summaryrefslogtreecommitdiffstats
path: root/models
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2020-02-27 19:20:55 +0000
committerGitHub <noreply@github.com>2020-02-27 16:20:55 -0300
commit90919bb37e2bcc62440e393439825fe0e1e1f343 (patch)
tree1e89ce6ec5a3c90399a1621e6d11dae2417c11ef /models
parent858aebc2d8561803c4dc3f8a427ca82662ee96c7 (diff)
downloadgitea-90919bb37e2bcc62440e393439825fe0e1e1f343.tar.gz
gitea-90919bb37e2bcc62440e393439825fe0e1e1f343.zip
Show Signer in commit lists and add basic trust (#10425)
* Show Signer in commit lists and add basic trust Show the avatar of the signer in the commit list pages as we do not enforce that the signer is an author or committer. This makes it clearer who has signed the commit. Also display commits signed by non-members differently from members and in particular make it clear when a non-member signer is different from the committer to help reduce the risk of spoofing. Signed-off-by: Andrew Thornton <art27@cantab.net> * ensure orange text and background is available Signed-off-by: Andrew Thornton <art27@cantab.net> * Update gpg_key.go * Update models/gpg_key.go * Apply suggestions from code review * Require team collaborators to have access to UnitTypeCode * as per @6543 * fix position of sha as per @silverwind * as per @guillep2k
Diffstat (limited to 'models')
-rw-r--r--models/gpg_key.go43
-rw-r--r--models/repo_collaboration.go20
2 files changed, 60 insertions, 3 deletions
diff --git a/models/gpg_key.go b/models/gpg_key.go
index 643aa6822c..a32312a12d 100644
--- a/models/gpg_key.go
+++ b/models/gpg_key.go
@@ -374,6 +374,7 @@ type CommitVerification struct {
CommittingUser *User
SigningEmail string
SigningKey *GPGKey
+ TrustStatus string
}
// SignCommit represents a commit with validation of signature.
@@ -759,18 +760,54 @@ func verifyWithGPGSettings(gpgSettings *git.GPGSettings, sig *packet.Signature,
}
// ParseCommitsWithSignature checks if signaute of commits are corresponding to users gpg keys.
-func ParseCommitsWithSignature(oldCommits *list.List) *list.List {
+func ParseCommitsWithSignature(oldCommits *list.List, repository *Repository) *list.List {
var (
newCommits = list.New()
e = oldCommits.Front()
)
+ memberMap := map[int64]bool{}
+
for e != nil {
c := e.Value.(UserCommit)
- newCommits.PushBack(SignCommit{
+ signCommit := SignCommit{
UserCommit: &c,
Verification: ParseCommitWithSignature(c.Commit),
- })
+ }
+
+ _ = CalculateTrustStatus(signCommit.Verification, repository, &memberMap)
+
+ newCommits.PushBack(signCommit)
e = e.Next()
}
return newCommits
}
+
+// CalculateTrustStatus will calculate the TrustStatus for a commit verification within a repository
+func CalculateTrustStatus(verification *CommitVerification, repository *Repository, memberMap *map[int64]bool) (err error) {
+ if verification.Verified {
+ verification.TrustStatus = "trusted"
+ if verification.SigningUser.ID != 0 {
+ var isMember bool
+ if memberMap != nil {
+ var has bool
+ isMember, has = (*memberMap)[verification.SigningUser.ID]
+ if !has {
+ isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID)
+ (*memberMap)[verification.SigningUser.ID] = isMember
+ }
+ } else {
+ isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID)
+ }
+
+ if !isMember {
+ verification.TrustStatus = "untrusted"
+ if verification.CommittingUser.ID != verification.SigningUser.ID {
+ // The committing user and the signing user are not the same and are not the default key
+ // This should be marked as questionable unless the signing user is a collaborator/team member etc.
+ verification.TrustStatus = "unmatched"
+ }
+ }
+ }
+ }
+ return
+}
diff --git a/models/repo_collaboration.go b/models/repo_collaboration.go
index 8c6ef36230..85bc99f320 100644
--- a/models/repo_collaboration.go
+++ b/models/repo_collaboration.go
@@ -210,3 +210,23 @@ func (repo *Repository) getRepoTeams(e Engine) (teams []*Team, err error) {
func (repo *Repository) GetRepoTeams() ([]*Team, error) {
return repo.getRepoTeams(x)
}
+
+// IsOwnerMemberCollaborator checks if a provided user is the owner, a collaborator or a member of a team in a repository
+func (repo *Repository) IsOwnerMemberCollaborator(userID int64) (bool, error) {
+ if repo.OwnerID == userID {
+ return true, nil
+ }
+ teamMember, err := x.Join("INNER", "team_repo", "team_repo.team_id = team_user.team_id").
+ Join("INNER", "team_unit", "team_unit.team_id = team_user.team_id").
+ Where("team_repo.repo_id = ?", repo.ID).
+ And("team_unit.`type` = ?", UnitTypeCode).
+ And("team_user.uid = ?", userID).Table("team_user").Exist(&TeamUser{})
+ if err != nil {
+ return false, err
+ }
+ if teamMember {
+ return true, nil
+ }
+
+ return x.Get(&Collaboration{RepoID: repo.ID, UserID: userID})
+}