From d1a49977b089afefc40172711d02eb795d2234de Mon Sep 17 00:00:00 2001 From: zeripath Date: Tue, 17 Dec 2019 01:49:07 +0000 Subject: AuthorizedKeysCommand should not query db directly (#9371) * AuthorizedKeysCommand should not query db directly * Update routers/private/internal.go * Fix import order --- routers/private/internal.go | 1 + routers/private/key.go | 25 +++++++++++++++++++++---- 2 files changed, 22 insertions(+), 4 deletions(-) (limited to 'routers/private') diff --git a/routers/private/internal.go b/routers/private/internal.go index 3a48f5384d..cfbad19678 100644 --- a/routers/private/internal.go +++ b/routers/private/internal.go @@ -76,6 +76,7 @@ func CheckUnitUser(ctx *macaron.Context) { // These APIs will be invoked by internal commands for example `gitea serv` and etc. func RegisterRoutes(m *macaron.Macaron) { m.Group("/", func() { + m.Post("/ssh/authorized_keys", AuthorizedPublicKeyByContent) m.Post("/ssh/:id/update/:repoid", UpdatePublicKeyInRepo) m.Get("/hook/pre-receive/:owner/:repo", HookPreReceive) m.Get("/hook/post-receive/:owner/:repo", HookPostReceive) diff --git a/routers/private/key.go b/routers/private/key.go index dcf597d6ba..c00330fe88 100644 --- a/routers/private/key.go +++ b/routers/private/key.go @@ -6,6 +6,8 @@ package private import ( + "net/http" + "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/timeutil" @@ -17,7 +19,7 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) { keyID := ctx.ParamsInt64(":id") repoID := ctx.ParamsInt64(":repoid") if err := models.UpdatePublicKeyUpdated(keyID); err != nil { - ctx.JSON(500, map[string]interface{}{ + ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ "err": err.Error(), }) return @@ -29,18 +31,33 @@ func UpdatePublicKeyInRepo(ctx *macaron.Context) { ctx.PlainText(200, []byte("success")) return } - ctx.JSON(500, map[string]interface{}{ + ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ "err": err.Error(), }) return } deployKey.UpdatedUnix = timeutil.TimeStampNow() if err = models.UpdateDeployKeyCols(deployKey, "updated_unix"); err != nil { - ctx.JSON(500, map[string]interface{}{ + ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ "err": err.Error(), }) return } - ctx.PlainText(200, []byte("success")) + ctx.PlainText(http.StatusOK, []byte("success")) +} + +// AuthorizedPublicKeyByContent searches content as prefix (leak e-mail part) +// and returns public key found. +func AuthorizedPublicKeyByContent(ctx *macaron.Context) { + content := ctx.Query("content") + + publicKey, err := models.SearchPublicKeyByContent(content) + if err != nil { + ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ + "err": err.Error(), + }) + return + } + ctx.PlainText(http.StatusOK, []byte(publicKey.AuthorizedString())) } -- cgit v1.2.3