Writable deploy keys (closes #671) (#3225)

* Add is_writable checkbox to deploy keys interface * Add writable key option to deploy key form * Add support for writable ssh keys in the interface * Rename IsWritable to ReadOnly * Test: create read-only and read-write deploy keys via api * Add DeployKey access mode migration * Update gitea sdk via govendor * Fix deploykey migration * Add unittests for writable deploy keys * Move template text to locale * Remove implicit column update * Remove duplicate locales * Replace ReadOnly field with IsReadOnly method * Fix deploy_keys related integration test * Rename v54 migration with v55 * Fix migration hell
author: Vlad Temian <vladtemian@gmail.com> 2018-01-07 00:55:53 +0200
committer: Lauris BH <lauris@nix.lv> 2018-01-07 00:55:53 +0200
commit: e78786ef39526fac6705a831fc291c55f1ca091b (patch)
tree: c529a79c1460facdf30f04b860cee234d64c229c /models
parent: 70b6c07590f9014876073e2d69a6278e94db582f (diff)
download: gitea-e78786ef39526fac6705a831fc291c55f1ca091b.tar.gz
gitea-e78786ef39526fac6705a831fc291c55f1ca091b.zip
4 files changed, 43 insertions, 4 deletions
diff --git a/models/fixtures/deploy_key.yml b/models/fixtures/deploy_key.yml
new file mode 100644
index 0000000000..ca780a73aa
--- /dev/null
+++ b/models/fixtures/deploy_key.yml
@@ -0,0 +1 @@
+[] # empty
diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go
index 90f286056f..37f3717ff4 100644
--- a/models/migrations/migrations.go
+++ b/models/migrations/migrations.go
@@ -162,6 +162,8 @@ var migrations = []Migration{
 	NewMigration("add reactions", addReactions),
 	// v54 -> v55
 	NewMigration("add pull request options", addPullRequestOptions),
+	// v55 -> v56
+	NewMigration("add writable deploy keys", addModeToDeploKeys),
 }
 
 // Migrate database to current version
diff --git a/models/migrations/v55.go b/models/migrations/v55.go
new file mode 100644
index 0000000000..32f4e8ac04
--- /dev/null
+++ b/models/migrations/v55.go
@@ -0,0 +1,23 @@
+// Copyright 2018 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import (
+	"fmt"
+
+	"code.gitea.io/gitea/models"
+	"github.com/go-xorm/xorm"
+)
+
+func addModeToDeploKeys(x *xorm.Engine) error {
+	type DeployKey struct {
+		Mode models.AccessMode `xorm:"NOT NULL DEFAULT 1"`
+	}
+
+	if err := x.Sync2(new(DeployKey)); err != nil {
+		return fmt.Errorf("Sync2: %v", err)
+	}
+	return nil
+}
diff --git a/models/ssh_key.go b/models/ssh_key.go
index 4d276ebeb7..2878177d44 100644
--- a/models/ssh_key.go
+++ b/models/ssh_key.go
@@ -600,6 +600,8 @@ type DeployKey struct {
 	Fingerprint string
 	Content     string `xorm:"-"`
 
+	Mode AccessMode `xorm:"NOT NULL DEFAULT 1"`
+
 	CreatedUnix       util.TimeStamp `xorm:"created"`
 	UpdatedUnix       util.TimeStamp `xorm:"updated"`
 	HasRecentActivity bool           `xorm:"-"`
@@ -622,6 +624,11 @@ func (key *DeployKey) GetContent() error {
 	return nil
 }
 
+// IsReadOnly checks if the key can only be used for read operations
+func (key *DeployKey) IsReadOnly() bool {
+	return key.Mode == AccessModeRead
+}
+
 func checkDeployKey(e Engine, keyID, repoID int64, name string) error {
 	// Note: We want error detail, not just true or false here.
 	has, err := e.
@@ -646,7 +653,7 @@ func checkDeployKey(e Engine, keyID, repoID int64, name string) error {
 }
 
 // addDeployKey adds new key-repo relation.
-func addDeployKey(e *xorm.Session, keyID, repoID int64, name, fingerprint string) (*DeployKey, error) {
+func addDeployKey(e *xorm.Session, keyID, repoID int64, name, fingerprint string, mode AccessMode) (*DeployKey, error) {
 	if err := checkDeployKey(e, keyID, repoID, name); err != nil {
 		return nil, err
 	}
@@ -656,6 +663,7 @@ func addDeployKey(e *xorm.Session, keyID, repoID int64, name, fingerprint string
 		RepoID:      repoID,
 		Name:        name,
 		Fingerprint: fingerprint,
+		Mode:        mode,
 	}
 	_, err := e.Insert(key)
 	return key, err
@@ -670,15 +678,20 @@ func HasDeployKey(keyID, repoID int64) bool {
 }
 
 // AddDeployKey add new deploy key to database and authorized_keys file.
-func AddDeployKey(repoID int64, name, content string) (*DeployKey, error) {
+func AddDeployKey(repoID int64, name, content string, readOnly bool) (*DeployKey, error) {
 	fingerprint, err := calcFingerprint(content)
 	if err != nil {
 		return nil, err
 	}
 
+	accessMode := AccessModeRead
+	if !readOnly {
+		accessMode = AccessModeWrite
+	}
+
 	pkey := &PublicKey{
 		Fingerprint: fingerprint,
-		Mode:        AccessModeRead,
+		Mode:        accessMode,
 		Type:        KeyTypeDeploy,
 	}
 	has, err := x.Get(pkey)
@@ -701,7 +714,7 @@ func AddDeployKey(repoID int64, name, content string) (*DeployKey, error) {
 		}
 	}
 
-	key, err := addDeployKey(sess, pkey.ID, repoID, name, pkey.Fingerprint)
+	key, err := addDeployKey(sess, pkey.ID, repoID, name, pkey.Fingerprint, accessMode)
 	if err != nil {
 		return nil, fmt.Errorf("addDeployKey: %v", err)
 	}
author	Vlad Temian <vladtemian@gmail.com>	2018-01-07 00:55:53 +0200
committer	Lauris BH <lauris@nix.lv>	2018-01-07 00:55:53 +0200
commit	e78786ef39526fac6705a831fc291c55f1ca091b (patch)
tree	c529a79c1460facdf30f04b860cee234d64c229c /models
parent	70b6c07590f9014876073e2d69a6278e94db582f (diff)
download	gitea-e78786ef39526fac6705a831fc291c55f1ca091b.tar.gz gitea-e78786ef39526fac6705a831fc291c55f1ca091b.zip