Add golangci (#6418)

7 files changed, 169 insertions, 56 deletions

diff --git a/routers/user/auth.go b/routers/user/auth.go
index b8f697b3ca..0731e34675 100644
--- a/routers/user/auth.go
+++ b/routers/user/auth.go
@@ -77,8 +77,14 @@ func AutoSignIn(ctx *context.Context) (bool, error) {
 	}
 
 	isSucceed = true
-	ctx.Session.Set("uid", u.ID)
-	ctx.Session.Set("uname", u.Name)
+	err = ctx.Session.Set("uid", u.ID)
+	if err != nil {
+		return false, err
+	}
+	err = ctx.Session.Set("uname", u.Name)
+	if err != nil {
+		return false, err
+	}
 	ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
 	return true, nil
 }
@@ -191,8 +197,16 @@ func SignInPost(ctx *context.Context, form auth.SignInForm) {
 	}
 
 	// User needs to use 2FA, save data and redirect to 2FA page.
-	ctx.Session.Set("twofaUid", u.ID)
-	ctx.Session.Set("twofaRemember", form.Remember)
+	err = ctx.Session.Set("twofaUid", u.ID)
+	if err != nil {
+		ctx.ServerError("UserSignIn", err)
+		return
+	}
+	err = ctx.Session.Set("twofaRemember", form.Remember)
+	if err != nil {
+		ctx.ServerError("UserSignIn", err)
+		return
+	}
 
 	regs, err := models.GetU2FRegistrationsByUID(u.ID)
 	if err == nil && len(regs) > 0 {
@@ -383,6 +397,10 @@ func U2FChallenge(ctx *context.Context) {
 		return
 	}
 	challenge, err := u2f.NewChallenge(setting.U2F.AppID, setting.U2F.TrustedFacets)
+	if err != nil {
+		ctx.ServerError("u2f.NewChallenge", err)
+		return
+	}
 	if err = ctx.Session.Set("u2fChallenge", challenge); err != nil {
 		ctx.ServerError("UserSignIn", err)
 		return
@@ -462,16 +480,22 @@ func handleSignInFull(ctx *context.Context, u *models.User, remember bool, obeyR
 			setting.CookieRememberName, u.Name, days, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
 	}
 
-	ctx.Session.Delete("openid_verified_uri")
-	ctx.Session.Delete("openid_signin_remember")
-	ctx.Session.Delete("openid_determined_email")
-	ctx.Session.Delete("openid_determined_username")
-	ctx.Session.Delete("twofaUid")
-	ctx.Session.Delete("twofaRemember")
-	ctx.Session.Delete("u2fChallenge")
-	ctx.Session.Delete("linkAccount")
-	ctx.Session.Set("uid", u.ID)
-	ctx.Session.Set("uname", u.Name)
+	_ = ctx.Session.Delete("openid_verified_uri")
+	_ = ctx.Session.Delete("openid_signin_remember")
+	_ = ctx.Session.Delete("openid_determined_email")
+	_ = ctx.Session.Delete("openid_determined_username")
+	_ = ctx.Session.Delete("twofaUid")
+	_ = ctx.Session.Delete("twofaRemember")
+	_ = ctx.Session.Delete("u2fChallenge")
+	_ = ctx.Session.Delete("linkAccount")
+	err := ctx.Session.Set("uid", u.ID)
+	if err != nil {
+		log.Error(fmt.Sprintf("Error setting session: %v", err))
+	}
+	err = ctx.Session.Set("uname", u.Name)
+	if err != nil {
+		log.Error(fmt.Sprintf("Error setting session: %v", err))
+	}
 
 	// Language setting of the user overwrites the one previously set
 	// If the user does not have a locale set, we save the current one.
@@ -563,7 +587,10 @@ func handleOAuth2SignIn(u *models.User, gothUser goth.User, ctx *context.Context
 
 	if u == nil {
 		// no existing user is found, request attach or new account
-		ctx.Session.Set("linkAccountGothUser", gothUser)
+		err = ctx.Session.Set("linkAccountGothUser", gothUser)
+		if err != nil {
+			log.Error(fmt.Sprintf("Error setting session: %v", err))
+		}
 		ctx.Redirect(setting.AppSubURL + "/user/link_account")
 		return
 	}
@@ -573,8 +600,14 @@ func handleOAuth2SignIn(u *models.User, gothUser goth.User, ctx *context.Context
 	_, err = models.GetTwoFactorByUID(u.ID)
 	if err != nil {
 		if models.IsErrTwoFactorNotEnrolled(err) {
-			ctx.Session.Set("uid", u.ID)
-			ctx.Session.Set("uname", u.Name)
+			err = ctx.Session.Set("uid", u.ID)
+			if err != nil {
+				log.Error(fmt.Sprintf("Error setting session: %v", err))
+			}
+			err = ctx.Session.Set("uname", u.Name)
+			if err != nil {
+				log.Error(fmt.Sprintf("Error setting session: %v", err))
+			}
 
 			// Clear whatever CSRF has right now, force to generate a new one
 			ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
@@ -600,8 +633,14 @@ func handleOAuth2SignIn(u *models.User, gothUser goth.User, ctx *context.Context
 	}
 
 	// User needs to use 2FA, save data and redirect to 2FA page.
-	ctx.Session.Set("twofaUid", u.ID)
-	ctx.Session.Set("twofaRemember", false)
+	err = ctx.Session.Set("twofaUid", u.ID)
+	if err != nil {
+		log.Error(fmt.Sprintf("Error setting session: %v", err))
+	}
+	err = ctx.Session.Set("twofaRemember", false)
+	if err != nil {
+		log.Error(fmt.Sprintf("Error setting session: %v", err))
+	}
 
 	// If U2F is enrolled -> Redirect to U2F instead
 	regs, err := models.GetU2FRegistrationsByUID(u.ID)
@@ -760,9 +799,18 @@ func LinkAccountPostSignIn(ctx *context.Context, signInForm auth.SignInForm) {
 	}
 
 	// User needs to use 2FA, save data and redirect to 2FA page.
-	ctx.Session.Set("twofaUid", u.ID)
-	ctx.Session.Set("twofaRemember", signInForm.Remember)
-	ctx.Session.Set("linkAccount", true)
+	err = ctx.Session.Set("twofaUid", u.ID)
+	if err != nil {
+		log.Error(fmt.Sprintf("Error setting session: %v", err))
+	}
+	err = ctx.Session.Set("twofaRemember", signInForm.Remember)
+	if err != nil {
+		log.Error(fmt.Sprintf("Error setting session: %v", err))
+	}
+	err = ctx.Session.Set("linkAccount", true)
+	if err != nil {
+		log.Error(fmt.Sprintf("Error setting session: %v", err))
+	}
 
 	// If U2F is enrolled -> Redirect to U2F instead
 	regs, err := models.GetU2FRegistrationsByUID(u.ID)
@@ -897,11 +945,11 @@ func LinkAccountPostRegister(ctx *context.Context, cpt *captcha.Captcha, form au
 }
 
 func handleSignOut(ctx *context.Context) {
-	ctx.Session.Delete("uid")
-	ctx.Session.Delete("uname")
-	ctx.Session.Delete("socialId")
-	ctx.Session.Delete("socialName")
-	ctx.Session.Delete("socialEmail")
+	_ = ctx.Session.Delete("uid")
+	_ = ctx.Session.Delete("uname")
+	_ = ctx.Session.Delete("socialId")
+	_ = ctx.Session.Delete("socialName")
+	_ = ctx.Session.Delete("socialEmail")
 	ctx.SetCookie(setting.CookieUserName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
 	ctx.SetCookie(setting.CookieRememberName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
 	ctx.SetCookie(setting.CSRFCookieName, "", -1, setting.AppSubURL, "", setting.SessionConfig.Secure, true)
@@ -1086,8 +1134,14 @@ func Activate(ctx *context.Context) {
 
 		log.Trace("User activated: %s", user.Name)
 
-		ctx.Session.Set("uid", user.ID)
-		ctx.Session.Set("uname", user.Name)
+		err = ctx.Session.Set("uid", user.ID)
+		if err != nil {
+			log.Error(fmt.Sprintf("Error setting session: %v", err))
+		}
+		err = ctx.Session.Set("uname", user.Name)
+		if err != nil {
+			log.Error(fmt.Sprintf("Error setting session: %v", err))
+		}
 		ctx.Flash.Success(ctx.Tr("auth.account_activated"))
 		ctx.Redirect(setting.AppSubURL + "/")
 		return
@@ -1113,7 +1167,6 @@ func ActivateEmail(ctx *context.Context) {
 	}
 
 	ctx.Redirect(setting.AppSubURL + "/user/settings/email")
-	return
 }
 
 // ForgotPasswd render the forget pasword page
diff --git a/routers/user/auth_openid.go b/routers/user/auth_openid.go
index 1351ca040b..f98c07acd7 100644
--- a/routers/user/auth_openid.go
+++ b/routers/user/auth_openid.go
@@ -126,7 +126,10 @@ func SignInOpenIDPost(ctx *context.Context, form auth.SignInOpenIDForm) {
 	url += "&openid.sreg.optional=nickname%2Cemail"
 
 	log.Trace("Form-passed openid-remember: %t", form.Remember)
-	ctx.Session.Set("openid_signin_remember", form.Remember)
+	err = ctx.Session.Set("openid_signin_remember", form.Remember)
+	if err != nil {
+		log.Error("SignInOpenIDPost: Could not set session: %v", err.Error())
+	}
 
 	ctx.Redirect(url)
 }
@@ -152,7 +155,7 @@ func signInOpenIDVerify(ctx *context.Context) {
 	/* Now we should seek for the user and log him in, or prompt
 	 * to register if not found */
 
-	u, _ := models.GetUserByOpenID(id)
+	u, err := models.GetUserByOpenID(id)
 	if err != nil {
 		if !models.IsErrUserNotExist(err) {
 			ctx.RenderWithErr(err.Error(), tplSignInOpenID, &auth.SignInOpenIDForm{
@@ -160,6 +163,7 @@ func signInOpenIDVerify(ctx *context.Context) {
 			})
 			return
 		}
+		log.Error("signInOpenIDVerify: %v", err)
 	}
 	if u != nil {
 		log.Trace("User exists, logging in")
@@ -191,7 +195,7 @@ func signInOpenIDVerify(ctx *context.Context) {
 	log.Trace("User has email=" + email + " and nickname=" + nickname)
 
 	if email != "" {
-		u, _ = models.GetUserByEmail(email)
+		u, err = models.GetUserByEmail(email)
 		if err != nil {
 			if !models.IsErrUserNotExist(err) {
 				ctx.RenderWithErr(err.Error(), tplSignInOpenID, &auth.SignInOpenIDForm{
@@ -199,6 +203,7 @@ func signInOpenIDVerify(ctx *context.Context) {
 				})
 				return
 			}
+			log.Error("signInOpenIDVerify: %v", err)
 		}
 		if u != nil {
 			log.Trace("Local user " + u.LowerName + " has OpenID provided email " + email)
@@ -220,15 +225,24 @@ func signInOpenIDVerify(ctx *context.Context) {
 		}
 	}
 
-	ctx.Session.Set("openid_verified_uri", id)
+	err = ctx.Session.Set("openid_verified_uri", id)
+	if err != nil {
+		log.Error("signInOpenIDVerify: Could not set session: %v", err.Error())
+	}
 
-	ctx.Session.Set("openid_determined_email", email)
+	err = ctx.Session.Set("openid_determined_email", email)
+	if err != nil {
+		log.Error("signInOpenIDVerify: Could not set session: %v", err.Error())
+	}
 
 	if u != nil {
 		nickname = u.LowerName
 	}
 
-	ctx.Session.Set("openid_determined_username", nickname)
+	err = ctx.Session.Set("openid_determined_username", nickname)
+	if err != nil {
+		log.Error("signInOpenIDVerify: Could not set session: %v", err.Error())
+	}
 
 	if u != nil || !setting.Service.EnableOpenIDSignUp {
 		ctx.Redirect(setting.AppSubURL + "/user/openid/connect")
@@ -350,7 +364,11 @@ func RegisterOpenIDPost(ctx *context.Context, cpt *captcha.Captcha, form auth.Si
 	}
 
 	if setting.Service.EnableCaptcha && setting.Service.CaptchaType == setting.ReCaptcha {
-		ctx.Req.ParseForm()
+		err := ctx.Req.ParseForm()
+		if err != nil {
+			ctx.ServerError("", err)
+			return
+		}
 		valid, _ := recaptcha.Verify(form.GRecaptchaResponse)
 		if !valid {
 			ctx.Data["Err_Captcha"] = true
diff --git a/routers/user/oauth.go b/routers/user/oauth.go
index b85ea8125e..aaad26201b 100644
--- a/routers/user/oauth.go
+++ b/routers/user/oauth.go
@@ -7,12 +7,10 @@ package user
 import (
 	"encoding/base64"
 	"fmt"
+	"github.com/go-macaron/binding"
 	"net/url"
 	"strings"
 
-	"github.com/dgrijalva/jwt-go"
-	"github.com/go-macaron/binding"
-
 	"code.gitea.io/gitea/models"
 	"code.gitea.io/gitea/modules/auth"
 	"code.gitea.io/gitea/modules/base"
@@ -20,6 +18,8 @@ import (
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/util"
+
+	"github.com/dgrijalva/jwt-go"
 )
 
 const (
@@ -164,6 +164,14 @@ func newAccessTokenResponse(grant *models.OAuth2Grant) (*AccessTokenResponse, *A
 func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) {
 	errs := binding.Errors{}
 	errs = form.Validate(ctx.Context, errs)
+	if len(errs) > 0 {
+		errstring := ""
+		for _, e := range errs {
+			errstring += e.Error() + "\n"
+		}
+		ctx.ServerError("AuthorizeOAuth: Validate: ", fmt.Errorf("errors occured during validation: %s", errstring))
+		return
+	}
 
 	app, err := models.GetOAuth2ApplicationByClientID(form.ClientID)
 	if err != nil {
@@ -221,7 +229,6 @@ func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) {
 			}, form.RedirectURI)
 			return
 		}
-		break
 	case "":
 		break
 	default:
@@ -262,9 +269,24 @@ func AuthorizeOAuth(ctx *context.Context, form auth.AuthorizationForm) {
 	ctx.Data["ApplicationUserLink"] = "<a href=\"" + setting.AppURL + app.User.LowerName + "\">@" + app.User.Name + "</a>"
 	ctx.Data["ApplicationRedirectDomainHTML"] = "<strong>" + form.RedirectURI + "</strong>"
 	// TODO document SESSION <=> FORM
-	ctx.Session.Set("client_id", app.ClientID)
-	ctx.Session.Set("redirect_uri", form.RedirectURI)
-	ctx.Session.Set("state", form.State)
+	err = ctx.Session.Set("client_id", app.ClientID)
+	if err != nil {
+		handleServerError(ctx, form.State, form.RedirectURI)
+		log.Error(err.Error())
+		return
+	}
+	err = ctx.Session.Set("redirect_uri", form.RedirectURI)
+	if err != nil {
+		handleServerError(ctx, form.State, form.RedirectURI)
+		log.Error(err.Error())
+		return
+	}
+	err = ctx.Session.Set("state", form.State)
+	if err != nil {
+		handleServerError(ctx, form.State, form.RedirectURI)
+		log.Error(err.Error())
+		return
+	}
 	ctx.HTML(200, tplGrantAccess)
 }
 
diff --git a/routers/user/profile.go b/routers/user/profile.go
index bda29522d9..7df92d44f5 100644
--- a/routers/user/profile.go
+++ b/routers/user/profile.go
@@ -20,7 +20,6 @@ import (
 
 const (
 	tplFollowers base.TplName = "user/meta/followers"
-	tplStars     base.TplName = "user/meta/stars"
 )
 
 // GetUserByName get user by name
diff --git a/routers/user/setting/profile.go b/routers/user/setting/profile.go
index ac5c4c97fb..163bc869b4 100644
--- a/routers/user/setting/profile.go
+++ b/routers/user/setting/profile.go
@@ -141,13 +141,11 @@ func UpdateAvatarSetting(ctx *context.Context, form auth.AvatarForm, ctxUser *mo
 		if err = ctxUser.UploadAvatar(data); err != nil {
 			return fmt.Errorf("UploadAvatar: %v", err)
 		}
-	} else {
+	} else if ctxUser.UseCustomAvatar && !com.IsFile(ctxUser.CustomAvatarPath()) {
 		// No avatar is uploaded but setting has been changed to enable,
 		// generate a random one when needed.
-		if ctxUser.UseCustomAvatar && !com.IsFile(ctxUser.CustomAvatarPath()) {
-			if err := ctxUser.GenerateRandomAvatar(); err != nil {
-				log.Error("GenerateRandomAvatar[%d]: %v", ctxUser.ID, err)
-			}
+		if err := ctxUser.GenerateRandomAvatar(); err != nil {
+			log.Error("GenerateRandomAvatar[%d]: %v", ctxUser.ID, err)
 		}
 	}
 
diff --git a/routers/user/setting/security_twofa.go b/routers/user/setting/security_twofa.go
index fca1151a04..6e3516dbba 100644
--- a/routers/user/setting/security_twofa.go
+++ b/routers/user/setting/security_twofa.go
@@ -73,6 +73,10 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
 	uri := ctx.Session.Get("twofaUri")
 	if uri != nil {
 		otpKey, err = otp.NewKeyFromURL(uri.(string))
+		if err != nil {
+			ctx.ServerError("SettingsTwoFactor: NewKeyFromURL: ", err)
+			return false
+		}
 	}
 	// Filter unsafe character ':' in issuer
 	issuer := strings.Replace(setting.AppName+" ("+setting.Domain+")", ":", "", -1)
@@ -103,8 +107,16 @@ func twofaGenerateSecretAndQr(ctx *context.Context) bool {
 	}
 
 	ctx.Data["QrUri"] = template.URL("data:image/png;base64," + base64.StdEncoding.EncodeToString(imgBytes.Bytes()))
-	ctx.Session.Set("twofaSecret", otpKey.Secret())
-	ctx.Session.Set("twofaUri", otpKey.String())
+	err = ctx.Session.Set("twofaSecret", otpKey.Secret())
+	if err != nil {
+		ctx.ServerError("SettingsTwoFactor", err)
+		return false
+	}
+	err = ctx.Session.Set("twofaUri", otpKey.String())
+	if err != nil {
+		ctx.ServerError("SettingsTwoFactor", err)
+		return false
+	}
 	return true
 }
 
@@ -184,8 +196,16 @@ func EnrollTwoFactorPost(ctx *context.Context, form auth.TwoFactorAuthForm) {
 		return
 	}
 
-	ctx.Session.Delete("twofaSecret")
-	ctx.Session.Delete("twofaUri")
+	err = ctx.Session.Delete("twofaSecret")
+	if err != nil {
+		ctx.ServerError("SettingsTwoFactor", err)
+		return
+	}
+	err = ctx.Session.Delete("twofaUri")
+	if err != nil {
+		ctx.ServerError("SettingsTwoFactor", err)
+		return
+	}
 	ctx.Flash.Success(ctx.Tr("settings.twofa_enrolled", token))
 	ctx.Redirect(setting.AppSubURL + "/user/settings/security")
 }
diff --git a/routers/user/setting/security_u2f.go b/routers/user/setting/security_u2f.go
index c1d6eab967..b733467b84 100644
--- a/routers/user/setting/security_u2f.go
+++ b/routers/user/setting/security_u2f.go
@@ -42,7 +42,11 @@ func U2FRegister(ctx *context.Context, form auth.U2FRegistrationForm) {
 			return
 		}
 	}
-	ctx.Session.Set("u2fName", form.Name)
+	err = ctx.Session.Set("u2fName", form.Name)
+	if err != nil {
+		ctx.ServerError("", err)
+		return
+	}
 	ctx.JSON(200, u2f.NewWebRegisterRequest(challenge, regs.ToRegistrations()))
 }
 
@@ -95,5 +99,4 @@ func U2FDelete(ctx *context.Context, form auth.U2FDeleteForm) {
 	ctx.JSON(200, map[string]interface{}{
 		"redirect": setting.AppSubURL + "/user/settings/security",
 	})
-	return
 }