diff options
| author | zeripath <art27@cantab.net> | 2019-04-22 21:40:51 +0100 |
|---|---|---|
| committer | Lauris BH <lauris@nix.lv> | 2019-04-22 23:40:51 +0300 |
| commit | be666b03eef1e085adc0749837480e0db7f811ad (patch) | |
| tree | ed8f4bc7c4a5cf2c7a7a37e38aef23b10a83595e /modules/context | |
| parent | b83114f1407247415b184f77f8f2f6ecea8cb994 (diff) | |
| download | gitea-be666b03eef1e085adc0749837480e0db7f811ad.tar.gz gitea-be666b03eef1e085adc0749837480e0db7f811ad.zip | |
Trace Logging on Permission Denied & ColorFormat (#6618)
* Add log.ColorFormat and log.ColorFormatted
Structs can now implement log.ColorFormatted to provide their own
colored format when logged with `%-v` or additional flags.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add basic ColorFormat to repository and user
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add basic ColorFormat to access and unit
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add ColorFormat to permission and on trace log it
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add log.NewColoredIDValue to make ID value coloring consistent
Signed-off-by: Andrew Thornton <art27@cantab.net>
* formatting changes
* Add some better tracing to permission denied for read issues/pulls
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Trace logging on permission denied
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove isTrace() check from deferred func
* Adjust repo and allow logging of team
* use FormatInt instead of Itoa
* Add blank line
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update access.go
Diffstat (limited to 'modules/context')
| -rw-r--r-- | modules/context/permission.go | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/modules/context/permission.go b/modules/context/permission.go index 70f8695300..6ac935686b 100644 --- a/modules/context/permission.go +++ b/modules/context/permission.go @@ -6,6 +6,8 @@ package context import ( "code.gitea.io/gitea/models" + "code.gitea.io/gitea/modules/log" + macaron "gopkg.in/macaron.v1" ) @@ -45,6 +47,22 @@ func RequireRepoWriterOr(unitTypes ...models.UnitType) macaron.Handler { func RequireRepoReader(unitType models.UnitType) macaron.Handler { return func(ctx *Context) { if !ctx.Repo.CanRead(unitType) { + if log.IsTrace() { + if ctx.IsSigned { + log.Trace("Permission Denied: User %-v cannot read %-v in Repo %-v\n"+ + "User in Repo has Permissions: %-+v", + ctx.User, + unitType, + ctx.Repo.Repository, + ctx.Repo.Permission) + } else { + log.Trace("Permission Denied: Anonymous user cannot read %-v in Repo %-v\n"+ + "Anonymous user in Repo has Permissions: %-+v", + unitType, + ctx.Repo.Repository, + ctx.Repo.Permission) + } + } ctx.NotFound(ctx.Req.RequestURI, nil) return } @@ -59,6 +77,25 @@ func RequireRepoReaderOr(unitTypes ...models.UnitType) macaron.Handler { return } } + if log.IsTrace() { + var format string + var args []interface{} + if ctx.IsSigned { + format = "Permission Denied: User %-v cannot read [" + args = append(args, ctx.User) + } else { + format = "Permission Denied: Anonymous user cannot read [" + } + for _, unit := range unitTypes { + format += "%-v, " + args = append(args, unit) + } + + format = format[:len(format)-2] + "] in Repo %-v\n" + + "User in Repo has Permissions: %-+v" + args = append(args, ctx.Repo.Repository, ctx.Repo.Permission) + log.Trace(format, args...) + } ctx.NotFound(ctx.Req.RequestURI, nil) } } |