From a99b96cbcd10e4cad3194c142a0fffe371959455 Mon Sep 17 00:00:00 2001 From: KN4CK3R Date: Tue, 5 Sep 2023 17:21:02 +0200 Subject: Refactor secrets modification logic (#26873) - Share code between web and api - Add some tests --- routers/web/shared/actions/variables.go | 16 +++------------- routers/web/shared/secrets/secrets.go | 17 +++++++---------- 2 files changed, 10 insertions(+), 23 deletions(-) (limited to 'routers/web/shared') diff --git a/routers/web/shared/actions/variables.go b/routers/web/shared/actions/variables.go index 8d1516c91c..341c18f589 100644 --- a/routers/web/shared/actions/variables.go +++ b/routers/web/shared/actions/variables.go @@ -14,6 +14,7 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/services/forms" + secret_service "code.gitea.io/gitea/services/secrets" ) func SetVariablesContext(ctx *context.Context, ownerID, repoID int64) { @@ -33,20 +34,9 @@ func SetVariablesContext(ctx *context.Context, ownerID, repoID int64) { // https://docs.github.com/en/actions/learn-github-actions/variables#naming-conventions-for-configuration-variables // https://docs.github.com/en/actions/security-guides/encrypted-secrets#naming-your-secrets var ( - nameRx = regexp.MustCompile("(?i)^[A-Z_][A-Z0-9_]*$") - forbiddenPrefixRx = regexp.MustCompile("(?i)^GIT(EA|HUB)_") - forbiddenEnvNameCIRx = regexp.MustCompile("(?i)^CI") ) -func NameRegexMatch(name string) error { - if !nameRx.MatchString(name) || forbiddenPrefixRx.MatchString(name) { - log.Error("Name %s, regex match error", name) - return errors.New("name has invalid character") - } - return nil -} - func envNameCIRegexMatch(name string) error { if forbiddenEnvNameCIRx.MatchString(name) { log.Error("Env Name cannot be ci") @@ -58,7 +48,7 @@ func envNameCIRegexMatch(name string) error { func CreateVariable(ctx *context.Context, ownerID, repoID int64, redirectURL string) { form := web.GetForm(ctx).(*forms.EditVariableForm) - if err := NameRegexMatch(form.Name); err != nil { + if err := secret_service.ValidateName(form.Name); err != nil { ctx.JSONError(err.Error()) return } @@ -82,7 +72,7 @@ func UpdateVariable(ctx *context.Context, redirectURL string) { id := ctx.ParamsInt64(":variable_id") form := web.GetForm(ctx).(*forms.EditVariableForm) - if err := NameRegexMatch(form.Name); err != nil { + if err := secret_service.ValidateName(form.Name); err != nil { ctx.JSONError(err.Error()) return } diff --git a/routers/web/shared/secrets/secrets.go b/routers/web/shared/secrets/secrets.go index c09ce51499..875cb0cfec 100644 --- a/routers/web/shared/secrets/secrets.go +++ b/routers/web/shared/secrets/secrets.go @@ -4,13 +4,13 @@ package secrets import ( - "code.gitea.io/gitea/models/db" secret_model "code.gitea.io/gitea/models/secret" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/web" "code.gitea.io/gitea/routers/web/shared/actions" "code.gitea.io/gitea/services/forms" + secret_service "code.gitea.io/gitea/services/secrets" ) func SetSecretsContext(ctx *context.Context, ownerID, repoID int64) { @@ -26,14 +26,9 @@ func SetSecretsContext(ctx *context.Context, ownerID, repoID int64) { func PerformSecretsPost(ctx *context.Context, ownerID, repoID int64, redirectURL string) { form := web.GetForm(ctx).(*forms.AddSecretForm) - if err := actions.NameRegexMatch(form.Name); err != nil { - ctx.JSONError(ctx.Tr("secrets.creation.failed")) - return - } - - s, err := secret_model.InsertEncryptedSecret(ctx, ownerID, repoID, form.Name, actions.ReserveLineBreakForTextarea(form.Data)) + s, _, err := secret_service.CreateOrUpdateSecret(ctx, ownerID, repoID, form.Name, actions.ReserveLineBreakForTextarea(form.Data)) if err != nil { - log.Error("InsertEncryptedSecret: %v", err) + log.Error("CreateOrUpdateSecret failed: %v", err) ctx.JSONError(ctx.Tr("secrets.creation.failed")) return } @@ -45,11 +40,13 @@ func PerformSecretsPost(ctx *context.Context, ownerID, repoID int64, redirectURL func PerformSecretsDelete(ctx *context.Context, ownerID, repoID int64, redirectURL string) { id := ctx.FormInt64("id") - if _, err := db.DeleteByBean(ctx, &secret_model.Secret{ID: id, OwnerID: ownerID, RepoID: repoID}); err != nil { - log.Error("Delete secret %d failed: %v", id, err) + err := secret_service.DeleteSecretByID(ctx, ownerID, repoID, id) + if err != nil { + log.Error("DeleteSecretByID(%d) failed: %v", id, err) ctx.JSONError(ctx.Tr("secrets.deletion.failed")) return } + ctx.Flash.Success(ctx.Tr("secrets.deletion.success")) ctx.JSONRedirect(redirectURL) } -- cgit v1.2.3