diff options
| author | zeripath <art27@cantab.net> | 2021-08-04 18:26:30 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-04 13:26:30 -0400 |
| commit | 7c4172ef71a0805f16b8bd89188bb1b4d3e33f9b (patch) | |
| tree | 4daee35e7dee3393d457ccf1e3ade708fe65dde7 | |
| parent | f03abe8fb1919eed9c5a923f4f2c438a5fca351a (diff) | |
| download | gitea-7c4172ef71a0805f16b8bd89188bb1b4d3e33f9b.tar.gz gitea-7c4172ef71a0805f16b8bd89188bb1b4d3e33f9b.zip | |
Pass down SignedUserName down to AccessLogger context (#16605)
* Pass down SignedUserName down to AccessLogger context
Unfortunately when the AccessLogger was moved back before the contexters the
SignedUserName reporting was lost. This is due to Request.WithContext leading to a
shallow copy of the Request and the modules/context/Context being within that request.
This PR adds a new context variable of a string pointer which is set and handled
in the contexters.
Fix #16600
Signed-off-by: Andrew Thornton <art27@cantab.net>
* handle nil ptr issue
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
| -rw-r--r-- | modules/context/access_log.go | 10 | ||||
| -rw-r--r-- | modules/context/api.go | 11 | ||||
| -rw-r--r-- | modules/context/context.go | 11 |
3 files changed, 28 insertions, 4 deletions
diff --git a/modules/context/access_log.go b/modules/context/access_log.go index 97bb32f4c5..1a10c4763a 100644 --- a/modules/context/access_log.go +++ b/modules/context/access_log.go @@ -6,6 +6,7 @@ package context import ( "bytes" + "context" "html/template" "net/http" "time" @@ -22,6 +23,8 @@ type routerLoggerOptions struct { Ctx map[string]interface{} } +var signedUserNameStringPointerKey interface{} = "signedUserNameStringPointerKey" + // AccessLogger returns a middleware to log access logger func AccessLogger() func(http.Handler) http.Handler { logger := log.GetLogger("access") @@ -29,11 +32,10 @@ func AccessLogger() func(http.Handler) http.Handler { return func(next http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) { start := time.Now() - next.ServeHTTP(w, req) identity := "-" - if val := SignedUserName(req); val != "" { - identity = val - } + r := req.WithContext(context.WithValue(req.Context(), signedUserNameStringPointerKey, &identity)) + + next.ServeHTTP(w, r) rw := w.(ResponseWriter) buf := bytes.NewBuffer([]byte{}) diff --git a/modules/context/api.go b/modules/context/api.go index a21e0d7402..8f1ed3f2ce 100644 --- a/modules/context/api.go +++ b/modules/context/api.go @@ -275,6 +275,17 @@ func APIContexter() func(http.Handler) http.Handler { ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken()) next.ServeHTTP(ctx.Resp, ctx.Req) + + // Handle adding signedUserName to the context for the AccessLogger + usernameInterface := ctx.Data["SignedUserName"] + identityPtrInterface := ctx.Req.Context().Value(signedUserNameStringPointerKey) + if usernameInterface != nil && identityPtrInterface != nil { + username := usernameInterface.(string) + identityPtr := identityPtrInterface.(*string) + if identityPtr != nil && username != "" { + *identityPtr = username + } + } }) } } diff --git a/modules/context/context.go b/modules/context/context.go index b356e1eb1b..9d04fe3858 100644 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -770,6 +770,17 @@ func Contexter() func(next http.Handler) http.Handler { } next.ServeHTTP(ctx.Resp, ctx.Req) + + // Handle adding signedUserName to the context for the AccessLogger + usernameInterface := ctx.Data["SignedUserName"] + identityPtrInterface := ctx.Req.Context().Value(signedUserNameStringPointerKey) + if usernameInterface != nil && identityPtrInterface != nil { + username := usernameInterface.(string) + identityPtr := identityPtrInterface.(*string) + if identityPtr != nil && username != "" { + *identityPtr = username + } + } }) } } |