diff options
Diffstat (limited to 'services')
-rw-r--r-- | services/auth/basic.go | 2 | ||||
-rw-r--r-- | services/auth/interface.go | 2 | ||||
-rw-r--r-- | services/auth/reverseproxy.go | 2 | ||||
-rw-r--r-- | services/auth/signin.go | 11 | ||||
-rw-r--r-- | services/auth/source/db/authenticate.go | 6 | ||||
-rw-r--r-- | services/auth/source/db/source.go | 6 | ||||
-rw-r--r-- | services/auth/source/ldap/source_authenticate.go | 14 | ||||
-rw-r--r-- | services/auth/source/ldap/source_sync.go | 4 | ||||
-rw-r--r-- | services/auth/source/oauth2/source_authenticate.go | 6 | ||||
-rw-r--r-- | services/auth/source/pam/source_authenticate.go | 5 | ||||
-rw-r--r-- | services/auth/source/smtp/source_authenticate.go | 5 | ||||
-rw-r--r-- | services/auth/source/source_group_sync.go | 4 | ||||
-rw-r--r-- | services/auth/sspi_windows.go | 7 | ||||
-rw-r--r-- | services/convert/convert.go | 8 | ||||
-rw-r--r-- | services/repository/create_test.go | 4 | ||||
-rw-r--r-- | services/user/user_test.go | 4 |
16 files changed, 49 insertions, 41 deletions
diff --git a/services/auth/basic.go b/services/auth/basic.go index ea8df3d0ea..f3a9a8abce 100644 --- a/services/auth/basic.go +++ b/services/auth/basic.go @@ -123,7 +123,7 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore } log.Trace("Basic Authorization: Attempting SignIn for %s", uname) - u, source, err := UserSignIn(uname, passwd) + u, source, err := UserSignIn(req.Context(), uname, passwd) if err != nil { if !user_model.IsErrUserNotExist(err) { log.Error("UserSignIn: %v", err) diff --git a/services/auth/interface.go b/services/auth/interface.go index dc91747a46..ece28af12d 100644 --- a/services/auth/interface.go +++ b/services/auth/interface.go @@ -33,7 +33,7 @@ type Method interface { // PasswordAuthenticator represents a source of authentication type PasswordAuthenticator interface { - Authenticate(user *user_model.User, login, password string) (*user_model.User, error) + Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error) } // LocalTwoFASkipper represents a source of authentication that can skip local 2fa diff --git a/services/auth/reverseproxy.go b/services/auth/reverseproxy.go index 62e60ccdc1..ad525f5c95 100644 --- a/services/auth/reverseproxy.go +++ b/services/auth/reverseproxy.go @@ -164,7 +164,7 @@ func (r *ReverseProxy) newUser(req *http.Request) *user_model.User { IsActive: util.OptionalBoolTrue, } - if err := user_model.CreateUser(user, &overwriteDefault); err != nil { + if err := user_model.CreateUser(req.Context(), user, &overwriteDefault); err != nil { // FIXME: should I create a system notice? log.Error("CreateUser: %v", err) return nil diff --git a/services/auth/signin.go b/services/auth/signin.go index 1095b27fe2..6d515ac628 100644 --- a/services/auth/signin.go +++ b/services/auth/signin.go @@ -4,6 +4,7 @@ package auth import ( + "context" "strings" "code.gitea.io/gitea/models/auth" @@ -20,14 +21,14 @@ import ( ) // UserSignIn validates user name and password. -func UserSignIn(username, password string) (*user_model.User, *auth.Source, error) { +func UserSignIn(ctx context.Context, username, password string) (*user_model.User, *auth.Source, error) { var user *user_model.User isEmail := false if strings.Contains(username, "@") { isEmail = true emailAddress := user_model.EmailAddress{LowerEmail: strings.ToLower(strings.TrimSpace(username))} // check same email - has, err := db.GetEngine(db.DefaultContext).Get(&emailAddress) + has, err := db.GetEngine(ctx).Get(&emailAddress) if err != nil { return nil, nil, err } @@ -49,7 +50,7 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro } if user != nil { - hasUser, err := user_model.GetUser(user) + hasUser, err := user_model.GetUser(ctx, user) if err != nil { return nil, nil, err } @@ -69,7 +70,7 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro return nil, nil, smtp.ErrUnsupportedLoginType } - user, err := authenticator.Authenticate(user, user.LoginName, password) + user, err := authenticator.Authenticate(ctx, user, user.LoginName, password) if err != nil { return nil, nil, err } @@ -100,7 +101,7 @@ func UserSignIn(username, password string) (*user_model.User, *auth.Source, erro continue } - authUser, err := authenticator.Authenticate(nil, username, password) + authUser, err := authenticator.Authenticate(ctx, nil, username, password) if err == nil { if !authUser.ProhibitLogin { diff --git a/services/auth/source/db/authenticate.go b/services/auth/source/db/authenticate.go index 34a0459149..8160141863 100644 --- a/services/auth/source/db/authenticate.go +++ b/services/auth/source/db/authenticate.go @@ -4,9 +4,9 @@ package db import ( + "context" "fmt" - "code.gitea.io/gitea/models/db" user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/modules/setting" "code.gitea.io/gitea/modules/util" @@ -43,7 +43,7 @@ func (err ErrUserPasswordInvalid) Unwrap() error { } // Authenticate authenticates the provided user against the DB -func Authenticate(user *user_model.User, login, password string) (*user_model.User, error) { +func Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error) { if user == nil { return nil, user_model.ErrUserNotExist{Name: login} } @@ -61,7 +61,7 @@ func Authenticate(user *user_model.User, login, password string) (*user_model.Us if err := user.SetPassword(password); err != nil { return nil, err } - if err := user_model.UpdateUserCols(db.DefaultContext, user, "passwd", "passwd_hash_algo", "salt"); err != nil { + if err := user_model.UpdateUserCols(ctx, user, "passwd", "passwd_hash_algo", "salt"); err != nil { return nil, err } } diff --git a/services/auth/source/db/source.go b/services/auth/source/db/source.go index 3f4113c790..50eae27439 100644 --- a/services/auth/source/db/source.go +++ b/services/auth/source/db/source.go @@ -4,6 +4,8 @@ package db import ( + "context" + "code.gitea.io/gitea/models/auth" user_model "code.gitea.io/gitea/models/user" ) @@ -23,8 +25,8 @@ func (source *Source) ToDB() ([]byte, error) { // Authenticate queries if login/password is valid against the PAM, // and create a local user if success when enabled. -func (source *Source) Authenticate(user *user_model.User, login, password string) (*user_model.User, error) { - return Authenticate(user, login, password) +func (source *Source) Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error) { + return Authenticate(ctx, user, login, password) } func init() { diff --git a/services/auth/source/ldap/source_authenticate.go b/services/auth/source/ldap/source_authenticate.go index 3f3219adb9..dc166d9eb4 100644 --- a/services/auth/source/ldap/source_authenticate.go +++ b/services/auth/source/ldap/source_authenticate.go @@ -4,12 +4,12 @@ package ldap import ( + "context" "fmt" "strings" asymkey_model "code.gitea.io/gitea/models/asymkey" "code.gitea.io/gitea/models/auth" - "code.gitea.io/gitea/models/db" user_model "code.gitea.io/gitea/models/user" auth_module "code.gitea.io/gitea/modules/auth" "code.gitea.io/gitea/modules/util" @@ -19,7 +19,7 @@ import ( // Authenticate queries if login/password is valid against the LDAP directory pool, // and create a local user if success when enabled. -func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) { +func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error) { loginName := userName if user != nil { loginName = user.LoginName @@ -33,11 +33,11 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str isAttributeSSHPublicKeySet := len(strings.TrimSpace(source.AttributeSSHPublicKey)) > 0 // Update User admin flag if exist - if isExist, err := user_model.IsUserExist(db.DefaultContext, 0, sr.Username); err != nil { + if isExist, err := user_model.IsUserExist(ctx, 0, sr.Username); err != nil { return nil, err } else if isExist { if user == nil { - user, err = user_model.GetUserByName(db.DefaultContext, sr.Username) + user, err = user_model.GetUserByName(ctx, sr.Username) if err != nil { return nil, err } @@ -55,7 +55,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str cols = append(cols, "is_restricted") } if len(cols) > 0 { - err = user_model.UpdateUserCols(db.DefaultContext, user, cols...) + err = user_model.UpdateUserCols(ctx, user, cols...) if err != nil { return nil, err } @@ -94,7 +94,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str IsActive: util.OptionalBoolTrue, } - err := user_model.CreateUser(user, overwriteDefault) + err := user_model.CreateUser(ctx, user, overwriteDefault) if err != nil { return user, err } @@ -116,7 +116,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str if err != nil { return user, err } - if err := source_service.SyncGroupsToTeams(db.DefaultContext, user, sr.Groups, groupTeamMapping, source.GroupTeamMapRemoval); err != nil { + if err := source_service.SyncGroupsToTeams(ctx, user, sr.Groups, groupTeamMapping, source.GroupTeamMapRemoval); err != nil { return user, err } } diff --git a/services/auth/source/ldap/source_sync.go b/services/auth/source/ldap/source_sync.go index df5eb60393..8fb1363fc2 100644 --- a/services/auth/source/ldap/source_sync.go +++ b/services/auth/source/ldap/source_sync.go @@ -28,7 +28,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error { var sshKeysNeedUpdate bool // Find all users with this login type - FIXME: Should this be an iterator? - users, err := user_model.GetUsersBySource(source.authSource) + users, err := user_model.GetUsersBySource(ctx, source.authSource) if err != nil { log.Error("SyncExternalUsers: %v", err) return err @@ -128,7 +128,7 @@ func (source *Source) Sync(ctx context.Context, updateExisting bool) error { IsActive: util.OptionalBoolTrue, } - err = user_model.CreateUser(usr, overwriteDefault) + err = user_model.CreateUser(ctx, usr, overwriteDefault) if err != nil { log.Error("SyncExternalUsers[%s]: Error creating user %s: %v", source.authSource.Name, su.Username, err) } diff --git a/services/auth/source/oauth2/source_authenticate.go b/services/auth/source/oauth2/source_authenticate.go index e3e2a9e192..bbda35dee0 100644 --- a/services/auth/source/oauth2/source_authenticate.go +++ b/services/auth/source/oauth2/source_authenticate.go @@ -4,13 +4,15 @@ package oauth2 import ( + "context" + user_model "code.gitea.io/gitea/models/user" "code.gitea.io/gitea/services/auth/source/db" ) // Authenticate falls back to the db authenticator -func (source *Source) Authenticate(user *user_model.User, login, password string) (*user_model.User, error) { - return db.Authenticate(user, login, password) +func (source *Source) Authenticate(ctx context.Context, user *user_model.User, login, password string) (*user_model.User, error) { + return db.Authenticate(ctx, user, login, password) } // NB: Oauth2 does not implement LocalTwoFASkipper for password authentication diff --git a/services/auth/source/pam/source_authenticate.go b/services/auth/source/pam/source_authenticate.go index e3a74e495c..0891a86392 100644 --- a/services/auth/source/pam/source_authenticate.go +++ b/services/auth/source/pam/source_authenticate.go @@ -4,6 +4,7 @@ package pam import ( + "context" "fmt" "strings" @@ -18,7 +19,7 @@ import ( // Authenticate queries if login/password is valid against the PAM, // and create a local user if success when enabled. -func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) { +func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error) { pamLogin, err := pam.Auth(source.ServiceName, userName, password) if err != nil { if strings.Contains(err.Error(), "Authentication failure") { @@ -62,7 +63,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str IsActive: util.OptionalBoolTrue, } - if err := user_model.CreateUser(user, overwriteDefault); err != nil { + if err := user_model.CreateUser(ctx, user, overwriteDefault); err != nil { return user, err } diff --git a/services/auth/source/smtp/source_authenticate.go b/services/auth/source/smtp/source_authenticate.go index 7d7d1aa8b6..b244fc7d40 100644 --- a/services/auth/source/smtp/source_authenticate.go +++ b/services/auth/source/smtp/source_authenticate.go @@ -4,6 +4,7 @@ package smtp import ( + "context" "errors" "net/smtp" "net/textproto" @@ -16,7 +17,7 @@ import ( // Authenticate queries if the provided login/password is authenticates against the SMTP server // Users will be autoregistered as required -func (source *Source) Authenticate(user *user_model.User, userName, password string) (*user_model.User, error) { +func (source *Source) Authenticate(ctx context.Context, user *user_model.User, userName, password string) (*user_model.User, error) { // Verify allowed domains. if len(source.AllowedDomains) > 0 { idx := strings.Index(userName, "@") @@ -77,7 +78,7 @@ func (source *Source) Authenticate(user *user_model.User, userName, password str IsActive: util.OptionalBoolTrue, } - if err := user_model.CreateUser(user, overwriteDefault); err != nil { + if err := user_model.CreateUser(ctx, user, overwriteDefault); err != nil { return user, err } diff --git a/services/auth/source/source_group_sync.go b/services/auth/source/source_group_sync.go index e42f60bde2..3a2411ec55 100644 --- a/services/auth/source/source_group_sync.go +++ b/services/auth/source/source_group_sync.go @@ -100,12 +100,12 @@ func syncGroupsToTeamsCached(ctx context.Context, user *user_model.User, orgTeam } if action == syncAdd && !isMember { - if err := models.AddTeamMember(team, user.ID); err != nil { + if err := models.AddTeamMember(ctx, team, user.ID); err != nil { log.Error("group sync: Could not add user to team: %v", err) return err } } else if action == syncRemove && isMember { - if err := models.RemoveTeamMember(team, user.ID); err != nil { + if err := models.RemoveTeamMember(ctx, team, user.ID); err != nil { log.Error("group sync: Could not remove user from team: %v", err) return err } diff --git a/services/auth/sspi_windows.go b/services/auth/sspi_windows.go index a4880c7334..e29bd71529 100644 --- a/services/auth/sspi_windows.go +++ b/services/auth/sspi_windows.go @@ -4,6 +4,7 @@ package auth import ( + "context" "errors" "net/http" "strings" @@ -113,7 +114,7 @@ func (s *SSPI) Verify(req *http.Request, w http.ResponseWriter, store DataStore, log.Error("User '%s' not found", username) return nil, nil } - user, err = s.newUser(username, cfg) + user, err = s.newUser(req.Context(), username, cfg) if err != nil { log.Error("CreateUser: %v", err) return nil, err @@ -161,7 +162,7 @@ func (s *SSPI) shouldAuthenticate(req *http.Request) (shouldAuth bool) { // newUser creates a new user object for the purpose of automatic registration // and populates its name and email with the information present in request headers. -func (s *SSPI) newUser(username string, cfg *sspi.Source) (*user_model.User, error) { +func (s *SSPI) newUser(ctx context.Context, username string, cfg *sspi.Source) (*user_model.User, error) { email := gouuid.New().String() + "@localhost.localdomain" user := &user_model.User{ Name: username, @@ -177,7 +178,7 @@ func (s *SSPI) newUser(username string, cfg *sspi.Source) (*user_model.User, err KeepEmailPrivate: util.OptionalBoolTrue, EmailNotificationsPreference: &emailNotificationPreference, } - if err := user_model.CreateUser(user, overwriteDefault); err != nil { + if err := user_model.CreateUser(ctx, user, overwriteDefault); err != nil { return nil, err } diff --git a/services/convert/convert.go b/services/convert/convert.go index a7a777e8bd..a87352f51d 100644 --- a/services/convert/convert.go +++ b/services/convert/convert.go @@ -107,16 +107,16 @@ func ToBranch(ctx context.Context, repo *repo_model.Repository, branchName strin } // ToBranchProtection convert a ProtectedBranch to api.BranchProtection -func ToBranchProtection(bp *git_model.ProtectedBranch) *api.BranchProtection { - pushWhitelistUsernames, err := user_model.GetUserNamesByIDs(bp.WhitelistUserIDs) +func ToBranchProtection(ctx context.Context, bp *git_model.ProtectedBranch) *api.BranchProtection { + pushWhitelistUsernames, err := user_model.GetUserNamesByIDs(ctx, bp.WhitelistUserIDs) if err != nil { log.Error("GetUserNamesByIDs (WhitelistUserIDs): %v", err) } - mergeWhitelistUsernames, err := user_model.GetUserNamesByIDs(bp.MergeWhitelistUserIDs) + mergeWhitelistUsernames, err := user_model.GetUserNamesByIDs(ctx, bp.MergeWhitelistUserIDs) if err != nil { log.Error("GetUserNamesByIDs (MergeWhitelistUserIDs): %v", err) } - approvalsWhitelistUsernames, err := user_model.GetUserNamesByIDs(bp.ApprovalsWhitelistUserIDs) + approvalsWhitelistUsernames, err := user_model.GetUserNamesByIDs(ctx, bp.ApprovalsWhitelistUserIDs) if err != nil { log.Error("GetUserNamesByIDs (ApprovalsWhitelistUserIDs): %v", err) } diff --git a/services/repository/create_test.go b/services/repository/create_test.go index 78be93bf12..7ffdcc38fb 100644 --- a/services/repository/create_test.go +++ b/services/repository/create_test.go @@ -101,7 +101,7 @@ func TestIncludesAllRepositoriesTeams(t *testing.T) { } for i, team := range teams { if i > 0 { // first team is Owner. - assert.NoError(t, models.NewTeam(team), "%s: NewTeam", team.Name) + assert.NoError(t, models.NewTeam(db.DefaultContext, team), "%s: NewTeam", team.Name) } testTeamRepositories(team.ID, teamRepos[i]) } @@ -111,7 +111,7 @@ func TestIncludesAllRepositoriesTeams(t *testing.T) { teams[4].IncludesAllRepositories = true teamRepos[4] = repoIds for i, team := range teams { - assert.NoError(t, models.UpdateTeam(team, false, true), "%s: UpdateTeam", team.Name) + assert.NoError(t, models.UpdateTeam(db.DefaultContext, team, false, true), "%s: UpdateTeam", team.Name) testTeamRepositories(team.ID, teamRepos[i]) } diff --git a/services/user/user_test.go b/services/user/user_test.go index 3f1bf9a0f8..7a9713c79f 100644 --- a/services/user/user_test.go +++ b/services/user/user_test.go @@ -92,7 +92,7 @@ func TestCreateUser(t *testing.T) { MustChangePassword: false, } - assert.NoError(t, user_model.CreateUser(user)) + assert.NoError(t, user_model.CreateUser(db.DefaultContext, user)) assert.NoError(t, DeleteUser(db.DefaultContext, user, false)) } @@ -177,7 +177,7 @@ func TestCreateUser_Issue5882(t *testing.T) { for _, v := range tt { setting.Admin.DisableRegularOrgCreation = v.disableOrgCreation - assert.NoError(t, user_model.CreateUser(v.user)) + assert.NoError(t, user_model.CreateUser(db.DefaultContext, v.user)) u, err := user_model.GetUserByEmail(db.DefaultContext, v.user.Email) assert.NoError(t, err) |