summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2022-01-16 03:44:11 +0000
committerGitHub <noreply@github.com>2022-01-16 11:44:11 +0800
commit4b4884ce889439f092d3797984e768e0cf2a278e (patch)
tree9c2878f845acb732ceae042a7e30dd3019b5e275
parenta15353dc004a8a29097d9a92ca7af5e4f0cbad29 (diff)
downloadgitea-4b4884ce889439f092d3797984e768e0cf2a278e.tar.gz
gitea-4b4884ce889439f092d3797984e768e0cf2a278e.zip
Return nicer error if trying to pull from non-existent user (#18288)
* Return nicer error if trying to pull from non-existent user Gitea serv will currently return an 500 if we try to pull from a repository where the owner does not exist. This PR checks for the UserNotExist Error when checking for the user and will return a NotFound error instead. Fix #18225
-rw-r--r--routers/private/serv.go15
1 files changed, 12 insertions, 3 deletions
diff --git a/routers/private/serv.go b/routers/private/serv.go
index e5ebc5aa92..6bf0ceeca2 100644
--- a/routers/private/serv.go
+++ b/routers/private/serv.go
@@ -111,8 +111,17 @@ func ServCommand(ctx *context.PrivateContext) {
owner, err := user_model.GetUserByName(results.OwnerName)
if err != nil {
+ if user_model.IsErrUserNotExist(err) {
+ // User is fetching/cloning a non-existent repository
+ log.Warn("Failed authentication attempt (cannot find repository: %s/%s) from %s", results.OwnerName, results.RepoName, ctx.RemoteAddr())
+ ctx.JSON(http.StatusNotFound, private.ErrServCommand{
+ Results: results,
+ Err: fmt.Sprintf("Cannot find repository: %s/%s", results.OwnerName, results.RepoName),
+ })
+ return
+ }
log.Error("Unable to get repository owner: %s/%s Error: %v", results.OwnerName, results.RepoName, err)
- ctx.JSON(http.StatusInternalServerError, private.ErrServCommand{
+ ctx.JSON(http.StatusForbidden, private.ErrServCommand{
Results: results,
Err: fmt.Sprintf("Unable to get repository owner: %s/%s %v", results.OwnerName, results.RepoName, err),
})
@@ -135,7 +144,7 @@ func ServCommand(ctx *context.PrivateContext) {
for _, verb := range ctx.FormStrings("verb") {
if "git-upload-pack" == verb {
// User is fetching/cloning a non-existent repository
- log.Error("Failed authentication attempt (cannot find repository: %s/%s) from %s", results.OwnerName, results.RepoName, ctx.RemoteAddr())
+ log.Warn("Failed authentication attempt (cannot find repository: %s/%s) from %s", results.OwnerName, results.RepoName, ctx.RemoteAddr())
ctx.JSON(http.StatusNotFound, private.ErrServCommand{
Results: results,
Err: fmt.Sprintf("Cannot find repository: %s/%s", results.OwnerName, results.RepoName),
@@ -325,7 +334,7 @@ func ServCommand(ctx *context.PrivateContext) {
userMode := perm.UnitAccessMode(unitType)
if userMode < mode {
- log.Error("Failed authentication attempt for %s with key %s (not authorized to %s %s/%s) from %s", user.Name, key.Name, modeString, ownerName, repoName, ctx.RemoteAddr())
+ log.Warn("Failed authentication attempt for %s with key %s (not authorized to %s %s/%s) from %s", user.Name, key.Name, modeString, ownerName, repoName, ctx.RemoteAddr())
ctx.JSON(http.StatusUnauthorized, private.ErrServCommand{
Results: results,
Err: fmt.Sprintf("User: %d:%s with Key: %d:%s is not authorized to %s %s/%s.", user.ID, user.Name, key.ID, key.Name, modeString, ownerName, repoName),