mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 211 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
14398 Commits
17 Branches
Tree: a1fcb1cfb8
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a1fcb1cfb8'
${ noResults }
gitea/models/asymkey/ssh_key_deploy.go

ssh_key_deploy.go 6.6KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245 
  1. // Copyright 2021 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package asymkey

  5. 

  6. import (

  7. 	"context"

  8. 	"fmt"

  9. 	"time"

  10. 

  11. 	"code.gitea.io/gitea/models/db"

  12. 	"code.gitea.io/gitea/models/perm"

  13. 	"code.gitea.io/gitea/modules/timeutil"

  14. 

  15. 	"xorm.io/builder"

  16. )

  17. 

  18. // ________                .__                 ____  __.

  19. // \______ \   ____ ______ |  |   ____ ___.__.|    |/ _|____ ___.__.

  20. //  |    |  \_/ __ \\____ \|  |  /  _ <   |  ||      <_/ __ <   |  |

  21. //  |    `   \  ___/|  |_> >  |_(  <_> )___  ||    |  \  ___/\___  |

  22. // /_______  /\___  >   __/|____/\____// ____||____|__ \___  > ____|

  23. //         \/     \/|__|               \/             \/   \/\/

  24. //

  25. // This file contains functions specific to DeployKeys

  26. 

  27. // DeployKey represents deploy key information and its relation with repository.

  28. type DeployKey struct {

  29. 	ID          int64 `xorm:"pk autoincr"`

  30. 	KeyID       int64 `xorm:"UNIQUE(s) INDEX"`

  31. 	RepoID      int64 `xorm:"UNIQUE(s) INDEX"`

  32. 	Name        string

  33. 	Fingerprint string

  34. 	Content     string `xorm:"-"`

  35. 

  36. 	Mode perm.AccessMode `xorm:"NOT NULL DEFAULT 1"`

  37. 

  38. 	CreatedUnix       timeutil.TimeStamp `xorm:"created"`

  39. 	UpdatedUnix       timeutil.TimeStamp `xorm:"updated"`

  40. 	HasRecentActivity bool               `xorm:"-"`

  41. 	HasUsed           bool               `xorm:"-"`

  42. }

  43. 

  44. // AfterLoad is invoked from XORM after setting the values of all fields of this object.

  45. func (key *DeployKey) AfterLoad() {

  46. 	key.HasUsed = key.UpdatedUnix > key.CreatedUnix

  47. 	key.HasRecentActivity = key.UpdatedUnix.AddDuration(7*24*time.Hour) > timeutil.TimeStampNow()

  48. }

  49. 

  50. // GetContent gets associated public key content.

  51. func (key *DeployKey) GetContent() error {

  52. 	pkey, err := GetPublicKeyByID(key.KeyID)

  53. 	if err != nil {

  54. 		return err

  55. 	}

  56. 	key.Content = pkey.Content

  57. 	return nil

  58. }

  59. 

  60. // IsReadOnly checks if the key can only be used for read operations, used by template

  61. func (key *DeployKey) IsReadOnly() bool {

  62. 	return key.Mode == perm.AccessModeRead

  63. }

  64. 

  65. func init() {

  66. 	db.RegisterModel(new(DeployKey))

  67. }

  68. 

  69. func checkDeployKey(ctx context.Context, keyID, repoID int64, name string) error {

  70. 	// Note: We want error detail, not just true or false here.

  71. 	has, err := db.GetEngine(ctx).

  72. 		Where("key_id = ? AND repo_id = ?", keyID, repoID).

  73. 		Get(new(DeployKey))

  74. 	if err != nil {

  75. 		return err

  76. 	} else if has {

  77. 		return ErrDeployKeyAlreadyExist{keyID, repoID}

  78. 	}

  79. 

  80. 	has, err = db.GetEngine(ctx).

  81. 		Where("repo_id = ? AND name = ?", repoID, name).

  82. 		Get(new(DeployKey))

  83. 	if err != nil {

  84. 		return err

  85. 	} else if has {

  86. 		return ErrDeployKeyNameAlreadyUsed{repoID, name}

  87. 	}

  88. 

  89. 	return nil

  90. }

  91. 

  92. // addDeployKey adds new key-repo relation.

  93. func addDeployKey(ctx context.Context, keyID, repoID int64, name, fingerprint string, mode perm.AccessMode) (*DeployKey, error) {

  94. 	if err := checkDeployKey(ctx, keyID, repoID, name); err != nil {

  95. 		return nil, err

  96. 	}

  97. 

  98. 	key := &DeployKey{

  99. 		KeyID:       keyID,

  100. 		RepoID:      repoID,

  101. 		Name:        name,

  102. 		Fingerprint: fingerprint,

  103. 		Mode:        mode,

  104. 	}

  105. 	return key, db.Insert(ctx, key)

  106. }

  107. 

  108. // HasDeployKey returns true if public key is a deploy key of given repository.

  109. func HasDeployKey(keyID, repoID int64) bool {

  110. 	has, _ := db.GetEngine(db.DefaultContext).

  111. 		Where("key_id = ? AND repo_id = ?", keyID, repoID).

  112. 		Get(new(DeployKey))

  113. 	return has

  114. }

  115. 

  116. // AddDeployKey add new deploy key to database and authorized_keys file.

  117. func AddDeployKey(repoID int64, name, content string, readOnly bool) (*DeployKey, error) {

  118. 	fingerprint, err := CalcFingerprint(content)

  119. 	if err != nil {

  120. 		return nil, err

  121. 	}

  122. 

  123. 	accessMode := perm.AccessModeRead

  124. 	if !readOnly {

  125. 		accessMode = perm.AccessModeWrite

  126. 	}

  127. 

  128. 	ctx, committer, err := db.TxContext(db.DefaultContext)

  129. 	if err != nil {

  130. 		return nil, err

  131. 	}

  132. 	defer committer.Close()

  133. 

  134. 	pkey := &PublicKey{

  135. 		Fingerprint: fingerprint,

  136. 	}

  137. 	has, err := db.GetByBean(ctx, pkey)

  138. 	if err != nil {

  139. 		return nil, err

  140. 	}

  141. 

  142. 	if has {

  143. 		if pkey.Type != KeyTypeDeploy {

  144. 			return nil, ErrKeyAlreadyExist{0, fingerprint, ""}

  145. 		}

  146. 	} else {

  147. 		// First time use this deploy key.

  148. 		pkey.Mode = accessMode

  149. 		pkey.Type = KeyTypeDeploy

  150. 		pkey.Content = content

  151. 		pkey.Name = name

  152. 		if err = addKey(ctx, pkey); err != nil {

  153. 			return nil, fmt.Errorf("addKey: %w", err)

  154. 		}

  155. 	}

  156. 

  157. 	key, err := addDeployKey(ctx, pkey.ID, repoID, name, pkey.Fingerprint, accessMode)

  158. 	if err != nil {

  159. 		return nil, err

  160. 	}

  161. 

  162. 	return key, committer.Commit()

  163. }

  164. 

  165. // GetDeployKeyByID returns deploy key by given ID.

  166. func GetDeployKeyByID(ctx context.Context, id int64) (*DeployKey, error) {

  167. 	key := new(DeployKey)

  168. 	has, err := db.GetEngine(ctx).ID(id).Get(key)

  169. 	if err != nil {

  170. 		return nil, err

  171. 	} else if !has {

  172. 		return nil, ErrDeployKeyNotExist{id, 0, 0}

  173. 	}

  174. 	return key, nil

  175. }

  176. 

  177. // GetDeployKeyByRepo returns deploy key by given public key ID and repository ID.

  178. func GetDeployKeyByRepo(ctx context.Context, keyID, repoID int64) (*DeployKey, error) {

  179. 	key := &DeployKey{

  180. 		KeyID:  keyID,

  181. 		RepoID: repoID,

  182. 	}

  183. 	has, err := db.GetByBean(ctx, key)

  184. 	if err != nil {

  185. 		return nil, err

  186. 	} else if !has {

  187. 		return nil, ErrDeployKeyNotExist{0, keyID, repoID}

  188. 	}

  189. 	return key, nil

  190. }

  191. 

  192. // IsDeployKeyExistByKeyID return true if there is at least one deploykey with the key id

  193. func IsDeployKeyExistByKeyID(ctx context.Context, keyID int64) (bool, error) {

  194. 	return db.GetEngine(ctx).

  195. 		Where("key_id = ?", keyID).

  196. 		Get(new(DeployKey))

  197. }

  198. 

  199. // UpdateDeployKeyCols updates deploy key information in the specified columns.

  200. func UpdateDeployKeyCols(key *DeployKey, cols ...string) error {

  201. 	_, err := db.GetEngine(db.DefaultContext).ID(key.ID).Cols(cols...).Update(key)

  202. 	return err

  203. }

  204. 

  205. // ListDeployKeysOptions are options for ListDeployKeys

  206. type ListDeployKeysOptions struct {

  207. 	db.ListOptions

  208. 	RepoID      int64

  209. 	KeyID       int64

  210. 	Fingerprint string

  211. }

  212. 

  213. func (opt ListDeployKeysOptions) toCond() builder.Cond {

  214. 	cond := builder.NewCond()

  215. 	if opt.RepoID != 0 {

  216. 		cond = cond.And(builder.Eq{"repo_id": opt.RepoID})

  217. 	}

  218. 	if opt.KeyID != 0 {

  219. 		cond = cond.And(builder.Eq{"key_id": opt.KeyID})

  220. 	}

  221. 	if opt.Fingerprint != "" {

  222. 		cond = cond.And(builder.Eq{"fingerprint": opt.Fingerprint})

  223. 	}

  224. 	return cond

  225. }

  226. 

  227. // ListDeployKeys returns a list of deploy keys matching the provided arguments.

  228. func ListDeployKeys(ctx context.Context, opts *ListDeployKeysOptions) ([]*DeployKey, error) {

  229. 	sess := db.GetEngine(ctx).Where(opts.toCond())

  230. 

  231. 	if opts.Page != 0 {

  232. 		sess = db.SetSessionPagination(sess, opts)

  233. 

  234. 		keys := make([]*DeployKey, 0, opts.PageSize)

  235. 		return keys, sess.Find(&keys)

  236. 	}

  237. 

  238. 	keys := make([]*DeployKey, 0, 5)

  239. 	return keys, sess.Find(&keys)

  240. }

  241. 

  242. // CountDeployKeys returns count deploy keys matching the provided arguments.

  243. func CountDeployKeys(opts *ListDeployKeysOptions) (int64, error) {

  244. 	return db.GetEngine(db.DefaultContext).Where(opts.toCond()).Count(&DeployKey{})

  245. }