mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9600 Commits
17 Branches
Tree: 12f51ec7dd
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '12f51ec7dd'
${ noResults }
gitea/modules/lfs/locks.go

locks.go 9.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package lfs

  6. 

  7. import (

  8. 	"encoding/json"

  9. 	"strconv"

  10. 	"strings"

  11. 

  12. 	"code.gitea.io/gitea/models"

  13. 	"code.gitea.io/gitea/modules/context"

  14. 	"code.gitea.io/gitea/modules/log"

  15. 	"code.gitea.io/gitea/modules/setting"

  16. 	api "code.gitea.io/gitea/modules/structs"

  17. )

  18. 

  19. //checkIsValidRequest check if it a valid request in case of bad request it write the response to ctx.

  20. func checkIsValidRequest(ctx *context.Context) bool {

  21. 	if !setting.LFS.StartServer {

  22. 		log.Debug("Attempt to access LFS server but LFS server is disabled")

  23. 		writeStatus(ctx, 404)

  24. 		return false

  25. 	}

  26. 	if !MetaMatcher(ctx.Req) {

  27. 		log.Info("Attempt access LOCKs without accepting the correct media type: %s", metaMediaType)

  28. 		writeStatus(ctx, 400)

  29. 		return false

  30. 	}

  31. 	if !ctx.IsSigned {

  32. 		user, _, _, err := parseToken(ctx.Req.Header.Get("Authorization"))

  33. 		if err != nil {

  34. 			ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  35. 			writeStatus(ctx, 401)

  36. 			return false

  37. 		}

  38. 		ctx.User = user

  39. 	}

  40. 	return true

  41. }

  42. 

  43. func handleLockListOut(ctx *context.Context, repo *models.Repository, lock *models.LFSLock, err error) {

  44. 	if err != nil {

  45. 		if models.IsErrLFSLockNotExist(err) {

  46. 			ctx.JSON(200, api.LFSLockList{

  47. 				Locks: []*api.LFSLock{},

  48. 			})

  49. 			return

  50. 		}

  51. 		ctx.JSON(500, api.LFSLockError{

  52. 			Message: "unable to list locks : Internal Server Error",

  53. 		})

  54. 		return

  55. 	}

  56. 	if repo.ID != lock.RepoID {

  57. 		ctx.JSON(200, api.LFSLockList{

  58. 			Locks: []*api.LFSLock{},

  59. 		})

  60. 		return

  61. 	}

  62. 	ctx.JSON(200, api.LFSLockList{

  63. 		Locks: []*api.LFSLock{lock.APIFormat()},

  64. 	})

  65. }

  66. 

  67. // GetListLockHandler list locks

  68. func GetListLockHandler(ctx *context.Context) {

  69. 	if !checkIsValidRequest(ctx) {

  70. 		// Status is written in checkIsValidRequest

  71. 		return

  72. 	}

  73. 	ctx.Resp.Header().Set("Content-Type", metaMediaType)

  74. 

  75. 	rv := unpack(ctx)

  76. 

  77. 	repository, err := models.GetRepositoryByOwnerAndName(rv.User, rv.Repo)

  78. 	if err != nil {

  79. 		log.Debug("Could not find repository: %s/%s - %s", rv.User, rv.Repo, err)

  80. 		writeStatus(ctx, 404)

  81. 		return

  82. 	}

  83. 	repository.MustOwner()

  84. 

  85. 	authenticated := authenticate(ctx, repository, rv.Authorization, false)

  86. 	if !authenticated {

  87. 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  88. 		ctx.JSON(401, api.LFSLockError{

  89. 			Message: "You must have pull access to list locks",

  90. 		})

  91. 		return

  92. 	}

  93. 

  94. 	cursor := ctx.QueryInt("cursor")

  95. 	if cursor < 0 {

  96. 		cursor = 0

  97. 	}

  98. 	limit := ctx.QueryInt("limit")

  99. 	if limit > setting.LFS.LocksPagingNum && setting.LFS.LocksPagingNum > 0 {

  100. 		limit = setting.LFS.LocksPagingNum

  101. 	} else if limit < 0 {

  102. 		limit = 0

  103. 	}

  104. 	id := ctx.Query("id")

  105. 	if id != "" { //Case where we request a specific id

  106. 		v, err := strconv.ParseInt(id, 10, 64)

  107. 		if err != nil {

  108. 			ctx.JSON(400, api.LFSLockError{

  109. 				Message: "bad request : " + err.Error(),

  110. 			})

  111. 			return

  112. 		}

  113. 		lock, err := models.GetLFSLockByID(v)

  114. 		if err != nil && !models.IsErrLFSLockNotExist(err) {

  115. 			log.Error("Unable to get lock with ID[%s]: Error: %v", v, err)

  116. 		}

  117. 		handleLockListOut(ctx, repository, lock, err)

  118. 		return

  119. 	}

  120. 

  121. 	path := ctx.Query("path")

  122. 	if path != "" { //Case where we request a specific id

  123. 		lock, err := models.GetLFSLock(repository, path)

  124. 		if err != nil && !models.IsErrLFSLockNotExist(err) {

  125. 			log.Error("Unable to get lock for repository %-v with path %s: Error: %v", repository, path, err)

  126. 		}

  127. 		handleLockListOut(ctx, repository, lock, err)

  128. 		return

  129. 	}

  130. 

  131. 	//If no query params path or id

  132. 	lockList, err := models.GetLFSLockByRepoID(repository.ID, cursor, limit)

  133. 	if err != nil {

  134. 		log.Error("Unable to list locks for repository ID[%d]: Error: %v", repository.ID, err)

  135. 		ctx.JSON(500, api.LFSLockError{

  136. 			Message: "unable to list locks : Internal Server Error",

  137. 		})

  138. 		return

  139. 	}

  140. 	lockListAPI := make([]*api.LFSLock, len(lockList))

  141. 	next := ""

  142. 	for i, l := range lockList {

  143. 		lockListAPI[i] = l.APIFormat()

  144. 	}

  145. 	if limit > 0 && len(lockList) == limit {

  146. 		next = strconv.Itoa(cursor + 1)

  147. 	}

  148. 	ctx.JSON(200, api.LFSLockList{

  149. 		Locks: lockListAPI,

  150. 		Next:  next,

  151. 	})

  152. }

  153. 

  154. // PostLockHandler create lock

  155. func PostLockHandler(ctx *context.Context) {

  156. 	if !checkIsValidRequest(ctx) {

  157. 		// Status is written in checkIsValidRequest

  158. 		return

  159. 	}

  160. 	ctx.Resp.Header().Set("Content-Type", metaMediaType)

  161. 

  162. 	userName := ctx.Params("username")

  163. 	repoName := strings.TrimSuffix(ctx.Params("reponame"), ".git")

  164. 	authorization := ctx.Req.Header.Get("Authorization")

  165. 

  166. 	repository, err := models.GetRepositoryByOwnerAndName(userName, repoName)

  167. 	if err != nil {

  168. 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)

  169. 		writeStatus(ctx, 404)

  170. 		return

  171. 	}

  172. 	repository.MustOwner()

  173. 

  174. 	authenticated := authenticate(ctx, repository, authorization, true)

  175. 	if !authenticated {

  176. 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  177. 		ctx.JSON(401, api.LFSLockError{

  178. 			Message: "You must have push access to create locks",

  179. 		})

  180. 		return

  181. 	}

  182. 

  183. 	var req api.LFSLockRequest

  184. 	bodyReader := ctx.Req.Body().ReadCloser()

  185. 	defer bodyReader.Close()

  186. 	dec := json.NewDecoder(bodyReader)

  187. 	if err := dec.Decode(&req); err != nil {

  188. 		log.Warn("Failed to decode lock request as json. Error: %v", err)

  189. 		writeStatus(ctx, 400)

  190. 		return

  191. 	}

  192. 

  193. 	lock, err := models.CreateLFSLock(&models.LFSLock{

  194. 		Repo:  repository,

  195. 		Path:  req.Path,

  196. 		Owner: ctx.User,

  197. 	})

  198. 	if err != nil {

  199. 		if models.IsErrLFSLockAlreadyExist(err) {

  200. 			ctx.JSON(409, api.LFSLockError{

  201. 				Lock:    lock.APIFormat(),

  202. 				Message: "already created lock",

  203. 			})

  204. 			return

  205. 		}

  206. 		if models.IsErrLFSUnauthorizedAction(err) {

  207. 			ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  208. 			ctx.JSON(401, api.LFSLockError{

  209. 				Message: "You must have push access to create locks : " + err.Error(),

  210. 			})

  211. 			return

  212. 		}

  213. 		log.Error("Unable to CreateLFSLock in repository %-v at %s for user %-v: Error: %v", repository, req.Path, ctx.User, err)

  214. 		ctx.JSON(500, api.LFSLockError{

  215. 			Message: "internal server error : Internal Server Error",

  216. 		})

  217. 		return

  218. 	}

  219. 	ctx.JSON(201, api.LFSLockResponse{Lock: lock.APIFormat()})

  220. }

  221. 

  222. // VerifyLockHandler list locks for verification

  223. func VerifyLockHandler(ctx *context.Context) {

  224. 	if !checkIsValidRequest(ctx) {

  225. 		// Status is written in checkIsValidRequest

  226. 		return

  227. 	}

  228. 	ctx.Resp.Header().Set("Content-Type", metaMediaType)

  229. 

  230. 	userName := ctx.Params("username")

  231. 	repoName := strings.TrimSuffix(ctx.Params("reponame"), ".git")

  232. 	authorization := ctx.Req.Header.Get("Authorization")

  233. 

  234. 	repository, err := models.GetRepositoryByOwnerAndName(userName, repoName)

  235. 	if err != nil {

  236. 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)

  237. 		writeStatus(ctx, 404)

  238. 		return

  239. 	}

  240. 	repository.MustOwner()

  241. 

  242. 	authenticated := authenticate(ctx, repository, authorization, true)

  243. 	if !authenticated {

  244. 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  245. 		ctx.JSON(401, api.LFSLockError{

  246. 			Message: "You must have push access to verify locks",

  247. 		})

  248. 		return

  249. 	}

  250. 

  251. 	cursor := ctx.QueryInt("cursor")

  252. 	if cursor < 0 {

  253. 		cursor = 0

  254. 	}

  255. 	limit := ctx.QueryInt("limit")

  256. 	if limit > setting.LFS.LocksPagingNum && setting.LFS.LocksPagingNum > 0 {

  257. 		limit = setting.LFS.LocksPagingNum

  258. 	} else if limit < 0 {

  259. 		limit = 0

  260. 	}

  261. 	lockList, err := models.GetLFSLockByRepoID(repository.ID, cursor, limit)

  262. 	if err != nil {

  263. 		log.Error("Unable to list locks for repository ID[%d]: Error: %v", repository.ID, err)

  264. 		ctx.JSON(500, api.LFSLockError{

  265. 			Message: "unable to list locks : Internal Server Error",

  266. 		})

  267. 		return

  268. 	}

  269. 	next := ""

  270. 	if limit > 0 && len(lockList) == limit {

  271. 		next = strconv.Itoa(cursor + 1)

  272. 	}

  273. 	lockOursListAPI := make([]*api.LFSLock, 0, len(lockList))

  274. 	lockTheirsListAPI := make([]*api.LFSLock, 0, len(lockList))

  275. 	for _, l := range lockList {

  276. 		if l.Owner.ID == ctx.User.ID {

  277. 			lockOursListAPI = append(lockOursListAPI, l.APIFormat())

  278. 		} else {

  279. 			lockTheirsListAPI = append(lockTheirsListAPI, l.APIFormat())

  280. 		}

  281. 	}

  282. 	ctx.JSON(200, api.LFSLockListVerify{

  283. 		Ours:   lockOursListAPI,

  284. 		Theirs: lockTheirsListAPI,

  285. 		Next:   next,

  286. 	})

  287. }

  288. 

  289. // UnLockHandler delete locks

  290. func UnLockHandler(ctx *context.Context) {

  291. 	if !checkIsValidRequest(ctx) {

  292. 		// Status is written in checkIsValidRequest

  293. 		return

  294. 	}

  295. 	ctx.Resp.Header().Set("Content-Type", metaMediaType)

  296. 

  297. 	userName := ctx.Params("username")

  298. 	repoName := strings.TrimSuffix(ctx.Params("reponame"), ".git")

  299. 	authorization := ctx.Req.Header.Get("Authorization")

  300. 

  301. 	repository, err := models.GetRepositoryByOwnerAndName(userName, repoName)

  302. 	if err != nil {

  303. 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)

  304. 		writeStatus(ctx, 404)

  305. 		return

  306. 	}

  307. 	repository.MustOwner()

  308. 

  309. 	authenticated := authenticate(ctx, repository, authorization, true)

  310. 	if !authenticated {

  311. 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  312. 		ctx.JSON(401, api.LFSLockError{

  313. 			Message: "You must have push access to delete locks",

  314. 		})

  315. 		return

  316. 	}

  317. 

  318. 	var req api.LFSLockDeleteRequest

  319. 	bodyReader := ctx.Req.Body().ReadCloser()

  320. 	defer bodyReader.Close()

  321. 	dec := json.NewDecoder(bodyReader)

  322. 	if err := dec.Decode(&req); err != nil {

  323. 		log.Warn("Failed to decode lock request as json. Error: %v", err)

  324. 		writeStatus(ctx, 400)

  325. 		return

  326. 	}

  327. 

  328. 	lock, err := models.DeleteLFSLockByID(ctx.ParamsInt64("lid"), ctx.User, req.Force)

  329. 	if err != nil {

  330. 		if models.IsErrLFSUnauthorizedAction(err) {

  331. 			ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  332. 			ctx.JSON(401, api.LFSLockError{

  333. 				Message: "You must have push access to delete locks : " + err.Error(),

  334. 			})

  335. 			return

  336. 		}

  337. 		log.Error("Unable to DeleteLFSLockByID[%d] by user %-v with force %t: Error: %v", ctx.ParamsInt64("lid"), ctx.User, req.Force, err)

  338. 		ctx.JSON(500, api.LFSLockError{

  339. 			Message: "unable to delete lock : Internal Server Error",

  340. 		})

  341. 		return

  342. 	}

  343. 	ctx.JSON(200, api.LFSLockResponse{Lock: lock.APIFormat()})

  344. }