aboutsummaryrefslogtreecommitdiffstats
path: root/routers/private
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2019-12-17 01:49:07 +0000
committertechknowlogick <techknowlogick@gitea.io>2019-12-16 20:49:07 -0500
commitd1a49977b089afefc40172711d02eb795d2234de (patch)
treeb32acdcdf6b93a64f766e4fafeb70f75a881a1ab /routers/private
parent1707f59966df7fa4375235dbf43326d382eeaf97 (diff)
downloadgitea-d1a49977b089afefc40172711d02eb795d2234de.tar.gz
gitea-d1a49977b089afefc40172711d02eb795d2234de.zip
AuthorizedKeysCommand should not query db directly (#9371)
* AuthorizedKeysCommand should not query db directly * Update routers/private/internal.go * Fix import order
Diffstat (limited to 'routers/private')
-rw-r--r--routers/private/internal.go1
-rw-r--r--routers/private/key.go25
2 files changed, 22 insertions, 4 deletions
diff --git a/routers/private/internal.go b/routers/private/internal.go
index 3a48f5384d..cfbad19678 100644
--- a/routers/private/internal.go
+++ b/routers/private/internal.go
@@ -76,6 +76,7 @@ func CheckUnitUser(ctx *macaron.Context) {
// These APIs will be invoked by internal commands for example `gitea serv` and etc.
func RegisterRoutes(m *macaron.Macaron) {
m.Group("/", func() {
+ m.Post("/ssh/authorized_keys", AuthorizedPublicKeyByContent)
m.Post("/ssh/:id/update/:repoid", UpdatePublicKeyInRepo)
m.Get("/hook/pre-receive/:owner/:repo", HookPreReceive)
m.Get("/hook/post-receive/:owner/:repo", HookPostReceive)
diff --git a/routers/private/key.go b/routers/private/key.go
index dcf597d6ba..c00330fe88 100644
--- a/routers/private/key.go
+++ b/routers/private/key.go
@@ -6,6 +6,8 @@
package private
import (
+ "net/http"
+
"code.gitea.io/gitea/models"
"code.gitea.io/gitea/modules/timeutil"
@@ -17,7 +19,7 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) {
keyID := ctx.ParamsInt64(":id")
repoID := ctx.ParamsInt64(":repoid")
if err := models.UpdatePublicKeyUpdated(keyID); err != nil {
- ctx.JSON(500, map[string]interface{}{
+ ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
"err": err.Error(),
})
return
@@ -29,18 +31,33 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) {
ctx.PlainText(200, []byte("success"))
return
}
- ctx.JSON(500, map[string]interface{}{
+ ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
"err": err.Error(),
})
return
}
deployKey.UpdatedUnix = timeutil.TimeStampNow()
if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil {
- ctx.JSON(500, map[string]interface{}{
+ ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
"err": err.Error(),
})
return
}
- ctx.PlainText(200, []byte("success"))
+ ctx.PlainText(http.StatusOK, []byte("success"))
+}
+
+// AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part)
+// and returns public key found.
+func AuthorizedPublicKeyByContent(ctx *macaron.Context) {
+ content := ctx.Query("content")
+
+ publicKey, err := models.SearchPublicKeyByContent(content)
+ if err != nil {
+ ctx.JSON(http.StatusInternalServerError, map[string]interface{}{
+ "err": err.Error(),
+ })
+ return
+ }
+ ctx.PlainText(http.StatusOK, []byte(publicKey.AuthorizedString()))
}