mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8885 Commits
17 Branches
Tree: ed646078e1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ed646078e1'
${ noResults }
gitea/modules/context/api.go

api.go 6.3KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249 
  1. // Copyright 2016 The Gogs Authors. All rights reserved.

  2. // Copyright 2019 The Gitea Authors. All rights reserved.

  3. // Use of this source code is governed by a MIT-style

  4. // license that can be found in the LICENSE file.

  5. 

  6. package context

  7. 

  8. import (

  9. 	"fmt"

  10. 	"net/http"

  11. 	"net/url"

  12. 	"strings"

  13. 

  14. 	"code.gitea.io/gitea/models"

  15. 	"code.gitea.io/gitea/modules/git"

  16. 	"code.gitea.io/gitea/modules/log"

  17. 	"code.gitea.io/gitea/modules/setting"

  18. 

  19. 	"gitea.com/macaron/csrf"

  20. 	"gitea.com/macaron/macaron"

  21. )

  22. 

  23. // APIContext is a specific macaron context for API service

  24. type APIContext struct {

  25. 	*Context

  26. 	Org *APIOrganization

  27. }

  28. 

  29. // APIError is error format response

  30. // swagger:response error

  31. type APIError struct {

  32. 	Message string `json:"message"`

  33. 	URL     string `json:"url"`

  34. }

  35. 

  36. // APIValidationError is error format response related to input validation

  37. // swagger:response validationError

  38. type APIValidationError struct {

  39. 	Message string `json:"message"`

  40. 	URL     string `json:"url"`

  41. }

  42. 

  43. // APIInvalidTopicsError is error format response to invalid topics

  44. // swagger:response invalidTopicsError

  45. type APIInvalidTopicsError struct {

  46. 	Topics  []string `json:"invalidTopics"`

  47. 	Message string   `json:"message"`

  48. }

  49. 

  50. //APIEmpty is an empty response

  51. // swagger:response empty

  52. type APIEmpty struct{}

  53. 

  54. //APIForbiddenError is a forbidden error response

  55. // swagger:response forbidden

  56. type APIForbiddenError struct {

  57. 	APIError

  58. }

  59. 

  60. //APINotFound is a not found empty response

  61. // swagger:response notFound

  62. type APINotFound struct{}

  63. 

  64. //APIRedirect is a redirect response

  65. // swagger:response redirect

  66. type APIRedirect struct{}

  67. 

  68. // Error responds with an error message to client with given obj as the message.

  69. // If status is 500, also it prints error to log.

  70. func (ctx *APIContext) Error(status int, title string, obj interface{}) {

  71. 	var message string

  72. 	if err, ok := obj.(error); ok {

  73. 		message = err.Error()

  74. 	} else {

  75. 		message = fmt.Sprintf("%s", obj)

  76. 	}

  77. 

  78. 	if status == http.StatusInternalServerError {

  79. 		log.ErrorWithSkip(1, "%s: %s", title, message)

  80. 	}

  81. 

  82. 	ctx.JSON(status, APIError{

  83. 		Message: message,

  84. 		URL:     setting.API.SwaggerURL,

  85. 	})

  86. }

  87. 

  88. // InternalServerError responds with an error message to the client with the error as a message

  89. // and the file and line of the caller.

  90. func (ctx *APIContext) InternalServerError(err error) {

  91. 	log.ErrorWithSkip(1, "InternalServerError: %v", err)

  92. 

  93. 	var message string

  94. 	if macaron.Env != macaron.PROD {

  95. 		message = err.Error()

  96. 	}

  97. 

  98. 	ctx.JSON(http.StatusInternalServerError, APIError{

  99. 		Message: message,

  100. 		URL:     setting.API.SwaggerURL,

  101. 	})

  102. }

  103. 

  104. func genAPILinks(curURL *url.URL, total, pageSize, curPage int) []string {

  105. 	page := NewPagination(total, pageSize, curPage, 0)

  106. 	paginater := page.Paginater

  107. 	links := make([]string, 0, 4)

  108. 

  109. 	if paginater.HasNext() {

  110. 		u := *curURL

  111. 		queries := u.Query()

  112. 		queries.Set("page", fmt.Sprintf("%d", paginater.Next()))

  113. 		u.RawQuery = queries.Encode()

  114. 

  115. 		links = append(links, fmt.Sprintf("<%s%s>; rel=\"next\"", setting.AppURL, u.RequestURI()[1:]))

  116. 	}

  117. 	if !paginater.IsLast() {

  118. 		u := *curURL

  119. 		queries := u.Query()

  120. 		queries.Set("page", fmt.Sprintf("%d", paginater.TotalPages()))

  121. 		u.RawQuery = queries.Encode()

  122. 

  123. 		links = append(links, fmt.Sprintf("<%s%s>; rel=\"last\"", setting.AppURL, u.RequestURI()[1:]))

  124. 	}

  125. 	if !paginater.IsFirst() {

  126. 		u := *curURL

  127. 		queries := u.Query()

  128. 		queries.Set("page", "1")

  129. 		u.RawQuery = queries.Encode()

  130. 

  131. 		links = append(links, fmt.Sprintf("<%s%s>; rel=\"first\"", setting.AppURL, u.RequestURI()[1:]))

  132. 	}

  133. 	if paginater.HasPrevious() {

  134. 		u := *curURL

  135. 		queries := u.Query()

  136. 		queries.Set("page", fmt.Sprintf("%d", paginater.Previous()))

  137. 		u.RawQuery = queries.Encode()

  138. 

  139. 		links = append(links, fmt.Sprintf("<%s%s>; rel=\"prev\"", setting.AppURL, u.RequestURI()[1:]))

  140. 	}

  141. 	return links

  142. }

  143. 

  144. // SetLinkHeader sets pagination link header by given total number and page size.

  145. func (ctx *APIContext) SetLinkHeader(total, pageSize int) {

  146. 	links := genAPILinks(ctx.Req.URL, total, pageSize, ctx.QueryInt("page"))

  147. 

  148. 	if len(links) > 0 {

  149. 		ctx.Header().Set("Link", strings.Join(links, ","))

  150. 	}

  151. }

  152. 

  153. // RequireCSRF requires a validated a CSRF token

  154. func (ctx *APIContext) RequireCSRF() {

  155. 	headerToken := ctx.Req.Header.Get(ctx.csrf.GetHeaderName())

  156. 	formValueToken := ctx.Req.FormValue(ctx.csrf.GetFormName())

  157. 	if len(headerToken) > 0 || len(formValueToken) > 0 {

  158. 		csrf.Validate(ctx.Context.Context, ctx.csrf)

  159. 	} else {

  160. 		ctx.Context.Error(401)

  161. 	}

  162. }

  163. 

  164. // CheckForOTP validateds OTP

  165. func (ctx *APIContext) CheckForOTP() {

  166. 	otpHeader := ctx.Req.Header.Get("X-Gitea-OTP")

  167. 	twofa, err := models.GetTwoFactorByUID(ctx.Context.User.ID)

  168. 	if err != nil {

  169. 		if models.IsErrTwoFactorNotEnrolled(err) {

  170. 			return // No 2FA enrollment for this user

  171. 		}

  172. 		ctx.Context.Error(500)

  173. 		return

  174. 	}

  175. 	ok, err := twofa.ValidateTOTP(otpHeader)

  176. 	if err != nil {

  177. 		ctx.Context.Error(500)

  178. 		return

  179. 	}

  180. 	if !ok {

  181. 		ctx.Context.Error(401)

  182. 		return

  183. 	}

  184. }

  185. 

  186. // APIContexter returns apicontext as macaron middleware

  187. func APIContexter() macaron.Handler {

  188. 	return func(c *Context) {

  189. 		ctx := &APIContext{

  190. 			Context: c,

  191. 		}

  192. 		c.Map(ctx)

  193. 	}

  194. }

  195. 

  196. // ReferencesGitRepo injects the GitRepo into the Context

  197. func ReferencesGitRepo(allowEmpty bool) macaron.Handler {

  198. 	return func(ctx *APIContext) {

  199. 		// Empty repository does not have reference information.

  200. 		if !allowEmpty && ctx.Repo.Repository.IsEmpty {

  201. 			return

  202. 		}

  203. 

  204. 		// For API calls.

  205. 		if ctx.Repo.GitRepo == nil {

  206. 			repoPath := models.RepoPath(ctx.Repo.Owner.Name, ctx.Repo.Repository.Name)

  207. 			gitRepo, err := git.OpenRepository(repoPath)

  208. 			if err != nil {

  209. 				ctx.Error(500, "RepoRef Invalid repo "+repoPath, err)

  210. 				return

  211. 			}

  212. 			ctx.Repo.GitRepo = gitRepo

  213. 			// We opened it, we should close it

  214. 			defer func() {

  215. 				// If it's been set to nil then assume someone else has closed it.

  216. 				if ctx.Repo.GitRepo != nil {

  217. 					ctx.Repo.GitRepo.Close()

  218. 				}

  219. 			}()

  220. 		}

  221. 

  222. 		ctx.Next()

  223. 	}

  224. }

  225. 

  226. // NotFound handles 404s for APIContext

  227. // String will replace message, errors will be added to a slice

  228. func (ctx *APIContext) NotFound(objs ...interface{}) {

  229. 	var message = "Not Found"

  230. 	var errors []string

  231. 	for _, obj := range objs {

  232. 		// Ignore nil

  233. 		if obj == nil {

  234. 			continue

  235. 		}

  236. 

  237. 		if err, ok := obj.(error); ok {

  238. 			errors = append(errors, err.Error())

  239. 		} else {

  240. 			message = obj.(string)

  241. 		}

  242. 	}

  243. 

  244. 	ctx.JSON(404, map[string]interface{}{

  245. 		"message":           message,

  246. 		"documentation_url": setting.API.SwaggerURL,

  247. 		"errors":            errors,

  248. 	})

  249. }