| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464 | // Copyright 2014 The Gogs Authors. All rights reserved.// Use of this source code is governed by a MIT-style// license that can be found in the LICENSE file.package contextimport (	"bytes"	"fmt"	"net/url"	"strings"	"github.com/editorconfig/editorconfig-core-go/v2"	"github.com/pkg/errors"	"gopkg.in/macaron.v1"	"github.com/gogs/git-module"	"gogs.io/gogs/internal/conf"	"gogs.io/gogs/internal/db")type PullRequest struct {	BaseRepo *db.Repository	Allowed  bool	SameRepo bool	HeadInfo string // [<user>:]<branch>}type Repository struct {	AccessMode   db.AccessMode	IsWatching   bool	IsViewBranch bool	IsViewTag    bool	IsViewCommit bool	Repository   *db.Repository	Owner        *db.User	Commit       *git.Commit	Tag          *git.Tag	GitRepo      *git.Repository	BranchName   string	TagName      string	TreePath     string	CommitID     string	RepoLink     string	CloneLink    db.CloneLink	CommitsCount int64	Mirror       *db.Mirror	PullRequest *PullRequest}// IsOwner returns true if current user is the owner of repository.func (r *Repository) IsOwner() bool {	return r.AccessMode >= db.AccessModeOwner}// IsAdmin returns true if current user has admin or higher access of repository.func (r *Repository) IsAdmin() bool {	return r.AccessMode >= db.AccessModeAdmin}// IsWriter returns true if current user has write or higher access of repository.func (r *Repository) IsWriter() bool {	return r.AccessMode >= db.AccessModeWrite}// HasAccess returns true if the current user has at least read access for this repositoryfunc (r *Repository) HasAccess() bool {	return r.AccessMode >= db.AccessModeRead}// CanEnableEditor returns true if repository is editable and user has proper access level.func (r *Repository) CanEnableEditor() bool {	return r.Repository.CanEnableEditor() && r.IsViewBranch && r.IsWriter() && !r.Repository.IsBranchRequirePullRequest(r.BranchName)}// Editorconfig returns the ".editorconfig" definition if found in the HEAD of the default branch.func (r *Repository) Editorconfig() (*editorconfig.Editorconfig, error) {	commit, err := r.GitRepo.BranchCommit(r.Repository.DefaultBranch)	if err != nil {		return nil, errors.Wrapf(err, "get commit of branch %q ", r.Repository.DefaultBranch)	}	entry, err := commit.TreeEntry(".editorconfig")	if err != nil {		return nil, errors.Wrap(err, "get .editorconfig")	}	p, err := entry.Blob().Bytes()	if err != nil {		return nil, errors.Wrap(err, "read .editorconfig")	}	return editorconfig.Parse(bytes.NewReader(p))}// MakeURL accepts a string or url.URL as argument and returns escaped URL prepended with repository URL.func (r *Repository) MakeURL(location interface{}) string {	switch location := location.(type) {	case string:		tempURL := url.URL{			Path: r.RepoLink + "/" + location,		}		return tempURL.String()	case url.URL:		location.Path = r.RepoLink + "/" + location.Path		return location.String()	default:		panic("location type must be either string or url.URL")	}}// PullRequestURL returns URL for composing a pull request.// This function does not check if the repository can actually compose a pull request.func (r *Repository) PullRequestURL(baseBranch, headBranch string) string {	repoLink := r.RepoLink	if r.PullRequest.BaseRepo != nil {		repoLink = r.PullRequest.BaseRepo.Link()	}	return fmt.Sprintf("%s/compare/%s...%s:%s", repoLink, baseBranch, r.Owner.Name, headBranch)}// [0]: issues, [1]: wikifunc RepoAssignment(pages ...bool) macaron.Handler {	return func(c *Context) {		var (			owner        *db.User			err          error			isIssuesPage bool			isWikiPage   bool		)		if len(pages) > 0 {			isIssuesPage = pages[0]		}		if len(pages) > 1 {			isWikiPage = pages[1]		}		ownerName := c.Params(":username")		repoName := strings.TrimSuffix(c.Params(":reponame"), ".git")		// Check if the user is the same as the repository owner		if c.IsLogged && c.User.LowerName == strings.ToLower(ownerName) {			owner = c.User		} else {			owner, err = db.GetUserByName(ownerName)			if err != nil {				c.NotFoundOrError(err, "get user by name")				return			}		}		c.Repo.Owner = owner		c.Data["Username"] = c.Repo.Owner.Name		repo, err := db.GetRepositoryByName(owner.ID, repoName)		if err != nil {			c.NotFoundOrError(err, "get repository by name")			return		}		c.Repo.Repository = repo		c.Data["RepoName"] = c.Repo.Repository.Name		c.Data["IsBareRepo"] = c.Repo.Repository.IsBare		c.Repo.RepoLink = repo.Link()		c.Data["RepoLink"] = c.Repo.RepoLink		c.Data["RepoRelPath"] = c.Repo.Owner.Name + "/" + c.Repo.Repository.Name		// Admin has super access		if c.IsLogged && c.User.IsAdmin {			c.Repo.AccessMode = db.AccessModeOwner		} else {			c.Repo.AccessMode = db.Perms.AccessMode(c.Req.Context(), c.UserID(), repo.ID,				db.AccessModeOptions{					OwnerID: repo.OwnerID,					Private: repo.IsPrivate,				},			)		}		// If the authenticated user has no direct access, see if the repository is a fork		// and whether the user has access to the base repository.		if c.Repo.AccessMode == db.AccessModeNone && repo.BaseRepo != nil {			mode := db.Perms.AccessMode(c.Req.Context(), c.UserID(), repo.BaseRepo.ID,				db.AccessModeOptions{					OwnerID: repo.BaseRepo.OwnerID,					Private: repo.BaseRepo.IsPrivate,				},			)			// Users shouldn't have indirect access level higher than write.			if mode > db.AccessModeWrite {				mode = db.AccessModeWrite			}			c.Repo.AccessMode = mode		}		// Check access		if c.Repo.AccessMode == db.AccessModeNone {			// Redirect to any accessible page if not yet on it			if repo.IsPartialPublic() &&				(!(isIssuesPage || isWikiPage) ||					(isIssuesPage && !repo.CanGuestViewIssues()) ||					(isWikiPage && !repo.CanGuestViewWiki())) {				switch {				case repo.CanGuestViewIssues():					c.Redirect(repo.Link() + "/issues")				case repo.CanGuestViewWiki():					c.Redirect(repo.Link() + "/wiki")				default:					c.NotFound()				}				return			}			// Response 404 if user is on completely private repository or possible accessible page but owner doesn't enabled			if !repo.IsPartialPublic() ||				(isIssuesPage && !repo.CanGuestViewIssues()) ||				(isWikiPage && !repo.CanGuestViewWiki()) {				c.NotFound()				return			}			c.Repo.Repository.EnableIssues = repo.CanGuestViewIssues()			c.Repo.Repository.EnableWiki = repo.CanGuestViewWiki()		}		if repo.IsMirror {			c.Repo.Mirror, err = db.GetMirrorByRepoID(repo.ID)			if err != nil {				c.Error(err, "get mirror by repository ID")				return			}			c.Data["MirrorEnablePrune"] = c.Repo.Mirror.EnablePrune			c.Data["MirrorInterval"] = c.Repo.Mirror.Interval			c.Data["Mirror"] = c.Repo.Mirror		}		gitRepo, err := git.Open(db.RepoPath(ownerName, repoName))		if err != nil {			c.Error(err, "open repository")			return		}		c.Repo.GitRepo = gitRepo		tags, err := c.Repo.GitRepo.Tags()		if err != nil {			c.Error(err, "get tags")			return		}		c.Data["Tags"] = tags		c.Repo.Repository.NumTags = len(tags)		c.Data["Title"] = owner.Name + "/" + repo.Name		c.Data["Repository"] = repo		c.Data["Owner"] = c.Repo.Repository.Owner		c.Data["IsRepositoryOwner"] = c.Repo.IsOwner()		c.Data["IsRepositoryAdmin"] = c.Repo.IsAdmin()		c.Data["IsRepositoryWriter"] = c.Repo.IsWriter()		c.Data["DisableSSH"] = conf.SSH.Disabled		c.Data["DisableHTTP"] = conf.Repository.DisableHTTPGit		c.Data["CloneLink"] = repo.CloneLink()		c.Data["WikiCloneLink"] = repo.WikiCloneLink()		if c.IsLogged {			c.Data["IsWatchingRepo"] = db.IsWatching(c.User.ID, repo.ID)			c.Data["IsStaringRepo"] = db.IsStaring(c.User.ID, repo.ID)		}		// repo is bare and display enable		if c.Repo.Repository.IsBare {			return		}		c.Data["TagName"] = c.Repo.TagName		branches, err := c.Repo.GitRepo.Branches()		if err != nil {			c.Error(err, "get branches")			return		}		c.Data["Branches"] = branches		c.Data["BranchCount"] = len(branches)		// If not branch selected, try default one.		// If default branch doesn't exists, fall back to some other branch.		if c.Repo.BranchName == "" {			if len(c.Repo.Repository.DefaultBranch) > 0 && gitRepo.HasBranch(c.Repo.Repository.DefaultBranch) {				c.Repo.BranchName = c.Repo.Repository.DefaultBranch			} else if len(branches) > 0 {				c.Repo.BranchName = branches[0]			}		}		c.Data["BranchName"] = c.Repo.BranchName		c.Data["CommitID"] = c.Repo.CommitID		c.Data["IsGuest"] = !c.Repo.HasAccess()	}}// RepoRef handles repository reference name including those contain `/`.func RepoRef() macaron.Handler {	return func(c *Context) {		// Empty repository does not have reference information.		if c.Repo.Repository.IsBare {			return		}		var (			refName string			err     error		)		// For API calls.		if c.Repo.GitRepo == nil {			repoPath := db.RepoPath(c.Repo.Owner.Name, c.Repo.Repository.Name)			c.Repo.GitRepo, err = git.Open(repoPath)			if err != nil {				c.Error(err, "open repository")				return			}		}		// Get default branch.		if c.Params("*") == "" {			refName = c.Repo.Repository.DefaultBranch			if !c.Repo.GitRepo.HasBranch(refName) {				branches, err := c.Repo.GitRepo.Branches()				if err != nil {					c.Error(err, "get branches")					return				}				refName = branches[0]			}			c.Repo.Commit, err = c.Repo.GitRepo.BranchCommit(refName)			if err != nil {				c.Error(err, "get branch commit")				return			}			c.Repo.CommitID = c.Repo.Commit.ID.String()			c.Repo.IsViewBranch = true		} else {			hasMatched := false			parts := strings.Split(c.Params("*"), "/")			for i, part := range parts {				refName = strings.TrimPrefix(refName+"/"+part, "/")				if c.Repo.GitRepo.HasBranch(refName) ||					c.Repo.GitRepo.HasTag(refName) {					if i < len(parts)-1 {						c.Repo.TreePath = strings.Join(parts[i+1:], "/")					}					hasMatched = true					break				}			}			if !hasMatched && len(parts[0]) == 40 {				refName = parts[0]				c.Repo.TreePath = strings.Join(parts[1:], "/")			}			if c.Repo.GitRepo.HasBranch(refName) {				c.Repo.IsViewBranch = true				c.Repo.Commit, err = c.Repo.GitRepo.BranchCommit(refName)				if err != nil {					c.Error(err, "get branch commit")					return				}				c.Repo.CommitID = c.Repo.Commit.ID.String()			} else if c.Repo.GitRepo.HasTag(refName) {				c.Repo.IsViewTag = true				c.Repo.Commit, err = c.Repo.GitRepo.TagCommit(refName)				if err != nil {					c.Error(err, "get tag commit")					return				}				c.Repo.CommitID = c.Repo.Commit.ID.String()			} else if len(refName) == 40 {				c.Repo.IsViewCommit = true				c.Repo.CommitID = refName				c.Repo.Commit, err = c.Repo.GitRepo.CatFileCommit(refName)				if err != nil {					c.NotFound()					return				}			} else {				c.NotFound()				return			}		}		c.Repo.BranchName = refName		c.Data["BranchName"] = c.Repo.BranchName		c.Data["CommitID"] = c.Repo.CommitID		c.Data["TreePath"] = c.Repo.TreePath		c.Data["IsViewBranch"] = c.Repo.IsViewBranch		c.Data["IsViewTag"] = c.Repo.IsViewTag		c.Data["IsViewCommit"] = c.Repo.IsViewCommit		// People who have push access or have forked repository can propose a new pull request.		if c.Repo.IsWriter() || (c.IsLogged && c.User.HasForkedRepo(c.Repo.Repository.ID)) {			// Pull request is allowed if this is a fork repository			// and base repository accepts pull requests.			if c.Repo.Repository.BaseRepo != nil {				if c.Repo.Repository.BaseRepo.AllowsPulls() {					c.Repo.PullRequest.Allowed = true					// In-repository pull requests has higher priority than cross-repository if user is viewing					// base repository and 1) has write access to it 2) has forked it.					if c.Repo.IsWriter() {						c.Data["BaseRepo"] = c.Repo.Repository.BaseRepo						c.Repo.PullRequest.BaseRepo = c.Repo.Repository.BaseRepo						c.Repo.PullRequest.HeadInfo = c.Repo.Owner.Name + ":" + c.Repo.BranchName					} else {						c.Data["BaseRepo"] = c.Repo.Repository						c.Repo.PullRequest.BaseRepo = c.Repo.Repository						c.Repo.PullRequest.HeadInfo = c.User.Name + ":" + c.Repo.BranchName					}				}			} else {				// Or, this is repository accepts pull requests between branches.				if c.Repo.Repository.AllowsPulls() {					c.Data["BaseRepo"] = c.Repo.Repository					c.Repo.PullRequest.BaseRepo = c.Repo.Repository					c.Repo.PullRequest.Allowed = true					c.Repo.PullRequest.SameRepo = true					c.Repo.PullRequest.HeadInfo = c.Repo.BranchName				}			}		}		c.Data["PullRequestCtx"] = c.Repo.PullRequest	}}func RequireRepoAdmin() macaron.Handler {	return func(c *Context) {		if !c.IsLogged || (!c.Repo.IsAdmin() && !c.User.IsAdmin) {			c.NotFound()			return		}	}}func RequireRepoWriter() macaron.Handler {	return func(c *Context) {		if !c.IsLogged || (!c.Repo.IsWriter() && !c.User.IsAdmin) {			c.NotFound()			return		}	}}// GitHookService checks if repository Git hooks service has been enabled.func GitHookService() macaron.Handler {	return func(c *Context) {		if !c.User.CanEditGitHook() {			c.NotFound()			return		}	}}
 |