diff options
| author | Unknwon <u@gogs.io> | 2015-08-05 11:14:17 +0800 |
|---|---|---|
| committer | Unknwon <u@gogs.io> | 2015-08-05 11:14:17 +0800 |
| commit | e50982f5ec78c3cfa4a1cf322f7fa1a4dea44b84 (patch) | |
| tree | f6dffcf1c5a273a077a8b33c75334b9994ca02ff /cmd/serve.go | |
| parent | 487fc8ca39a3de565fc6c67aea72c4658bbf64c8 (diff) | |
| download | gitea-e50982f5ec78c3cfa4a1cf322f7fa1a4dea44b84.tar.gz gitea-e50982f5ec78c3cfa4a1cf322f7fa1a4dea44b84.zip | |
allow anonymous SSH clone
Diffstat (limited to 'cmd/serve.go')
| -rw-r--r-- | cmd/serve.go | 94 |
1 files changed, 49 insertions, 45 deletions
diff --git a/cmd/serve.go b/cmd/serve.go index fed65bba15..ecf07114f2 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -78,35 +78,18 @@ func runServ(c *cli.Context) { setup("serv.log") fail := func(userMessage, logMessage string, args ...interface{}) { - fmt.Fprintln(os.Stderr, "Gogs: ", userMessage) - log.GitLogger.Fatal(2, logMessage, args...) + fmt.Fprintln(os.Stderr, "Gogs:", userMessage) + log.GitLogger.Fatal(3, logMessage, args...) } if len(c.Args()) < 1 { fail("Not enough arguments", "Not enough arguments") } - keys := strings.Split(c.Args()[0], "-") - if len(keys) != 2 { - fail("key-id format error", "Invalid key id: %s", c.Args()[0]) - } - - keyId, err := com.StrTo(keys[1]).Int64() - if err != nil { - fail("key-id format error", "Invalid key id: %s", err) - } - - user, err := models.GetUserByKeyId(keyId) - if err != nil { - fail("internal error", "Failed to get user by key ID(%d): %v", keyId, err) - } - cmd := os.Getenv("SSH_ORIGINAL_COMMAND") - if cmd == "" { - fmt.Printf("Hi, %s! You've successfully authenticated, but Gogs does not provide shell access.\n", user.Name) - if user.IsAdmin { - println("If this is unexpected, please log in with password and setup Gogs under another user.") - } + if len(cmd) == 0 { + println("Hi there, You've successfully authenticated, but Gogs does not provide shell access.") + println("If this is unexpected, please log in with password and setup Gogs under another user.") return } @@ -121,7 +104,7 @@ func runServ(c *cli.Context) { repoUser, err := models.GetUserByName(repoUserName) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { fail("Repository owner does not exist", "Unregistered owner: %s", repoUserName) } fail("Internal error", "Failed to get repository owner(%s): %v", repoUserName, err) @@ -130,11 +113,7 @@ func runServ(c *cli.Context) { repo, err := models.GetRepositoryByName(repoUser.Id, repoName) if err != nil { if models.IsErrRepoNotExist(err) { - if user.Id == repoUser.Id || repoUser.IsOwnedBy(user.Id) { - fail("Repository does not exist", "Repository does not exist: %s/%s", repoUser.Name, repoName) - } else { - fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, repoName) - } + fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, repoName) } fail("Internal error", "Failed to get repository: %v", err) } @@ -144,17 +123,39 @@ func runServ(c *cli.Context) { fail("Unknown git command", "Unknown git command %s", verb) } - mode, err := models.AccessLevel(user, repo) - if err != nil { - fail("Internal error", "Fail to check access: %v", err) - } else if mode < requestedMode { - clientMessage := _ACCESS_DENIED_MESSAGE - if mode >= models.ACCESS_MODE_READ { - clientMessage = "You do not have sufficient authorization for this action" + // Allow anonymous clone for public repositories. + var ( + keyID int64 + user *models.User + ) + if requestedMode == models.ACCESS_MODE_WRITE || repo.IsPrivate { + keys := strings.Split(c.Args()[0], "-") + if len(keys) != 2 { + fail("key-id format error", "Invalid key id: %s", c.Args()[0]) + } + + keyID, err = com.StrTo(keys[1]).Int64() + if err != nil { + fail("key-id format error", "Invalid key id: %s", err) + } + + user, err = models.GetUserByKeyId(keyID) + if err != nil { + fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err) + } + + mode, err := models.AccessLevel(user, repo) + if err != nil { + fail("Internal error", "Fail to check access: %v", err) + } else if mode < requestedMode { + clientMessage := _ACCESS_DENIED_MESSAGE + if mode >= models.ACCESS_MODE_READ { + clientMessage = "You do not have sufficient authorization for this action" + } + fail(clientMessage, + "User %s does not have level %v access to repository %s", + user.Name, requestedMode, repoPath) } - fail(clientMessage, - "User %s does not have level %v access to repository %s", - user.Name, requestedMode, repoPath) } uuid := uuid.NewV4().String() @@ -201,12 +202,15 @@ func runServ(c *cli.Context) { } // Update key activity. - key, err := models.GetPublicKeyById(keyId) - if err != nil { - fail("Internal error", "GetPublicKeyById: %v", err) - } - key.Updated = time.Now() - if err = models.UpdatePublicKey(key); err != nil { - fail("Internal error", "UpdatePublicKey: %v", err) + if keyID > 0 { + key, err := models.GetPublicKeyById(keyID) + if err != nil { + fail("Internal error", "GetPublicKeyById: %v", err) + } + + key.Updated = time.Now() + if err = models.UpdatePublicKey(key); err != nil { + fail("Internal error", "UpdatePublicKey: %v", err) + } } } |