHook() func(ctx *context.APIContext) { return func(ctx *context.APIContext) { if !ctx.User.CanEditGitHook() { ctx.Error(http.StatusForbidden, "", "must be allowed to edit Git hooks") @@ -380,7 +383,7 @@ func reqGitHook() macaron.Handler { } } -func orgAssignment(args ...bool) macaron.Handler { +func orgAssignment(args ...bool) func(ctx *context.APIContext) { var ( assignOrg bool assignTeam bool @@ -500,13 +503,6 @@ func mustEnableIssuesOrPulls(ctx *context.APIContext) { } } -func mustEnableUserHeatmap(ctx *context.APIContext) { - if !setting.Service.EnableUserHeatmap { - ctx.NotFound() - return - } -} - func mustNotBeArchived(ctx *context.APIContext) { if ctx.Repo.Repository.IsArchived { ctx.NotFound() @@ -514,18 +510,59 @@ func mustNotBeArchived(ctx *context.APIContext) { } } -// RegisterRoutes registers all v1 APIs routes to web application. -func RegisterRoutes(m *macaron.Macaron) { - bind := binding.Bind - - if setting.API.EnableSwagger { - m.Get("/swagger", misc.Swagger) // Render V1 by default +// bind binding an obj to a func(ctx *context.APIContext) +func bind(obj interface{}) http.HandlerFunc { + var tp = reflect.TypeOf(obj) + for tp.Kind() == reflect.Ptr { + tp = tp.Elem() } + return web.Wrap(func(ctx *context.APIContext) { + var theObj = reflect.New(tp).Interface() // create a new form obj for every request but not use obj directly + errs := binding.Bind(ctx.Req, theObj) + if len(errs) > 0 { + ctx.Error(422, "validationError", errs[0].Error()) + return + } + web.SetForm(ctx, theObj) + }) +} - m.Group("/v1", func() { +// Routes registers all v1 APIs routes to web application. +func Routes() *web.Route { + var m = web.NewRoute() + + m.Use(session.Sessioner(session.Options{ + Provider: setting.SessionConfig.Provider, + ProviderConfig: setting.SessionConfig.ProviderConfig, + CookieName: setting.SessionConfig.CookieName, + CookiePath: setting.SessionConfig.CookiePath, + Gclifetime: setting.SessionConfig.Gclifetime, + Maxlifetime: setting.SessionConfig.Maxlifetime, + Secure: setting.SessionConfig.Secure, + Domain: setting.SessionConfig.Domain, + })) + m.Use(securityHeaders()) + if setting.CORSConfig.Enabled { + m.Use(cors.Handler(cors.Options{ + //Scheme: setting.CORSConfig.Scheme, // FIXME: the cors middleware needs scheme option + AllowedOrigins: setting.CORSConfig.AllowDomain, + //setting.CORSConfig.AllowSubdomain // FIXME: the cors middleware needs allowSubdomain option + AllowedMethods: setting.CORSConfig.Methods, + AllowCredentials: setting.CORSConfig.AllowCredentials, + MaxAge: int(setting.CORSConfig.MaxAge.Seconds()), + })) + } + m.Use(context.APIContexter()) + m.Use(context.ToggleAPI(&context.ToggleOptions{ + SignInRequired: setting.Service.RequireSignInView, + })) + + m.Group("", func() { // Miscellaneous if setting.API.EnableSwagger { - m.Get("/swagger", misc.Swagger) + m.Get("/swagger", func(ctx *context.APIContext) { + ctx.Redirect("/api/swagger") + }) } m.Get("/version", misc.Version) m.Get("/signing-key.gpg", misc.SigningKey) @@ -544,7 +581,7 @@ func RegisterRoutes(m *macaron.Macaron) { Get(notify.ListNotifications). Put(notify.ReadNotifications) m.Get("/new", notify.NewAvailable) - m.Combo("/threads/:id"). + m.Combo("/threads/{id}"). Get(notify.GetThread). Patch(notify.ReadThread) }, reqToken()) @@ -553,28 +590,31 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/users", func() { m.Get("/search", user.Search) - m.Group("/:username", func() { + m.Group("/{username}", func() { m.Get("", user.GetInfo) - m.Get("/heatmap", mustEnableUserHeatmap, user.GetUserHeatmapData) + + if setting.Service.EnableUserHeatmap { + m.Get("/heatmap", user.GetUserHeatmapData) + } m.Get("/repos", user.ListUserRepos) m.Group("/tokens", func() { m.Combo("").Get(user.ListAccessTokens). Post(bind(api.CreateAccessTokenOption{}), user.CreateAccessToken) - m.Combo("/:id").Delete(user.DeleteAccessToken) + m.Combo("/{id}").Delete(user.DeleteAccessToken) }, reqBasicAuth()) }) }) m.Group("/users", func() { - m.Group("/:username", func() { + m.Group("/{username}", func() { m.Get("/keys", user.ListPublicKeys) m.Get("/gpg_keys", user.ListGPGKeys) m.Get("/followers", user.ListFollowers) m.Group("/following", func() { m.Get("", user.ListFollowing) - m.Get("/:target", user.CheckFollowing) + m.Get("/{target}", user.CheckFollowing) }) m.Get("/starred", user.GetStarredRepos) @@ -592,20 +632,20 @@ func RegisterRoutes(m *macaron.Macaron) { m.Get("/followers", user.ListMyFollowers) m.Group("/following", func() { m.Get("", user.ListMyFollowing) - m.Combo("/:username").Get(user.CheckMyFollowing).Put(user.Follow).Delete(user.Unfollow) + m.Combo("/{username}").Get(user.CheckMyFollowing).Put(user.Follow).Delete(user.Unfollow) }) m.Group("/keys", func() { m.Combo("").Get(user.ListMyPublicKeys). Post(bind(api.CreateKeyOption{}), user.CreatePublicKey) - m.Combo("/:id").Get(user.GetPublicKey). + m.Combo("/{id}").Get(user.GetPublicKey). Delete(user.DeletePublicKey) }) m.Group("/applications", func() { m.Combo("/oauth2"). Get(user.ListOauth2Applications). Post(bind(api.CreateOAuth2ApplicationOptions{}), user.CreateOauth2Application) - m.Combo("/oauth2/:id"). + m.Combo("/oauth2/{id}"). Delete(user.DeleteOauth2Application). Patch(bind(api.CreateOAuth2ApplicationOptions{}), user.UpdateOauth2Application). Get(user.GetOauth2Application) @@ -614,7 +654,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/gpg_keys", func() { m.Combo("").Get(user.ListMyGPGKeys). Post(bind(api.CreateGPGKeyOption{}), user.CreateGPGKey) - m.Combo("/:id").Get(user.GetGPGKey). + m.Combo("/{id}").Get(user.GetGPGKey). Delete(user.DeleteGPGKey) }) @@ -623,7 +663,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/starred", func() { m.Get("", user.GetMyStarredRepos) - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Get("", user.IsStarring) m.Put("", user.Star) m.Delete("", user.Unstar) @@ -639,9 +679,9 @@ func RegisterRoutes(m *macaron.Macaron) { }, reqToken()) // Repositories - m.Post("/org/:org/repos", reqToken(), bind(api.CreateRepoOption{}), repo.CreateOrgRepoDeprecated) + m.Post("/org/{org}/repos", reqToken(), bind(api.CreateRepoOption{}), repo.CreateOrgRepoDeprecated) - m.Combo("/repositories/:id", reqToken()).Get(repo.GetByID) + m.Combo("/repositories/{id}", reqToken()).Get(repo.GetByID) m.Group("/repos", func() { m.Get("/search", repo.Search) @@ -650,10 +690,10 @@ func RegisterRoutes(m *macaron.Macaron) { m.Post("/migrate", reqToken(), bind(api.MigrateRepoOptions{}), repo.Migrate) - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Combo("").Get(reqAnyRepoReader(), repo.Get). Delete(reqToken(), reqOwner(), repo.Delete). - Patch(reqToken(), reqAdmin(), context.RepoRefForAPI(), bind(api.EditRepoOption{}), repo.Edit) + Patch(reqToken(), reqAdmin(), context.RepoRefForAPI, bind(api.EditRepoOption{}), repo.Edit) m.Post("/transfer", reqOwner(), bind(api.TransferRepoOption{}), repo.Transfer) m.Combo("/notifications"). Get(reqToken(), notify.ListRepoNotifications). @@ -661,15 +701,15 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/hooks", func() { m.Combo("").Get(repo.ListHooks). Post(bind(api.CreateHookOption{}), repo.CreateHook) - m.Group("/:id", func() { + m.Group("/{id}", func() { m.Combo("").Get(repo.GetHook). Patch(bind(api.EditHookOption{}), repo.EditHook). Delete(repo.DeleteHook) - m.Post("/tests", context.RepoRefForAPI(), repo.TestHook) + m.Post("/tests", context.RepoRefForAPI, repo.TestHook) }) m.Group("/git", func() { m.Combo("").Get(repo.ListGitHooks) - m.Group("/:id", func() { + m.Group("/{id}", func() { m.Combo("").Get(repo.GetGitHook). Patch(bind(api.EditGitHookOption{}), repo.EditGitHook). Delete(repo.DeleteGitHook) @@ -678,11 +718,11 @@ func RegisterRoutes(m *macaron.Macaron) { }, reqToken(), reqAdmin()) m.Group("/collaborators", func() { m.Get("", reqAnyRepoReader(), repo.ListCollaborators) - m.Combo("/:collaborator").Get(reqAnyRepoReader(), repo.IsCollaborator). + m.Combo("/{collaborator}").Get(reqAnyRepoReader(), repo.IsCollaborator). Put(reqAdmin(), bind(api.AddCollaboratorOption{}), repo.AddCollaborator). Delete(reqAdmin(), repo.DeleteCollaborator) }, reqToken()) - m.Get("/raw/*", context.RepoRefForAPI(), reqRepoReader(models.UnitTypeCode), repo.GetRawFile) + m.Get("/raw/*", context.RepoRefForAPI, reqRepoReader(models.UnitTypeCode), repo.GetRawFile) m.Get("/archive/*", reqRepoReader(models.UnitTypeCode), repo.GetArchive) m.Combo("/forks").Get(repo.ListForks). Post(reqToken(), reqRepoReader(models.UnitTypeCode), bind(api.CreateForkOption{}), repo.CreateFork) @@ -695,7 +735,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/branch_protections", func() { m.Get("", repo.ListBranchProtections) m.Post("", bind(api.CreateBranchProtectionOption{}), repo.CreateBranchProtection) - m.Group("/:name", func() { + m.Group("/{name}", func() { m.Get("", repo.GetBranchProtection) m.Patch("", bind(api.EditBranchProtectionOption{}), repo.EditBranchProtection) m.Delete("", repo.DeleteBranchProtection) @@ -707,19 +747,19 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/keys", func() { m.Combo("").Get(repo.ListDeployKeys). Post(bind(api.CreateKeyOption{}), repo.CreateDeployKey) - m.Combo("/:id").Get(repo.GetDeployKey). + m.Combo("/{id}").Get(repo.GetDeployKey). Delete(repo.DeleteDeploykey) }, reqToken(), reqAdmin()) m.Group("/times", func() { m.Combo("").Get(repo.ListTrackedTimesByRepository) - m.Combo("/:timetrackingusername").Get(repo.ListTrackedTimesByUser) + m.Combo("/{timetrackingusername}").Get(repo.ListTrackedTimesByUser) }, mustEnableIssues, reqToken()) m.Group("/issues", func() { m.Combo("").Get(repo.ListIssues). Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueOption{}), repo.CreateIssue) m.Group("/comments", func() { m.Get("", repo.ListRepoIssueComments) - m.Group("/:id", func() { + m.Group("/{id}", func() { m.Combo(""). Get(repo.GetIssueComment). Patch(mustNotBeArchived, reqToken(), bind(api.EditIssueCommentOption{}), repo.EditIssueComment). @@ -730,13 +770,13 @@ func RegisterRoutes(m *macaron.Macaron) { Delete(reqToken(), bind(api.EditReactionOption{}), repo.DeleteIssueCommentReaction) }) }) - m.Group("/:index", func() { + m.Group("/{index}", func() { m.Combo("").Get(repo.GetIssue). Patch(reqToken(), bind(api.EditIssueOption{}), repo.EditIssue) m.Group("/comments", func() { m.Combo("").Get(repo.ListIssueComments). Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueCommentOption{}), repo.CreateIssueComment) - m.Combo("/:id", reqToken()).Patch(bind(api.EditIssueCommentOption{}), repo.EditIssueCommentDeprecated). + m.Combo("/{id}", reqToken()).Patch(bind(api.EditIssueCommentOption{}), repo.EditIssueCommentDeprecated). Delete(repo.DeleteIssueCommentDeprecated) }) m.Group("/labels", func() { @@ -744,14 +784,14 @@ func RegisterRoutes(m *macaron.Macaron) { Post(reqToken(), bind(api.IssueLabelsOption{}), repo.AddIssueLabels). Put(reqToken(), bind(api.IssueLabelsOption{}), repo.ReplaceIssueLabels). Delete(reqToken(), repo.ClearIssueLabels) - m.Delete("/:id", reqToken(), repo.DeleteIssueLabel) + m.Delete("/{id}", reqToken(), repo.DeleteIssueLabel) }) m.Group("/times", func() { m.Combo(""). Get(repo.ListTrackedTimes). Post(bind(api.AddTimeOption{}), repo.AddTime). Delete(repo.ResetIssueTime) - m.Delete("/:id", repo.DeleteTime) + m.Delete("/{id}", repo.DeleteTime) }, reqToken()) m.Combo("/deadline").Post(reqToken(), bind(api.EditDeadlineOption{}), repo.UpdateIssueDeadline) m.Group("/stopwatch", func() { @@ -762,8 +802,8 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/subscriptions", func() { m.Get("", repo.GetIssueSubscribers) m.Get("/check", reqToken(), repo.CheckIssueSubscription) - m.Put("/:user", reqToken(), repo.AddIssueSubscription) - m.Delete("/:user", reqToken(), repo.DelIssueSubscription) + m.Put("/{user}", reqToken(), repo.AddIssueSubscription) + m.Delete("/{user}", reqToken(), repo.DelIssueSubscription) }) m.Combo("/reactions"). Get(repo.GetIssueReactions). @@ -774,7 +814,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/labels", func() { m.Combo("").Get(repo.ListLabels). Post(reqToken(), reqRepoWriter(models.UnitTypeIssues, models.UnitTypePullRequests), bind(api.CreateLabelOption{}), repo.CreateLabel) - m.Combo("/:id").Get(repo.GetLabel). + m.Combo("/{id}").Get(repo.GetLabel). Patch(reqToken(), reqRepoWriter(models.UnitTypeIssues, models.UnitTypePullRequests), bind(api.EditLabelOption{}), repo.EditLabel). Delete(reqToken(), reqRepoWriter(models.UnitTypeIssues, models.UnitTypePullRequests), repo.DeleteLabel) }) @@ -783,7 +823,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/milestones", func() { m.Combo("").Get(repo.ListMilestones). Post(reqToken(), reqRepoWriter(models.UnitTypeIssues, models.UnitTypePullRequests), bind(api.CreateMilestoneOption{}), repo.CreateMilestone) - m.Combo("/:id").Get(repo.GetMilestone). + m.Combo("/{id}").Get(repo.GetMilestone). Patch(reqToken(), reqRepoWriter(models.UnitTypeIssues, models.UnitTypePullRequests), bind(api.EditMilestoneOption{}), repo.EditMilestone). Delete(reqToken(), reqRepoWriter(models.UnitTypeIssues, models.UnitTypePullRequests), repo.DeleteMilestone) }) @@ -797,30 +837,30 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/releases", func() { m.Combo("").Get(repo.ListReleases). Post(reqToken(), reqRepoWriter(models.UnitTypeReleases), context.ReferencesGitRepo(false), bind(api.CreateReleaseOption{}), repo.CreateRelease) - m.Group("/:id", func() { + m.Group("/{id}", func() { m.Combo("").Get(repo.GetRelease). Patch(reqToken(), reqRepoWriter(models.UnitTypeReleases), context.ReferencesGitRepo(false), bind(api.EditReleaseOption{}), repo.EditRelease). Delete(reqToken(), reqRepoWriter(models.UnitTypeReleases), repo.DeleteRelease) m.Group("/assets", func() { m.Combo("").Get(repo.ListReleaseAttachments). Post(reqToken(), reqRepoWriter(models.UnitTypeReleases), repo.CreateReleaseAttachment) - m.Combo("/:asset").Get(repo.GetReleaseAttachment). + m.Combo("/{asset}").Get(repo.GetReleaseAttachment). Patch(reqToken(), reqRepoWriter(models.UnitTypeReleases), bind(api.EditAttachmentOptions{}), repo.EditReleaseAttachment). Delete(reqToken(), reqRepoWriter(models.UnitTypeReleases), repo.DeleteReleaseAttachment) }) }) m.Group("/tags", func() { - m.Combo("/:tag"). + m.Combo("/{tag}"). Get(repo.GetReleaseTag). Delete(reqToken(), reqRepoWriter(models.UnitTypeReleases), repo.DeleteReleaseTag) }) }, reqRepoReader(models.UnitTypeReleases)) m.Post("/mirror-sync", reqToken(), reqRepoWriter(models.UnitTypeCode), repo.MirrorSync) - m.Get("/editorconfig/:filename", context.RepoRefForAPI(), reqRepoReader(models.UnitTypeCode), repo.GetEditorconfig) + m.Get("/editorconfig/{filename}", context.RepoRefForAPI, reqRepoReader(models.UnitTypeCode), repo.GetEditorconfig) m.Group("/pulls", func() { - m.Combo("").Get(bind(api.ListPullRequestsOptions{}), repo.ListPullRequests). + m.Combo("").Get(repo.ListPullRequests). Post(reqToken(), mustNotBeArchived, bind(api.CreatePullRequestOption{}), repo.CreatePullRequest) - m.Group("/:index", func() { + m.Group("/{index}", func() { m.Combo("").Get(repo.GetPullRequest). Patch(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(api.EditPullRequestOption{}), repo.EditPullRequest) m.Get(".diff", repo.DownloadPullDiff) @@ -832,7 +872,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Combo(""). Get(repo.ListPullReviews). Post(reqToken(), bind(api.CreatePullReviewOptions{}), repo.CreatePullReview) - m.Group("/:id", func() { + m.Group("/{id}", func() { m.Combo(""). Get(repo.GetPullReview). Delete(reqToken(), repo.DeletePullReview). @@ -847,25 +887,25 @@ func RegisterRoutes(m *macaron.Macaron) { }) }, mustAllowPulls, reqRepoReader(models.UnitTypeCode), context.ReferencesGitRepo(false)) m.Group("/statuses", func() { - m.Combo("/:sha").Get(repo.GetCommitStatuses). + m.Combo("/{sha}").Get(repo.GetCommitStatuses). Post(reqToken(), bind(api.CreateStatusOption{}), repo.NewCommitStatus) }, reqRepoReader(models.UnitTypeCode)) m.Group("/commits", func() { m.Get("", repo.GetAllCommits) - m.Group("/:ref", func() { + m.Group("/{ref}", func() { m.Get("/status", repo.GetCombinedCommitStatusByRef) m.Get("/statuses", repo.GetCommitStatusesByRef) }) }, reqRepoReader(models.UnitTypeCode)) m.Group("/git", func() { m.Group("/commits", func() { - m.Get("/:sha", repo.GetSingleCommit) + m.Get("/{sha}", repo.GetSingleCommit) }) m.Get("/refs", repo.GetGitAllRefs) m.Get("/refs/*", repo.GetGitRefs) - m.Get("/trees/:sha", context.RepoRefForAPI(), repo.GetTree) - m.Get("/blobs/:sha", context.RepoRefForAPI(), repo.GetBlob) - m.Get("/tags/:sha", context.RepoRefForAPI(), repo.GetTag) + m.Get("/trees/{sha}", context.RepoRefForAPI, repo.GetTree) + m.Get("/blobs/{sha}", context.RepoRefForAPI, repo.GetBlob) + m.Get("/tags/{sha}", context.RepoRefForAPI, repo.GetTag) }, reqRepoReader(models.UnitTypeCode)) m.Group("/contents", func() { m.Get("", repo.GetContentsList) @@ -880,7 +920,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/topics", func() { m.Combo("").Get(repo.ListTopics). Put(reqToken(), reqAdmin(), bind(api.RepoTopicOptions{}), repo.UpdateTopics) - m.Group("/:topic", func() { + m.Group("/{topic}", func() { m.Combo("").Put(reqToken(), repo.AddTopic). Delete(reqToken(), repo.DeleteTopic) }, reqAdmin()) @@ -892,10 +932,10 @@ func RegisterRoutes(m *macaron.Macaron) { // Organizations m.Get("/user/orgs", reqToken(), org.ListMyOrgs) - m.Get("/users/:username/orgs", org.ListUserOrgs) + m.Get("/users/{username}/orgs", org.ListUserOrgs) m.Post("/orgs", reqToken(), bind(api.CreateOrgOption{}), org.Create) m.Get("/orgs", org.GetAll) - m.Group("/orgs/:org", func() { + m.Group("/orgs/{org}", func() { m.Combo("").Get(org.Get). Patch(reqToken(), reqOrgOwnership(), bind(api.EditOrgOption{}), org.Edit). Delete(reqToken(), reqOrgOwnership(), org.Delete) @@ -903,12 +943,12 @@ func RegisterRoutes(m *macaron.Macaron) { Post(reqToken(), bind(api.CreateRepoOption{}), repo.CreateOrgRepo) m.Group("/members", func() { m.Get("", org.ListMembers) - m.Combo("/:username").Get(org.IsMember). + m.Combo("/{username}").Get(org.IsMember). Delete(reqToken(), reqOrgOwnership(), org.DeleteMember) }) m.Group("/public_members", func() { m.Get("", org.ListPublicMembers) - m.Combo("/:username").Get(org.IsPublicMember). + m.Combo("/{username}").Get(org.IsPublicMember). Put(reqToken(), reqOrgMembership(), org.PublicizeMember). Delete(reqToken(), reqOrgMembership(), org.ConcealMember) }) @@ -920,56 +960,52 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/labels", func() { m.Get("", org.ListLabels) m.Post("", reqToken(), reqOrgOwnership(), bind(api.CreateLabelOption{}), org.CreateLabel) - m.Combo("/:id").Get(org.GetLabel). + m.Combo("/{id}").Get(org.GetLabel). Patch(reqToken(), reqOrgOwnership(), bind(api.EditLabelOption{}), org.EditLabel). Delete(reqToken(), reqOrgOwnership(), org.DeleteLabel) }) m.Group("/hooks", func() { m.Combo("").Get(org.ListHooks). Post(bind(api.CreateHookOption{}), org.CreateHook) - m.Combo("/:id").Get(org.GetHook). + m.Combo("/{id}").Get(org.GetHook). Patch(bind(api.EditHookOption{}), org.EditHook). Delete(org.DeleteHook) }, reqToken(), reqOrgOwnership()) }, orgAssignment(true)) - m.Group("/teams/:teamid", func() { + m.Group("/teams/{teamid}", func() { m.Combo("").Get(org.GetTeam). Patch(reqOrgOwnership(), bind(api.EditTeamOption{}), org.EditTeam). Delete(reqOrgOwnership(), org.DeleteTeam) m.Group("/members", func() { m.Get("", org.GetTeamMembers) - m.Combo("/:username"). + m.Combo("/{username}"). Get(org.GetTeamMember). Put(reqOrgOwnership(), org.AddTeamMember). Delete(reqOrgOwnership(), org.RemoveTeamMember) }) m.Group("/repos", func() { m.Get("", org.GetTeamRepos) - m.Combo("/:org/:reponame"). + m.Combo("/{org}/{reponame}"). Put(org.AddTeamRepository). Delete(org.RemoveTeamRepository) }) }, orgAssignment(false, true), reqToken(), reqTeamMembership()) - m.Any("/*", func(ctx *context.APIContext) { - ctx.NotFound() - }) - m.Group("/admin", func() { m.Group("/cron", func() { m.Get("", admin.ListCronTasks) - m.Post("/:task", admin.PostCronTask) + m.Post("/{task}", admin.PostCronTask) }) m.Get("/orgs", admin.GetAllOrgs) m.Group("/users", func() { m.Get("", admin.GetAllUsers) m.Post("", bind(api.CreateUserOption{}), admin.CreateUser) - m.Group("/:username", func() { + m.Group("/{username}", func() { m.Combo("").Patch(bind(api.EditUserOption{}), admin.EditUser). Delete(admin.DeleteUser) m.Group("/keys", func() { m.Post("", bind(api.CreateKeyOption{}), admin.CreatePublicKey) - m.Delete("/:id", admin.DeleteUserPublicKey) + m.Delete("/{id}", admin.DeleteUserPublicKey) }) m.Get("/orgs", org.ListUserOrgs) m.Post("/orgs", bind(api.CreateOrgOption{}), admin.CreateOrg) @@ -978,23 +1014,26 @@ func RegisterRoutes(m *macaron.Macaron) { }) m.Group("/unadopted", func() { m.Get("", admin.ListUnadoptedRepositories) - m.Post("/:username/:reponame", admin.AdoptRepository) - m.Delete("/:username/:reponame", admin.DeleteUnadoptedRepository) + m.Post("/{username}/{reponame}", admin.AdoptRepository) + m.Delete("/{username}/{reponame}", admin.DeleteUnadoptedRepository) }) }, reqToken(), reqSiteAdmin()) m.Group("/topics", func() { m.Get("/search", repo.TopicSearch) }) - }, securityHeaders(), context.APIContexter(), sudo()) + }, sudo()) + + return m } -func securityHeaders() macaron.Handler { - return func(ctx *macaron.Context) { - ctx.Resp.Before(func(w macaron.ResponseWriter) { +func securityHeaders() func(http.Handler) http.Handler { + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { // CORB: https://www.chromium.org/Home/chromium-security/corb-for-developers // http://stackoverflow.com/a/3146618/244009 - w.Header().Set("x-content-type-options", "nosniff") + resp.Header().Set("x-content-type-options", "nosniff") + next.ServeHTTP(resp, req) }) } } diff --git a/routers/api/v1/misc/markdown.go b/routers/api/v1/misc/markdown.go index a10c288df4..5718185309 100644 --- a/routers/api/v1/misc/markdown.go +++ b/routers/api/v1/misc/markdown.go @@ -5,6 +5,7 @@ package misc import ( + "io/ioutil" "net/http" "strings" @@ -13,12 +14,13 @@ import ( "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "mvdan.cc/xurls/v2" ) // Markdown render markdown document to HTML -func Markdown(ctx *context.APIContext, form api.MarkdownOption) { +func Markdown(ctx *context.APIContext) { // swagger:operation POST /markdown miscellaneous renderMarkdown // --- // summary: Render a markdown document as HTML @@ -37,6 +39,8 @@ func Markdown(ctx *context.APIContext, form api.MarkdownOption) { // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.MarkdownOption) + if ctx.HasAPIError() { ctx.Error(http.StatusUnprocessableEntity, "", ctx.GetErrMsg()) return @@ -117,7 +121,7 @@ func MarkdownRaw(ctx *context.APIContext) { // "422": // "$ref": "#/responses/validationError" - body, err := ctx.Req.Body().Bytes() + body, err := ioutil.ReadAll(ctx.Req.Body) if err != nil { ctx.Error(http.StatusUnprocessableEntity, "", err) return diff --git a/routers/api/v1/misc/markdown_test.go b/routers/api/v1/misc/markdown_test.go index 6c81ec8eb4..3ae3165fd3 100644 --- a/routers/api/v1/misc/markdown_test.go +++ b/routers/api/v1/misc/markdown_test.go @@ -15,10 +15,10 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/templates" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" - "gitea.com/macaron/inject" - "gitea.com/macaron/macaron" "github.com/stretchr/testify/assert" ) @@ -26,25 +26,21 @@ const AppURL = "http://localhost:3000/" const Repo = "gogits/gogs" const AppSubURL = AppURL + Repo + "/" -func createContext(req *http.Request) (*macaron.Context, *httptest.ResponseRecorder) { +func createContext(req *http.Request) (*context.Context, *httptest.ResponseRecorder) { + var rnd = templates.HTMLRenderer() resp := httptest.NewRecorder() - c := &macaron.Context{ - Injector: inject.New(), - Req: macaron.Request{Request: req}, - Resp: macaron.NewResponseWriter(req.Method, resp), - Render: &macaron.DummyRender{ResponseWriter: resp}, - Data: make(map[string]interface{}), + c := &context.Context{ + Req: req, + Resp: context.NewResponse(resp), + Render: rnd, + Data: make(map[string]interface{}), } - c.Map(c) - c.Map(req) return c, resp } -func wrap(ctx *macaron.Context) *context.APIContext { +func wrap(ctx *context.Context) *context.APIContext { return &context.APIContext{ - Context: &context.Context{ - Context: ctx, - }, + Context: ctx, } } @@ -115,7 +111,8 @@ Here are some links to the most important topics. You can find the full list of for i := 0; i < len(testCases); i += 2 { options.Text = testCases[i] - Markdown(ctx, options) + web.SetForm(ctx, &options) + Markdown(ctx) assert.Equal(t, testCases[i+1], resp.Body.String()) resp.Body.Reset() } @@ -156,7 +153,8 @@ func TestAPI_RenderSimple(t *testing.T) { for i := 0; i < len(simpleCases); i += 2 { options.Text = simpleCases[i] - Markdown(ctx, options) + web.SetForm(ctx, &options) + Markdown(ctx) assert.Equal(t, simpleCases[i+1], resp.Body.String()) resp.Body.Reset() } @@ -174,7 +172,7 @@ func TestAPI_RenderRaw(t *testing.T) { ctx := wrap(m) for i := 0; i < len(simpleCases); i += 2 { - ctx.Req.Request.Body = ioutil.NopCloser(strings.NewReader(simpleCases[i])) + ctx.Req.Body = ioutil.NopCloser(strings.NewReader(simpleCases[i])) MarkdownRaw(ctx) assert.Equal(t, simpleCases[i+1], resp.Body.String()) resp.Body.Reset() diff --git a/routers/api/v1/org/hook.go b/routers/api/v1/org/hook.go index cce959bb49..ed827c48d4 100644 --- a/routers/api/v1/org/hook.go +++ b/routers/api/v1/org/hook.go @@ -11,6 +11,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -85,7 +86,7 @@ func GetHook(ctx *context.APIContext) { } // CreateHook create a hook for an organization -func CreateHook(ctx *context.APIContext, form api.CreateHookOption) { +func CreateHook(ctx *context.APIContext) { // swagger:operation POST /orgs/{org}/hooks/ organization orgCreateHook // --- // summary: Create a hook @@ -108,15 +109,16 @@ func CreateHook(ctx *context.APIContext, form api.CreateHookOption) { // "201": // "$ref": "#/responses/Hook" + form := web.GetForm(ctx).(*api.CreateHookOption) //TODO in body params - if !utils.CheckCreateHookOption(ctx, &form) { + if !utils.CheckCreateHookOption(ctx, form) { return } - utils.AddOrgHook(ctx, &form) + utils.AddOrgHook(ctx, form) } // EditHook modify a hook of a repository -func EditHook(ctx *context.APIContext, form api.EditHookOption) { +func EditHook(ctx *context.APIContext) { // swagger:operation PATCH /orgs/{org}/hooks/{id} organization orgEditHook // --- // summary: Update a hook @@ -144,9 +146,11 @@ func EditHook(ctx *context.APIContext, form api.EditHookOption) { // "200": // "$ref": "#/responses/Hook" + form := web.GetForm(ctx).(*api.EditHookOption) + //TODO in body params hookID := ctx.ParamsInt64(":id") - utils.EditOrgHook(ctx, &form, hookID) + utils.EditOrgHook(ctx, form, hookID) } // DeleteHook delete a hook of an organization diff --git a/routers/api/v1/org/label.go b/routers/api/v1/org/label.go index 9a8a4fa291..76061f163a 100644 --- a/routers/api/v1/org/label.go +++ b/routers/api/v1/org/label.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -52,7 +53,7 @@ func ListLabels(ctx *context.APIContext) { } // CreateLabel create a label for a repository -func CreateLabel(ctx *context.APIContext, form api.CreateLabelOption) { +func CreateLabel(ctx *context.APIContext) { // swagger:operation POST /orgs/{org}/labels organization orgCreateLabel // --- // summary: Create a label for an organization @@ -75,7 +76,7 @@ func CreateLabel(ctx *context.APIContext, form api.CreateLabelOption) { // "$ref": "#/responses/Label" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateLabelOption) form.Color = strings.Trim(form.Color, " ") if len(form.Color) == 6 { form.Color = "#" + form.Color @@ -144,7 +145,7 @@ func GetLabel(ctx *context.APIContext) { } // EditLabel modify a label for an Organization -func EditLabel(ctx *context.APIContext, form api.EditLabelOption) { +func EditLabel(ctx *context.APIContext) { // swagger:operation PATCH /orgs/{org}/labels/{id} organization orgEditLabel // --- // summary: Update a label @@ -173,7 +174,7 @@ func EditLabel(ctx *context.APIContext, form api.EditLabelOption) { // "$ref": "#/responses/Label" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.EditLabelOption) label, err := models.GetLabelInOrgByID(ctx.Org.Organization.ID, ctx.ParamsInt64(":id")) if err != nil { if models.IsErrOrgLabelNotExist(err) { diff --git a/routers/api/v1/org/org.go b/routers/api/v1/org/org.go index ca3e10173b..61e09e1126 100644 --- a/routers/api/v1/org/org.go +++ b/routers/api/v1/org/org.go @@ -13,6 +13,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/user" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -149,7 +150,7 @@ func GetAll(ctx *context.APIContext) { } // Create api for create organization -func Create(ctx *context.APIContext, form api.CreateOrgOption) { +func Create(ctx *context.APIContext) { // swagger:operation POST /orgs organization orgCreate // --- // summary: Create an organization @@ -169,7 +170,7 @@ func Create(ctx *context.APIContext, form api.CreateOrgOption) { // "$ref": "#/responses/forbidden" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateOrgOption) if !ctx.User.CanCreateOrganization() { ctx.Error(http.StatusForbidden, "Create organization not allowed", nil) return @@ -231,7 +232,7 @@ func Get(ctx *context.APIContext) { } // Edit change an organization's information -func Edit(ctx *context.APIContext, form api.EditOrgOption) { +func Edit(ctx *context.APIContext) { // swagger:operation PATCH /orgs/{org} organization orgEdit // --- // summary: Edit an organization @@ -253,7 +254,7 @@ func Edit(ctx *context.APIContext, form api.EditOrgOption) { // responses: // "200": // "$ref": "#/responses/Organization" - + form := web.GetForm(ctx).(*api.EditOrgOption) org := ctx.Org.Organization org.FullName = form.FullName org.Description = form.Description diff --git a/routers/api/v1/org/team.go b/routers/api/v1/org/team.go index 72387dcbf7..c749751ac4 100644 --- a/routers/api/v1/org/team.go +++ b/routers/api/v1/org/team.go @@ -15,6 +15,7 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/log" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/user" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -131,7 +132,7 @@ func GetTeam(ctx *context.APIContext) { } // CreateTeam api for create a team -func CreateTeam(ctx *context.APIContext, form api.CreateTeamOption) { +func CreateTeam(ctx *context.APIContext) { // swagger:operation POST /orgs/{org}/teams organization orgCreateTeam // --- // summary: Create a team @@ -154,7 +155,7 @@ func CreateTeam(ctx *context.APIContext, form api.CreateTeamOption) { // "$ref": "#/responses/Team" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateTeamOption) team := &models.Team{ OrgID: ctx.Org.Organization.ID, Name: form.Name, @@ -190,7 +191,7 @@ func CreateTeam(ctx *context.APIContext, form api.CreateTeamOption) { } // EditTeam api for edit a team -func EditTeam(ctx *context.APIContext, form api.EditTeamOption) { +func EditTeam(ctx *context.APIContext) { // swagger:operation PATCH /teams/{id} organization orgEditTeam // --- // summary: Edit a team @@ -212,6 +213,8 @@ func EditTeam(ctx *context.APIContext, form api.EditTeamOption) { // "200": // "$ref": "#/responses/Team" + form := web.GetForm(ctx).(*api.EditTeamOption) + team := ctx.Org.Team if err := team.GetUnits(); err != nil { ctx.InternalServerError(err) diff --git a/routers/api/v1/repo/branch.go b/routers/api/v1/repo/branch.go index 9a0a552bad..790464c8bc 100644 --- a/routers/api/v1/repo/branch.go +++ b/routers/api/v1/repo/branch.go @@ -16,6 +16,7 @@ import ( "code.gitea.io/gitea/modules/log" repo_module "code.gitea.io/gitea/modules/repository" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" pull_service "code.gitea.io/gitea/services/pull" repo_service "code.gitea.io/gitea/services/repository" ) @@ -175,7 +176,7 @@ func DeleteBranch(ctx *context.APIContext) { } // CreateBranch creates a branch for a user's repository -func CreateBranch(ctx *context.APIContext, opt api.CreateBranchRepoOption) { +func CreateBranch(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/branches repository repoCreateBranch // --- // summary: Create a branch @@ -206,6 +207,7 @@ func CreateBranch(ctx *context.APIContext, opt api.CreateBranchRepoOption) { // "409": // description: The branch with the same name already exists. + opt := web.GetForm(ctx).(*api.CreateBranchRepoOption) if ctx.Repo.Repository.IsEmpty { ctx.Error(http.StatusNotFound, "", "Git Repository is empty.") return @@ -395,7 +397,7 @@ func ListBranchProtections(ctx *context.APIContext) { } // CreateBranchProtection creates a branch protection for a repo -func CreateBranchProtection(ctx *context.APIContext, form api.CreateBranchProtectionOption) { +func CreateBranchProtection(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/branch_protections repository repoCreateBranchProtection // --- // summary: Create a branch protections for a repository @@ -428,6 +430,7 @@ func CreateBranchProtection(ctx *context.APIContext, form api.CreateBranchProtec // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.CreateBranchProtectionOption) repo := ctx.Repo.Repository // Currently protection must match an actual branch @@ -561,7 +564,7 @@ func CreateBranchProtection(ctx *context.APIContext, form api.CreateBranchProtec } // EditBranchProtection edits a branch protection for a repo -func EditBranchProtection(ctx *context.APIContext, form api.EditBranchProtectionOption) { +func EditBranchProtection(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/branch_protections/{name} repository repoEditBranchProtection // --- // summary: Edit a branch protections for a repository. Only fields that are set will be changed @@ -596,7 +599,7 @@ func EditBranchProtection(ctx *context.APIContext, form api.EditBranchProtection // "$ref": "#/responses/notFound" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.EditBranchProtectionOption) repo := ctx.Repo.Repository bpName := ctx.Params(":name") protectBranch, err := models.GetProtectedBranchBy(repo.ID, bpName) diff --git a/routers/api/v1/repo/collaborators.go b/routers/api/v1/repo/collaborators.go index 497255a474..a4fc1d8f11 100644 --- a/routers/api/v1/repo/collaborators.go +++ b/routers/api/v1/repo/collaborators.go @@ -13,6 +13,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -111,7 +112,7 @@ func IsCollaborator(ctx *context.APIContext) { } // AddCollaborator add a collaborator to a repository -func AddCollaborator(ctx *context.APIContext, form api.AddCollaboratorOption) { +func AddCollaborator(ctx *context.APIContext) { // swagger:operation PUT /repos/{owner}/{repo}/collaborators/{collaborator} repository repoAddCollaborator // --- // summary: Add a collaborator to a repository @@ -143,6 +144,8 @@ func AddCollaborator(ctx *context.APIContext, form api.AddCollaboratorOption) { // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.AddCollaboratorOption) + collaborator, err := models.GetUserByName(ctx.Params(":collaborator")) if err != nil { if models.IsErrUserNotExist(err) { diff --git a/routers/api/v1/repo/commits.go b/routers/api/v1/repo/commits.go index 8c877285a8..a16cca0f4e 100644 --- a/routers/api/v1/repo/commits.go +++ b/routers/api/v1/repo/commits.go @@ -69,7 +69,11 @@ func getCommit(ctx *context.APIContext, identifier string) { defer gitRepo.Close() commit, err := gitRepo.GetCommit(identifier) if err != nil { - ctx.NotFoundOrServerError("GetCommit", git.IsErrNotExist, err) + if git.IsErrNotExist(err) { + ctx.NotFound(identifier) + return + } + ctx.Error(http.StatusInternalServerError, "gitRepo.GetCommit", err) return } diff --git a/routers/api/v1/repo/file.go b/routers/api/v1/repo/file.go index bc85fec630..044d0fe565 100644 --- a/routers/api/v1/repo/file.go +++ b/routers/api/v1/repo/file.go @@ -16,6 +16,7 @@ import ( "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/repofiles" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/repo" ) @@ -167,7 +168,7 @@ func canReadFiles(r *context.Repository) bool { } // CreateFile handles API call for creating a file -func CreateFile(ctx *context.APIContext, apiOpts api.CreateFileOptions) { +func CreateFile(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/contents/{filepath} repository repoCreateFile // --- // summary: Create a file in a repository @@ -206,6 +207,7 @@ func CreateFile(ctx *context.APIContext, apiOpts api.CreateFileOptions) { // "422": // "$ref": "#/responses/error" + apiOpts := web.GetForm(ctx).(*api.CreateFileOptions) if ctx.Repo.Repository.IsEmpty { ctx.Error(http.StatusUnprocessableEntity, "RepoIsEmpty", fmt.Errorf("repo is empty")) } @@ -253,7 +255,7 @@ func CreateFile(ctx *context.APIContext, apiOpts api.CreateFileOptions) { } // UpdateFile handles API call for updating a file -func UpdateFile(ctx *context.APIContext, apiOpts api.UpdateFileOptions) { +func UpdateFile(ctx *context.APIContext) { // swagger:operation PUT /repos/{owner}/{repo}/contents/{filepath} repository repoUpdateFile // --- // summary: Update a file in a repository @@ -291,7 +293,7 @@ func UpdateFile(ctx *context.APIContext, apiOpts api.UpdateFileOptions) { // "$ref": "#/responses/notFound" // "422": // "$ref": "#/responses/error" - + apiOpts := web.GetForm(ctx).(*api.UpdateFileOptions) if ctx.Repo.Repository.IsEmpty { ctx.Error(http.StatusUnprocessableEntity, "RepoIsEmpty", fmt.Errorf("repo is empty")) } @@ -377,7 +379,7 @@ func createOrUpdateFile(ctx *context.APIContext, opts *repofiles.UpdateRepoFileO } // DeleteFile Delete a fle in a repository -func DeleteFile(ctx *context.APIContext, apiOpts api.DeleteFileOptions) { +func DeleteFile(ctx *context.APIContext) { // swagger:operation DELETE /repos/{owner}/{repo}/contents/{filepath} repository repoDeleteFile // --- // summary: Delete a file in a repository @@ -416,6 +418,7 @@ func DeleteFile(ctx *context.APIContext, apiOpts api.DeleteFileOptions) { // "404": // "$ref": "#/responses/error" + apiOpts := web.GetForm(ctx).(*api.DeleteFileOptions) if !canWriteFiles(ctx.Repo) { ctx.Error(http.StatusForbidden, "DeleteFile", models.ErrUserDoesNotHaveAccessToRepo{ UserID: ctx.User.ID, diff --git a/routers/api/v1/repo/fork.go b/routers/api/v1/repo/fork.go index 24700f7a7f..55fcefaccc 100644 --- a/routers/api/v1/repo/fork.go +++ b/routers/api/v1/repo/fork.go @@ -13,6 +13,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" repo_service "code.gitea.io/gitea/services/repository" ) @@ -65,7 +66,7 @@ func ListForks(ctx *context.APIContext) { } // CreateFork create a fork of a repo -func CreateFork(ctx *context.APIContext, form api.CreateForkOption) { +func CreateFork(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/forks repository createFork // --- // summary: Fork a repository @@ -94,6 +95,7 @@ func CreateFork(ctx *context.APIContext, form api.CreateForkOption) { // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.CreateForkOption) repo := ctx.Repo.Repository var forker *models.User // user/org that will own the fork if form.Organization == nil { diff --git a/routers/api/v1/repo/git_hook.go b/routers/api/v1/repo/git_hook.go index 0c538ac6b3..0b4e09cadd 100644 --- a/routers/api/v1/repo/git_hook.go +++ b/routers/api/v1/repo/git_hook.go @@ -11,6 +11,7 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/git" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" ) // ListGitHooks list all Git hooks of a repository @@ -91,7 +92,7 @@ func GetGitHook(ctx *context.APIContext) { } // EditGitHook modify a Git hook of a repository -func EditGitHook(ctx *context.APIContext, form api.EditGitHookOption) { +func EditGitHook(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/hooks/git/{id} repository repoEditGitHook // --- // summary: Edit a Git hook in a repository @@ -123,6 +124,7 @@ func EditGitHook(ctx *context.APIContext, form api.EditGitHookOption) { // "404": // "$ref": "#/responses/notFound" + form := web.GetForm(ctx).(*api.EditGitHookOption) hookID := ctx.Params(":id") hook, err := ctx.Repo.GitRepo.GetHook(hookID) if err != nil { diff --git a/routers/api/v1/repo/hook.go b/routers/api/v1/repo/hook.go index 575b1fc480..520a7a0202 100644 --- a/routers/api/v1/repo/hook.go +++ b/routers/api/v1/repo/hook.go @@ -13,6 +13,7 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/git" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" "code.gitea.io/gitea/services/webhook" ) @@ -158,7 +159,7 @@ func TestHook(ctx *context.APIContext) { } // CreateHook create a hook for a repository -func CreateHook(ctx *context.APIContext, form api.CreateHookOption) { +func CreateHook(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/hooks repository repoCreateHook // --- // summary: Create a hook @@ -184,14 +185,16 @@ func CreateHook(ctx *context.APIContext, form api.CreateHookOption) { // responses: // "201": // "$ref": "#/responses/Hook" - if !utils.CheckCreateHookOption(ctx, &form) { + form := web.GetForm(ctx).(*api.CreateHookOption) + + if !utils.CheckCreateHookOption(ctx, form) { return } - utils.AddRepoHook(ctx, &form) + utils.AddRepoHook(ctx, form) } // EditHook modify a hook of a repository -func EditHook(ctx *context.APIContext, form api.EditHookOption) { +func EditHook(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/hooks/{id} repository repoEditHook // --- // summary: Edit a hook in a repository @@ -221,8 +224,9 @@ func EditHook(ctx *context.APIContext, form api.EditHookOption) { // responses: // "200": // "$ref": "#/responses/Hook" + form := web.GetForm(ctx).(*api.EditHookOption) hookID := ctx.ParamsInt64(":id") - utils.EditRepoHook(ctx, &form, hookID) + utils.EditRepoHook(ctx, form, hookID) } // DeleteHook delete a hook of a repository diff --git a/routers/api/v1/repo/issue.go b/routers/api/v1/repo/issue.go index bab8f373ce..17dad97945 100644 --- a/routers/api/v1/repo/issue.go +++ b/routers/api/v1/repo/issue.go @@ -22,6 +22,7 @@ import ( api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" issue_service "code.gitea.io/gitea/services/issue" ) @@ -448,7 +449,7 @@ func GetIssue(ctx *context.APIContext) { } // CreateIssue create an issue of a repository -func CreateIssue(ctx *context.APIContext, form api.CreateIssueOption) { +func CreateIssue(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/issues issue issueCreateIssue // --- // summary: Create an issue. If using deadline only the date will be taken into account, and time of day ignored. @@ -480,7 +481,7 @@ func CreateIssue(ctx *context.APIContext, form api.CreateIssueOption) { // "$ref": "#/responses/error" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateIssueOption) var deadlineUnix timeutil.TimeStamp if form.Deadline != nil && ctx.Repo.CanWrite(models.UnitTypeIssues) { deadlineUnix = timeutil.TimeStamp(form.Deadline.Unix()) @@ -564,7 +565,7 @@ func CreateIssue(ctx *context.APIContext, form api.CreateIssueOption) { } // EditIssue modify an issue of a repository -func EditIssue(ctx *context.APIContext, form api.EditIssueOption) { +func EditIssue(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/issues/{index} issue issueEditIssue // --- // summary: Edit an issue. If using deadline only the date will be taken into account, and time of day ignored. @@ -603,6 +604,7 @@ func EditIssue(ctx *context.APIContext, form api.EditIssueOption) { // "412": // "$ref": "#/responses/error" + form := web.GetForm(ctx).(*api.EditIssueOption) issue, err := models.GetIssueByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index")) if err != nil { if models.IsErrIssueNotExist(err) { @@ -723,7 +725,7 @@ func EditIssue(ctx *context.APIContext, form api.EditIssueOption) { } // UpdateIssueDeadline updates an issue deadline -func UpdateIssueDeadline(ctx *context.APIContext, form api.EditDeadlineOption) { +func UpdateIssueDeadline(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/issues/{index}/deadline issue issueEditIssueDeadline // --- // summary: Set an issue deadline. If set to null, the deadline is deleted. If using deadline only the date will be taken into account, and time of day ignored. @@ -759,7 +761,7 @@ func UpdateIssueDeadline(ctx *context.APIContext, form api.EditDeadlineOption) { // "$ref": "#/responses/forbidden" // "404": // "$ref": "#/responses/notFound" - + form := web.GetForm(ctx).(*api.EditDeadlineOption) issue, err := models.GetIssueByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index")) if err != nil { if models.IsErrIssueNotExist(err) { diff --git a/routers/api/v1/repo/issue_comment.go b/routers/api/v1/repo/issue_comment.go index af69ae981a..d62ca81314 100644 --- a/routers/api/v1/repo/issue_comment.go +++ b/routers/api/v1/repo/issue_comment.go @@ -13,6 +13,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" comment_service "code.gitea.io/gitea/services/comments" ) @@ -174,7 +175,7 @@ func ListRepoIssueComments(ctx *context.APIContext) { } // CreateIssueComment create a comment for an issue -func CreateIssueComment(ctx *context.APIContext, form api.CreateIssueCommentOption) { +func CreateIssueComment(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/issues/{index}/comments issue issueCreateComment // --- // summary: Add a comment to an issue @@ -208,7 +209,7 @@ func CreateIssueComment(ctx *context.APIContext, form api.CreateIssueCommentOpti // "$ref": "#/responses/Comment" // "403": // "$ref": "#/responses/forbidden" - + form := web.GetForm(ctx).(*api.CreateIssueCommentOption) issue, err := models.GetIssueByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index")) if err != nil { ctx.Error(http.StatusInternalServerError, "GetIssueByIndex", err) @@ -298,7 +299,7 @@ func GetIssueComment(ctx *context.APIContext) { } // EditIssueComment modify a comment of an issue -func EditIssueComment(ctx *context.APIContext, form api.EditIssueCommentOption) { +func EditIssueComment(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/issues/comments/{id} issue issueEditComment // --- // summary: Edit a comment @@ -337,11 +338,12 @@ func EditIssueComment(ctx *context.APIContext, form api.EditIssueCommentOption) // "404": // "$ref": "#/responses/notFound" - editIssueComment(ctx, form) + form := web.GetForm(ctx).(*api.EditIssueCommentOption) + editIssueComment(ctx, *form) } // EditIssueCommentDeprecated modify a comment of an issue -func EditIssueCommentDeprecated(ctx *context.APIContext, form api.EditIssueCommentOption) { +func EditIssueCommentDeprecated(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/issues/{index}/comments/{id} issue issueEditCommentDeprecated // --- // summary: Edit a comment @@ -386,7 +388,8 @@ func EditIssueCommentDeprecated(ctx *context.APIContext, form api.EditIssueComme // "404": // "$ref": "#/responses/notFound" - editIssueComment(ctx, form) + form := web.GetForm(ctx).(*api.EditIssueCommentOption) + editIssueComment(ctx, *form) } func editIssueComment(ctx *context.APIContext, form api.EditIssueCommentOption) { diff --git a/routers/api/v1/repo/issue_label.go b/routers/api/v1/repo/issue_label.go index 8b2a1988fa..d7f64b2d99 100644 --- a/routers/api/v1/repo/issue_label.go +++ b/routers/api/v1/repo/issue_label.go @@ -12,6 +12,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" issue_service "code.gitea.io/gitea/services/issue" ) @@ -64,7 +65,7 @@ func ListIssueLabels(ctx *context.APIContext) { } // AddIssueLabels add labels for an issue -func AddIssueLabels(ctx *context.APIContext, form api.IssueLabelsOption) { +func AddIssueLabels(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/issues/{index}/labels issue issueAddLabel // --- // summary: Add a label to an issue @@ -99,7 +100,8 @@ func AddIssueLabels(ctx *context.APIContext, form api.IssueLabelsOption) { // "403": // "$ref": "#/responses/forbidden" - issue, labels, err := prepareForReplaceOrAdd(ctx, form) + form := web.GetForm(ctx).(*api.IssueLabelsOption) + issue, labels, err := prepareForReplaceOrAdd(ctx, *form) if err != nil { return } @@ -190,7 +192,7 @@ func DeleteIssueLabel(ctx *context.APIContext) { } // ReplaceIssueLabels replace labels for an issue -func ReplaceIssueLabels(ctx *context.APIContext, form api.IssueLabelsOption) { +func ReplaceIssueLabels(ctx *context.APIContext) { // swagger:operation PUT /repos/{owner}/{repo}/issues/{index}/labels issue issueReplaceLabels // --- // summary: Replace an issue's labels @@ -224,8 +226,8 @@ func ReplaceIssueLabels(ctx *context.APIContext, form api.IssueLabelsOption) { // "$ref": "#/responses/LabelList" // "403": // "$ref": "#/responses/forbidden" - - issue, labels, err := prepareForReplaceOrAdd(ctx, form) + form := web.GetForm(ctx).(*api.IssueLabelsOption) + issue, labels, err := prepareForReplaceOrAdd(ctx, *form) if err != nil { return } diff --git a/routers/api/v1/repo/issue_reaction.go b/routers/api/v1/repo/issue_reaction.go index dfe618480f..3994c6b941 100644 --- a/routers/api/v1/repo/issue_reaction.go +++ b/routers/api/v1/repo/issue_reaction.go @@ -12,6 +12,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -90,7 +91,7 @@ func GetIssueCommentReactions(ctx *context.APIContext) { } // PostIssueCommentReaction add a reaction to a comment of an issue -func PostIssueCommentReaction(ctx *context.APIContext, form api.EditReactionOption) { +func PostIssueCommentReaction(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/issues/comments/{id}/reactions issue issuePostCommentReaction // --- // summary: Add a reaction to a comment of an issue @@ -127,11 +128,13 @@ func PostIssueCommentReaction(ctx *context.APIContext, form api.EditReactionOpti // "403": // "$ref": "#/responses/forbidden" - changeIssueCommentReaction(ctx, form, true) + form := web.GetForm(ctx).(*api.EditReactionOption) + + changeIssueCommentReaction(ctx, *form, true) } // DeleteIssueCommentReaction remove a reaction from a comment of an issue -func DeleteIssueCommentReaction(ctx *context.APIContext, form api.EditReactionOption) { +func DeleteIssueCommentReaction(ctx *context.APIContext) { // swagger:operation DELETE /repos/{owner}/{repo}/issues/comments/{id}/reactions issue issueDeleteCommentReaction // --- // summary: Remove a reaction from a comment of an issue @@ -166,7 +169,9 @@ func DeleteIssueCommentReaction(ctx *context.APIContext, form api.EditReactionOp // "403": // "$ref": "#/responses/forbidden" - changeIssueCommentReaction(ctx, form, false) + form := web.GetForm(ctx).(*api.EditReactionOption) + + changeIssueCommentReaction(ctx, *form, false) } func changeIssueCommentReaction(ctx *context.APIContext, form api.EditReactionOption, isCreateType bool) { @@ -304,7 +309,7 @@ func GetIssueReactions(ctx *context.APIContext) { } // PostIssueReaction add a reaction to an issue -func PostIssueReaction(ctx *context.APIContext, form api.EditReactionOption) { +func PostIssueReaction(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/issues/{index}/reactions issue issuePostIssueReaction // --- // summary: Add a reaction to an issue @@ -340,12 +345,12 @@ func PostIssueReaction(ctx *context.APIContext, form api.EditReactionOption) { // "$ref": "#/responses/Reaction" // "403": // "$ref": "#/responses/forbidden" - - changeIssueReaction(ctx, form, true) + form := web.GetForm(ctx).(*api.EditReactionOption) + changeIssueReaction(ctx, *form, true) } // DeleteIssueReaction remove a reaction from an issue -func DeleteIssueReaction(ctx *context.APIContext, form api.EditReactionOption) { +func DeleteIssueReaction(ctx *context.APIContext) { // swagger:operation DELETE /repos/{owner}/{repo}/issues/{index}/reactions issue issueDeleteIssueReaction // --- // summary: Remove a reaction from an issue @@ -379,8 +384,8 @@ func DeleteIssueReaction(ctx *context.APIContext, form api.EditReactionOption) { // "$ref": "#/responses/empty" // "403": // "$ref": "#/responses/forbidden" - - changeIssueReaction(ctx, form, false) + form := web.GetForm(ctx).(*api.EditReactionOption) + changeIssueReaction(ctx, *form, false) } func changeIssueReaction(ctx *context.APIContext, form api.EditReactionOption, isCreateType bool) { diff --git a/routers/api/v1/repo/issue_tracked_time.go b/routers/api/v1/repo/issue_tracked_time.go index 70ce420b77..642704800b 100644 --- a/routers/api/v1/repo/issue_tracked_time.go +++ b/routers/api/v1/repo/issue_tracked_time.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -132,7 +133,7 @@ func ListTrackedTimes(ctx *context.APIContext) { } // AddTime add time manual to the given issue -func AddTime(ctx *context.APIContext, form api.AddTimeOption) { +func AddTime(ctx *context.APIContext) { // swagger:operation Post /repos/{owner}/{repo}/issues/{index}/times issue issueAddTime // --- // summary: Add tracked time to a issue @@ -168,7 +169,7 @@ func AddTime(ctx *context.APIContext, form api.AddTimeOption) { // "$ref": "#/responses/error" // "403": // "$ref": "#/responses/forbidden" - + form := web.GetForm(ctx).(*api.AddTimeOption) issue, err := models.GetIssueByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index")) if err != nil { if models.IsErrIssueNotExist(err) { diff --git a/routers/api/v1/repo/key.go b/routers/api/v1/repo/key.go index 3e6174f621..b1b465ca11 100644 --- a/routers/api/v1/repo/key.go +++ b/routers/api/v1/repo/key.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -185,7 +186,7 @@ func HandleAddKeyError(ctx *context.APIContext, err error) { } // CreateDeployKey create deploy key for a repository -func CreateDeployKey(ctx *context.APIContext, form api.CreateKeyOption) { +func CreateDeployKey(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/keys repository repoCreateKey // --- // summary: Add a key to a repository @@ -214,6 +215,7 @@ func CreateDeployKey(ctx *context.APIContext, form api.CreateKeyOption) { // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.CreateKeyOption) content, err := models.CheckPublicKeyString(form.Key) if err != nil { HandleCheckKeyStringError(ctx, err) diff --git a/routers/api/v1/repo/label.go b/routers/api/v1/repo/label.go index fef6ebf07a..f71683f6ec 100644 --- a/routers/api/v1/repo/label.go +++ b/routers/api/v1/repo/label.go @@ -15,6 +15,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -108,7 +109,7 @@ func GetLabel(ctx *context.APIContext) { } // CreateLabel create a label for a repository -func CreateLabel(ctx *context.APIContext, form api.CreateLabelOption) { +func CreateLabel(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/labels issue issueCreateLabel // --- // summary: Create a label @@ -137,6 +138,7 @@ func CreateLabel(ctx *context.APIContext, form api.CreateLabelOption) { // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.CreateLabelOption) form.Color = strings.Trim(form.Color, " ") if len(form.Color) == 6 { form.Color = "#" + form.Color @@ -160,7 +162,7 @@ func CreateLabel(ctx *context.APIContext, form api.CreateLabelOption) { } // EditLabel modify a label for a repository -func EditLabel(ctx *context.APIContext, form api.EditLabelOption) { +func EditLabel(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/labels/{id} issue issueEditLabel // --- // summary: Update a label @@ -195,6 +197,7 @@ func EditLabel(ctx *context.APIContext, form api.EditLabelOption) { // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.EditLabelOption) label, err := models.GetLabelInRepoByID(ctx.Repo.Repository.ID, ctx.ParamsInt64(":id")) if err != nil { if models.IsErrRepoLabelNotExist(err) { diff --git a/routers/api/v1/repo/migrate.go b/routers/api/v1/repo/migrate.go index 0b829c9dfb..61cd12b991 100644 --- a/routers/api/v1/repo/migrate.go +++ b/routers/api/v1/repo/migrate.go @@ -12,9 +12,9 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/graceful" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/migrations" @@ -24,10 +24,11 @@ import ( "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" ) // Migrate migrate remote git repository to gitea -func Migrate(ctx *context.APIContext, form api.MigrateRepoOptions) { +func Migrate(ctx *context.APIContext) { // swagger:operation POST /repos/migrate repository repoMigrate // --- // summary: Migrate a remote git repository @@ -48,6 +49,8 @@ func Migrate(ctx *context.APIContext, form api.MigrateRepoOptions) { // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.MigrateRepoOptions) + //get repoOwner var ( repoOwner *models.User diff --git a/routers/api/v1/repo/milestone.go b/routers/api/v1/repo/milestone.go index db86d0868f..fc8b4efdbb 100644 --- a/routers/api/v1/repo/milestone.go +++ b/routers/api/v1/repo/milestone.go @@ -15,6 +15,7 @@ import ( "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -110,7 +111,7 @@ func GetMilestone(ctx *context.APIContext) { } // CreateMilestone create a milestone for a repository -func CreateMilestone(ctx *context.APIContext, form api.CreateMilestoneOption) { +func CreateMilestone(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/milestones issue issueCreateMilestone // --- // summary: Create a milestone @@ -136,6 +137,7 @@ func CreateMilestone(ctx *context.APIContext, form api.CreateMilestoneOption) { // responses: // "201": // "$ref": "#/responses/Milestone" + form := web.GetForm(ctx).(*api.CreateMilestoneOption) if form.Deadline == nil { defaultDeadline, _ := time.ParseInLocation("2006-01-02", "9999-12-31", time.Local) @@ -162,7 +164,7 @@ func CreateMilestone(ctx *context.APIContext, form api.CreateMilestoneOption) { } // EditMilestone modify a milestone for a repository by ID and if not available by name -func EditMilestone(ctx *context.APIContext, form api.EditMilestoneOption) { +func EditMilestone(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/milestones/{id} issue issueEditMilestone // --- // summary: Update a milestone @@ -193,7 +195,7 @@ func EditMilestone(ctx *context.APIContext, form api.EditMilestoneOption) { // responses: // "200": // "$ref": "#/responses/Milestone" - + form := web.GetForm(ctx).(*api.EditMilestoneOption) milestone := getMilestoneByIDOrName(ctx) if ctx.Written() { return diff --git a/routers/api/v1/repo/pull.go b/routers/api/v1/repo/pull.go index b2b71180a4..38dac36553 100644 --- a/routers/api/v1/repo/pull.go +++ b/routers/api/v1/repo/pull.go @@ -11,21 +11,22 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/notification" api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" issue_service "code.gitea.io/gitea/services/issue" pull_service "code.gitea.io/gitea/services/pull" ) // ListPullRequests returns a list of all PRs -func ListPullRequests(ctx *context.APIContext, form api.ListPullRequestsOptions) { +func ListPullRequests(ctx *context.APIContext) { // swagger:operation GET /repos/{owner}/{repo}/pulls repository repoListPullRequests // --- // summary: List a repo's pull requests @@ -253,7 +254,7 @@ func DownloadPullDiffOrPatch(ctx *context.APIContext, patch bool) { } // CreatePullRequest does what it says -func CreatePullRequest(ctx *context.APIContext, form api.CreatePullRequestOption) { +func CreatePullRequest(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/pulls repository repoCreatePullRequest // --- // summary: Create a pull request @@ -284,6 +285,7 @@ func CreatePullRequest(ctx *context.APIContext, form api.CreatePullRequestOption // "422": // "$ref": "#/responses/validationError" + form := *web.GetForm(ctx).(*api.CreatePullRequestOption) if form.Head == form.Base { ctx.Error(http.StatusUnprocessableEntity, "BaseHeadSame", "Invalid PullRequest: There are no changes between the head and the base") @@ -437,7 +439,7 @@ func CreatePullRequest(ctx *context.APIContext, form api.CreatePullRequestOption } // EditPullRequest does what it says -func EditPullRequest(ctx *context.APIContext, form api.EditPullRequestOption) { +func EditPullRequest(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/pulls/{index} repository repoEditPullRequest // --- // summary: Update a pull request. If using deadline only the date will be taken into account, and time of day ignored. @@ -478,6 +480,7 @@ func EditPullRequest(ctx *context.APIContext, form api.EditPullRequestOption) { // "422": // "$ref": "#/responses/validationError" + form := web.GetForm(ctx).(*api.EditPullRequestOption) pr, err := models.GetPullRequestByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index")) if err != nil { if models.IsErrPullRequestNotExist(err) { @@ -685,7 +688,7 @@ func IsPullRequestMerged(ctx *context.APIContext) { } // MergePullRequest merges a PR given an index -func MergePullRequest(ctx *context.APIContext, form auth.MergePullRequestForm) { +func MergePullRequest(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/pulls/{index}/merge repository repoMergePullRequest // --- // summary: Merge a pull request @@ -720,6 +723,7 @@ func MergePullRequest(ctx *context.APIContext, form auth.MergePullRequestForm) { // "409": // "$ref": "#/responses/error" + form := web.GetForm(ctx).(*auth.MergePullRequestForm) pr, err := models.GetPullRequestByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index")) if err != nil { if models.IsErrPullRequestNotExist(err) { diff --git a/routers/api/v1/repo/pull_review.go b/routers/api/v1/repo/pull_review.go index 9e7fd15664..d39db4c660 100644 --- a/routers/api/v1/repo/pull_review.go +++ b/routers/api/v1/repo/pull_review.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/git" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" issue_service "code.gitea.io/gitea/services/issue" pull_service "code.gitea.io/gitea/services/pull" @@ -258,7 +259,7 @@ func DeletePullReview(ctx *context.APIContext) { } // CreatePullReview create a review to an pull request -func CreatePullReview(ctx *context.APIContext, opts api.CreatePullReviewOptions) { +func CreatePullReview(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/pulls/{index}/reviews repository repoCreatePullReview // --- // summary: Create a review to an pull request @@ -294,6 +295,7 @@ func CreatePullReview(ctx *context.APIContext, opts api.CreatePullReviewOptions) // "422": // "$ref": "#/responses/validationError" + opts := web.GetForm(ctx).(*api.CreatePullReviewOptions) pr, err := models.GetPullRequestByIndex(ctx.Repo.Repository.ID, ctx.ParamsInt64(":index")) if err != nil { if models.IsErrPullRequestNotExist(err) { @@ -373,7 +375,7 @@ func CreatePullReview(ctx *context.APIContext, opts api.CreatePullReviewOptions) } // SubmitPullReview submit a pending review to an pull request -func SubmitPullReview(ctx *context.APIContext, opts api.SubmitPullReviewOptions) { +func SubmitPullReview(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id} repository repoSubmitPullReview // --- // summary: Submit a pending review to an pull request @@ -415,6 +417,7 @@ func SubmitPullReview(ctx *context.APIContext, opts api.SubmitPullReviewOptions) // "422": // "$ref": "#/responses/validationError" + opts := web.GetForm(ctx).(*api.SubmitPullReviewOptions) review, pr, isWrong := prepareSingleReview(ctx) if isWrong { return @@ -542,7 +545,7 @@ func prepareSingleReview(ctx *context.APIContext) (*models.Review, *models.PullR } // CreateReviewRequests create review requests to an pull request -func CreateReviewRequests(ctx *context.APIContext, opts api.PullReviewRequestOptions) { +func CreateReviewRequests(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/pulls/{index}/requested_reviewers repository repoCreatePullReviewRequests // --- // summary: create review requests for a pull request @@ -577,11 +580,13 @@ func CreateReviewRequests(ctx *context.APIContext, opts api.PullReviewRequestOpt // "$ref": "#/responses/validationError" // "404": // "$ref": "#/responses/notFound" - apiReviewRequest(ctx, opts, true) + + opts := web.GetForm(ctx).(*api.PullReviewRequestOptions) + apiReviewRequest(ctx, *opts, true) } // DeleteReviewRequests delete review requests to an pull request -func DeleteReviewRequests(ctx *context.APIContext, opts api.PullReviewRequestOptions) { +func DeleteReviewRequests(ctx *context.APIContext) { // swagger:operation DELETE /repos/{owner}/{repo}/pulls/{index}/requested_reviewers repository repoDeletePullReviewRequests // --- // summary: cancel review requests for a pull request @@ -616,7 +621,8 @@ func DeleteReviewRequests(ctx *context.APIContext, opts api.PullReviewRequestOpt // "$ref": "#/responses/validationError" // "404": // "$ref": "#/responses/notFound" - apiReviewRequest(ctx, opts, false) + opts := web.GetForm(ctx).(*api.PullReviewRequestOptions) + apiReviewRequest(ctx, *opts, false) } func apiReviewRequest(ctx *context.APIContext, opts api.PullReviewRequestOptions, isAdd bool) { diff --git a/routers/api/v1/repo/release.go b/routers/api/v1/repo/release.go index 358cc01143..08d92e6c0a 100644 --- a/routers/api/v1/repo/release.go +++ b/routers/api/v1/repo/release.go @@ -11,6 +11,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" releaseservice "code.gitea.io/gitea/services/release" ) @@ -124,7 +125,7 @@ func ListReleases(ctx *context.APIContext) { } // CreateRelease create a release -func CreateRelease(ctx *context.APIContext, form api.CreateReleaseOption) { +func CreateRelease(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/releases repository repoCreateRelease // --- // summary: Create a release @@ -154,7 +155,7 @@ func CreateRelease(ctx *context.APIContext, form api.CreateReleaseOption) { // "$ref": "#/responses/notFound" // "409": // "$ref": "#/responses/error" - + form := web.GetForm(ctx).(*api.CreateReleaseOption) rel, err := models.GetRelease(ctx.Repo.Repository.ID, form.TagName) if err != nil { if !models.IsErrReleaseNotExist(err) { @@ -210,7 +211,7 @@ func CreateRelease(ctx *context.APIContext, form api.CreateReleaseOption) { } // EditRelease edit a release -func EditRelease(ctx *context.APIContext, form api.EditReleaseOption) { +func EditRelease(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/releases/{id} repository repoEditRelease // --- // summary: Update a release @@ -245,6 +246,7 @@ func EditRelease(ctx *context.APIContext, form api.EditReleaseOption) { // "404": // "$ref": "#/responses/notFound" + form := web.GetForm(ctx).(*api.EditReleaseOption) id := ctx.ParamsInt64(":id") rel, err := models.GetReleaseByID(id) if err != nil && !models.IsErrReleaseNotExist(err) { diff --git a/routers/api/v1/repo/release_attachment.go b/routers/api/v1/repo/release_attachment.go index 51e1b160da..0a6425cddc 100644 --- a/routers/api/v1/repo/release_attachment.go +++ b/routers/api/v1/repo/release_attachment.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/upload" + "code.gitea.io/gitea/modules/web" ) // GetReleaseAttachment gets a single attachment of the release @@ -168,7 +169,7 @@ func CreateReleaseAttachment(ctx *context.APIContext) { } // Get uploaded file from request - file, header, err := ctx.GetFile("attachment") + file, header, err := ctx.Req.FormFile("attachment") if err != nil { ctx.Error(http.StatusInternalServerError, "GetFile", err) return @@ -208,7 +209,7 @@ func CreateReleaseAttachment(ctx *context.APIContext) { } // EditReleaseAttachment updates the given attachment -func EditReleaseAttachment(ctx *context.APIContext, form api.EditAttachmentOptions) { +func EditReleaseAttachment(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo}/releases/{id}/assets/{attachment_id} repository repoEditReleaseAttachment // --- // summary: Edit a release attachment @@ -247,6 +248,8 @@ func EditReleaseAttachment(ctx *context.APIContext, form api.EditAttachmentOptio // "201": // "$ref": "#/responses/Attachment" + form := web.GetForm(ctx).(*api.EditAttachmentOptions) + // Check if release exists an load release releaseID := ctx.ParamsInt64(":id") attachID := ctx.ParamsInt64(":asset") diff --git a/routers/api/v1/repo/repo.go b/routers/api/v1/repo/repo.go index 82d380a814..375f2418b9 100644 --- a/routers/api/v1/repo/repo.go +++ b/routers/api/v1/repo/repo.go @@ -20,6 +20,7 @@ import ( api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/modules/validation" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" repo_service "code.gitea.io/gitea/services/repository" ) @@ -277,7 +278,7 @@ func CreateUserRepo(ctx *context.APIContext, owner *models.User, opt api.CreateR } // Create one repository of mine -func Create(ctx *context.APIContext, opt api.CreateRepoOption) { +func Create(ctx *context.APIContext) { // swagger:operation POST /user/repos repository user createCurrentUserRepo // --- // summary: Create a repository @@ -297,17 +298,17 @@ func Create(ctx *context.APIContext, opt api.CreateRepoOption) { // description: The repository with the same name already exists. // "422": // "$ref": "#/responses/validationError" - + opt := web.GetForm(ctx).(*api.CreateRepoOption) if ctx.User.IsOrganization() { // Shouldn't reach this condition, but just in case. ctx.Error(http.StatusUnprocessableEntity, "", "not allowed creating repository for organization") return } - CreateUserRepo(ctx, ctx.User, opt) + CreateUserRepo(ctx, ctx.User, *opt) } // CreateOrgRepoDeprecated create one repository of the organization -func CreateOrgRepoDeprecated(ctx *context.APIContext, opt api.CreateRepoOption) { +func CreateOrgRepoDeprecated(ctx *context.APIContext) { // swagger:operation POST /org/{org}/repos organization createOrgRepoDeprecated // --- // summary: Create a repository in an organization @@ -334,11 +335,11 @@ func CreateOrgRepoDeprecated(ctx *context.APIContext, opt api.CreateRepoOption) // "403": // "$ref": "#/responses/forbidden" - CreateOrgRepo(ctx, opt) + CreateOrgRepo(ctx) } // CreateOrgRepo create one repository of the organization -func CreateOrgRepo(ctx *context.APIContext, opt api.CreateRepoOption) { +func CreateOrgRepo(ctx *context.APIContext) { // swagger:operation POST /orgs/{org}/repos organization createOrgRepo // --- // summary: Create a repository in an organization @@ -363,7 +364,7 @@ func CreateOrgRepo(ctx *context.APIContext, opt api.CreateRepoOption) { // "$ref": "#/responses/notFound" // "403": // "$ref": "#/responses/forbidden" - + opt := web.GetForm(ctx).(*api.CreateRepoOption) org, err := models.GetOrgByName(ctx.Params(":org")) if err != nil { if models.IsErrOrgNotExist(err) { @@ -389,7 +390,7 @@ func CreateOrgRepo(ctx *context.APIContext, opt api.CreateRepoOption) { return } } - CreateUserRepo(ctx, org, opt) + CreateUserRepo(ctx, org, *opt) } // Get one repository @@ -457,7 +458,7 @@ func GetByID(ctx *context.APIContext) { } // Edit edit repository properties -func Edit(ctx *context.APIContext, opts api.EditRepoOption) { +func Edit(ctx *context.APIContext) { // swagger:operation PATCH /repos/{owner}/{repo} repository repoEdit // --- // summary: Edit a repository's properties. Only fields that are set will be changed. @@ -488,6 +489,8 @@ func Edit(ctx *context.APIContext, opts api.EditRepoOption) { // "422": // "$ref": "#/responses/validationError" + opts := *web.GetForm(ctx).(*api.EditRepoOption) + if err := updateBasicProperties(ctx, opts); err != nil { return } diff --git a/routers/api/v1/repo/repo_test.go b/routers/api/v1/repo/repo_test.go index 053134ec61..a1bd3e85d7 100644 --- a/routers/api/v1/repo/repo_test.go +++ b/routers/api/v1/repo/repo_test.go @@ -12,6 +12,7 @@ import ( "code.gitea.io/gitea/modules/context" api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/test" + "code.gitea.io/gitea/modules/web" "github.com/stretchr/testify/assert" ) @@ -53,7 +54,9 @@ func TestRepoEdit(t *testing.T) { Archived: &archived, } - Edit(&context.APIContext{Context: ctx, Org: nil}, opts) + var apiCtx = &context.APIContext{Context: ctx, Org: nil} + web.SetForm(apiCtx, &opts) + Edit(apiCtx) assert.EqualValues(t, http.StatusOK, ctx.Resp.Status()) models.AssertExistsAndLoadBean(t, &models.Repository{ @@ -73,7 +76,9 @@ func TestRepoEditNameChange(t *testing.T) { Name: &name, } - Edit(&context.APIContext{Context: ctx, Org: nil}, opts) + var apiCtx = &context.APIContext{Context: ctx, Org: nil} + web.SetForm(apiCtx, &opts) + Edit(apiCtx) assert.EqualValues(t, http.StatusOK, ctx.Resp.Status()) models.AssertExistsAndLoadBean(t, &models.Repository{ diff --git a/routers/api/v1/repo/status.go b/routers/api/v1/repo/status.go index 9c0d902f76..7ab399b572 100644 --- a/routers/api/v1/repo/status.go +++ b/routers/api/v1/repo/status.go @@ -13,11 +13,12 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/repofiles" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) // NewCommitStatus creates a new CommitStatus -func NewCommitStatus(ctx *context.APIContext, form api.CreateStatusOption) { +func NewCommitStatus(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/statuses/{sha} repository repoCreateStatus // --- // summary: Create a commit status @@ -49,6 +50,7 @@ func NewCommitStatus(ctx *context.APIContext, form api.CreateStatusOption) { // "400": // "$ref": "#/responses/error" + form := web.GetForm(ctx).(*api.CreateStatusOption) sha := ctx.Params("sha") if len(sha) == 0 { ctx.Error(http.StatusBadRequest, "sha not given", nil) diff --git a/routers/api/v1/repo/topic.go b/routers/api/v1/repo/topic.go index 41fa37a2c1..c612c2942c 100644 --- a/routers/api/v1/repo/topic.go +++ b/routers/api/v1/repo/topic.go @@ -13,6 +13,7 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/log" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -66,7 +67,7 @@ func ListTopics(ctx *context.APIContext) { } // UpdateTopics updates repo with a new set of topics -func UpdateTopics(ctx *context.APIContext, form api.RepoTopicOptions) { +func UpdateTopics(ctx *context.APIContext) { // swagger:operation PUT /repos/{owner}/{repo}/topics repository repoUpdateTopics // --- // summary: Replace list of topics for a repository @@ -93,6 +94,7 @@ func UpdateTopics(ctx *context.APIContext, form api.RepoTopicOptions) { // "422": // "$ref": "#/responses/invalidTopicsError" + form := web.GetForm(ctx).(*api.RepoTopicOptions) topicNames := form.Topics validTopics, invalidTopics := models.SanitizeAndValidateTopics(topicNames) diff --git a/routers/api/v1/repo/transfer.go b/routers/api/v1/repo/transfer.go index a0999a6ce2..656ace032e 100644 --- a/routers/api/v1/repo/transfer.go +++ b/routers/api/v1/repo/transfer.go @@ -14,11 +14,12 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/structs" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" repo_service "code.gitea.io/gitea/services/repository" ) // Transfer transfers the ownership of a repository -func Transfer(ctx *context.APIContext, opts api.TransferRepoOption) { +func Transfer(ctx *context.APIContext) { // swagger:operation POST /repos/{owner}/{repo}/transfer repository repoTransfer // --- // summary: Transfer a repo ownership @@ -51,6 +52,8 @@ func Transfer(ctx *context.APIContext, opts api.TransferRepoOption) { // "422": // "$ref": "#/responses/validationError" + opts := web.GetForm(ctx).(*api.TransferRepoOption) + newOwner, err := models.GetUserByName(opts.NewOwner) if err != nil { if models.IsErrUserNotExist(err) { diff --git a/routers/api/v1/swagger/options.go b/routers/api/v1/swagger/options.go index a3bb9cc657..8919a969ec 100644 --- a/routers/api/v1/swagger/options.go +++ b/routers/api/v1/swagger/options.go @@ -5,7 +5,7 @@ package swagger import ( - "code.gitea.io/gitea/modules/auth" + auth "code.gitea.io/gitea/modules/forms" api "code.gitea.io/gitea/modules/structs" ) diff --git a/routers/api/v1/user/app.go b/routers/api/v1/user/app.go index 547730ea57..33b27d60e0 100644 --- a/routers/api/v1/user/app.go +++ b/routers/api/v1/user/app.go @@ -15,6 +15,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -61,7 +62,7 @@ func ListAccessTokens(ctx *context.APIContext) { } // CreateAccessToken create access tokens -func CreateAccessToken(ctx *context.APIContext, form api.CreateAccessTokenOption) { +func CreateAccessToken(ctx *context.APIContext) { // swagger:operation POST /users/{username}/tokens user userCreateToken // --- // summary: Create an access token @@ -88,6 +89,8 @@ func CreateAccessToken(ctx *context.APIContext, form api.CreateAccessTokenOption // "201": // "$ref": "#/responses/AccessToken" + form := web.GetForm(ctx).(*api.CreateAccessTokenOption) + t := &models.AccessToken{ UID: ctx.User.ID, Name: form.Name, @@ -181,7 +184,7 @@ func DeleteAccessToken(ctx *context.APIContext) { } // CreateOauth2Application is the handler to create a new OAuth2 Application for the authenticated user -func CreateOauth2Application(ctx *context.APIContext, data api.CreateOAuth2ApplicationOptions) { +func CreateOauth2Application(ctx *context.APIContext) { // swagger:operation POST /user/applications/oauth2 user userCreateOAuth2Application // --- // summary: creates a new OAuth2 application @@ -196,6 +199,9 @@ func CreateOauth2Application(ctx *context.APIContext, data api.CreateOAuth2Appli // responses: // "201": // "$ref": "#/responses/OAuth2Application" + + data := web.GetForm(ctx).(*api.CreateOAuth2ApplicationOptions) + app, err := models.CreateOAuth2Application(models.CreateOAuth2ApplicationOptions{ Name: data.Name, UserID: ctx.User.ID, @@ -309,7 +315,7 @@ func GetOauth2Application(ctx *context.APIContext) { } // UpdateOauth2Application update OAuth2 Application -func UpdateOauth2Application(ctx *context.APIContext, data api.CreateOAuth2ApplicationOptions) { +func UpdateOauth2Application(ctx *context.APIContext) { // swagger:operation PATCH /user/applications/oauth2/{id} user userUpdateOAuth2Application // --- // summary: update an OAuth2 Application, this includes regenerating the client secret @@ -332,6 +338,8 @@ func UpdateOauth2Application(ctx *context.APIContext, data api.CreateOAuth2Appli // "$ref": "#/responses/OAuth2Application" appID := ctx.ParamsInt64(":id") + data := web.GetForm(ctx).(*api.CreateOAuth2ApplicationOptions) + app, err := models.UpdateOAuth2Application(models.UpdateOAuth2ApplicationOptions{ Name: data.Name, UserID: ctx.User.ID, diff --git a/routers/api/v1/user/email.go b/routers/api/v1/user/email.go index d848f5e58d..bc8b2fa87b 100644 --- a/routers/api/v1/user/email.go +++ b/routers/api/v1/user/email.go @@ -13,6 +13,7 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" ) // ListEmails list all of the authenticated user's email addresses @@ -40,7 +41,7 @@ func ListEmails(ctx *context.APIContext) { } // AddEmail add an email address -func AddEmail(ctx *context.APIContext, form api.CreateEmailOption) { +func AddEmail(ctx *context.APIContext) { // swagger:operation POST /user/emails user userAddEmail // --- // summary: Add email addresses @@ -61,7 +62,7 @@ func AddEmail(ctx *context.APIContext, form api.CreateEmailOption) { // "$ref": "#/responses/EmailList" // "422": // "$ref": "#/responses/validationError" - + form := web.GetForm(ctx).(*api.CreateEmailOption) if len(form.Emails) == 0 { ctx.Error(http.StatusUnprocessableEntity, "", "Email list empty") return @@ -96,7 +97,7 @@ func AddEmail(ctx *context.APIContext, form api.CreateEmailOption) { } // DeleteEmail delete email -func DeleteEmail(ctx *context.APIContext, form api.DeleteEmailOption) { +func DeleteEmail(ctx *context.APIContext) { // swagger:operation DELETE /user/emails user userDeleteEmail // --- // summary: Delete email addresses @@ -110,7 +111,7 @@ func DeleteEmail(ctx *context.APIContext, form api.DeleteEmailOption) { // responses: // "204": // "$ref": "#/responses/empty" - + form := web.GetForm(ctx).(*api.DeleteEmailOption) if len(form.Emails) == 0 { ctx.Status(http.StatusNoContent) return diff --git a/routers/api/v1/user/gpg_key.go b/routers/api/v1/user/gpg_key.go index 7290ef485a..51bcaeacc6 100644 --- a/routers/api/v1/user/gpg_key.go +++ b/routers/api/v1/user/gpg_key.go @@ -11,6 +11,7 @@ import ( "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -133,7 +134,7 @@ type swaggerUserCurrentPostGPGKey struct { } //CreateGPGKey create a GPG key belonging to the authenticated user -func CreateGPGKey(ctx *context.APIContext, form api.CreateGPGKeyOption) { +func CreateGPGKey(ctx *context.APIContext) { // swagger:operation POST /user/gpg_keys user userCurrentPostGPGKey // --- // summary: Create a GPG key @@ -149,7 +150,8 @@ func CreateGPGKey(ctx *context.APIContext, form api.CreateGPGKeyOption) { // "422": // "$ref": "#/responses/validationError" - CreateUserGPGKey(ctx, form, ctx.User.ID) + form := web.GetForm(ctx).(*api.CreateGPGKeyOption) + CreateUserGPGKey(ctx, *form, ctx.User.ID) } //DeleteGPGKey remove a GPG key belonging to the authenticated user diff --git a/routers/api/v1/user/key.go b/routers/api/v1/user/key.go index fa16df1836..df8a11c61f 100644 --- a/routers/api/v1/user/key.go +++ b/routers/api/v1/user/key.go @@ -12,6 +12,7 @@ import ( "code.gitea.io/gitea/modules/convert" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/api/v1/repo" "code.gitea.io/gitea/routers/api/v1/utils" ) @@ -204,7 +205,7 @@ func CreateUserPublicKey(ctx *context.APIContext, form api.CreateKeyOption, uid } // CreatePublicKey create one public key for me -func CreatePublicKey(ctx *context.APIContext, form api.CreateKeyOption) { +func CreatePublicKey(ctx *context.APIContext) { // swagger:operation POST /user/keys user userCurrentPostKey // --- // summary: Create a public key @@ -223,7 +224,8 @@ func CreatePublicKey(ctx *context.APIContext, form api.CreateKeyOption) { // "422": // "$ref": "#/responses/validationError" - CreateUserPublicKey(ctx, form, ctx.User.ID) + form := web.GetForm(ctx).(*api.CreateKeyOption) + CreateUserPublicKey(ctx, *form, ctx.User.ID) } // DeletePublicKey delete one public key diff --git a/routers/init.go b/routers/init.go index 79e2f9130a..9d13bc9ed5 100644 --- a/routers/init.go +++ b/routers/init.go @@ -37,22 +37,16 @@ import ( pull_service "code.gitea.io/gitea/services/pull" "code.gitea.io/gitea/services/repository" "code.gitea.io/gitea/services/webhook" - - "gitea.com/macaron/macaron" ) func checkRunMode() { switch setting.RunMode { - case "dev": - git.Debug = true - case "test": + case "dev", "test": git.Debug = true default: - macaron.Env = macaron.PROD - macaron.ColorLog = false git.Debug = false } - log.Info("Run Mode: %s", strings.Title(macaron.Env)) + log.Info("Run Mode: %s", strings.Title(setting.RunMode)) } // NewServices init new services diff --git a/routers/install.go b/routers/install.go index 50e929b6f3..5dcd1d48a3 100644 --- a/routers/install.go +++ b/routers/install.go @@ -11,18 +11,23 @@ import ( "os/exec" "path/filepath" "strings" + "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/generate" "code.gitea.io/gitea/modules/graceful" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/templates" "code.gitea.io/gitea/modules/user" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" + "gitea.com/go-chi/session" "gopkg.in/ini.v1" ) @@ -33,17 +38,39 @@ const ( ) // InstallInit prepare for rendering installation page -func InstallInit(ctx *context.Context) { - if setting.InstallLock { - ctx.Header().Add("Refresh", "1; url="+setting.AppURL+"user/login") - ctx.HTML(200, tplPostInstall) - return - } +func InstallInit(next http.Handler) http.Handler { + var rnd = templates.HTMLRenderer() - ctx.Data["Title"] = ctx.Tr("install.install") - ctx.Data["PageIsInstall"] = true - - ctx.Data["DbOptions"] = setting.SupportedDatabases + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + if setting.InstallLock { + resp.Header().Add("Refresh", "1; url="+setting.AppURL+"user/login") + _ = rnd.HTML(resp, 200, string(tplPostInstall), nil) + return + } + var locale = middlewares.Locale(resp, req) + var startTime = time.Now() + var ctx = context.Context{ + Resp: context.NewResponse(resp), + Flash: &middlewares.Flash{}, + Locale: locale, + Render: rnd, + Session: session.GetSession(req), + Data: map[string]interface{}{ + "Title": locale.Tr("install.install"), + "PageIsInstall": true, + "DbOptions": setting.SupportedDatabases, + "i18n": locale, + "Language": locale.Language(), + "CurrentURL": setting.AppSubURL + req.URL.RequestURI(), + "PageStartTime": startTime, + "TmplLoadTimes": func() string { + return time.Since(startTime).String() + }, + }, + } + ctx.Req = context.WithContext(req, &ctx) + next.ServeHTTP(resp, ctx.Req) + }) } // Install render installation page @@ -116,12 +143,13 @@ func Install(ctx *context.Context) { form.DefaultEnableTimetracking = setting.Service.DefaultEnableTimetracking form.NoReplyAddress = setting.Service.NoReplyAddress - auth.AssignForm(form, ctx.Data) + middlewares.AssignForm(form, ctx.Data) ctx.HTML(200, tplInstall) } // InstallPost response for submit install items -func InstallPost(ctx *context.Context, form auth.InstallForm) { +func InstallPost(ctx *context.Context) { + form := *web.GetForm(ctx).(*auth.InstallForm) var err error ctx.Data["CurDbOption"] = form.DbType diff --git a/routers/org/org.go b/routers/org/org.go index 85bc25217b..98a327a97e 100644 --- a/routers/org/org.go +++ b/routers/org/org.go @@ -9,11 +9,12 @@ import ( "errors" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" ) const ( @@ -33,7 +34,8 @@ func Create(ctx *context.Context) { } // CreatePost response for create organization -func CreatePost(ctx *context.Context, form auth.CreateOrgForm) { +func CreatePost(ctx *context.Context) { + form := *web.GetForm(ctx).(*auth.CreateOrgForm) ctx.Data["Title"] = ctx.Tr("new_org") if !ctx.User.CanCreateOrganization() { diff --git a/routers/org/org_labels.go b/routers/org/org_labels.go index e5b9d9ddee..554f86c964 100644 --- a/routers/org/org_labels.go +++ b/routers/org/org_labels.go @@ -6,8 +6,9 @@ package org import ( "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" + "code.gitea.io/gitea/modules/web" ) // RetrieveLabels find all the labels of an organization @@ -26,7 +27,8 @@ func RetrieveLabels(ctx *context.Context) { } // NewLabel create new label for organization -func NewLabel(ctx *context.Context, form auth.CreateLabelForm) { +func NewLabel(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateLabelForm) ctx.Data["Title"] = ctx.Tr("repo.labels") ctx.Data["PageIsLabels"] = true @@ -50,7 +52,8 @@ func NewLabel(ctx *context.Context, form auth.CreateLabelForm) { } // UpdateLabel update a label's name and color -func UpdateLabel(ctx *context.Context, form auth.CreateLabelForm) { +func UpdateLabel(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateLabelForm) l, err := models.GetLabelInOrgByID(ctx.Org.Organization.ID, form.ID) if err != nil { switch { @@ -86,7 +89,8 @@ func DeleteLabel(ctx *context.Context) { } // InitializeLabels init labels for an organization -func InitializeLabels(ctx *context.Context, form auth.InitializeLabelsForm) { +func InitializeLabels(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.InitializeLabelsForm) if ctx.HasError() { ctx.Redirect(ctx.Repo.RepoLink + "/labels") return diff --git a/routers/org/setting.go b/routers/org/setting.go index 05075ca820..ac12066258 100644 --- a/routers/org/setting.go +++ b/routers/org/setting.go @@ -9,11 +9,12 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" userSetting "code.gitea.io/gitea/routers/user/setting" ) @@ -38,7 +39,8 @@ func Settings(ctx *context.Context) { } // SettingsPost response for settings change submited -func SettingsPost(ctx *context.Context, form auth.UpdateOrgSettingForm) { +func SettingsPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.UpdateOrgSettingForm) ctx.Data["Title"] = ctx.Tr("org.settings") ctx.Data["PageIsSettingsOptions"] = true ctx.Data["CurrentVisibility"] = ctx.Org.Organization.Visibility @@ -115,7 +117,8 @@ func SettingsPost(ctx *context.Context, form auth.UpdateOrgSettingForm) { } // SettingsAvatar response for change avatar on settings page -func SettingsAvatar(ctx *context.Context, form auth.AvatarForm) { +func SettingsAvatar(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AvatarForm) form.Source = auth.AvatarLocal if err := userSetting.UpdateAvatarSetting(ctx, form, ctx.Org.Organization); err != nil { ctx.Flash.Error(err.Error()) diff --git a/routers/org/teams.go b/routers/org/teams.go index fa98add601..cfa49d4e97 100644 --- a/routers/org/teams.go +++ b/routers/org/teams.go @@ -11,10 +11,11 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/utils" ) @@ -186,7 +187,8 @@ func NewTeam(ctx *context.Context) { } // NewTeamPost response for create new team -func NewTeamPost(ctx *context.Context, form auth.CreateTeamForm) { +func NewTeamPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateTeamForm) ctx.Data["Title"] = ctx.Org.Organization.FullName ctx.Data["PageIsOrgTeams"] = true ctx.Data["PageIsOrgTeamsNew"] = true @@ -274,7 +276,8 @@ func EditTeam(ctx *context.Context) { } // EditTeamPost response for modify team information -func EditTeamPost(ctx *context.Context, form auth.CreateTeamForm) { +func EditTeamPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateTeamForm) t := ctx.Org.Team ctx.Data["Title"] = ctx.Org.Organization.FullName ctx.Data["PageIsOrgTeams"] = true diff --git a/routers/private/hook.go b/routers/private/hook.go index 34e849f6f7..853d3069ec 100644 --- a/routers/private/hook.go +++ b/routers/private/hook.go @@ -15,16 +15,16 @@ import ( "strings" "code.gitea.io/gitea/models" + gitea_context "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" repo_module "code.gitea.io/gitea/modules/repository" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" pull_service "code.gitea.io/gitea/services/pull" repo_service "code.gitea.io/gitea/services/repository" - - "gitea.com/macaron/macaron" ) func verifyCommits(oldCommitID, newCommitID string, repo *git.Repository, env []string) error { @@ -117,7 +117,8 @@ func isErrUnverifiedCommit(err error) bool { } // HookPreReceive checks whether a individual commit is acceptable -func HookPreReceive(ctx *macaron.Context, opts private.HookOptions) { +func HookPreReceive(ctx *gitea_context.PrivateContext) { + opts := web.GetForm(ctx).(*private.HookOptions) ownerName := ctx.Params(":owner") repoName := ctx.Params(":repo") repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName) @@ -370,7 +371,8 @@ func HookPreReceive(ctx *macaron.Context, opts private.HookOptions) { } // HookPostReceive updates services and users -func HookPostReceive(ctx *macaron.Context, opts private.HookOptions) { +func HookPostReceive(ctx *gitea_context.PrivateContext) { + opts := web.GetForm(ctx).(*private.HookOptions) ownerName := ctx.Params(":owner") repoName := ctx.Params(":repo") @@ -540,7 +542,7 @@ func HookPostReceive(ctx *macaron.Context, opts private.HookOptions) { } // SetDefaultBranch updates the default branch -func SetDefaultBranch(ctx *macaron.Context) { +func SetDefaultBranch(ctx *gitea_context.PrivateContext) { ownerName := ctx.Params(":owner") repoName := ctx.Params(":repo") branch := ctx.Params(":branch") diff --git a/routers/private/internal.go b/routers/private/internal.go index 4fb267a49a..e541591a38 100644 --- a/routers/private/internal.go +++ b/routers/private/internal.go @@ -6,47 +6,69 @@ package private import ( + "net/http" + "reflect" "strings" + "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" - "gitea.com/macaron/binding" - "gitea.com/macaron/macaron" + "gitea.com/go-chi/binding" ) // CheckInternalToken check internal token is set -func CheckInternalToken(ctx *macaron.Context) { - tokens := ctx.Req.Header.Get("Authorization") - fields := strings.Fields(tokens) - if len(fields) != 2 || fields[0] != "Bearer" || fields[1] != setting.InternalToken { - log.Debug("Forbidden attempt to access internal url: Authorization header: %s", tokens) - ctx.Error(403) +func CheckInternalToken(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + tokens := req.Header.Get("Authorization") + fields := strings.Fields(tokens) + if len(fields) != 2 || fields[0] != "Bearer" || fields[1] != setting.InternalToken { + log.Debug("Forbidden attempt to access internal url: Authorization header: %s", tokens) + http.Error(w, http.StatusText(http.StatusForbidden), http.StatusForbidden) + } else { + next.ServeHTTP(w, req) + } + }) +} + +// bind binding an obj to a handler +func bind(obj interface{}) http.HandlerFunc { + var tp = reflect.TypeOf(obj) + for tp.Kind() == reflect.Ptr { + tp = tp.Elem() } + return web.Wrap(func(ctx *context.PrivateContext) { + var theObj = reflect.New(tp).Interface() // create a new form obj for every request but not use obj directly + binding.Bind(ctx.Req, theObj) + web.SetForm(ctx, theObj) + }) } -// RegisterRoutes registers all internal APIs routes to web application. +// Routes registers all internal APIs routes to web application. // These APIs will be invoked by internal commands for example `gitea serv` and etc. -func RegisterRoutes(m *macaron.Macaron) { - bind := binding.Bind +func Routes() *web.Route { + var r = web.NewRoute() + r.Use(context.PrivateContexter()) + r.Use(CheckInternalToken) - m.Group("/", func() { - m.Post("/ssh/authorized_keys", AuthorizedPublicKeyByContent) - m.Post("/ssh/:id/update/:repoid", UpdatePublicKeyInRepo) - m.Post("/hook/pre-receive/:owner/:repo", bind(private.HookOptions{}), HookPreReceive) - m.Post("/hook/post-receive/:owner/:repo", bind(private.HookOptions{}), HookPostReceive) - m.Post("/hook/set-default-branch/:owner/:repo/:branch", SetDefaultBranch) - m.Get("/serv/none/:keyid", ServNoCommand) - m.Get("/serv/command/:keyid/:owner/:repo", ServCommand) - m.Post("/manager/shutdown", Shutdown) - m.Post("/manager/restart", Restart) - m.Post("/manager/flush-queues", bind(private.FlushOptions{}), FlushQueues) - m.Post("/manager/pause-logging", PauseLogging) - m.Post("/manager/resume-logging", ResumeLogging) - m.Post("/manager/release-and-reopen-logging", ReleaseReopenLogging) - m.Post("/manager/add-logger", bind(private.LoggerOptions{}), AddLogger) - m.Post("/manager/remove-logger/:group/:name", RemoveLogger) - m.Post("/mail/send", SendEmail) - }, CheckInternalToken) + r.Post("/ssh/authorized_keys", AuthorizedPublicKeyByContent) + r.Post("/ssh/{id}/update/{repoid}", UpdatePublicKeyInRepo) + r.Post("/hook/pre-receive/{owner}/{repo}", bind(private.HookOptions{}), HookPreReceive) + r.Post("/hook/post-receive/{owner}/{repo}", bind(private.HookOptions{}), HookPostReceive) + r.Post("/hook/set-default-branch/{owner}/{repo}/{branch}", SetDefaultBranch) + r.Get("/serv/none/{keyid}", ServNoCommand) + r.Get("/serv/command/{keyid}/{owner}/{repo}", ServCommand) + r.Post("/manager/shutdown", Shutdown) + r.Post("/manager/restart", Restart) + r.Post("/manager/flush-queues", bind(private.FlushOptions{}), FlushQueues) + r.Post("/manager/pause-logging", PauseLogging) + r.Post("/manager/resume-logging", ResumeLogging) + r.Post("/manager/release-and-reopen-logging", ReleaseReopenLogging) + r.Post("/manager/add-logger", bind(private.LoggerOptions{}), AddLogger) + r.Post("/manager/remove-logger/{group}/{name}", RemoveLogger) + r.Post("/mail/send", SendEmail) + + return r } diff --git a/routers/private/key.go b/routers/private/key.go index c00330fe88..b90faa22a4 100644 --- a/routers/private/key.go +++ b/routers/private/key.go @@ -9,13 +9,12 @@ import ( "net/http" "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/timeutil" - - "gitea.com/macaron/macaron" ) // UpdatePublicKeyInRepo update public key and deploy key updates -func UpdatePublicKeyInRepo(ctx *macaron.Context) { +func UpdatePublicKeyInRepo(ctx *context.PrivateContext) { keyID := ctx.ParamsInt64(":id") repoID := ctx.ParamsInt64(":repoid") if err := models.UpdatePublicKeyUpdated(keyID); err != nil { @@ -49,7 +48,7 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) { // AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part) // and returns public key found. -func AuthorizedPublicKeyByContent(ctx *macaron.Context) { +func AuthorizedPublicKeyByContent(ctx *context.PrivateContext) { content := ctx.Query("content") publicKey, err := models.SearchPublicKeyByContent(content) diff --git a/routers/private/mail.go b/routers/private/mail.go index b3b21d042f..330de14c46 100644 --- a/routers/private/mail.go +++ b/routers/private/mail.go @@ -11,17 +11,17 @@ import ( "strconv" "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/services/mailer" - "gitea.com/macaron/macaron" ) // SendEmail pushes messages to mail queue // // It doesn't wait before each message will be processed -func SendEmail(ctx *macaron.Context) { +func SendEmail(ctx *context.PrivateContext) { if setting.MailService == nil { ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ "err": "Mail service is not enabled.", @@ -30,7 +30,7 @@ func SendEmail(ctx *macaron.Context) { } var mail private.Email - rd := ctx.Req.Body().ReadCloser() + rd := ctx.Req.Body defer rd.Close() if err := json.NewDecoder(rd).Decode(&mail); err != nil { log.Error("%v", err) @@ -77,7 +77,7 @@ func SendEmail(ctx *macaron.Context) { sendEmail(ctx, mail.Subject, mail.Message, emails) } -func sendEmail(ctx *macaron.Context, subject, message string, to []string) { +func sendEmail(ctx *context.PrivateContext, subject, message string, to []string) { for _, email := range to { msg := mailer.NewMessage([]string{email}, subject, message) mailer.SendAsync(msg) diff --git a/routers/private/manager.go b/routers/private/manager.go index 67bd92003f..e5b4583fd1 100644 --- a/routers/private/manager.go +++ b/routers/private/manager.go @@ -9,17 +9,18 @@ import ( "fmt" "net/http" + "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/graceful" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" "code.gitea.io/gitea/modules/queue" "code.gitea.io/gitea/modules/setting" - - "gitea.com/macaron/macaron" + "code.gitea.io/gitea/modules/web" ) // FlushQueues flushes all the Queues -func FlushQueues(ctx *macaron.Context, opts private.FlushOptions) { +func FlushQueues(ctx *context.PrivateContext) { + opts := web.GetForm(ctx).(*private.FlushOptions) if opts.NonBlocking { // Save the hammer ctx here - as a new one is created each time you call this. baseCtx := graceful.GetManager().HammerContext() @@ -34,7 +35,7 @@ func FlushQueues(ctx *macaron.Context, opts private.FlushOptions) { }) return } - err := queue.GetManager().FlushAll(ctx.Req.Request.Context(), opts.Timeout) + err := queue.GetManager().FlushAll(ctx.Req.Context(), opts.Timeout) if err != nil { ctx.JSON(http.StatusRequestTimeout, map[string]interface{}{ "err": fmt.Sprintf("%v", err), @@ -44,19 +45,19 @@ func FlushQueues(ctx *macaron.Context, opts private.FlushOptions) { } // PauseLogging pauses logging -func PauseLogging(ctx *macaron.Context) { +func PauseLogging(ctx *context.PrivateContext) { log.Pause() ctx.PlainText(http.StatusOK, []byte("success")) } // ResumeLogging resumes logging -func ResumeLogging(ctx *macaron.Context) { +func ResumeLogging(ctx *context.PrivateContext) { log.Resume() ctx.PlainText(http.StatusOK, []byte("success")) } // ReleaseReopenLogging releases and reopens logging files -func ReleaseReopenLogging(ctx *macaron.Context) { +func ReleaseReopenLogging(ctx *context.PrivateContext) { if err := log.ReleaseReopen(); err != nil { ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ "err": fmt.Sprintf("Error during release and reopen: %v", err), @@ -67,7 +68,7 @@ func ReleaseReopenLogging(ctx *macaron.Context) { } // RemoveLogger removes a logger -func RemoveLogger(ctx *macaron.Context) { +func RemoveLogger(ctx *context.PrivateContext) { group := ctx.Params("group") name := ctx.Params("name") ok, err := log.GetLogger(group).DelLogger(name) @@ -84,7 +85,8 @@ func RemoveLogger(ctx *macaron.Context) { } // AddLogger adds a logger -func AddLogger(ctx *macaron.Context, opts private.LoggerOptions) { +func AddLogger(ctx *context.PrivateContext) { + opts := web.GetForm(ctx).(*private.LoggerOptions) if len(opts.Group) == 0 { opts.Group = log.DEFAULT } diff --git a/routers/private/manager_unix.go b/routers/private/manager_unix.go index ec5e976059..60ae9b68e8 100644 --- a/routers/private/manager_unix.go +++ b/routers/private/manager_unix.go @@ -9,20 +9,19 @@ package private import ( "net/http" + "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/graceful" - - "gitea.com/macaron/macaron" ) // Restart causes the server to perform a graceful restart -func Restart(ctx *macaron.Context) { +func Restart(ctx *context.PrivateContext) { graceful.GetManager().DoGracefulRestart() ctx.PlainText(http.StatusOK, []byte("success")) } // Shutdown causes the server to perform a graceful shutdown -func Shutdown(ctx *macaron.Context) { +func Shutdown(ctx *context.PrivateContext) { graceful.GetManager().DoGracefulShutdown() ctx.PlainText(http.StatusOK, []byte("success")) } diff --git a/routers/private/manager_windows.go b/routers/private/manager_windows.go index ac840a9d81..244dbbe4df 100644 --- a/routers/private/manager_windows.go +++ b/routers/private/manager_windows.go @@ -9,20 +9,19 @@ package private import ( "net/http" + "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/graceful" - - "gitea.com/macaron/macaron" ) // Restart is not implemented for Windows based servers as they can't fork -func Restart(ctx *macaron.Context) { +func Restart(ctx *context.PrivateContext) { ctx.JSON(http.StatusNotImplemented, map[string]interface{}{ "err": "windows servers cannot be gracefully restarted - shutdown and restart manually", }) } // Shutdown causes the server to perform a graceful shutdown -func Shutdown(ctx *macaron.Context) { +func Shutdown(ctx *context.PrivateContext) { graceful.GetManager().DoGracefulShutdown() ctx.PlainText(http.StatusOK, []byte("success")) } diff --git a/routers/private/serv.go b/routers/private/serv.go index 90e1d30b01..1461194e7f 100644 --- a/routers/private/serv.go +++ b/routers/private/serv.go @@ -11,17 +11,16 @@ import ( "strings" "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/private" "code.gitea.io/gitea/modules/setting" repo_service "code.gitea.io/gitea/services/repository" wiki_service "code.gitea.io/gitea/services/wiki" - - "gitea.com/macaron/macaron" ) // ServNoCommand returns information about the provided keyid -func ServNoCommand(ctx *macaron.Context) { +func ServNoCommand(ctx *context.PrivateContext) { keyID := ctx.ParamsInt64(":keyid") if keyID <= 0 { ctx.JSON(http.StatusBadRequest, map[string]interface{}{ @@ -73,7 +72,7 @@ func ServNoCommand(ctx *macaron.Context) { } // ServCommand returns information about the provided keyid -func ServCommand(ctx *macaron.Context) { +func ServCommand(ctx *context.PrivateContext) { keyID := ctx.ParamsInt64(":keyid") ownerName := ctx.Params(":owner") repoName := ctx.Params(":repo") diff --git a/routers/repo/branch.go b/routers/repo/branch.go index bf9f2e6a36..7d844abe5a 100644 --- a/routers/repo/branch.go +++ b/routers/repo/branch.go @@ -10,14 +10,15 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/repofiles" repo_module "code.gitea.io/gitea/modules/repository" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/utils" repo_service "code.gitea.io/gitea/services/repository" ) @@ -367,7 +368,8 @@ func getDeletedBranches(ctx *context.Context) ([]*Branch, error) { } // CreateBranch creates new branch in repository -func CreateBranch(ctx *context.Context, form auth.NewBranchForm) { +func CreateBranch(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewBranchForm) if !ctx.Repo.CanCreateBranch() { ctx.NotFound("CreateBranch", nil) return diff --git a/routers/repo/editor.go b/routers/repo/editor.go index 0bc76504f9..619912fef7 100644 --- a/routers/repo/editor.go +++ b/routers/repo/editor.go @@ -12,10 +12,10 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/charset" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/repofiles" @@ -23,6 +23,7 @@ import ( "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/upload" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/utils" ) @@ -325,17 +326,20 @@ func editFilePost(ctx *context.Context, form auth.EditRepoFileForm, isNewFile bo } // EditFilePost response for editing file -func EditFilePost(ctx *context.Context, form auth.EditRepoFileForm) { - editFilePost(ctx, form, false) +func EditFilePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.EditRepoFileForm) + editFilePost(ctx, *form, false) } // NewFilePost response for creating file -func NewFilePost(ctx *context.Context, form auth.EditRepoFileForm) { - editFilePost(ctx, form, true) +func NewFilePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.EditRepoFileForm) + editFilePost(ctx, *form, true) } // DiffPreviewPost render preview diff page -func DiffPreviewPost(ctx *context.Context, form auth.EditPreviewDiffForm) { +func DiffPreviewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.EditPreviewDiffForm) treePath := cleanUploadFileName(ctx.Repo.TreePath) if len(treePath) == 0 { ctx.Error(500, "file name to diff is invalid") @@ -394,7 +398,8 @@ func DeleteFile(ctx *context.Context) { } // DeleteFilePost response for deleting file -func DeleteFilePost(ctx *context.Context, form auth.DeleteRepoFileForm) { +func DeleteFilePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.DeleteRepoFileForm) canCommit := renderCommitRights(ctx) branchName := ctx.Repo.BranchName if form.CommitChoice == frmCommitChoiceNewBranch { @@ -556,7 +561,8 @@ func UploadFile(ctx *context.Context) { } // UploadFilePost response for uploading file -func UploadFilePost(ctx *context.Context, form auth.UploadRepoFileForm) { +func UploadFilePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.UploadRepoFileForm) ctx.Data["PageIsUpload"] = true ctx.Data["RequireTribute"] = true ctx.Data["RequireSimpleMDE"] = true @@ -760,7 +766,8 @@ func UploadFileToServer(ctx *context.Context) { } // RemoveUploadFileFromServer remove file from server file dir -func RemoveUploadFileFromServer(ctx *context.Context, form auth.RemoveUploadFileForm) { +func RemoveUploadFileFromServer(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.RemoveUploadFileForm) if len(form.File) == 0 { ctx.Status(204) return diff --git a/routers/repo/http.go b/routers/repo/http.go index 3de45698e8..0377979e8b 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -35,8 +35,17 @@ import ( repo_service "code.gitea.io/gitea/services/repository" ) -// HTTP implmentation git smart HTTP protocol -func HTTP(ctx *context.Context) { +// httpBase implmentation git smart HTTP protocol +func httpBase(ctx *context.Context) (h *serviceHandler) { + if setting.Repository.DisableHTTPGit { + ctx.Resp.WriteHeader(http.StatusForbidden) + _, err := ctx.Resp.Write([]byte("Interacting with repositories by HTTP protocol is not allowed")) + if err != nil { + log.Error(err.Error()) + } + return + } + if len(setting.Repository.AccessControlAllowOrigin) > 0 { allowedOrigin := setting.Repository.AccessControlAllowOrigin // Set CORS headers for browser-based git clients @@ -344,7 +353,7 @@ func HTTP(ctx *context.Context) { environ = append(environ, models.EnvRepoID+fmt.Sprintf("=%d", repo.ID)) w := ctx.Resp - r := ctx.Req.Request + r := ctx.Req cfg := &serviceConfig{ UploadPack: true, ReceivePack: true, @@ -353,47 +362,9 @@ func HTTP(ctx *context.Context) { r.URL.Path = strings.ToLower(r.URL.Path) // blue: In case some repo name has upper case name - for _, route := range routes { - if m := route.reg.FindStringSubmatch(r.URL.Path); m != nil { - if setting.Repository.DisableHTTPGit { - w.WriteHeader(http.StatusForbidden) - _, err := w.Write([]byte("Interacting with repositories by HTTP protocol is not allowed")) - if err != nil { - log.Error(err.Error()) - } - return - } - if route.method != r.Method { - if r.Proto == "HTTP/1.1" { - w.WriteHeader(http.StatusMethodNotAllowed) - _, err := w.Write([]byte("Method Not Allowed")) - if err != nil { - log.Error(err.Error()) - } - } else { - w.WriteHeader(http.StatusBadRequest) - _, err := w.Write([]byte("Bad Request")) - if err != nil { - log.Error(err.Error()) - } - } - return - } + dir := models.RepoPath(username, reponame) - file := strings.Replace(r.URL.Path, m[1]+"/", "", 1) - dir, err := getGitRepoPath(m[1]) - if err != nil { - log.Error(err.Error()) - ctx.NotFound("Smart Git HTTP", err) - return - } - - route.handler(serviceHandler{cfg, w, r, dir, file, cfg.Env}) - return - } - } - - ctx.NotFound("Smart Git HTTP", nil) + return &serviceHandler{cfg, w, r, dir, cfg.Env} } var ( @@ -449,7 +420,6 @@ type serviceHandler struct { w http.ResponseWriter r *http.Request dir string - file string environ []string } @@ -467,8 +437,8 @@ func (h *serviceHandler) setHeaderCacheForever() { h.w.Header().Set("Cache-Control", "public, max-age=31536000") } -func (h *serviceHandler) sendFile(contentType string) { - reqFile := path.Join(h.dir, h.file) +func (h *serviceHandler) sendFile(contentType, file string) { + reqFile := path.Join(h.dir, file) fi, err := os.Stat(reqFile) if os.IsNotExist(err) { @@ -482,26 +452,6 @@ func (h *serviceHandler) sendFile(contentType string) { http.ServeFile(h.w, h.r, reqFile) } -type route struct { - reg *regexp.Regexp - method string - handler func(serviceHandler) -} - -var routes = []route{ - {regexp.MustCompile(`(.*?)/git-upload-pack$`), "POST", serviceUploadPack}, - {regexp.MustCompile(`(.*?)/git-receive-pack$`), "POST", serviceReceivePack}, - {regexp.MustCompile(`(.*?)/info/refs$`), "GET", getInfoRefs}, - {regexp.MustCompile(`(.*?)/HEAD$`), "GET", getTextFile}, - {regexp.MustCompile(`(.*?)/objects/info/alternates$`), "GET", getTextFile}, - {regexp.MustCompile(`(.*?)/objects/info/http-alternates$`), "GET", getTextFile}, - {regexp.MustCompile(`(.*?)/objects/info/packs$`), "GET", getInfoPacks}, - {regexp.MustCompile(`(.*?)/objects/info/[^/]*$`), "GET", getTextFile}, - {regexp.MustCompile(`(.*?)/objects/[0-9a-f]{2}/[0-9a-f]{38}$`), "GET", getLooseObject}, - {regexp.MustCompile(`(.*?)/objects/pack/pack-[0-9a-f]{40}\.pack$`), "GET", getPackFile}, - {regexp.MustCompile(`(.*?)/objects/pack/pack-[0-9a-f]{40}\.idx$`), "GET", getIdxFile}, -} - // one or more key=value pairs separated by colons var safeGitProtocolHeader = regexp.MustCompile(`^[0-9a-zA-Z]+=[0-9a-zA-Z]+(:[0-9a-zA-Z]+=[0-9a-zA-Z]+)*$`) @@ -598,12 +548,20 @@ func serviceRPC(h serviceHandler, service string) { } } -func serviceUploadPack(h serviceHandler) { - serviceRPC(h, "upload-pack") +// ServiceUploadPack implements Git Smart HTTP protocol +func ServiceUploadPack(ctx *context.Context) { + h := httpBase(ctx) + if h != nil { + serviceRPC(*h, "upload-pack") + } } -func serviceReceivePack(h serviceHandler) { - serviceRPC(h, "receive-pack") +// ServiceReceivePack implements Git Smart HTTP protocol +func ServiceReceivePack(ctx *context.Context) { + h := httpBase(ctx) + if h != nil { + serviceRPC(*h, "receive-pack") + } } func getServiceType(r *http.Request) string { @@ -630,9 +588,14 @@ func packetWrite(str string) []byte { return []byte(s + str) } -func getInfoRefs(h serviceHandler) { +// GetInfoRefs implements Git dumb HTTP +func GetInfoRefs(ctx *context.Context) { + h := httpBase(ctx) + if h == nil { + return + } h.setHeaderNoCache() - if hasAccess(getServiceType(h.r), h, false) { + if hasAccess(getServiceType(h.r), *h, false) { service := getServiceType(h.r) if protocol := h.r.Header.Get("Git-Protocol"); protocol != "" && safeGitProtocolHeader.MatchString(protocol) { @@ -652,44 +615,59 @@ func getInfoRefs(h serviceHandler) { _, _ = h.w.Write(refs) } else { updateServerInfo(h.dir) - h.sendFile("text/plain; charset=utf-8") + h.sendFile("text/plain; charset=utf-8", "info/refs") } } -func getTextFile(h serviceHandler) { - h.setHeaderNoCache() - h.sendFile("text/plain") -} - -func getInfoPacks(h serviceHandler) { - h.setHeaderCacheForever() - h.sendFile("text/plain; charset=utf-8") -} - -func getLooseObject(h serviceHandler) { - h.setHeaderCacheForever() - h.sendFile("application/x-git-loose-object") -} - -func getPackFile(h serviceHandler) { - h.setHeaderCacheForever() - h.sendFile("application/x-git-packed-objects") -} - -func getIdxFile(h serviceHandler) { - h.setHeaderCacheForever() - h.sendFile("application/x-git-packed-objects-toc") -} - -func getGitRepoPath(subdir string) (string, error) { - if !strings.HasSuffix(subdir, ".git") { - subdir += ".git" +// GetTextFile implements Git dumb HTTP +func GetTextFile(p string) func(*context.Context) { + return func(ctx *context.Context) { + h := httpBase(ctx) + if h != nil { + h.setHeaderNoCache() + file := ctx.Params("file") + if file != "" { + h.sendFile("text/plain", "objects/info/"+file) + } else { + h.sendFile("text/plain", p) + } + } + } +} + +// GetInfoPacks implements Git dumb HTTP +func GetInfoPacks(ctx *context.Context) { + h := httpBase(ctx) + if h != nil { + h.setHeaderCacheForever() + h.sendFile("text/plain; charset=utf-8", "objects/info/packs") + } +} + +// GetLooseObject implements Git dumb HTTP +func GetLooseObject(ctx *context.Context) { + h := httpBase(ctx) + if h != nil { + h.setHeaderCacheForever() + h.sendFile("application/x-git-loose-object", fmt.Sprintf("objects/%s/%s", + ctx.Params("head"), ctx.Params("hash"))) + } +} + +// GetPackFile implements Git dumb HTTP +func GetPackFile(ctx *context.Context) { + h := httpBase(ctx) + if h != nil { + h.setHeaderCacheForever() + h.sendFile("application/x-git-packed-objects", "objects/pack/pack-"+ctx.Params("file")+".pack") + } +} + +// GetIdxFile implements Git dumb HTTP +func GetIdxFile(ctx *context.Context) { + h := httpBase(ctx) + if h != nil { + h.setHeaderCacheForever() + h.sendFile("application/x-git-packed-objects-toc", "objects/pack/pack-"+ctx.Params("file")+".idx") } - - fpath := path.Join(setting.RepoRootPath, subdir) - if _, err := os.Stat(fpath); os.IsNotExist(err) { - return "", err - } - - return fpath, nil } diff --git a/routers/repo/issue.go b/routers/repo/issue.go index fbeae75ab5..fb7107451f 100644 --- a/routers/repo/issue.go +++ b/routers/repo/issue.go @@ -16,10 +16,10 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" issue_indexer "code.gitea.io/gitea/modules/indexer/issues" "code.gitea.io/gitea/modules/log" @@ -29,6 +29,7 @@ import ( api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/upload" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" comment_service "code.gitea.io/gitea/services/comments" issue_service "code.gitea.io/gitea/services/issue" pull_service "code.gitea.io/gitea/services/pull" @@ -924,7 +925,8 @@ func ValidateRepoMetas(ctx *context.Context, form auth.CreateIssueForm, isPull b } // NewIssuePost response for creating new issue -func NewIssuePost(ctx *context.Context, form auth.CreateIssueForm) { +func NewIssuePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateIssueForm) ctx.Data["Title"] = ctx.Tr("repo.issues.new") ctx.Data["PageIsIssueList"] = true ctx.Data["NewIssueChooseTemplate"] = len(ctx.IssueTemplatesFromDefaultBranch()) > 0 @@ -940,7 +942,7 @@ func NewIssuePost(ctx *context.Context, form auth.CreateIssueForm) { attachments []string ) - labelIDs, assigneeIDs, milestoneID, projectID := ValidateRepoMetas(ctx, form, false) + labelIDs, assigneeIDs, milestoneID, projectID := ValidateRepoMetas(ctx, *form, false) if ctx.Written() { return } @@ -1925,7 +1927,8 @@ func UpdateIssueStatus(ctx *context.Context) { } // NewComment create a comment for issue -func NewComment(ctx *context.Context, form auth.CreateCommentForm) { +func NewComment(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateCommentForm) issue := GetActionIssue(ctx) if ctx.Written() { return @@ -2134,7 +2137,8 @@ func DeleteComment(ctx *context.Context) { } // ChangeIssueReaction create a reaction for issue -func ChangeIssueReaction(ctx *context.Context, form auth.ReactionForm) { +func ChangeIssueReaction(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.ReactionForm) issue := GetActionIssue(ctx) if ctx.Written() { return @@ -2229,7 +2233,8 @@ func ChangeIssueReaction(ctx *context.Context, form auth.ReactionForm) { } // ChangeCommentReaction create a reaction for comment -func ChangeCommentReaction(ctx *context.Context, form auth.ReactionForm) { +func ChangeCommentReaction(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.ReactionForm) comment, err := models.GetCommentByID(ctx.ParamsInt64(":id")) if err != nil { ctx.NotFoundOrServerError("GetCommentByID", models.IsErrCommentNotExist, err) diff --git a/routers/repo/issue_label.go b/routers/repo/issue_label.go index f1e188fe3a..35035103d5 100644 --- a/routers/repo/issue_label.go +++ b/routers/repo/issue_label.go @@ -6,11 +6,12 @@ package repo import ( "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" issue_service "code.gitea.io/gitea/services/issue" ) @@ -29,7 +30,8 @@ func Labels(ctx *context.Context) { } // InitializeLabels init labels for a repository -func InitializeLabels(ctx *context.Context, form auth.InitializeLabelsForm) { +func InitializeLabels(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.InitializeLabelsForm) if ctx.HasError() { ctx.Redirect(ctx.Repo.RepoLink + "/labels") return @@ -94,7 +96,8 @@ func RetrieveLabels(ctx *context.Context) { } // NewLabel create new label for repository -func NewLabel(ctx *context.Context, form auth.CreateLabelForm) { +func NewLabel(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateLabelForm) ctx.Data["Title"] = ctx.Tr("repo.labels") ctx.Data["PageIsLabels"] = true @@ -118,7 +121,8 @@ func NewLabel(ctx *context.Context, form auth.CreateLabelForm) { } // UpdateLabel update a label's name and color -func UpdateLabel(ctx *context.Context, form auth.CreateLabelForm) { +func UpdateLabel(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateLabelForm) l, err := models.GetLabelInRepoByID(ctx.Repo.Repository.ID, form.ID) if err != nil { switch { diff --git a/routers/repo/issue_label_test.go b/routers/repo/issue_label_test.go index bf62511258..d67c70085d 100644 --- a/routers/repo/issue_label_test.go +++ b/routers/repo/issue_label_test.go @@ -10,8 +10,9 @@ import ( "testing" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/test" + "code.gitea.io/gitea/modules/web" "github.com/stretchr/testify/assert" ) @@ -32,7 +33,8 @@ func TestInitializeLabels(t *testing.T) { ctx := test.MockContext(t, "user2/repo1/labels/initialize") test.LoadUser(t, ctx, 2) test.LoadRepo(t, ctx, 2) - InitializeLabels(ctx, auth.InitializeLabelsForm{TemplateName: "Default"}) + web.SetForm(ctx, &auth.InitializeLabelsForm{TemplateName: "Default"}) + InitializeLabels(ctx) assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) models.AssertExistsAndLoadBean(t, &models.Label{ RepoID: 2, @@ -74,10 +76,11 @@ func TestNewLabel(t *testing.T) { ctx := test.MockContext(t, "user2/repo1/labels/edit") test.LoadUser(t, ctx, 2) test.LoadRepo(t, ctx, 1) - NewLabel(ctx, auth.CreateLabelForm{ + web.SetForm(ctx, &auth.CreateLabelForm{ Title: "newlabel", Color: "#abcdef", }) + NewLabel(ctx) assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) models.AssertExistsAndLoadBean(t, &models.Label{ Name: "newlabel", @@ -91,11 +94,12 @@ func TestUpdateLabel(t *testing.T) { ctx := test.MockContext(t, "user2/repo1/labels/edit") test.LoadUser(t, ctx, 2) test.LoadRepo(t, ctx, 1) - UpdateLabel(ctx, auth.CreateLabelForm{ + web.SetForm(ctx, &auth.CreateLabelForm{ ID: 2, Title: "newnameforlabel", Color: "#abcdef", }) + UpdateLabel(ctx) assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) models.AssertExistsAndLoadBean(t, &models.Label{ ID: 2, diff --git a/routers/repo/issue_lock.go b/routers/repo/issue_lock.go index fa87588319..f8131e46aa 100644 --- a/routers/repo/issue_lock.go +++ b/routers/repo/issue_lock.go @@ -8,14 +8,15 @@ import ( "net/http" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" + "code.gitea.io/gitea/modules/web" ) // LockIssue locks an issue. This would limit commenting abilities to // users with write access to the repo. -func LockIssue(ctx *context.Context, form auth.IssueLockForm) { - +func LockIssue(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.IssueLockForm) issue := GetActionIssue(ctx) if ctx.Written() { return diff --git a/routers/repo/issue_timetrack.go b/routers/repo/issue_timetrack.go index 0f711bc734..425f215110 100644 --- a/routers/repo/issue_timetrack.go +++ b/routers/repo/issue_timetrack.go @@ -9,12 +9,14 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" + "code.gitea.io/gitea/modules/web" ) // AddTimeManually tracks time manually -func AddTimeManually(c *context.Context, form auth.AddTimeManuallyForm) { +func AddTimeManually(c *context.Context) { + form := web.GetForm(c).(*auth.AddTimeManuallyForm) issue := GetActionIssue(c) if c.Written() { return diff --git a/routers/repo/migrate.go b/routers/repo/migrate.go index a628fd2e2f..89452de0fa 100644 --- a/routers/repo/migrate.go +++ b/routers/repo/migrate.go @@ -10,14 +10,15 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/migrations" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/task" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" ) const ( @@ -117,7 +118,8 @@ func handleMigrateError(ctx *context.Context, owner *models.User, err error, nam } // MigratePost response for migrating from external git repository -func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) { +func MigratePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.MigrateRepoForm) if setting.Repository.DisableMigrations { ctx.Error(http.StatusForbidden, "MigratePost: the site administrator has disabled migrations") return @@ -192,7 +194,7 @@ func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) { err = models.CheckCreateRepository(ctx.User, ctxUser, opts.RepoName, false) if err != nil { - handleMigrateError(ctx, ctxUser, err, "MigratePost", tpl, &form) + handleMigrateError(ctx, ctxUser, err, "MigratePost", tpl, form) return } @@ -202,5 +204,5 @@ func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) { return } - handleMigrateError(ctx, ctxUser, err, "MigratePost", tpl, &form) + handleMigrateError(ctx, ctxUser, err, "MigratePost", tpl, form) } diff --git a/routers/repo/milestone.go b/routers/repo/milestone.go index 96f5b4e5f0..a9beed75d7 100644 --- a/routers/repo/milestone.go +++ b/routers/repo/milestone.go @@ -8,14 +8,15 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/markup/markdown" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "xorm.io/builder" ) @@ -106,7 +107,8 @@ func NewMilestone(ctx *context.Context) { } // NewMilestonePost response for creating milestone -func NewMilestonePost(ctx *context.Context, form auth.CreateMilestoneForm) { +func NewMilestonePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateMilestoneForm) ctx.Data["Title"] = ctx.Tr("repo.milestones.new") ctx.Data["PageIsIssueList"] = true ctx.Data["PageIsMilestones"] = true @@ -165,7 +167,8 @@ func EditMilestone(ctx *context.Context) { } // EditMilestonePost response for edting milestone -func EditMilestonePost(ctx *context.Context, form auth.CreateMilestoneForm) { +func EditMilestonePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateMilestoneForm) ctx.Data["Title"] = ctx.Tr("repo.milestones.edit") ctx.Data["PageIsMilestones"] = true ctx.Data["PageIsEditMilestone"] = true diff --git a/routers/repo/projects.go b/routers/repo/projects.go index 4cff199b34..49bcfef0ce 100644 --- a/routers/repo/projects.go +++ b/routers/repo/projects.go @@ -9,12 +9,13 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/markup/markdown" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" ) const ( @@ -112,7 +113,8 @@ func NewProject(ctx *context.Context) { } // NewProjectPost creates a new project -func NewProjectPost(ctx *context.Context, form auth.CreateProjectForm) { +func NewProjectPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateProjectForm) ctx.Data["Title"] = ctx.Tr("repo.projects.new") if ctx.HasError() { @@ -217,7 +219,8 @@ func EditProject(ctx *context.Context) { } // EditProjectPost response for editing a project -func EditProjectPost(ctx *context.Context, form auth.CreateProjectForm) { +func EditProjectPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateProjectForm) ctx.Data["Title"] = ctx.Tr("repo.projects.edit") ctx.Data["PageIsProjects"] = true ctx.Data["PageIsEditProjects"] = true @@ -399,8 +402,8 @@ func DeleteProjectBoard(ctx *context.Context) { } // AddBoardToProjectPost allows a new board to be added to a project. -func AddBoardToProjectPost(ctx *context.Context, form auth.EditProjectBoardTitleForm) { - +func AddBoardToProjectPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.EditProjectBoardTitleForm) if !ctx.Repo.IsOwner() && !ctx.Repo.IsAdmin() && !ctx.Repo.CanAccess(models.AccessModeWrite, models.UnitTypeProjects) { ctx.JSON(403, map[string]string{ "message": "Only authorized users are allowed to perform this action.", @@ -479,8 +482,8 @@ func checkProjectBoardChangePermissions(ctx *context.Context) (*models.Project, } // EditProjectBoardTitle allows a project board's title to be updated -func EditProjectBoardTitle(ctx *context.Context, form auth.EditProjectBoardTitleForm) { - +func EditProjectBoardTitle(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.EditProjectBoardTitleForm) _, board := checkProjectBoardChangePermissions(ctx) if ctx.Written() { return diff --git a/routers/repo/pull.go b/routers/repo/pull.go index 01c6efaa1d..1862c15f43 100644 --- a/routers/repo/pull.go +++ b/routers/repo/pull.go @@ -16,17 +16,19 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/notification" repo_module "code.gitea.io/gitea/modules/repository" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/upload" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/utils" "code.gitea.io/gitea/services/gitdiff" pull_service "code.gitea.io/gitea/services/pull" @@ -168,7 +170,8 @@ func Fork(ctx *context.Context) { } // ForkPost response for forking a repository -func ForkPost(ctx *context.Context, form auth.CreateRepoForm) { +func ForkPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateRepoForm) ctx.Data["Title"] = ctx.Tr("new_fork") ctxUser := checkContextUser(ctx, form.UID) @@ -765,7 +768,8 @@ func UpdatePullRequest(ctx *context.Context) { } // MergePullRequest response for merging pull request -func MergePullRequest(ctx *context.Context, form auth.MergePullRequestForm) { +func MergePullRequest(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.MergePullRequestForm) issue := checkPullInfo(ctx) if ctx.Written() { return @@ -954,7 +958,8 @@ func stopTimerIfAvailable(user *models.User, issue *models.Issue) error { } // CompareAndPullRequestPost response for creating pull request -func CompareAndPullRequestPost(ctx *context.Context, form auth.CreateIssueForm) { +func CompareAndPullRequestPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateIssueForm) ctx.Data["Title"] = ctx.Tr("repo.pulls.compare_changes") ctx.Data["PageIsComparePull"] = true ctx.Data["IsDiffCompare"] = true @@ -974,7 +979,7 @@ func CompareAndPullRequestPost(ctx *context.Context, form auth.CreateIssueForm) } defer headGitRepo.Close() - labelIDs, assigneeIDs, milestoneID, _ := ValidateRepoMetas(ctx, form, true) + labelIDs, assigneeIDs, milestoneID, _ := ValidateRepoMetas(ctx, *form, true) if ctx.Written() { return } @@ -984,7 +989,7 @@ func CompareAndPullRequestPost(ctx *context.Context, form auth.CreateIssueForm) } if ctx.HasError() { - auth.AssignForm(form, ctx.Data) + middlewares.AssignForm(form, ctx.Data) // This stage is already stop creating new pull request, so it does not matter if it has // something to compare or not. diff --git a/routers/repo/pull_review.go b/routers/repo/pull_review.go index 0bacc68232..df49b6cfe1 100644 --- a/routers/repo/pull_review.go +++ b/routers/repo/pull_review.go @@ -8,10 +8,11 @@ import ( "fmt" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/web" pull_service "code.gitea.io/gitea/services/pull" ) @@ -44,7 +45,8 @@ func RenderNewCodeCommentForm(ctx *context.Context) { } // CreateCodeComment will create a code comment including an pending review if required -func CreateCodeComment(ctx *context.Context, form auth.CodeCommentForm) { +func CreateCodeComment(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CodeCommentForm) issue := GetActionIssue(ctx) if !issue.IsPull { return @@ -171,7 +173,8 @@ func renderConversation(ctx *context.Context, comment *models.Comment) { } // SubmitReview creates a review out of the existing pending review or creates a new one if no pending review exist -func SubmitReview(ctx *context.Context, form auth.SubmitReviewForm) { +func SubmitReview(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.SubmitReviewForm) issue := GetActionIssue(ctx) if !issue.IsPull { return diff --git a/routers/repo/release.go b/routers/repo/release.go index 4d75c37c87..54642f9b21 100644 --- a/routers/repo/release.go +++ b/routers/repo/release.go @@ -9,14 +9,15 @@ import ( "fmt" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/markup/markdown" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/upload" + "code.gitea.io/gitea/modules/web" releaseservice "code.gitea.io/gitea/services/release" ) @@ -230,7 +231,8 @@ func NewRelease(ctx *context.Context) { } // NewReleasePost response for creating a release -func NewReleasePost(ctx *context.Context, form auth.NewReleaseForm) { +func NewReleasePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewReleaseForm) ctx.Data["Title"] = ctx.Tr("repo.release.new_release") ctx.Data["PageIsReleaseList"] = true @@ -336,7 +338,8 @@ func EditRelease(ctx *context.Context) { } // EditReleasePost response for edit release -func EditReleasePost(ctx *context.Context, form auth.EditReleaseForm) { +func EditReleasePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.EditReleaseForm) ctx.Data["Title"] = ctx.Tr("repo.release.edit_release") ctx.Data["PageIsReleaseList"] = true ctx.Data["PageIsEditRelease"] = true diff --git a/routers/repo/release_test.go b/routers/repo/release_test.go index 47d1a89b54..38c0d9fec0 100644 --- a/routers/repo/release_test.go +++ b/routers/repo/release_test.go @@ -8,8 +8,9 @@ import ( "testing" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/test" + "code.gitea.io/gitea/modules/web" ) func TestNewReleasePost(t *testing.T) { @@ -48,7 +49,8 @@ func TestNewReleasePost(t *testing.T) { test.LoadUser(t, ctx, 2) test.LoadRepo(t, ctx, 1) test.LoadGitRepo(t, ctx) - NewReleasePost(ctx, testCase.Form) + web.SetForm(ctx, &testCase.Form) + NewReleasePost(ctx) models.AssertExistsAndLoadBean(t, &models.Release{ RepoID: 1, PublisherID: 2, diff --git a/routers/repo/repo.go b/routers/repo/repo.go index 3832b89971..a8cfb9ad7c 100644 --- a/routers/repo/repo.go +++ b/routers/repo/repo.go @@ -11,11 +11,12 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" archiver_service "code.gitea.io/gitea/services/archiver" repo_service "code.gitea.io/gitea/services/repository" ) @@ -181,7 +182,8 @@ func handleCreateError(ctx *context.Context, owner *models.User, err error, name } // CreatePost response for creating repository -func CreatePost(ctx *context.Context, form auth.CreateRepoForm) { +func CreatePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.CreateRepoForm) ctx.Data["Title"] = ctx.Tr("new_repo") ctx.Data["Gitignores"] = models.Gitignores diff --git a/routers/repo/setting.go b/routers/repo/setting.go index 368879234b..3e22e8804e 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -15,9 +15,9 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/repository" @@ -25,6 +25,7 @@ import ( "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/validation" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/utils" "code.gitea.io/gitea/services/mailer" mirror_service "code.gitea.io/gitea/services/mirror" @@ -59,7 +60,8 @@ func Settings(ctx *context.Context) { } // SettingsPost response for changes of a repository -func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) { +func SettingsPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.RepoSettingForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsOptions"] = true @@ -839,7 +841,8 @@ func DeployKeys(ctx *context.Context) { } // DeployKeysPost response for adding a deploy key of a repository -func DeployKeysPost(ctx *context.Context, form auth.AddKeyForm) { +func DeployKeysPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AddKeyForm) ctx.Data["Title"] = ctx.Tr("repo.settings.deploy_keys") ctx.Data["PageIsSettingsKeys"] = true @@ -956,9 +959,10 @@ func UpdateAvatarSetting(ctx *context.Context, form auth.AvatarForm) error { } // SettingsAvatar save new POSTed repository avatar -func SettingsAvatar(ctx *context.Context, form auth.AvatarForm) { +func SettingsAvatar(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AvatarForm) form.Source = auth.AvatarLocal - if err := UpdateAvatarSetting(ctx, form); err != nil { + if err := UpdateAvatarSetting(ctx, *form); err != nil { ctx.Flash.Error(err.Error()) } else { ctx.Flash.Success(ctx.Tr("repo.settings.update_avatar_success")) diff --git a/routers/repo/setting_protected_branch.go b/routers/repo/setting_protected_branch.go index c2e7bc8fac..017054d4c2 100644 --- a/routers/repo/setting_protected_branch.go +++ b/routers/repo/setting_protected_branch.go @@ -10,12 +10,13 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" pull_service "code.gitea.io/gitea/services/pull" ) @@ -168,7 +169,8 @@ func SettingsProtectedBranch(c *context.Context) { } // SettingsProtectedBranchPost updates the protected branch settings -func SettingsProtectedBranchPost(ctx *context.Context, f auth.ProtectBranchForm) { +func SettingsProtectedBranchPost(ctx *context.Context) { + f := web.GetForm(ctx).(*auth.ProtectBranchForm) branch := ctx.Params("*") if !ctx.Repo.GitRepo.IsBranchExist(branch) { ctx.NotFound("IsBranchExist", nil) diff --git a/routers/repo/settings_test.go b/routers/repo/settings_test.go index 679bb0d33c..85515121c7 100644 --- a/routers/repo/settings_test.go +++ b/routers/repo/settings_test.go @@ -10,11 +10,12 @@ import ( "testing" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/test" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "github.com/stretchr/testify/assert" ) @@ -52,7 +53,8 @@ func TestAddReadOnlyDeployKey(t *testing.T) { Title: "read-only", Content: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n", } - DeployKeysPost(ctx, addKeyForm) + web.SetForm(ctx, &addKeyForm) + DeployKeysPost(ctx) assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) models.AssertExistsAndLoadBean(t, &models.DeployKey{ @@ -81,7 +83,8 @@ func TestAddReadWriteOnlyDeployKey(t *testing.T) { Content: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC4cn+iXnA4KvcQYSV88vGn0Yi91vG47t1P7okprVmhNTkipNRIHWr6WdCO4VDr/cvsRkuVJAsLO2enwjGWWueOO6BodiBgyAOZ/5t5nJNMCNuLGT5UIo/RI1b0WRQwxEZTRjt6mFNw6lH14wRd8ulsr9toSWBPMOGWoYs1PDeDL0JuTjL+tr1SZi/EyxCngpYszKdXllJEHyI79KQgeD0Vt3pTrkbNVTOEcCNqZePSVmUH8X8Vhugz3bnE0/iE9Pb5fkWO9c4AnM1FgI/8Bvp27Fw2ShryIXuR6kKvUqhVMTuOSDHwu6A8jLE5Owt3GAYugDpDYuwTVNGrHLXKpPzrGGPE/jPmaLCMZcsdkec95dYeU3zKODEm8UQZFhmJmDeWVJ36nGrGZHL4J5aTTaeFUJmmXDaJYiJ+K2/ioKgXqnXvltu0A9R8/LGy4nrTJRr4JMLuJFoUXvGm1gXQ70w2LSpk6yl71RNC0hCtsBe8BP8IhYCM0EP5jh7eCMQZNvM= nocomment\n", IsWritable: true, } - DeployKeysPost(ctx, addKeyForm) + web.SetForm(ctx, &addKeyForm) + DeployKeysPost(ctx) assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) models.AssertExistsAndLoadBean(t, &models.DeployKey{ diff --git a/routers/repo/webhook.go b/routers/repo/webhook.go index 5d7074b339..01d142843f 100644 --- a/routers/repo/webhook.go +++ b/routers/repo/webhook.go @@ -13,14 +13,15 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/convert" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/setting" api "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/services/webhook" ) @@ -181,7 +182,8 @@ func ParseHookEvent(form auth.WebhookForm) *models.HookEvent { } // GiteaHooksNewPost response for creating Gitea webhook -func GiteaHooksNewPost(ctx *context.Context, form auth.NewWebhookForm) { +func GiteaHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewWebhookForm) ctx.Data["Title"] = ctx.Tr("repo.settings.add_webhook") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksNew"] = true @@ -230,8 +232,9 @@ func GiteaHooksNewPost(ctx *context.Context, form auth.NewWebhookForm) { } // GogsHooksNewPost response for creating webhook -func GogsHooksNewPost(ctx *context.Context, form auth.NewGogshookForm) { - newGogsWebhookPost(ctx, form, models.GOGS) +func GogsHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewGogshookForm) + newGogsWebhookPost(ctx, *form, models.GOGS) } // newGogsWebhookPost response for creating gogs hook @@ -283,7 +286,8 @@ func newGogsWebhookPost(ctx *context.Context, form auth.NewGogshookForm, kind mo } // DiscordHooksNewPost response for creating discord hook -func DiscordHooksNewPost(ctx *context.Context, form auth.NewDiscordHookForm) { +func DiscordHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewDiscordHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksNew"] = true @@ -334,7 +338,8 @@ func DiscordHooksNewPost(ctx *context.Context, form auth.NewDiscordHookForm) { } // DingtalkHooksNewPost response for creating dingtalk hook -func DingtalkHooksNewPost(ctx *context.Context, form auth.NewDingtalkHookForm) { +func DingtalkHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewDingtalkHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksNew"] = true @@ -376,7 +381,8 @@ func DingtalkHooksNewPost(ctx *context.Context, form auth.NewDingtalkHookForm) { } // TelegramHooksNewPost response for creating telegram hook -func TelegramHooksNewPost(ctx *context.Context, form auth.NewTelegramHookForm) { +func TelegramHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewTelegramHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksNew"] = true @@ -427,7 +433,8 @@ func TelegramHooksNewPost(ctx *context.Context, form auth.NewTelegramHookForm) { } // MatrixHooksNewPost response for creating a Matrix hook -func MatrixHooksNewPost(ctx *context.Context, form auth.NewMatrixHookForm) { +func MatrixHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewMatrixHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksNew"] = true @@ -481,7 +488,8 @@ func MatrixHooksNewPost(ctx *context.Context, form auth.NewMatrixHookForm) { } // MSTeamsHooksNewPost response for creating MS Teams hook -func MSTeamsHooksNewPost(ctx *context.Context, form auth.NewMSTeamsHookForm) { +func MSTeamsHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewMSTeamsHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksNew"] = true @@ -523,7 +531,8 @@ func MSTeamsHooksNewPost(ctx *context.Context, form auth.NewMSTeamsHookForm) { } // SlackHooksNewPost response for creating slack hook -func SlackHooksNewPost(ctx *context.Context, form auth.NewSlackHookForm) { +func SlackHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewSlackHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksNew"] = true @@ -582,7 +591,8 @@ func SlackHooksNewPost(ctx *context.Context, form auth.NewSlackHookForm) { } // FeishuHooksNewPost response for creating feishu hook -func FeishuHooksNewPost(ctx *context.Context, form auth.NewFeishuHookForm) { +func FeishuHooksNewPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewFeishuHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksNew"] = true @@ -685,7 +695,8 @@ func WebHooksEdit(ctx *context.Context) { } // WebHooksEditPost response for editing web hook -func WebHooksEditPost(ctx *context.Context, form auth.NewWebhookForm) { +func WebHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewWebhookForm) ctx.Data["Title"] = ctx.Tr("repo.settings.update_webhook") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true @@ -725,7 +736,8 @@ func WebHooksEditPost(ctx *context.Context, form auth.NewWebhookForm) { } // GogsHooksEditPost response for editing gogs hook -func GogsHooksEditPost(ctx *context.Context, form auth.NewGogshookForm) { +func GogsHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewGogshookForm) ctx.Data["Title"] = ctx.Tr("repo.settings.update_webhook") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true @@ -764,7 +776,8 @@ func GogsHooksEditPost(ctx *context.Context, form auth.NewGogshookForm) { } // SlackHooksEditPost response for editing slack hook -func SlackHooksEditPost(ctx *context.Context, form auth.NewSlackHookForm) { +func SlackHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewSlackHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true @@ -814,7 +827,8 @@ func SlackHooksEditPost(ctx *context.Context, form auth.NewSlackHookForm) { } // DiscordHooksEditPost response for editing discord hook -func DiscordHooksEditPost(ctx *context.Context, form auth.NewDiscordHookForm) { +func DiscordHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewDiscordHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true @@ -856,7 +870,8 @@ func DiscordHooksEditPost(ctx *context.Context, form auth.NewDiscordHookForm) { } // DingtalkHooksEditPost response for editing discord hook -func DingtalkHooksEditPost(ctx *context.Context, form auth.NewDingtalkHookForm) { +func DingtalkHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewDingtalkHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true @@ -888,7 +903,8 @@ func DingtalkHooksEditPost(ctx *context.Context, form auth.NewDingtalkHookForm) } // TelegramHooksEditPost response for editing discord hook -func TelegramHooksEditPost(ctx *context.Context, form auth.NewTelegramHookForm) { +func TelegramHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewTelegramHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true @@ -928,7 +944,8 @@ func TelegramHooksEditPost(ctx *context.Context, form auth.NewTelegramHookForm) } // MatrixHooksEditPost response for editing a Matrix hook -func MatrixHooksEditPost(ctx *context.Context, form auth.NewMatrixHookForm) { +func MatrixHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewMatrixHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true @@ -971,7 +988,8 @@ func MatrixHooksEditPost(ctx *context.Context, form auth.NewMatrixHookForm) { } // MSTeamsHooksEditPost response for editing MS Teams hook -func MSTeamsHooksEditPost(ctx *context.Context, form auth.NewMSTeamsHookForm) { +func MSTeamsHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewMSTeamsHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true @@ -1003,7 +1021,8 @@ func MSTeamsHooksEditPost(ctx *context.Context, form auth.NewMSTeamsHookForm) { } // FeishuHooksEditPost response for editing feishu hook -func FeishuHooksEditPost(ctx *context.Context, form auth.NewFeishuHookForm) { +func FeishuHooksEditPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewFeishuHookForm) ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsHooks"] = true ctx.Data["PageIsSettingsHooksEdit"] = true diff --git a/routers/repo/wiki.go b/routers/repo/wiki.go index ac650d3fc4..c4521a3071 100644 --- a/routers/repo/wiki.go +++ b/routers/repo/wiki.go @@ -13,15 +13,16 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/markup" "code.gitea.io/gitea/modules/markup/markdown" "code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" wiki_service "code.gitea.io/gitea/services/wiki" ) @@ -556,7 +557,8 @@ func NewWiki(ctx *context.Context) { } // NewWikiPost response for wiki create request -func NewWikiPost(ctx *context.Context, form auth.NewWikiForm) { +func NewWikiPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewWikiForm) ctx.Data["Title"] = ctx.Tr("repo.wiki.new_page") ctx.Data["PageIsWiki"] = true ctx.Data["RequireSimpleMDE"] = true @@ -613,7 +615,8 @@ func EditWiki(ctx *context.Context) { } // EditWikiPost response for wiki modify request -func EditWikiPost(ctx *context.Context, form auth.NewWikiForm) { +func EditWikiPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewWikiForm) ctx.Data["Title"] = ctx.Tr("repo.wiki.new_page") ctx.Data["PageIsWiki"] = true ctx.Data["RequireSimpleMDE"] = true diff --git a/routers/repo/wiki_test.go b/routers/repo/wiki_test.go index cc79c808f5..badd07f080 100644 --- a/routers/repo/wiki_test.go +++ b/routers/repo/wiki_test.go @@ -10,9 +10,10 @@ import ( "testing" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/git" "code.gitea.io/gitea/modules/test" + "code.gitea.io/gitea/modules/web" wiki_service "code.gitea.io/gitea/services/wiki" "github.com/stretchr/testify/assert" @@ -114,11 +115,12 @@ func TestNewWikiPost(t *testing.T) { ctx := test.MockContext(t, "user2/repo1/wiki/_new") test.LoadUser(t, ctx, 2) test.LoadRepo(t, ctx, 1) - NewWikiPost(ctx, auth.NewWikiForm{ + web.SetForm(ctx, &auth.NewWikiForm{ Title: title, Content: content, Message: message, }) + NewWikiPost(ctx) assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) assertWikiExists(t, ctx.Repo.Repository, title) assert.Equal(t, wikiContent(t, ctx.Repo.Repository, title), content) @@ -131,11 +133,12 @@ func TestNewWikiPost_ReservedName(t *testing.T) { ctx := test.MockContext(t, "user2/repo1/wiki/_new") test.LoadUser(t, ctx, 2) test.LoadRepo(t, ctx, 1) - NewWikiPost(ctx, auth.NewWikiForm{ + web.SetForm(ctx, &auth.NewWikiForm{ Title: "_edit", Content: content, Message: message, }) + NewWikiPost(ctx) assert.EqualValues(t, http.StatusOK, ctx.Resp.Status()) assert.EqualValues(t, ctx.Tr("repo.wiki.reserved_page"), ctx.Flash.ErrorMsg) assertWikiNotExists(t, ctx.Repo.Repository, "_edit") @@ -164,11 +167,12 @@ func TestEditWikiPost(t *testing.T) { ctx.SetParams(":page", "Home") test.LoadUser(t, ctx, 2) test.LoadRepo(t, ctx, 1) - EditWikiPost(ctx, auth.NewWikiForm{ + web.SetForm(ctx, &auth.NewWikiForm{ Title: title, Content: content, Message: message, }) + EditWikiPost(ctx) assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) assertWikiExists(t, ctx.Repo.Repository, title) assert.Equal(t, wikiContent(t, ctx.Repo.Repository, title), content) diff --git a/routers/routes/chi.go b/routers/routes/base.go similarity index 53% rename from routers/routes/chi.go rename to routers/routes/base.go index 2400140ae6..a313032a88 100644 --- a/routers/routes/chi.go +++ b/routers/routes/base.go @@ -16,19 +16,16 @@ import ( "text/template" "time" + "code.gitea.io/gitea/modules/auth/sso" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/httpcache" "code.gitea.io/gitea/modules/log" - "code.gitea.io/gitea/modules/metrics" - "code.gitea.io/gitea/modules/public" + "code.gitea.io/gitea/modules/middlewares" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/storage" - "code.gitea.io/gitea/routers" + "code.gitea.io/gitea/modules/templates" "gitea.com/go-chi/session" - "github.com/go-chi/chi" - "github.com/go-chi/chi/middleware" - "github.com/prometheus/client_golang/prometheus" ) type routerLoggerOptions struct { @@ -39,20 +36,21 @@ type routerLoggerOptions struct { } // SignedUserName returns signed user's name via context -// FIXME currently no any data stored on chi.Context but macaron.Context, so this will -// return "" before we remove macaron totally func SignedUserName(req *http.Request) string { - if v, ok := req.Context().Value("SignedUserName").(string); ok { - return v + ctx := context.GetContext(req) + if ctx != nil { + v := ctx.Data["SignedUserName"] + if res, ok := v.(string); ok { + return res + } } return "" } -func setupAccessLogger(c chi.Router) { +func accessLogger() func(http.Handler) http.Handler { logger := log.GetLogger("access") - logTemplate, _ := template.New("log").Parse(setting.AccessLogTemplate) - c.Use(func(next http.Handler) http.Handler { + return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { start := time.Now() next.ServeHTTP(w, req) @@ -70,15 +68,15 @@ func setupAccessLogger(c chi.Router) { ResponseWriter: rw, }) if err != nil { - log.Error("Could not set up macaron access logger: %v", err.Error()) + log.Error("Could not set up chi access logger: %v", err.Error()) } err = logger.SendLog(log.INFO, "", "", 0, buf.String(), "") if err != nil { - log.Error("Could not set up macaron access logger: %v", err.Error()) + log.Error("Could not set up chi access logger: %v", err.Error()) } }) - }) + } } // LoggerHandler is a handler that will log the routing to the default gitea log @@ -179,131 +177,70 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor } } -var ( - sessionManager *session.Manager -) - -// NewChi creates a chi Router -func NewChi() chi.Router { - c := chi.NewRouter() - c.Use(func(next http.Handler) http.Handler { - return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { - next.ServeHTTP(context.NewResponse(resp), req) - }) - }) - c.Use(middleware.RealIP) - if !setting.DisableRouterLog && setting.RouterLogLevel != log.NONE { - if log.GetLogger("router").GetLevel() <= setting.RouterLogLevel { - c.Use(LoggerHandler(setting.RouterLogLevel)) - } - } - - var opt = session.Options{ - Provider: setting.SessionConfig.Provider, - ProviderConfig: setting.SessionConfig.ProviderConfig, - CookieName: setting.SessionConfig.CookieName, - CookiePath: setting.SessionConfig.CookiePath, - Gclifetime: setting.SessionConfig.Gclifetime, - Maxlifetime: setting.SessionConfig.Maxlifetime, - Secure: setting.SessionConfig.Secure, - Domain: setting.SessionConfig.Domain, - } - opt = session.PrepareOptions([]session.Options{opt}) - - var err error - sessionManager, err = session.NewManager(opt.Provider, opt) - if err != nil { - panic(err) - } - - c.Use(Recovery()) - if setting.EnableAccessLog { - setupAccessLogger(c) - } - - c.Use(public.Custom( - &public.Options{ - SkipLogging: setting.DisableRouterLog, - }, - )) - c.Use(public.Static( - &public.Options{ - Directory: path.Join(setting.StaticRootPath, "public"), - SkipLogging: setting.DisableRouterLog, - }, - )) - - c.Use(storageHandler(setting.Avatar.Storage, "avatars", storage.Avatars)) - c.Use(storageHandler(setting.RepoAvatar.Storage, "repo-avatars", storage.RepoAvatars)) - - return c +type dataStore struct { + Data map[string]interface{} } -// RegisterInstallRoute registers the install routes -func RegisterInstallRoute(c chi.Router) { - m := NewMacaron() - RegisterMacaronInstallRoute(m) - - // We need at least one handler in chi so that it does not drop - // our middleware: https://github.com/go-gitea/gitea/issues/13725#issuecomment-735244395 - c.Get("/", func(w http.ResponseWriter, req *http.Request) { - m.ServeHTTP(w, req) - }) - - c.NotFound(func(w http.ResponseWriter, req *http.Request) { - m.ServeHTTP(w, req) - }) - - c.MethodNotAllowed(func(w http.ResponseWriter, req *http.Request) { - m.ServeHTTP(w, req) - }) +func (d *dataStore) GetData() map[string]interface{} { + return d.Data } -// NormalRoutes represents non install routes -func NormalRoutes() http.Handler { - r := chi.NewRouter() +// Recovery returns a middleware that recovers from any panics and writes a 500 and a log if so. +// This error will be created with the gitea 500 page. +func Recovery() func(next http.Handler) http.Handler { + var rnd = templates.HTMLRenderer() + return func(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { + defer func() { + if err := recover(); err != nil { + combinedErr := fmt.Sprintf("PANIC: %v\n%s", err, string(log.Stack(2))) + log.Error("%v", combinedErr) - // for health check - r.Head("/", func(w http.ResponseWriter, req *http.Request) { - w.WriteHeader(http.StatusOK) - }) + sessionStore := session.GetSession(req) + if sessionStore == nil { + if setting.IsProd() { + http.Error(w, http.StatusText(500), 500) + } else { + http.Error(w, combinedErr, 500) + } + return + } - if setting.HasRobotsTxt { - r.Get("/robots.txt", func(w http.ResponseWriter, req *http.Request) { - filePath := path.Join(setting.CustomPath, "robots.txt") - fi, err := os.Stat(filePath) - if err == nil && httpcache.HandleTimeCache(req, w, fi) { - return - } - http.ServeFile(w, req, filePath) + var lc = middlewares.Locale(w, req) + var store = dataStore{ + Data: templates.Vars{ + "Language": lc.Language(), + "CurrentURL": setting.AppSubURL + req.URL.RequestURI(), + "i18n": lc, + }, + } + + // Get user from session if logged in. + user, _ := sso.SignedInUser(req, w, &store, sessionStore) + if user != nil { + store.Data["IsSigned"] = true + store.Data["SignedUser"] = user + store.Data["SignedUserID"] = user.ID + store.Data["SignedUserName"] = user.Name + store.Data["IsAdmin"] = user.IsAdmin + } else { + store.Data["SignedUserID"] = int64(0) + store.Data["SignedUserName"] = "" + } + + w.Header().Set(`X-Frame-Options`, `SAMEORIGIN`) + + if !setting.IsProd() { + store.Data["ErrorMsg"] = combinedErr + } + err = rnd.HTML(w, 500, "status/500", templates.BaseVars().Merge(store.Data)) + if err != nil { + log.Error("%v", err) + } + } + }() + + next.ServeHTTP(w, req) }) } - - r.Get("/apple-touch-icon.png", func(w http.ResponseWriter, req *http.Request) { - http.Redirect(w, req, path.Join(setting.StaticURLPrefix, "img/apple-touch-icon.png"), 301) - }) - - // prometheus metrics endpoint - if setting.Metrics.Enabled { - c := metrics.NewCollector() - prometheus.MustRegister(c) - - r.Get("/metrics", routers.Metrics) - } - - return r -} - -// DelegateToMacaron delegates other routes to macaron -func DelegateToMacaron(r chi.Router) { - m := NewMacaron() - RegisterMacaronRoutes(m) - - r.NotFound(func(w http.ResponseWriter, req *http.Request) { - m.ServeHTTP(w, req) - }) - - r.MethodNotAllowed(func(w http.ResponseWriter, req *http.Request) { - m.ServeHTTP(w, req) - }) } diff --git a/routers/routes/recovery.go b/routers/routes/install.go similarity index 50% rename from routers/routes/recovery.go rename to routers/routes/install.go index cfe1a4114c..0dc066d600 100644 --- a/routers/routes/recovery.go +++ b/routers/routes/install.go @@ -7,38 +7,23 @@ package routes import ( "fmt" "net/http" + "path" - "code.gitea.io/gitea/modules/auth/sso" + "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/middlewares" + "code.gitea.io/gitea/modules/public" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/templates" + "code.gitea.io/gitea/modules/web" + "code.gitea.io/gitea/routers" - "github.com/unrolled/render" + "gitea.com/go-chi/session" ) -type dataStore struct { - Data map[string]interface{} -} - -func (d *dataStore) GetData() map[string]interface{} { - return d.Data -} - -// Recovery returns a middleware that recovers from any panics and writes a 500 and a log if so. -// Although similar to macaron.Recovery() the main difference is that this error will be created -// with the gitea 500 page. -func Recovery() func(next http.Handler) http.Handler { +func installRecovery() func(next http.Handler) http.Handler { + var rnd = templates.HTMLRenderer() return func(next http.Handler) http.Handler { - rnd := render.New(render.Options{ - Extensions: []string{".tmpl"}, - Directory: "templates", - Funcs: templates.NewFuncMap(), - Asset: templates.GetAsset, - AssetNames: templates.GetAssetNames, - IsDevelopment: !setting.IsProd(), - }) - return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { defer func() { // Why we need this? The first recover will try to render a beautiful @@ -62,35 +47,16 @@ func Recovery() func(next http.Handler) http.Handler { log.Error("%v", combinedErr) lc := middlewares.Locale(w, req) - - // TODO: this should be replaced by real session after macaron removed totally - sessionStore, err := sessionManager.Start(w, req) - if err != nil { - // Just invoke the above recover catch - panic("session(start): " + err.Error()) - } - var store = dataStore{ Data: templates.Vars{ - "Language": lc.Language(), - "CurrentURL": setting.AppSubURL + req.URL.RequestURI(), - "i18n": lc, + "Language": lc.Language(), + "CurrentURL": setting.AppSubURL + req.URL.RequestURI(), + "i18n": lc, + "SignedUserID": int64(0), + "SignedUserName": "", }, } - // Get user from session if logged in. - user, _ := sso.SignedInUser(req, w, &store, sessionStore) - if user != nil { - store.Data["IsSigned"] = true - store.Data["SignedUser"] = user - store.Data["SignedUserID"] = user.ID - store.Data["SignedUserName"] = user.Name - store.Data["IsAdmin"] = user.IsAdmin - } else { - store.Data["SignedUserID"] = int64(0) - store.Data["SignedUserName"] = "" - } - w.Header().Set(`X-Frame-Options`, `SAMEORIGIN`) if !setting.IsProd() { @@ -107,3 +73,44 @@ func Recovery() func(next http.Handler) http.Handler { }) } } + +// InstallRoutes registers the install routes +func InstallRoutes() *web.Route { + r := web.NewRoute() + for _, middle := range commonMiddlewares() { + r.Use(middle) + } + + r.Use(session.Sessioner(session.Options{ + Provider: setting.SessionConfig.Provider, + ProviderConfig: setting.SessionConfig.ProviderConfig, + CookieName: setting.SessionConfig.CookieName, + CookiePath: setting.SessionConfig.CookiePath, + Gclifetime: setting.SessionConfig.Gclifetime, + Maxlifetime: setting.SessionConfig.Maxlifetime, + Secure: setting.SessionConfig.Secure, + Domain: setting.SessionConfig.Domain, + })) + + r.Use(installRecovery()) + + r.Use(public.Custom( + &public.Options{ + SkipLogging: setting.DisableRouterLog, + }, + )) + r.Use(public.Static( + &public.Options{ + Directory: path.Join(setting.StaticRootPath, "public"), + SkipLogging: setting.DisableRouterLog, + }, + )) + + r.Use(routers.InstallInit) + r.Get("/", routers.Install) + r.Post("/", web.Bind(forms.InstallForm{}), routers.InstallPost) + r.NotFound(func(w http.ResponseWriter, req *http.Request) { + http.Redirect(w, req, setting.AppURL, 302) + }) + return r +} diff --git a/routers/routes/macaron.go b/routers/routes/web.go similarity index 70% rename from routers/routes/macaron.go rename to routers/routes/web.go index f64a0a597b..2433618581 100644 --- a/routers/routes/macaron.go +++ b/routers/routes/web.go @@ -6,19 +6,29 @@ package routes import ( "encoding/gob" + "fmt" + "net/http" + "os" + "path" + "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" + "code.gitea.io/gitea/modules/httpcache" "code.gitea.io/gitea/modules/lfs" "code.gitea.io/gitea/modules/log" - "code.gitea.io/gitea/modules/options" + "code.gitea.io/gitea/modules/metrics" + "code.gitea.io/gitea/modules/public" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/storage" "code.gitea.io/gitea/modules/templates" "code.gitea.io/gitea/modules/validation" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers" "code.gitea.io/gitea/routers/admin" apiv1 "code.gitea.io/gitea/routers/api/v1" + "code.gitea.io/gitea/routers/api/v1/misc" "code.gitea.io/gitea/routers/dev" "code.gitea.io/gitea/routers/events" "code.gitea.io/gitea/routers/org" @@ -31,77 +41,79 @@ import ( // to registers all internal adapters _ "code.gitea.io/gitea/modules/session" - "gitea.com/macaron/binding" - "gitea.com/macaron/cache" - "gitea.com/macaron/captcha" - "gitea.com/macaron/cors" - "gitea.com/macaron/csrf" - "gitea.com/macaron/gzip" - "gitea.com/macaron/i18n" - "gitea.com/macaron/macaron" - "gitea.com/macaron/session" - "gitea.com/macaron/toolbox" + "gitea.com/go-chi/captcha" + "gitea.com/go-chi/session" + "github.com/NYTimes/gziphandler" + "github.com/go-chi/chi/middleware" + "github.com/prometheus/client_golang/prometheus" "github.com/tstranex/u2f" ) -// NewMacaron initializes Macaron instance. -func NewMacaron() *macaron.Macaron { - gob.Register(&u2f.Challenge{}) - var m *macaron.Macaron - if setting.RedirectMacaronLog { - loggerAsWriter := log.NewLoggerAsWriter("INFO", log.GetLogger("macaron")) - m = macaron.NewWithLogger(loggerAsWriter) - } else { - m = macaron.New() +const ( + // GzipMinSize represents min size to compress for the body size of response + GzipMinSize = 1400 +) + +func commonMiddlewares() []func(http.Handler) http.Handler { + var handlers = []func(http.Handler) http.Handler{ + func(next http.Handler) http.Handler { + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + next.ServeHTTP(context.NewResponse(resp), req) + }) + }, + middleware.RealIP, } - - if setting.EnableGzip { - m.Use(gzip.Middleware()) - } - if setting.Protocol == setting.FCGI || setting.Protocol == setting.FCGIUnix { - m.SetURLPrefix(setting.AppSubURL) - } - - m.Use(templates.HTMLRenderer()) - - mailer.InitMailRender(templates.Mailer()) - - localeNames, err := options.Dir("locale") - - if err != nil { - log.Fatal("Failed to list locale files: %v", err) - } - - localFiles := make(map[string][]byte) - - for _, name := range localeNames { - localFiles[name], err = options.Locale(name) - - if err != nil { - log.Fatal("Failed to load %s locale file. %v", name, err) + if !setting.DisableRouterLog && setting.RouterLogLevel != log.NONE { + if log.GetLogger("router").GetLevel() <= setting.RouterLogLevel { + handlers = append(handlers, LoggerHandler(setting.RouterLogLevel)) } } + handlers = append(handlers, func(next http.Handler) http.Handler { + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + // Why we need this? The Recovery() will try to render a beautiful + // error page for user, but the process can still panic again, and other + // middleware like session also may panic then we have to recover twice + // and send a simple error page that should not panic any more. + defer func() { + if err := recover(); err != nil { + combinedErr := fmt.Sprintf("PANIC: %v\n%s", err, string(log.Stack(2))) + log.Error("%v", combinedErr) + if setting.IsProd() { + http.Error(resp, http.StatusText(500), 500) + } else { + http.Error(resp, combinedErr, 500) + } + } + }() + next.ServeHTTP(resp, req) + }) + }) - m.Use(i18n.I18n(i18n.Options{ - SubURL: setting.AppSubURL, - Files: localFiles, - Langs: setting.Langs, - Names: setting.Names, - DefaultLang: "en-US", - Redirect: false, - CookieHttpOnly: true, - Secure: setting.SessionConfig.Secure, - CookieDomain: setting.SessionConfig.Domain, - })) - m.Use(cache.Cacher(cache.Options{ - Adapter: setting.CacheService.Adapter, - AdapterConfig: setting.CacheService.Conn, - Interval: setting.CacheService.Interval, - })) - m.Use(captcha.Captchaer(captcha.Options{ - SubURL: setting.AppSubURL, - })) - m.Use(session.Sessioner(session.Options{ + if setting.EnableAccessLog { + handlers = append(handlers, accessLogger()) + } + return handlers +} + +// NormalRoutes represents non install routes +func NormalRoutes() *web.Route { + r := web.NewRoute() + for _, middle := range commonMiddlewares() { + r.Use(middle) + } + r.Use(Recovery()) + + r.Mount("/", WebRoutes()) + r.Mount("/api/v1", apiv1.Routes()) + r.Mount("/api/internal", private.Routes()) + return r +} + +// WebRoutes returns all web routes +func WebRoutes() *web.Route { + r := web.NewRoute() + + r.Use(session.Sessioner(session.Options{ Provider: setting.SessionConfig.Provider, ProviderConfig: setting.SessionConfig.ProviderConfig, CookieName: setting.SessionConfig.CookieName, @@ -111,47 +123,104 @@ func NewMacaron() *macaron.Macaron { Secure: setting.SessionConfig.Secure, Domain: setting.SessionConfig.Domain, })) - m.Use(csrf.Csrfer(csrf.Options{ - Secret: setting.SecretKey, - Cookie: setting.CSRFCookieName, - SetCookie: true, - Secure: setting.SessionConfig.Secure, - CookieHttpOnly: setting.CSRFCookieHTTPOnly, - Header: "X-Csrf-Token", - CookieDomain: setting.SessionConfig.Domain, - CookiePath: setting.AppSubURL, - })) - m.Use(toolbox.Toolboxer(m, toolbox.Options{ - HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{ - { - Desc: "Database connection", - Func: models.Ping, - }, + + r.Use(public.Custom( + &public.Options{ + SkipLogging: setting.DisableRouterLog, }, - DisableDebug: !setting.EnablePprof, - })) - m.Use(context.Contexter()) - m.SetAutoHead(true) - return m -} + )) + r.Use(public.Static( + &public.Options{ + Directory: path.Join(setting.StaticRootPath, "public"), + SkipLogging: setting.DisableRouterLog, + }, + )) -// RegisterMacaronInstallRoute registers the install routes -func RegisterMacaronInstallRoute(m *macaron.Macaron) { - m.Combo("/", routers.InstallInit).Get(routers.Install). - Post(binding.BindIgnErr(auth.InstallForm{}), routers.InstallPost) - m.NotFound(func(ctx *context.Context) { - ctx.Redirect(setting.AppURL, 302) + r.Use(storageHandler(setting.Avatar.Storage, "avatars", storage.Avatars)) + r.Use(storageHandler(setting.RepoAvatar.Storage, "repo-avatars", storage.RepoAvatars)) + + gob.Register(&u2f.Challenge{}) + + if setting.EnableGzip { + h, err := gziphandler.GzipHandlerWithOpts(gziphandler.MinSize(GzipMinSize)) + if err != nil { + log.Fatal("GzipHandlerWithOpts failed: %v", err) + } + r.Use(h) + } + + if (setting.Protocol == setting.FCGI || setting.Protocol == setting.FCGIUnix) && setting.AppSubURL != "" { + r.Use(func(next http.Handler) http.Handler { + return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { + req.URL.Path = strings.TrimPrefix(req.URL.Path, setting.AppSubURL) + next.ServeHTTP(resp, req) + }) + }) + } + + mailer.InitMailRender(templates.Mailer()) + + r.Use(captcha.Captchaer(context.GetImageCaptcha())) + // Removed: toolbox.Toolboxer middleware will provide debug informations which seems unnecessary + r.Use(context.Contexter()) + // Removed: SetAutoHead allow a get request redirect to head if get method is not exist + + r.Use(user.GetNotificationCount) + r.Use(repo.GetActiveStopwatch) + r.Use(func(ctx *context.Context) { + ctx.Data["UnitWikiGlobalDisabled"] = models.UnitTypeWiki.UnitGlobalDisabled() + ctx.Data["UnitIssuesGlobalDisabled"] = models.UnitTypeIssues.UnitGlobalDisabled() + ctx.Data["UnitPullsGlobalDisabled"] = models.UnitTypePullRequests.UnitGlobalDisabled() + ctx.Data["UnitProjectsGlobalDisabled"] = models.UnitTypeProjects.UnitGlobalDisabled() }) + + // for health check + r.Head("/", func(w http.ResponseWriter, req *http.Request) { + w.WriteHeader(http.StatusOK) + }) + + if setting.HasRobotsTxt { + r.Get("/robots.txt", func(w http.ResponseWriter, req *http.Request) { + filePath := path.Join(setting.CustomPath, "robots.txt") + fi, err := os.Stat(filePath) + if err == nil && httpcache.HandleTimeCache(req, w, fi) { + return + } + http.ServeFile(w, req, filePath) + }) + } + + r.Get("/apple-touch-icon.png", func(w http.ResponseWriter, req *http.Request) { + http.Redirect(w, req, path.Join(setting.StaticURLPrefix, "img/apple-touch-icon.png"), 301) + }) + + // prometheus metrics endpoint + if setting.Metrics.Enabled { + c := metrics.NewCollector() + prometheus.MustRegister(c) + + r.Get("/metrics", routers.Metrics) + } + + if setting.API.EnableSwagger { + // Note: The route moved from apiroutes because it's in fact want to render a web page + r.Get("/api/swagger", misc.Swagger) // Render V1 by default + } + + RegisterRoutes(r) + + return r } -// RegisterMacaronRoutes routes routes to Macaron -func RegisterMacaronRoutes(m *macaron.Macaron) { +// RegisterRoutes routes routes to Macaron +func RegisterRoutes(m *web.Route) { reqSignIn := context.Toggle(&context.ToggleOptions{SignInRequired: true}) ignSignIn := context.Toggle(&context.ToggleOptions{SignInRequired: setting.Service.RequireSignInView}) ignSignInAndCsrf := context.Toggle(&context.ToggleOptions{DisableCSRF: true}) reqSignOut := context.Toggle(&context.ToggleOptions{SignOutRequired: true}) - bindIgnErr := binding.BindIgnErr + //bindIgnErr := binding.BindIgnErr + bindIgnErr := web.Bind validation.AddBindingRules() openIDSignInEnabled := func(ctx *context.Context) { @@ -175,15 +244,6 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { } } - m.Use(user.GetNotificationCount) - m.Use(repo.GetActiveStopwatch) - m.Use(func(ctx *context.Context) { - ctx.Data["UnitWikiGlobalDisabled"] = models.UnitTypeWiki.UnitGlobalDisabled() - ctx.Data["UnitIssuesGlobalDisabled"] = models.UnitTypeIssues.UnitGlobalDisabled() - ctx.Data["UnitPullsGlobalDisabled"] = models.UnitTypePullRequests.UnitGlobalDisabled() - ctx.Data["UnitProjectsGlobalDisabled"] = models.UnitTypeProjects.UnitGlobalDisabled() - }) - // FIXME: not all routes need go through same middlewares. // Especially some AJAX requests, we can reduce middleware number to improve performance. // Routers. @@ -198,8 +258,6 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Get("/organizations", routers.ExploreOrganizations) m.Get("/code", routers.ExploreCode) }, ignSignIn) - m.Combo("/install", routers.InstallInit).Get(routers.Install). - Post(bindIgnErr(auth.InstallForm{}), routers.InstallPost) m.Get("/issues", reqSignIn, user.Issues) m.Get("/pulls", reqSignIn, user.Pulls) m.Get("/milestones", reqSignIn, reqMilestonesDashboardPageEnabled, user.Milestones) @@ -226,8 +284,8 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Get("/sign_up", user.SignUp) m.Post("/sign_up", bindIgnErr(auth.RegisterForm{}), user.SignUpPost) m.Group("/oauth2", func() { - m.Get("/:provider", user.SignInOAuth) - m.Get("/:provider/callback", user.SignInOAuthCallback) + m.Get("/{provider}", user.SignInOAuth) + m.Get("/{provider}/callback", user.SignInOAuthCallback) }) m.Get("/link_account", user.LinkAccount) m.Post("/link_account_signin", bindIgnErr(auth.SignInForm{}), user.LinkAccountPostSignIn) @@ -261,7 +319,7 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Post("", bindIgnErr(auth.UpdateProfileForm{}), userSetting.ProfilePost) m.Get("/change_password", user.MustChangePassword) m.Post("/change_password", bindIgnErr(auth.MustChangePasswordForm{}), user.MustChangePasswordPost) - m.Post("/avatar", binding.MultipartForm(auth.AvatarForm{}), userSetting.AvatarPost) + m.Post("/avatar", bindIgnErr(auth.AvatarForm{}), userSetting.AvatarPost) m.Post("/avatar/delete", userSetting.DeleteAvatar) m.Group("/account", func() { m.Combo("").Get(userSetting.Account).Post(bindIgnErr(auth.ChangePasswordForm{}), userSetting.AccountPost) @@ -291,9 +349,9 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Post("/account_link", userSetting.DeleteAccountLink) }) m.Group("/applications/oauth2", func() { - m.Get("/:id", userSetting.OAuth2ApplicationShow) - m.Post("/:id", bindIgnErr(auth.EditOAuth2ApplicationForm{}), userSetting.OAuthApplicationsEdit) - m.Post("/:id/regenerate_secret", userSetting.OAuthApplicationsRegenerateSecret) + m.Get("/{id}", userSetting.OAuth2ApplicationShow) + m.Post("/{id}", bindIgnErr(auth.EditOAuth2ApplicationForm{}), userSetting.OAuthApplicationsEdit) + m.Post("/{id}/regenerate_secret", userSetting.OAuthApplicationsRegenerateSecret) m.Post("", bindIgnErr(auth.EditOAuth2ApplicationForm{}), userSetting.OAuthApplicationsPost) m.Post("/delete", userSetting.DeleteOAuth2Application) m.Post("/revoke", userSetting.RevokeOAuth2Grant) @@ -316,18 +374,18 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { // r.Get("/feeds", binding.Bind(auth.FeedsForm{}), user.Feeds) m.Any("/activate", user.Activate, reqSignIn) m.Any("/activate_email", user.ActivateEmail) - m.Get("/avatar/:username/:size", user.Avatar) + m.Get("/avatar/{username}/{size}", user.Avatar) m.Get("/email2user", user.Email2User) m.Get("/recover_account", user.ResetPasswd) m.Post("/recover_account", user.ResetPasswdPost) m.Get("/forgot_password", user.ForgotPasswd) m.Post("/forgot_password", user.ForgotPasswdPost) m.Post("/logout", user.SignOut) - m.Get("/task/:task", user.TaskStatus) + m.Get("/task/{task}", user.TaskStatus) }) // ***** END: User ***** - m.Get("/avatar/:hash", user.AvatarByEmailHash) + m.Get("/avatar/{hash}", user.AvatarByEmailHash) adminReq := context.Toggle(&context.ToggleOptions{SignInRequired: true, AdminRequired: true}) @@ -339,12 +397,12 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Post("/config/test_mail", admin.SendTestMail) m.Group("/monitor", func() { m.Get("", admin.Monitor) - m.Post("/cancel/:pid", admin.MonitorCancel) - m.Group("/queue/:qid", func() { + m.Post("/cancel/{pid}", admin.MonitorCancel) + m.Group("/queue/{qid}", func() { m.Get("", admin.Queue) m.Post("/set", admin.SetQueueSettings) m.Post("/add", admin.AddWorkers) - m.Post("/cancel/:pid", admin.WorkerCancel) + m.Post("/cancel/{pid}", admin.WorkerCancel) m.Post("/flush", admin.Flush) }) }) @@ -352,8 +410,8 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Group("/users", func() { m.Get("", admin.Users) m.Combo("/new").Get(admin.NewUser).Post(bindIgnErr(auth.AdminCreateUserForm{}), admin.NewUserPost) - m.Combo("/:userid").Get(admin.EditUser).Post(bindIgnErr(auth.AdminEditUserForm{}), admin.EditUserPost) - m.Post("/:userid/delete", admin.DeleteUser) + m.Combo("/{userid}").Get(admin.EditUser).Post(bindIgnErr(auth.AdminEditUserForm{}), admin.EditUserPost) + m.Post("/{userid}/delete", admin.DeleteUser) }) m.Group("/emails", func() { @@ -374,20 +432,20 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Group("/hooks", func() { m.Get("", admin.DefaultOrSystemWebhooks) m.Post("/delete", admin.DeleteDefaultOrSystemWebhook) - m.Get("/:id", repo.WebHooksEdit) - m.Post("/gitea/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost) - m.Post("/gogs/:id", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksEditPost) - m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost) - m.Post("/discord/:id", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost) - m.Post("/dingtalk/:id", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost) - m.Post("/telegram/:id", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost) - m.Post("/matrix/:id", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost) - m.Post("/msteams/:id", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost) - m.Post("/feishu/:id", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost) + m.Get("/{id}", repo.WebHooksEdit) + m.Post("/gitea/{id}", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost) + m.Post("/gogs/{id}", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksEditPost) + m.Post("/slack/{id}", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost) + m.Post("/discord/{id}", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost) + m.Post("/dingtalk/{id}", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost) + m.Post("/telegram/{id}", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost) + m.Post("/matrix/{id}", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost) + m.Post("/msteams/{id}", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost) + m.Post("/feishu/{id}", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost) }) - m.Group("/^:configType(default-hooks|system-hooks)$", func() { - m.Get("/:type/new", repo.WebhooksNew) + m.Group("/{configType:default-hooks|system-hooks}", func() { + m.Get("/{type}/new", repo.WebhooksNew) m.Post("/gitea/new", bindIgnErr(auth.NewWebhookForm{}), repo.GiteaHooksNewPost) m.Post("/gogs/new", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksNewPost) m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost) @@ -402,9 +460,9 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Group("/auths", func() { m.Get("", admin.Authentications) m.Combo("/new").Get(admin.NewAuthSource).Post(bindIgnErr(auth.AuthenticationForm{}), admin.NewAuthSourcePost) - m.Combo("/:authid").Get(admin.EditAuthSource). + m.Combo("/{authid}").Get(admin.EditAuthSource). Post(bindIgnErr(auth.AuthenticationForm{}), admin.EditAuthSourcePost) - m.Post("/:authid/delete", admin.DeleteAuthSource) + m.Post("/{authid}/delete", admin.DeleteAuthSource) }) m.Group("/notices", func() { @@ -416,15 +474,15 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { // ***** END: Admin ***** m.Group("", func() { - m.Get("/:username", user.Profile) - m.Get("/attachments/:uuid", repo.GetAttachment) + m.Get("/{username}", user.Profile) + m.Get("/attachments/{uuid}", repo.GetAttachment) }, ignSignIn) - m.Group("/:username", func() { - m.Post("/action/:action", user.Action) + m.Group("/{username}", func() { + m.Post("/action/{action}", user.Action) }, reqSignIn) - if macaron.Env == macaron.DEV { + if !setting.IsProd() { m.Get("/template/*", dev.TemplatePreview) } @@ -449,44 +507,44 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Post("/create", bindIgnErr(auth.CreateOrgForm{}), org.CreatePost) }) - m.Group("/:org", func() { + m.Group("/{org}", func() { m.Get("/dashboard", user.Dashboard) - m.Get("/dashboard/:team", user.Dashboard) + m.Get("/dashboard/{team}", user.Dashboard) m.Get("/issues", user.Issues) - m.Get("/issues/:team", user.Issues) + m.Get("/issues/{team}", user.Issues) m.Get("/pulls", user.Pulls) - m.Get("/pulls/:team", user.Pulls) + m.Get("/pulls/{team}", user.Pulls) m.Get("/milestones", reqMilestonesDashboardPageEnabled, user.Milestones) - m.Get("/milestones/:team", reqMilestonesDashboardPageEnabled, user.Milestones) + m.Get("/milestones/{team}", reqMilestonesDashboardPageEnabled, user.Milestones) m.Get("/members", org.Members) - m.Post("/members/action/:action", org.MembersAction) + m.Post("/members/action/{action}", org.MembersAction) m.Get("/teams", org.Teams) }, context.OrgAssignment(true, false, true)) - m.Group("/:org", func() { - m.Get("/teams/:team", org.TeamMembers) - m.Get("/teams/:team/repositories", org.TeamRepositories) - m.Post("/teams/:team/action/:action", org.TeamsAction) - m.Post("/teams/:team/action/repo/:action", org.TeamsRepoAction) + m.Group("/{org}", func() { + m.Get("/teams/{team}", org.TeamMembers) + m.Get("/teams/{team}/repositories", org.TeamRepositories) + m.Post("/teams/{team}/action/{action}", org.TeamsAction) + m.Post("/teams/{team}/action/repo/{action}", org.TeamsRepoAction) }, context.OrgAssignment(true, false, true)) - m.Group("/:org", func() { + m.Group("/{org}", func() { m.Get("/teams/new", org.NewTeam) m.Post("/teams/new", bindIgnErr(auth.CreateTeamForm{}), org.NewTeamPost) - m.Get("/teams/:team/edit", org.EditTeam) - m.Post("/teams/:team/edit", bindIgnErr(auth.CreateTeamForm{}), org.EditTeamPost) - m.Post("/teams/:team/delete", org.DeleteTeam) + m.Get("/teams/{team}/edit", org.EditTeam) + m.Post("/teams/{team}/edit", bindIgnErr(auth.CreateTeamForm{}), org.EditTeamPost) + m.Post("/teams/{team}/delete", org.DeleteTeam) m.Group("/settings", func() { m.Combo("").Get(org.Settings). Post(bindIgnErr(auth.UpdateOrgSettingForm{}), org.SettingsPost) - m.Post("/avatar", binding.MultipartForm(auth.AvatarForm{}), org.SettingsAvatar) + m.Post("/avatar", bindIgnErr(auth.AvatarForm{}), org.SettingsAvatar) m.Post("/avatar/delete", org.SettingsDeleteAvatar) m.Group("/hooks", func() { m.Get("", org.Webhooks) m.Post("/delete", org.DeleteWebhook) - m.Get("/:type/new", repo.WebhooksNew) + m.Get("/{type}/new", repo.WebhooksNew) m.Post("/gitea/new", bindIgnErr(auth.NewWebhookForm{}), repo.GiteaHooksNewPost) m.Post("/gogs/new", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksNewPost) m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost) @@ -496,16 +554,16 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Post("/matrix/new", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksNewPost) m.Post("/msteams/new", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksNewPost) m.Post("/feishu/new", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksNewPost) - m.Get("/:id", repo.WebHooksEdit) - m.Post("/gitea/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost) - m.Post("/gogs/:id", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksEditPost) - m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost) - m.Post("/discord/:id", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost) - m.Post("/dingtalk/:id", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost) - m.Post("/telegram/:id", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost) - m.Post("/matrix/:id", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost) - m.Post("/msteams/:id", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost) - m.Post("/feishu/:id", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost) + m.Get("/{id}", repo.WebHooksEdit) + m.Post("/gitea/{id}", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost) + m.Post("/gogs/{id}", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksEditPost) + m.Post("/slack/{id}", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost) + m.Post("/discord/{id}", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost) + m.Post("/dingtalk/{id}", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost) + m.Post("/telegram/{id}", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost) + m.Post("/matrix/{id}", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost) + m.Post("/msteams/{id}", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost) + m.Post("/feishu/{id}", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost) }) m.Group("/labels", func() { @@ -529,19 +587,19 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Get("/migrate", repo.Migrate) m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), repo.MigratePost) m.Group("/fork", func() { - m.Combo("/:repoid").Get(repo.Fork). + m.Combo("/{repoid}").Get(repo.Fork). Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost) }, context.RepoIDAssignment(), context.UnitTypes(), reqRepoCodeReader) }, reqSignIn) // ***** Release Attachment Download without Signin - m.Get("/:username/:reponame/releases/download/:vTag/:fileName", ignSignIn, context.RepoAssignment(), repo.MustBeNotEmpty, repo.RedirectDownload) + m.Get("/{username}/{reponame}/releases/download/{vTag}/{fileName}", ignSignIn, context.RepoAssignment(), repo.MustBeNotEmpty, repo.RedirectDownload) - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Group("/settings", func() { m.Combo("").Get(repo.Settings). Post(bindIgnErr(auth.RepoSettingForm{}), repo.SettingsPost) - m.Post("/avatar", binding.MultipartForm(auth.AvatarForm{}), repo.SettingsAvatar) + m.Post("/avatar", bindIgnErr(auth.AvatarForm{}), repo.SettingsAvatar) m.Post("/avatar/delete", repo.SettingsDeleteAvatar) m.Group("/collaboration", func() { @@ -562,7 +620,7 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Group("/hooks", func() { m.Get("", repo.Webhooks) m.Post("/delete", repo.DeleteWebhook) - m.Get("/:type/new", repo.WebhooksNew) + m.Get("/{type}/new", repo.WebhooksNew) m.Post("/gitea/new", bindIgnErr(auth.NewWebhookForm{}), repo.GiteaHooksNewPost) m.Post("/gogs/new", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksNewPost) m.Post("/slack/new", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksNewPost) @@ -572,21 +630,21 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Post("/matrix/new", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksNewPost) m.Post("/msteams/new", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksNewPost) m.Post("/feishu/new", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksNewPost) - m.Get("/:id", repo.WebHooksEdit) - m.Post("/:id/test", repo.TestWebhook) - m.Post("/gitea/:id", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost) - m.Post("/gogs/:id", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksEditPost) - m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost) - m.Post("/discord/:id", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost) - m.Post("/dingtalk/:id", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost) - m.Post("/telegram/:id", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost) - m.Post("/matrix/:id", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost) - m.Post("/msteams/:id", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost) - m.Post("/feishu/:id", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost) + m.Get("/{id}", repo.WebHooksEdit) + m.Post("/{id}/test", repo.TestWebhook) + m.Post("/gitea/{id}", bindIgnErr(auth.NewWebhookForm{}), repo.WebHooksEditPost) + m.Post("/gogs/{id}", bindIgnErr(auth.NewGogshookForm{}), repo.GogsHooksEditPost) + m.Post("/slack/{id}", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost) + m.Post("/discord/{id}", bindIgnErr(auth.NewDiscordHookForm{}), repo.DiscordHooksEditPost) + m.Post("/dingtalk/{id}", bindIgnErr(auth.NewDingtalkHookForm{}), repo.DingtalkHooksEditPost) + m.Post("/telegram/{id}", bindIgnErr(auth.NewTelegramHookForm{}), repo.TelegramHooksEditPost) + m.Post("/matrix/{id}", bindIgnErr(auth.NewMatrixHookForm{}), repo.MatrixHooksEditPost) + m.Post("/msteams/{id}", bindIgnErr(auth.NewMSTeamsHookForm{}), repo.MSTeamsHooksEditPost) + m.Post("/feishu/{id}", bindIgnErr(auth.NewFeishuHookForm{}), repo.FeishuHooksEditPost) m.Group("/git", func() { m.Get("", repo.GitHooks) - m.Combo("/:name").Get(repo.GitHooksEdit). + m.Combo("/{name}").Get(repo.GitHooksEdit). Post(repo.GitHooksEditPost) }, context.GitHookService()) }) @@ -598,16 +656,16 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { }) m.Group("/lfs", func() { - m.Get("", repo.LFSFiles) - m.Get("/show/:oid", repo.LFSFileGet) - m.Post("/delete/:oid", repo.LFSDelete) + m.Get("/", repo.LFSFiles) + m.Get("/show/{oid}", repo.LFSFileGet) + m.Post("/delete/{oid}", repo.LFSDelete) m.Get("/pointers", repo.LFSPointerFiles) m.Post("/pointers/associate", repo.LFSAutoAssociate) m.Get("/find", repo.LFSFileFind) m.Group("/locks", func() { m.Get("/", repo.LFSLocks) m.Post("/", repo.LFSLockFile) - m.Post("/:lid/unlock", repo.LFSUnlock) + m.Post("/{lid}/unlock", repo.LFSUnlock) }) }) @@ -617,12 +675,12 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { }) }, reqSignIn, context.RepoAssignment(), context.UnitTypes(), reqRepoAdmin, context.RepoRef()) - m.Post("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action) + m.Post("/{username}/{reponame}/action/{action}", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action) // Grouping for those endpoints not requiring authentication - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Group("/milestone", func() { - m.Get("/:id", repo.MilestoneIssuesAndPulls) + m.Get("/{id}", repo.MilestoneIssuesAndPulls) }, reqRepoIssuesOrPullsReader, context.RepoRef()) m.Combo("/compare/*", repo.MustBeNotEmpty, reqRepoCodeReader, repo.SetEditorconfigIfExists). Get(ignSignIn, repo.SetDiffViewStyle, repo.CompareDiff). @@ -630,7 +688,7 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { }, context.RepoAssignment(), context.UnitTypes()) // Grouping for those endpoints that do require authentication - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Group("/issues", func() { m.Group("/new", func() { m.Combo("").Get(context.RepoRef(), repo.NewIssue). @@ -641,7 +699,7 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { // FIXME: should use different URLs but mostly same logic for comments of issue and pull reuqest. // So they can apply their own enable/disable logic on routers. m.Group("/issues", func() { - m.Group("/:index", func() { + m.Group("/{index}", func() { m.Post("/title", repo.UpdateIssueTitle) m.Post("/content", repo.UpdateIssueContent) m.Post("/watch", repo.IssueWatch) @@ -658,13 +716,13 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Post("/cancel", repo.CancelStopwatch) }) }) - m.Post("/reactions/:action", bindIgnErr(auth.ReactionForm{}), repo.ChangeIssueReaction) + m.Post("/reactions/{action}", bindIgnErr(auth.ReactionForm{}), repo.ChangeIssueReaction) m.Post("/lock", reqRepoIssueWriter, bindIgnErr(auth.IssueLockForm{}), repo.LockIssue) m.Post("/unlock", reqRepoIssueWriter, repo.UnlockIssue) }, context.RepoMustNotBeArchived()) - m.Group("/:index", func() { + m.Group("/{index}", func() { m.Get("/attachments", repo.GetIssueAttachments) - m.Get("/attachments/:uuid", repo.GetAttachment) + m.Get("/attachments/{uuid}", repo.GetAttachment) }) m.Post("/labels", reqRepoIssuesOrPullsWriter, repo.UpdateIssueLabel) @@ -677,12 +735,12 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Post("/attachments", repo.UploadIssueAttachment) m.Post("/attachments/remove", repo.DeleteAttachment) }, context.RepoMustNotBeArchived()) - m.Group("/comments/:id", func() { + m.Group("/comments/{id}", func() { m.Post("", repo.UpdateCommentContent) m.Post("/delete", repo.DeleteComment) - m.Post("/reactions/:action", bindIgnErr(auth.ReactionForm{}), repo.ChangeCommentReaction) + m.Post("/reactions/{action}", bindIgnErr(auth.ReactionForm{}), repo.ChangeCommentReaction) }, context.RepoMustNotBeArchived()) - m.Group("/comments/:id", func() { + m.Group("/comments/{id}", func() { m.Get("/attachments", repo.GetCommentAttachments) }) m.Group("/labels", func() { @@ -694,13 +752,13 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Group("/milestones", func() { m.Combo("/new").Get(repo.NewMilestone). Post(bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost) - m.Get("/:id/edit", repo.EditMilestone) - m.Post("/:id/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost) - m.Post("/:id/:action", repo.ChangeMilestoneStatus) + m.Get("/{id}/edit", repo.EditMilestone) + m.Post("/{id}/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost) + m.Post("/{id}/{action}", repo.ChangeMilestoneStatus) m.Post("/delete", repo.DeleteMilestone) }, context.RepoMustNotBeArchived(), reqRepoIssuesOrPullsWriter, context.RepoRef()) m.Group("/pull", func() { - m.Post("/:index/target_branch", repo.UpdatePullRequestTarget) + m.Post("/{index}/target_branch", repo.UpdatePullRequestTarget) }, context.RepoMustNotBeArchived()) m.Group("", func() { @@ -723,7 +781,7 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { }, context.RepoMustNotBeArchived(), reqRepoCodeWriter, repo.MustBeNotEmpty) m.Group("/branches", func() { - m.Group("/_new/", func() { + m.Group("/_new", func() { m.Post("/branch/*", context.RepoRefByType(context.RepoRefBranch), repo.CreateBranch) m.Post("/tag/*", context.RepoRefByType(context.RepoRefTag), repo.CreateBranch) m.Post("/commit/*", context.RepoRefByType(context.RepoRefCommit), repo.CreateBranch) @@ -735,14 +793,14 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { }, reqSignIn, context.RepoAssignment(), context.UnitTypes()) // Releases - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Get("/tags", repo.TagsList, repo.MustBeNotEmpty, reqRepoCodeReader, context.RepoRefByType(context.RepoRefTag)) m.Group("/releases", func() { m.Get("/", repo.Releases) m.Get("/tag/*", repo.SingleRelease) m.Get("/latest", repo.LatestRelease) - m.Get("/attachments/:uuid", repo.GetAttachment) + m.Get("/attachments/{uuid}", repo.GetAttachment) }, repo.MustBeNotEmpty, reqRepoReleaseReader, context.RepoRefByType(context.RepoRefTag)) m.Group("/releases", func() { m.Get("/new", repo.NewRelease) @@ -772,56 +830,57 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { }) }, ignSignIn, context.RepoAssignment(), context.UnitTypes(), reqRepoReleaseReader) - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Post("/topics", repo.TopicsPost) }, context.RepoAssignment(), context.RepoMustNotBeArchived(), reqRepoAdmin) - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Group("", func() { - m.Get("/^:type(issues|pulls)$", repo.Issues) - m.Get("/^:type(issues|pulls)$/:index", repo.ViewIssue) - m.Get("/labels/", reqRepoIssuesOrPullsReader, repo.RetrieveLabels, repo.Labels) + m.Get("/{type:issues|pulls}", repo.Issues) + m.Get("/{type:issues|pulls}/{index}", repo.ViewIssue) + m.Get("/labels", reqRepoIssuesOrPullsReader, repo.RetrieveLabels, repo.Labels) m.Get("/milestones", reqRepoIssuesOrPullsReader, repo.Milestones) }, context.RepoRef()) m.Group("/projects", func() { m.Get("", repo.Projects) - m.Get("/:id", repo.ViewProject) + m.Get("/{id}", repo.ViewProject) m.Group("", func() { m.Get("/new", repo.NewProject) m.Post("/new", bindIgnErr(auth.CreateProjectForm{}), repo.NewProjectPost) - m.Group("/:id", func() { + m.Group("/{id}", func() { m.Post("", bindIgnErr(auth.EditProjectBoardTitleForm{}), repo.AddBoardToProjectPost) m.Post("/delete", repo.DeleteProject) m.Get("/edit", repo.EditProject) m.Post("/edit", bindIgnErr(auth.CreateProjectForm{}), repo.EditProjectPost) - m.Post("/^:action(open|close)$", repo.ChangeProjectStatus) + m.Post("/{action:open|close}", repo.ChangeProjectStatus) - m.Group("/:boardID", func() { + m.Group("/{boardID}", func() { m.Put("", bindIgnErr(auth.EditProjectBoardTitleForm{}), repo.EditProjectBoardTitle) m.Delete("", repo.DeleteProjectBoard) m.Post("/default", repo.SetDefaultProjectBoard) - m.Post("/:index", repo.MoveIssueAcrossBoards) + m.Post("/{index}", repo.MoveIssueAcrossBoards) }) }) }, reqRepoProjectsWriter, context.RepoMustNotBeArchived()) }, reqRepoProjectsReader, repo.MustEnableProjects) m.Group("/wiki", func() { - m.Get("/?:page", repo.Wiki) + m.Get("/", repo.Wiki) + m.Get("/{page}", repo.Wiki) m.Get("/_pages", repo.WikiPages) - m.Get("/:page/_revision", repo.WikiRevision) - m.Get("/commit/:sha([a-f0-9]{7,40})$", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.Diff) - m.Get("/commit/:sha([a-f0-9]{7,40})\\.:ext(patch|diff)", repo.RawDiff) + m.Get("/{page}/_revision", repo.WikiRevision) + m.Get("/commit/{sha:[a-f0-9]{7,40}}", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.Diff) + m.Get("/commit/{sha:[a-f0-9]{7,40}}.{:patch|diff}", repo.RawDiff) m.Group("", func() { m.Combo("/_new").Get(repo.NewWiki). Post(bindIgnErr(auth.NewWikiForm{}), repo.NewWikiPost) - m.Combo("/:page/_edit").Get(repo.EditWiki). + m.Combo("/{page}/_edit").Get(repo.EditWiki). Post(bindIgnErr(auth.NewWikiForm{}), repo.EditWikiPost) - m.Post("/:page/delete", repo.DeleteWikiPagePost) + m.Post("/{page}/delete", repo.DeleteWikiPagePost) }, context.RepoMustNotBeArchived(), reqSignIn, reqRepoWikiWriter) }, repo.MustEnableWiki, context.RepoRef(), func(ctx *context.Context) { ctx.Data["PageIsWiki"] = true @@ -833,12 +892,12 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Group("/activity", func() { m.Get("", repo.Activity) - m.Get("/:period", repo.Activity) + m.Get("/{period}", repo.Activity) }, context.RepoRef(), repo.MustBeNotEmpty, context.RequireRepoReaderOr(models.UnitTypePullRequests, models.UnitTypeIssues, models.UnitTypeReleases)) m.Group("/activity_author_data", func() { m.Get("", repo.ActivityAuthors) - m.Get("/:period", repo.ActivityAuthors) + m.Get("/{period}", repo.ActivityAuthors) }, context.RepoRef(), repo.MustBeNotEmpty, context.RequireRepoReaderOr(models.UnitTypeCode)) m.Group("/archive", func() { @@ -851,10 +910,10 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { }, repo.MustBeNotEmpty, context.RepoRef(), reqRepoCodeReader) m.Group("/blob_excerpt", func() { - m.Get("/:sha", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.ExcerptBlob) + m.Get("/{sha}", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.ExcerptBlob) }, repo.MustBeNotEmpty, context.RepoRef(), reqRepoCodeReader) - m.Group("/pulls/:index", func() { + m.Group("/pulls/{index}", func() { m.Get(".diff", repo.DownloadPullDiff) m.Get(".patch", repo.DownloadPullPatch) m.Get("/commits", context.RepoRef(), repo.ViewPullCommits) @@ -875,7 +934,7 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Get("/branch/*", context.RepoRefByType(context.RepoRefBranch), repo.SingleDownloadOrLFS) m.Get("/tag/*", context.RepoRefByType(context.RepoRefTag), repo.SingleDownloadOrLFS) m.Get("/commit/*", context.RepoRefByType(context.RepoRefCommit), repo.SingleDownloadOrLFS) - m.Get("/blob/:sha", context.RepoRefByType(context.RepoRefBlob), repo.DownloadByIDOrLFS) + m.Get("/blob/{sha}", context.RepoRefByType(context.RepoRefBlob), repo.DownloadByIDOrLFS) // "/*" route is deprecated, and kept for backward compatibility m.Get("/*", context.RepoRefByType(context.RepoRefLegacy), repo.SingleDownloadOrLFS) }, repo.MustBeNotEmpty, reqRepoCodeReader) @@ -884,7 +943,7 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Get("/branch/*", context.RepoRefByType(context.RepoRefBranch), repo.SingleDownload) m.Get("/tag/*", context.RepoRefByType(context.RepoRefTag), repo.SingleDownload) m.Get("/commit/*", context.RepoRefByType(context.RepoRefCommit), repo.SingleDownload) - m.Get("/blob/:sha", context.RepoRefByType(context.RepoRefBlob), repo.DownloadByID) + m.Get("/blob/{sha}", context.RepoRefByType(context.RepoRefBlob), repo.DownloadByID) // "/*" route is deprecated, and kept for backward compatibility m.Get("/*", context.RepoRefByType(context.RepoRefLegacy), repo.SingleDownload) }, repo.MustBeNotEmpty, reqRepoCodeReader) @@ -905,7 +964,7 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Group("", func() { m.Get("/graph", repo.Graph) - m.Get("/commit/:sha([a-f0-9]{7,40})$", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.Diff) + m.Get("/commit/{sha:([a-f0-9]{7,40})$}", repo.SetEditorconfigIfExists, repo.SetDiffViewStyle, repo.Diff) }, repo.MustBeNotEmpty, context.RepoRef(), reqRepoCodeReader) m.Group("/src", func() { @@ -919,39 +978,52 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { m.Group("", func() { m.Get("/forks", repo.Forks) }, context.RepoRef(), reqRepoCodeReader) - m.Get("/commit/:sha([a-f0-9]{7,40})\\.:ext(patch|diff)", + m.Get("/commit/{sha:([a-f0-9]{7,40})}.{ext:patch|diff}", repo.MustBeNotEmpty, reqRepoCodeReader, repo.RawDiff) }, ignSignIn, context.RepoAssignment(), context.UnitTypes()) - m.Group("/:username/:reponame", func() { + m.Group("/{username}/{reponame}", func() { m.Get("/stars", repo.Stars) m.Get("/watchers", repo.Watchers) m.Get("/search", reqRepoCodeReader, repo.Search) }, ignSignIn, context.RepoAssignment(), context.RepoRef(), context.UnitTypes()) - m.Group("/:username", func() { - m.Group("/:reponame", func() { + m.Group("/{username}", func() { + m.Group("/{reponame}", func() { m.Get("", repo.SetEditorconfigIfExists, repo.Home) - m.Get("\\.git$", repo.SetEditorconfigIfExists, repo.Home) }, ignSignIn, context.RepoAssignment(), context.RepoRef(), context.UnitTypes()) - m.Group("/:reponame", func() { - m.Group("\\.git/info/lfs", func() { + m.Group("/{reponame}", func() { + m.Group("/info/lfs", func() { m.Post("/objects/batch", lfs.BatchHandler) - m.Get("/objects/:oid/:filename", lfs.ObjectOidHandler) - m.Any("/objects/:oid", lfs.ObjectOidHandler) + m.Get("/objects/{oid}/{filename}", lfs.ObjectOidHandler) + m.Any("/objects/{oid}", lfs.ObjectOidHandler) m.Post("/objects", lfs.PostHandler) m.Post("/verify", lfs.VerifyHandler) m.Group("/locks", func() { m.Get("/", lfs.GetListLockHandler) m.Post("/", lfs.PostLockHandler) m.Post("/verify", lfs.VerifyLockHandler) - m.Post("/:lid/unlock", lfs.UnLockHandler) + m.Post("/{lid}/unlock", lfs.UnLockHandler) }) m.Any("/*", func(ctx *context.Context) { ctx.NotFound("", nil) }) }, ignSignInAndCsrf) - m.Any("/*", ignSignInAndCsrf, repo.HTTP) + + m.Group("", func() { + m.Post("/git-upload-pack", repo.ServiceUploadPack) + m.Post("/git-receive-pack", repo.ServiceReceivePack) + m.Get("/info/refs", repo.GetInfoRefs) + m.Get("/HEAD", repo.GetTextFile("HEAD")) + m.Get("/objects/info/alternates", repo.GetTextFile("objects/info/alternates")) + m.Get("/objects/info/http-alternates", repo.GetTextFile("objects/info/http-alternates")) + m.Get("/objects/info/packs", repo.GetInfoPacks) + m.Get("/objects/info/{file:[^/]*}", repo.GetTextFile("")) + m.Get("/objects/{head:[0-9a-f]{2}}/{hash:[0-9a-f]{38}}", repo.GetLooseObject) + m.Get("/objects/pack/pack-{file:[0-9a-f]{40}}.pack", repo.GetPackFile) + m.Get("/objects/pack/pack-{file:[0-9a-f]{40}}.idx", repo.GetIdxFile) + }, ignSignInAndCsrf) + m.Head("/tasks/trigger", repo.TriggerTask) }) }) @@ -964,30 +1036,9 @@ func RegisterMacaronRoutes(m *macaron.Macaron) { }, reqSignIn) if setting.API.EnableSwagger { - m.Get("/swagger.v1.json", templates.JSONRenderer(), routers.SwaggerV1Json) + m.Get("/swagger.v1.json", routers.SwaggerV1Json) } - var handlers []macaron.Handler - if setting.CORSConfig.Enabled { - handlers = append(handlers, cors.CORS(cors.Options{ - Scheme: setting.CORSConfig.Scheme, - AllowDomain: setting.CORSConfig.AllowDomain, - AllowSubdomain: setting.CORSConfig.AllowSubdomain, - Methods: setting.CORSConfig.Methods, - MaxAgeSeconds: int(setting.CORSConfig.MaxAge.Seconds()), - AllowCredentials: setting.CORSConfig.AllowCredentials, - })) - } - handlers = append(handlers, ignSignIn) - m.Group("/api", func() { - apiv1.RegisterRoutes(m) - }, handlers...) - - m.Group("/api/internal", func() { - // package name internal is ideal but Golang is not allowed, so we use private as package name. - private.RegisterRoutes(m) - }) - // Not found handler. - m.NotFound(routers.NotFound) + m.NotFound(web.Wrap(routers.NotFound)) } diff --git a/routers/swagger_json.go b/routers/swagger_json.go index 58c4ec50d9..3ff1674f04 100644 --- a/routers/swagger_json.go +++ b/routers/swagger_json.go @@ -7,6 +7,7 @@ package routers import ( "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + "code.gitea.io/gitea/modules/log" ) // tplSwaggerV1Json swagger v1 json template @@ -14,5 +15,10 @@ const tplSwaggerV1Json base.TplName = "swagger/v1_json" // SwaggerV1Json render swagger v1 json func SwaggerV1Json(ctx *context.Context) { - ctx.HTML(200, tplSwaggerV1Json) + t := ctx.Render.TemplateLookup(string(tplSwaggerV1Json)) + ctx.Resp.Header().Set("Content-Type", "application/json") + if err := t.Execute(ctx.Resp, ctx.Data); err != nil { + log.Error("%v", err) + ctx.Error(500) + } } diff --git a/routers/user/auth.go b/routers/user/auth.go index bce801847d..909d0a2ee5 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -12,22 +12,22 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/auth/oauth2" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/eventsource" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/hcaptcha" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/password" "code.gitea.io/gitea/modules/recaptcha" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/utils" "code.gitea.io/gitea/services/externalaccount" "code.gitea.io/gitea/services/mailer" - "gitea.com/macaron/captcha" "github.com/markbates/goth" "github.com/tstranex/u2f" ) @@ -149,7 +149,7 @@ func SignIn(ctx *context.Context) { } // SignInPost response for sign in request -func SignInPost(ctx *context.Context, form auth.SignInForm) { +func SignInPost(ctx *context.Context) { ctx.Data["Title"] = ctx.Tr("sign_in") orderedOAuth2Names, oauth2Providers, err := models.GetActiveOAuth2Providers() @@ -170,6 +170,7 @@ func SignInPost(ctx *context.Context, form auth.SignInForm) { return } + form := web.GetForm(ctx).(*auth.SignInForm) u, err := models.UserSignIn(form.UserName, form.Password) if err != nil { if models.IsErrUserNotExist(err) { @@ -250,7 +251,8 @@ func TwoFactor(ctx *context.Context) { } // TwoFactorPost validates a user's two-factor authentication token. -func TwoFactorPost(ctx *context.Context, form auth.TwoFactorAuthForm) { +func TwoFactorPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.TwoFactorAuthForm) ctx.Data["Title"] = ctx.Tr("twofa") // Ensure user is in a 2FA session. @@ -328,7 +330,8 @@ func TwoFactorScratch(ctx *context.Context) { } // TwoFactorScratchPost validates and invalidates a user's two-factor scratch token. -func TwoFactorScratchPost(ctx *context.Context, form auth.TwoFactorScratchAuthForm) { +func TwoFactorScratchPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.TwoFactorScratchAuthForm) ctx.Data["Title"] = ctx.Tr("twofa_scratch") // Ensure user is in a 2FA session. @@ -427,7 +430,8 @@ func U2FChallenge(ctx *context.Context) { } // U2FSign authenticates the user by signResp -func U2FSign(ctx *context.Context, signResp u2f.SignResponse) { +func U2FSign(ctx *context.Context) { + signResp := web.GetForm(ctx).(*u2f.SignResponse) challSess := ctx.Session.Get("u2fChallenge") idSess := ctx.Session.Get("twofaUid") if challSess == nil || idSess == nil { @@ -447,7 +451,7 @@ func U2FSign(ctx *context.Context, signResp u2f.SignResponse) { log.Fatal("parsing u2f registration: %v", err) continue } - newCounter, authErr := r.Authenticate(signResp, *challenge, reg.Counter) + newCounter, authErr := r.Authenticate(*signResp, *challenge, reg.Counter) if authErr == nil { reg.Counter = newCounter user, err := models.GetUserByID(id) @@ -563,20 +567,20 @@ func SignInOAuth(ctx *context.Context) { } // try to do a direct callback flow, so we don't authenticate the user again but use the valid accesstoken to get the user - user, gothUser, err := oAuth2UserLoginCallback(loginSource, ctx.Req.Request, ctx.Resp) + user, gothUser, err := oAuth2UserLoginCallback(loginSource, ctx.Req, ctx.Resp) if err == nil && user != nil { // we got the user without going through the whole OAuth2 authentication flow again handleOAuth2SignIn(user, gothUser, ctx, err) return } - if err = oauth2.Auth(loginSource.Name, ctx.Req.Request, ctx.Resp); err != nil { + if err = oauth2.Auth(loginSource.Name, ctx.Req, ctx.Resp); err != nil { if strings.Contains(err.Error(), "no provider for ") { if err = models.ResetOAuth2(); err != nil { ctx.ServerError("SignIn", err) return } - if err = oauth2.Auth(loginSource.Name, ctx.Req.Request, ctx.Resp); err != nil { + if err = oauth2.Auth(loginSource.Name, ctx.Req, ctx.Resp); err != nil { ctx.ServerError("SignIn", err) } return @@ -602,7 +606,7 @@ func SignInOAuthCallback(ctx *context.Context) { return } - u, gothUser, err := oAuth2UserLoginCallback(loginSource, ctx.Req.Request, ctx.Resp) + u, gothUser, err := oAuth2UserLoginCallback(loginSource, ctx.Req, ctx.Resp) handleOAuth2SignIn(u, gothUser, ctx, err) } @@ -788,7 +792,8 @@ func LinkAccount(ctx *context.Context) { } // LinkAccountPostSignIn handle the coupling of external account with another account using signIn -func LinkAccountPostSignIn(ctx *context.Context, signInForm auth.SignInForm) { +func LinkAccountPostSignIn(ctx *context.Context) { + signInForm := web.GetForm(ctx).(*auth.SignInForm) ctx.Data["DisablePassword"] = !setting.Service.RequireExternalRegistrationPassword || setting.Service.AllowOnlyExternalRegistration ctx.Data["Title"] = ctx.Tr("link_account") ctx.Data["LinkAccountMode"] = true @@ -870,7 +875,8 @@ func LinkAccountPostSignIn(ctx *context.Context, signInForm auth.SignInForm) { } // LinkAccountPostRegister handle the creation of a new account for an external account using signUp -func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterForm) { +func LinkAccountPostRegister(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.RegisterForm) // TODO Make insecure passwords optional for local accounts also, // once email-based Second-Factor Auth is available ctx.Data["DisablePassword"] = !setting.Service.RequireExternalRegistrationPassword || setting.Service.AllowOnlyExternalRegistration @@ -909,7 +915,7 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au var err error switch setting.Service.CaptchaType { case setting.ImageCaptcha: - valid = cpt.VerifyReq(ctx.Req) + valid = context.GetImageCaptcha().VerifyReq(ctx.Req) case setting.ReCaptcha: valid, err = recaptcha.Verify(ctx.Req.Context(), form.GRecaptchaResponse) case setting.HCaptcha: @@ -1029,7 +1035,7 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au // HandleSignOut resets the session and sets the cookies func HandleSignOut(ctx *context.Context) { _ = ctx.Session.Flush() - _ = ctx.Session.Destroy(ctx.Context) + _ = ctx.Session.Destroy(ctx.Resp, ctx.Req) ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true) ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true) ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, setting.SessionConfig.Domain, setting.SessionConfig.Secure, true) @@ -1069,7 +1075,8 @@ func SignUp(ctx *context.Context) { } // SignUpPost response for sign up information submission -func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterForm) { +func SignUpPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.RegisterForm) ctx.Data["Title"] = ctx.Tr("sign_up") ctx.Data["SignUpLink"] = setting.AppSubURL + "/user/sign_up" @@ -1097,7 +1104,7 @@ func SignUpPost(ctx *context.Context, cpt *captcha.Captcha, form auth.RegisterFo var err error switch setting.Service.CaptchaType { case setting.ImageCaptcha: - valid = cpt.VerifyReq(ctx.Req) + valid = context.GetImageCaptcha().VerifyReq(ctx.Req) case setting.ReCaptcha: valid, err = recaptcha.Verify(ctx.Req.Context(), form.GRecaptchaResponse) case setting.HCaptcha: @@ -1562,7 +1569,8 @@ func MustChangePassword(ctx *context.Context) { // MustChangePasswordPost response for updating a user's password after his/her // account was created by an admin -func MustChangePasswordPost(ctx *context.Context, cpt *captcha.Captcha, form auth.MustChangePasswordForm) { +func MustChangePasswordPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.MustChangePasswordForm) ctx.Data["Title"] = ctx.Tr("auth.must_change_password") ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/settings/change_password" if ctx.HasError() { diff --git a/routers/user/auth_openid.go b/routers/user/auth_openid.go index 39e75f202d..1efcc7eda8 100644 --- a/routers/user/auth_openid.go +++ b/routers/user/auth_openid.go @@ -9,19 +9,18 @@ import ( "net/url" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/auth/openid" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/generate" "code.gitea.io/gitea/modules/hcaptcha" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/recaptcha" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/services/mailer" - - "gitea.com/macaron/captcha" ) const ( @@ -90,7 +89,8 @@ func allowedOpenIDURI(uri string) (err error) { } // SignInOpenIDPost response for openid sign in request -func SignInOpenIDPost(ctx *context.Context, form auth.SignInOpenIDForm) { +func SignInOpenIDPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.SignInOpenIDForm) ctx.Data["Title"] = ctx.Tr("sign_in") ctx.Data["PageIsSignIn"] = true ctx.Data["PageIsLoginOpenID"] = true @@ -143,9 +143,9 @@ func SignInOpenIDPost(ctx *context.Context, form auth.SignInOpenIDForm) { // signInOpenIDVerify handles response from OpenID provider func signInOpenIDVerify(ctx *context.Context) { - log.Trace("Incoming call to: " + ctx.Req.Request.URL.String()) + log.Trace("Incoming call to: " + ctx.Req.URL.String()) - fullURL := setting.AppURL + ctx.Req.Request.URL.String()[1:] + fullURL := setting.AppURL + ctx.Req.URL.String()[1:] log.Trace("Full URL: " + fullURL) var id, err = openid.Verify(fullURL) @@ -276,8 +276,8 @@ func ConnectOpenID(ctx *context.Context) { } // ConnectOpenIDPost handles submission of a form to connect an OpenID URI to an existing account -func ConnectOpenIDPost(ctx *context.Context, form auth.ConnectOpenIDForm) { - +func ConnectOpenIDPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.ConnectOpenIDForm) oid, _ := ctx.Session.Get("openid_verified_uri").(string) if oid == "" { ctx.Redirect(setting.AppSubURL + "/user/login/openid") @@ -346,7 +346,8 @@ func RegisterOpenID(ctx *context.Context) { } // RegisterOpenIDPost handles submission of a form to create a new user authenticated via an OpenID URI -func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.SignUpOpenIDForm) { +func RegisterOpenIDPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.SignUpOpenIDForm) oid, _ := ctx.Session.Get("openid_verified_uri").(string) if oid == "" { ctx.Redirect(setting.AppSubURL + "/user/login/openid") @@ -369,7 +370,7 @@ func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.Si var err error switch setting.Service.CaptchaType { case setting.ImageCaptcha: - valid = cpt.VerifyReq(ctx.Req) + valid = context.GetImageCaptcha().VerifyReq(ctx.Req) case setting.ReCaptcha: if err := ctx.Req.ParseForm(); err != nil { ctx.ServerError("", err) diff --git a/routers/user/oauth.go b/routers/user/oauth.go index dda1268f8a..d943ec4200 100644 --- a/routers/user/oauth.go +++ b/routers/user/oauth.go @@ -12,14 +12,15 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/web" - "gitea.com/macaron/binding" + "gitea.com/go-chi/binding" "github.com/dgrijalva/jwt-go" ) @@ -192,9 +193,10 @@ func newAccessTokenResponse(grant *models.OAuth2Grant, clientSecret string) (*Ac } // AuthorizeOAuth manages authorize requests -func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) { +func AuthorizeOAuth(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AuthorizationForm) errs := binding.Errors{} - errs = form.Validate(ctx.Context, errs) + errs = form.Validate(ctx.Req, errs) if len(errs) > 0 { errstring := "" for _, e := range errs { @@ -341,7 +343,8 @@ func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) { } // GrantApplicationOAuth manages the post request submitted when a user grants access to an application -func GrantApplicationOAuth(ctx *context.Context, form auth.GrantApplicationForm) { +func GrantApplicationOAuth(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.GrantApplicationForm) if ctx.Session.Get("client_id") != form.ClientID || ctx.Session.Get("state") != form.State || ctx.Session.Get("redirect_uri") != form.RedirectURI { ctx.Error(400) @@ -386,7 +389,8 @@ func GrantApplicationOAuth(ctx *context.Context, form auth.GrantApplicationForm) } // AccessTokenOAuth manages all access token requests by the client -func AccessTokenOAuth(ctx *context.Context, form auth.AccessTokenForm) { +func AccessTokenOAuth(ctx *context.Context) { + form := *web.GetForm(ctx).(*auth.AccessTokenForm) if form.ClientID == "" { authHeader := ctx.Req.Header.Get("Authorization") authContent := strings.SplitN(authHeader, " ", 2) diff --git a/routers/user/setting/account.go b/routers/user/setting/account.go index 42c2c59b7e..4900bba14a 100644 --- a/routers/user/setting/account.go +++ b/routers/user/setting/account.go @@ -10,13 +10,14 @@ import ( "time" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/password" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/timeutil" + "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/services/mailer" ) @@ -36,7 +37,8 @@ func Account(ctx *context.Context) { } // AccountPost response for change user's password -func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) { +func AccountPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.ChangePasswordForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsAccount"] = true @@ -80,7 +82,8 @@ func AccountPost(ctx *context.Context, form auth.ChangePasswordForm) { } // EmailPost response for change user's email -func EmailPost(ctx *context.Context, form auth.AddEmailForm) { +func EmailPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AddEmailForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsAccount"] = true @@ -252,8 +255,8 @@ func DeleteAccount(ctx *context.Context) { } // UpdateUIThemePost is used to update users' specific theme -func UpdateUIThemePost(ctx *context.Context, form auth.UpdateThemeForm) { - +func UpdateUIThemePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.UpdateThemeForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsAccount"] = true diff --git a/routers/user/setting/account_test.go b/routers/user/setting/account_test.go index 841ecb8ac2..0e7e147b8b 100644 --- a/routers/user/setting/account_test.go +++ b/routers/user/setting/account_test.go @@ -9,9 +9,10 @@ import ( "testing" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/test" + "code.gitea.io/gitea/modules/web" "github.com/stretchr/testify/assert" ) @@ -85,11 +86,12 @@ func TestChangePassword(t *testing.T) { test.LoadUser(t, ctx, 2) test.LoadRepo(t, ctx, 1) - AccountPost(ctx, auth.ChangePasswordForm{ + web.SetForm(ctx, &auth.ChangePasswordForm{ OldPassword: req.OldPassword, Password: req.NewPassword, Retype: req.Retype, }) + AccountPost(ctx) assert.Contains(t, ctx.Flash.ErrorMsg, req.Message) assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) diff --git a/routers/user/setting/applications.go b/routers/user/setting/applications.go index 04f9d9f7f9..8da36dc6cf 100644 --- a/routers/user/setting/applications.go +++ b/routers/user/setting/applications.go @@ -7,10 +7,11 @@ package setting import ( "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" ) const ( @@ -28,7 +29,8 @@ func Applications(ctx *context.Context) { } // ApplicationsPost response for add user's access token -func ApplicationsPost(ctx *context.Context, form auth.NewAccessTokenForm) { +func ApplicationsPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.NewAccessTokenForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsApplications"] = true diff --git a/routers/user/setting/keys.go b/routers/user/setting/keys.go index 76c7ef9da4..a52ffd667b 100644 --- a/routers/user/setting/keys.go +++ b/routers/user/setting/keys.go @@ -7,10 +7,11 @@ package setting import ( "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" ) const ( @@ -31,7 +32,8 @@ func Keys(ctx *context.Context) { } // KeysPost response for change user's SSH/GPG keys -func KeysPost(ctx *context.Context, form auth.AddKeyForm) { +func KeysPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AddKeyForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsKeys"] = true ctx.Data["DisableSSH"] = setting.SSH.Disabled diff --git a/routers/user/setting/oauth2.go b/routers/user/setting/oauth2.go index f42c1123e1..7f0f8db1c8 100644 --- a/routers/user/setting/oauth2.go +++ b/routers/user/setting/oauth2.go @@ -8,11 +8,12 @@ import ( "fmt" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" ) const ( @@ -20,7 +21,8 @@ const ( ) // OAuthApplicationsPost response for adding a oauth2 application -func OAuthApplicationsPost(ctx *context.Context, form auth.EditOAuth2ApplicationForm) { +func OAuthApplicationsPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.EditOAuth2ApplicationForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsApplications"] = true @@ -51,7 +53,8 @@ func OAuthApplicationsPost(ctx *context.Context, form auth.EditOAuth2Application } // OAuthApplicationsEdit response for editing oauth2 application -func OAuthApplicationsEdit(ctx *context.Context, form auth.EditOAuth2ApplicationForm) { +func OAuthApplicationsEdit(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.EditOAuth2ApplicationForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsApplications"] = true diff --git a/routers/user/setting/profile.go b/routers/user/setting/profile.go index c935b56230..7e90a7ccec 100644 --- a/routers/user/setting/profile.go +++ b/routers/user/setting/profile.go @@ -14,12 +14,13 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/base" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" + "code.gitea.io/gitea/modules/web" "github.com/unknwon/i18n" ) @@ -71,7 +72,8 @@ func HandleUsernameChange(ctx *context.Context, user *models.User, newName strin } // ProfilePost response for change user's profile -func ProfilePost(ctx *context.Context, form auth.UpdateProfileForm) { +func ProfilePost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.UpdateProfileForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsProfile"] = true @@ -123,7 +125,7 @@ func ProfilePost(ctx *context.Context, form auth.UpdateProfileForm) { // UpdateAvatarSetting update user's avatar // FIXME: limit size. -func UpdateAvatarSetting(ctx *context.Context, form auth.AvatarForm, ctxUser *models.User) error { +func UpdateAvatarSetting(ctx *context.Context, form *auth.AvatarForm, ctxUser *models.User) error { ctxUser.UseCustomAvatar = form.Source == auth.AvatarLocal if len(form.Gravatar) > 0 { if form.Avatar != nil { @@ -171,7 +173,8 @@ func UpdateAvatarSetting(ctx *context.Context, form auth.AvatarForm, ctxUser *mo } // AvatarPost response for change user's avatar request -func AvatarPost(ctx *context.Context, form auth.AvatarForm) { +func AvatarPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AvatarForm) if err := UpdateAvatarSetting(ctx, form, ctx.User); err != nil { ctx.Flash.Error(err.Error()) } else { diff --git a/routers/user/setting/security_openid.go b/routers/user/setting/security_openid.go index 6813765f6f..401705608a 100644 --- a/routers/user/setting/security_openid.go +++ b/routers/user/setting/security_openid.go @@ -6,15 +6,17 @@ package setting import ( "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/auth/openid" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" ) // OpenIDPost response for change user's openid -func OpenIDPost(ctx *context.Context, form auth.AddOpenIDForm) { +func OpenIDPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.AddOpenIDForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsSecurity"] = true @@ -70,9 +72,9 @@ func OpenIDPost(ctx *context.Context, form auth.AddOpenIDForm) { } func settingsOpenIDVerify(ctx *context.Context) { - log.Trace("Incoming call to: " + ctx.Req.Request.URL.String()) + log.Trace("Incoming call to: " + ctx.Req.URL.String()) - fullURL := setting.AppURL + ctx.Req.Request.URL.String()[1:] + fullURL := setting.AppURL + ctx.Req.URL.String()[1:] log.Trace("Full URL: " + fullURL) id, err := openid.Verify(fullURL) diff --git a/routers/user/setting/security_twofa.go b/routers/user/setting/security_twofa.go index 3f4c8f6c3f..0dee827cab 100644 --- a/routers/user/setting/security_twofa.go +++ b/routers/user/setting/security_twofa.go @@ -13,10 +13,11 @@ import ( "strings" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" "github.com/pquerna/otp" "github.com/pquerna/otp/totp" @@ -165,7 +166,8 @@ func EnrollTwoFactor(ctx *context.Context) { } // EnrollTwoFactorPost handles enrolling the user into 2FA. -func EnrollTwoFactorPost(ctx *context.Context, form auth.TwoFactorAuthForm) { +func EnrollTwoFactorPost(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.TwoFactorAuthForm) ctx.Data["Title"] = ctx.Tr("settings") ctx.Data["PageIsSettingsSecurity"] = true diff --git a/routers/user/setting/security_u2f.go b/routers/user/setting/security_u2f.go index 7e32b4aaec..8140c3c04a 100644 --- a/routers/user/setting/security_u2f.go +++ b/routers/user/setting/security_u2f.go @@ -8,16 +8,18 @@ import ( "errors" "code.gitea.io/gitea/models" - "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/context" + auth "code.gitea.io/gitea/modules/forms" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/web" "github.com/tstranex/u2f" ) // U2FRegister initializes the u2f registration procedure -func U2FRegister(ctx *context.Context, form auth.U2FRegistrationForm) { +func U2FRegister(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.U2FRegistrationForm) if form.Name == "" { ctx.Error(409) return @@ -55,7 +57,8 @@ func U2FRegister(ctx *context.Context, form auth.U2FRegistrationForm) { } // U2FRegisterPost receives the response of the security key -func U2FRegisterPost(ctx *context.Context, response u2f.RegisterResponse) { +func U2FRegisterPost(ctx *context.Context) { + response := web.GetForm(ctx).(*u2f.RegisterResponse) challSess := ctx.Session.Get("u2fChallenge") u2fName := ctx.Session.Get("u2fName") if challSess == nil || u2fName == nil { @@ -69,7 +72,7 @@ func U2FRegisterPost(ctx *context.Context, response u2f.RegisterResponse) { // certificate by default. SkipAttestationVerify: true, } - reg, err := u2f.Register(response, *challenge, config) + reg, err := u2f.Register(*response, *challenge, config) if err != nil { ctx.ServerError("u2f.Register", err) return @@ -82,7 +85,8 @@ func U2FRegisterPost(ctx *context.Context, response u2f.RegisterResponse) { } // U2FDelete deletes an security key by id -func U2FDelete(ctx *context.Context, form auth.U2FDeleteForm) { +func U2FDelete(ctx *context.Context) { + form := web.GetForm(ctx).(*auth.U2FDeleteForm) reg, err := models.GetU2FRegistrationByID(form.ID) if err != nil { if models.IsErrU2FRegistrationNotExist(err) { diff --git a/templates/admin/config.tmpl b/templates/admin/config.tmpl index 3fbb80caf1..aa6a9b793b 100644 --- a/templates/admin/config.tmpl +++ b/templates/admin/config.tmpl @@ -340,23 +340,6 @@{{.Config | JsonPrettyPrint}}
{{.Config | JsonPrettyPrint}}
%s-
%s- -` -) - -var ( - dunno = []byte("???") - centerDot = []byte("·") - dot = []byte(".") - slash = []byte("/") -) - -// stack returns a nicely formated stack frame, skipping skip frames -func stack(skip int) []byte { - buf := new(bytes.Buffer) // the returned data - // As we loop, we open files and read them. These variables record the currently - // loaded file. - var lines [][]byte - var lastFile string - for i := skip; ; i++ { // Skip the expected number of frames - pc, file, line, ok := runtime.Caller(i) - if !ok { - break - } - // Print this much at least. If we can't find the source, it won't show. - fmt.Fprintf(buf, "%s:%d (0x%x)\n", file, line, pc) - if file != lastFile { - data, err := ioutil.ReadFile(file) - if err != nil { - continue - } - lines = bytes.Split(data, []byte{'\n'}) - lastFile = file - } - fmt.Fprintf(buf, "\t%s: %s\n", function(pc), source(lines, line)) - } - return buf.Bytes() -} - -// source returns a space-trimmed slice of the n'th line. -func source(lines [][]byte, n int) []byte { - n-- // in stack trace, lines are 1-indexed but our array is 0-indexed - if n < 0 || n >= len(lines) { - return dunno - } - return bytes.TrimSpace(lines[n]) -} - -// function returns, if possible, the name of the function containing the PC. -func function(pc uintptr) []byte { - fn := runtime.FuncForPC(pc) - if fn == nil { - return dunno - } - name := []byte(fn.Name()) - // The name includes the path name to the package, which is unnecessary - // since the file name is already included. Plus, it has center dots. - // That is, we see - // runtime/debug.*T·ptrmethod - // and want - // *T.ptrmethod - // Also the package path might contains dot (e.g. code.google.com/...), - // so first eliminate the path prefix - if lastslash := bytes.LastIndex(name, slash); lastslash >= 0 { - name = name[lastslash+1:] - } - if period := bytes.Index(name, dot); period >= 0 { - name = name[period+1:] - } - name = bytes.Replace(name, centerDot, dot, -1) - return name -} - -// Recovery returns a middleware that recovers from any panics and writes a 500 if there was one. -// While Martini is in development mode, Recovery will also output the panic as HTML. -func Recovery() Handler { - return func(c *Context, log *log.Logger) { - defer func() { - if err := recover(); err != nil { - stack := stack(3) - log.Printf("PANIC: %s\n%s", err, stack) - - // Lookup the current responsewriter - val := c.GetVal(inject.InterfaceOf((*http.ResponseWriter)(nil))) - res := val.Interface().(http.ResponseWriter) - - // respond with panic message while in development mode - var body []byte - if Env == DEV { - res.Header().Set("Content-Type", "text/html") - body = []byte(fmt.Sprintf(panicHtml, err, err, stack)) - } - - res.WriteHeader(http.StatusInternalServerError) - if nil != body { - _, _ = res.Write(body) - } - } - }() - - c.Next() - } -} diff --git a/vendor/gitea.com/macaron/macaron/render.go b/vendor/gitea.com/macaron/macaron/render.go deleted file mode 100644 index 04687c4f40..0000000000 --- a/vendor/gitea.com/macaron/macaron/render.go +++ /dev/null @@ -1,724 +0,0 @@ -// Copyright 2013 Martini Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package macaron - -import ( - "bytes" - "encoding/json" - "encoding/xml" - "fmt" - "html/template" - "io" - "io/ioutil" - "net/http" - "os" - "path" - "path/filepath" - "strings" - "sync" - "time" - - "github.com/unknwon/com" -) - -const ( - _CONTENT_TYPE = "Content-Type" - _CONTENT_BINARY = "application/octet-stream" - _CONTENT_JSON = "application/json" - _CONTENT_HTML = "text/html" - _CONTENT_PLAIN = "text/plain" - _CONTENT_XHTML = "application/xhtml+xml" - _CONTENT_XML = "text/xml" - _DEFAULT_CHARSET = "UTF-8" -) - -var ( - // Provides a temporary buffer to execute templates into and catch errors. - bufpool = sync.Pool{ - New: func() interface{} { return new(bytes.Buffer) }, - } - - // Included helper functions for use when rendering html - helperFuncs = template.FuncMap{ - "yield": func() (string, error) { - return "", fmt.Errorf("yield called with no layout defined") - }, - "current": func() (string, error) { - return "", nil - }, - } -) - -type ( - // TemplateFile represents a interface of template file that has name and can be read. - TemplateFile interface { - Name() string - Data() []byte - Ext() string - } - // TemplateFileSystem represents a interface of template file system that able to list all files. - TemplateFileSystem interface { - ListFiles() []TemplateFile - Get(string) (io.Reader, error) - } - - // Delims represents a set of Left and Right delimiters for HTML template rendering - Delims struct { - // Left delimiter, defaults to {{ - Left string - // Right delimiter, defaults to }} - Right string - } - - // RenderOptions represents a struct for specifying configuration options for the Render middleware. - RenderOptions struct { - // Directory to load templates. Default is "templates". - Directory string - // Addtional directories to overwite templates. - AppendDirectories []string - // Layout template name. Will not render a layout if "". Default is to "". - Layout string - // Extensions to parse template files from. Defaults are [".tmpl", ".html"]. - Extensions []string - // Funcs is a slice of FuncMaps to apply to the template upon compilation. This is useful for helper functions. Default is []. - Funcs []template.FuncMap - // Delims sets the action delimiters to the specified strings in the Delims struct. - Delims Delims - // Appends the given charset to the Content-Type header. Default is "UTF-8". - Charset string - // Outputs human readable JSON. - IndentJSON bool - // Outputs human readable XML. - IndentXML bool - // Prefixes the JSON output with the given bytes. - PrefixJSON []byte - // Prefixes the XML output with the given bytes. - PrefixXML []byte - // Allows changing of output to XHTML instead of HTML. Default is "text/html" - HTMLContentType string - // TemplateFileSystem is the interface for supporting any implmentation of template file system. - TemplateFileSystem - } - - // HTMLOptions is a struct for overriding some rendering Options for specific HTML call - HTMLOptions struct { - // Layout template name. Overrides Options.Layout. - Layout string - } - - Render interface { - http.ResponseWriter - SetResponseWriter(http.ResponseWriter) - - JSON(int, interface{}) - JSONString(interface{}) (string, error) - RawData(int, []byte) // Serve content as binary - PlainText(int, []byte) // Serve content as plain text - HTML(int, string, interface{}, ...HTMLOptions) - HTMLSet(int, string, string, interface{}, ...HTMLOptions) - HTMLSetString(string, string, interface{}, ...HTMLOptions) (string, error) - HTMLString(string, interface{}, ...HTMLOptions) (string, error) - HTMLSetBytes(string, string, interface{}, ...HTMLOptions) ([]byte, error) - HTMLBytes(string, interface{}, ...HTMLOptions) ([]byte, error) - XML(int, interface{}) - Error(int, ...string) - Status(int) - SetTemplatePath(string, string) - HasTemplateSet(string) bool - } -) - -// TplFile implements TemplateFile interface. -type TplFile struct { - name string - data []byte - ext string -} - -// NewTplFile cerates new template file with given name and data. -func NewTplFile(name string, data []byte, ext string) *TplFile { - return &TplFile{name, data, ext} -} - -func (f *TplFile) Name() string { - return f.name -} - -func (f *TplFile) Data() []byte { - return f.data -} - -func (f *TplFile) Ext() string { - return f.ext -} - -// TplFileSystem implements TemplateFileSystem interface. -type TplFileSystem struct { - files []TemplateFile -} - -// NewTemplateFileSystem creates new template file system with given options. -func NewTemplateFileSystem(opt RenderOptions, omitData bool) TplFileSystem { - fs := TplFileSystem{} - fs.files = make([]TemplateFile, 0, 10) - - // Directories are composed in reverse order because later one overwrites previous ones, - // so once found, we can directly jump out of the loop. - dirs := make([]string, 0, len(opt.AppendDirectories)+1) - for i := len(opt.AppendDirectories) - 1; i >= 0; i-- { - dirs = append(dirs, opt.AppendDirectories[i]) - } - dirs = append(dirs, opt.Directory) - - var err error - for i := range dirs { - // Skip ones that does not exists for symlink test, - // but allow non-symlink ones added after start. - if !com.IsExist(dirs[i]) { - continue - } - - dirs[i], err = filepath.EvalSymlinks(dirs[i]) - if err != nil { - panic("EvalSymlinks(" + dirs[i] + "): " + err.Error()) - } - } - lastDir := dirs[len(dirs)-1] - - // We still walk the last (original) directory because it's non-sense we load templates not exist in original directory. - if err = filepath.Walk(lastDir, func(path string, info os.FileInfo, _ error) error { - r, err := filepath.Rel(lastDir, path) - if err != nil { - return err - } - - ext := GetExt(r) - - for _, extension := range opt.Extensions { - if ext != extension { - continue - } - - var data []byte - if !omitData { - // Loop over candidates of directory, break out once found. - // The file always exists because it's inside the walk function, - // and read original file is the worst case. - for i := range dirs { - path = filepath.Join(dirs[i], r) - if !com.IsFile(path) { - continue - } - - data, err = ioutil.ReadFile(path) - if err != nil { - return err - } - break - } - } - - name := filepath.ToSlash((r[0 : len(r)-len(ext)])) - fs.files = append(fs.files, NewTplFile(name, data, ext)) - } - - return nil - }); err != nil { - panic("NewTemplateFileSystem: " + err.Error()) - } - - return fs -} - -func (fs TplFileSystem) ListFiles() []TemplateFile { - return fs.files -} - -func (fs TplFileSystem) Get(name string) (io.Reader, error) { - for i := range fs.files { - if fs.files[i].Name()+fs.files[i].Ext() == name { - return bytes.NewReader(fs.files[i].Data()), nil - } - } - return nil, fmt.Errorf("file '%s' not found", name) -} - -func PrepareCharset(charset string) string { - if len(charset) != 0 { - return "; charset=" + charset - } - - return "; charset=" + _DEFAULT_CHARSET -} - -func GetExt(s string) string { - index := strings.Index(s, ".") - if index == -1 { - return "" - } - return s[index:] -} - -func compile(opt RenderOptions) *template.Template { - t := template.New(opt.Directory) - t.Delims(opt.Delims.Left, opt.Delims.Right) - // Parse an initial template in case we don't have any. - template.Must(t.Parse("Macaron")) - - if opt.TemplateFileSystem == nil { - opt.TemplateFileSystem = NewTemplateFileSystem(opt, false) - } - - for _, f := range opt.TemplateFileSystem.ListFiles() { - tmpl := t.New(f.Name()) - for _, funcs := range opt.Funcs { - tmpl.Funcs(funcs) - } - // Bomb out if parse fails. We don't want any silent server starts. - template.Must(tmpl.Funcs(helperFuncs).Parse(string(f.Data()))) - } - - return t -} - -const ( - DEFAULT_TPL_SET_NAME = "DEFAULT" -) - -// TemplateSet represents a template set of type *template.Template. -type TemplateSet struct { - lock sync.RWMutex - sets map[string]*template.Template - dirs map[string]string -} - -// NewTemplateSet initializes a new empty template set. -func NewTemplateSet() *TemplateSet { - return &TemplateSet{ - sets: make(map[string]*template.Template), - dirs: make(map[string]string), - } -} - -func (ts *TemplateSet) Set(name string, opt *RenderOptions) *template.Template { - t := compile(*opt) - - ts.lock.Lock() - defer ts.lock.Unlock() - - ts.sets[name] = t - ts.dirs[name] = opt.Directory - return t -} - -func (ts *TemplateSet) Get(name string) *template.Template { - ts.lock.RLock() - defer ts.lock.RUnlock() - - return ts.sets[name] -} - -func (ts *TemplateSet) GetDir(name string) string { - ts.lock.RLock() - defer ts.lock.RUnlock() - - return ts.dirs[name] -} - -func prepareRenderOptions(options []RenderOptions) RenderOptions { - var opt RenderOptions - if len(options) > 0 { - opt = options[0] - } - - // Defaults. - if len(opt.Directory) == 0 { - opt.Directory = "templates" - } - if len(opt.Extensions) == 0 { - opt.Extensions = []string{".tmpl", ".html"} - } - if len(opt.HTMLContentType) == 0 { - opt.HTMLContentType = _CONTENT_HTML - } - - return opt -} - -func ParseTplSet(tplSet string) (tplName string, tplDir string) { - tplSet = strings.TrimSpace(tplSet) - if len(tplSet) == 0 { - panic("empty template set argument") - } - infos := strings.Split(tplSet, ":") - if len(infos) == 1 { - tplDir = infos[0] - tplName = path.Base(tplDir) - } else { - tplName = infos[0] - tplDir = infos[1] - } - - if !com.IsDir(tplDir) { - panic("template set path does not exist or is not a directory") - } - return tplName, tplDir -} - -func renderHandler(opt RenderOptions, tplSets []string) Handler { - cs := PrepareCharset(opt.Charset) - ts := NewTemplateSet() - ts.Set(DEFAULT_TPL_SET_NAME, &opt) - - var tmpOpt RenderOptions - for _, tplSet := range tplSets { - tplName, tplDir := ParseTplSet(tplSet) - tmpOpt = opt - tmpOpt.Directory = tplDir - ts.Set(tplName, &tmpOpt) - } - - return func(ctx *Context) { - r := &TplRender{ - ResponseWriter: ctx.Resp, - TemplateSet: ts, - Opt: &opt, - CompiledCharset: cs, - } - ctx.Data["TmplLoadTimes"] = func() string { - if r.startTime.IsZero() { - return "" - } - return fmt.Sprint(time.Since(r.startTime).Nanoseconds()/1e6) + "ms" - } - - ctx.Render = r - ctx.MapTo(r, (*Render)(nil)) - } -} - -// Renderer is a Middleware that maps a macaron.Render service into the Macaron handler chain. -// An single variadic macaron.RenderOptions struct can be optionally provided to configure -// HTML rendering. The default directory for templates is "templates" and the default -// file extension is ".tmpl" and ".html". -// -// If MACARON_ENV is set to "" or "development" then templates will be recompiled on every request. For more performance, set the -// MACARON_ENV environment variable to "production". -func Renderer(options ...RenderOptions) Handler { - return renderHandler(prepareRenderOptions(options), []string{}) -} - -func Renderers(options RenderOptions, tplSets ...string) Handler { - return renderHandler(prepareRenderOptions([]RenderOptions{options}), tplSets) -} - -type TplRender struct { - http.ResponseWriter - *TemplateSet - Opt *RenderOptions - CompiledCharset string - - startTime time.Time -} - -func (r *TplRender) SetResponseWriter(rw http.ResponseWriter) { - r.ResponseWriter = rw -} - -func (r *TplRender) JSON(status int, v interface{}) { - var ( - result []byte - err error - ) - if r.Opt.IndentJSON { - result, err = json.MarshalIndent(v, "", " ") - } else { - result, err = json.Marshal(v) - } - if err != nil { - http.Error(r, err.Error(), 500) - return - } - - // json rendered fine, write out the result - r.Header().Set(_CONTENT_TYPE, _CONTENT_JSON+r.CompiledCharset) - r.WriteHeader(status) - if len(r.Opt.PrefixJSON) > 0 { - _, _ = r.Write(r.Opt.PrefixJSON) - } - _, _ = r.Write(result) -} - -func (r *TplRender) JSONString(v interface{}) (string, error) { - var result []byte - var err error - if r.Opt.IndentJSON { - result, err = json.MarshalIndent(v, "", " ") - } else { - result, err = json.Marshal(v) - } - if err != nil { - return "", err - } - return string(result), nil -} - -func (r *TplRender) XML(status int, v interface{}) { - var result []byte - var err error - if r.Opt.IndentXML { - result, err = xml.MarshalIndent(v, "", " ") - } else { - result, err = xml.Marshal(v) - } - if err != nil { - http.Error(r, err.Error(), 500) - return - } - - // XML rendered fine, write out the result - r.Header().Set(_CONTENT_TYPE, _CONTENT_XML+r.CompiledCharset) - r.WriteHeader(status) - if len(r.Opt.PrefixXML) > 0 { - _, _ = r.Write(r.Opt.PrefixXML) - } - _, _ = r.Write(result) -} - -func (r *TplRender) data(status int, contentType string, v []byte) { - if r.Header().Get(_CONTENT_TYPE) == "" { - r.Header().Set(_CONTENT_TYPE, contentType) - } - r.WriteHeader(status) - _, _ = r.Write(v) -} - -func (r *TplRender) RawData(status int, v []byte) { - r.data(status, _CONTENT_BINARY, v) -} - -func (r *TplRender) PlainText(status int, v []byte) { - r.data(status, _CONTENT_PLAIN, v) -} - -func (r *TplRender) execute(t *template.Template, name string, data interface{}) (*bytes.Buffer, error) { - buf := bufpool.Get().(*bytes.Buffer) - return buf, t.ExecuteTemplate(buf, name, data) -} - -func (r *TplRender) addYield(t *template.Template, tplName string, data interface{}) { - funcs := template.FuncMap{ - "yield": func() (template.HTML, error) { - buf, err := r.execute(t, tplName, data) - // return safe html here since we are rendering our own template - return template.HTML(buf.String()), err - }, - "current": func() (string, error) { - return tplName, nil - }, - } - t.Funcs(funcs) -} - -func (r *TplRender) renderBytes(setName, tplName string, data interface{}, htmlOpt ...HTMLOptions) (*bytes.Buffer, error) { - t := r.TemplateSet.Get(setName) - if Env == DEV { - opt := *r.Opt - opt.Directory = r.TemplateSet.GetDir(setName) - t = r.TemplateSet.Set(setName, &opt) - } - if t == nil { - return nil, fmt.Errorf("html/template: template \"%s\" is undefined", tplName) - } - - opt := r.prepareHTMLOptions(htmlOpt) - - if len(opt.Layout) > 0 { - r.addYield(t, tplName, data) - tplName = opt.Layout - } - - out, err := r.execute(t, tplName, data) - if err != nil { - return nil, err - } - - return out, nil -} - -func (r *TplRender) renderHTML(status int, setName, tplName string, data interface{}, htmlOpt ...HTMLOptions) { - r.startTime = time.Now() - - out, err := r.renderBytes(setName, tplName, data, htmlOpt...) - if err != nil { - http.Error(r, err.Error(), http.StatusInternalServerError) - return - } - - r.Header().Set(_CONTENT_TYPE, r.Opt.HTMLContentType+r.CompiledCharset) - r.WriteHeader(status) - - if _, err := out.WriteTo(r); err != nil { - out.Reset() - } - bufpool.Put(out) -} - -func (r *TplRender) HTML(status int, name string, data interface{}, htmlOpt ...HTMLOptions) { - r.renderHTML(status, DEFAULT_TPL_SET_NAME, name, data, htmlOpt...) -} - -func (r *TplRender) HTMLSet(status int, setName, tplName string, data interface{}, htmlOpt ...HTMLOptions) { - r.renderHTML(status, setName, tplName, data, htmlOpt...) -} - -func (r *TplRender) HTMLSetBytes(setName, tplName string, data interface{}, htmlOpt ...HTMLOptions) ([]byte, error) { - out, err := r.renderBytes(setName, tplName, data, htmlOpt...) - if err != nil { - return []byte(""), err - } - return out.Bytes(), nil -} - -func (r *TplRender) HTMLBytes(name string, data interface{}, htmlOpt ...HTMLOptions) ([]byte, error) { - return r.HTMLSetBytes(DEFAULT_TPL_SET_NAME, name, data, htmlOpt...) -} - -func (r *TplRender) HTMLSetString(setName, tplName string, data interface{}, htmlOpt ...HTMLOptions) (string, error) { - p, err := r.HTMLSetBytes(setName, tplName, data, htmlOpt...) - return string(p), err -} - -func (r *TplRender) HTMLString(name string, data interface{}, htmlOpt ...HTMLOptions) (string, error) { - p, err := r.HTMLBytes(name, data, htmlOpt...) - return string(p), err -} - -// Error writes the given HTTP status to the current ResponseWriter -func (r *TplRender) Error(status int, message ...string) { - r.WriteHeader(status) - if len(message) > 0 { - _, _ = r.Write([]byte(message[0])) - } -} - -func (r *TplRender) Status(status int) { - r.WriteHeader(status) -} - -func (r *TplRender) prepareHTMLOptions(htmlOpt []HTMLOptions) HTMLOptions { - if len(htmlOpt) > 0 { - return htmlOpt[0] - } - - return HTMLOptions{ - Layout: r.Opt.Layout, - } -} - -func (r *TplRender) SetTemplatePath(setName, dir string) { - if len(setName) == 0 { - setName = DEFAULT_TPL_SET_NAME - } - opt := *r.Opt - opt.Directory = dir - r.TemplateSet.Set(setName, &opt) -} - -func (r *TplRender) HasTemplateSet(name string) bool { - return r.TemplateSet.Get(name) != nil -} - -// DummyRender is used when user does not choose any real render to use. -// This way, we can print out friendly message which asks them to register one, -// instead of ugly and confusing 'nil pointer' panic. -type DummyRender struct { - http.ResponseWriter -} - -func renderNotRegistered() { - panic("middleware render hasn't been registered") -} - -func (r *DummyRender) SetResponseWriter(http.ResponseWriter) { - renderNotRegistered() -} - -func (r *DummyRender) JSON(int, interface{}) { - renderNotRegistered() -} - -func (r *DummyRender) JSONString(interface{}) (string, error) { - renderNotRegistered() - return "", nil -} - -func (r *DummyRender) RawData(int, []byte) { - renderNotRegistered() -} - -func (r *DummyRender) PlainText(int, []byte) { - renderNotRegistered() -} - -func (r *DummyRender) HTML(int, string, interface{}, ...HTMLOptions) { - renderNotRegistered() -} - -func (r *DummyRender) HTMLSet(int, string, string, interface{}, ...HTMLOptions) { - renderNotRegistered() -} - -func (r *DummyRender) HTMLSetString(string, string, interface{}, ...HTMLOptions) (string, error) { - renderNotRegistered() - return "", nil -} - -func (r *DummyRender) HTMLString(string, interface{}, ...HTMLOptions) (string, error) { - renderNotRegistered() - return "", nil -} - -func (r *DummyRender) HTMLSetBytes(string, string, interface{}, ...HTMLOptions) ([]byte, error) { - renderNotRegistered() - return nil, nil -} - -func (r *DummyRender) HTMLBytes(string, interface{}, ...HTMLOptions) ([]byte, error) { - renderNotRegistered() - return nil, nil -} - -func (r *DummyRender) XML(int, interface{}) { - renderNotRegistered() -} - -func (r *DummyRender) Error(int, ...string) { - renderNotRegistered() -} - -func (r *DummyRender) Status(int) { - renderNotRegistered() -} - -func (r *DummyRender) SetTemplatePath(string, string) { - renderNotRegistered() -} - -func (r *DummyRender) HasTemplateSet(string) bool { - renderNotRegistered() - return false -} diff --git a/vendor/gitea.com/macaron/macaron/response_writer.go b/vendor/gitea.com/macaron/macaron/response_writer.go deleted file mode 100644 index eeb35f642e..0000000000 --- a/vendor/gitea.com/macaron/macaron/response_writer.go +++ /dev/null @@ -1,124 +0,0 @@ -// Copyright 2013 Martini Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package macaron - -import ( - "bufio" - "errors" - "net" - "net/http" -) - -// ResponseWriter is a wrapper around http.ResponseWriter that provides extra information about -// the response. It is recommended that middleware handlers use this construct to wrap a responsewriter -// if the functionality calls for it. -type ResponseWriter interface { - http.ResponseWriter - http.Flusher - http.Pusher - // Status returns the status code of the response or 0 if the response has not been written. - Status() int - // Written returns whether or not the ResponseWriter has been written. - Written() bool - // Size returns the size of the response body. - Size() int - // Before allows for a function to be called before the ResponseWriter has been written to. This is - // useful for setting headers or any other operations that must happen before a response has been written. - Before(BeforeFunc) -} - -// BeforeFunc is a function that is called before the ResponseWriter has been written to. -type BeforeFunc func(ResponseWriter) - -// NewResponseWriter creates a ResponseWriter that wraps an http.ResponseWriter -func NewResponseWriter(method string, rw http.ResponseWriter) ResponseWriter { - return &responseWriter{method, rw, 0, 0, nil} -} - -type responseWriter struct { - method string - http.ResponseWriter - status int - size int - beforeFuncs []BeforeFunc -} - -func (rw *responseWriter) WriteHeader(s int) { - rw.callBefore() - rw.ResponseWriter.WriteHeader(s) - rw.status = s -} - -func (rw *responseWriter) Write(b []byte) (size int, err error) { - if !rw.Written() { - // The status will be StatusOK if WriteHeader has not been called yet - rw.WriteHeader(http.StatusOK) - } - if rw.method != "HEAD" { - size, err = rw.ResponseWriter.Write(b) - rw.size += size - } - return size, err -} - -func (rw *responseWriter) Status() int { - return rw.status -} - -func (rw *responseWriter) Size() int { - return rw.size -} - -func (rw *responseWriter) Written() bool { - return rw.status != 0 -} - -func (rw *responseWriter) Before(before BeforeFunc) { - rw.beforeFuncs = append(rw.beforeFuncs, before) -} - -func (rw *responseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) { - hijacker, ok := rw.ResponseWriter.(http.Hijacker) - if !ok { - return nil, nil, errors.New("the ResponseWriter doesn't support the Hijacker interface") - } - return hijacker.Hijack() -} - -//nolint -func (rw *responseWriter) CloseNotify() <-chan bool { - return rw.ResponseWriter.(http.CloseNotifier).CloseNotify() -} - -func (rw *responseWriter) callBefore() { - for i := len(rw.beforeFuncs) - 1; i >= 0; i-- { - rw.beforeFuncs[i](rw) - } -} - -func (rw *responseWriter) Flush() { - flusher, ok := rw.ResponseWriter.(http.Flusher) - if ok { - flusher.Flush() - } -} - -func (rw *responseWriter) Push(target string, opts *http.PushOptions) error { - pusher, ok := rw.ResponseWriter.(http.Pusher) - if !ok { - return errors.New("the ResponseWriter doesn't support the Pusher interface") - } - return pusher.Push(target, opts) -} diff --git a/vendor/gitea.com/macaron/macaron/return_handler.go b/vendor/gitea.com/macaron/macaron/return_handler.go deleted file mode 100644 index 10b2c2283f..0000000000 --- a/vendor/gitea.com/macaron/macaron/return_handler.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2013 Martini Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package macaron - -import ( - "net/http" - "reflect" - - "gitea.com/macaron/inject" -) - -// ReturnHandler is a service that Martini provides that is called -// when a route handler returns something. The ReturnHandler is -// responsible for writing to the ResponseWriter based on the values -// that are passed into this function. -type ReturnHandler func(*Context, []reflect.Value) - -func canDeref(val reflect.Value) bool { - return val.Kind() == reflect.Interface || val.Kind() == reflect.Ptr -} - -func isError(val reflect.Value) bool { - _, ok := val.Interface().(error) - return ok -} - -func isByteSlice(val reflect.Value) bool { - return val.Kind() == reflect.Slice && val.Type().Elem().Kind() == reflect.Uint8 -} - -func defaultReturnHandler() ReturnHandler { - return func(ctx *Context, vals []reflect.Value) { - rv := ctx.GetVal(inject.InterfaceOf((*http.ResponseWriter)(nil))) - resp := rv.Interface().(http.ResponseWriter) - var respVal reflect.Value - if len(vals) > 1 && vals[0].Kind() == reflect.Int { - resp.WriteHeader(int(vals[0].Int())) - respVal = vals[1] - } else if len(vals) > 0 { - respVal = vals[0] - - if isError(respVal) { - err := respVal.Interface().(error) - if err != nil { - ctx.internalServerError(ctx, err) - } - return - } else if canDeref(respVal) { - if respVal.IsNil() { - return // Ignore nil error - } - } - } - if canDeref(respVal) { - respVal = respVal.Elem() - } - if isByteSlice(respVal) { - _, _ = resp.Write(respVal.Bytes()) - } else { - _, _ = resp.Write([]byte(respVal.String())) - } - } -} diff --git a/vendor/gitea.com/macaron/macaron/router.go b/vendor/gitea.com/macaron/macaron/router.go deleted file mode 100644 index df593d669a..0000000000 --- a/vendor/gitea.com/macaron/macaron/router.go +++ /dev/null @@ -1,380 +0,0 @@ -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package macaron - -import ( - "net/http" - "strings" - "sync" -) - -var ( - // Known HTTP methods. - _HTTP_METHODS = map[string]bool{ - "GET": true, - "POST": true, - "PUT": true, - "DELETE": true, - "PATCH": true, - "OPTIONS": true, - "HEAD": true, - } -) - -// routeMap represents a thread-safe map for route tree. -type routeMap struct { - lock sync.RWMutex - routes map[string]map[string]*Leaf -} - -// NewRouteMap initializes and returns a new routeMap. -func NewRouteMap() *routeMap { - rm := &routeMap{ - routes: make(map[string]map[string]*Leaf), - } - for m := range _HTTP_METHODS { - rm.routes[m] = make(map[string]*Leaf) - } - return rm -} - -// getLeaf returns Leaf object if a route has been registered. -func (rm *routeMap) getLeaf(method, pattern string) *Leaf { - rm.lock.RLock() - defer rm.lock.RUnlock() - - return rm.routes[method][pattern] -} - -// add adds new route to route tree map. -func (rm *routeMap) add(method, pattern string, leaf *Leaf) { - rm.lock.Lock() - defer rm.lock.Unlock() - - rm.routes[method][pattern] = leaf -} - -type group struct { - pattern string - handlers []Handler -} - -// Router represents a Macaron router layer. -type Router struct { - m *Macaron - autoHead bool - routers map[string]*Tree - *routeMap - namedRoutes map[string]*Leaf - - groups []group - notFound http.HandlerFunc - internalServerError func(*Context, error) - - // handlerWrapper is used to wrap arbitrary function from Handler to inject.FastInvoker. - handlerWrapper func(Handler) Handler -} - -func NewRouter() *Router { - return &Router{ - routers: make(map[string]*Tree), - routeMap: NewRouteMap(), - namedRoutes: make(map[string]*Leaf), - } -} - -// SetAutoHead sets the value who determines whether add HEAD method automatically -// when GET method is added. -func (r *Router) SetAutoHead(v bool) { - r.autoHead = v -} - -type Params map[string]string - -// Handle is a function that can be registered to a route to handle HTTP requests. -// Like http.HandlerFunc, but has a third parameter for the values of wildcards (variables). -type Handle func(http.ResponseWriter, *http.Request, Params) - -// Route represents a wrapper of leaf route and upper level router. -type Route struct { - router *Router - leaf *Leaf -} - -// Name sets name of route. -func (r *Route) Name(name string) { - if len(name) == 0 { - panic("route name cannot be empty") - } else if r.router.namedRoutes[name] != nil { - panic("route with given name already exists: " + name) - } - r.router.namedRoutes[name] = r.leaf -} - -// handle adds new route to the router tree. -func (r *Router) handle(method, pattern string, handle Handle) *Route { - method = strings.ToUpper(method) - - var leaf *Leaf - // Prevent duplicate routes. - if leaf = r.getLeaf(method, pattern); leaf != nil { - return &Route{r, leaf} - } - - // Validate HTTP methods. - if !_HTTP_METHODS[method] && method != "*" { - panic("unknown HTTP method: " + method) - } - - // Generate methods need register. - methods := make(map[string]bool) - if method == "*" { - for m := range _HTTP_METHODS { - methods[m] = true - } - } else { - methods[method] = true - } - - // Add to router tree. - for m := range methods { - if t, ok := r.routers[m]; ok { - leaf = t.Add(pattern, handle) - } else { - t := NewTree() - leaf = t.Add(pattern, handle) - r.routers[m] = t - } - r.add(m, pattern, leaf) - } - return &Route{r, leaf} -} - -// Handle registers a new request handle with the given pattern, method and handlers. -func (r *Router) Handle(method string, pattern string, handlers []Handler) *Route { - if len(r.groups) > 0 { - groupPattern := "" - h := make([]Handler, 0) - for _, g := range r.groups { - groupPattern += g.pattern - h = append(h, g.handlers...) - } - - pattern = groupPattern + pattern - h = append(h, handlers...) - handlers = h - } - handlers = validateAndWrapHandlers(handlers, r.handlerWrapper) - - return r.handle(method, pattern, func(resp http.ResponseWriter, req *http.Request, params Params) { - c := r.m.createContext(resp, req) - c.params = params - c.handlers = make([]Handler, 0, len(r.m.handlers)+len(handlers)) - c.handlers = append(c.handlers, r.m.handlers...) - c.handlers = append(c.handlers, handlers...) - c.run() - }) -} - -func (r *Router) Group(pattern string, fn func(), h ...Handler) { - r.groups = append(r.groups, group{pattern, h}) - fn() - r.groups = r.groups[:len(r.groups)-1] -} - -// Get is a shortcut for r.Handle("GET", pattern, handlers) -func (r *Router) Get(pattern string, h ...Handler) (leaf *Route) { - leaf = r.Handle("GET", pattern, h) - if r.autoHead { - r.Head(pattern, h...) - } - return leaf -} - -// Patch is a shortcut for r.Handle("PATCH", pattern, handlers) -func (r *Router) Patch(pattern string, h ...Handler) *Route { - return r.Handle("PATCH", pattern, h) -} - -// Post is a shortcut for r.Handle("POST", pattern, handlers) -func (r *Router) Post(pattern string, h ...Handler) *Route { - return r.Handle("POST", pattern, h) -} - -// Put is a shortcut for r.Handle("PUT", pattern, handlers) -func (r *Router) Put(pattern string, h ...Handler) *Route { - return r.Handle("PUT", pattern, h) -} - -// Delete is a shortcut for r.Handle("DELETE", pattern, handlers) -func (r *Router) Delete(pattern string, h ...Handler) *Route { - return r.Handle("DELETE", pattern, h) -} - -// Options is a shortcut for r.Handle("OPTIONS", pattern, handlers) -func (r *Router) Options(pattern string, h ...Handler) *Route { - return r.Handle("OPTIONS", pattern, h) -} - -// Head is a shortcut for r.Handle("HEAD", pattern, handlers) -func (r *Router) Head(pattern string, h ...Handler) *Route { - return r.Handle("HEAD", pattern, h) -} - -// Any is a shortcut for r.Handle("*", pattern, handlers) -func (r *Router) Any(pattern string, h ...Handler) *Route { - return r.Handle("*", pattern, h) -} - -// Route is a shortcut for same handlers but different HTTP methods. -// -// Example: -// m.Route("/", "GET,POST", h) -func (r *Router) Route(pattern, methods string, h ...Handler) (route *Route) { - for _, m := range strings.Split(methods, ",") { - route = r.Handle(strings.TrimSpace(m), pattern, h) - } - return route -} - -// Combo returns a combo router. -func (r *Router) Combo(pattern string, h ...Handler) *ComboRouter { - return &ComboRouter{r, pattern, h, map[string]bool{}, nil} -} - -// NotFound configurates http.HandlerFunc which is called when no matching route is -// found. If it is not set, http.NotFound is used. -// Be sure to set 404 response code in your handler. -func (r *Router) NotFound(handlers ...Handler) { - handlers = validateAndWrapHandlers(handlers) - r.notFound = func(rw http.ResponseWriter, req *http.Request) { - c := r.m.createContext(rw, req) - c.handlers = make([]Handler, 0, len(r.m.handlers)+len(handlers)) - c.handlers = append(c.handlers, r.m.handlers...) - c.handlers = append(c.handlers, handlers...) - c.run() - } -} - -// InternalServerError configurates handler which is called when route handler returns -// error. If it is not set, default handler is used. -// Be sure to set 500 response code in your handler. -func (r *Router) InternalServerError(handlers ...Handler) { - handlers = validateAndWrapHandlers(handlers) - r.internalServerError = func(c *Context, err error) { - c.index = 0 - c.handlers = handlers - c.Map(err) - c.run() - } -} - -// SetHandlerWrapper sets handlerWrapper for the router. -func (r *Router) SetHandlerWrapper(f func(Handler) Handler) { - r.handlerWrapper = f -} - -func (r *Router) ServeHTTP(rw http.ResponseWriter, req *http.Request) { - if t, ok := r.routers[req.Method]; ok { - // Fast match for static routes - leaf := r.getLeaf(req.Method, req.URL.Path) - if leaf != nil { - leaf.handle(rw, req, nil) - return - } - - h, p, ok := t.Match(req.URL.EscapedPath()) - if ok { - if splat, ok := p["*0"]; ok { - p["*"] = splat // Easy name. - } - h(rw, req, p) - return - } - } - - r.notFound(rw, req) -} - -// URLFor builds path part of URL by given pair values. -func (r *Router) URLFor(name string, pairs ...string) string { - leaf, ok := r.namedRoutes[name] - if !ok { - panic("route with given name does not exists: " + name) - } - return leaf.URLPath(pairs...) -} - -// ComboRouter represents a combo router. -type ComboRouter struct { - router *Router - pattern string - handlers []Handler - methods map[string]bool // Registered methods. - - lastRoute *Route -} - -func (cr *ComboRouter) checkMethod(name string) { - if cr.methods[name] { - panic("method '" + name + "' has already been registered") - } - cr.methods[name] = true -} - -func (cr *ComboRouter) route(fn func(string, ...Handler) *Route, method string, h ...Handler) *ComboRouter { - cr.checkMethod(method) - cr.lastRoute = fn(cr.pattern, append(cr.handlers, h...)...) - return cr -} - -func (cr *ComboRouter) Get(h ...Handler) *ComboRouter { - if cr.router.autoHead { - cr.Head(h...) - } - return cr.route(cr.router.Get, "GET", h...) -} - -func (cr *ComboRouter) Patch(h ...Handler) *ComboRouter { - return cr.route(cr.router.Patch, "PATCH", h...) -} - -func (cr *ComboRouter) Post(h ...Handler) *ComboRouter { - return cr.route(cr.router.Post, "POST", h...) -} - -func (cr *ComboRouter) Put(h ...Handler) *ComboRouter { - return cr.route(cr.router.Put, "PUT", h...) -} - -func (cr *ComboRouter) Delete(h ...Handler) *ComboRouter { - return cr.route(cr.router.Delete, "DELETE", h...) -} - -func (cr *ComboRouter) Options(h ...Handler) *ComboRouter { - return cr.route(cr.router.Options, "OPTIONS", h...) -} - -func (cr *ComboRouter) Head(h ...Handler) *ComboRouter { - return cr.route(cr.router.Head, "HEAD", h...) -} - -// Name sets name of ComboRouter route. -func (cr *ComboRouter) Name(name string) { - if cr.lastRoute == nil { - panic("no corresponding route to be named") - } - cr.lastRoute.Name(name) -} diff --git a/vendor/gitea.com/macaron/macaron/static.go b/vendor/gitea.com/macaron/macaron/static.go deleted file mode 100644 index 04d91d8c9a..0000000000 --- a/vendor/gitea.com/macaron/macaron/static.go +++ /dev/null @@ -1,231 +0,0 @@ -// Copyright 2013 Martini Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package macaron - -import ( - "encoding/base64" - "fmt" - "log" - "net/http" - "path" - "path/filepath" - "strings" - "sync" -) - -// StaticOptions is a struct for specifying configuration options for the macaron.Static middleware. -type StaticOptions struct { - // Prefix is the optional prefix used to serve the static directory content - Prefix string - // SkipLogging will disable [Static] log messages when a static file is served. - SkipLogging bool - // IndexFile defines which file to serve as index if it exists. - IndexFile string - // Expires defines which user-defined function to use for producing a HTTP Expires Header - // https://developers.google.com/speed/docs/insights/LeverageBrowserCaching - Expires func() string - // ETag defines if we should add an ETag header - // https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/http-caching#validating-cached-responses-with-etags - ETag bool - // FileSystem is the interface for supporting any implmentation of file system. - FileSystem http.FileSystem -} - -// FIXME: to be deleted. -type staticMap struct { - lock sync.RWMutex - data map[string]*http.Dir -} - -func (sm *staticMap) Set(dir *http.Dir) { - sm.lock.Lock() - defer sm.lock.Unlock() - - sm.data[string(*dir)] = dir -} - -func (sm *staticMap) Get(name string) *http.Dir { - sm.lock.RLock() - defer sm.lock.RUnlock() - - return sm.data[name] -} - -func (sm *staticMap) Delete(name string) { - sm.lock.Lock() - defer sm.lock.Unlock() - - delete(sm.data, name) -} - -var statics = staticMap{sync.RWMutex{}, map[string]*http.Dir{}} - -// staticFileSystem implements http.FileSystem interface. -type staticFileSystem struct { - dir *http.Dir -} - -func newStaticFileSystem(directory string) staticFileSystem { - if !filepath.IsAbs(directory) { - directory = filepath.Join(Root, directory) - } - dir := http.Dir(directory) - statics.Set(&dir) - return staticFileSystem{&dir} -} - -func (fs staticFileSystem) Open(name string) (http.File, error) { - return fs.dir.Open(name) -} - -func prepareStaticOption(dir string, opt StaticOptions) StaticOptions { - // Defaults - if len(opt.IndexFile) == 0 { - opt.IndexFile = "index.html" - } - // Normalize the prefix if provided - if opt.Prefix != "" { - // Ensure we have a leading '/' - if opt.Prefix[0] != '/' { - opt.Prefix = "/" + opt.Prefix - } - // Remove any trailing '/' - opt.Prefix = strings.TrimRight(opt.Prefix, "/") - } - if opt.FileSystem == nil { - opt.FileSystem = newStaticFileSystem(dir) - } - return opt -} - -func prepareStaticOptions(dir string, options []StaticOptions) StaticOptions { - var opt StaticOptions - if len(options) > 0 { - opt = options[0] - } - return prepareStaticOption(dir, opt) -} - -func staticHandler(ctx *Context, log *log.Logger, opt StaticOptions) bool { - if ctx.Req.Method != "GET" && ctx.Req.Method != "HEAD" { - return false - } - - file := ctx.Req.URL.Path - // if we have a prefix, filter requests by stripping the prefix - if opt.Prefix != "" { - if !strings.HasPrefix(file, opt.Prefix) { - return false - } - file = file[len(opt.Prefix):] - if file != "" && file[0] != '/' { - return false - } - } - - f, err := opt.FileSystem.Open(file) - if err != nil { - return false - } - defer f.Close() - - fi, err := f.Stat() - if err != nil { - return true // File exists but fail to open. - } - - // Try to serve index file - if fi.IsDir() { - redirPath := path.Clean(ctx.Req.URL.Path) - // path.Clean removes the trailing slash, so we need to add it back when - // the original path has it. - if strings.HasSuffix(ctx.Req.URL.Path, "/") { - redirPath = redirPath + "/" - } - // Redirect if missing trailing slash. - if !strings.HasSuffix(redirPath, "/") { - http.Redirect(ctx.Resp, ctx.Req.Request, redirPath+"/", http.StatusFound) - return true - } - - file = path.Join(file, opt.IndexFile) - f, err = opt.FileSystem.Open(file) - if err != nil { - return false // Discard error. - } - defer f.Close() - - fi, err = f.Stat() - if err != nil || fi.IsDir() { - return true - } - } - - if !opt.SkipLogging { - log.Println("[Static] Serving " + file) - } - - // Add an Expires header to the static content - if opt.Expires != nil { - ctx.Resp.Header().Set("Expires", opt.Expires()) - } - - if opt.ETag { - tag := `"` + GenerateETag(fmt.Sprintf("%d", fi.Size()), fi.Name(), fi.ModTime().UTC().Format(http.TimeFormat)) + `"` - ctx.Resp.Header().Set("ETag", tag) - if ctx.Req.Header.Get("If-None-Match") == tag { - ctx.Resp.WriteHeader(http.StatusNotModified) - return true - } - } - - http.ServeContent(ctx.Resp, ctx.Req.Request, file, fi.ModTime(), f) - return true -} - -// GenerateETag generates an ETag based on size, filename and file modification time -func GenerateETag(fileSize, fileName, modTime string) string { - etag := fileSize + fileName + modTime - return base64.StdEncoding.EncodeToString([]byte(etag)) -} - -// Static returns a middleware handler that serves static files in the given directory. -func Static(directory string, staticOpt ...StaticOptions) Handler { - opt := prepareStaticOptions(directory, staticOpt) - - return func(ctx *Context, log *log.Logger) { - staticHandler(ctx, log, opt) - } -} - -// Statics registers multiple static middleware handlers all at once. -func Statics(opt StaticOptions, dirs ...string) Handler { - if len(dirs) == 0 { - panic("no static directory is given") - } - opts := make([]StaticOptions, len(dirs)) - for i := range dirs { - opts[i] = prepareStaticOption(dirs[i], opt) - } - - return func(ctx *Context, log *log.Logger) { - for i := range opts { - if staticHandler(ctx, log, opts[i]) { - return - } - } - } -} diff --git a/vendor/gitea.com/macaron/macaron/tree.go b/vendor/gitea.com/macaron/macaron/tree.go deleted file mode 100644 index 0ab094dd68..0000000000 --- a/vendor/gitea.com/macaron/macaron/tree.go +++ /dev/null @@ -1,390 +0,0 @@ -// Copyright 2015 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package macaron - -import ( - "regexp" - "strings" - - "github.com/unknwon/com" -) - -type patternType int8 - -const ( - _PATTERN_STATIC patternType = iota // /home - _PATTERN_REGEXP // /:id([0-9]+) - _PATTERN_PATH_EXT // /*.* - _PATTERN_HOLDER // /:user - _PATTERN_MATCH_ALL // /* -) - -// Leaf represents a leaf route information. -type Leaf struct { - parent *Tree - - typ patternType - pattern string - rawPattern string // Contains wildcard instead of regexp - wildcards []string - reg *regexp.Regexp - optional bool - - handle Handle -} - -var wildcardPattern = regexp.MustCompile(`:[a-zA-Z0-9]+`) - -func isSpecialRegexp(pattern, regStr string, pos []int) bool { - return len(pattern) >= pos[1]+len(regStr) && pattern[pos[1]:pos[1]+len(regStr)] == regStr -} - -// getNextWildcard tries to find next wildcard and update pattern with corresponding regexp. -func getNextWildcard(pattern string) (wildcard, _ string) { - pos := wildcardPattern.FindStringIndex(pattern) - if pos == nil { - return "", pattern - } - wildcard = pattern[pos[0]:pos[1]] - - // Reach last character or no regexp is given. - if len(pattern) == pos[1] { - return wildcard, strings.Replace(pattern, wildcard, `(.+)`, 1) - } else if pattern[pos[1]] != '(' { - switch { - case isSpecialRegexp(pattern, ":int", pos): - pattern = strings.Replace(pattern, ":int", "([0-9]+)", 1) - case isSpecialRegexp(pattern, ":string", pos): - pattern = strings.Replace(pattern, ":string", "([\\w]+)", 1) - default: - return wildcard, strings.Replace(pattern, wildcard, `(.+)`, 1) - } - } - - // Cut out placeholder directly. - return wildcard, pattern[:pos[0]] + pattern[pos[1]:] -} - -func getWildcards(pattern string) (string, []string) { - wildcards := make([]string, 0, 2) - - // Keep getting next wildcard until nothing is left. - var wildcard string - for { - wildcard, pattern = getNextWildcard(pattern) - if len(wildcard) > 0 { - wildcards = append(wildcards, wildcard) - } else { - break - } - } - - return pattern, wildcards -} - -// getRawPattern removes all regexp but keeps wildcards for building URL path. -func getRawPattern(rawPattern string) string { - rawPattern = strings.Replace(rawPattern, ":int", "", -1) - rawPattern = strings.Replace(rawPattern, ":string", "", -1) - - for { - startIdx := strings.Index(rawPattern, "(") - if startIdx == -1 { - break - } - - closeIdx := strings.Index(rawPattern, ")") - if closeIdx > -1 { - rawPattern = rawPattern[:startIdx] + rawPattern[closeIdx+1:] - } - } - return rawPattern -} - -func checkPattern(pattern string) (typ patternType, rawPattern string, wildcards []string, reg *regexp.Regexp) { - pattern = strings.TrimLeft(pattern, "?") - rawPattern = getRawPattern(pattern) - - if pattern == "*" { - typ = _PATTERN_MATCH_ALL - } else if pattern == "*.*" { - typ = _PATTERN_PATH_EXT - } else if strings.Contains(pattern, ":") { - typ = _PATTERN_REGEXP - pattern, wildcards = getWildcards(pattern) - if pattern == "(.+)" { - typ = _PATTERN_HOLDER - } else { - reg = regexp.MustCompile(pattern) - } - } - return typ, rawPattern, wildcards, reg -} - -func NewLeaf(parent *Tree, pattern string, handle Handle) *Leaf { - typ, rawPattern, wildcards, reg := checkPattern(pattern) - optional := false - if len(pattern) > 0 && pattern[0] == '?' { - optional = true - } - return &Leaf{parent, typ, pattern, rawPattern, wildcards, reg, optional, handle} -} - -// URLPath build path part of URL by given pair values. -func (l *Leaf) URLPath(pairs ...string) string { - if len(pairs)%2 != 0 { - panic("number of pairs does not match") - } - - urlPath := l.rawPattern - parent := l.parent - for parent != nil { - urlPath = parent.rawPattern + "/" + urlPath - parent = parent.parent - } - for i := 0; i < len(pairs); i += 2 { - if len(pairs[i]) == 0 { - panic("pair value cannot be empty: " + com.ToStr(i)) - } else if pairs[i][0] != ':' && pairs[i] != "*" && pairs[i] != "*.*" { - pairs[i] = ":" + pairs[i] - } - urlPath = strings.Replace(urlPath, pairs[i], pairs[i+1], 1) - } - return urlPath -} - -// Tree represents a router tree in Macaron. -type Tree struct { - parent *Tree - - typ patternType - pattern string - rawPattern string - wildcards []string - reg *regexp.Regexp - - subtrees []*Tree - leaves []*Leaf -} - -func NewSubtree(parent *Tree, pattern string) *Tree { - typ, rawPattern, wildcards, reg := checkPattern(pattern) - return &Tree{parent, typ, pattern, rawPattern, wildcards, reg, make([]*Tree, 0, 5), make([]*Leaf, 0, 5)} -} - -func NewTree() *Tree { - return NewSubtree(nil, "") -} - -func (t *Tree) addLeaf(pattern string, handle Handle) *Leaf { - for i := 0; i < len(t.leaves); i++ { - if t.leaves[i].pattern == pattern { - return t.leaves[i] - } - } - - leaf := NewLeaf(t, pattern, handle) - - // Add exact same leaf to grandparent/parent level without optional. - if leaf.optional { - parent := leaf.parent - if parent.parent != nil { - parent.parent.addLeaf(parent.pattern, handle) - } else { - parent.addLeaf("", handle) // Root tree can add as empty pattern. - } - } - - i := 0 - for ; i < len(t.leaves); i++ { - if leaf.typ < t.leaves[i].typ { - break - } - } - - if i == len(t.leaves) { - t.leaves = append(t.leaves, leaf) - } else { - t.leaves = append(t.leaves[:i], append([]*Leaf{leaf}, t.leaves[i:]...)...) - } - return leaf -} - -func (t *Tree) addSubtree(segment, pattern string, handle Handle) *Leaf { - for i := 0; i < len(t.subtrees); i++ { - if t.subtrees[i].pattern == segment { - return t.subtrees[i].addNextSegment(pattern, handle) - } - } - - subtree := NewSubtree(t, segment) - i := 0 - for ; i < len(t.subtrees); i++ { - if subtree.typ < t.subtrees[i].typ { - break - } - } - - if i == len(t.subtrees) { - t.subtrees = append(t.subtrees, subtree) - } else { - t.subtrees = append(t.subtrees[:i], append([]*Tree{subtree}, t.subtrees[i:]...)...) - } - return subtree.addNextSegment(pattern, handle) -} - -func (t *Tree) addNextSegment(pattern string, handle Handle) *Leaf { - pattern = strings.TrimPrefix(pattern, "/") - - i := strings.Index(pattern, "/") - if i == -1 { - return t.addLeaf(pattern, handle) - } - return t.addSubtree(pattern[:i], pattern[i+1:], handle) -} - -func (t *Tree) Add(pattern string, handle Handle) *Leaf { - pattern = strings.TrimSuffix(pattern, "/") - return t.addNextSegment(pattern, handle) -} - -func (t *Tree) matchLeaf(globLevel int, url string, params Params) (Handle, bool) { - url, err := PathUnescape(url) - if err != nil { - return nil, false - } - for i := 0; i < len(t.leaves); i++ { - switch t.leaves[i].typ { - case _PATTERN_STATIC: - if t.leaves[i].pattern == url { - return t.leaves[i].handle, true - } - case _PATTERN_REGEXP: - results := t.leaves[i].reg.FindStringSubmatch(url) - // Number of results and wildcasrd should be exact same. - if len(results)-1 != len(t.leaves[i].wildcards) { - break - } - - for j := 0; j < len(t.leaves[i].wildcards); j++ { - params[t.leaves[i].wildcards[j]] = results[j+1] - } - return t.leaves[i].handle, true - case _PATTERN_PATH_EXT: - j := strings.LastIndex(url, ".") - if j > -1 { - params[":path"] = url[:j] - params[":ext"] = url[j+1:] - } else { - params[":path"] = url - } - return t.leaves[i].handle, true - case _PATTERN_HOLDER: - params[t.leaves[i].wildcards[0]] = url - return t.leaves[i].handle, true - case _PATTERN_MATCH_ALL: - params["*"] = url - params["*"+com.ToStr(globLevel)] = url - return t.leaves[i].handle, true - } - } - return nil, false -} - -func (t *Tree) matchSubtree(globLevel int, segment, url string, params Params) (Handle, bool) { - unescapedSegment, err := PathUnescape(segment) - if err != nil { - return nil, false - } - for i := 0; i < len(t.subtrees); i++ { - switch t.subtrees[i].typ { - case _PATTERN_STATIC: - if t.subtrees[i].pattern == unescapedSegment { - if handle, ok := t.subtrees[i].matchNextSegment(globLevel, url, params); ok { - return handle, true - } - } - case _PATTERN_REGEXP: - results := t.subtrees[i].reg.FindStringSubmatch(unescapedSegment) - if len(results)-1 != len(t.subtrees[i].wildcards) { - break - } - - for j := 0; j < len(t.subtrees[i].wildcards); j++ { - params[t.subtrees[i].wildcards[j]] = results[j+1] - } - if handle, ok := t.subtrees[i].matchNextSegment(globLevel, url, params); ok { - return handle, true - } - case _PATTERN_HOLDER: - if handle, ok := t.subtrees[i].matchNextSegment(globLevel+1, url, params); ok { - params[t.subtrees[i].wildcards[0]] = unescapedSegment - return handle, true - } - case _PATTERN_MATCH_ALL: - if handle, ok := t.subtrees[i].matchNextSegment(globLevel+1, url, params); ok { - params["*"+com.ToStr(globLevel)] = unescapedSegment - return handle, true - } - } - } - - if len(t.leaves) > 0 { - leaf := t.leaves[len(t.leaves)-1] - unescapedURL, err := PathUnescape(segment + "/" + url) - if err != nil { - return nil, false - } - if leaf.typ == _PATTERN_PATH_EXT { - j := strings.LastIndex(unescapedURL, ".") - if j > -1 { - params[":path"] = unescapedURL[:j] - params[":ext"] = unescapedURL[j+1:] - } else { - params[":path"] = unescapedURL - } - return leaf.handle, true - } else if leaf.typ == _PATTERN_MATCH_ALL { - params["*"] = unescapedURL - params["*"+com.ToStr(globLevel)] = unescapedURL - return leaf.handle, true - } - } - return nil, false -} - -func (t *Tree) matchNextSegment(globLevel int, url string, params Params) (Handle, bool) { - i := strings.Index(url, "/") - if i == -1 { - return t.matchLeaf(globLevel, url, params) - } - return t.matchSubtree(globLevel, url[:i], url[i+1:], params) -} - -func (t *Tree) Match(url string) (Handle, Params, bool) { - url = strings.TrimPrefix(url, "/") - url = strings.TrimSuffix(url, "/") - params := make(Params) - handle, ok := t.matchNextSegment(0, url, params) - return handle, params, ok -} - -// MatchTest returns true if given URL is matched by given pattern. -func MatchTest(pattern, url string) bool { - t := NewTree() - t.Add(pattern, nil) - _, _, ok := t.Match(url) - return ok -} diff --git a/vendor/gitea.com/macaron/macaron/util_go17.go b/vendor/gitea.com/macaron/macaron/util_go17.go deleted file mode 100644 index a80c696c7c..0000000000 --- a/vendor/gitea.com/macaron/macaron/util_go17.go +++ /dev/null @@ -1,25 +0,0 @@ -// +build !go1.8 - -// Copyright 2017 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package macaron - -import "net/url" - -// PathUnescape unescapes a path. Ideally, this function would use -// url.PathUnescape(..), but the function was not introduced until go1.8. -func PathUnescape(s string) (string, error) { - return url.QueryUnescape(s) -} diff --git a/vendor/gitea.com/macaron/macaron/util_go18.go b/vendor/gitea.com/macaron/macaron/util_go18.go deleted file mode 100644 index d5eb1dfb28..0000000000 --- a/vendor/gitea.com/macaron/macaron/util_go18.go +++ /dev/null @@ -1,24 +0,0 @@ -// +build go1.8 - -// Copyright 2017 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package macaron - -import "net/url" - -// PathUnescape unescapes a path. -func PathUnescape(s string) (string, error) { - return url.PathUnescape(s) -} diff --git a/vendor/gitea.com/macaron/session/.drone.yml b/vendor/gitea.com/macaron/session/.drone.yml deleted file mode 100644 index 717ada4b8f..0000000000 --- a/vendor/gitea.com/macaron/session/.drone.yml +++ /dev/null @@ -1,11 +0,0 @@ -kind: pipeline -name: default - -steps: -- name: test - image: golang:1.12 - environment: - GOPROXY: https://goproxy.cn - commands: - - go build -v - - go test -v -race -coverprofile=coverage.txt -covermode=atomic \ No newline at end of file diff --git a/vendor/gitea.com/macaron/session/.gitignore b/vendor/gitea.com/macaron/session/.gitignore deleted file mode 100644 index 834722925c..0000000000 --- a/vendor/gitea.com/macaron/session/.gitignore +++ /dev/null @@ -1,4 +0,0 @@ -ledis/tmp.db -nodb/tmp.db -/vendor -/.idea diff --git a/vendor/gitea.com/macaron/session/LICENSE b/vendor/gitea.com/macaron/session/LICENSE deleted file mode 100644 index 8405e89a0b..0000000000 --- a/vendor/gitea.com/macaron/session/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ -Apache License -Version 2.0, January 2004 -http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - -"License" shall mean the terms and conditions for use, reproduction, and -distribution as defined by Sections 1 through 9 of this document. - -"Licensor" shall mean the copyright owner or entity authorized by the copyright -owner that is granting the License. - -"Legal Entity" shall mean the union of the acting entity and all other entities -that control, are controlled by, or are under common control with that entity. -For the purposes of this definition, "control" means (i) the power, direct or -indirect, to cause the direction or management of such entity, whether by -contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the -outstanding shares, or (iii) beneficial ownership of such entity. - -"You" (or "Your") shall mean an individual or Legal Entity exercising -permissions granted by this License. - -"Source" form shall mean the preferred form for making modifications, including -but not limited to software source code, documentation source, and configuration -files. - -"Object" form shall mean any form resulting from mechanical transformation or -translation of a Source form, including but not limited to compiled object code, -generated documentation, and conversions to other media types. - -"Work" shall mean the work of authorship, whether in Source or Object form, made -available under the License, as indicated by a copyright notice that is included -in or attached to the work (an example is provided in the Appendix below). - -"Derivative Works" shall mean any work, whether in Source or Object form, that -is based on (or derived from) the Work and for which the editorial revisions, -annotations, elaborations, or other modifications represent, as a whole, an -original work of authorship. For the purposes of this License, Derivative Works -shall not include works that remain separable from, or merely link (or bind by -name) to the interfaces of, the Work and Derivative Works thereof. - -"Contribution" shall mean any work of authorship, including the original version -of the Work and any modifications or additions to that Work or Derivative Works -thereof, that is intentionally submitted to Licensor for inclusion in the Work -by the copyright owner or by an individual or Legal Entity authorized to submit -on behalf of the copyright owner. For the purposes of this definition, -"submitted" means any form of electronic, verbal, or written communication sent -to the Licensor or its representatives, including but not limited to -communication on electronic mailing lists, source code control systems, and -issue tracking systems that are managed by, or on behalf of, the Licensor for -the purpose of discussing and improving the Work, but excluding communication -that is conspicuously marked or otherwise designated in writing by the copyright -owner as "Not a Contribution." - -"Contributor" shall mean Licensor and any individual or Legal Entity on behalf -of whom a Contribution has been received by Licensor and subsequently -incorporated within the Work. - -2. Grant of Copyright License. - -Subject to the terms and conditions of this License, each Contributor hereby -grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, -irrevocable copyright license to reproduce, prepare Derivative Works of, -publicly display, publicly perform, sublicense, and distribute the Work and such -Derivative Works in Source or Object form. - -3. Grant of Patent License. - -Subject to the terms and conditions of this License, each Contributor hereby -grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, -irrevocable (except as stated in this section) patent license to make, have -made, use, offer to sell, sell, import, and otherwise transfer the Work, where -such license applies only to those patent claims licensable by such Contributor -that are necessarily infringed by their Contribution(s) alone or by combination -of their Contribution(s) with the Work to which such Contribution(s) was -submitted. If You institute patent litigation against any entity (including a -cross-claim or counterclaim in a lawsuit) alleging that the Work or a -Contribution incorporated within the Work constitutes direct or contributory -patent infringement, then any patent licenses granted to You under this License -for that Work shall terminate as of the date such litigation is filed. - -4. Redistribution. - -You may reproduce and distribute copies of the Work or Derivative Works thereof -in any medium, with or without modifications, and in Source or Object form, -provided that You meet the following conditions: - -You must give any other recipients of the Work or Derivative Works a copy of -this License; and -You must cause any modified files to carry prominent notices stating that You -changed the files; and -You must retain, in the Source form of any Derivative Works that You distribute, -all copyright, patent, trademark, and attribution notices from the Source form -of the Work, excluding those notices that do not pertain to any part of the -Derivative Works; and -If the Work includes a "NOTICE" text file as part of its distribution, then any -Derivative Works that You distribute must include a readable copy of the -attribution notices contained within such NOTICE file, excluding those notices -that do not pertain to any part of the Derivative Works, in at least one of the -following places: within a NOTICE text file distributed as part of the -Derivative Works; within the Source form or documentation, if provided along -with the Derivative Works; or, within a display generated by the Derivative -Works, if and wherever such third-party notices normally appear. The contents of -the NOTICE file are for informational purposes only and do not modify the -License. You may add Your own attribution notices within Derivative Works that -You distribute, alongside or as an addendum to the NOTICE text from the Work, -provided that such additional attribution notices cannot be construed as -modifying the License. -You may add Your own copyright statement to Your modifications and may provide -additional or different license terms and conditions for use, reproduction, or -distribution of Your modifications, or for any such Derivative Works as a whole, -provided Your use, reproduction, and distribution of the Work otherwise complies -with the conditions stated in this License. - -5. Submission of Contributions. - -Unless You explicitly state otherwise, any Contribution intentionally submitted -for inclusion in the Work by You to the Licensor shall be under the terms and -conditions of this License, without any additional terms or conditions. -Notwithstanding the above, nothing herein shall supersede or modify the terms of -any separate license agreement you may have executed with Licensor regarding -such Contributions. - -6. Trademarks. - -This License does not grant permission to use the trade names, trademarks, -service marks, or product names of the Licensor, except as required for -reasonable and customary use in describing the origin of the Work and -reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. - -Unless required by applicable law or agreed to in writing, Licensor provides the -Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, -including, without limitation, any warranties or conditions of TITLE, -NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are -solely responsible for determining the appropriateness of using or -redistributing the Work and assume any risks associated with Your exercise of -permissions under this License. - -8. Limitation of Liability. - -In no event and under no legal theory, whether in tort (including negligence), -contract, or otherwise, unless required by applicable law (such as deliberate -and grossly negligent acts) or agreed to in writing, shall any Contributor be -liable to You for damages, including any direct, indirect, special, incidental, -or consequential damages of any character arising as a result of this License or -out of the use or inability to use the Work (including but not limited to -damages for loss of goodwill, work stoppage, computer failure or malfunction, or -any and all other commercial damages or losses), even if such Contributor has -been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. - -While redistributing the Work or Derivative Works thereof, You may choose to -offer, and charge a fee for, acceptance of support, warranty, indemnity, or -other liability obligations and/or rights consistent with this License. However, -in accepting such obligations, You may act only on Your own behalf and on Your -sole responsibility, not on behalf of any other Contributor, and only if You -agree to indemnify, defend, and hold each Contributor harmless for any liability -incurred by, or claims asserted against, such Contributor by reason of your -accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work - -To apply the Apache License to your work, attach the following boilerplate -notice, with the fields enclosed by brackets "[]" replaced with your own -identifying information. (Don't include the brackets!) The text should be -enclosed in the appropriate comment syntax for the file format. We also -recommend that a file or class name and description of purpose be included on -the same "printed page" as the copyright notice for easier identification within -third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. \ No newline at end of file diff --git a/vendor/gitea.com/macaron/session/README.md b/vendor/gitea.com/macaron/session/README.md deleted file mode 100644 index ebbbff5453..0000000000 --- a/vendor/gitea.com/macaron/session/README.md +++ /dev/null @@ -1,22 +0,0 @@ -# session - -Middleware session provides session management for [Macaron](https://gitea.com/macaron/macaron). It can use many session providers, including memory, file, Redis, Memcache, PostgreSQL, MySQL, Couchbase, Ledis and Nodb. - -### Installation - -The minimum requirement of Go is 1.11 . - - go get gitea.com/macaron/session - -## Getting Help - -- [API Reference](https://gowalker.org/gitea.com/macaron/session) -- [Documentation](https://go-macaron.com/docs/middlewares/session) - -## Credits - -This package is a modified version of [go-macaron/session](github.com/go-macaron/session). - -## License - -This project is under the Apache License, Version 2.0. See the [LICENSE](LICENSE) file for the full license text. \ No newline at end of file diff --git a/vendor/gitea.com/macaron/session/couchbase/couchbase.go b/vendor/gitea.com/macaron/session/couchbase/couchbase.go deleted file mode 100644 index 25a278d34c..0000000000 --- a/vendor/gitea.com/macaron/session/couchbase/couchbase.go +++ /dev/null @@ -1,227 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "strings" - "sync" - - "gitea.com/macaron/session" - "github.com/couchbase/go-couchbase" -) - -// CouchbaseSessionStore represents a couchbase session store implementation. -type CouchbaseSessionStore struct { - b *couchbase.Bucket - sid string - lock sync.RWMutex - data map[interface{}]interface{} - maxlifetime int64 -} - -// Set sets value to given key in session. -func (s *CouchbaseSessionStore) Set(key, val interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = val - return nil -} - -// Get gets value by given key in session. -func (s *CouchbaseSessionStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete delete a key from session. -func (s *CouchbaseSessionStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *CouchbaseSessionStore) ID() string { - return s.sid -} - -// Release releases resource and save data to provider. -func (s *CouchbaseSessionStore) Release() error { - defer s.b.Close() - - // Skip encoding if the data is empty - if len(s.data) == 0 { - return nil - } - - data, err := session.EncodeGob(s.data) - if err != nil { - return err - } - - return s.b.Set(s.sid, int(s.maxlifetime), data) -} - -// Flush deletes all session data. -func (s *CouchbaseSessionStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} - -// CouchbaseProvider represents a couchbase session provider implementation. -type CouchbaseProvider struct { - maxlifetime int64 - connStr string - pool string - bucket string - b *couchbase.Bucket -} - -func (cp *CouchbaseProvider) getBucket() *couchbase.Bucket { - c, err := couchbase.Connect(cp.connStr) - if err != nil { - return nil - } - - pool, err := c.GetPool(cp.pool) - if err != nil { - return nil - } - - bucket, err := pool.GetBucket(cp.bucket) - if err != nil { - return nil - } - - return bucket -} - -// Init initializes memory session provider. -// connStr is couchbase server REST/JSON URL -// e.g. http://host:port/, Pool, Bucket -func (p *CouchbaseProvider) Init(maxlifetime int64, connStr string) error { - p.maxlifetime = maxlifetime - configs := strings.Split(connStr, ",") - if len(configs) > 0 { - p.connStr = configs[0] - } - if len(configs) > 1 { - p.pool = configs[1] - } - if len(configs) > 2 { - p.bucket = configs[2] - } - - return nil -} - -// Read returns raw session store by session ID. -func (p *CouchbaseProvider) Read(sid string) (session.RawStore, error) { - p.b = p.getBucket() - - var doc []byte - - err := p.b.Get(sid, &doc) - var kv map[interface{}]interface{} - if doc == nil { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob(doc) - if err != nil { - return nil, err - } - } - - cs := &CouchbaseSessionStore{b: p.b, sid: sid, data: kv, maxlifetime: p.maxlifetime} - return cs, nil -} - -// Exist returns true if session with given ID exists. -func (p *CouchbaseProvider) Exist(sid string) bool { - p.b = p.getBucket() - defer p.b.Close() - - var doc []byte - - if err := p.b.Get(sid, &doc); err != nil || doc == nil { - return false - } else { - return true - } -} - -// Destroy deletes a session by session ID. -func (p *CouchbaseProvider) Destroy(sid string) error { - p.b = p.getBucket() - defer p.b.Close() - - p.b.Delete(sid) - return nil -} - -// Regenerate regenerates a session store from old session ID to new one. -func (p *CouchbaseProvider) Regenerate(oldsid, sid string) (session.RawStore, error) { - p.b = p.getBucket() - - var doc []byte - if err := p.b.Get(oldsid, &doc); err != nil || doc == nil { - p.b.Set(sid, int(p.maxlifetime), "") - } else { - err := p.b.Delete(oldsid) - if err != nil { - return nil, err - } - _, _ = p.b.Add(sid, int(p.maxlifetime), doc) - } - - err := p.b.Get(sid, &doc) - if err != nil { - return nil, err - } - var kv map[interface{}]interface{} - if doc == nil { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob(doc) - if err != nil { - return nil, err - } - } - - cs := &CouchbaseSessionStore{b: p.b, sid: sid, data: kv, maxlifetime: p.maxlifetime} - return cs, nil -} - -// Count counts and returns number of sessions. -func (p *CouchbaseProvider) Count() int { - // FIXME - return 0 -} - -// GC calls GC to clean expired sessions. -func (p *CouchbaseProvider) GC() {} - -func init() { - session.Register("couchbase", &CouchbaseProvider{}) -} diff --git a/vendor/gitea.com/macaron/session/file.go b/vendor/gitea.com/macaron/session/file.go deleted file mode 100644 index ce915344fb..0000000000 --- a/vendor/gitea.com/macaron/session/file.go +++ /dev/null @@ -1,274 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "fmt" - "io/ioutil" - "log" - "os" - "path" - "path/filepath" - "sync" - "time" - - "github.com/unknwon/com" -) - -// FileStore represents a file session store implementation. -type FileStore struct { - p *FileProvider - sid string - lock sync.RWMutex - data map[interface{}]interface{} -} - -// NewFileStore creates and returns a file session store. -func NewFileStore(p *FileProvider, sid string, kv map[interface{}]interface{}) *FileStore { - return &FileStore{ - p: p, - sid: sid, - data: kv, - } -} - -// Set sets value to given key in session. -func (s *FileStore) Set(key, val interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = val - return nil -} - -// Get gets value by given key in session. -func (s *FileStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete delete a key from session. -func (s *FileStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *FileStore) ID() string { - return s.sid -} - -// Release releases resource and save data to provider. -func (s *FileStore) Release() error { - s.p.lock.Lock() - defer s.p.lock.Unlock() - - // Skip encoding if the data is empty - if len(s.data) == 0 { - return nil - } - - data, err := EncodeGob(s.data) - if err != nil { - return err - } - - return ioutil.WriteFile(s.p.filepath(s.sid), data, 0600) -} - -// Flush deletes all session data. -func (s *FileStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} - -// FileProvider represents a file session provider implementation. -type FileProvider struct { - lock sync.RWMutex - maxlifetime int64 - rootPath string -} - -// Init initializes file session provider with given root path. -func (p *FileProvider) Init(maxlifetime int64, rootPath string) error { - p.lock.Lock() - p.maxlifetime = maxlifetime - p.rootPath = rootPath - p.lock.Unlock() - return nil -} - -func (p *FileProvider) filepath(sid string) string { - return path.Join(p.rootPath, string(sid[0]), string(sid[1]), sid) -} - -// Read returns raw session store by session ID. -func (p *FileProvider) Read(sid string) (_ RawStore, err error) { - filename := p.filepath(sid) - if err = os.MkdirAll(path.Dir(filename), 0700); err != nil { - return nil, err - } - p.lock.RLock() - defer p.lock.RUnlock() - - var f *os.File - ok := false - if com.IsFile(filename) { - modTime, err := com.FileMTime(filename) - if err != nil { - return nil, err - } - ok = (modTime + p.maxlifetime) >= time.Now().Unix() - } - if ok { - f, err = os.OpenFile(filename, os.O_RDONLY, 0600) - } else { - f, err = os.Create(filename) - } - if err != nil { - return nil, err - } - defer f.Close() - - if err = os.Chtimes(filename, time.Now(), time.Now()); err != nil { - return nil, err - } - - var kv map[interface{}]interface{} - data, err := ioutil.ReadAll(f) - if err != nil { - return nil, err - } - if len(data) == 0 { - kv = make(map[interface{}]interface{}) - } else { - kv, err = DecodeGob(data) - if err != nil { - return nil, err - } - } - return NewFileStore(p, sid, kv), nil -} - -// Exist returns true if session with given ID exists. -func (p *FileProvider) Exist(sid string) bool { - p.lock.RLock() - defer p.lock.RUnlock() - return com.IsFile(p.filepath(sid)) -} - -// Destroy deletes a session by session ID. -func (p *FileProvider) Destroy(sid string) error { - p.lock.Lock() - defer p.lock.Unlock() - return os.Remove(p.filepath(sid)) -} - -func (p *FileProvider) regenerate(oldsid, sid string) (err error) { - p.lock.Lock() - defer p.lock.Unlock() - - filename := p.filepath(sid) - if com.IsExist(filename) { - return fmt.Errorf("new sid '%s' already exists", sid) - } - - oldname := p.filepath(oldsid) - if !com.IsFile(oldname) { - data, err := EncodeGob(make(map[interface{}]interface{})) - if err != nil { - return err - } - if err = os.MkdirAll(path.Dir(oldname), 0700); err != nil { - return err - } - if err = ioutil.WriteFile(oldname, data, 0600); err != nil { - return err - } - } - - if err = os.MkdirAll(path.Dir(filename), 0700); err != nil { - return err - } - if err = os.Rename(oldname, filename); err != nil { - return err - } - return nil -} - -// Regenerate regenerates a session store from old session ID to new one. -func (p *FileProvider) Regenerate(oldsid, sid string) (_ RawStore, err error) { - if err := p.regenerate(oldsid, sid); err != nil { - return nil, err - } - - return p.Read(sid) -} - -// Count counts and returns number of sessions. -func (p *FileProvider) Count() int { - count := 0 - if err := filepath.Walk(p.rootPath, func(path string, fi os.FileInfo, err error) error { - if err != nil { - return err - } - - if !fi.IsDir() { - count++ - } - return nil - }); err != nil { - log.Printf("error counting session files: %v", err) - return 0 - } - return count -} - -// GC calls GC to clean expired sessions. -func (p *FileProvider) GC() { - p.lock.RLock() - defer p.lock.RUnlock() - - if !com.IsExist(p.rootPath) { - return - } - - if err := filepath.Walk(p.rootPath, func(path string, fi os.FileInfo, err error) error { - if err != nil { - return err - } - - if !fi.IsDir() && - (fi.ModTime().Unix()+p.maxlifetime) < time.Now().Unix() { - return os.Remove(path) - } - return nil - }); err != nil { - log.Printf("error garbage collecting session files: %v", err) - } -} - -func init() { - Register("file", &FileProvider{}) -} diff --git a/vendor/gitea.com/macaron/session/flash.go b/vendor/gitea.com/macaron/session/flash.go deleted file mode 100644 index 93c461d47a..0000000000 --- a/vendor/gitea.com/macaron/session/flash.go +++ /dev/null @@ -1,61 +0,0 @@ -// Copyright 2018 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "net/url" - - "gitea.com/macaron/macaron" -) - -type Flash struct { - ctx *macaron.Context - url.Values - ErrorMsg, WarningMsg, InfoMsg, SuccessMsg string -} - -func (f *Flash) set(name, msg string, current ...bool) { - isShow := false - if (len(current) == 0 && macaron.FlashNow) || - (len(current) > 0 && current[0]) { - isShow = true - } - - if isShow { - f.ctx.Data["Flash"] = f - } else { - f.Set(name, msg) - } -} - -func (f *Flash) Error(msg string, current ...bool) { - f.ErrorMsg = msg - f.set("error", msg, current...) -} - -func (f *Flash) Warning(msg string, current ...bool) { - f.WarningMsg = msg - f.set("warning", msg, current...) -} - -func (f *Flash) Info(msg string, current ...bool) { - f.InfoMsg = msg - f.set("info", msg, current...) -} - -func (f *Flash) Success(msg string, current ...bool) { - f.SuccessMsg = msg - f.set("success", msg, current...) -} diff --git a/vendor/gitea.com/macaron/session/go.mod b/vendor/gitea.com/macaron/session/go.mod deleted file mode 100644 index f44315f827..0000000000 --- a/vendor/gitea.com/macaron/session/go.mod +++ /dev/null @@ -1,30 +0,0 @@ -module gitea.com/macaron/session - -go 1.11 - -require ( - gitea.com/lunny/nodb v0.0.0-20200923032308-3238c4655727 - gitea.com/macaron/macaron v1.5.0 - github.com/bradfitz/gomemcache v0.0.0-20190329173943-551aad21a668 - github.com/couchbase/go-couchbase v0.0.0-20201026062457-7b3be89bbd89 - github.com/couchbase/gomemcached v0.1.0 // indirect - github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67 // indirect - github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76 // indirect - github.com/edsrzf/mmap-go v1.0.0 // indirect - github.com/go-redis/redis v6.15.2+incompatible - github.com/go-sql-driver/mysql v1.4.1 - github.com/golang/snappy v0.0.2 // indirect - github.com/lib/pq v1.2.0 - github.com/pkg/errors v0.8.1 // indirect - github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726 // indirect - github.com/siddontang/ledisdb v0.0.0-20190202134119-8ceb77e66a92 - github.com/siddontang/rdb v0.0.0-20150307021120-fc89ed2e418d // indirect - github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337 - github.com/stretchr/testify v1.3.0 // indirect - github.com/unknwon/com v1.0.1 - golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 // indirect - golang.org/x/net v0.0.0-20190724013045-ca1201d0de80 // indirect - google.golang.org/appengine v1.6.1 // indirect - gopkg.in/ini.v1 v1.62.0 - gopkg.in/yaml.v2 v2.2.2 // indirect -) diff --git a/vendor/gitea.com/macaron/session/go.sum b/vendor/gitea.com/macaron/session/go.sum deleted file mode 100644 index cf76c4e874..0000000000 --- a/vendor/gitea.com/macaron/session/go.sum +++ /dev/null @@ -1,118 +0,0 @@ -gitea.com/lunny/log v0.0.0-20190322053110-01b5df579c4e h1:r1en/D7xJmcY24VkHkjkcJFa+7ZWubVWPBrvsHkmHxk= -gitea.com/lunny/log v0.0.0-20190322053110-01b5df579c4e/go.mod h1:uJEsN4LQpeGYRCjuPXPZBClU7N5pWzGuyF4uqLpE/e0= -gitea.com/lunny/nodb v0.0.0-20200923032308-3238c4655727 h1:ZF2Bd6rqVlwhIDhYiS0uGYcT+GaVNGjuKVJkTNqWMIs= -gitea.com/lunny/nodb v0.0.0-20200923032308-3238c4655727/go.mod h1:h0OwsgcpJLSYtHcM5+Xciw9OEeuxi6ty4HDiO8C7aIY= -gitea.com/macaron/inject v0.0.0-20190805023432-d4c86e31027a/go.mod h1:h6E4kLao1Yko6DOU6QDnQPcuoNzvbZqzj2mtPcEn1aM= -gitea.com/macaron/macaron v1.5.0/go.mod h1:P7hfDbQjcW22lkYkXlxdRIfWOXxH2+K4EogN4Q0UlLY= -github.com/bradfitz/gomemcache v0.0.0-20190329173943-551aad21a668 h1:U/lr3Dgy4WK+hNk4tyD+nuGjpVLPEHuJSFXMw11/HPA= -github.com/bradfitz/gomemcache v0.0.0-20190329173943-551aad21a668/go.mod h1:H0wQNHz2YrLsuXOZozoeDmnHXkNCRmMW0gwFWDfEZDA= -github.com/couchbase/go-couchbase v0.0.0-20201026062457-7b3be89bbd89 h1:uNLXQ6QO1TocD8BaN/KkRki0Xw0brCM1PKl/ZA5pgfs= -github.com/couchbase/go-couchbase v0.0.0-20201026062457-7b3be89bbd89/go.mod h1:+/bddYDxXsf9qt0xpDUtRR47A2GjaXmGGAqQ/k3GJ8A= -github.com/couchbase/gomemcached v0.1.0 h1:whUde87n8CScx8ckMp2En5liqAlcuG3aKy/BQeBPu84= -github.com/couchbase/gomemcached v0.1.0/go.mod h1:srVSlQLB8iXBVXHgnqemxUXqN6FCvClgCMPCsjBDR7c= -github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67 h1:NCqJ6fwen6YP0WlV/IyibaT0kPt3JEI1rA62V/UPKT4= -github.com/couchbase/goutils v0.0.0-20201030094643-5e82bb967e67/go.mod h1:BQwMFlJzDjFDG3DJUdU0KORxn88UlsOULuxLExMh3Hs= -github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76 h1:Lgdd/Qp96Qj8jqLpq2cI1I1X7BJnu06efS+XkhRoLUQ= -github.com/cupcake/rdb v0.0.0-20161107195141-43ba34106c76/go.mod h1:vYwsqCOLxGiisLwp9rITslkFNpZD5rz43tf41QFkTWY= -github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= -github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/edsrzf/mmap-go v1.0.0 h1:CEBF7HpRnUCSJgGUb5h1Gm7e3VkmVDrR8lvWVLtrOFw= -github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M= -github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I= -github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= -github.com/go-redis/redis v6.15.2+incompatible h1:9SpNVG76gr6InJGxoZ6IuuxaCOQwDAhzyXg+Bs+0Sb4= -github.com/go-redis/redis v6.15.2+incompatible/go.mod h1:NAIEuMOZ/fxfXJIrKDQDz8wamY7mA7PouImQ2Jvg6kA= -github.com/go-sql-driver/mysql v1.4.1 h1:g24URVg0OFbNUTx9qqY1IRZ9D9z3iPyi5zKhQZpNwpA= -github.com/go-sql-driver/mysql v1.4.1/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w= -github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1 h1:YF8+flBXS5eO826T4nzqPrxfhQThhXl0YzfuUPu4SBg= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db h1:woRePGFeVFfLKN/pOkfl+p/TAqKOfFu+7KPlMVpok/w= -github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/golang/snappy v0.0.2 h1:aeE13tS0IiQgFjYdoL8qN3K1N2bXXtI6Vi51/y7BpMw= -github.com/golang/snappy v0.0.2/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= -github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e h1:JKmoR8x90Iww1ks85zJ1lfDGgIiMDuIptTOhJq+zKyg= -github.com/gopherjs/gopherjs v0.0.0-20181103185306-d547d1d9531e/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY= -github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI= -github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/jtolds/gls v4.2.1+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo= -github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU= -github.com/lib/pq v1.2.0 h1:LXpIM/LZ5xGFhOpXAQUIMM1HdyqzVYM13zNdjCEEcA0= -github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo= -github.com/mattn/go-sqlite3 v1.10.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= -github.com/mattn/go-sqlite3 v1.11.0 h1:LDdKkqtYlom37fkvqs8rMPFKAMe8+SgjbwZ6ex1/A/Q= -github.com/mattn/go-sqlite3 v1.11.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc= -github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/ginkgo v1.7.0 h1:WSHQ+IS43OoUrWtD1/bbclrwK8TTH5hzp+umCiuxHgs= -github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE= -github.com/onsi/gomega v1.4.3 h1:RE1xgDvH7imwFD45h+u2SgIfERHlS2yNG4DObb5BSKU= -github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= -github.com/pelletier/go-toml v1.8.1 h1:1Nf83orprkJyknT6h7zbuEGUEjcyVlCxSUGTENmNCRM= -github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= -github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= -github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= -github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726 h1:xT+JlYxNGqyT+XcU8iUrN18JYed2TvG9yN5ULG2jATM= -github.com/siddontang/go v0.0.0-20180604090527-bdc77568d726/go.mod h1:3yhqj7WBBfRhbBlzyOC3gUxftwsU0u8gqevxwIHQpMw= -github.com/siddontang/go-snappy v0.0.0-20140704025258-d8f7bb82a96d h1:qQWKKOvHN7Q9c6GdmUteCef2F9ubxMpxY1IKwpIKz68= -github.com/siddontang/go-snappy v0.0.0-20140704025258-d8f7bb82a96d/go.mod h1:vq0tzqLRu6TS7Id0wMo2N5QzJoKedVeovOpHjnykSzY= -github.com/siddontang/ledisdb v0.0.0-20190202134119-8ceb77e66a92 h1:qvsJwGToa8rxb42cDRhkbKeX2H5N8BH+s2aUikGt8mI= -github.com/siddontang/ledisdb v0.0.0-20190202134119-8ceb77e66a92/go.mod h1:mF1DpOSOUiJRMR+FDqaqu3EBqrybQtrDDszLUZ6oxPg= -github.com/siddontang/rdb v0.0.0-20150307021120-fc89ed2e418d h1:NVwnfyR3rENtlz62bcrkXME3INVUa4lcdGt+opvxExs= -github.com/siddontang/rdb v0.0.0-20150307021120-fc89ed2e418d/go.mod h1:AMEsy7v5z92TR1JKMkLLoaOQk++LVnOKL3ScbJ8GNGA= -github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304 h1:Jpy1PXuP99tXNrhbq2BaPz9B+jNAvH1JPQQpG/9GCXY= -github.com/smartystreets/assertions v0.0.0-20190116191733-b6c0e53d7304/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= -github.com/smartystreets/assertions v1.0.1/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM= -github.com/smartystreets/goconvey v0.0.0-20181108003508-044398e4856c/go.mod h1:XDJAKZRPZ1CvBcN2aX5YOUTYGHki24fSF0Iv48Ibg0s= -github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337 h1:WN9BUFbdyOsSH/XohnWpXOlq9NBD5sGAB2FciQMUEe8= -github.com/smartystreets/goconvey v0.0.0-20190731233626-505e41936337/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= -github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= -github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE= -github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ= -github.com/unknwon/com v1.0.1/go.mod h1:tOOxU81rwgoCLoOVVPHb6T/wt8HZygqH5id+GNnlCXM= -golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc= -golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897 h1:pLI5jrR7OSLijeIDcmRxNmw2api+jEfxLoykJVice/E= -golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80 h1:Ao/3l156eZf2AW5wK8a7/smtodRU+gha3+BeqJ69lRk= -golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= -golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= -golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c h1:+EXw7AwNOKzPFXMZ1yNjO40aWCh3PIquJB2fYlv9wcs= -golang.org/x/sys v0.0.0-20190606165138-5da285871e9c/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= -golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= -golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= -golang.org/x/tools v0.0.0-20190606124116-d0a3d012864b/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= -google.golang.org/appengine v1.6.1 h1:QzqyMA1tlu6CgqCDUtU9V+ZKhLFT2dkJuANu5QaxI3I= -google.golang.org/appengine v1.6.1/go.mod h1:i06prIuMbXzDqacNJfV5OdTW448YApPu5ww/cMBSeb0= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= -gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4= -gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= -gopkg.in/ini.v1 v1.44.0 h1:YRJzTUp0kSYWUVFF5XAbDFfyiqwsl0Vb9R8TVP5eRi0= -gopkg.in/ini.v1 v1.44.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= -gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= -gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/vendor/gitea.com/macaron/session/memcache/memcache.go b/vendor/gitea.com/macaron/session/memcache/memcache.go deleted file mode 100644 index ff12097542..0000000000 --- a/vendor/gitea.com/macaron/session/memcache/memcache.go +++ /dev/null @@ -1,203 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "fmt" - "strings" - "sync" - - "gitea.com/macaron/session" - "github.com/bradfitz/gomemcache/memcache" -) - -// MemcacheStore represents a memcache session store implementation. -type MemcacheStore struct { - c *memcache.Client - sid string - expire int32 - lock sync.RWMutex - data map[interface{}]interface{} -} - -// NewMemcacheStore creates and returns a memcache session store. -func NewMemcacheStore(c *memcache.Client, sid string, expire int32, kv map[interface{}]interface{}) *MemcacheStore { - return &MemcacheStore{ - c: c, - sid: sid, - expire: expire, - data: kv, - } -} - -func NewItem(sid string, data []byte, expire int32) *memcache.Item { - return &memcache.Item{ - Key: sid, - Value: data, - Expiration: expire, - } -} - -// Set sets value to given key in session. -func (s *MemcacheStore) Set(key, val interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = val - return nil -} - -// Get gets value by given key in session. -func (s *MemcacheStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete delete a key from session. -func (s *MemcacheStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *MemcacheStore) ID() string { - return s.sid -} - -// Release releases resource and save data to provider. -func (s *MemcacheStore) Release() error { - // Skip encoding if the data is empty - if len(s.data) == 0 { - return nil - } - - data, err := session.EncodeGob(s.data) - if err != nil { - return err - } - - return s.c.Set(NewItem(s.sid, data, s.expire)) -} - -// Flush deletes all session data. -func (s *MemcacheStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} - -// MemcacheProvider represents a memcache session provider implementation. -type MemcacheProvider struct { - c *memcache.Client - expire int32 -} - -// Init initializes memcache session provider. -// connStrs: 127.0.0.1:9090;127.0.0.1:9091 -func (p *MemcacheProvider) Init(expire int64, connStrs string) error { - p.expire = int32(expire) - p.c = memcache.New(strings.Split(connStrs, ";")...) - return nil -} - -// Read returns raw session store by session ID. -func (p *MemcacheProvider) Read(sid string) (session.RawStore, error) { - if !p.Exist(sid) { - if err := p.c.Set(NewItem(sid, []byte(""), p.expire)); err != nil { - return nil, err - } - } - - var kv map[interface{}]interface{} - item, err := p.c.Get(sid) - if err != nil { - return nil, err - } - if len(item.Value) == 0 { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob(item.Value) - if err != nil { - return nil, err - } - } - - return NewMemcacheStore(p.c, sid, p.expire, kv), nil -} - -// Exist returns true if session with given ID exists. -func (p *MemcacheProvider) Exist(sid string) bool { - _, err := p.c.Get(sid) - return err == nil -} - -// Destroy deletes a session by session ID. -func (p *MemcacheProvider) Destroy(sid string) error { - return p.c.Delete(sid) -} - -// Regenerate regenerates a session store from old session ID to new one. -func (p *MemcacheProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) { - if p.Exist(sid) { - return nil, fmt.Errorf("new sid '%s' already exists", sid) - } - - item := NewItem(sid, []byte(""), p.expire) - if p.Exist(oldsid) { - item, err = p.c.Get(oldsid) - if err != nil { - return nil, err - } else if err = p.c.Delete(oldsid); err != nil { - return nil, err - } - item.Key = sid - } - if err = p.c.Set(item); err != nil { - return nil, err - } - - var kv map[interface{}]interface{} - if len(item.Value) == 0 { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob(item.Value) - if err != nil { - return nil, err - } - } - - return NewMemcacheStore(p.c, sid, p.expire, kv), nil -} - -// Count counts and returns number of sessions. -func (p *MemcacheProvider) Count() int { - // FIXME: how come this library does not have Stats method? - return -1 -} - -// GC calls GC to clean expired sessions. -func (p *MemcacheProvider) GC() {} - -func init() { - session.Register("memcache", &MemcacheProvider{}) -} diff --git a/vendor/gitea.com/macaron/session/memcache/memcache.goconvey b/vendor/gitea.com/macaron/session/memcache/memcache.goconvey deleted file mode 100644 index 8485e986e4..0000000000 --- a/vendor/gitea.com/macaron/session/memcache/memcache.goconvey +++ /dev/null @@ -1 +0,0 @@ -ignore \ No newline at end of file diff --git a/vendor/gitea.com/macaron/session/memory.go b/vendor/gitea.com/macaron/session/memory.go deleted file mode 100644 index 0769225752..0000000000 --- a/vendor/gitea.com/macaron/session/memory.go +++ /dev/null @@ -1,223 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "container/list" - "fmt" - "sync" - "time" -) - -// MemStore represents a in-memory session store implementation. -type MemStore struct { - sid string - lock sync.RWMutex - data map[interface{}]interface{} - lastAccess time.Time -} - -// NewMemStore creates and returns a memory session store. -func NewMemStore(sid string) *MemStore { - return &MemStore{ - sid: sid, - data: make(map[interface{}]interface{}), - lastAccess: time.Now(), - } -} - -// Set sets value to given key in session. -func (s *MemStore) Set(key, val interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = val - return nil -} - -// Get gets value by given key in session. -func (s *MemStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete deletes a key from session. -func (s *MemStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *MemStore) ID() string { - return s.sid -} - -// Release releases resource and save data to provider. -func (_ *MemStore) Release() error { - return nil -} - -// Flush deletes all session data. -func (s *MemStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} - -// MemProvider represents a in-memory session provider implementation. -type MemProvider struct { - lock sync.RWMutex - maxLifetime int64 - data map[string]*list.Element - // A priority list whose lastAccess newer gets higer priority. - list *list.List -} - -// Init initializes memory session provider. -func (p *MemProvider) Init(maxLifetime int64, _ string) error { - p.lock.Lock() - p.list = list.New() - p.data = make(map[string]*list.Element) - p.maxLifetime = maxLifetime - p.lock.Unlock() - return nil -} - -// update expands time of session store by given ID. -func (p *MemProvider) update(sid string) error { - p.lock.Lock() - defer p.lock.Unlock() - - if e, ok := p.data[sid]; ok { - e.Value.(*MemStore).lastAccess = time.Now() - p.list.MoveToFront(e) - return nil - } - return nil -} - -// Read returns raw session store by session ID. -func (p *MemProvider) Read(sid string) (_ RawStore, err error) { - p.lock.RLock() - e, ok := p.data[sid] - p.lock.RUnlock() - - // Only restore if the session is still alive. - if ok && (e.Value.(*MemStore).lastAccess.Unix()+p.maxLifetime) >= time.Now().Unix() { - if err = p.update(sid); err != nil { - return nil, err - } - return e.Value.(*MemStore), nil - } - - // Create a new session. - p.lock.Lock() - defer p.lock.Unlock() - if ok { - p.list.Remove(e) - delete(p.data, sid) - } - s := NewMemStore(sid) - p.data[sid] = p.list.PushBack(s) - return s, nil -} - -// Exist returns true if session with given ID exists. -func (p *MemProvider) Exist(sid string) bool { - p.lock.RLock() - defer p.lock.RUnlock() - - _, ok := p.data[sid] - return ok -} - -// Destroy deletes a session by session ID. -func (p *MemProvider) Destroy(sid string) error { - p.lock.Lock() - defer p.lock.Unlock() - - e, ok := p.data[sid] - if !ok { - return nil - } - - p.list.Remove(e) - delete(p.data, sid) - return nil -} - -// Regenerate regenerates a session store from old session ID to new one. -func (p *MemProvider) Regenerate(oldsid, sid string) (RawStore, error) { - if p.Exist(sid) { - return nil, fmt.Errorf("new sid '%s' already exists", sid) - } - - s, err := p.Read(oldsid) - if err != nil { - return nil, err - } - - if err = p.Destroy(oldsid); err != nil { - return nil, err - } - - s.(*MemStore).sid = sid - - p.lock.Lock() - defer p.lock.Unlock() - p.data[sid] = p.list.PushBack(s) - return s, nil -} - -// Count counts and returns number of sessions. -func (p *MemProvider) Count() int { - return p.list.Len() -} - -// GC calls GC to clean expired sessions. -func (p *MemProvider) GC() { - p.lock.RLock() - for { - // No session in the list. - e := p.list.Back() - if e == nil { - break - } - - if (e.Value.(*MemStore).lastAccess.Unix() + p.maxLifetime) < time.Now().Unix() { - p.lock.RUnlock() - p.lock.Lock() - p.list.Remove(e) - delete(p.data, e.Value.(*MemStore).sid) - p.lock.Unlock() - p.lock.RLock() - } else { - break - } - } - p.lock.RUnlock() -} - -func init() { - Register("memory", &MemProvider{}) -} diff --git a/vendor/gitea.com/macaron/session/mysql/mysql.go b/vendor/gitea.com/macaron/session/mysql/mysql.go deleted file mode 100644 index af1cd9dd1b..0000000000 --- a/vendor/gitea.com/macaron/session/mysql/mysql.go +++ /dev/null @@ -1,201 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "database/sql" - "fmt" - "log" - "sync" - "time" - - "gitea.com/macaron/session" - _ "github.com/go-sql-driver/mysql" -) - -// MysqlStore represents a mysql session store implementation. -type MysqlStore struct { - c *sql.DB - sid string - lock sync.RWMutex - data map[interface{}]interface{} -} - -// NewMysqlStore creates and returns a mysql session store. -func NewMysqlStore(c *sql.DB, sid string, kv map[interface{}]interface{}) *MysqlStore { - return &MysqlStore{ - c: c, - sid: sid, - data: kv, - } -} - -// Set sets value to given key in session. -func (s *MysqlStore) Set(key, val interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = val - return nil -} - -// Get gets value by given key in session. -func (s *MysqlStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete delete a key from session. -func (s *MysqlStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *MysqlStore) ID() string { - return s.sid -} - -// Release releases resource and save data to provider. -func (s *MysqlStore) Release() error { - // Skip encoding if the data is empty - if len(s.data) == 0 { - return nil - } - - data, err := session.EncodeGob(s.data) - if err != nil { - return err - } - - _, err = s.c.Exec("UPDATE session SET data=?, expiry=? WHERE `key`=?", - data, time.Now().Unix(), s.sid) - return err -} - -// Flush deletes all session data. -func (s *MysqlStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} - -// MysqlProvider represents a mysql session provider implementation. -type MysqlProvider struct { - c *sql.DB - expire int64 -} - -// Init initializes mysql session provider. -// connStr: username:password@protocol(address)/dbname?param=value -func (p *MysqlProvider) Init(expire int64, connStr string) (err error) { - p.expire = expire - - p.c, err = sql.Open("mysql", connStr) - if err != nil { - return err - } - return p.c.Ping() -} - -// Read returns raw session store by session ID. -func (p *MysqlProvider) Read(sid string) (session.RawStore, error) { - now := time.Now().Unix() - var data []byte - expiry := now - err := p.c.QueryRow("SELECT data, expiry FROM session WHERE `key`=?", sid).Scan(&data, &expiry) - if err == sql.ErrNoRows { - _, err = p.c.Exec("INSERT INTO session(`key`,data,expiry) VALUES(?,?,?)", - sid, "", now) - } - if err != nil { - return nil, err - } - - var kv map[interface{}]interface{} - if len(data) == 0 || expiry+p.expire <= now { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob(data) - if err != nil { - return nil, err - } - } - - return NewMysqlStore(p.c, sid, kv), nil -} - -// Exist returns true if session with given ID exists. -func (p *MysqlProvider) Exist(sid string) bool { - var data []byte - err := p.c.QueryRow("SELECT data FROM session WHERE `key`=?", sid).Scan(&data) - if err != nil && err != sql.ErrNoRows { - panic("session/mysql: error checking existence: " + err.Error()) - } - return err != sql.ErrNoRows -} - -// Destroy deletes a session by session ID. -func (p *MysqlProvider) Destroy(sid string) error { - _, err := p.c.Exec("DELETE FROM session WHERE `key`=?", sid) - return err -} - -// Regenerate regenerates a session store from old session ID to new one. -func (p *MysqlProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) { - if p.Exist(sid) { - return nil, fmt.Errorf("new sid '%s' already exists", sid) - } - - if !p.Exist(oldsid) { - if _, err = p.c.Exec("INSERT INTO session(`key`,data,expiry) VALUES(?,?,?)", - oldsid, "", time.Now().Unix()); err != nil { - return nil, err - } - } - - if _, err = p.c.Exec("UPDATE session SET `key`=? WHERE `key`=?", sid, oldsid); err != nil { - return nil, err - } - - return p.Read(sid) -} - -// Count counts and returns number of sessions. -func (p *MysqlProvider) Count() (total int) { - if err := p.c.QueryRow("SELECT COUNT(*) AS NUM FROM session").Scan(&total); err != nil { - panic("session/mysql: error counting records: " + err.Error()) - } - return total -} - -// GC calls GC to clean expired sessions. -func (p *MysqlProvider) GC() { - if _, err := p.c.Exec("DELETE FROM session WHERE expiry + ? <= UNIX_TIMESTAMP(NOW())", p.expire); err != nil { - log.Printf("session/mysql: error garbage collecting: %v", err) - } -} - -func init() { - session.Register("mysql", &MysqlProvider{}) -} diff --git a/vendor/gitea.com/macaron/session/mysql/mysql.goconvey b/vendor/gitea.com/macaron/session/mysql/mysql.goconvey deleted file mode 100644 index 8485e986e4..0000000000 --- a/vendor/gitea.com/macaron/session/mysql/mysql.goconvey +++ /dev/null @@ -1 +0,0 @@ -ignore \ No newline at end of file diff --git a/vendor/gitea.com/macaron/session/nodb/nodb.go b/vendor/gitea.com/macaron/session/nodb/nodb.go deleted file mode 100644 index 08a73c5490..0000000000 --- a/vendor/gitea.com/macaron/session/nodb/nodb.go +++ /dev/null @@ -1,207 +0,0 @@ -// Copyright 2015 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "fmt" - "sync" - - "gitea.com/macaron/session" - "gitea.com/lunny/nodb" - "gitea.com/lunny/nodb/config" -) - -// NodbStore represents a nodb session store implementation. -type NodbStore struct { - c *nodb.DB - sid string - expire int64 - lock sync.RWMutex - data map[interface{}]interface{} -} - -// NewNodbStore creates and returns a ledis session store. -func NewNodbStore(c *nodb.DB, sid string, expire int64, kv map[interface{}]interface{}) *NodbStore { - return &NodbStore{ - c: c, - expire: expire, - sid: sid, - data: kv, - } -} - -// Set sets value to given key in session. -func (s *NodbStore) Set(key, val interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = val - return nil -} - -// Get gets value by given key in session. -func (s *NodbStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete delete a key from session. -func (s *NodbStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *NodbStore) ID() string { - return s.sid -} - -// Release releases resource and save data to provider. -func (s *NodbStore) Release() error { - // Skip encoding if the data is empty - if len(s.data) == 0 { - return nil - } - - data, err := session.EncodeGob(s.data) - if err != nil { - return err - } - - if err = s.c.Set([]byte(s.sid), data); err != nil { - return err - } - _, err = s.c.Expire([]byte(s.sid), s.expire) - return err -} - -// Flush deletes all session data. -func (s *NodbStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} - -// NodbProvider represents a ledis session provider implementation. -type NodbProvider struct { - c *nodb.DB - expire int64 -} - -// Init initializes nodb session provider. -func (p *NodbProvider) Init(expire int64, configs string) error { - p.expire = expire - - cfg := new(config.Config) - cfg.DataDir = configs - dbs, err := nodb.Open(cfg) - if err != nil { - return fmt.Errorf("session/nodb: error opening db: %v", err) - } - - p.c, err = dbs.Select(0) - return err -} - -// Read returns raw session store by session ID. -func (p *NodbProvider) Read(sid string) (session.RawStore, error) { - if !p.Exist(sid) { - if err := p.c.Set([]byte(sid), []byte("")); err != nil { - return nil, err - } - } - - var kv map[interface{}]interface{} - kvs, err := p.c.Get([]byte(sid)) - if err != nil { - return nil, err - } - if len(kvs) == 0 { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob(kvs) - if err != nil { - return nil, err - } - } - - return NewNodbStore(p.c, sid, p.expire, kv), nil -} - -// Exist returns true if session with given ID exists. -func (p *NodbProvider) Exist(sid string) bool { - count, err := p.c.Exists([]byte(sid)) - return err == nil && count > 0 -} - -// Destroy deletes a session by session ID. -func (p *NodbProvider) Destroy(sid string) error { - _, err := p.c.Del([]byte(sid)) - return err -} - -// Regenerate regenerates a session store from old session ID to new one. -func (p *NodbProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) { - if p.Exist(sid) { - return nil, fmt.Errorf("new sid '%s' already exists", sid) - } - - kvs := make([]byte, 0) - if p.Exist(oldsid) { - if kvs, err = p.c.Get([]byte(oldsid)); err != nil { - return nil, err - } else if _, err = p.c.Del([]byte(oldsid)); err != nil { - return nil, err - } - } - - if err = p.c.Set([]byte(sid), kvs); err != nil { - return nil, err - } else if _, err = p.c.Expire([]byte(sid), p.expire); err != nil { - return nil, err - } - - var kv map[interface{}]interface{} - if len(kvs) == 0 { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob([]byte(kvs)) - if err != nil { - return nil, err - } - } - - return NewNodbStore(p.c, sid, p.expire, kv), nil -} - -// Count counts and returns number of sessions. -func (p *NodbProvider) Count() int { - // FIXME: how come this library does not have DbSize() method? - return -1 -} - -// GC calls GC to clean expired sessions. -func (p *NodbProvider) GC() {} - -func init() { - session.Register("nodb", &NodbProvider{}) -} diff --git a/vendor/gitea.com/macaron/session/nodb/nodb.goconvey b/vendor/gitea.com/macaron/session/nodb/nodb.goconvey deleted file mode 100644 index 8485e986e4..0000000000 --- a/vendor/gitea.com/macaron/session/nodb/nodb.goconvey +++ /dev/null @@ -1 +0,0 @@ -ignore \ No newline at end of file diff --git a/vendor/gitea.com/macaron/session/postgres/postgres.go b/vendor/gitea.com/macaron/session/postgres/postgres.go deleted file mode 100644 index f173021d51..0000000000 --- a/vendor/gitea.com/macaron/session/postgres/postgres.go +++ /dev/null @@ -1,202 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "database/sql" - "fmt" - "log" - "sync" - "time" - - "gitea.com/macaron/session" - _ "github.com/lib/pq" -) - -// PostgresStore represents a postgres session store implementation. -type PostgresStore struct { - c *sql.DB - sid string - lock sync.RWMutex - data map[interface{}]interface{} -} - -// NewPostgresStore creates and returns a postgres session store. -func NewPostgresStore(c *sql.DB, sid string, kv map[interface{}]interface{}) *PostgresStore { - return &PostgresStore{ - c: c, - sid: sid, - data: kv, - } -} - -// Set sets value to given key in session. -func (s *PostgresStore) Set(key, value interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data[key] = value - return nil -} - -// Get gets value by given key in session. -func (s *PostgresStore) Get(key interface{}) interface{} { - s.lock.RLock() - defer s.lock.RUnlock() - - return s.data[key] -} - -// Delete delete a key from session. -func (s *PostgresStore) Delete(key interface{}) error { - s.lock.Lock() - defer s.lock.Unlock() - - delete(s.data, key) - return nil -} - -// ID returns current session ID. -func (s *PostgresStore) ID() string { - return s.sid -} - -// save postgres session values to database. -// must call this method to save values to database. -func (s *PostgresStore) Release() error { - // Skip encoding if the data is empty - if len(s.data) == 0 { - return nil - } - - data, err := session.EncodeGob(s.data) - if err != nil { - return err - } - - _, err = s.c.Exec("UPDATE session SET data=$1, expiry=$2 WHERE key=$3", - data, time.Now().Unix(), s.sid) - return err -} - -// Flush deletes all session data. -func (s *PostgresStore) Flush() error { - s.lock.Lock() - defer s.lock.Unlock() - - s.data = make(map[interface{}]interface{}) - return nil -} - -// PostgresProvider represents a postgres session provider implementation. -type PostgresProvider struct { - c *sql.DB - maxlifetime int64 -} - -// Init initializes postgres session provider. -// connStr: user=a password=b host=localhost port=5432 dbname=c sslmode=disable -func (p *PostgresProvider) Init(maxlifetime int64, connStr string) (err error) { - p.maxlifetime = maxlifetime - - p.c, err = sql.Open("postgres", connStr) - if err != nil { - return err - } - return p.c.Ping() -} - -// Read returns raw session store by session ID. -func (p *PostgresProvider) Read(sid string) (session.RawStore, error) { - now := time.Now().Unix() - var data []byte - expiry := now - err := p.c.QueryRow("SELECT data, expiry FROM session WHERE key=$1", sid).Scan(&data, &expiry) - if err == sql.ErrNoRows { - _, err = p.c.Exec("INSERT INTO session(key,data,expiry) VALUES($1,$2,$3)", - sid, "", now) - } - if err != nil { - return nil, err - } - - var kv map[interface{}]interface{} - if len(data) == 0 || expiry+p.maxlifetime <= now { - kv = make(map[interface{}]interface{}) - } else { - kv, err = session.DecodeGob(data) - if err != nil { - return nil, err - } - } - - return NewPostgresStore(p.c, sid, kv), nil -} - -// Exist returns true if session with given ID exists. -func (p *PostgresProvider) Exist(sid string) bool { - var data []byte - err := p.c.QueryRow("SELECT data FROM session WHERE key=$1", sid).Scan(&data) - if err != nil && err != sql.ErrNoRows { - panic("session/postgres: error checking existence: " + err.Error()) - } - return err != sql.ErrNoRows -} - -// Destroy deletes a session by session ID. -func (p *PostgresProvider) Destroy(sid string) error { - _, err := p.c.Exec("DELETE FROM session WHERE key=$1", sid) - return err -} - -// Regenerate regenerates a session store from old session ID to new one. -func (p *PostgresProvider) Regenerate(oldsid, sid string) (_ session.RawStore, err error) { - if p.Exist(sid) { - return nil, fmt.Errorf("new sid '%s' already exists", sid) - } - - if !p.Exist(oldsid) { - if _, err = p.c.Exec("INSERT INTO session(key,data,expiry) VALUES($1,$2,$3)", - oldsid, "", time.Now().Unix()); err != nil { - return nil, err - } - } - - if _, err = p.c.Exec("UPDATE session SET key=$1 WHERE key=$2", sid, oldsid); err != nil { - return nil, err - } - - return p.Read(sid) -} - -// Count counts and returns number of sessions. -func (p *PostgresProvider) Count() (total int) { - if err := p.c.QueryRow("SELECT COUNT(*) AS NUM FROM session").Scan(&total); err != nil { - panic("session/postgres: error counting records: " + err.Error()) - } - return total -} - -// GC calls GC to clean expired sessions. -func (p *PostgresProvider) GC() { - if _, err := p.c.Exec("DELETE FROM session WHERE EXTRACT(EPOCH FROM NOW()) - expiry > $1", p.maxlifetime); err != nil { - log.Printf("session/postgres: error garbage collecting: %v", err) - } -} - -func init() { - session.Register("postgres", &PostgresProvider{}) -} diff --git a/vendor/gitea.com/macaron/session/postgres/postgres.goconvey b/vendor/gitea.com/macaron/session/postgres/postgres.goconvey deleted file mode 100644 index 8485e986e4..0000000000 --- a/vendor/gitea.com/macaron/session/postgres/postgres.goconvey +++ /dev/null @@ -1 +0,0 @@ -ignore \ No newline at end of file diff --git a/vendor/gitea.com/macaron/session/session.go b/vendor/gitea.com/macaron/session/session.go deleted file mode 100644 index 93f18342d0..0000000000 --- a/vendor/gitea.com/macaron/session/session.go +++ /dev/null @@ -1,393 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -// Package session a middleware that provides the session management of Macaron. -package session - -import ( - "encoding/hex" - "errors" - "fmt" - "net/http" - "net/url" - "time" - - "gitea.com/macaron/macaron" -) - -const _VERSION = "0.6.0" - -func Version() string { - return _VERSION -} - -// RawStore is the interface that operates the session data. -type RawStore interface { - // Set sets value to given key in session. - Set(interface{}, interface{}) error - // Get gets value by given key in session. - Get(interface{}) interface{} - // Delete deletes a key from session. - Delete(interface{}) error - // ID returns current session ID. - ID() string - // Release releases session resource and save data to provider. - Release() error - // Flush deletes all session data. - Flush() error -} - -// Store is the interface that contains all data for one session process with specific ID. -type Store interface { - RawStore - // Read returns raw session store by session ID. - Read(string) (RawStore, error) - // Destroy deletes a session. - Destroy(*macaron.Context) error - // RegenerateId regenerates a session store from old session ID to new one. - RegenerateId(*macaron.Context) (RawStore, error) - // Count counts and returns number of sessions. - Count() int - // GC calls GC to clean expired sessions. - GC() -} - -type store struct { - RawStore - *Manager -} - -var _ Store = &store{} - -// Options represents a struct for specifying configuration options for the session middleware. -type Options struct { - // Name of provider. Default is "memory". - Provider string - // Provider configuration, it's corresponding to provider. - ProviderConfig string - // Cookie name to save session ID. Default is "MacaronSession". - CookieName string - // Cookie path to store. Default is "/". - CookiePath string - // GC interval time in seconds. Default is 3600. - Gclifetime int64 - // Max life time in seconds. Default is whatever GC interval time is. - Maxlifetime int64 - // Use HTTPS only. Default is false. - Secure bool - // Cookie life time. Default is 0. - CookieLifeTime int - // Cookie domain name. Default is empty. - Domain string - // Session ID length. Default is 16. - IDLength int - // Configuration section name. Default is "session". - Section string - // Ignore release for websocket. Default is false. - IgnoreReleaseForWebSocket bool -} - -func prepareOptions(options []Options) Options { - var opt Options - if len(options) > 0 { - opt = options[0] - } - if len(opt.Section) == 0 { - opt.Section = "session" - } - sec := macaron.Config().Section(opt.Section) - - if len(opt.Provider) == 0 { - opt.Provider = sec.Key("PROVIDER").MustString("memory") - } - if len(opt.ProviderConfig) == 0 { - opt.ProviderConfig = sec.Key("PROVIDER_CONFIG").MustString("data/sessions") - } - if len(opt.CookieName) == 0 { - opt.CookieName = sec.Key("COOKIE_NAME").MustString("MacaronSession") - } - if len(opt.CookiePath) == 0 { - opt.CookiePath = sec.Key("COOKIE_PATH").MustString("/") - } - if opt.Gclifetime == 0 { - opt.Gclifetime = sec.Key("GC_INTERVAL_TIME").MustInt64(3600) - } - if opt.Maxlifetime == 0 { - opt.Maxlifetime = sec.Key("MAX_LIFE_TIME").MustInt64(opt.Gclifetime) - } - if !opt.Secure { - opt.Secure = sec.Key("SECURE").MustBool() - } - if opt.CookieLifeTime == 0 { - opt.CookieLifeTime = sec.Key("COOKIE_LIFE_TIME").MustInt() - } - if len(opt.Domain) == 0 { - opt.Domain = sec.Key("DOMAIN").String() - } - if opt.IDLength == 0 { - opt.IDLength = sec.Key("ID_LENGTH").MustInt(16) - } - if !opt.IgnoreReleaseForWebSocket { - opt.IgnoreReleaseForWebSocket = sec.Key("IGNORE_RELEASE_FOR_WEBSOCKET").MustBool() - } - - return opt -} - -// Sessioner is a middleware that maps a session.SessionStore service into the Macaron handler chain. -// An single variadic session.Options struct can be optionally provided to configure. -func Sessioner(options ...Options) macaron.Handler { - opt := prepareOptions(options) - manager, err := NewManager(opt.Provider, opt) - if err != nil { - panic(err) - } - go manager.startGC() - - return func(ctx *macaron.Context) { - sess, err := manager.Start(ctx) - if err != nil { - panic("session(start): " + err.Error()) - } - - // Get flash. - vals, _ := url.ParseQuery(ctx.GetCookie("macaron_flash")) - if len(vals) > 0 { - f := &Flash{Values: vals} - f.ErrorMsg = f.Get("error") - f.SuccessMsg = f.Get("success") - f.InfoMsg = f.Get("info") - f.WarningMsg = f.Get("warning") - ctx.Data["Flash"] = f - ctx.SetCookie("macaron_flash", "", -1, opt.CookiePath) - } - - f := &Flash{ctx, url.Values{}, "", "", "", ""} - ctx.Resp.Before(func(macaron.ResponseWriter) { - if flash := f.Encode(); len(flash) > 0 { - ctx.SetCookie("macaron_flash", flash, 0, opt.CookiePath) - } - }) - - ctx.Map(f) - s := store{ - RawStore: sess, - Manager: manager, - } - - ctx.MapTo(s, (*Store)(nil)) - - ctx.Next() - - if manager.opt.IgnoreReleaseForWebSocket && ctx.Req.Header.Get("Upgrade") == "websocket" { - return - } - - if err = sess.Release(); err != nil { - panic("session(release): " + err.Error()) - } - } -} - -// Provider is the interface that provides session manipulations. -type Provider interface { - // Init initializes session provider. - Init(gclifetime int64, config string) error - // Read returns raw session store by session ID. - Read(sid string) (RawStore, error) - // Exist returns true if session with given ID exists. - Exist(sid string) bool - // Destroy deletes a session by session ID. - Destroy(sid string) error - // Regenerate regenerates a session store from old session ID to new one. - Regenerate(oldsid, sid string) (RawStore, error) - // Count counts and returns number of sessions. - Count() int - // GC calls GC to clean expired sessions. - GC() -} - -var providers = make(map[string]Provider) - -// Register registers a provider. -func Register(name string, provider Provider) { - if provider == nil { - panic("session: cannot register provider with nil value") - } - if _, dup := providers[name]; dup { - panic(fmt.Errorf("session: cannot register provider '%s' twice", name)) - } - providers[name] = provider -} - -// _____ -// / \ _____ ____ _____ ____ ___________ -// / \ / \\__ \ / \\__ \ / ___\_/ __ \_ __ \ -// / Y \/ __ \| | \/ __ \_/ /_/ > ___/| | \/ -// \____|__ (____ /___| (____ /\___ / \___ >__| -// \/ \/ \/ \//_____/ \/ - -// Manager represents a struct that contains session provider and its configuration. -type Manager struct { - provider Provider - opt Options -} - -// NewManager creates and returns a new session manager by given provider name and configuration. -// It panics when given provider isn't registered. -func NewManager(name string, opt Options) (*Manager, error) { - p, ok := providers[name] - if !ok { - return nil, fmt.Errorf("session: unknown provider '%s'(forgotten import?)", name) - } - return &Manager{p, opt}, p.Init(opt.Maxlifetime, opt.ProviderConfig) -} - -// sessionID generates a new session ID with rand string, unix nano time, remote addr by hash function. -func (m *Manager) sessionID() string { - return hex.EncodeToString(generateRandomKey(m.opt.IDLength / 2)) -} - -// validSessionID tests whether a provided session ID is a valid session ID. -func (m *Manager) validSessionID(sid string) (bool, error) { - if len(sid) != m.opt.IDLength { - return false, errors.New("invalid 'sid': " + sid) - } - - for i := range sid { - switch { - case '0' <= sid[i] && sid[i] <= '9': - case 'a' <= sid[i] && sid[i] <= 'f': - default: - return false, errors.New("invalid 'sid': " + sid) - } - } - return true, nil -} - -// Start starts a session by generating new one -// or retrieve existence one by reading session ID from HTTP request if it's valid. -func (m *Manager) Start(ctx *macaron.Context) (RawStore, error) { - sid := ctx.GetCookie(m.opt.CookieName) - valid, _ := m.validSessionID(sid) - if len(sid) > 0 && valid && m.provider.Exist(sid) { - return m.provider.Read(sid) - } - - sid = m.sessionID() - sess, err := m.provider.Read(sid) - if err != nil { - return nil, err - } - - cookie := &http.Cookie{ - Name: m.opt.CookieName, - Value: sid, - Path: m.opt.CookiePath, - HttpOnly: true, - Secure: m.opt.Secure, - Domain: m.opt.Domain, - } - if m.opt.CookieLifeTime >= 0 { - cookie.MaxAge = m.opt.CookieLifeTime - } - http.SetCookie(ctx.Resp, cookie) - ctx.Req.AddCookie(cookie) - return sess, nil -} - -// Read returns raw session store by session ID. -func (m *Manager) Read(sid string) (RawStore, error) { - // Ensure we're trying to read a valid session ID - if _, err := m.validSessionID(sid); err != nil { - return nil, err - } - - return m.provider.Read(sid) -} - -// Destroy deletes a session by given ID. -func (m *Manager) Destroy(ctx *macaron.Context) error { - sid := ctx.GetCookie(m.opt.CookieName) - if len(sid) == 0 { - return nil - } - - if _, err := m.validSessionID(sid); err != nil { - return err - } - - if err := m.provider.Destroy(sid); err != nil { - return err - } - cookie := &http.Cookie{ - Name: m.opt.CookieName, - Path: m.opt.CookiePath, - HttpOnly: true, - Expires: time.Now(), - MaxAge: -1, - } - http.SetCookie(ctx.Resp, cookie) - return nil -} - -// RegenerateId regenerates a session store from old session ID to new one. -func (m *Manager) RegenerateId(ctx *macaron.Context) (sess RawStore, err error) { - sid := m.sessionID() - oldsid := ctx.GetCookie(m.opt.CookieName) - _, err = m.validSessionID(oldsid) - if err != nil { - return nil, err - } - sess, err = m.provider.Regenerate(oldsid, sid) - if err != nil { - return nil, err - } - cookie := &http.Cookie{ - Name: m.opt.CookieName, - Value: sid, - Path: m.opt.CookiePath, - HttpOnly: true, - Secure: m.opt.Secure, - Domain: m.opt.Domain, - } - if m.opt.CookieLifeTime >= 0 { - cookie.MaxAge = m.opt.CookieLifeTime - } - http.SetCookie(ctx.Resp, cookie) - ctx.Req.AddCookie(cookie) - return sess, nil -} - -// Count counts and returns number of sessions. -func (m *Manager) Count() int { - return m.provider.Count() -} - -// GC starts GC job in a certain period. -func (m *Manager) GC() { - m.provider.GC() -} - -// startGC starts GC job in a certain period. -func (m *Manager) startGC() { - m.GC() - time.AfterFunc(time.Duration(m.opt.Gclifetime)*time.Second, func() { m.startGC() }) -} - -// SetSecure indicates whether to set cookie with HTTPS or not. -func (m *Manager) SetSecure(secure bool) { - m.opt.Secure = secure -} diff --git a/vendor/gitea.com/macaron/session/utils.go b/vendor/gitea.com/macaron/session/utils.go deleted file mode 100644 index 762b978cdf..0000000000 --- a/vendor/gitea.com/macaron/session/utils.go +++ /dev/null @@ -1,63 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package session - -import ( - "bytes" - "crypto/rand" - "encoding/gob" - "io" - - "github.com/unknwon/com" -) - -func init() { - gob.Register([]interface{}{}) - gob.Register(map[int]interface{}{}) - gob.Register(map[string]interface{}{}) - gob.Register(map[interface{}]interface{}{}) - gob.Register(map[string]string{}) - gob.Register(map[int]string{}) - gob.Register(map[int]int{}) - gob.Register(map[int]int64{}) -} - -func EncodeGob(obj map[interface{}]interface{}) ([]byte, error) { - for _, v := range obj { - gob.Register(v) - } - buf := bytes.NewBuffer(nil) - err := gob.NewEncoder(buf).Encode(obj) - return buf.Bytes(), err -} - -func DecodeGob(encoded []byte) (out map[interface{}]interface{}, err error) { - buf := bytes.NewBuffer(encoded) - err = gob.NewDecoder(buf).Decode(&out) - return out, err -} - -// NOTE: A local copy in case of underlying package change -var alphanum = []byte("0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz") - -// generateRandomKey creates a random key with the given strength. -func generateRandomKey(strength int) []byte { - k := make([]byte, strength) - if n, err := io.ReadFull(rand.Reader, k); n != strength || err != nil { - return com.RandomCreateBytes(strength, alphanum...) - } - return k -} diff --git a/vendor/gitea.com/macaron/toolbox/.drone.yml b/vendor/gitea.com/macaron/toolbox/.drone.yml deleted file mode 100644 index 39499f444a..0000000000 --- a/vendor/gitea.com/macaron/toolbox/.drone.yml +++ /dev/null @@ -1,9 +0,0 @@ -kind: pipeline -name: default - -steps: -- name: test - image: golang:1.11 - commands: - - go build -v - - go test -v -race -coverprofile=coverage.txt -covermode=atomic diff --git a/vendor/gitea.com/macaron/toolbox/.gitignore b/vendor/gitea.com/macaron/toolbox/.gitignore deleted file mode 100644 index c3265c1186..0000000000 --- a/vendor/gitea.com/macaron/toolbox/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -profile/ -/.idea diff --git a/vendor/gitea.com/macaron/toolbox/LICENSE b/vendor/gitea.com/macaron/toolbox/LICENSE deleted file mode 100644 index 8405e89a0b..0000000000 --- a/vendor/gitea.com/macaron/toolbox/LICENSE +++ /dev/null @@ -1,191 +0,0 @@ -Apache License -Version 2.0, January 2004 -http://www.apache.org/licenses/ - -TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - -1. Definitions. - -"License" shall mean the terms and conditions for use, reproduction, and -distribution as defined by Sections 1 through 9 of this document. - -"Licensor" shall mean the copyright owner or entity authorized by the copyright -owner that is granting the License. - -"Legal Entity" shall mean the union of the acting entity and all other entities -that control, are controlled by, or are under common control with that entity. -For the purposes of this definition, "control" means (i) the power, direct or -indirect, to cause the direction or management of such entity, whether by -contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the -outstanding shares, or (iii) beneficial ownership of such entity. - -"You" (or "Your") shall mean an individual or Legal Entity exercising -permissions granted by this License. - -"Source" form shall mean the preferred form for making modifications, including -but not limited to software source code, documentation source, and configuration -files. - -"Object" form shall mean any form resulting from mechanical transformation or -translation of a Source form, including but not limited to compiled object code, -generated documentation, and conversions to other media types. - -"Work" shall mean the work of authorship, whether in Source or Object form, made -available under the License, as indicated by a copyright notice that is included -in or attached to the work (an example is provided in the Appendix below). - -"Derivative Works" shall mean any work, whether in Source or Object form, that -is based on (or derived from) the Work and for which the editorial revisions, -annotations, elaborations, or other modifications represent, as a whole, an -original work of authorship. For the purposes of this License, Derivative Works -shall not include works that remain separable from, or merely link (or bind by -name) to the interfaces of, the Work and Derivative Works thereof. - -"Contribution" shall mean any work of authorship, including the original version -of the Work and any modifications or additions to that Work or Derivative Works -thereof, that is intentionally submitted to Licensor for inclusion in the Work -by the copyright owner or by an individual or Legal Entity authorized to submit -on behalf of the copyright owner. For the purposes of this definition, -"submitted" means any form of electronic, verbal, or written communication sent -to the Licensor or its representatives, including but not limited to -communication on electronic mailing lists, source code control systems, and -issue tracking systems that are managed by, or on behalf of, the Licensor for -the purpose of discussing and improving the Work, but excluding communication -that is conspicuously marked or otherwise designated in writing by the copyright -owner as "Not a Contribution." - -"Contributor" shall mean Licensor and any individual or Legal Entity on behalf -of whom a Contribution has been received by Licensor and subsequently -incorporated within the Work. - -2. Grant of Copyright License. - -Subject to the terms and conditions of this License, each Contributor hereby -grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, -irrevocable copyright license to reproduce, prepare Derivative Works of, -publicly display, publicly perform, sublicense, and distribute the Work and such -Derivative Works in Source or Object form. - -3. Grant of Patent License. - -Subject to the terms and conditions of this License, each Contributor hereby -grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, -irrevocable (except as stated in this section) patent license to make, have -made, use, offer to sell, sell, import, and otherwise transfer the Work, where -such license applies only to those patent claims licensable by such Contributor -that are necessarily infringed by their Contribution(s) alone or by combination -of their Contribution(s) with the Work to which such Contribution(s) was -submitted. If You institute patent litigation against any entity (including a -cross-claim or counterclaim in a lawsuit) alleging that the Work or a -Contribution incorporated within the Work constitutes direct or contributory -patent infringement, then any patent licenses granted to You under this License -for that Work shall terminate as of the date such litigation is filed. - -4. Redistribution. - -You may reproduce and distribute copies of the Work or Derivative Works thereof -in any medium, with or without modifications, and in Source or Object form, -provided that You meet the following conditions: - -You must give any other recipients of the Work or Derivative Works a copy of -this License; and -You must cause any modified files to carry prominent notices stating that You -changed the files; and -You must retain, in the Source form of any Derivative Works that You distribute, -all copyright, patent, trademark, and attribution notices from the Source form -of the Work, excluding those notices that do not pertain to any part of the -Derivative Works; and -If the Work includes a "NOTICE" text file as part of its distribution, then any -Derivative Works that You distribute must include a readable copy of the -attribution notices contained within such NOTICE file, excluding those notices -that do not pertain to any part of the Derivative Works, in at least one of the -following places: within a NOTICE text file distributed as part of the -Derivative Works; within the Source form or documentation, if provided along -with the Derivative Works; or, within a display generated by the Derivative -Works, if and wherever such third-party notices normally appear. The contents of -the NOTICE file are for informational purposes only and do not modify the -License. You may add Your own attribution notices within Derivative Works that -You distribute, alongside or as an addendum to the NOTICE text from the Work, -provided that such additional attribution notices cannot be construed as -modifying the License. -You may add Your own copyright statement to Your modifications and may provide -additional or different license terms and conditions for use, reproduction, or -distribution of Your modifications, or for any such Derivative Works as a whole, -provided Your use, reproduction, and distribution of the Work otherwise complies -with the conditions stated in this License. - -5. Submission of Contributions. - -Unless You explicitly state otherwise, any Contribution intentionally submitted -for inclusion in the Work by You to the Licensor shall be under the terms and -conditions of this License, without any additional terms or conditions. -Notwithstanding the above, nothing herein shall supersede or modify the terms of -any separate license agreement you may have executed with Licensor regarding -such Contributions. - -6. Trademarks. - -This License does not grant permission to use the trade names, trademarks, -service marks, or product names of the Licensor, except as required for -reasonable and customary use in describing the origin of the Work and -reproducing the content of the NOTICE file. - -7. Disclaimer of Warranty. - -Unless required by applicable law or agreed to in writing, Licensor provides the -Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, -including, without limitation, any warranties or conditions of TITLE, -NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are -solely responsible for determining the appropriateness of using or -redistributing the Work and assume any risks associated with Your exercise of -permissions under this License. - -8. Limitation of Liability. - -In no event and under no legal theory, whether in tort (including negligence), -contract, or otherwise, unless required by applicable law (such as deliberate -and grossly negligent acts) or agreed to in writing, shall any Contributor be -liable to You for damages, including any direct, indirect, special, incidental, -or consequential damages of any character arising as a result of this License or -out of the use or inability to use the Work (including but not limited to -damages for loss of goodwill, work stoppage, computer failure or malfunction, or -any and all other commercial damages or losses), even if such Contributor has -been advised of the possibility of such damages. - -9. Accepting Warranty or Additional Liability. - -While redistributing the Work or Derivative Works thereof, You may choose to -offer, and charge a fee for, acceptance of support, warranty, indemnity, or -other liability obligations and/or rights consistent with this License. However, -in accepting such obligations, You may act only on Your own behalf and on Your -sole responsibility, not on behalf of any other Contributor, and only if You -agree to indemnify, defend, and hold each Contributor harmless for any liability -incurred by, or claims asserted against, such Contributor by reason of your -accepting any such warranty or additional liability. - -END OF TERMS AND CONDITIONS - -APPENDIX: How to apply the Apache License to your work - -To apply the Apache License to your work, attach the following boilerplate -notice, with the fields enclosed by brackets "[]" replaced with your own -identifying information. (Don't include the brackets!) The text should be -enclosed in the appropriate comment syntax for the file format. We also -recommend that a file or class name and description of purpose be included on -the same "printed page" as the copyright notice for easier identification within -third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. \ No newline at end of file diff --git a/vendor/gitea.com/macaron/toolbox/README.md b/vendor/gitea.com/macaron/toolbox/README.md deleted file mode 100644 index 75055d5f07..0000000000 --- a/vendor/gitea.com/macaron/toolbox/README.md +++ /dev/null @@ -1,112 +0,0 @@ -toolbox -======= - -Middleware toolbox provides health chcek, pprof, profile and statistic services for [Macaron](https://gitea.com/macaron/macaron). - -[![Build Status](https://drone.gitea.com/api/badges/macaron/toolbox/status.svg)](https://drone.gitea.com/macaron/toolbox) -[API Reference](https://gowalker.org/gitea.com/macaron/toolbox) - -### Installation - - go get gitea.com/macaron/toolbox - -## Usage - -```go -// main.go -import ( - "gitea.com/macaron/macaron" - "gitea.com/macaron/toolbox" -) - -func main() { - m := macaron.Classic() - m.Use(toolbox.Toolboxer(m)) - m.Run() -} -``` - -Open your browser and visit `http://localhost:4000/debug` to see the effects. - -## Options - -`toolbox.Toolboxer` comes with a variety of configuration options: - -```go -type dummyChecker struct { -} - -func (dc *dummyChecker) Desc() string { - return "Dummy checker" -} - -func (dc *dummyChecker) Check() error { - return nil -} - -// ... -m.Use(toolbox.Toolboxer(m, toolbox.Options{ - URLPrefix: "/debug", // URL prefix for toolbox dashboard - HealthCheckURL: "/healthcheck", // URL for health check request - HealthCheckers: []HealthChecker{ - new(dummyChecker), - }, // Health checkers - HealthCheckFuncs: []*toolbox.HealthCheckFuncDesc{ - &toolbox.HealthCheckFuncDesc{ - Desc: "Database connection", - Func: func() error { return "OK" }, - }, - }, // Health check functions - DisableDebug: false, // Turns off all debug functionality when true - PprofURLPrefix: "/debug/pprof/", // URL prefix of pprof - ProfileURLPrefix: "/debug/profile/", // URL prefix of profile - ProfilePath: "profile", // Path store profile files -})) -// ... -``` - -## Route Statistic - -Toolbox also comes with a route call statistic functionality: - -```go -import ( - "os" - "time" - //... - "gitea.com/macaron/toolbox" -) - -func main() { - //... - m.Get("/", func(t toolbox.Toolbox) { - start := time.Now() - - // Other operations. - - t.AddStatistics("GET", "/", time.Since(start)) - }) - - m.Get("/dump", func(t toolbox.Toolbox) { - t.GetMap(os.Stdout) - }) -} -``` - -Output take from test: - -``` -+---------------------------------------------------+------------+------------------+------------------+------------------+------------------+------------------+ -| Request URL | Method | Times | Total Used(s) | Max Used(μs) | Min Used(μs) | Avg Used(μs) | -+---------------------------------------------------+------------+------------------+------------------+------------------+------------------+------------------+ -| /api/user | POST | 2 | 0.000122 | 120.000000 | 2.000000 | 61.000000 | -| /api/user | GET | 1 | 0.000013 | 13.000000 | 13.000000 | 13.000000 | -| /api/user | DELETE | 1 | 0.000001 | 1.400000 | 1.400000 | 1.400000 | -| /api/admin | POST | 1 | 0.000014 | 14.000000 | 14.000000 | 14.000000 | -| /api/user/unknwon | POST | 1 | 0.000012 | 12.000000 | 12.000000 | 12.000000 | -+---------------------------------------------------+------------+------------------+------------------+------------------+------------------+------------------+ -``` - -## License - -This project is under Apache v2 License. See the [LICENSE](LICENSE) file for the full license text. \ No newline at end of file diff --git a/vendor/gitea.com/macaron/toolbox/healthcheck.go b/vendor/gitea.com/macaron/toolbox/healthcheck.go deleted file mode 100644 index 25b5bdfe26..0000000000 --- a/vendor/gitea.com/macaron/toolbox/healthcheck.go +++ /dev/null @@ -1,83 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package toolbox - -import ( - "bytes" -) - -// HealthChecker represents a health check instance. -type HealthChecker interface { - Desc() string - Check() error -} - -// HealthCheckFunc represents a callable function for health check. -type HealthCheckFunc func() error - -// HealthCheckFunc represents a callable function for health check with description. -type HealthCheckFuncDesc struct { - Desc string - Func HealthCheckFunc -} - -type healthCheck struct { - desc string - HealthChecker - check HealthCheckFunc // Not nil if add job as a function. -} - -// AddHealthCheck adds new health check job. -func (t *toolbox) AddHealthCheck(hc HealthChecker) { - t.healthCheckJobs = append(t.healthCheckJobs, &healthCheck{ - HealthChecker: hc, - }) -} - -// AddHealthCheckFunc adds a function as a new health check job. -func (t *toolbox) AddHealthCheckFunc(desc string, fn HealthCheckFunc) { - t.healthCheckJobs = append(t.healthCheckJobs, &healthCheck{ - desc: desc, - check: fn, - }) -} - -func (t *toolbox) handleHealthCheck() string { - if len(t.healthCheckJobs) == 0 { - return "no health check jobs" - } - - var buf bytes.Buffer - var err error - for _, job := range t.healthCheckJobs { - buf.WriteString("* ") - if job.check != nil { - buf.WriteString(job.desc) - err = job.check() - } else { - buf.WriteString(job.Desc()) - err = job.Check() - } - buf.WriteString(": ") - if err == nil { - buf.WriteString("OK") - } else { - buf.WriteString(err.Error()) - } - buf.WriteString("\n") - } - return buf.String() -} diff --git a/vendor/gitea.com/macaron/toolbox/profile.go b/vendor/gitea.com/macaron/toolbox/profile.go deleted file mode 100644 index 359a87fde4..0000000000 --- a/vendor/gitea.com/macaron/toolbox/profile.go +++ /dev/null @@ -1,163 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package toolbox - -import ( - "bytes" - "errors" - "fmt" - "io" - "os" - "path" - "runtime" - "runtime/debug" - "runtime/pprof" - "time" - - "gitea.com/macaron/macaron" - "github.com/unknwon/com" -) - -var ( - profilePath string - pid int - startTime = time.Now() - inCPUProfile bool -) - -// StartCPUProfile starts CPU profile monitor. -func StartCPUProfile() error { - if inCPUProfile { - return errors.New("CPU profile has alreday been started!") - } - inCPUProfile = true - - os.MkdirAll(profilePath, os.ModePerm) - f, err := os.Create(path.Join(profilePath, "cpu-"+com.ToStr(pid)+".pprof")) - if err != nil { - panic("fail to record CPU profile: " + err.Error()) - } - pprof.StartCPUProfile(f) - return nil -} - -// StopCPUProfile stops CPU profile monitor. -func StopCPUProfile() error { - if !inCPUProfile { - return errors.New("CPU profile hasn't been started!") - } - pprof.StopCPUProfile() - inCPUProfile = false - return nil -} - -func init() { - pid = os.Getpid() -} - -// DumpMemProf dumps memory profile in pprof. -func DumpMemProf(w io.Writer) { - pprof.WriteHeapProfile(w) -} - -func dumpMemProf() { - os.MkdirAll(profilePath, os.ModePerm) - f, err := os.Create(path.Join(profilePath, "mem-"+com.ToStr(pid)+".memprof")) - if err != nil { - panic("fail to record memory profile: " + err.Error()) - } - runtime.GC() - DumpMemProf(f) - f.Close() -} - -func avg(items []time.Duration) time.Duration { - var sum time.Duration - for _, item := range items { - sum += item - } - return time.Duration(int64(sum) / int64(len(items))) -} - -func dumpGC(memStats *runtime.MemStats, gcstats *debug.GCStats, w io.Writer) { - - if gcstats.NumGC > 0 { - lastPause := gcstats.Pause[0] - elapsed := time.Now().Sub(startTime) - overhead := float64(gcstats.PauseTotal) / float64(elapsed) * 100 - allocatedRate := float64(memStats.TotalAlloc) / elapsed.Seconds() - - fmt.Fprintf(w, "NumGC:%d Pause:%s Pause(Avg):%s Overhead:%3.2f%% Alloc:%s Sys:%s Alloc(Rate):%s/s Histogram:%s %s %s \n", - gcstats.NumGC, - com.ToStr(lastPause), - com.ToStr(avg(gcstats.Pause)), - overhead, - com.HumaneFileSize(memStats.Alloc), - com.HumaneFileSize(memStats.Sys), - com.HumaneFileSize(uint64(allocatedRate)), - com.ToStr(gcstats.PauseQuantiles[94]), - com.ToStr(gcstats.PauseQuantiles[98]), - com.ToStr(gcstats.PauseQuantiles[99])) - } else { - // while GC has disabled - elapsed := time.Now().Sub(startTime) - allocatedRate := float64(memStats.TotalAlloc) / elapsed.Seconds() - - fmt.Fprintf(w, "Alloc:%s Sys:%s Alloc(Rate):%s/s\n", - com.HumaneFileSize(memStats.Alloc), - com.HumaneFileSize(memStats.Sys), - com.HumaneFileSize(uint64(allocatedRate))) - } -} - -// DumpGCSummary dumps GC information to io.Writer -func DumpGCSummary(w io.Writer) { - memStats := &runtime.MemStats{} - runtime.ReadMemStats(memStats) - gcstats := &debug.GCStats{PauseQuantiles: make([]time.Duration, 100)} - debug.ReadGCStats(gcstats) - - dumpGC(memStats, gcstats, w) -} - -func handleProfile(ctx *macaron.Context) string { - switch ctx.Query("op") { - case "startcpu": - if err := StartCPUProfile(); err != nil { - return err.Error() - } - case "stopcpu": - if err := StopCPUProfile(); err != nil { - return err.Error() - } - case "mem": - dumpMemProf() - case "gc": - var buf bytes.Buffer - DumpGCSummary(&buf) - return string(buf.Bytes()) - default: - return fmt.Sprintf(`
Available operations:
-`, opt.ProfileURLPrefix) - } - ctx.Redirect(opt.ProfileURLPrefix) - return "" -} diff --git a/vendor/gitea.com/macaron/toolbox/statistic.go b/vendor/gitea.com/macaron/toolbox/statistic.go deleted file mode 100644 index 47e6ab23ee..0000000000 --- a/vendor/gitea.com/macaron/toolbox/statistic.go +++ /dev/null @@ -1,138 +0,0 @@ -// Copyright 2013 Beego Authors -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -package toolbox - -import ( - "encoding/json" - "fmt" - "io" - "strings" - "sync" - "time" -) - -// Statistics struct -type Statistics struct { - RequestUrl string - RequestNum int64 - MinTime time.Duration - MaxTime time.Duration - TotalTime time.Duration -} - -// UrlMap contains several statistics struct to log different data -type UrlMap struct { - lock sync.RWMutex - LengthLimit int // limit the urlmap's length if it's equal to 0 there's no limit - urlmap map[string]map[string]*Statistics -} - -// add statistics task. -// it needs request method, request url and statistics time duration -func (m *UrlMap) AddStatistics(requestMethod, requestUrl string, requesttime time.Duration) { - m.lock.Lock() - defer m.lock.Unlock() - - if method, ok := m.urlmap[requestUrl]; ok { - if s, ok := method[requestMethod]; ok { - s.RequestNum += 1 - if s.MaxTime < requesttime { - s.MaxTime = requesttime - } - if s.MinTime > requesttime { - s.MinTime = requesttime - } - s.TotalTime += requesttime - } else { - nb := &Statistics{ - RequestUrl: requestUrl, - RequestNum: 1, - MinTime: requesttime, - MaxTime: requesttime, - TotalTime: requesttime, - } - m.urlmap[requestUrl][requestMethod] = nb - } - - } else { - if m.LengthLimit > 0 && m.LengthLimit <= len(m.urlmap) { - return - } - methodmap := make(map[string]*Statistics) - nb := &Statistics{ - RequestUrl: requestUrl, - RequestNum: 1, - MinTime: requesttime, - MaxTime: requesttime, - TotalTime: requesttime, - } - methodmap[requestMethod] = nb - m.urlmap[requestUrl] = methodmap - } -} - -// put url statistics result in io.Writer -func (m *UrlMap) GetMap(w io.Writer) { - m.lock.RLock() - defer m.lock.RUnlock() - - sep := fmt.Sprintf("+%s+%s+%s+%s+%s+%s+%s+\n", strings.Repeat("-", 51), strings.Repeat("-", 12), - strings.Repeat("-", 18), strings.Repeat("-", 18), strings.Repeat("-", 18), strings.Repeat("-", 18), strings.Repeat("-", 18)) - fmt.Fprintf(w, sep) - fmt.Fprintf(w, "| % -50s| % -10s | % -16s | % -16s | % -16s | % -16s | % -16s |\n", "Request URL", "Method", "Times", "Total Used(s)", "Max Used(μs)", "Min Used(μs)", "Avg Used(μs)") - fmt.Fprintf(w, sep) - - for k, v := range m.urlmap { - for kk, vv := range v { - fmt.Fprintf(w, "| % -50s| % -10s | % 16d | % 16f | % 16.6f | % 16.6f | % 16.6f |\n", k, - kk, vv.RequestNum, vv.TotalTime.Seconds(), float64(vv.MaxTime.Nanoseconds())/1000, - float64(vv.MinTime.Nanoseconds())/1000, float64(time.Duration(int64(vv.TotalTime)/vv.RequestNum).Nanoseconds())/1000, - ) - } - } - fmt.Fprintf(w, sep) -} - -type URLMapInfo struct { - URL string `json:"url"` - Method string `json:"method"` - Times int64 `json:"times"` - TotalUsed float64 `json:"total_used"` - MaxUsed float64 `json:"max_used"` - MinUsed float64 `json:"min_used"` - AvgUsed float64 `json:"avg_used"` -} - -func (m *UrlMap) JSON(w io.Writer) { - infos := make([]*URLMapInfo, 0, len(m.urlmap)) - for k, v := range m.urlmap { - for kk, vv := range v { - infos = append(infos, &URLMapInfo{ - URL: k, - Method: kk, - Times: vv.RequestNum, - TotalUsed: vv.TotalTime.Seconds(), - MaxUsed: float64(vv.MaxTime.Nanoseconds()) / 1000, - MinUsed: float64(vv.MinTime.Nanoseconds()) / 1000, - AvgUsed: float64(time.Duration(int64(vv.TotalTime)/vv.RequestNum).Nanoseconds()) / 1000, - }) - } - } - - if err := json.NewEncoder(w).Encode(infos); err != nil { - panic("URLMap.JSON: " + err.Error()) - } -} diff --git a/vendor/gitea.com/macaron/toolbox/toolbox.go b/vendor/gitea.com/macaron/toolbox/toolbox.go deleted file mode 100644 index 42e565e45b..0000000000 --- a/vendor/gitea.com/macaron/toolbox/toolbox.go +++ /dev/null @@ -1,158 +0,0 @@ -// Copyright 2014 The Macaron Authors -// -// Licensed under the Apache License, Version 2.0 (the "License"): you may -// not use this file except in compliance with the License. You may obtain -// a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -// WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -// License for the specific language governing permissions and limitations -// under the License. - -// Package toolbox is a middleware that provides health check, pprof, profile and statistic services for Macaron. -package toolbox - -import ( - "fmt" - "io" - "net/http" - "net/http/pprof" - "path" - "time" - - "gitea.com/macaron/macaron" -) - -const _VERSION = "0.1.4" - -func Version() string { - return _VERSION -} - -// Toolbox represents a tool box service for Macaron instance. -type Toolbox interface { - AddHealthCheck(HealthChecker) - AddHealthCheckFunc(string, HealthCheckFunc) - AddStatistics(string, string, time.Duration) - GetMap(io.Writer) - JSON(io.Writer) -} - -type toolbox struct { - *UrlMap - healthCheckJobs []*healthCheck -} - -// Options represents a struct for specifying configuration options for the Toolbox middleware. -type Options struct { - // URL prefix for toolbox dashboard. Default is "/debug". - URLPrefix string - // URL for health check request. Default is "/healthcheck". - HealthCheckURL string - // Health checkers. - HealthCheckers []HealthChecker - // Health check functions. - HealthCheckFuncs []*HealthCheckFuncDesc - // URL for URL map json. Default is "/urlmap.json". - URLMapPrefix string - // DisableDebug turns off all debug functionality. - DisableDebug bool - // URL prefix of pprof. Default is "/debug/pprof/". - PprofURLPrefix string - // URL prefix of profile. Default is "/debug/profile/". - ProfileURLPrefix string - // Path store profile files. Default is "profile". - ProfilePath string -} - -var opt Options - -func prepareOptions(options []Options) { - if len(options) > 0 { - opt = options[0] - } - - // Defaults. - if len(opt.URLPrefix) == 0 { - opt.URLPrefix = "/debug" - } - if len(opt.HealthCheckURL) == 0 { - opt.HealthCheckURL = "/healthcheck" - } - if len(opt.URLMapPrefix) == 0 { - opt.URLMapPrefix = "/urlmap.json" - } - if len(opt.PprofURLPrefix) == 0 { - opt.PprofURLPrefix = "/debug/pprof/" - } else if opt.PprofURLPrefix[len(opt.PprofURLPrefix)-1] != '/' { - opt.PprofURLPrefix += "/" - } - if len(opt.ProfileURLPrefix) == 0 { - opt.ProfileURLPrefix = "/debug/profile/" - } else if opt.ProfileURLPrefix[len(opt.ProfileURLPrefix)-1] != '/' { - opt.ProfileURLPrefix += "/" - } - if len(opt.ProfilePath) == 0 { - opt.ProfilePath = path.Join(macaron.Root, "profile") - } -} - -func dashboard() string { - return fmt.Sprintf(`Toolbox Index:
- `, opt.PprofURLPrefix, opt.ProfileURLPrefix) -} - -var _ Toolbox = &toolbox{} - -// Toolboxer is a middleware provides health check, pprof, profile and statistic services for your application. -func Toolboxer(m *macaron.Macaron, options ...Options) macaron.Handler { - prepareOptions(options) - t := &toolbox{ - healthCheckJobs: make([]*healthCheck, 0, len(opt.HealthCheckers)+len(opt.HealthCheckFuncs)), - } - - // Dashboard. - m.Get(opt.URLPrefix, dashboard) - - // Health check. - for _, hc := range opt.HealthCheckers { - t.AddHealthCheck(hc) - } - for _, fd := range opt.HealthCheckFuncs { - t.AddHealthCheckFunc(fd.Desc, fd.Func) - } - m.Route(opt.HealthCheckURL, "HEAD,GET", t.handleHealthCheck) - - // URL map. - m.Get(opt.URLMapPrefix, func(rw http.ResponseWriter) { - t.JSON(rw) - }) - - if !opt.DisableDebug { - // Pprof - m.Any(path.Join(opt.PprofURLPrefix, "cmdline"), pprof.Cmdline) - m.Any(path.Join(opt.PprofURLPrefix, "profile"), pprof.Profile) - m.Any(path.Join(opt.PprofURLPrefix, "symbol"), pprof.Symbol) - m.Any(opt.PprofURLPrefix, pprof.Index) - m.Any(path.Join(opt.PprofURLPrefix, "*"), pprof.Index) - - // Profile - profilePath = opt.ProfilePath - m.Get(opt.ProfileURLPrefix, handleProfile) - } - - // Routes statistic. - t.UrlMap = &UrlMap{ - urlmap: make(map[string]map[string]*Statistics), - } - - return func(ctx *macaron.Context) { - ctx.MapTo(t, (*Toolbox)(nil)) - } -} diff --git a/vendor/github.com/NYTimes/gziphandler/.gitignore b/vendor/github.com/NYTimes/gziphandler/.gitignore new file mode 100644 index 0000000000..1377554ebe --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/.gitignore @@ -0,0 +1 @@ +*.swp diff --git a/vendor/github.com/NYTimes/gziphandler/.travis.yml b/vendor/github.com/NYTimes/gziphandler/.travis.yml new file mode 100644 index 0000000000..94dfae362d --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/.travis.yml @@ -0,0 +1,10 @@ +language: go +go: + - 1.x + - tip +env: + - GO111MODULE=on +install: + - go mod download +script: + - go test -race -v diff --git a/vendor/github.com/NYTimes/gziphandler/CODE_OF_CONDUCT.md b/vendor/github.com/NYTimes/gziphandler/CODE_OF_CONDUCT.md new file mode 100644 index 0000000000..cdbca194c3 --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/CODE_OF_CONDUCT.md @@ -0,0 +1,75 @@ +--- +layout: code-of-conduct +version: v1.0 +--- + +This code of conduct outlines our expectations for participants within the **NYTimes/gziphandler** community, as well as steps to reporting unacceptable behavior. We are committed to providing a welcoming and inspiring community for all and expect our code of conduct to be honored. Anyone who violates this code of conduct may be banned from the community. + +Our open source community strives to: + +* **Be friendly and patient.** +* **Be welcoming**: We strive to be a community that welcomes and supports people of all backgrounds and identities. This includes, but is not limited to members of any race, ethnicity, culture, national origin, colour, immigration status, social and economic class, educational level, sex, sexual orientation, gender identity and expression, age, size, family status, political belief, religion, and mental and physical ability. +* **Be considerate**: Your work will be used by other people, and you in turn will depend on the work of others. Any decision you take will affect users and colleagues, and you should take those consequences into account when making decisions. Remember that we're a world-wide community, so you might not be communicating in someone else's primary language. +* **Be respectful**: Not all of us will agree all the time, but disagreement is no excuse for poor behavior and poor manners. We might all experience some frustration now and then, but we cannot allow that frustration to turn into a personal attack. It’s important to remember that a community where people feel uncomfortable or threatened is not a productive one. +* **Be careful in the words that we choose**: we are a community of professionals, and we conduct ourselves professionally. Be kind to others. Do not insult or put down other participants. Harassment and other exclusionary behavior aren't acceptable. +* **Try to understand why we disagree**: Disagreements, both social and technical, happen all the time. It is important that we resolve disagreements and differing views constructively. Remember that we’re different. The strength of our community comes from its diversity, people from a wide range of backgrounds. Different people have different perspectives on issues. Being unable to understand why someone holds a viewpoint doesn’t mean that they’re wrong. Don’t forget that it is human to err and blaming each other doesn’t get us anywhere. Instead, focus on helping to resolve issues and learning from mistakes. + +## Definitions + +Harassment includes, but is not limited to: + +- Offensive comments related to gender, gender identity and expression, sexual orientation, disability, mental illness, neuro(a)typicality, physical appearance, body size, race, age, regional discrimination, political or religious affiliation +- Unwelcome comments regarding a person’s lifestyle choices and practices, including those related to food, health, parenting, drugs, and employment +- Deliberate misgendering. This includes deadnaming or persistently using a pronoun that does not correctly reflect a person's gender identity. You must address people by the name they give you when not addressing them by their username or handle +- Physical contact and simulated physical contact (eg, textual descriptions like “*hug*” or “*backrub*”) without consent or after a request to stop +- Threats of violence, both physical and psychological +- Incitement of violence towards any individual, including encouraging a person to commit suicide or to engage in self-harm +- Deliberate intimidation +- Stalking or following +- Harassing photography or recording, including logging online activity for harassment purposes +- Sustained disruption of discussion +- Unwelcome sexual attention, including gratuitous or off-topic sexual images or behaviour +- Pattern of inappropriate social contact, such as requesting/assuming inappropriate levels of intimacy with others +- Continued one-on-one communication after requests to cease +- Deliberate “outing” of any aspect of a person’s identity without their consent except as necessary to protect others from intentional abuse +- Publication of non-harassing private communication + +Our open source community prioritizes marginalized people’s safety over privileged people’s comfort. We will not act on complaints regarding: + +- ‘Reverse’ -isms, including ‘reverse racism,’ ‘reverse sexism,’ and ‘cisphobia’ +- Reasonable communication of boundaries, such as “leave me alone,” “go away,” or “I’m not discussing this with you” +- Refusal to explain or debate social justice concepts +- Communicating in a ‘tone’ you don’t find congenial +- Criticizing racist, sexist, cissexist, or otherwise oppressive behavior or assumptions + + +### Diversity Statement + +We encourage everyone to participate and are committed to building a community for all. Although we will fail at times, we seek to treat everyone both as fairly and equally as possible. Whenever a participant has made a mistake, we expect them to take responsibility for it. If someone has been harmed or offended, it is our responsibility to listen carefully and respectfully, and do our best to right the wrong. + +Although this list cannot be exhaustive, we explicitly honor diversity in age, gender, gender identity or expression, culture, ethnicity, language, national origin, political beliefs, profession, race, religion, sexual orientation, socioeconomic status, and technical ability. We will not tolerate discrimination based on any of the protected +characteristics above, including participants with disabilities. + +### Reporting Issues + +If you experience or witness unacceptable behavior—or have any other concerns—please report it by contacting us via **code@nytimes.com**. All reports will be handled with discretion. In your report please include: + +- Your contact information. +- Names (real, nicknames, or pseudonyms) of any individuals involved. If there are additional witnesses, please +include them as well. Your account of what occurred, and if you believe the incident is ongoing. If there is a publicly available record (e.g. a mailing list archive or a public IRC logger), please include a link. +- Any additional information that may be helpful. + +After filing a report, a representative will contact you personally, review the incident, follow up with any additional questions, and make a decision as to how to respond. If the person who is harassing you is part of the response team, they will recuse themselves from handling your incident. If the complaint originates from a member of the response team, it will be handled by a different member of the response team. We will respect confidentiality requests for the purpose of protecting victims of abuse. + +### Attribution & Acknowledgements + +We all stand on the shoulders of giants across many open source communities. We'd like to thank the communities and projects that established code of conducts and diversity statements as our inspiration: + +* [Django](https://www.djangoproject.com/conduct/reporting/) +* [Python](https://www.python.org/community/diversity/) +* [Ubuntu](http://www.ubuntu.com/about/about-ubuntu/conduct) +* [Contributor Covenant](http://contributor-covenant.org/) +* [Geek Feminism](http://geekfeminism.org/about/code-of-conduct/) +* [Citizen Code of Conduct](http://citizencodeofconduct.org/) + +This Code of Conduct was based on https://github.com/todogroup/opencodeofconduct diff --git a/vendor/github.com/NYTimes/gziphandler/CONTRIBUTING.md b/vendor/github.com/NYTimes/gziphandler/CONTRIBUTING.md new file mode 100644 index 0000000000..b89a9eb4fb --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/CONTRIBUTING.md @@ -0,0 +1,30 @@ +# Contributing to NYTimes/gziphandler + +This is an open source project started by handful of developers at The New York Times and open to the entire Go community. + +We really appreciate your help! + +## Filing issues + +When filing an issue, make sure to answer these five questions: + +1. What version of Go are you using (`go version`)? +2. What operating system and processor architecture are you using? +3. What did you do? +4. What did you expect to see? +5. What did you see instead? + +## Contributing code + +Before submitting changes, please follow these guidelines: + +1. Check the open issues and pull requests for existing discussions. +2. Open an issue to discuss a new feature. +3. Write tests. +4. Make sure code follows the ['Go Code Review Comments'](https://github.com/golang/go/wiki/CodeReviewComments). +5. Make sure your changes pass `go test`. +6. Make sure the entire test suite passes locally and on Travis CI. +7. Open a Pull Request. +8. [Squash your commits](http://gitready.com/advanced/2009/02/10/squashing-commits-with-rebase.html) after receiving feedback and add a [great commit message](http://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html). + +Unless otherwise noted, the gziphandler source files are distributed under the Apache 2.0-style license found in the LICENSE.md file. diff --git a/vendor/gitea.com/macaron/cors/LICENSE b/vendor/github.com/NYTimes/gziphandler/LICENSE similarity index 99% rename from vendor/gitea.com/macaron/cors/LICENSE rename to vendor/github.com/NYTimes/gziphandler/LICENSE index 261eeb9e9f..df6192d36f 100644 --- a/vendor/gitea.com/macaron/cors/LICENSE +++ b/vendor/github.com/NYTimes/gziphandler/LICENSE @@ -186,7 +186,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright [yyyy] [name of copyright owner] + Copyright 2016-2017 The New York Times Company Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/vendor/github.com/NYTimes/gziphandler/README.md b/vendor/github.com/NYTimes/gziphandler/README.md new file mode 100644 index 0000000000..6259acaca7 --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/README.md @@ -0,0 +1,56 @@ +Gzip Handler +============ + +This is a tiny Go package which wraps HTTP handlers to transparently gzip the +response body, for clients which support it. Although it's usually simpler to +leave that to a reverse proxy (like nginx or Varnish), this package is useful +when that's undesirable. + +## Install +```bash +go get -u github.com/NYTimes/gziphandler +``` + +## Usage + +Call `GzipHandler` with any handler (an object which implements the +`http.Handler` interface), and it'll return a new handler which gzips the +response. For example: + +```go +package main + +import ( + "io" + "net/http" + "github.com/NYTimes/gziphandler" +) + +func main() { + withoutGz := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("Content-Type", "text/plain") + io.WriteString(w, "Hello, World") + }) + + withGz := gziphandler.GzipHandler(withoutGz) + + http.Handle("/", withGz) + http.ListenAndServe("0.0.0.0:8000", nil) +} +``` + + +## Documentation + +The docs can be found at [godoc.org][docs], as usual. + + +## License + +[Apache 2.0][license]. + + + + +[docs]: https://godoc.org/github.com/NYTimes/gziphandler +[license]: https://github.com/NYTimes/gziphandler/blob/master/LICENSE diff --git a/vendor/github.com/NYTimes/gziphandler/go.mod b/vendor/github.com/NYTimes/gziphandler/go.mod new file mode 100644 index 0000000000..8019012742 --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/go.mod @@ -0,0 +1,5 @@ +module github.com/NYTimes/gziphandler + +go 1.11 + +require github.com/stretchr/testify v1.3.0 diff --git a/vendor/github.com/NYTimes/gziphandler/go.sum b/vendor/github.com/NYTimes/gziphandler/go.sum new file mode 100644 index 0000000000..4347755afe --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/go.sum @@ -0,0 +1,7 @@ +github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= diff --git a/vendor/github.com/NYTimes/gziphandler/gzip.go b/vendor/github.com/NYTimes/gziphandler/gzip.go new file mode 100644 index 0000000000..c112bbdf81 --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/gzip.go @@ -0,0 +1,532 @@ +package gziphandler // import "github.com/NYTimes/gziphandler" + +import ( + "bufio" + "compress/gzip" + "fmt" + "io" + "mime" + "net" + "net/http" + "strconv" + "strings" + "sync" +) + +const ( + vary = "Vary" + acceptEncoding = "Accept-Encoding" + contentEncoding = "Content-Encoding" + contentType = "Content-Type" + contentLength = "Content-Length" +) + +type codings map[string]float64 + +const ( + // DefaultQValue is the default qvalue to assign to an encoding if no explicit qvalue is set. + // This is actually kind of ambiguous in RFC 2616, so hopefully it's correct. + // The examples seem to indicate that it is. + DefaultQValue = 1.0 + + // DefaultMinSize is the default minimum size until we enable gzip compression. + // 1500 bytes is the MTU size for the internet since that is the largest size allowed at the network layer. + // If you take a file that is 1300 bytes and compress it to 800 bytes, it’s still transmitted in that same 1500 byte packet regardless, so you’ve gained nothing. + // That being the case, you should restrict the gzip compression to files with a size greater than a single packet, 1400 bytes (1.4KB) is a safe value. + DefaultMinSize = 1400 +) + +// gzipWriterPools stores a sync.Pool for each compression level for reuse of +// gzip.Writers. Use poolIndex to covert a compression level to an index into +// gzipWriterPools. +var gzipWriterPools [gzip.BestCompression - gzip.BestSpeed + 2]*sync.Pool + +func init() { + for i := gzip.BestSpeed; i <= gzip.BestCompression; i++ { + addLevelPool(i) + } + addLevelPool(gzip.DefaultCompression) +} + +// poolIndex maps a compression level to its index into gzipWriterPools. It +// assumes that level is a valid gzip compression level. +func poolIndex(level int) int { + // gzip.DefaultCompression == -1, so we need to treat it special. + if level == gzip.DefaultCompression { + return gzip.BestCompression - gzip.BestSpeed + 1 + } + return level - gzip.BestSpeed +} + +func addLevelPool(level int) { + gzipWriterPools[poolIndex(level)] = &sync.Pool{ + New: func() interface{} { + // NewWriterLevel only returns error on a bad level, we are guaranteeing + // that this will be a valid level so it is okay to ignore the returned + // error. + w, _ := gzip.NewWriterLevel(nil, level) + return w + }, + } +} + +// GzipResponseWriter provides an http.ResponseWriter interface, which gzips +// bytes before writing them to the underlying response. This doesn't close the +// writers, so don't forget to do that. +// It can be configured to skip response smaller than minSize. +type GzipResponseWriter struct { + http.ResponseWriter + index int // Index for gzipWriterPools. + gw *gzip.Writer + + code int // Saves the WriteHeader value. + + minSize int // Specifed the minimum response size to gzip. If the response length is bigger than this value, it is compressed. + buf []byte // Holds the first part of the write before reaching the minSize or the end of the write. + ignore bool // If true, then we immediately passthru writes to the underlying ResponseWriter. + + contentTypes []parsedContentType // Only compress if the response is one of these content-types. All are accepted if empty. +} + +type GzipResponseWriterWithCloseNotify struct { + *GzipResponseWriter +} + +func (w GzipResponseWriterWithCloseNotify) CloseNotify() <-chan bool { + return w.ResponseWriter.(http.CloseNotifier).CloseNotify() +} + +// Write appends data to the gzip writer. +func (w *GzipResponseWriter) Write(b []byte) (int, error) { + // GZIP responseWriter is initialized. Use the GZIP responseWriter. + if w.gw != nil { + return w.gw.Write(b) + } + + // If we have already decided not to use GZIP, immediately passthrough. + if w.ignore { + return w.ResponseWriter.Write(b) + } + + // Save the write into a buffer for later use in GZIP responseWriter (if content is long enough) or at close with regular responseWriter. + // On the first write, w.buf changes from nil to a valid slice + w.buf = append(w.buf, b...) + + var ( + cl, _ = strconv.Atoi(w.Header().Get(contentLength)) + ct = w.Header().Get(contentType) + ce = w.Header().Get(contentEncoding) + ) + // Only continue if they didn't already choose an encoding or a known unhandled content length or type. + if ce == "" && (cl == 0 || cl >= w.minSize) && (ct == "" || handleContentType(w.contentTypes, ct)) { + // If the current buffer is less than minSize and a Content-Length isn't set, then wait until we have more data. + if len(w.buf) < w.minSize && cl == 0 { + return len(b), nil + } + // If the Content-Length is larger than minSize or the current buffer is larger than minSize, then continue. + if cl >= w.minSize || len(w.buf) >= w.minSize { + // If a Content-Type wasn't specified, infer it from the current buffer. + if ct == "" { + ct = http.DetectContentType(w.buf) + w.Header().Set(contentType, ct) + } + // If the Content-Type is acceptable to GZIP, initialize the GZIP writer. + if handleContentType(w.contentTypes, ct) { + if err := w.startGzip(); err != nil { + return 0, err + } + return len(b), nil + } + } + } + // If we got here, we should not GZIP this response. + if err := w.startPlain(); err != nil { + return 0, err + } + return len(b), nil +} + +// startGzip initializes a GZIP writer and writes the buffer. +func (w *GzipResponseWriter) startGzip() error { + // Set the GZIP header. + w.Header().Set(contentEncoding, "gzip") + + // if the Content-Length is already set, then calls to Write on gzip + // will fail to set the Content-Length header since its already set + // See: https://github.com/golang/go/issues/14975. + w.Header().Del(contentLength) + + // Write the header to gzip response. + if w.code != 0 { + w.ResponseWriter.WriteHeader(w.code) + // Ensure that no other WriteHeader's happen + w.code = 0 + } + + // Initialize and flush the buffer into the gzip response if there are any bytes. + // If there aren't any, we shouldn't initialize it yet because on Close it will + // write the gzip header even if nothing was ever written. + if len(w.buf) > 0 { + // Initialize the GZIP response. + w.init() + n, err := w.gw.Write(w.buf) + + // This should never happen (per io.Writer docs), but if the write didn't + // accept the entire buffer but returned no specific error, we have no clue + // what's going on, so abort just to be safe. + if err == nil && n < len(w.buf) { + err = io.ErrShortWrite + } + return err + } + return nil +} + +// startPlain writes to sent bytes and buffer the underlying ResponseWriter without gzip. +func (w *GzipResponseWriter) startPlain() error { + if w.code != 0 { + w.ResponseWriter.WriteHeader(w.code) + // Ensure that no other WriteHeader's happen + w.code = 0 + } + w.ignore = true + // If Write was never called then don't call Write on the underlying ResponseWriter. + if w.buf == nil { + return nil + } + n, err := w.ResponseWriter.Write(w.buf) + w.buf = nil + // This should never happen (per io.Writer docs), but if the write didn't + // accept the entire buffer but returned no specific error, we have no clue + // what's going on, so abort just to be safe. + if err == nil && n < len(w.buf) { + err = io.ErrShortWrite + } + return err +} + +// WriteHeader just saves the response code until close or GZIP effective writes. +func (w *GzipResponseWriter) WriteHeader(code int) { + if w.code == 0 { + w.code = code + } +} + +// init graps a new gzip writer from the gzipWriterPool and writes the correct +// content encoding header. +func (w *GzipResponseWriter) init() { + // Bytes written during ServeHTTP are redirected to this gzip writer + // before being written to the underlying response. + gzw := gzipWriterPools[w.index].Get().(*gzip.Writer) + gzw.Reset(w.ResponseWriter) + w.gw = gzw +} + +// Close will close the gzip.Writer and will put it back in the gzipWriterPool. +func (w *GzipResponseWriter) Close() error { + if w.ignore { + return nil + } + + if w.gw == nil { + // GZIP not triggered yet, write out regular response. + err := w.startPlain() + // Returns the error if any at write. + if err != nil { + err = fmt.Errorf("gziphandler: write to regular responseWriter at close gets error: %q", err.Error()) + } + return err + } + + err := w.gw.Close() + gzipWriterPools[w.index].Put(w.gw) + w.gw = nil + return err +} + +// Flush flushes the underlying *gzip.Writer and then the underlying +// http.ResponseWriter if it is an http.Flusher. This makes GzipResponseWriter +// an http.Flusher. +func (w *GzipResponseWriter) Flush() { + if w.gw == nil && !w.ignore { + // Only flush once startGzip or startPlain has been called. + // + // Flush is thus a no-op until we're certain whether a plain + // or gzipped response will be served. + return + } + + if w.gw != nil { + w.gw.Flush() + } + + if fw, ok := w.ResponseWriter.(http.Flusher); ok { + fw.Flush() + } +} + +// Hijack implements http.Hijacker. If the underlying ResponseWriter is a +// Hijacker, its Hijack method is returned. Otherwise an error is returned. +func (w *GzipResponseWriter) Hijack() (net.Conn, *bufio.ReadWriter, error) { + if hj, ok := w.ResponseWriter.(http.Hijacker); ok { + return hj.Hijack() + } + return nil, nil, fmt.Errorf("http.Hijacker interface is not supported") +} + +// verify Hijacker interface implementation +var _ http.Hijacker = &GzipResponseWriter{} + +// MustNewGzipLevelHandler behaves just like NewGzipLevelHandler except that in +// an error case it panics rather than returning an error. +func MustNewGzipLevelHandler(level int) func(http.Handler) http.Handler { + wrap, err := NewGzipLevelHandler(level) + if err != nil { + panic(err) + } + return wrap +} + +// NewGzipLevelHandler returns a wrapper function (often known as middleware) +// which can be used to wrap an HTTP handler to transparently gzip the response +// body if the client supports it (via the Accept-Encoding header). Responses will +// be encoded at the given gzip compression level. An error will be returned only +// if an invalid gzip compression level is given, so if one can ensure the level +// is valid, the returned error can be safely ignored. +func NewGzipLevelHandler(level int) (func(http.Handler) http.Handler, error) { + return NewGzipLevelAndMinSize(level, DefaultMinSize) +} + +// NewGzipLevelAndMinSize behave as NewGzipLevelHandler except it let the caller +// specify the minimum size before compression. +func NewGzipLevelAndMinSize(level, minSize int) (func(http.Handler) http.Handler, error) { + return GzipHandlerWithOpts(CompressionLevel(level), MinSize(minSize)) +} + +func GzipHandlerWithOpts(opts ...option) (func(http.Handler) http.Handler, error) { + c := &config{ + level: gzip.DefaultCompression, + minSize: DefaultMinSize, + } + + for _, o := range opts { + o(c) + } + + if err := c.validate(); err != nil { + return nil, err + } + + return func(h http.Handler) http.Handler { + index := poolIndex(c.level) + + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.Header().Add(vary, acceptEncoding) + if acceptsGzip(r) { + gw := &GzipResponseWriter{ + ResponseWriter: w, + index: index, + minSize: c.minSize, + contentTypes: c.contentTypes, + } + defer gw.Close() + + if _, ok := w.(http.CloseNotifier); ok { + gwcn := GzipResponseWriterWithCloseNotify{gw} + h.ServeHTTP(gwcn, r) + } else { + h.ServeHTTP(gw, r) + } + + } else { + h.ServeHTTP(w, r) + } + }) + }, nil +} + +// Parsed representation of one of the inputs to ContentTypes. +// See https://golang.org/pkg/mime/#ParseMediaType +type parsedContentType struct { + mediaType string + params map[string]string +} + +// equals returns whether this content type matches another content type. +func (pct parsedContentType) equals(mediaType string, params map[string]string) bool { + if pct.mediaType != mediaType { + return false + } + // if pct has no params, don't care about other's params + if len(pct.params) == 0 { + return true + } + + // if pct has any params, they must be identical to other's. + if len(pct.params) != len(params) { + return false + } + for k, v := range pct.params { + if w, ok := params[k]; !ok || v != w { + return false + } + } + return true +} + +// Used for functional configuration. +type config struct { + minSize int + level int + contentTypes []parsedContentType +} + +func (c *config) validate() error { + if c.level != gzip.DefaultCompression && (c.level < gzip.BestSpeed || c.level > gzip.BestCompression) { + return fmt.Errorf("invalid compression level requested: %d", c.level) + } + + if c.minSize < 0 { + return fmt.Errorf("minimum size must be more than zero") + } + + return nil +} + +type option func(c *config) + +func MinSize(size int) option { + return func(c *config) { + c.minSize = size + } +} + +func CompressionLevel(level int) option { + return func(c *config) { + c.level = level + } +} + +// ContentTypes specifies a list of content types to compare +// the Content-Type header to before compressing. If none +// match, the response will be returned as-is. +// +// Content types are compared in a case-insensitive, whitespace-ignored +// manner. +// +// A MIME type without any other directive will match a content type +// that has the same MIME type, regardless of that content type's other +// directives. I.e., "text/html" will match both "text/html" and +// "text/html; charset=utf-8". +// +// A MIME type with any other directive will only match a content type +// that has the same MIME type and other directives. I.e., +// "text/html; charset=utf-8" will only match "text/html; charset=utf-8". +// +// By default, responses are gzipped regardless of +// Content-Type. +func ContentTypes(types []string) option { + return func(c *config) { + c.contentTypes = []parsedContentType{} + for _, v := range types { + mediaType, params, err := mime.ParseMediaType(v) + if err == nil { + c.contentTypes = append(c.contentTypes, parsedContentType{mediaType, params}) + } + } + } +} + +// GzipHandler wraps an HTTP handler, to transparently gzip the response body if +// the client supports it (via the Accept-Encoding header). This will compress at +// the default compression level. +func GzipHandler(h http.Handler) http.Handler { + wrapper, _ := NewGzipLevelHandler(gzip.DefaultCompression) + return wrapper(h) +} + +// acceptsGzip returns true if the given HTTP request indicates that it will +// accept a gzipped response. +func acceptsGzip(r *http.Request) bool { + acceptedEncodings, _ := parseEncodings(r.Header.Get(acceptEncoding)) + return acceptedEncodings["gzip"] > 0.0 +} + +// returns true if we've been configured to compress the specific content type. +func handleContentType(contentTypes []parsedContentType, ct string) bool { + // If contentTypes is empty we handle all content types. + if len(contentTypes) == 0 { + return true + } + + mediaType, params, err := mime.ParseMediaType(ct) + if err != nil { + return false + } + + for _, c := range contentTypes { + if c.equals(mediaType, params) { + return true + } + } + + return false +} + +// parseEncodings attempts to parse a list of codings, per RFC 2616, as might +// appear in an Accept-Encoding header. It returns a map of content-codings to +// quality values, and an error containing the errors encountered. It's probably +// safe to ignore those, because silently ignoring errors is how the internet +// works. +// +// See: http://tools.ietf.org/html/rfc2616#section-14.3. +func parseEncodings(s string) (codings, error) { + c := make(codings) + var e []string + + for _, ss := range strings.Split(s, ",") { + coding, qvalue, err := parseCoding(ss) + + if err != nil { + e = append(e, err.Error()) + } else { + c[coding] = qvalue + } + } + + // TODO (adammck): Use a proper multi-error struct, so the individual errors + // can be extracted if anyone cares. + if len(e) > 0 { + return c, fmt.Errorf("errors while parsing encodings: %s", strings.Join(e, ", ")) + } + + return c, nil +} + +// parseCoding parses a single conding (content-coding with an optional qvalue), +// as might appear in an Accept-Encoding header. It attempts to forgive minor +// formatting errors. +func parseCoding(s string) (coding string, qvalue float64, err error) { + for n, part := range strings.Split(s, ";") { + part = strings.TrimSpace(part) + qvalue = DefaultQValue + + if n == 0 { + coding = strings.ToLower(part) + } else if strings.HasPrefix(part, "q=") { + qvalue, err = strconv.ParseFloat(strings.TrimPrefix(part, "q="), 64) + + if qvalue < 0.0 { + qvalue = 0.0 + } else if qvalue > 1.0 { + qvalue = 1.0 + } + } + } + + if coding == "" { + err = fmt.Errorf("empty content-coding") + } + + return +} diff --git a/vendor/github.com/NYTimes/gziphandler/gzip_go18.go b/vendor/github.com/NYTimes/gziphandler/gzip_go18.go new file mode 100644 index 0000000000..fa9665b7e8 --- /dev/null +++ b/vendor/github.com/NYTimes/gziphandler/gzip_go18.go @@ -0,0 +1,43 @@ +// +build go1.8 + +package gziphandler + +import "net/http" + +// Push initiates an HTTP/2 server push. +// Push returns ErrNotSupported if the client has disabled push or if push +// is not supported on the underlying connection. +func (w *GzipResponseWriter) Push(target string, opts *http.PushOptions) error { + pusher, ok := w.ResponseWriter.(http.Pusher) + if ok && pusher != nil { + return pusher.Push(target, setAcceptEncodingForPushOptions(opts)) + } + return http.ErrNotSupported +} + +// setAcceptEncodingForPushOptions sets "Accept-Encoding" : "gzip" for PushOptions without overriding existing headers. +func setAcceptEncodingForPushOptions(opts *http.PushOptions) *http.PushOptions { + + if opts == nil { + opts = &http.PushOptions{ + Header: http.Header{ + acceptEncoding: []string{"gzip"}, + }, + } + return opts + } + + if opts.Header == nil { + opts.Header = http.Header{ + acceptEncoding: []string{"gzip"}, + } + return opts + } + + if encoding := opts.Header.Get(acceptEncoding); encoding == "" { + opts.Header.Add(acceptEncoding, "gzip") + return opts + } + + return opts +} diff --git a/vendor/github.com/go-chi/cors/LICENSE b/vendor/github.com/go-chi/cors/LICENSE new file mode 100644 index 0000000000..aee6182f9a --- /dev/null +++ b/vendor/github.com/go-chi/cors/LICENSE @@ -0,0 +1,21 @@ +Copyright (c) 2014 Olivier Poitrey