forked from forgejo/forgejo
Less naked returns (#25713)
just a step towards #25655 and some related refactoring
This commit is contained in:
6543
GitHub
parent
b1eb1676aa
commit
8995046110
32 changed files with 254 additions and 239 deletions
|
|
@ -56,13 +56,13 @@ func CorsHandler() func(next http.Handler) http.Handler {
|
|||
}
|
||||
|
||||
// httpBase implementation git smart HTTP protocol
|
||||
func httpBase(ctx *context.Context) (h *serviceHandler) {
|
||||
func httpBase(ctx *context.Context) *serviceHandler {
|
||||
username := ctx.Params(":username")
|
||||
reponame := strings.TrimSuffix(ctx.Params(":reponame"), ".git")
|
||||
|
||||
if ctx.FormString("go-get") == "1" {
|
||||
context.EarlyResponseForGoGetMeta(ctx)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
var isPull, receivePack bool
|
||||
|
|
@ -101,7 +101,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
owner := ctx.ContextUser
|
||||
if !owner.IsOrganization() && !owner.IsActive {
|
||||
ctx.PlainText(http.StatusForbidden, "Repository cannot be accessed. You cannot push or open issues/pull-requests.")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
repoExist := true
|
||||
|
|
@ -110,19 +110,19 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
if repo_model.IsErrRepoNotExist(err) {
|
||||
if redirectRepoID, err := repo_model.LookupRedirect(owner.ID, reponame); err == nil {
|
||||
context.RedirectToRepo(ctx.Base, redirectRepoID)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
repoExist = false
|
||||
} else {
|
||||
ctx.ServerError("GetRepositoryByName", err)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
// Don't allow pushing if the repo is archived
|
||||
if repoExist && repo.IsArchived && !isPull {
|
||||
ctx.PlainText(http.StatusForbidden, "This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
// Only public pull don't need auth.
|
||||
|
|
@ -136,7 +136,7 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
if isPublicPull {
|
||||
if err := repo.LoadOwner(ctx); err != nil {
|
||||
ctx.ServerError("LoadOwner", err)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
askAuth = askAuth || (repo.Owner.Visibility != structs.VisibleTypePublic)
|
||||
|
|
@ -149,12 +149,12 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
// TODO: support digit auth - which would be Authorization header with digit
|
||||
ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=\".\"")
|
||||
ctx.Error(http.StatusUnauthorized)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
context.CheckRepoScopedToken(ctx, repo, auth_model.GetScopeLevelFromAccessMode(accessMode))
|
||||
if ctx.Written() {
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
if ctx.IsBasicAuth && ctx.Data["IsApiToken"] != true && ctx.Data["IsActionsToken"] != true {
|
||||
|
|
@ -162,16 +162,16 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
if err == nil {
|
||||
// TODO: This response should be changed to "invalid credentials" for security reasons once the expectation behind it (creating an app token to authenticate) is properly documented
|
||||
ctx.PlainText(http.StatusUnauthorized, "Users with two-factor authentication enabled cannot perform HTTP/HTTPS operations via plain username and password. Please create and use a personal access token on the user settings page")
|
||||
return
|
||||
return nil
|
||||
} else if !auth_model.IsErrTwoFactorNotEnrolled(err) {
|
||||
ctx.ServerError("IsErrTwoFactorNotEnrolled", err)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
if !ctx.Doer.IsActive || ctx.Doer.ProhibitLogin {
|
||||
ctx.PlainText(http.StatusForbidden, "Your account is disabled.")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
environ = []string{
|
||||
|
|
@ -193,23 +193,23 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
task, err := actions_model.GetTaskByID(ctx, taskID)
|
||||
if err != nil {
|
||||
ctx.ServerError("GetTaskByID", err)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
if task.RepoID != repo.ID {
|
||||
ctx.PlainText(http.StatusForbidden, "User permission denied")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
if task.IsForkPullRequest {
|
||||
if accessMode > perm.AccessModeRead {
|
||||
ctx.PlainText(http.StatusForbidden, "User permission denied")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
environ = append(environ, fmt.Sprintf("%s=%d", repo_module.EnvActionPerm, perm.AccessModeRead))
|
||||
} else {
|
||||
if accessMode > perm.AccessModeWrite {
|
||||
ctx.PlainText(http.StatusForbidden, "User permission denied")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
environ = append(environ, fmt.Sprintf("%s=%d", repo_module.EnvActionPerm, perm.AccessModeWrite))
|
||||
}
|
||||
|
|
@ -217,18 +217,18 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
p, err := access_model.GetUserRepoPermission(ctx, repo, ctx.Doer)
|
||||
if err != nil {
|
||||
ctx.ServerError("GetUserRepoPermission", err)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
if !p.CanAccess(accessMode, unitType) {
|
||||
ctx.PlainText(http.StatusNotFound, "Repository not found")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
if !isPull && repo.IsMirror {
|
||||
ctx.PlainText(http.StatusForbidden, "mirror repository is read-only")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -246,34 +246,34 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
if !repoExist {
|
||||
if !receivePack {
|
||||
ctx.PlainText(http.StatusNotFound, "Repository not found")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
if isWiki { // you cannot send wiki operation before create the repository
|
||||
ctx.PlainText(http.StatusNotFound, "Repository not found")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
if owner.IsOrganization() && !setting.Repository.EnablePushCreateOrg {
|
||||
ctx.PlainText(http.StatusForbidden, "Push to create is not enabled for organizations.")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
if !owner.IsOrganization() && !setting.Repository.EnablePushCreateUser {
|
||||
ctx.PlainText(http.StatusForbidden, "Push to create is not enabled for users.")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
// Return dummy payload if GET receive-pack
|
||||
if ctx.Req.Method == http.MethodGet {
|
||||
dummyInfoRefs(ctx)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
|
||||
repo, err = repo_service.PushCreateRepo(ctx, ctx.Doer, owner, reponame)
|
||||
if err != nil {
|
||||
log.Error("pushCreateRepo: %v", err)
|
||||
ctx.Status(http.StatusNotFound)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -282,11 +282,11 @@ func httpBase(ctx *context.Context) (h *serviceHandler) {
|
|||
if _, err := repo.GetUnit(ctx, unit.TypeWiki); err != nil {
|
||||
if repo_model.IsErrUnitTypeNotExist(err) {
|
||||
ctx.PlainText(http.StatusForbidden, "repository wiki is disabled")
|
||||
return
|
||||
return nil
|
||||
}
|
||||
log.Error("Failed to get the wiki unit in %-v Error: %v", repo, err)
|
||||
ctx.ServerError("GetUnit(UnitTypeWiki) for "+repo.FullName(), err)
|
||||
return
|
||||
return nil
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue