aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwxiaoguang <wxiaoguang@gmail.com>2024-05-20 14:44:16 +0800
committerGitHub <noreply@github.com>2024-05-20 06:44:16 +0000
commitde9bcd1d23523d736234ccbf73adce4746575e1b (patch)
tree90cb8c9bfd856f84412f1d84e81146c2f866bc1f
parentf48cc501c46a2d34eb701561f01d888d689d60d5 (diff)
downloadgitea-de9bcd1d23523d736234ccbf73adce4746575e1b.tar.gz
gitea-de9bcd1d23523d736234ccbf73adce4746575e1b.zip
Avoid 500 panic error when uploading invalid maven package file (#31014)
PackageDescriptor.Metadata might be nil (and maybe not only for maven). This is only a quick fix. The new `if` block is written intentionally to avoid unnecessary indenting to the existing code.
-rw-r--r--options/locale/locale_en-US.ini1
-rw-r--r--templates/package/content/maven.tmpl6
-rw-r--r--templates/package/metadata/maven.tmpl5
-rw-r--r--tests/integration/api_packages_maven_test.go10
4 files changed, 20 insertions, 2 deletions
diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini
index a85b107eee..db4e3ec56b 100644
--- a/options/locale/locale_en-US.ini
+++ b/options/locale/locale_en-US.ini
@@ -3415,6 +3415,7 @@ error.unit_not_allowed = You are not allowed to access this repository section.
title = Packages
desc = Manage repository packages.
empty = There are no packages yet.
+no_metadata = No metadata.
empty.documentation = For more information on the package registry, see <a target="_blank" rel="noopener noreferrer" href="%s">the documentation</a>.
empty.repo = Did you upload a package, but it's not shown here? Go to <a href="%[1]s">package settings</a> and link it to this repo.
registry.documentation = For more information on the %s registry, see <a target="_blank" rel="noopener noreferrer" href="%s">the documentation</a>.
diff --git a/templates/package/content/maven.tmpl b/templates/package/content/maven.tmpl
index 3a7de335de..f56595a830 100644
--- a/templates/package/content/maven.tmpl
+++ b/templates/package/content/maven.tmpl
@@ -1,4 +1,8 @@
-{{if eq .PackageDescriptor.Package.Type "maven"}}
+{{if and (eq .PackageDescriptor.Package.Type "maven") (not .PackageDescriptor.Metadata)}}
+ <h4 class="ui top attached header">{{ctx.Locale.Tr "packages.installation"}}</h4>
+ <div class="ui attached segment">{{ctx.Locale.Tr "packages.no_metadata"}}</div>
+{{end}}
+{{if and (eq .PackageDescriptor.Package.Type "maven") .PackageDescriptor.Metadata}}
<h4 class="ui top attached header">{{ctx.Locale.Tr "packages.installation"}}</h4>
<div class="ui attached segment">
<div class="ui form">
diff --git a/templates/package/metadata/maven.tmpl b/templates/package/metadata/maven.tmpl
index 548be61790..36412723d2 100644
--- a/templates/package/metadata/maven.tmpl
+++ b/templates/package/metadata/maven.tmpl
@@ -1,4 +1,7 @@
-{{if eq .PackageDescriptor.Package.Type "maven"}}
+{{if and (eq .PackageDescriptor.Package.Type "maven") (not .PackageDescriptor.Metadata)}}
+ <div class="item">{{svg "octicon-note" 16 "tw-mr-2"}} {{ctx.Locale.Tr "packages.no_metadata"}}</div>
+{{end}}
+{{if and (eq .PackageDescriptor.Package.Type "maven") .PackageDescriptor.Metadata}}
{{if .PackageDescriptor.Metadata.Name}}<div class="item">{{svg "octicon-note" 16 "tw-mr-2"}} {{.PackageDescriptor.Metadata.Name}}</div>{{end}}
{{if .PackageDescriptor.Metadata.ProjectURL}}<div class="item">{{svg "octicon-link-external" 16 "tw-mr-2"}} <a href="{{.PackageDescriptor.Metadata.ProjectURL}}" target="_blank" rel="noopener noreferrer me">{{ctx.Locale.Tr "packages.details.project_site"}}</a></div>{{end}}
{{range .PackageDescriptor.Metadata.Licenses}}<div class="item" title="{{ctx.Locale.Tr "packages.details.license"}}">{{svg "octicon-law" 16 "tw-mr-2"}} {{.}}</div>{{end}}
diff --git a/tests/integration/api_packages_maven_test.go b/tests/integration/api_packages_maven_test.go
index c7ed554a9d..0466a727b2 100644
--- a/tests/integration/api_packages_maven_test.go
+++ b/tests/integration/api_packages_maven_test.go
@@ -15,6 +15,7 @@ import (
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/packages/maven"
+ "code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/tests"
"github.com/stretchr/testify/assert"
@@ -241,4 +242,13 @@ func TestPackageMaven(t *testing.T) {
putFile(t, fmt.Sprintf("/%s/maven-metadata.xml", snapshotVersion), "test", http.StatusCreated)
putFile(t, fmt.Sprintf("/%s/maven-metadata.xml", snapshotVersion), "test-overwrite", http.StatusCreated)
})
+
+ t.Run("InvalidFile", func(t *testing.T) {
+ ver := packageVersion + "-invalid"
+ putFile(t, fmt.Sprintf("/%s/%s", ver, filename), "any invalid content", http.StatusCreated)
+ req := NewRequestf(t, "GET", "/%s/-/packages/maven/%s-%s/%s", user.Name, groupID, artifactID, ver)
+ resp := MakeRequest(t, req, http.StatusOK)
+ assert.Contains(t, resp.Body.String(), "No metadata.")
+ assert.True(t, test.IsNormalPageCompleted(resp.Body.String()))
+ })
}