This repository has been archived on 2024-01-04. You can view files and clone it, but cannot push or open issues or pull requests.
forgejo/modules/context/context.go

350 lines
10 KiB
Go
Raw Normal View History

// Copyright 2014 The Gogs Authors. All rights reserved.
2020-01-09 21:34:25 +00:00
// Copyright 2020 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
2016-03-11 16:56:52 +00:00
package context
import (
"html"
2014-03-22 17:44:02 +00:00
"html/template"
2014-04-15 16:27:29 +00:00
"io"
"net/http"
"net/url"
"path"
2014-03-22 20:40:09 +00:00
"strings"
2014-03-19 13:57:55 +00:00
"time"
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/auth"
"code.gitea.io/gitea/modules/base"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
"gitea.com/macaron/cache"
"gitea.com/macaron/csrf"
"gitea.com/macaron/i18n"
"gitea.com/macaron/macaron"
"gitea.com/macaron/session"
"github.com/unknwon/com"
)
2014-03-15 13:17:16 +00:00
// Context represents context of a request.
type Context struct {
2014-07-26 04:24:27 +00:00
*macaron.Context
Cache cache.Cache
csrf csrf.CSRF
2014-07-26 04:24:27 +00:00
Flash *session.Flash
Session session.Store
Link string // current request URL
EscapedLink string
2014-11-18 16:07:16 +00:00
User *models.User
IsSigned bool
IsBasicAuth bool
2014-03-15 16:03:23 +00:00
2016-03-11 16:56:52 +00:00
Repo *Repository
2016-03-13 21:37:44 +00:00
Org *Organization
}
// IsUserSiteAdmin returns true if current user is a site admin
func (ctx *Context) IsUserSiteAdmin() bool {
return ctx.IsSigned && ctx.User.IsAdmin
}
// IsUserRepoOwner returns true if current user owns current repo
func (ctx *Context) IsUserRepoOwner() bool {
return ctx.Repo.IsOwner()
}
// IsUserRepoAdmin returns true if current user is admin in current repo
func (ctx *Context) IsUserRepoAdmin() bool {
return ctx.Repo.IsAdmin()
}
// IsUserRepoWriter returns true if current user has write privilege in current repo
func (ctx *Context) IsUserRepoWriter(unitTypes []models.UnitType) bool {
for _, unitType := range unitTypes {
if ctx.Repo.CanWrite(unitType) {
return true
}
}
return false
}
// IsUserRepoReaderSpecific returns true if current user can read current repo's specific part
func (ctx *Context) IsUserRepoReaderSpecific(unitType models.UnitType) bool {
return ctx.Repo.CanRead(unitType)
}
// IsUserRepoReaderAny returns true if current user can read any part of current repo
func (ctx *Context) IsUserRepoReaderAny() bool {
return ctx.Repo.HasAccess()
}
2016-11-25 06:51:01 +00:00
// HasAPIError returns true if error occurs in form validation.
func (ctx *Context) HasAPIError() bool {
2014-05-05 17:08:01 +00:00
hasErr, ok := ctx.Data["HasError"]
if !ok {
return false
}
return hasErr.(bool)
}
2016-11-25 06:51:01 +00:00
// GetErrMsg returns error message
2014-05-05 17:08:01 +00:00
func (ctx *Context) GetErrMsg() string {
return ctx.Data["ErrorMsg"].(string)
}
2014-03-15 14:52:14 +00:00
// HasError returns true if error occurs in form validation.
func (ctx *Context) HasError() bool {
hasErr, ok := ctx.Data["HasError"]
if !ok {
return false
}
2014-04-13 22:12:07 +00:00
ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
ctx.Data["Flash"] = ctx.Flash
2014-03-15 14:52:14 +00:00
return hasErr.(bool)
}
2015-07-08 11:47:56 +00:00
// HasValue returns true if value of given name exists.
func (ctx *Context) HasValue(name string) bool {
_, ok := ctx.Data[name]
return ok
}
// RedirectToFirst redirects to first not empty URL
func (ctx *Context) RedirectToFirst(location ...string) {
for _, loc := range location {
if len(loc) == 0 {
continue
}
u, err := url.Parse(loc)
2020-01-09 21:34:25 +00:00
if err != nil || ((u.Scheme != "" || u.Host != "") && !strings.HasPrefix(strings.ToLower(loc), strings.ToLower(setting.AppURL))) {
continue
}
ctx.Redirect(loc)
return
}
ctx.Redirect(setting.AppSubURL + "/")
}
2014-08-02 17:47:33 +00:00
// HTML calls Context.HTML and converts template name to string.
2014-07-26 04:24:27 +00:00
func (ctx *Context) HTML(status int, name base.TplName) {
log.Debug("Template: %s", name)
2014-08-02 17:47:33 +00:00
ctx.Context.HTML(status, string(name))
2014-03-20 11:50:26 +00:00
}
2014-03-15 14:52:14 +00:00
// RenderWithErr used for page has form validation but need to prompt error to users.
2014-07-26 04:24:27 +00:00
func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {
2014-04-03 19:50:55 +00:00
if form != nil {
auth.AssignForm(form, ctx.Data)
}
2014-04-10 20:36:50 +00:00
ctx.Flash.ErrorMsg = msg
ctx.Data["Flash"] = ctx.Flash
2014-03-20 11:50:26 +00:00
ctx.HTML(200, tpl)
2014-03-15 14:52:14 +00:00
}
// NotFound displays a 404 (Not Found) page and prints the given error, if any.
func (ctx *Context) NotFound(title string, err error) {
ctx.notFoundInternal(title, err)
}
func (ctx *Context) notFoundInternal(title string, err error) {
2014-05-01 22:53:41 +00:00
if err != nil {
log.ErrorWithSkip(2, "%s: %v", title, err)
2014-07-26 04:24:27 +00:00
if macaron.Env != macaron.PROD {
2014-05-01 22:53:41 +00:00
ctx.Data["ErrorMsg"] = err
}
2014-03-19 08:48:45 +00:00
}
ctx.Data["IsRepo"] = ctx.Repo.Repository != nil
ctx.Data["Title"] = "Page Not Found"
ctx.HTML(http.StatusNotFound, base.TplName("status/404"))
}
// ServerError displays a 500 (Internal Server Error) page and prints the given
// error, if any.
func (ctx *Context) ServerError(title string, err error) {
ctx.serverErrorInternal(title, err)
}
func (ctx *Context) serverErrorInternal(title string, err error) {
if err != nil {
log.ErrorWithSkip(2, "%s: %v", title, err)
if macaron.Env != macaron.PROD {
ctx.Data["ErrorMsg"] = err
}
2014-05-01 22:53:41 +00:00
}
ctx.Data["Title"] = "Internal Server Error"
ctx.HTML(http.StatusInternalServerError, base.TplName("status/500"))
}
2016-08-30 09:08:38 +00:00
// NotFoundOrServerError use error check function to determine if the error
// is about not found. It responses with 404 status code for not found error,
// or error context description for logging purpose of 500 server error.
func (ctx *Context) NotFoundOrServerError(title string, errck func(error) bool, err error) {
2016-07-25 18:48:17 +00:00
if errck(err) {
ctx.notFoundInternal(title, err)
2016-07-25 18:48:17 +00:00
return
}
ctx.serverErrorInternal(title, err)
2016-07-25 18:48:17 +00:00
}
2016-11-25 06:51:01 +00:00
// HandleText handles HTTP status code
func (ctx *Context) HandleText(status int, title string) {
2015-07-08 11:47:56 +00:00
if (status/100 == 4) || (status/100 == 5) {
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
2019-04-02 07:48:31 +00:00
log.Error("%s", title)
}
2015-10-16 01:28:12 +00:00
ctx.PlainText(status, []byte(title))
}
2016-11-25 06:51:01 +00:00
// ServeContent serves content to http request
2014-04-15 16:27:29 +00:00
func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {
modtime := time.Now()
for _, p := range params {
switch v := p.(type) {
case time.Time:
modtime = v
}
}
2014-07-26 04:24:27 +00:00
ctx.Resp.Header().Set("Content-Description", "File Transfer")
ctx.Resp.Header().Set("Content-Type", "application/octet-stream")
ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)
ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")
ctx.Resp.Header().Set("Expires", "0")
ctx.Resp.Header().Set("Cache-Control", "must-revalidate")
ctx.Resp.Header().Set("Pragma", "public")
ctx.Resp.Header().Set("Access-Control-Expose-Headers", "Content-Disposition")
2014-10-19 03:26:55 +00:00
http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r)
2014-04-10 18:37:43 +00:00
}
2014-07-26 04:24:27 +00:00
// Contexter initializes a classic context for a request.
func Contexter() macaron.Handler {
return func(c *macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f *session.Flash, x csrf.CSRF) {
ctx := &Context{
2014-07-26 04:24:27 +00:00
Context: c,
Cache: cache,
csrf: x,
2014-07-26 04:24:27 +00:00
Flash: f,
Session: sess,
Link: setting.AppSubURL + strings.TrimSuffix(c.Req.URL.EscapedPath(), "/"),
2016-03-11 16:56:52 +00:00
Repo: &Repository{
PullRequest: &PullRequest{},
2016-03-07 04:57:46 +00:00
},
2016-03-13 21:37:44 +00:00
Org: &Organization{},
}
Add lang specific font stacks for CJK (#6007) * Add lang specific font stacks * Force font changes Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix icons Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix octicons and icons Signed-off-by: Andrew Thornton <art27@cantab.net> * Just override the semantic ui fonts only Signed-off-by: Andrew Thornton <art27@cantab.net> * Missed the headers... override them too * Missed some more semantic ui stuff * Fix PT Sans Signed-off-by: Andrew Thornton <art27@cantab.net> * More changes Signed-off-by: Andrew Thornton <art27@cantab.net> * Squashed commit of the following: commit 7d1679e9079541359869c9e677ba7412bfcc59f3 Author: Mike L <cl.jeremy@qq.com> Date: Wed Mar 13 13:53:49 2019 +0100 Remove missed YaHei leftover from _home.less commit 0079121ea91860a323ed4e5cc1a9c0d490d9cefd Author: Mike L <cl.jeremy@qq.com> Date: Wed Mar 13 12:03:54 2019 +0100 Fix overdone fixes (inherit, :lang) commit 62c919915928ec1db4731d547e95885f91a0618d Author: Mike L <cl.jeremy@qq.com> Date: Wed Mar 13 02:29:10 2019 +0100 Fix elements w/ explicit lang (language chooser) commit b3117587aa2eb8570d60bed583a11ee5565418be Author: Mike L <cl.jeremy@qq.com> Date: Tue Mar 12 20:17:26 2019 +0100 Fix textarea also (to match body) commit 81cedf2c3012c4dd05a7680782b4a98e1b947f67 Author: Mike L <cl.jeremy@qq.com> Date: Tue Mar 12 19:41:39 2019 +0100 Revert css temporarily to fix conflict commit 80ff82797f3203cbeaf866f22e961334e137df89 Author: Mike L <cl.jeremy@qq.com> Date: Tue Mar 12 19:15:30 2019 +0100 Tweak CJK, fix Yu Gothic, more monospace inherits commit 581dceb9a869646c2c486dabb925c88c2680d70c Author: Mike L <cl.jeremy@qq.com> Date: Mon Mar 11 13:09:26 2019 +0100 Add Lato for latin extd. & cyrillic, improve CJK * update stylesheet
2019-03-18 12:49:01 +00:00
ctx.Data["Language"] = ctx.Locale.Language()
c.Data["Link"] = ctx.Link
ctx.Data["CurrentURL"] = setting.AppSubURL + c.Req.URL.RequestURI()
2014-07-26 04:24:27 +00:00
ctx.Data["PageStartTime"] = time.Now()
// Quick responses appropriate go-get meta with status 200
// regardless of if user have access to the repository,
// or the repository does not exist at all.
// This is particular a workaround for "go get" command which does not respect
// .netrc file.
if ctx.Query("go-get") == "1" {
ownerName := c.Params(":username")
repoName := c.Params(":reponame")
trimmedRepoName := strings.TrimSuffix(repoName, ".git")
if ownerName == "" || trimmedRepoName == "" {
_, _ = c.Write([]byte(`<!doctype html>
<html>
<body>
invalid import path
</body>
</html>
`))
c.WriteHeader(400)
return
}
branchName := "master"
repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName)
if err == nil && len(repo.DefaultBranch) > 0 {
branchName = repo.DefaultBranch
}
prefix := setting.AppURL + path.Join(url.PathEscape(ownerName), url.PathEscape(repoName), "src", "branch", util.PathEscapeSegments(branchName))
appURL, _ := url.Parse(setting.AppURL)
insecure := ""
if appURL.Scheme == string(setting.HTTP) {
insecure = "--insecure "
}
2018-01-29 17:50:04 +00:00
c.Header().Set("Content-Type", "text/html")
c.WriteHeader(http.StatusOK)
2019-06-12 19:41:28 +00:00
_, _ = c.Write([]byte(com.Expand(`<!doctype html>
<html>
<head>
<meta name="go-import" content="{GoGetImport} git {CloneLink}">
<meta name="go-source" content="{GoGetImport} _ {GoDocDirectory} {GoDocFile}">
</head>
<body>
go get {Insecure}{GoGetImport}
</body>
</html>
`, map[string]string{
"GoGetImport": ComposeGoGetImport(ownerName, trimmedRepoName),
"CloneLink": models.ComposeHTTPSCloneURL(ownerName, repoName),
"GoDocDirectory": prefix + "{/dir}",
"GoDocFile": prefix + "{/dir}/{file}#L{line}",
"Insecure": insecure,
})))
return
}
2014-03-22 12:49:53 +00:00
// Get user from session if logged in.
ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)
2014-11-07 19:46:13 +00:00
2014-07-26 04:24:27 +00:00
if ctx.User != nil {
ctx.IsSigned = true
ctx.Data["IsSigned"] = ctx.IsSigned
ctx.Data["SignedUser"] = ctx.User
2016-07-23 17:08:22 +00:00
ctx.Data["SignedUserID"] = ctx.User.ID
2014-11-07 03:06:41 +00:00
ctx.Data["SignedUserName"] = ctx.User.Name
2014-03-20 12:02:14 +00:00
ctx.Data["IsAdmin"] = ctx.User.IsAdmin
2014-11-07 03:06:41 +00:00
} else {
ctx.Data["SignedUserID"] = int64(0)
2014-11-07 03:06:41 +00:00
ctx.Data["SignedUserName"] = ""
2014-03-15 12:50:17 +00:00
}
2014-07-24 13:19:59 +00:00
// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
2014-07-26 04:24:27 +00:00
if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
Add a storage layer for attachments (#11387) * Add a storage layer for attachments * Fix some bug * fix test * Fix copyright head and lint * Fix bug * Add setting for minio and flags for migrate-storage * Add documents * fix lint * Add test for minio store type on attachments * fix test * fix test * Apply suggestions from code review Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> * Add warning when storage migrated successfully * Fix drone * fix test * rebase * Fix test * display the error on console * Move minio test to amd64 since minio docker don't support arm64 * refactor the codes * add trace * Fix test * remove log on xorm * Fi download bug * Add a storage layer for attachments * Add setting for minio and flags for migrate-storage * fix lint * Add test for minio store type on attachments * Apply suggestions from code review Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> * Fix drone * fix test * Fix test * display the error on console * Move minio test to amd64 since minio docker don't support arm64 * refactor the codes * add trace * Fix test * Add URL function to serve attachments directly from S3/Minio * Add ability to enable/disable redirection in attachment configuration * Fix typo * Add a storage layer for attachments * Add setting for minio and flags for migrate-storage * fix lint * Add test for minio store type on attachments * Apply suggestions from code review Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> * Fix drone * fix test * Fix test * display the error on console * Move minio test to amd64 since minio docker don't support arm64 * don't change unrelated files * Fix lint * Fix build * update go.mod and go.sum * Use github.com/minio/minio-go/v6 * Remove unused function * Upgrade minio to v7 and some other improvements * fix lint * Fix go mod Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Tyler <tystuyfzand@gmail.com>
2020-08-18 04:23:45 +00:00
if err := ctx.Req.ParseMultipartForm(setting.Attachment.MaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
ctx.ServerError("ParseMultipartForm", err)
2014-07-24 13:19:59 +00:00
return
}
}
ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`)
ctx.Data["CsrfToken"] = html.EscapeString(x.GetToken())
ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + ctx.Data["CsrfToken"].(string) + `">`)
log.Debug("Session ID: %s", sess.ID())
log.Debug("CSRF Token: %v", ctx.Data["CsrfToken"])
2014-03-19 13:57:55 +00:00
ctx.Data["IsLandingPageHome"] = setting.LandingPageURL == setting.LandingPageHome
ctx.Data["IsLandingPageExplore"] = setting.LandingPageURL == setting.LandingPageExplore
ctx.Data["IsLandingPageOrganizations"] = setting.LandingPageURL == setting.LandingPageOrganizations
2015-02-07 02:16:23 +00:00
ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton
ctx.Data["ShowMilestonesDashboardPage"] = setting.Service.ShowMilestonesDashboardPage
ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding
ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion
ctx.Data["EnableSwagger"] = setting.API.EnableSwagger
ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn
2015-02-07 02:16:23 +00:00
c.Map(ctx)
}
}