summaryrefslogtreecommitdiffstats
path: root/routers/api
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2019-04-22 21:40:51 +0100
committerLauris BH <lauris@nix.lv>2019-04-22 23:40:51 +0300
commitbe666b03eef1e085adc0749837480e0db7f811ad (patch)
treeed8f4bc7c4a5cf2c7a7a37e38aef23b10a83595e /routers/api
parentb83114f1407247415b184f77f8f2f6ecea8cb994 (diff)
downloadgitea-be666b03eef1e085adc0749837480e0db7f811ad.tar.gz
gitea-be666b03eef1e085adc0749837480e0db7f811ad.zip
Trace Logging on Permission Denied & ColorFormat (#6618)
* Add log.ColorFormat and log.ColorFormatted Structs can now implement log.ColorFormatted to provide their own colored format when logged with `%-v` or additional flags. Signed-off-by: Andrew Thornton <art27@cantab.net> * Add basic ColorFormat to repository and user Signed-off-by: Andrew Thornton <art27@cantab.net> * Add basic ColorFormat to access and unit Signed-off-by: Andrew Thornton <art27@cantab.net> * Add ColorFormat to permission and on trace log it Signed-off-by: Andrew Thornton <art27@cantab.net> * Add log.NewColoredIDValue to make ID value coloring consistent Signed-off-by: Andrew Thornton <art27@cantab.net> * formatting changes * Add some better tracing to permission denied for read issues/pulls Signed-off-by: Andrew Thornton <art27@cantab.net> * Add Trace logging on permission denied Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove isTrace() check from deferred func * Adjust repo and allow logging of team * use FormatInt instead of Itoa * Add blank line Signed-off-by: Andrew Thornton <art27@cantab.net> * Update access.go
Diffstat (limited to 'routers/api')
-rw-r--r--routers/api/v1/api.go50
-rw-r--r--routers/api/v1/repo/pull.go7
2 files changed, 56 insertions, 1 deletions
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go
index ac92f7cd43..d201dff917 100644
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@@ -369,6 +369,22 @@ func orgAssignment(args ...bool) macaron.Handler {
func mustEnableIssues(ctx *context.APIContext) {
if !ctx.Repo.CanRead(models.UnitTypeIssues) {
+ if log.IsTrace() {
+ if ctx.IsSigned {
+ log.Trace("Permission Denied: User %-v cannot read %-v in Repo %-v\n"+
+ "User in Repo has Permissions: %-+v",
+ ctx.User,
+ models.UnitTypeIssues,
+ ctx.Repo.Repository,
+ ctx.Repo.Permission)
+ } else {
+ log.Trace("Permission Denied: Anonymous user cannot read %-v in Repo %-v\n"+
+ "Anonymous user in Repo has Permissions: %-+v",
+ models.UnitTypeIssues,
+ ctx.Repo.Repository,
+ ctx.Repo.Permission)
+ }
+ }
ctx.NotFound()
return
}
@@ -376,6 +392,22 @@ func mustEnableIssues(ctx *context.APIContext) {
func mustAllowPulls(ctx *context.APIContext) {
if !(ctx.Repo.Repository.CanEnablePulls() && ctx.Repo.CanRead(models.UnitTypePullRequests)) {
+ if ctx.Repo.Repository.CanEnablePulls() && log.IsTrace() {
+ if ctx.IsSigned {
+ log.Trace("Permission Denied: User %-v cannot read %-v in Repo %-v\n"+
+ "User in Repo has Permissions: %-+v",
+ ctx.User,
+ models.UnitTypePullRequests,
+ ctx.Repo.Repository,
+ ctx.Repo.Permission)
+ } else {
+ log.Trace("Permission Denied: Anonymous user cannot read %-v in Repo %-v\n"+
+ "Anonymous user in Repo has Permissions: %-+v",
+ models.UnitTypePullRequests,
+ ctx.Repo.Repository,
+ ctx.Repo.Permission)
+ }
+ }
ctx.NotFound()
return
}
@@ -384,6 +416,24 @@ func mustAllowPulls(ctx *context.APIContext) {
func mustEnableIssuesOrPulls(ctx *context.APIContext) {
if !ctx.Repo.CanRead(models.UnitTypeIssues) &&
!(ctx.Repo.Repository.CanEnablePulls() && ctx.Repo.CanRead(models.UnitTypePullRequests)) {
+ if ctx.Repo.Repository.CanEnablePulls() && log.IsTrace() {
+ if ctx.IsSigned {
+ log.Trace("Permission Denied: User %-v cannot read %-v and %-v in Repo %-v\n"+
+ "User in Repo has Permissions: %-+v",
+ ctx.User,
+ models.UnitTypeIssues,
+ models.UnitTypePullRequests,
+ ctx.Repo.Repository,
+ ctx.Repo.Permission)
+ } else {
+ log.Trace("Permission Denied: Anonymous user cannot read %-v and %-v in Repo %-v\n"+
+ "Anonymous user in Repo has Permissions: %-+v",
+ models.UnitTypeIssues,
+ models.UnitTypePullRequests,
+ ctx.Repo.Repository,
+ ctx.Repo.Permission)
+ }
+ }
ctx.NotFound()
return
}
diff --git a/routers/api/v1/repo/pull.go b/routers/api/v1/repo/pull.go
index 7abe6241bd..4fbd024f8c 100644
--- a/routers/api/v1/repo/pull.go
+++ b/routers/api/v1/repo/pull.go
@@ -672,7 +672,12 @@ func parseCompareInfo(ctx *context.APIContext, form api.CreatePullRequestOption)
return nil, nil, nil, nil, "", ""
}
if !perm.CanReadIssuesOrPulls(true) {
- log.Trace("ParseCompareInfo[%d]: cannot create/read pull requests", baseRepo.ID)
+ if log.IsTrace() {
+ log.Trace("Permission Denied: User %-v cannot create/read pull requests in Repo %-v\nUser in headRepo has Permissions: %-+v",
+ ctx.User,
+ headRepo,
+ perm)
+ }
ctx.NotFound()
return nil, nil, nil, nil, "", ""
}