Merge pull request '[FEAT] Restrict file size of blame operation' (#2395) from gusted/forgejo-blame-restrict into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2395 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
This commit is contained in:
commit
bc8d61d12e
@ -16,6 +16,7 @@ import (
|
|||||||
"code.gitea.io/gitea/modules/git"
|
"code.gitea.io/gitea/modules/git"
|
||||||
"code.gitea.io/gitea/modules/highlight"
|
"code.gitea.io/gitea/modules/highlight"
|
||||||
"code.gitea.io/gitea/modules/log"
|
"code.gitea.io/gitea/modules/log"
|
||||||
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/templates"
|
"code.gitea.io/gitea/modules/templates"
|
||||||
"code.gitea.io/gitea/modules/timeutil"
|
"code.gitea.io/gitea/modules/timeutil"
|
||||||
"code.gitea.io/gitea/modules/util"
|
"code.gitea.io/gitea/modules/util"
|
||||||
@ -69,6 +70,14 @@ func RefBlame(ctx *context.Context) {
|
|||||||
ctx.Data["FileSize"] = blob.Size()
|
ctx.Data["FileSize"] = blob.Size()
|
||||||
ctx.Data["FileName"] = blob.Name()
|
ctx.Data["FileName"] = blob.Name()
|
||||||
|
|
||||||
|
// Do not display a blame view if the size of the file is
|
||||||
|
// larger than what is configured as the maximum.
|
||||||
|
if blob.Size() >= setting.UI.MaxDisplayFileSize {
|
||||||
|
ctx.Data["IsFileTooLarge"] = true
|
||||||
|
ctx.HTML(http.StatusOK, tplRepoHome)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
ctx.Data["NumLinesSet"] = true
|
ctx.Data["NumLinesSet"] = true
|
||||||
ctx.Data["NumLines"], err = blob.GetBlobLineCount()
|
ctx.Data["NumLines"], err = blob.GetBlobLineCount()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -30,6 +30,15 @@
|
|||||||
</h4>
|
</h4>
|
||||||
<div class="ui attached table unstackable segment">
|
<div class="ui attached table unstackable segment">
|
||||||
<div class="file-view code-view unicode-escaped">
|
<div class="file-view code-view unicode-escaped">
|
||||||
|
{{if .IsFileTooLarge}}
|
||||||
|
<table>
|
||||||
|
<tbody>
|
||||||
|
<tr>
|
||||||
|
<td class="gt-text-center gt-p-1"><strong>{{ctx.Locale.Tr "repo.file_too_large"}}</strong></td>
|
||||||
|
</tr>
|
||||||
|
</tbody>
|
||||||
|
</table>
|
||||||
|
{{else}}
|
||||||
<table>
|
<table>
|
||||||
<tbody>
|
<tbody>
|
||||||
{{range $row := .BlameRows}}
|
{{range $row := .BlameRows}}
|
||||||
@ -75,6 +84,7 @@
|
|||||||
{{end}}
|
{{end}}
|
||||||
</tbody>
|
</tbody>
|
||||||
</table>
|
</table>
|
||||||
|
{{end}}
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
@ -15,13 +15,16 @@ import (
|
|||||||
repo_model "code.gitea.io/gitea/models/repo"
|
repo_model "code.gitea.io/gitea/models/repo"
|
||||||
unit_model "code.gitea.io/gitea/models/unit"
|
unit_model "code.gitea.io/gitea/models/unit"
|
||||||
"code.gitea.io/gitea/models/unittest"
|
"code.gitea.io/gitea/models/unittest"
|
||||||
|
"code.gitea.io/gitea/modules/git"
|
||||||
"code.gitea.io/gitea/modules/setting"
|
"code.gitea.io/gitea/modules/setting"
|
||||||
"code.gitea.io/gitea/modules/test"
|
"code.gitea.io/gitea/modules/test"
|
||||||
|
"code.gitea.io/gitea/modules/translation"
|
||||||
repo_service "code.gitea.io/gitea/services/repository"
|
repo_service "code.gitea.io/gitea/services/repository"
|
||||||
"code.gitea.io/gitea/tests"
|
"code.gitea.io/gitea/tests"
|
||||||
|
|
||||||
"github.com/PuerkitoBio/goquery"
|
"github.com/PuerkitoBio/goquery"
|
||||||
"github.com/stretchr/testify/assert"
|
"github.com/stretchr/testify/assert"
|
||||||
|
"github.com/stretchr/testify/require"
|
||||||
)
|
)
|
||||||
|
|
||||||
func TestViewRepo(t *testing.T) {
|
func TestViewRepo(t *testing.T) {
|
||||||
@ -447,17 +450,61 @@ func TestBlameFileInRepo(t *testing.T) {
|
|||||||
|
|
||||||
session := loginUser(t, "user2")
|
session := loginUser(t, "user2")
|
||||||
|
|
||||||
req := NewRequest(t, "GET", "/user2/repo1/blame/branch/master/README.md")
|
t.Run("Assert", func(t *testing.T) {
|
||||||
resp := session.MakeRequest(t, req, http.StatusOK)
|
defer tests.PrintCurrentTest(t)()
|
||||||
|
|
||||||
htmlDoc := NewHTMLParser(t, resp.Body)
|
req := NewRequest(t, "GET", "/user2/repo1/blame/branch/master/README.md")
|
||||||
description := htmlDoc.doc.Find("#repo-desc")
|
resp := session.MakeRequest(t, req, http.StatusOK)
|
||||||
repoTopics := htmlDoc.doc.Find("#repo-topics")
|
|
||||||
repoSummary := htmlDoc.doc.Find(".repository-summary")
|
|
||||||
|
|
||||||
assert.EqualValues(t, 0, description.Length())
|
htmlDoc := NewHTMLParser(t, resp.Body)
|
||||||
assert.EqualValues(t, 0, repoTopics.Length())
|
description := htmlDoc.doc.Find("#repo-desc")
|
||||||
assert.EqualValues(t, 0, repoSummary.Length())
|
repoTopics := htmlDoc.doc.Find("#repo-topics")
|
||||||
|
repoSummary := htmlDoc.doc.Find(".repository-summary")
|
||||||
|
|
||||||
|
assert.EqualValues(t, 0, description.Length())
|
||||||
|
assert.EqualValues(t, 0, repoTopics.Length())
|
||||||
|
assert.EqualValues(t, 0, repoSummary.Length())
|
||||||
|
})
|
||||||
|
|
||||||
|
t.Run("File size", func(t *testing.T) {
|
||||||
|
defer tests.PrintCurrentTest(t)()
|
||||||
|
|
||||||
|
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 1})
|
||||||
|
gitRepo, err := git.OpenRepository(git.DefaultContext, repo.RepoPath())
|
||||||
|
require.NoError(t, err)
|
||||||
|
defer gitRepo.Close()
|
||||||
|
|
||||||
|
commit, err := gitRepo.GetCommit("HEAD")
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
blob, err := commit.GetBlobByPath("README.md")
|
||||||
|
require.NoError(t, err)
|
||||||
|
|
||||||
|
fileSize := blob.Size()
|
||||||
|
require.NotZero(t, fileSize)
|
||||||
|
|
||||||
|
t.Run("Above maximum", func(t *testing.T) {
|
||||||
|
defer tests.PrintCurrentTest(t)()
|
||||||
|
defer test.MockVariableValue(&setting.UI.MaxDisplayFileSize, fileSize)()
|
||||||
|
|
||||||
|
req := NewRequest(t, "GET", "/user2/repo1/blame/branch/master/README.md")
|
||||||
|
resp := session.MakeRequest(t, req, http.StatusOK)
|
||||||
|
|
||||||
|
htmlDoc := NewHTMLParser(t, resp.Body)
|
||||||
|
assert.Contains(t, htmlDoc.Find(".code-view").Text(), translation.NewLocale("en-US").Tr("repo.file_too_large"))
|
||||||
|
})
|
||||||
|
|
||||||
|
t.Run("Under maximum", func(t *testing.T) {
|
||||||
|
defer tests.PrintCurrentTest(t)()
|
||||||
|
defer test.MockVariableValue(&setting.UI.MaxDisplayFileSize, fileSize+1)()
|
||||||
|
|
||||||
|
req := NewRequest(t, "GET", "/user2/repo1/blame/branch/master/README.md")
|
||||||
|
resp := session.MakeRequest(t, req, http.StatusOK)
|
||||||
|
|
||||||
|
htmlDoc := NewHTMLParser(t, resp.Body)
|
||||||
|
assert.NotContains(t, htmlDoc.Find(".code-view").Text(), translation.NewLocale("en-US").Tr("repo.file_too_large"))
|
||||||
|
})
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
// TestViewRepoDirectory repo description, topics and summary should not be displayed when within a directory
|
// TestViewRepoDirectory repo description, topics and summary should not be displayed when within a directory
|
||||||
|
Loading…
Reference in New Issue
Block a user