summaryrefslogtreecommitdiffstats
path: root/routers
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2020-02-27 19:20:55 +0000
committerGitHub <noreply@github.com>2020-02-27 16:20:55 -0300
commit90919bb37e2bcc62440e393439825fe0e1e1f343 (patch)
tree1e89ce6ec5a3c90399a1621e6d11dae2417c11ef /routers
parent858aebc2d8561803c4dc3f8a427ca82662ee96c7 (diff)
downloadgitea-90919bb37e2bcc62440e393439825fe0e1e1f343.tar.gz
gitea-90919bb37e2bcc62440e393439825fe0e1e1f343.zip
Show Signer in commit lists and add basic trust (#10425)
* Show Signer in commit lists and add basic trust Show the avatar of the signer in the commit list pages as we do not enforce that the signer is an author or committer. This makes it clearer who has signed the commit. Also display commits signed by non-members differently from members and in particular make it clear when a non-member signer is different from the committer to help reduce the risk of spoofing. Signed-off-by: Andrew Thornton <art27@cantab.net> * ensure orange text and background is available Signed-off-by: Andrew Thornton <art27@cantab.net> * Update gpg_key.go * Update models/gpg_key.go * Apply suggestions from code review * Require team collaborators to have access to UnitTypeCode * as per @6543 * fix position of sha as per @silverwind * as per @guillep2k
Diffstat (limited to 'routers')
-rw-r--r--routers/private/hook.go2
-rw-r--r--routers/repo/commit.go14
-rw-r--r--routers/repo/compare.go2
-rw-r--r--routers/repo/pull.go2
-rw-r--r--routers/repo/view.go9
-rw-r--r--routers/repo/wiki.go2
6 files changed, 21 insertions, 10 deletions
diff --git a/routers/private/hook.go b/routers/private/hook.go
index 44e82ebe6c..1d8cb4b48e 100644
--- a/routers/private/hook.go
+++ b/routers/private/hook.go
@@ -90,10 +90,8 @@ func readAndVerifyCommit(sha string, repo *git.Repository, env []string) error {
if err != nil {
return err
}
- log.Info("have commit %s", commit.ID.String())
verification := models.ParseCommitWithSignature(commit)
if !verification.Verified {
- log.Info("unverified commit %s", commit.ID.String())
cancel()
return &errUnverifiedCommit{
commit.ID.String(),
diff --git a/routers/repo/commit.go b/routers/repo/commit.go
index b2fa2790bc..2767986fda 100644
--- a/routers/repo/commit.go
+++ b/routers/repo/commit.go
@@ -70,7 +70,7 @@ func Commits(ctx *context.Context) {
return
}
commits = models.ValidateCommitsWithEmails(commits)
- commits = models.ParseCommitsWithSignature(commits)
+ commits = models.ParseCommitsWithSignature(commits, ctx.Repo.Repository)
commits = models.ParseCommitsWithStatus(commits, ctx.Repo.Repository)
ctx.Data["Commits"] = commits
@@ -139,7 +139,7 @@ func SearchCommits(ctx *context.Context) {
return
}
commits = models.ValidateCommitsWithEmails(commits)
- commits = models.ParseCommitsWithSignature(commits)
+ commits = models.ParseCommitsWithSignature(commits, ctx.Repo.Repository)
commits = models.ParseCommitsWithStatus(commits, ctx.Repo.Repository)
ctx.Data["Commits"] = commits
@@ -185,7 +185,7 @@ func FileHistory(ctx *context.Context) {
return
}
commits = models.ValidateCommitsWithEmails(commits)
- commits = models.ParseCommitsWithSignature(commits)
+ commits = models.ParseCommitsWithSignature(commits, ctx.Repo.Repository)
commits = models.ParseCommitsWithStatus(commits, ctx.Repo.Repository)
ctx.Data["Commits"] = commits
@@ -269,12 +269,18 @@ func Diff(ctx *context.Context) {
setPathsCompareContext(ctx, parentCommit, commit, headTarget)
ctx.Data["Title"] = commit.Summary() + " ยท " + base.ShortSha(commitID)
ctx.Data["Commit"] = commit
- ctx.Data["Verification"] = models.ParseCommitWithSignature(commit)
+ verification := models.ParseCommitWithSignature(commit)
+ ctx.Data["Verification"] = verification
ctx.Data["Author"] = models.ValidateCommitWithEmail(commit)
ctx.Data["Diff"] = diff
ctx.Data["Parents"] = parents
ctx.Data["DiffNotAvailable"] = diff.NumFiles() == 0
+ if err := models.CalculateTrustStatus(verification, ctx.Repo.Repository, nil); err != nil {
+ ctx.ServerError("CalculateTrustStatus", err)
+ return
+ }
+
note := &git.Note{}
err = git.GetNote(ctx.Repo.GitRepo, commitID, note)
if err == nil {
diff --git a/routers/repo/compare.go b/routers/repo/compare.go
index 833b7d9182..d7fddc4558 100644
--- a/routers/repo/compare.go
+++ b/routers/repo/compare.go
@@ -316,7 +316,7 @@ func PrepareCompareDiff(
}
compareInfo.Commits = models.ValidateCommitsWithEmails(compareInfo.Commits)
- compareInfo.Commits = models.ParseCommitsWithSignature(compareInfo.Commits)
+ compareInfo.Commits = models.ParseCommitsWithSignature(compareInfo.Commits, headRepo)
compareInfo.Commits = models.ParseCommitsWithStatus(compareInfo.Commits, headRepo)
ctx.Data["Commits"] = compareInfo.Commits
ctx.Data["CommitCount"] = compareInfo.Commits.Len()
diff --git a/routers/repo/pull.go b/routers/repo/pull.go
index 11c376be7e..92538945b0 100644
--- a/routers/repo/pull.go
+++ b/routers/repo/pull.go
@@ -495,7 +495,7 @@ func ViewPullCommits(ctx *context.Context) {
ctx.Data["Reponame"] = ctx.Repo.Repository.Name
commits = prInfo.Commits
commits = models.ValidateCommitsWithEmails(commits)
- commits = models.ParseCommitsWithSignature(commits)
+ commits = models.ParseCommitsWithSignature(commits, ctx.Repo.Repository)
commits = models.ParseCommitsWithStatus(commits, ctx.Repo.Repository)
ctx.Data["Commits"] = commits
ctx.Data["CommitCount"] = commits.Len()
diff --git a/routers/repo/view.go b/routers/repo/view.go
index 8364b1636b..5bcf4dae3b 100644
--- a/routers/repo/view.go
+++ b/routers/repo/view.go
@@ -333,7 +333,14 @@ func renderDirectory(ctx *context.Context, treeLink string) {
// Show latest commit info of repository in table header,
// or of directory if not in root directory.
ctx.Data["LatestCommit"] = latestCommit
- ctx.Data["LatestCommitVerification"] = models.ParseCommitWithSignature(latestCommit)
+ verification := models.ParseCommitWithSignature(latestCommit)
+
+ if err := models.CalculateTrustStatus(verification, ctx.Repo.Repository, nil); err != nil {
+ ctx.ServerError("CalculateTrustStatus", err)
+ return
+ }
+ ctx.Data["LatestCommitVerification"] = verification
+
ctx.Data["LatestCommitUser"] = models.ValidateCommitWithEmail(latestCommit)
statuses, err := models.GetLatestCommitStatus(ctx.Repo.Repository, ctx.Repo.Commit.ID.String(), 0)
diff --git a/routers/repo/wiki.go b/routers/repo/wiki.go
index f18625a599..a01498fb0a 100644
--- a/routers/repo/wiki.go
+++ b/routers/repo/wiki.go
@@ -284,7 +284,7 @@ func renderRevisionPage(ctx *context.Context) (*git.Repository, *git.TreeEntry)
return nil, nil
}
commitsHistory = models.ValidateCommitsWithEmails(commitsHistory)
- commitsHistory = models.ParseCommitsWithSignature(commitsHistory)
+ commitsHistory = models.ParseCommitsWithSignature(commitsHistory, ctx.Repo.Repository)
ctx.Data["Commits"] = commitsHistory