2014-04-10 22:20:58 +04:00
// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.
2014-05-02 05:21:46 +04:00
package cmd
2014-04-10 22:20:58 +04:00
import (
"fmt"
"os"
"os/exec"
2014-06-29 18:31:46 +04:00
"path/filepath"
2014-04-10 22:20:58 +04:00
"strings"
2014-08-10 02:40:10 +04:00
"time"
2014-04-10 22:20:58 +04:00
2014-07-26 08:24:27 +04:00
"github.com/Unknwon/com"
2014-08-10 02:40:10 +04:00
"github.com/codegangsta/cli"
2014-07-26 08:24:27 +04:00
2014-04-10 22:20:58 +04:00
"github.com/gogits/gogs/models"
2014-06-20 09:14:54 +04:00
"github.com/gogits/gogs/modules/log"
2014-05-26 04:11:25 +04:00
"github.com/gogits/gogs/modules/setting"
2014-06-30 00:30:41 +04:00
"github.com/gogits/gogs/modules/uuid"
2014-04-10 22:20:58 +04:00
)
2015-02-16 17:38:01 +03:00
const (
2015-03-01 06:24:53 +03:00
_ACCESS_DENIED_MESSAGE = "Repository does not exist or you do not have access"
2015-02-16 17:38:01 +03:00
)
2014-04-10 22:20:58 +04:00
var CmdServ = cli . Command {
2014-05-05 08:55:17 +04:00
Name : "serv" ,
Usage : "This command should only be called by SSH shell" ,
Description : ` Serv provide access auth for repositories ` ,
Action : runServ ,
2015-02-05 13:12:37 +03:00
Flags : [ ] cli . Flag {
2015-02-09 05:26:14 +03:00
cli . StringFlag { "config, c" , "custom/conf/app.ini" , "Custom configuration file path" , "" } ,
2015-02-05 13:12:37 +03:00
} ,
2014-04-10 22:20:58 +04:00
}
2014-05-22 05:37:13 +04:00
func setup ( logPath string ) {
2014-05-26 04:11:25 +04:00
setting . NewConfigContext ( )
2014-06-29 18:31:46 +04:00
log . NewGitLogger ( filepath . Join ( setting . LogRootPath , logPath ) )
2015-02-07 18:46:57 +03:00
if setting . DisableSSH {
println ( "Gogs: SSH has been disabled" )
os . Exit ( 1 )
}
2014-05-22 05:37:13 +04:00
models . LoadModelsConfig ( )
2015-02-12 05:58:37 +03:00
if setting . UseSQLite3 {
2014-06-20 09:14:54 +04:00
workDir , _ := setting . WorkDir ( )
2014-05-26 04:11:25 +04:00
os . Chdir ( workDir )
2014-05-22 05:37:13 +04:00
}
models . SetEngine ( )
}
2014-04-10 22:20:58 +04:00
func parseCmd ( cmd string ) ( string , string ) {
ss := strings . SplitN ( cmd , " " , 2 )
if len ( ss ) != 2 {
return "" , ""
}
2015-02-16 17:38:01 +03:00
return ss [ 0 ] , strings . Replace ( ss [ 1 ] , "'/" , "'" , 1 )
2014-04-10 22:20:58 +04:00
}
2014-05-22 05:37:13 +04:00
var (
2015-02-16 17:38:01 +03:00
COMMANDS = map [ string ] models . AccessMode {
"git-upload-pack" : models . ACCESS_MODE_READ ,
2015-03-01 06:24:53 +03:00
"git upload-pack" : models . ACCESS_MODE_READ ,
2015-02-16 17:38:01 +03:00
"git-upload-archive" : models . ACCESS_MODE_READ ,
"git-receive-pack" : models . ACCESS_MODE_WRITE ,
2015-03-01 06:24:53 +03:00
"git receive-pack" : models . ACCESS_MODE_WRITE ,
2014-05-22 05:37:13 +04:00
}
)
2015-02-13 08:58:46 +03:00
func runServ ( c * cli . Context ) {
if c . IsSet ( "config" ) {
setting . CustomConf = c . String ( "config" )
2015-02-05 13:12:37 +03:00
}
2014-06-20 09:14:54 +04:00
setup ( "serv.log" )
2014-04-10 22:20:58 +04:00
2015-02-16 17:38:01 +03:00
fail := func ( userMessage , logMessage string , args ... interface { } ) {
fmt . Fprintln ( os . Stderr , "Gogs: " , userMessage )
log . GitLogger . Fatal ( 2 , logMessage , args ... )
}
2015-02-13 08:58:46 +03:00
if len ( c . Args ( ) ) < 1 {
2015-02-16 17:38:01 +03:00
fail ( "Not enough arguments" , "Not enough arugments" )
2015-02-09 13:32:42 +03:00
}
2015-02-16 17:38:01 +03:00
2015-02-13 08:58:46 +03:00
keys := strings . Split ( c . Args ( ) [ 0 ] , "-" )
2014-04-10 22:20:58 +04:00
if len ( keys ) != 2 {
2015-02-16 17:38:01 +03:00
fail ( "key-id format error" , "Invalid key id: %s" , c . Args ( ) [ 0 ] )
2014-04-10 22:20:58 +04:00
}
2014-07-26 08:24:27 +04:00
keyId , err := com . StrTo ( keys [ 1 ] ) . Int64 ( )
2014-04-10 22:20:58 +04:00
if err != nil {
2015-02-16 17:38:01 +03:00
fail ( "key-id format error" , "Invalid key id: %s" , err )
2014-04-10 22:20:58 +04:00
}
2015-02-16 17:38:01 +03:00
2014-04-10 22:20:58 +04:00
user , err := models . GetUserByKeyId ( keyId )
if err != nil {
2015-02-16 17:38:01 +03:00
fail ( "internal error" , "Fail to get user by key ID(%d): %v" , keyId , err )
2014-04-10 22:20:58 +04:00
}
cmd := os . Getenv ( "SSH_ORIGINAL_COMMAND" )
if cmd == "" {
println ( "Hi" , user . Name , "! You've successfully authenticated, but Gogs does not provide shell access." )
2015-02-16 17:38:01 +03:00
if user . IsAdmin {
println ( "If this is unexpected, please log in with password and setup Gogs under another user." )
}
2014-04-10 22:20:58 +04:00
return
}
verb , args := parseCmd ( cmd )
repoPath := strings . Trim ( args , "'" )
rr := strings . SplitN ( repoPath , "/" , 2 )
if len ( rr ) != 2 {
2015-02-16 17:38:01 +03:00
fail ( "Invalid repository path" , "Invalide repository path: %v" , args )
2014-04-10 22:20:58 +04:00
}
repoUserName := rr [ 0 ]
2014-04-12 05:47:39 +04:00
repoName := strings . TrimSuffix ( rr [ 1 ] , ".git" )
2014-04-10 22:20:58 +04:00
repoUser , err := models . GetUserByName ( repoUserName )
if err != nil {
2014-05-22 05:37:13 +04:00
if err == models . ErrUserNotExist {
2015-02-16 17:38:01 +03:00
fail ( "Repository owner does not exist" , "Unregistered owner: %s" , repoUserName )
2014-05-22 05:37:13 +04:00
}
2015-02-16 17:38:01 +03:00
fail ( "Internal error" , "Fail to get repository owner(%s): %v" , repoUserName , err )
2014-04-10 22:20:58 +04:00
}
2015-02-05 16:29:08 +03:00
repo , err := models . GetRepositoryByName ( repoUser . Id , repoName )
if err != nil {
if err == models . ErrRepoNotExist {
2015-02-16 17:38:01 +03:00
if user . Id == repoUser . Id || repoUser . IsOwnedBy ( user . Id ) {
fail ( "Repository does not exist" , "Repository does not exist: %s/%s" , repoUser . Name , repoName )
} else {
2015-03-01 06:24:53 +03:00
fail ( _ACCESS_DENIED_MESSAGE , "Repository does not exist: %s/%s" , repoUser . Name , repoName )
2015-02-16 17:38:01 +03:00
}
2015-02-05 16:29:08 +03:00
}
2015-02-16 17:38:01 +03:00
fail ( "Internal error" , "Fail to get repository: %v" , err )
2015-02-05 16:29:08 +03:00
}
2015-02-16 17:38:01 +03:00
requestedMode , has := COMMANDS [ verb ]
if ! has {
fail ( "Unknown git command" , "Unknown git command %s" , verb )
}
2014-04-10 22:20:58 +04:00
2015-02-16 17:38:01 +03:00
mode , err := models . AccessLevel ( user , repo )
if err != nil {
2015-03-01 06:24:53 +03:00
fail ( "Internal error" , "Fail to check access: %v" , err )
2015-02-16 17:38:01 +03:00
} else if mode < requestedMode {
2015-03-01 06:24:53 +03:00
clientMessage := _ACCESS_DENIED_MESSAGE
2015-02-16 17:38:01 +03:00
if mode >= models . ACCESS_MODE_READ {
clientMessage = "You do not have sufficient authorization for this action"
2014-04-10 22:20:58 +04:00
}
2015-02-16 17:38:01 +03:00
fail ( clientMessage ,
"User %s does not have level %v access to repository %s" ,
user . Name , requestedMode , repoPath )
2014-04-10 22:20:58 +04:00
}
2014-06-28 19:56:41 +04:00
uuid := uuid . NewV4 ( ) . String ( )
os . Setenv ( "uuid" , uuid )
2014-04-10 22:20:58 +04:00
2014-10-01 15:40:48 +04:00
var gitcmd * exec . Cmd
verbs := strings . Split ( verb , " " )
if len ( verbs ) == 2 {
gitcmd = exec . Command ( verbs [ 0 ] , verbs [ 1 ] , repoPath )
} else {
gitcmd = exec . Command ( verb , repoPath )
}
2014-05-26 04:11:25 +04:00
gitcmd . Dir = setting . RepoRootPath
2014-04-10 22:20:58 +04:00
gitcmd . Stdout = os . Stdout
gitcmd . Stdin = os . Stdin
gitcmd . Stderr = os . Stderr
2014-07-26 08:24:27 +04:00
if err = gitcmd . Run ( ) ; err != nil {
2015-02-16 17:38:01 +03:00
fail ( "Internal error" , "Fail to execute git command: %v" , err )
2014-04-10 22:20:58 +04:00
}
2014-06-28 19:56:41 +04:00
2015-02-16 17:38:01 +03:00
if requestedMode == models . ACCESS_MODE_WRITE {
2014-06-28 19:56:41 +04:00
tasks , err := models . GetUpdateTasksByUuid ( uuid )
if err != nil {
2014-08-10 02:40:10 +04:00
log . GitLogger . Fatal ( 2 , "GetUpdateTasksByUuid: %v" , err )
2014-06-28 19:56:41 +04:00
}
for _ , task := range tasks {
err = models . Update ( task . RefName , task . OldCommitId , task . NewCommitId ,
user . Name , repoUserName , repoName , user . Id )
if err != nil {
2014-08-10 02:40:10 +04:00
log . GitLogger . Error ( 2 , "Fail to update: %v" , err )
2014-06-28 19:56:41 +04:00
}
}
2014-07-26 08:24:27 +04:00
if err = models . DelUpdateTasksByUuid ( uuid ) ; err != nil {
2014-08-10 02:40:10 +04:00
log . GitLogger . Fatal ( 2 , "DelUpdateTasksByUuid: %v" , err )
2014-06-28 19:56:41 +04:00
}
}
2014-08-10 02:40:10 +04:00
// Update key activity.
key , err := models . GetPublicKeyById ( keyId )
if err != nil {
2015-02-16 17:38:01 +03:00
fail ( "Internal error" , "GetPublicKeyById: %v" , err )
2014-08-10 02:40:10 +04:00
}
key . Updated = time . Now ( )
if err = models . UpdatePublicKey ( key ) ; err != nil {
2015-02-16 17:38:01 +03:00
fail ( "Internal error" , "UpdatePublicKey: %v" , err )
2014-08-10 02:40:10 +04:00
}
2014-04-10 22:20:58 +04:00
}
