diff options
| author | John Olheiser <42128690+jolheiser@users.noreply.github.com> | 2019-12-14 20:49:52 -0600 |
|---|---|---|
| committer | Lunny Xiao <xiaolunwen@gmail.com> | 2019-12-15 10:49:52 +0800 |
| commit | 6715677b2bf7a065d0184ea7f2647e70ca2598d4 (patch) | |
| tree | ec2ed74b0eb153391bd46a9552923b2282867be5 /routers/repo | |
| parent | 47c24be293ac8b1b28310d2fb2be58b8191a5bae (diff) | |
| download | gitea-6715677b2bf7a065d0184ea7f2647e70ca2598d4.tar.gz gitea-6715677b2bf7a065d0184ea7f2647e70ca2598d4.zip | |
Push to create repo (#8419)
* Refactor
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Add push-create to SSH serv
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Cannot push for another user unless admin
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Get owner in case admin pushes for another user
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Set new repo ID in result
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update to service and use new org perms
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Move pushCreateRepo to services
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Fix import order
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Changes for @guillep2k
* Check owner (not user) in SSH
* Add basic tests for created repos (private, not empty)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Diffstat (limited to 'routers/repo')
| -rw-r--r-- | routers/repo/http.go | 61 |
1 files changed, 41 insertions, 20 deletions
diff --git a/routers/repo/http.go b/routers/repo/http.go index c66d7aae65..b97feed51d 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -28,6 +28,7 @@ import ( "code.gitea.io/gitea/modules/process" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/timeutil" + repo_service "code.gitea.io/gitea/services/repository" ) // HTTP implmentation git smart HTTP protocol @@ -100,29 +101,29 @@ func HTTP(ctx *context.Context) { return } + repoExist := true repo, err := models.GetRepositoryByName(owner.ID, reponame) if err != nil { if models.IsErrRepoNotExist(err) { - redirectRepoID, err := models.LookupRepoRedirect(owner.ID, reponame) - if err == nil { + if redirectRepoID, err := models.LookupRepoRedirect(owner.ID, reponame); err == nil { context.RedirectToRepo(ctx, redirectRepoID) - } else { - ctx.NotFoundOrServerError("GetRepositoryByName", models.IsErrRepoRedirectNotExist, err) + return } + repoExist = false } else { ctx.ServerError("GetRepositoryByName", err) + return } - return } // Don't allow pushing if the repo is archived - if repo.IsArchived && !isPull { + if repoExist && repo.IsArchived && !isPull { ctx.HandleText(http.StatusForbidden, "This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.") return } // Only public pull don't need auth. - isPublicPull := !repo.IsPrivate && isPull + isPublicPull := repoExist && !repo.IsPrivate && isPull var ( askAuth = !isPublicPull || setting.Service.RequireSignInView authUser *models.User @@ -243,20 +244,22 @@ func HTTP(ctx *context.Context) { } } - perm, err := models.GetUserRepoPermission(repo, authUser) - if err != nil { - ctx.ServerError("GetUserRepoPermission", err) - return - } + if repoExist { + perm, err := models.GetUserRepoPermission(repo, authUser) + if err != nil { + ctx.ServerError("GetUserRepoPermission", err) + return + } - if !perm.CanAccess(accessMode, unitType) { - ctx.HandleText(http.StatusForbidden, "User permission denied") - return - } + if !perm.CanAccess(accessMode, unitType) { + ctx.HandleText(http.StatusForbidden, "User permission denied") + return + } - if !isPull && repo.IsMirror { - ctx.HandleText(http.StatusForbidden, "mirror repository is read-only") - return + if !isPull && repo.IsMirror { + ctx.HandleText(http.StatusForbidden, "mirror repository is read-only") + return + } } environ = []string{ @@ -264,7 +267,6 @@ func HTTP(ctx *context.Context) { models.EnvRepoName + "=" + reponame, models.EnvPusherName + "=" + authUser.Name, models.EnvPusherID + fmt.Sprintf("=%d", authUser.ID), - models.ProtectedBranchRepoID + fmt.Sprintf("=%d", repo.ID), models.EnvIsDeployKey + "=false", } @@ -279,6 +281,25 @@ func HTTP(ctx *context.Context) { } } + if !repoExist { + if owner.IsOrganization() && !setting.Repository.EnablePushCreateOrg { + ctx.HandleText(http.StatusForbidden, "Push to create is not enabled for organizations.") + return + } + if !owner.IsOrganization() && !setting.Repository.EnablePushCreateUser { + ctx.HandleText(http.StatusForbidden, "Push to create is not enabled for users.") + return + } + repo, err = repo_service.PushCreateRepo(authUser, owner, reponame) + if err != nil { + log.Error("pushCreateRepo: %v", err) + ctx.Status(http.StatusNotFound) + return + } + } + + environ = append(environ, models.ProtectedBranchRepoID+fmt.Sprintf("=%d", repo.ID)) + w := ctx.Resp r := ctx.Req.Request cfg := &serviceConfig{ |