Merge branch 'master' of https://github.com/gogits/gogs

Conflicts: routers/repo/download.go
author: Don Bowman <don.waterloo@gmail.com> 2015-08-12 21:10:00 +0000
committer: Don Bowman <don.waterloo@gmail.com> 2015-08-12 21:10:00 +0000
commit: 1cb46ede1acf4f8527e64fcae7e92672cad764b2 (patch)
tree: fabb54ee5f040be2a4ee5c95f87cb3e9fbf7bdea /cmd
parent: 9e6bd31d76aa6d6495a2144466af78773f34d07c (diff)
parent: aede5cdb04fdbf74d9c602062fdece9f408e90f4 (diff)
3 files changed, 140 insertions, 85 deletions
diff --git a/cmd/cert.go b/cmd/cert.go
index 631c4c68..0a09b003 100644
--- a/cmd/cert.go
+++ b/cmd/cert.go
@@ -114,6 +114,7 @@ func runCert(ctx *cli.Context) {
 		SerialNumber: serialNumber,
 		Subject: pkix.Name{
 			Organization: []string{"Acme Co"},
+			CommonName: "Gogs",
 		},
 		NotBefore: notBefore,
 		NotAfter:  notAfter,
diff --git a/cmd/serve.go b/cmd/serve.go
index 484060c4..9638da8b 100644
--- a/cmd/serve.go
+++ b/cmd/serve.go
@@ -16,6 +16,7 @@ import (
 	"github.com/codegangsta/cli"
 
 	"github.com/gogits/gogs/models"
+	"github.com/gogits/gogs/modules/httplib"
 	"github.com/gogits/gogs/modules/log"
 	"github.com/gogits/gogs/modules/setting"
 	"github.com/gogits/gogs/modules/uuid"
@@ -70,42 +71,25 @@ var (
 	}
 )
 
+func fail(userMessage, logMessage string, args ...interface{}) {
+	fmt.Fprintln(os.Stderr, "Gogs:", userMessage)
+	log.GitLogger.Fatal(3, logMessage, args...)
+}
+
 func runServ(c *cli.Context) {
 	if c.IsSet("config") {
 		setting.CustomConf = c.String("config")
 	}
 	setup("serv.log")
 
-	fail := func(userMessage, logMessage string, args ...interface{}) {
-		fmt.Fprintln(os.Stderr, "Gogs: ", userMessage)
-		log.GitLogger.Fatal(2, logMessage, args...)
-	}
-
 	if len(c.Args()) < 1 {
-		fail("Not enough arguments", "Not enough arugments")
-	}
-
-	keys := strings.Split(c.Args()[0], "-")
-	if len(keys) != 2 {
-		fail("key-id format error", "Invalid key id: %s", c.Args()[0])
-	}
-
-	keyId, err := com.StrTo(keys[1]).Int64()
-	if err != nil {
-		fail("key-id format error", "Invalid key id: %s", err)
-	}
-
-	user, err := models.GetUserByKeyId(keyId)
-	if err != nil {
-		fail("internal error", "Fail to get user by key ID(%d): %v", keyId, err)
+		fail("Not enough arguments", "Not enough arguments")
 	}
 
 	cmd := os.Getenv("SSH_ORIGINAL_COMMAND")
-	if cmd == "" {
-		println("Hi", user.Name, "! You've successfully authenticated, but Gogs does not provide shell access.")
-		if user.IsAdmin {
-			println("If this is unexpected, please log in with password and setup Gogs under another user.")
-		}
+	if len(cmd) == 0 {
+		println("Hi there, You've successfully authenticated, but Gogs does not provide shell access.")
+		println("If this is unexpected, please log in with password and setup Gogs under another user.")
 		return
 	}
 
@@ -113,29 +97,25 @@ func runServ(c *cli.Context) {
 	repoPath := strings.Trim(args, "'")
 	rr := strings.SplitN(repoPath, "/", 2)
 	if len(rr) != 2 {
-		fail("Invalid repository path", "Invalide repository path: %v", args)
+		fail("Invalid repository path", "Invalid repository path: %v", args)
 	}
 	repoUserName := rr[0]
 	repoName := strings.TrimSuffix(rr[1], ".git")
 
 	repoUser, err := models.GetUserByName(repoUserName)
 	if err != nil {
-		if err == models.ErrUserNotExist {
+		if models.IsErrUserNotExist(err) {
 			fail("Repository owner does not exist", "Unregistered owner: %s", repoUserName)
 		}
-		fail("Internal error", "Fail to get repository owner(%s): %v", repoUserName, err)
+		fail("Internal error", "Failed to get repository owner(%s): %v", repoUserName, err)
 	}
 
 	repo, err := models.GetRepositoryByName(repoUser.Id, repoName)
 	if err != nil {
 		if models.IsErrRepoNotExist(err) {
-			if user.Id == repoUser.Id || repoUser.IsOwnedBy(user.Id) {
-				fail("Repository does not exist", "Repository does not exist: %s/%s", repoUser.Name, repoName)
-			} else {
-				fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, repoName)
-			}
+			fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, repoName)
 		}
-		fail("Internal error", "Fail to get repository: %v", err)
+		fail("Internal error", "Failed to get repository: %v", err)
 	}
 
 	requestedMode, has := COMMANDS[verb]
@@ -143,17 +123,62 @@ func runServ(c *cli.Context) {
 		fail("Unknown git command", "Unknown git command %s", verb)
 	}
 
-	mode, err := models.AccessLevel(user, repo)
-	if err != nil {
-		fail("Internal error", "Fail to check access: %v", err)
-	} else if mode < requestedMode {
-		clientMessage := _ACCESS_DENIED_MESSAGE
-		if mode >= models.ACCESS_MODE_READ {
-			clientMessage = "You do not have sufficient authorization for this action"
+	// Allow anonymous clone for public repositories.
+	var (
+		keyID int64
+		user  *models.User
+	)
+	if requestedMode == models.ACCESS_MODE_WRITE || repo.IsPrivate {
+		keys := strings.Split(c.Args()[0], "-")
+		if len(keys) != 2 {
+			fail("Key ID format error", "Invalid key ID: %s", c.Args()[0])
+		}
+
+		key, err := models.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64())
+		if err != nil {
+			fail("Key ID format error", "Invalid key ID[%s]: %v", c.Args()[0], err)
+		}
+		keyID = key.ID
+
+		// Check deploy key or user key.
+		if key.Type == models.KEY_TYPE_DEPLOY {
+			if key.Mode < requestedMode {
+				fail("Key permission denied", "Cannot push with deployment key: %d", key.ID)
+			}
+			// Check if this deploy key belongs to current repository.
+			if !models.HasDeployKey(key.ID, repo.Id) {
+				fail("Key access denied", "Key access denied: %d-%d", key.ID, repo.Id)
+			}
+
+			// Update deploy key activity.
+			deployKey, err := models.GetDeployKeyByRepo(key.ID, repo.Id)
+			if err != nil {
+				fail("Internal error", "GetDeployKey: %v", err)
+			}
+
+			deployKey.Updated = time.Now()
+			if err = models.UpdateDeployKey(deployKey); err != nil {
+				fail("Internal error", "UpdateDeployKey: %v", err)
+			}
+		} else {
+			user, err = models.GetUserByKeyId(key.ID)
+			if err != nil {
+				fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
+			}
+
+			mode, err := models.AccessLevel(user, repo)
+			if err != nil {
+				fail("Internal error", "Fail to check access: %v", err)
+			} else if mode < requestedMode {
+				clientMessage := _ACCESS_DENIED_MESSAGE
+				if mode >= models.ACCESS_MODE_READ {
+					clientMessage = "You do not have sufficient authorization for this action"
+				}
+				fail(clientMessage,
+					"User %s does not have level %v access to repository %s",
+					user.Name, requestedMode, repoPath)
+			}
 		}
-		fail(clientMessage,
-			"User %s does not have level %v access to repository %s",
-			user.Name, requestedMode, repoPath)
 	}
 
 	uuid := uuid.NewV4().String()
@@ -171,7 +196,7 @@ func runServ(c *cli.Context) {
 	gitcmd.Stdin = os.Stdin
 	gitcmd.Stderr = os.Stderr
 	if err = gitcmd.Run(); err != nil {
-		fail("Internal error", "Fail to execute git command: %v", err)
+		fail("Internal error", "Failed to execute git command: %v", err)
 	}
 
 	if requestedMode == models.ACCESS_MODE_WRITE {
@@ -184,7 +209,7 @@ func runServ(c *cli.Context) {
 			err = models.Update(task.RefName, task.OldCommitId, task.NewCommitId,
 				user.Name, repoUserName, repoName, user.Id)
 			if err != nil {
-				log.GitLogger.Error(2, "Fail to update: %v", err)
+				log.GitLogger.Error(2, "Failed to update: %v", err)
 			}
 		}
 
@@ -193,13 +218,22 @@ func runServ(c *cli.Context) {
 		}
 	}
 
-	// Update key activity.
-	key, err := models.GetPublicKeyById(keyId)
-	if err != nil {
-		fail("Internal error", "GetPublicKeyById: %v", err)
+	// Send deliver hook request.
+	resp, err := httplib.Head(setting.AppUrl + setting.AppSubUrl + repoUserName + "/" + repoName + "/hooks/trigger").Response()
+	if err == nil {
+		resp.Body.Close()
 	}
-	key.Updated = time.Now()
-	if err = models.UpdatePublicKey(key); err != nil {
-		fail("Internal error", "UpdatePublicKey: %v", err)
+
+	// Update user key activity.
+	if keyID > 0 {
+		key, err := models.GetPublicKeyByID(keyID)
+		if err != nil {
+			fail("Internal error", "GetPublicKeyById: %v", err)
+		}
+
+		key.Updated = time.Now()
+		if err = models.UpdatePublicKey(key); err != nil {
+			fail("Internal error", "UpdatePublicKey: %v", err)
+		}
 	}
 }
diff --git a/cmd/web.go b/cmd/web.go
index ca4a6291..850dc84b 100644
--- a/cmd/web.go
+++ b/cmd/web.go
@@ -17,6 +17,7 @@ import (
 
 	"github.com/Unknwon/macaron"
 	"github.com/codegangsta/cli"
+	"github.com/go-xorm/xorm"
 	"github.com/macaron-contrib/binding"
 	"github.com/macaron-contrib/cache"
 	"github.com/macaron-contrib/captcha"
@@ -25,6 +26,7 @@ import (
 	"github.com/macaron-contrib/oauth2"
 	"github.com/macaron-contrib/session"
 	"github.com/macaron-contrib/toolbox"
+	"github.com/mcuadros/go-version"
 	"gopkg.in/ini.v1"
 
 	api "github.com/gogits/go-gogs-client"
@@ -35,7 +37,6 @@ import (
 	"github.com/gogits/gogs/modules/avatar"
 	"github.com/gogits/gogs/modules/base"
 	"github.com/gogits/gogs/modules/bindata"
-	"github.com/gogits/gogs/modules/git"
 	"github.com/gogits/gogs/modules/log"
 	"github.com/gogits/gogs/modules/middleware"
 	"github.com/gogits/gogs/modules/setting"
@@ -69,7 +70,7 @@ type VerChecker struct {
 // checkVersion checks if binary matches the version of templates files.
 func checkVersion() {
 	// Templates.
-	data, err := ioutil.ReadFile(path.Join(setting.StaticRootPath, "templates/.VERSION"))
+	data, err := ioutil.ReadFile(setting.StaticRootPath + "/templates/.VERSION")
 	if err != nil {
 		log.Fatal(4, "Fail to read 'templates/.VERSION': %v", err)
 	}
@@ -79,18 +80,18 @@ func checkVersion() {
 
 	// Check dependency version.
 	checkers := []VerChecker{
+		{"github.com/go-xorm/xorm", func() string { return xorm.Version }, "0.4.3.0806"},
 		{"github.com/Unknwon/macaron", macaron.Version, "0.5.4"},
-		{"github.com/macaron-contrib/binding", binding.Version, "0.0.6"},
+		{"github.com/macaron-contrib/binding", binding.Version, "0.1.0"},
 		{"github.com/macaron-contrib/cache", cache.Version, "0.0.7"},
 		{"github.com/macaron-contrib/csrf", csrf.Version, "0.0.3"},
 		{"github.com/macaron-contrib/i18n", i18n.Version, "0.0.7"},
 		{"github.com/macaron-contrib/session", session.Version, "0.1.6"},
-		{"gopkg.in/ini.v1", ini.Version, "1.2.0"},
+		{"gopkg.in/ini.v1", ini.Version, "1.3.4"},
 	}
 	for _, c := range checkers {
-		ver := strings.Join(strings.Split(c.Version(), ".")[:3], ".")
-		if git.MustParseVersion(ver).LessThan(git.MustParseVersion(c.Expected)) {
-			log.Fatal(4, "Package '%s' version is too old(%s -> %s), did you forget to update?", c.ImportPath, ver, c.Expected)
+		if !version.Compare(c.Version(), c.Expected, ">=") {
+			log.Fatal(4, "Package '%s' version is too old(%s -> %s), did you forget to update?", c.ImportPath, c.Version(), c.Expected)
 		}
 	}
 }
@@ -98,7 +99,9 @@ func checkVersion() {
 // newMacaron initializes Macaron instance.
 func newMacaron() *macaron.Macaron {
 	m := macaron.New()
-	m.Use(macaron.Logger())
+	if !setting.DisableRouterLog {
+		m.Use(macaron.Logger())
+	}
 	m.Use(macaron.Recovery())
 	if setting.EnableGzip {
 		m.Use(macaron.Gziper())
@@ -109,14 +112,14 @@ func newMacaron() *macaron.Macaron {
 	m.Use(macaron.Static(
 		path.Join(setting.StaticRootPath, "public"),
 		macaron.StaticOptions{
-			SkipLogging: !setting.DisableRouterLog,
+			SkipLogging: setting.DisableRouterLog,
 		},
 	))
 	m.Use(macaron.Static(
 		setting.AvatarUploadPath,
 		macaron.StaticOptions{
 			Prefix:      "avatars",
-			SkipLogging: !setting.DisableRouterLog,
+			SkipLogging: setting.DisableRouterLog,
 		},
 	))
 	m.Use(macaron.Renderer(macaron.RenderOptions{
@@ -242,7 +245,7 @@ func runWeb(ctx *cli.Context) {
 				ctx.HandleAPI(404, "Page not found")
 			})
 		})
-	})
+	}, ignSignIn)
 
 	// User.
 	m.Group("/user", func() {
@@ -328,7 +331,7 @@ func runWeb(ctx *cli.Context) {
 		m.Get("/template/*", dev.TemplatePreview)
 	}
 
-	reqAdmin := middleware.RequireAdmin()
+	reqRepoAdmin := middleware.RequireRepoAdmin()
 
 	// Organization.
 	m.Group("/org", func() {
@@ -380,8 +383,8 @@ func runWeb(ctx *cli.Context) {
 		m.Post("/create", bindIgnErr(auth.CreateRepoForm{}), repo.CreatePost)
 		m.Get("/migrate", repo.Migrate)
 		m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), repo.MigratePost)
-		m.Get("/fork", repo.Fork)
-		m.Post("/fork", bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
+		m.Combo("/fork/:repoid").Get(repo.Fork).
+			Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
 	}, reqSignIn)
 
 	m.Group("/:username/:reponame", func() {
@@ -402,8 +405,15 @@ func runWeb(ctx *cli.Context) {
 				m.Get("/:name", repo.GitHooksEdit)
 				m.Post("/:name", repo.GitHooksEditPost)
 			}, middleware.GitHookService())
+
+			m.Group("/keys", func() {
+				m.Combo("").Get(repo.SettingsDeployKeys).
+					Post(bindIgnErr(auth.AddSSHKeyForm{}), repo.SettingsDeployKeysPost)
+				m.Post("/delete", repo.DeleteDeployKey)
+			})
+
 		})
-	}, reqSignIn, middleware.RepoAssignment(true), reqAdmin)
+	}, reqSignIn, middleware.RepoAssignment(true), reqRepoAdmin)
 
 	m.Group("/:username/:reponame", func() {
 		m.Get("/action/:action", repo.Action)
@@ -416,15 +426,20 @@ func runWeb(ctx *cli.Context) {
 			m.Post("/:index/milestone", repo.UpdateIssueMilestone)
 			m.Post("/:index/assignee", repo.UpdateAssignee)
 			m.Get("/:index/attachment/:id", repo.IssueGetAttachment)
-			m.Post("/labels/new", bindIgnErr(auth.CreateLabelForm{}), repo.NewLabel)
-			m.Post("/labels/edit", bindIgnErr(auth.CreateLabelForm{}), repo.UpdateLabel)
-			m.Post("/labels/delete", repo.DeleteLabel)
-			m.Get("/milestones/new", repo.NewMilestone)
-			m.Post("/milestones/new", bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
-			m.Get("/milestones/:index/edit", repo.UpdateMilestone)
-			m.Post("/milestones/:index/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.UpdateMilestonePost)
-			m.Get("/milestones/:index/:action", repo.UpdateMilestone)
 		})
+		m.Group("/labels", func() {
+			m.Post("/new", bindIgnErr(auth.CreateLabelForm{}), repo.NewLabel)
+			m.Post("/edit", bindIgnErr(auth.CreateLabelForm{}), repo.UpdateLabel)
+			m.Post("/delete", repo.DeleteLabel)
+		}, reqRepoAdmin)
+		m.Group("/milestones", func() {
+			m.Get("/new", repo.NewMilestone)
+			m.Post("/new", bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
+			m.Get("/:id/edit", repo.EditMilestone)
+			m.Post("/:id/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost)
+			m.Get("/:id/:action", repo.ChangeMilestonStatus)
+			m.Post("/delete", repo.DeleteMilestone)
+		}, reqRepoAdmin)
 
 		m.Post("/comment/:action", repo.Comment)
 
@@ -433,21 +448,19 @@ func runWeb(ctx *cli.Context) {
 			m.Post("/new", bindIgnErr(auth.NewReleaseForm{}), repo.NewReleasePost)
 			m.Get("/edit/:tagname", repo.EditRelease)
 			m.Post("/edit/:tagname", bindIgnErr(auth.EditReleaseForm{}), repo.EditReleasePost)
-		}, middleware.RepoRef())
+		}, reqRepoAdmin, middleware.RepoRef())
 	}, reqSignIn, middleware.RepoAssignment(true))
 
 	m.Group("/:username/:reponame", func() {
 		m.Get("/releases", middleware.RepoRef(), repo.Releases)
-		m.Get("/issues", repo.Issues)
+		m.Get("/issues", repo.RetrieveLabels, repo.Issues)
 		m.Get("/issues/:index", repo.ViewIssue)
-		m.Get("/issues/milestones", repo.Milestones)
+		m.Get("/labels/", repo.RetrieveLabels, repo.Labels)
+		m.Get("/milestones", repo.Milestones)
 		m.Get("/pulls", repo.Pulls)
 		m.Get("/branches", repo.Branches)
 		m.Get("/archive/*", repo.Download)
-		m.Get("/issues2/", repo.Issues2)
 		m.Get("/pulls2/", repo.PullRequest2)
-		m.Get("/labels2/", repo.Labels2)
-		m.Get("/milestone2/", repo.Milestones2)
 
 		m.Group("", func() {
 			m.Get("/src/*", repo.Home)
@@ -460,8 +473,15 @@ func runWeb(ctx *cli.Context) {
 	}, ignSignIn, middleware.RepoAssignment(true))
 
 	m.Group("/:username", func() {
-		m.Get("/:reponame", ignSignIn, middleware.RepoAssignment(true, true), middleware.RepoRef(), repo.Home)
-		m.Any("/:reponame/*", ignSignInAndCsrf, repo.Http)
+		m.Group("/:reponame", func() {
+			m.Get("", repo.Home)
+			m.Get(".git", repo.Home)
+		}, ignSignIn, middleware.RepoAssignment(true, true), middleware.RepoRef())
+
+		m.Group("/:reponame", func() {
+			m.Any("/*", ignSignInAndCsrf, repo.Http)
+			m.Head("/hooks/trigger", repo.TriggerHook)
+		})
 	})
 
 	// robots.txt
author	Don Bowman <don.waterloo@gmail.com>	2015-08-12 21:10:00 +0000
committer	Don Bowman <don.waterloo@gmail.com>	2015-08-12 21:10:00 +0000
commit	1cb46ede1acf4f8527e64fcae7e92672cad764b2 (patch)
tree	fabb54ee5f040be2a4ee5c95f87cb3e9fbf7bdea /cmd
parent	9e6bd31d76aa6d6495a2144466af78773f34d07c (diff)
parent	aede5cdb04fdbf74d9c602062fdece9f408e90f4 (diff)