mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11262 Commits
17 Branches
Tree: 16dea6cebd
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '16dea6cebd'
${ noResults }
gitea/modules/lfs/locks.go

locks.go 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package lfs

  6. 

  7. import (

  8. 	"net/http"

  9. 	"strconv"

  10. 	"strings"

  11. 

  12. 	"code.gitea.io/gitea/models"

  13. 	"code.gitea.io/gitea/modules/context"

  14. 	"code.gitea.io/gitea/modules/convert"

  15. 	"code.gitea.io/gitea/modules/log"

  16. 	"code.gitea.io/gitea/modules/setting"

  17. 	api "code.gitea.io/gitea/modules/structs"

  18. 	jsoniter "github.com/json-iterator/go"

  19. )

  20. 

  21. //checkIsValidRequest check if it a valid request in case of bad request it write the response to ctx.

  22. func checkIsValidRequest(ctx *context.Context) bool {

  23. 	if !setting.LFS.StartServer {

  24. 		log.Debug("Attempt to access LFS server but LFS server is disabled")

  25. 		writeStatus(ctx, http.StatusNotFound)

  26. 		return false

  27. 	}

  28. 	if !MetaMatcher(ctx.Req) {

  29. 		log.Info("Attempt access LOCKs without accepting the correct media type: %s", metaMediaType)

  30. 		writeStatus(ctx, http.StatusBadRequest)

  31. 		return false

  32. 	}

  33. 	if !ctx.IsSigned {

  34. 		user, _, _, err := parseToken(ctx.Req.Header.Get("Authorization"))

  35. 		if err != nil {

  36. 			ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  37. 			writeStatus(ctx, http.StatusUnauthorized)

  38. 			return false

  39. 		}

  40. 		ctx.User = user

  41. 	}

  42. 	return true

  43. }

  44. 

  45. func handleLockListOut(ctx *context.Context, repo *models.Repository, lock *models.LFSLock, err error) {

  46. 	if err != nil {

  47. 		if models.IsErrLFSLockNotExist(err) {

  48. 			ctx.JSON(http.StatusOK, api.LFSLockList{

  49. 				Locks: []*api.LFSLock{},

  50. 			})

  51. 			return

  52. 		}

  53. 		ctx.JSON(http.StatusInternalServerError, api.LFSLockError{

  54. 			Message: "unable to list locks : Internal Server Error",

  55. 		})

  56. 		return

  57. 	}

  58. 	if repo.ID != lock.RepoID {

  59. 		ctx.JSON(http.StatusOK, api.LFSLockList{

  60. 			Locks: []*api.LFSLock{},

  61. 		})

  62. 		return

  63. 	}

  64. 	ctx.JSON(http.StatusOK, api.LFSLockList{

  65. 		Locks: []*api.LFSLock{convert.ToLFSLock(lock)},

  66. 	})

  67. }

  68. 

  69. // GetListLockHandler list locks

  70. func GetListLockHandler(ctx *context.Context) {

  71. 	if !checkIsValidRequest(ctx) {

  72. 		// Status is written in checkIsValidRequest

  73. 		return

  74. 	}

  75. 	ctx.Resp.Header().Set("Content-Type", metaMediaType)

  76. 

  77. 	rv := unpack(ctx)

  78. 

  79. 	repository, err := models.GetRepositoryByOwnerAndName(rv.User, rv.Repo)

  80. 	if err != nil {

  81. 		log.Debug("Could not find repository: %s/%s - %s", rv.User, rv.Repo, err)

  82. 		writeStatus(ctx, 404)

  83. 		return

  84. 	}

  85. 	repository.MustOwner()

  86. 

  87. 	authenticated := authenticate(ctx, repository, rv.Authorization, false)

  88. 	if !authenticated {

  89. 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  90. 		ctx.JSON(http.StatusUnauthorized, api.LFSLockError{

  91. 			Message: "You must have pull access to list locks",

  92. 		})

  93. 		return

  94. 	}

  95. 

  96. 	cursor := ctx.QueryInt("cursor")

  97. 	if cursor < 0 {

  98. 		cursor = 0

  99. 	}

  100. 	limit := ctx.QueryInt("limit")

  101. 	if limit > setting.LFS.LocksPagingNum && setting.LFS.LocksPagingNum > 0 {

  102. 		limit = setting.LFS.LocksPagingNum

  103. 	} else if limit < 0 {

  104. 		limit = 0

  105. 	}

  106. 	id := ctx.Query("id")

  107. 	if id != "" { //Case where we request a specific id

  108. 		v, err := strconv.ParseInt(id, 10, 64)

  109. 		if err != nil {

  110. 			ctx.JSON(http.StatusBadRequest, api.LFSLockError{

  111. 				Message: "bad request : " + err.Error(),

  112. 			})

  113. 			return

  114. 		}

  115. 		lock, err := models.GetLFSLockByID(v)

  116. 		if err != nil && !models.IsErrLFSLockNotExist(err) {

  117. 			log.Error("Unable to get lock with ID[%s]: Error: %v", v, err)

  118. 		}

  119. 		handleLockListOut(ctx, repository, lock, err)

  120. 		return

  121. 	}

  122. 

  123. 	path := ctx.Query("path")

  124. 	if path != "" { //Case where we request a specific id

  125. 		lock, err := models.GetLFSLock(repository, path)

  126. 		if err != nil && !models.IsErrLFSLockNotExist(err) {

  127. 			log.Error("Unable to get lock for repository %-v with path %s: Error: %v", repository, path, err)

  128. 		}

  129. 		handleLockListOut(ctx, repository, lock, err)

  130. 		return

  131. 	}

  132. 

  133. 	//If no query params path or id

  134. 	lockList, err := models.GetLFSLockByRepoID(repository.ID, cursor, limit)

  135. 	if err != nil {

  136. 		log.Error("Unable to list locks for repository ID[%d]: Error: %v", repository.ID, err)

  137. 		ctx.JSON(http.StatusInternalServerError, api.LFSLockError{

  138. 			Message: "unable to list locks : Internal Server Error",

  139. 		})

  140. 		return

  141. 	}

  142. 	lockListAPI := make([]*api.LFSLock, len(lockList))

  143. 	next := ""

  144. 	for i, l := range lockList {

  145. 		lockListAPI[i] = convert.ToLFSLock(l)

  146. 	}

  147. 	if limit > 0 && len(lockList) == limit {

  148. 		next = strconv.Itoa(cursor + 1)

  149. 	}

  150. 	ctx.JSON(http.StatusOK, api.LFSLockList{

  151. 		Locks: lockListAPI,

  152. 		Next:  next,

  153. 	})

  154. }

  155. 

  156. // PostLockHandler create lock

  157. func PostLockHandler(ctx *context.Context) {

  158. 	if !checkIsValidRequest(ctx) {

  159. 		// Status is written in checkIsValidRequest

  160. 		return

  161. 	}

  162. 	ctx.Resp.Header().Set("Content-Type", metaMediaType)

  163. 

  164. 	userName := ctx.Params("username")

  165. 	repoName := strings.TrimSuffix(ctx.Params("reponame"), ".git")

  166. 	authorization := ctx.Req.Header.Get("Authorization")

  167. 

  168. 	repository, err := models.GetRepositoryByOwnerAndName(userName, repoName)

  169. 	if err != nil {

  170. 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)

  171. 		writeStatus(ctx, 404)

  172. 		return

  173. 	}

  174. 	repository.MustOwner()

  175. 

  176. 	authenticated := authenticate(ctx, repository, authorization, true)

  177. 	if !authenticated {

  178. 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  179. 		ctx.JSON(http.StatusUnauthorized, api.LFSLockError{

  180. 			Message: "You must have push access to create locks",

  181. 		})

  182. 		return

  183. 	}

  184. 

  185. 	var req api.LFSLockRequest

  186. 	bodyReader := ctx.Req.Body

  187. 	defer bodyReader.Close()

  188. 	json := jsoniter.ConfigCompatibleWithStandardLibrary

  189. 	dec := json.NewDecoder(bodyReader)

  190. 	if err := dec.Decode(&req); err != nil {

  191. 		log.Warn("Failed to decode lock request as json. Error: %v", err)

  192. 		writeStatus(ctx, 400)

  193. 		return

  194. 	}

  195. 

  196. 	lock, err := models.CreateLFSLock(&models.LFSLock{

  197. 		Repo:  repository,

  198. 		Path:  req.Path,

  199. 		Owner: ctx.User,

  200. 	})

  201. 	if err != nil {

  202. 		if models.IsErrLFSLockAlreadyExist(err) {

  203. 			ctx.JSON(http.StatusConflict, api.LFSLockError{

  204. 				Lock:    convert.ToLFSLock(lock),

  205. 				Message: "already created lock",

  206. 			})

  207. 			return

  208. 		}

  209. 		if models.IsErrLFSUnauthorizedAction(err) {

  210. 			ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  211. 			ctx.JSON(http.StatusUnauthorized, api.LFSLockError{

  212. 				Message: "You must have push access to create locks : " + err.Error(),

  213. 			})

  214. 			return

  215. 		}

  216. 		log.Error("Unable to CreateLFSLock in repository %-v at %s for user %-v: Error: %v", repository, req.Path, ctx.User, err)

  217. 		ctx.JSON(http.StatusInternalServerError, api.LFSLockError{

  218. 			Message: "internal server error : Internal Server Error",

  219. 		})

  220. 		return

  221. 	}

  222. 	ctx.JSON(http.StatusCreated, api.LFSLockResponse{Lock: convert.ToLFSLock(lock)})

  223. }

  224. 

  225. // VerifyLockHandler list locks for verification

  226. func VerifyLockHandler(ctx *context.Context) {

  227. 	if !checkIsValidRequest(ctx) {

  228. 		// Status is written in checkIsValidRequest

  229. 		return

  230. 	}

  231. 	ctx.Resp.Header().Set("Content-Type", metaMediaType)

  232. 

  233. 	userName := ctx.Params("username")

  234. 	repoName := strings.TrimSuffix(ctx.Params("reponame"), ".git")

  235. 	authorization := ctx.Req.Header.Get("Authorization")

  236. 

  237. 	repository, err := models.GetRepositoryByOwnerAndName(userName, repoName)

  238. 	if err != nil {

  239. 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)

  240. 		writeStatus(ctx, 404)

  241. 		return

  242. 	}

  243. 	repository.MustOwner()

  244. 

  245. 	authenticated := authenticate(ctx, repository, authorization, true)

  246. 	if !authenticated {

  247. 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  248. 		ctx.JSON(http.StatusUnauthorized, api.LFSLockError{

  249. 			Message: "You must have push access to verify locks",

  250. 		})

  251. 		return

  252. 	}

  253. 

  254. 	cursor := ctx.QueryInt("cursor")

  255. 	if cursor < 0 {

  256. 		cursor = 0

  257. 	}

  258. 	limit := ctx.QueryInt("limit")

  259. 	if limit > setting.LFS.LocksPagingNum && setting.LFS.LocksPagingNum > 0 {

  260. 		limit = setting.LFS.LocksPagingNum

  261. 	} else if limit < 0 {

  262. 		limit = 0

  263. 	}

  264. 	lockList, err := models.GetLFSLockByRepoID(repository.ID, cursor, limit)

  265. 	if err != nil {

  266. 		log.Error("Unable to list locks for repository ID[%d]: Error: %v", repository.ID, err)

  267. 		ctx.JSON(http.StatusInternalServerError, api.LFSLockError{

  268. 			Message: "unable to list locks : Internal Server Error",

  269. 		})

  270. 		return

  271. 	}

  272. 	next := ""

  273. 	if limit > 0 && len(lockList) == limit {

  274. 		next = strconv.Itoa(cursor + 1)

  275. 	}

  276. 	lockOursListAPI := make([]*api.LFSLock, 0, len(lockList))

  277. 	lockTheirsListAPI := make([]*api.LFSLock, 0, len(lockList))

  278. 	for _, l := range lockList {

  279. 		if l.Owner.ID == ctx.User.ID {

  280. 			lockOursListAPI = append(lockOursListAPI, convert.ToLFSLock(l))

  281. 		} else {

  282. 			lockTheirsListAPI = append(lockTheirsListAPI, convert.ToLFSLock(l))

  283. 		}

  284. 	}

  285. 	ctx.JSON(http.StatusOK, api.LFSLockListVerify{

  286. 		Ours:   lockOursListAPI,

  287. 		Theirs: lockTheirsListAPI,

  288. 		Next:   next,

  289. 	})

  290. }

  291. 

  292. // UnLockHandler delete locks

  293. func UnLockHandler(ctx *context.Context) {

  294. 	if !checkIsValidRequest(ctx) {

  295. 		// Status is written in checkIsValidRequest

  296. 		return

  297. 	}

  298. 	ctx.Resp.Header().Set("Content-Type", metaMediaType)

  299. 

  300. 	userName := ctx.Params("username")

  301. 	repoName := strings.TrimSuffix(ctx.Params("reponame"), ".git")

  302. 	authorization := ctx.Req.Header.Get("Authorization")

  303. 

  304. 	repository, err := models.GetRepositoryByOwnerAndName(userName, repoName)

  305. 	if err != nil {

  306. 		log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err)

  307. 		writeStatus(ctx, 404)

  308. 		return

  309. 	}

  310. 	repository.MustOwner()

  311. 

  312. 	authenticated := authenticate(ctx, repository, authorization, true)

  313. 	if !authenticated {

  314. 		ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  315. 		ctx.JSON(http.StatusUnauthorized, api.LFSLockError{

  316. 			Message: "You must have push access to delete locks",

  317. 		})

  318. 		return

  319. 	}

  320. 

  321. 	var req api.LFSLockDeleteRequest

  322. 	bodyReader := ctx.Req.Body

  323. 	defer bodyReader.Close()

  324. 	json := jsoniter.ConfigCompatibleWithStandardLibrary

  325. 	dec := json.NewDecoder(bodyReader)

  326. 	if err := dec.Decode(&req); err != nil {

  327. 		log.Warn("Failed to decode lock request as json. Error: %v", err)

  328. 		writeStatus(ctx, 400)

  329. 		return

  330. 	}

  331. 

  332. 	lock, err := models.DeleteLFSLockByID(ctx.ParamsInt64("lid"), ctx.User, req.Force)

  333. 	if err != nil {

  334. 		if models.IsErrLFSUnauthorizedAction(err) {

  335. 			ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs")

  336. 			ctx.JSON(http.StatusUnauthorized, api.LFSLockError{

  337. 				Message: "You must have push access to delete locks : " + err.Error(),

  338. 			})

  339. 			return

  340. 		}

  341. 		log.Error("Unable to DeleteLFSLockByID[%d] by user %-v with force %t: Error: %v", ctx.ParamsInt64("lid"), ctx.User, req.Force, err)

  342. 		ctx.JSON(http.StatusInternalServerError, api.LFSLockError{

  343. 			Message: "unable to delete lock : Internal Server Error",

  344. 		})

  345. 		return

  346. 	}

  347. 	ctx.JSON(http.StatusOK, api.LFSLockResponse{Lock: convert.ToLFSLock(lock)})

  348. }