2014-03-15 15:01:50 +04:00
// Copyright 2014 The Gogs Authors. All rights reserved.
2020-01-10 00:34:25 +03:00
// Copyright 2020 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2014-03-15 15:01:50 +04:00
2016-03-11 19:56:52 +03:00
package context
2014-03-15 15:01:50 +04:00
import (
2023-08-08 04:22:47 +03:00
"context"
2024-02-18 20:39:04 +03:00
"encoding/hex"
2024-02-15 00:48:45 +03:00
"fmt"
2014-03-22 21:44:02 +04:00
"html/template"
2014-04-15 20:27:29 +04:00
"io"
2014-03-15 15:01:50 +04:00
"net/http"
2018-03-16 00:13:34 +03:00
"net/url"
2014-03-23 00:40:09 +04:00
"strings"
2014-03-19 17:57:55 +04:00
"time"
2014-03-15 15:01:50 +04:00
2021-11-09 22:57:58 +03:00
"code.gitea.io/gitea/models/unit"
2021-11-24 12:49:20 +03:00
user_model "code.gitea.io/gitea/models/user"
2024-04-13 11:38:44 +03:00
"code.gitea.io/gitea/modules/cache"
Simplify how git repositories are opened (#28937)
## Purpose
This is a refactor toward building an abstraction over managing git
repositories.
Afterwards, it does not matter anymore if they are stored on the local
disk or somewhere remote.
## What this PR changes
We used `git.OpenRepository` everywhere previously.
Now, we should split them into two distinct functions:
Firstly, there are temporary repositories which do not change:
```go
git.OpenRepository(ctx, diskPath)
```
Gitea managed repositories having a record in the database in the
`repository` table are moved into the new package `gitrepo`:
```go
gitrepo.OpenRepository(ctx, repo_model.Repo)
```
Why is `repo_model.Repository` the second parameter instead of file
path?
Because then we can easily adapt our repository storage strategy.
The repositories can be stored locally, however, they could just as well
be stored on a remote server.
## Further changes in other PRs
- A Git Command wrapper on package `gitrepo` could be created. i.e.
`NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir:
repo.RepoPath()}`, the directory should be empty before invoking this
method and it can be filled in the function only. #28940
- Remove the `RepoPath()`/`WikiPath()` functions to reduce the
possibility of mistakes.
---------
Co-authored-by: delvh <dev.lh@web.de>
2024-01-27 23:09:51 +03:00
"code.gitea.io/gitea/modules/gitrepo"
2022-07-23 09:38:03 +03:00
"code.gitea.io/gitea/modules/httpcache"
2024-04-25 14:22:32 +03:00
"code.gitea.io/gitea/modules/session"
2016-11-10 19:24:48 +03:00
"code.gitea.io/gitea/modules/setting"
2021-01-26 18:36:53 +03:00
"code.gitea.io/gitea/modules/templates"
"code.gitea.io/gitea/modules/translation"
2023-06-18 10:59:09 +03:00
"code.gitea.io/gitea/modules/web"
2021-01-30 11:55:53 +03:00
"code.gitea.io/gitea/modules/web/middleware"
2023-06-18 10:59:09 +03:00
web_types "code.gitea.io/gitea/modules/web/types"
2014-03-15 15:01:50 +04:00
)
2021-01-26 18:36:53 +03:00
// Render represents a template render
type Render interface {
2023-08-08 04:22:47 +03:00
TemplateLookup ( tmpl string , templateCtx context . Context ) ( templates . TemplateExecutor , error )
HTML ( w io . Writer , status int , name string , data any , templateCtx context . Context ) error
2021-01-26 18:36:53 +03:00
}
2014-03-15 17:17:16 +04:00
// Context represents context of a request.
2014-03-15 15:01:50 +04:00
type Context struct {
2023-05-21 04:50:53 +03:00
* Base
2023-05-09 02:30:14 +03:00
2023-08-08 04:22:47 +03:00
TemplateContext TemplateContext
2023-05-21 04:50:53 +03:00
Render Render
PageData map [ string ] any // data used by JavaScript modules in one page, it's `window.config.pageData`
2014-07-26 08:24:27 +04:00
2024-04-13 11:38:44 +03:00
Cache cache . StringCache
2023-05-09 02:30:14 +03:00
Csrf CSRFProtector
Flash * middleware . Flash
Session session . Store
2023-05-21 04:50:53 +03:00
Link string // current request URL (without query string)
Doer * user_model . User // current signed-in user
2014-11-18 19:07:16 +03:00
IsSigned bool
IsBasicAuth bool
2014-03-15 20:03:23 +04:00
2023-05-21 04:50:53 +03:00
ContextUser * user_model . User // the user which is being visited, in most cases it differs from Doer
2014-03-15 15:01:50 +04:00
2023-05-21 04:50:53 +03:00
Repo * Repository
Org * Organization
Package * Package
2022-05-05 17:13:23 +03:00
}
2023-08-08 04:22:47 +03:00
type TemplateContext map [ string ] any
2023-06-18 10:59:09 +03:00
func init ( ) {
web . RegisterResponseStatusProvider [ * Context ] ( func ( req * http . Request ) web_types . ResponseStatusProvider {
return req . Context ( ) . Value ( WebContextKey ) . ( * Context )
} )
}
2023-05-23 04:29:15 +03:00
type webContextKeyType struct { }
2021-12-15 09:59:57 +03:00
2023-05-23 04:29:15 +03:00
var WebContextKey = webContextKeyType { }
2021-01-26 18:36:53 +03:00
2023-05-23 04:29:15 +03:00
func GetWebContext ( req * http . Request ) * Context {
ctx , _ := req . Context ( ) . Value ( WebContextKey ) . ( * Context )
2023-05-21 04:50:53 +03:00
return ctx
2021-01-26 18:36:53 +03:00
}
2023-05-21 04:50:53 +03:00
// ValidateContext is a special context for form validation middleware. It may be different from other contexts.
type ValidateContext struct {
* Base
}
// GetValidateContext gets a context for middleware form validation
func GetValidateContext ( req * http . Request ) ( ctx * ValidateContext ) {
if ctxAPI , ok := req . Context ( ) . Value ( apiContextKey ) . ( * APIContext ) ; ok {
ctx = & ValidateContext { Base : ctxAPI . Base }
2023-05-23 04:29:15 +03:00
} else if ctxWeb , ok := req . Context ( ) . Value ( WebContextKey ) . ( * Context ) ; ok {
2023-05-21 04:50:53 +03:00
ctx = & ValidateContext { Base : ctxWeb . Base }
} else {
panic ( "invalid context, expect either APIContext or Context" )
2023-04-13 22:45:33 +03:00
}
2023-05-21 04:50:53 +03:00
return ctx
2021-01-26 18:36:53 +03:00
}
2023-08-25 14:07:42 +03:00
func NewTemplateContextForWeb ( ctx * Context ) TemplateContext {
tmplCtx := NewTemplateContext ( ctx )
tmplCtx [ "Locale" ] = ctx . Base . Locale
tmplCtx [ "AvatarUtils" ] = templates . NewAvatarUtils ( ctx )
2024-04-14 13:44:11 +03:00
tmplCtx [ "RootData" ] = ctx . Data
2024-04-17 11:31:37 +03:00
tmplCtx [ "Consts" ] = map [ string ] any {
"RepoUnitTypeCode" : unit . TypeCode ,
"RepoUnitTypeIssues" : unit . TypeIssues ,
"RepoUnitTypePullRequests" : unit . TypePullRequests ,
"RepoUnitTypeReleases" : unit . TypeReleases ,
"RepoUnitTypeWiki" : unit . TypeWiki ,
"RepoUnitTypeExternalWiki" : unit . TypeExternalWiki ,
"RepoUnitTypeExternalTracker" : unit . TypeExternalTracker ,
"RepoUnitTypeProjects" : unit . TypeProjects ,
"RepoUnitTypePackages" : unit . TypePackages ,
"RepoUnitTypeActions" : unit . TypeActions ,
}
2023-08-25 14:07:42 +03:00
return tmplCtx
}
func NewWebContext ( base * Base , render Render , session session . Store ) * Context {
ctx := & Context {
Base : base ,
Render : render ,
Session : session ,
2024-04-13 11:38:44 +03:00
Cache : cache . GetCache ( ) ,
2023-08-25 14:07:42 +03:00
Link : setting . AppSubURL + strings . TrimSuffix ( base . Req . URL . EscapedPath ( ) , "/" ) ,
Repo : & Repository { PullRequest : & PullRequest { } } ,
Org : & Organization { } ,
}
ctx . TemplateContext = NewTemplateContextForWeb ( ctx )
ctx . Flash = & middleware . Flash { DataStore : ctx , Values : url . Values { } }
return ctx
}
2023-05-08 12:36:54 +03:00
// Contexter initializes a classic context for a request.
func Contexter ( ) func ( next http . Handler ) http . Handler {
rnd := templates . HTMLRenderer ( )
csrfOpts := CsrfOptions {
2024-02-18 20:39:04 +03:00
Secret : hex . EncodeToString ( setting . GetGeneralTokenSigningSecret ( ) ) ,
2021-01-26 18:36:53 +03:00
Cookie : setting . CSRFCookieName ,
SetCookie : true ,
Secure : setting . SessionConfig . Secure ,
CookieHTTPOnly : setting . CSRFCookieHTTPOnly ,
Header : "X-Csrf-Token" ,
CookieDomain : setting . SessionConfig . Domain ,
CookiePath : setting . SessionConfig . CookiePath ,
2021-03-07 11:12:43 +03:00
SameSite : setting . SessionConfig . SameSite ,
2021-01-26 18:36:53 +03:00
}
2022-04-08 08:21:05 +03:00
if ! setting . IsProd {
CsrfTokenRegenerationInterval = 5 * time . Second // in dev, re-generate the tokens more aggressively for debug purpose
}
2021-01-26 18:36:53 +03:00
return func ( next http . Handler ) http . Handler {
return http . HandlerFunc ( func ( resp http . ResponseWriter , req * http . Request ) {
2023-05-21 04:50:53 +03:00
base , baseCleanUp := NewBaseContext ( resp , req )
defer baseCleanUp ( )
2024-04-25 14:22:32 +03:00
ctx := NewWebContext ( base , rnd , session . GetContextSession ( req ) )
2023-08-08 04:22:47 +03:00
2023-05-04 09:36:34 +03:00
ctx . Data . MergeFrom ( middleware . CommonTemplateContextData ( ) )
2023-08-08 04:22:47 +03:00
ctx . Data [ "Context" ] = ctx // TODO: use "ctx" in template and remove this
2023-05-04 09:36:34 +03:00
ctx . Data [ "CurrentURL" ] = setting . AppSubURL + req . URL . RequestURI ( )
ctx . Data [ "Link" ] = ctx . Link
2021-10-15 05:35:26 +03:00
// PageData is passed by reference, and it will be rendered to `window.config.pageData` in `head.tmpl` for JavaScript modules
2023-05-04 09:36:34 +03:00
ctx . PageData = map [ string ] any { }
2021-10-12 21:11:35 +03:00
ctx . Data [ "PageData" ] = ctx . PageData
2021-01-26 18:36:53 +03:00
2023-05-23 04:29:15 +03:00
ctx . Base . AppendContextValue ( WebContextKey , ctx )
Simplify how git repositories are opened (#28937)
## Purpose
This is a refactor toward building an abstraction over managing git
repositories.
Afterwards, it does not matter anymore if they are stored on the local
disk or somewhere remote.
## What this PR changes
We used `git.OpenRepository` everywhere previously.
Now, we should split them into two distinct functions:
Firstly, there are temporary repositories which do not change:
```go
git.OpenRepository(ctx, diskPath)
```
Gitea managed repositories having a record in the database in the
`repository` table are moved into the new package `gitrepo`:
```go
gitrepo.OpenRepository(ctx, repo_model.Repo)
```
Why is `repo_model.Repository` the second parameter instead of file
path?
Because then we can easily adapt our repository storage strategy.
The repositories can be stored locally, however, they could just as well
be stored on a remote server.
## Further changes in other PRs
- A Git Command wrapper on package `gitrepo` could be created. i.e.
`NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir:
repo.RepoPath()}`, the directory should be empty before invoking this
method and it can be filled in the function only. #28940
- Remove the `RepoPath()`/`WikiPath()` functions to reduce the
possibility of mistakes.
---------
Co-authored-by: delvh <dev.lh@web.de>
2024-01-27 23:09:51 +03:00
ctx . Base . AppendContextValueFunc ( gitrepo . RepositoryContextKey , func ( ) any { return ctx . Repo . GitRepo } )
2023-05-21 04:50:53 +03:00
ctx . Csrf = PrepareCSRFProtector ( csrfOpts , ctx )
2021-01-26 18:36:53 +03:00
2023-04-13 22:45:33 +03:00
// Get the last flash message from cookie
lastFlashCookie := middleware . GetSiteCookie ( ctx . Req , CookieNameFlash )
if vals , _ := url . ParseQuery ( lastFlashCookie ) ; len ( vals ) > 0 {
// store last Flash message into the template data, to render it
ctx . Data [ "Flash" ] = & middleware . Flash {
2023-05-21 04:50:53 +03:00
DataStore : ctx ,
2021-01-26 18:36:53 +03:00
Values : vals ,
ErrorMsg : vals . Get ( "error" ) ,
SuccessMsg : vals . Get ( "success" ) ,
InfoMsg : vals . Get ( "info" ) ,
WarningMsg : vals . Get ( "warning" ) ,
}
}
2023-08-25 14:07:42 +03:00
// if there are new messages in the ctx.Flash, write them into cookie
2021-01-26 18:36:53 +03:00
ctx . Resp . Before ( func ( resp ResponseWriter ) {
2023-04-13 22:45:33 +03:00
if val := ctx . Flash . Encode ( ) ; val != "" {
middleware . SetSiteCookie ( ctx . Resp , CookieNameFlash , val , 0 )
} else if lastFlashCookie != "" {
middleware . SetSiteCookie ( ctx . Resp , CookieNameFlash , "" , - 1 )
2021-01-26 18:36:53 +03:00
}
} )
// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
if ctx . Req . Method == "POST" && strings . Contains ( ctx . Req . Header . Get ( "Content-Type" ) , "multipart/form-data" ) {
if err := ctx . Req . ParseMultipartForm ( setting . Attachment . MaxSize << 20 ) ; err != nil && ! strings . Contains ( err . Error ( ) , "EOF" ) { // 32MB max size
ctx . ServerError ( "ParseMultipartForm" , err )
return
}
}
2018-08-27 05:23:27 +03:00
2023-03-08 23:40:04 +03:00
httpcache . SetCacheControlInHeader ( ctx . Resp . Header ( ) , 0 , "no-transform" )
2021-08-06 23:47:10 +03:00
ctx . Resp . Header ( ) . Set ( ` X-Frame-Options ` , setting . CORSConfig . XFrameOptions )
2021-01-26 18:36:53 +03:00
2024-02-24 16:12:17 +03:00
ctx . Data [ "SystemConfig" ] = setting . Config ( )
2023-04-13 22:45:33 +03:00
ctx . Data [ "CsrfToken" ] = ctx . Csrf . GetToken ( )
2021-01-26 18:36:53 +03:00
ctx . Data [ "CsrfTokenHtml" ] = template . HTML ( ` <input type="hidden" name="_csrf" value=" ` + ctx . Data [ "CsrfToken" ] . ( string ) + ` "> ` )
2021-05-05 00:48:31 +03:00
// FIXME: do we really always need these setting? There should be someway to have to avoid having to always set these
2021-01-26 18:36:53 +03:00
ctx . Data [ "DisableMigrations" ] = setting . Repository . DisableMigrations
2021-04-15 19:53:57 +03:00
ctx . Data [ "DisableStars" ] = setting . Repository . DisableStars
2024-06-18 03:51:13 +03:00
ctx . Data [ "EnableActions" ] = setting . Actions . Enabled && ! unit . TypeActions . UnitGlobalDisabled ( )
2021-01-26 18:36:53 +03:00
ctx . Data [ "ManifestData" ] = setting . ManifestData
ctx . Data [ "AllLangs" ] = translation . AllLangs ( )
2020-12-22 14:13:50 +03:00
2021-01-26 18:36:53 +03:00
next . ServeHTTP ( ctx . Resp , ctx . Req )
} )
2014-03-15 15:01:50 +04:00
}
}
2023-05-21 04:50:53 +03:00
// HasError returns true if error occurs in form validation.
// Attention: this function changes ctx.Data and ctx.Flash
2024-04-23 19:18:41 +03:00
// If HasError is called, then before Redirect, the error message should be stored by ctx.Flash.Error(ctx.GetErrMsg()) again.
2023-05-21 04:50:53 +03:00
func ( ctx * Context ) HasError ( ) bool {
hasErr , ok := ctx . Data [ "HasError" ]
if ! ok {
return false
}
ctx . Flash . ErrorMsg = ctx . GetErrMsg ( )
ctx . Data [ "Flash" ] = ctx . Flash
return hasErr . ( bool )
}
// GetErrMsg returns error message in form validation.
func ( ctx * Context ) GetErrMsg ( ) string {
msg , _ := ctx . Data [ "ErrorMsg" ] . ( string )
if msg == "" {
msg = "invalid form data"
}
return msg
}
2023-07-26 09:04:01 +03:00
func ( ctx * Context ) JSONRedirect ( redirect string ) {
ctx . JSON ( http . StatusOK , map [ string ] any { "redirect" : redirect } )
}
func ( ctx * Context ) JSONOK ( ) {
ctx . JSON ( http . StatusOK , map [ string ] any { "ok" : true } ) // this is only a dummy response, frontend seldom uses it
}
2024-02-15 00:48:45 +03:00
func ( ctx * Context ) JSONError ( msg any ) {
switch v := msg . ( type ) {
case string :
ctx . JSON ( http . StatusBadRequest , map [ string ] any { "errorMessage" : v , "renderFormat" : "text" } )
case template . HTML :
ctx . JSON ( http . StatusBadRequest , map [ string ] any { "errorMessage" : v , "renderFormat" : "html" } )
default :
panic ( fmt . Sprintf ( "unsupported type: %T" , msg ) )
}
2023-07-26 09:04:01 +03:00
}