AuthorizedKeysCommand should not query db directly (#9371)

* AuthorizedKeysCommand should not query db directly * Update routers/private/internal.go * Fix import order
2019-12-17 01:49:07 +00:00 · 2019-12-17 01:49:07 +00:00 · d1a49977b0
commit d1a49977b0
parent 1707f59966
6 changed files with 93 additions and 50 deletions
--- a/routers/private/internal.go
+++ b/routers/private/internal.go
@ -76,6 +76,7 @@ func CheckUnitUser(ctx *macaron.Context) {
 // These APIs will be invoked by internal commands for example `gitea serv` and etc.
 func RegisterRoutes(m *macaron.Macaron) {
 	m.Group("/", func() {
+		m.Post("/ssh/authorized_keys", AuthorizedPublicKeyByContent)
 		m.Post("/ssh/:id/update/:repoid", UpdatePublicKeyInRepo)
 		m.Get("/hook/pre-receive/:owner/:repo", HookPreReceive)
 		m.Get("/hook/post-receive/:owner/:repo", HookPostReceive)
--- a/routers/private/key.go
+++ b/routers/private/key.go
@ -6,6 +6,8 @@
 package private

 import (
+	"net/http"
+
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/timeutil"

@ -17,7 +19,7 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) {
 	keyID := ctx.ParamsInt64(":id")
 	repoID := ctx.ParamsInt64(":repoid")
 	if err := models.UpdatePublicKeyUpdated(keyID); err != nil {
-		ctx.JSON(500, map[string]interface{}{
+		ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
 			"err": err.Error(),
 		})
 		return
@ -29,18 +31,33 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) {
 			ctx.PlainText(200, []byte("success"))
 			return
 		}
-		ctx.JSON(500, map[string]interface{}{
+		ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
 			"err": err.Error(),
 		})
 		return
 	}
 	deployKey.UpdatedUnix = timeutil.TimeStampNow()
 	if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil {
-		ctx.JSON(500, map[string]interface{}{
+		ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
 			"err": err.Error(),
 		})
 		return
 	}

-	ctx.PlainText(200, []byte("success"))
+	ctx.PlainText(http.StatusOK, []byte("success"))
+}
+
+// AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part)
+// and returns public key found.
+func AuthorizedPublicKeyByContent(ctx *macaron.Context) {
+	content := ctx.Query("content")
+
+	publicKey, err := models.SearchPublicKeyByContent(content)
+	if err != nil {
+		ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
+			"err": err.Error(),
+		})
+		return
+	}
+	ctx.PlainText(http.StatusOK, []byte(publicKey.AuthorizedString()))
 }