diff options
Diffstat (limited to 'cmd')
-rw-r--r-- | cmd/serv.go | 55 |
1 files changed, 21 insertions, 34 deletions
diff --git a/cmd/serv.go b/cmd/serv.go index b532b95494..ca042e2b2b 100644 --- a/cmd/serv.go +++ b/cmd/serv.go @@ -19,7 +19,6 @@ import ( "code.gitea.io/gitea/modules/pprof" "code.gitea.io/gitea/modules/private" "code.gitea.io/gitea/modules/setting" - "code.gitea.io/gitea/modules/util" "github.com/Unknwon/com" "github.com/dgrijalva/jwt-go" @@ -49,20 +48,9 @@ var CmdServ = cli.Command{ }, } -func setup(logPath string) error { +func setup(logPath string) { setting.NewContext() log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath)) - models.LoadConfigs() - - if setting.UseSQLite3 || setting.UseTiDB { - workPath := setting.AppWorkPath - if err := os.Chdir(workPath); err != nil { - log.GitLogger.Fatal(4, "Failed to change directory %s: %v", workPath, err) - } - } - - setting.NewXORMLogService(true) - return models.SetEngine() } func parseCmd(cmd string) (string, string) { @@ -101,10 +89,7 @@ func runServ(c *cli.Context) error { if c.IsSet("config") { setting.CustomConf = c.String("config") } - - if err := setup("serv.log"); err != nil { - fail("System init failed", fmt.Sprintf("setup: %v", err)) - } + setup("serv.log") if setting.SSH.Disabled { println("Gitea: SSH has been disabled") @@ -175,9 +160,9 @@ func runServ(c *cli.Context) error { } os.Setenv(models.EnvRepoName, reponame) - repo, err := models.GetRepositoryByOwnerAndName(username, reponame) + repo, err := private.GetRepositoryByOwnerAndName(username, reponame) if err != nil { - if models.IsErrRepoNotExist(err) { + if strings.Contains(err.Error(), "Failed to get repository: repository does not exist") { fail(accessDenied, "Repository does not exist: %s/%s", username, reponame) } fail("Internal error", "Failed to get repository: %v", err) @@ -214,7 +199,7 @@ func runServ(c *cli.Context) error { fail("Key ID format error", "Invalid key argument: %s", c.Args()[0]) } - key, err := models.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64()) + key, err := private.GetPublicKeyByID(com.StrTo(keys[1]).MustInt64()) if err != nil { fail("Invalid key ID", "Invalid key ID[%s]: %v", c.Args()[0], err) } @@ -225,23 +210,22 @@ func runServ(c *cli.Context) error { if key.Mode < requestedMode { fail("Key permission denied", "Cannot push with deployment key: %d", key.ID) } + // Check if this deploy key belongs to current repository. - if !models.HasDeployKey(key.ID, repo.ID) { + has, err := private.HasDeployKey(key.ID, repo.ID) + if err != nil { + fail("Key access denied", "Failed to access internal api: [key_id: %d, repo_id: %d]", key.ID, repo.ID) + } + if !has { fail("Key access denied", "Deploy key access denied: [key_id: %d, repo_id: %d]", key.ID, repo.ID) } // Update deploy key activity. - deployKey, err := models.GetDeployKeyByRepo(key.ID, repo.ID) - if err != nil { - fail("Internal error", "GetDeployKey: %v", err) - } - - deployKey.UpdatedUnix = util.TimeStampNow() - if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil { + if err = private.UpdateDeployKeyUpdated(key.ID, repo.ID); err != nil { fail("Internal error", "UpdateDeployKey: %v", err) } } else { - user, err = models.GetUserByKeyID(key.ID) + user, err = private.GetUserByKeyID(key.ID) if err != nil { fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err) } @@ -252,12 +236,12 @@ func runServ(c *cli.Context) error { user.Name, repoPath) } - mode, err := models.AccessLevel(user.ID, repo) + mode, err := private.AccessLevel(user.ID, repo.ID) if err != nil { fail("Internal error", "Failed to check access: %v", err) - } else if mode < requestedMode { + } else if *mode < requestedMode { clientMessage := accessDenied - if mode >= models.AccessModeRead { + if *mode >= models.AccessModeRead { clientMessage = "You do not have sufficient authorization for this action" } fail(clientMessage, @@ -265,7 +249,11 @@ func runServ(c *cli.Context) error { user.Name, requestedMode, repoPath) } - if !repo.CheckUnitUser(user.ID, user.IsAdmin, unitType) { + check, err := private.CheckUnitUser(user.ID, repo.ID, user.IsAdmin, unitType) + if err != nil { + fail("You do not have allowed for this action", "Failed to access internal api: [user.Name: %s, repoPath: %s]", user.Name, repoPath) + } + if !check { fail("You do not have allowed for this action", "User %s does not have allowed access to repository %s 's code", user.Name, repoPath) @@ -325,7 +313,6 @@ func runServ(c *cli.Context) error { } else { gitcmd = exec.Command(verb, repoPath) } - if isWiki { if err = repo.InitWiki(); err != nil { fail("Internal error", "Failed to init wiki repo: %v", err) |