2016-03-13 17:37:44 -04:00
|
|
|
// Copyright 2016 The Gogs Authors. All rights reserved.
|
2019-03-18 21:29:43 -05:00
|
|
|
// Copyright 2019 The Gitea Authors. All rights reserved.
|
2022-11-27 13:20:29 -05:00
|
|
|
// SPDX-License-Identifier: MIT
|
2016-03-13 17:37:44 -04:00
|
|
|
|
|
|
|
|
package context
|
|
|
|
|
|
|
|
|
|
import (
|
2021-01-26 23:36:53 +08:00
|
|
|
"context"
|
2025-05-29 17:34:29 +02:00
|
|
|
"errors"
|
2016-03-13 23:20:22 -04:00
|
|
|
"fmt"
|
2020-05-28 18:58:11 +02:00
|
|
|
"net/http"
|
2019-06-26 16:51:32 +08:00
|
|
|
"net/url"
|
2026-04-02 03:29:37 +02:00
|
|
|
"slices"
|
2016-03-13 23:20:22 -04:00
|
|
|
"strings"
|
|
|
|
|
|
2025-03-27 19:40:14 +00:00
|
|
|
issues_model "forgejo.org/models/issues"
|
|
|
|
|
quota_model "forgejo.org/models/quota"
|
|
|
|
|
"forgejo.org/models/unit"
|
|
|
|
|
user_model "forgejo.org/models/user"
|
|
|
|
|
mc "forgejo.org/modules/cache"
|
|
|
|
|
"forgejo.org/modules/git"
|
|
|
|
|
"forgejo.org/modules/gitrepo"
|
|
|
|
|
"forgejo.org/modules/httpcache"
|
|
|
|
|
"forgejo.org/modules/log"
|
|
|
|
|
"forgejo.org/modules/setting"
|
|
|
|
|
"forgejo.org/modules/web"
|
|
|
|
|
web_types "forgejo.org/modules/web/types"
|
refactor: change authentication to return structured data (#12202)
Currently authentication methods return information in two forms: they return who was authenticated as a `*user_model.User`, and then they insert key-values into `ctx.Data` which has critical impact on how the authenticated request is treated. This PR changes the authentication methods to return structured data in the form of an `AuthenticationResult`, with all the key-value information in `ctx.Data` being moved into methods on the `AuthenticationResult` interface.
Authentication workflows in Forgejo are a real mess. This is the first step in trying to clean it up and make the code predictable and reasonable, and is both follow-up work that was identified from the repo-specific access tokens (where the `"ApiTokenReducer"` key-value was added), and is pre-requisite work to future JWT enhancements that are [being discussed](https://codeberg.org/forgejo/forgejo/issues/3571#issuecomment-13268004).
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. All work and communication must conform to Forgejo's [AI Agreement](https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md). There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests for Go changes
- I added test coverage for Go changes...
- [ ] in their respective `*_test.go` for unit tests.
- [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- All changes, at least in theory, are refactors of existing logic and are not expected to have functional deviations -- existing regression tests are the only planned testing.
- I ran...
- [x] `make pr-go` before pushing
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [ ] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change.
- [x] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12202
Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org>
2026-04-22 21:00:26 +02:00
|
|
|
"forgejo.org/services/auth"
|
2026-02-15 13:06:19 -07:00
|
|
|
"forgejo.org/services/authz"
|
2023-05-21 09:50:53 +08:00
|
|
|
|
2024-08-27 01:57:40 +02:00
|
|
|
"code.forgejo.org/go-chi/cache"
|
2016-03-13 17:37:44 -04:00
|
|
|
)
|
|
|
|
|
|
2021-01-29 23:35:30 +08:00
|
|
|
// APIContext is a specific context for API service
|
2016-03-13 17:37:44 -04:00
|
|
|
type APIContext struct {
|
2023-05-21 09:50:53 +08:00
|
|
|
*Base
|
|
|
|
|
|
|
|
|
|
Cache cache.Cache
|
|
|
|
|
|
refactor: change authentication to return structured data (#12202)
Currently authentication methods return information in two forms: they return who was authenticated as a `*user_model.User`, and then they insert key-values into `ctx.Data` which has critical impact on how the authenticated request is treated. This PR changes the authentication methods to return structured data in the form of an `AuthenticationResult`, with all the key-value information in `ctx.Data` being moved into methods on the `AuthenticationResult` interface.
Authentication workflows in Forgejo are a real mess. This is the first step in trying to clean it up and make the code predictable and reasonable, and is both follow-up work that was identified from the repo-specific access tokens (where the `"ApiTokenReducer"` key-value was added), and is pre-requisite work to future JWT enhancements that are [being discussed](https://codeberg.org/forgejo/forgejo/issues/3571#issuecomment-13268004).
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. All work and communication must conform to Forgejo's [AI Agreement](https://codeberg.org/forgejo/governance/src/branch/main/AIAgreement.md). There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests for Go changes
- I added test coverage for Go changes...
- [ ] in their respective `*_test.go` for unit tests.
- [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- All changes, at least in theory, are refactors of existing logic and are not expected to have functional deviations -- existing regression tests are the only planned testing.
- I ran...
- [x] `make pr-go` before pushing
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [ ] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change.
- [x] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/12202
Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org>
2026-04-22 21:00:26 +02:00
|
|
|
Doer *user_model.User // current signed-in user
|
|
|
|
|
IsSigned bool
|
|
|
|
|
Authentication auth.AuthenticationResult
|
2023-05-21 09:50:53 +08:00
|
|
|
|
|
|
|
|
ContextUser *user_model.User // the user which is being visited, in most cases it differs from Doer
|
|
|
|
|
|
feat(quota): Humble beginnings of a quota engine
This is an implementation of a quota engine, and the API routes to
manage its settings. This does *not* contain any enforcement code: this
is just the bedrock, the engine itself.
The goal of the engine is to be flexible and future proof: to be nimble
enough to build on it further, without having to rewrite large parts of
it.
It might feel a little more complicated than necessary, because the goal
was to be able to support scenarios only very few Forgejo instances
need, scenarios the vast majority of mostly smaller instances simply do
not care about. The goal is to support both big and small, and for that,
we need a solid, flexible foundation.
There are thee big parts to the engine: counting quota use, setting
limits, and evaluating whether the usage is within the limits. Sounds
simple on paper, less so in practice!
Quota counting
==============
Quota is counted based on repo ownership, whenever possible, because
repo owners are in ultimate control over the resources they use: they
can delete repos, attachments, everything, even if they don't *own*
those themselves. They can clean up, and will always have the permission
and access required to do so. Would we count quota based on the owning
user, that could lead to situations where a user is unable to free up
space, because they uploaded a big attachment to a repo that has been
taken private since. It's both more fair, and much safer to count quota
against repo owners.
This means that if user A uploads an attachment to an issue opened
against organization O, that will count towards the quota of
organization O, rather than user A.
One's quota usage stats can be queried using the `/user/quota` API
endpoint. To figure out what's eating into it, the
`/user/repos?order_by=size`, `/user/quota/attachments`,
`/user/quota/artifacts`, and `/user/quota/packages` endpoints should be
consulted. There's also `/user/quota/check?subject=<...>` to check
whether the signed-in user is within a particular quota limit.
Quotas are counted based on sizes stored in the database.
Setting quota limits
====================
There are different "subjects" one can limit usage for. At this time,
only size-based limits are implemented, which are:
- `size:all`: As the name would imply, the total size of everything
Forgejo tracks.
- `size:repos:all`: The total size of all repositories (not including
LFS).
- `size:repos:public`: The total size of all public repositories (not
including LFS).
- `size:repos:private`: The total size of all private repositories (not
including LFS).
- `size:git:all`: The total size of all git data (including all
repositories, and LFS).
- `size:git:lfs`: The size of all git LFS data (either in private or
public repos).
- `size:assets:all`: The size of all assets tracked by Forgejo.
- `size:assets:attachments:all`: The size of all kinds of attachments
tracked by Forgejo.
- `size:assets:attachments:issues`: Size of all attachments attached to
issues, including issue comments.
- `size:assets:attachments:releases`: Size of all attachments attached
to releases. This does *not* include automatically generated archives.
- `size:assets:artifacts`: Size of all Action artifacts.
- `size:assets:packages:all`: Size of all Packages.
- `size:wiki`: Wiki size
Wiki size is currently not tracked, and the engine will always deem it
within quota.
These subjects are built into Rules, which set a limit on *all* subjects
within a rule. Thus, we can create a rule that says: "1Gb limit on all
release assets, all packages, and git LFS, combined". For a rule to
stand, the total sum of all subjects must be below the rule's limit.
Rules are in turn collected into groups. A group is just a name, and a
list of rules. For a group to stand, all of its rules must stand. Thus,
if we have a group with two rules, one that sets a combined 1Gb limit on
release assets, all packages, and git LFS, and another rule that sets a
256Mb limit on packages, if the user has 512Mb of packages, the group
will not stand, because the second rule deems it over quota. Similarly,
if the user has only 128Mb of packages, but 900Mb of release assets, the
group will not stand, because the combined size of packages and release
assets is over the 1Gb limit of the first rule.
Groups themselves are collected into Group Lists. A group list stands
when *any* of the groups within stand. This allows an administrator to
set conservative defaults, but then place select users into additional
groups that increase some aspect of their limits.
To top it off, it is possible to set the default quota groups a user
belongs to in `app.ini`. If there's no explicit assignment, the engine
will use the default groups. This makes it possible to avoid having to
assign each and every user a list of quota groups, and only those need
to be explicitly assigned who need a different set of groups than the
defaults.
If a user has any quota groups assigned to them, the default list will
not be considered for them.
The management APIs
===================
This commit contains the engine itself, its unit tests, and the quota
management APIs. It does not contain any enforcement.
The APIs are documented in-code, and in the swagger docs, and the
integration tests can serve as an example on how to use them.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-07-06 10:25:41 +02:00
|
|
|
Repo *Repository
|
|
|
|
|
Comment *issues_model.Comment
|
|
|
|
|
Org *APIOrganization
|
|
|
|
|
Package *Package
|
|
|
|
|
QuotaGroup *quota_model.Group
|
|
|
|
|
QuotaRule *quota_model.Rule
|
2024-10-08 17:51:09 +08:00
|
|
|
PublicOnly bool // Whether the request is for a public endpoint
|
2026-02-15 13:06:19 -07:00
|
|
|
Reducer authz.AuthorizationReducer
|
2016-03-13 17:37:44 -04:00
|
|
|
}
|
|
|
|
|
|
2023-06-18 15:59:09 +08:00
|
|
|
func init() {
|
|
|
|
|
web.RegisterResponseStatusProvider[*APIContext](func(req *http.Request) web_types.ResponseStatusProvider {
|
|
|
|
|
return req.Context().Value(apiContextKey).(*APIContext)
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-28 13:28:27 +00:00
|
|
|
// Currently, we have the following common fields in error response:
|
|
|
|
|
// * message: the message for end users (it shouldn't be used for error type detection)
|
|
|
|
|
// if we need to indicate some errors, we should introduce some new fields like ErrorCode or ErrorType
|
|
|
|
|
// * url: the swagger document URL
|
|
|
|
|
|
2017-05-02 15:35:59 +02:00
|
|
|
type APIError struct {
|
|
|
|
|
Message string `json:"message"`
|
|
|
|
|
URL string `json:"url"`
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-07 18:36:07 +02:00
|
|
|
// APIError is error format response
|
|
|
|
|
// swagger:response error
|
|
|
|
|
type swaggerAPIError struct {
|
|
|
|
|
// in:body
|
|
|
|
|
Body APIError `json:"body"`
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-02 15:35:59 +02:00
|
|
|
type APIValidationError struct {
|
|
|
|
|
Message string `json:"message"`
|
|
|
|
|
URL string `json:"url"`
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-07 18:36:07 +02:00
|
|
|
// APIValidationError is error format response related to input validation
|
|
|
|
|
// swagger:response validationError
|
|
|
|
|
type swaggerAPIValidationError struct {
|
|
|
|
|
// in:body
|
|
|
|
|
Body APIValidationError `json:"body"`
|
|
|
|
|
}
|
|
|
|
|
|
2019-12-20 18:07:12 +01:00
|
|
|
type APIInvalidTopicsError struct {
|
2021-12-28 13:28:27 +00:00
|
|
|
Message string `json:"message"`
|
|
|
|
|
InvalidTopics []string `json:"invalidTopics"`
|
2019-12-20 18:07:12 +01:00
|
|
|
}
|
|
|
|
|
|
2024-10-07 18:36:07 +02:00
|
|
|
// APIInvalidTopicsError is error format response to invalid topics
|
|
|
|
|
// swagger:response invalidTopicsError
|
|
|
|
|
type swaggerAPIInvalidTopicsError struct {
|
|
|
|
|
// in:body
|
|
|
|
|
Body APIInvalidTopicsError `json:"body"`
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-20 18:46:10 +01:00
|
|
|
// APIEmpty is an empty response
|
2017-05-02 15:35:59 +02:00
|
|
|
// swagger:response empty
|
|
|
|
|
type APIEmpty struct{}
|
|
|
|
|
|
2024-11-23 10:33:55 +01:00
|
|
|
type APIUnauthorizedError struct {
|
|
|
|
|
APIError
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// APIUnauthorizedError is a unauthorized error response
|
|
|
|
|
// swagger:response unauthorized
|
|
|
|
|
type swaggerAPUnauthorizedError struct {
|
|
|
|
|
// in:body
|
|
|
|
|
Body APIUnauthorizedError `json:"body"`
|
|
|
|
|
}
|
|
|
|
|
|
2017-05-02 15:35:59 +02:00
|
|
|
type APIForbiddenError struct {
|
|
|
|
|
APIError
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-07 18:36:07 +02:00
|
|
|
// APIForbiddenError is a forbidden error response
|
|
|
|
|
// swagger:response forbidden
|
|
|
|
|
type swaggerAPIForbiddenError struct {
|
|
|
|
|
// in:body
|
|
|
|
|
Body APIForbiddenError `json:"body"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type APINotFound struct {
|
|
|
|
|
Message string `json:"message"`
|
|
|
|
|
URL string `json:"url"`
|
|
|
|
|
Errors []string `json:"errors"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// APINotFound is a not found error response
|
2017-05-02 15:35:59 +02:00
|
|
|
// swagger:response notFound
|
2024-10-07 18:36:07 +02:00
|
|
|
type swaggerAPINotFound struct {
|
|
|
|
|
// in:body
|
|
|
|
|
Body APINotFound `json:"body"`
|
|
|
|
|
}
|
2017-05-02 15:35:59 +02:00
|
|
|
|
2022-01-20 18:46:10 +01:00
|
|
|
// APIConflict is a conflict empty response
|
2020-10-30 20:56:34 -05:00
|
|
|
// swagger:response conflict
|
|
|
|
|
type APIConflict struct{}
|
|
|
|
|
|
2022-01-20 18:46:10 +01:00
|
|
|
// APIRedirect is a redirect response
|
2017-08-21 13:13:47 +02:00
|
|
|
// swagger:response redirect
|
|
|
|
|
type APIRedirect struct{}
|
|
|
|
|
|
2022-01-20 18:46:10 +01:00
|
|
|
// APIString is a string response
|
2020-06-05 12:03:12 +01:00
|
|
|
// swagger:response string
|
|
|
|
|
type APIString string
|
|
|
|
|
|
2023-09-22 01:43:29 +02:00
|
|
|
type APIRepoArchivedError struct {
|
|
|
|
|
APIError
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-07 18:36:07 +02:00
|
|
|
// APIRepoArchivedError is an error that is raised when an archived repo should be modified
|
|
|
|
|
// swagger:response repoArchivedError
|
|
|
|
|
type swaggerAPIRepoArchivedError struct {
|
|
|
|
|
// in:body
|
|
|
|
|
Body APIRepoArchivedError `json:"body"`
|
|
|
|
|
}
|
|
|
|
|
|
2025-02-12 20:18:33 +00:00
|
|
|
type APIInternalServerError struct {
|
|
|
|
|
APIError
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// APIInternalServerError is an error that is raised when an internal server error occurs
|
|
|
|
|
// swagger:response internalServerError
|
|
|
|
|
type swaggerAPIInternalServerError struct {
|
|
|
|
|
// in:body
|
|
|
|
|
Body APIInternalServerError `json:"body"`
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-23 20:33:43 +01:00
|
|
|
// ServerError responds with error message, status is 500
|
|
|
|
|
func (ctx *APIContext) ServerError(title string, err error) {
|
|
|
|
|
ctx.Error(http.StatusInternalServerError, title, err)
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-28 18:58:11 +02:00
|
|
|
// Error responds with an error message to client with given obj as the message.
|
2016-03-13 18:49:16 -04:00
|
|
|
// If status is 500, also it prints error to log.
|
2023-07-04 20:36:08 +02:00
|
|
|
func (ctx *APIContext) Error(status int, title string, obj any) {
|
2016-03-13 18:49:16 -04:00
|
|
|
var message string
|
|
|
|
|
if err, ok := obj.(error); ok {
|
|
|
|
|
message = err.Error()
|
|
|
|
|
} else {
|
2020-05-28 18:58:11 +02:00
|
|
|
message = fmt.Sprintf("%s", obj)
|
2016-03-13 18:49:16 -04:00
|
|
|
}
|
|
|
|
|
|
2020-05-28 18:58:11 +02:00
|
|
|
if status == http.StatusInternalServerError {
|
|
|
|
|
log.ErrorWithSkip(1, "%s: %s", title, message)
|
2020-06-03 20:17:54 +02:00
|
|
|
|
2025-03-28 22:22:21 +00:00
|
|
|
if setting.IsProd && (ctx.Doer == nil || !ctx.Doer.IsAdmin) {
|
2020-06-03 20:17:54 +02:00
|
|
|
message = ""
|
|
|
|
|
}
|
2016-03-13 18:49:16 -04:00
|
|
|
}
|
|
|
|
|
|
2017-05-02 15:35:59 +02:00
|
|
|
ctx.JSON(status, APIError{
|
|
|
|
|
Message: message,
|
2019-06-12 16:07:24 -05:00
|
|
|
URL: setting.API.SwaggerURL,
|
2016-03-13 18:49:16 -04:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-28 18:58:11 +02:00
|
|
|
// InternalServerError responds with an error message to the client with the error as a message
|
|
|
|
|
// and the file and line of the caller.
|
|
|
|
|
func (ctx *APIContext) InternalServerError(err error) {
|
|
|
|
|
log.ErrorWithSkip(1, "InternalServerError: %v", err)
|
|
|
|
|
|
|
|
|
|
var message string
|
2022-03-22 08:03:22 +01:00
|
|
|
if !setting.IsProd || (ctx.Doer != nil && ctx.Doer.IsAdmin) {
|
2020-05-28 18:58:11 +02:00
|
|
|
message = err.Error()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctx.JSON(http.StatusInternalServerError, APIError{
|
|
|
|
|
Message: message,
|
|
|
|
|
URL: setting.API.SwaggerURL,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-28 13:28:27 +00:00
|
|
|
type apiContextKeyType struct{}
|
|
|
|
|
|
|
|
|
|
var apiContextKey = apiContextKeyType{}
|
2021-01-26 23:36:53 +08:00
|
|
|
|
|
|
|
|
// GetAPIContext returns a context for API routes
|
|
|
|
|
func GetAPIContext(req *http.Request) *APIContext {
|
|
|
|
|
return req.Context().Value(apiContextKey).(*APIContext)
|
|
|
|
|
}
|
|
|
|
|
|
2019-06-26 16:51:32 +08:00
|
|
|
func genAPILinks(curURL *url.URL, total, pageSize, curPage int) []string {
|
|
|
|
|
page := NewPagination(total, pageSize, curPage, 0)
|
2019-04-20 06:15:19 +02:00
|
|
|
paginater := page.Paginater
|
2016-03-13 23:20:22 -04:00
|
|
|
links := make([]string, 0, 4)
|
2019-06-26 16:51:32 +08:00
|
|
|
|
2019-04-20 06:15:19 +02:00
|
|
|
if paginater.HasNext() {
|
2019-06-26 16:51:32 +08:00
|
|
|
u := *curURL
|
|
|
|
|
queries := u.Query()
|
|
|
|
|
queries.Set("page", fmt.Sprintf("%d", paginater.Next()))
|
|
|
|
|
u.RawQuery = queries.Encode()
|
|
|
|
|
|
|
|
|
|
links = append(links, fmt.Sprintf("<%s%s>; rel=\"next\"", setting.AppURL, u.RequestURI()[1:]))
|
2016-03-13 23:20:22 -04:00
|
|
|
}
|
2019-04-20 06:15:19 +02:00
|
|
|
if !paginater.IsLast() {
|
2019-06-26 16:51:32 +08:00
|
|
|
u := *curURL
|
|
|
|
|
queries := u.Query()
|
|
|
|
|
queries.Set("page", fmt.Sprintf("%d", paginater.TotalPages()))
|
|
|
|
|
u.RawQuery = queries.Encode()
|
|
|
|
|
|
|
|
|
|
links = append(links, fmt.Sprintf("<%s%s>; rel=\"last\"", setting.AppURL, u.RequestURI()[1:]))
|
2016-03-13 23:20:22 -04:00
|
|
|
}
|
2019-04-20 06:15:19 +02:00
|
|
|
if !paginater.IsFirst() {
|
2019-06-26 16:51:32 +08:00
|
|
|
u := *curURL
|
|
|
|
|
queries := u.Query()
|
|
|
|
|
queries.Set("page", "1")
|
|
|
|
|
u.RawQuery = queries.Encode()
|
|
|
|
|
|
|
|
|
|
links = append(links, fmt.Sprintf("<%s%s>; rel=\"first\"", setting.AppURL, u.RequestURI()[1:]))
|
2016-03-13 23:20:22 -04:00
|
|
|
}
|
2019-04-20 06:15:19 +02:00
|
|
|
if paginater.HasPrevious() {
|
2019-06-26 16:51:32 +08:00
|
|
|
u := *curURL
|
|
|
|
|
queries := u.Query()
|
|
|
|
|
queries.Set("page", fmt.Sprintf("%d", paginater.Previous()))
|
|
|
|
|
u.RawQuery = queries.Encode()
|
|
|
|
|
|
|
|
|
|
links = append(links, fmt.Sprintf("<%s%s>; rel=\"prev\"", setting.AppURL, u.RequestURI()[1:]))
|
2016-03-13 23:20:22 -04:00
|
|
|
}
|
2019-06-26 16:51:32 +08:00
|
|
|
return links
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// SetLinkHeader sets pagination link header by given total number and page size.
|
|
|
|
|
func (ctx *APIContext) SetLinkHeader(total, pageSize int) {
|
2021-07-29 09:42:15 +08:00
|
|
|
links := genAPILinks(ctx.Req.URL, total, pageSize, ctx.FormInt("page"))
|
2016-03-13 23:20:22 -04:00
|
|
|
|
|
|
|
|
if len(links) > 0 {
|
2021-12-15 14:59:57 +08:00
|
|
|
ctx.RespHeader().Set("Link", strings.Join(links, ","))
|
2021-08-12 14:43:08 +02:00
|
|
|
ctx.AppendAccessControlExposeHeaders("Link")
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-29 23:35:30 +08:00
|
|
|
// APIContexter returns apicontext as middleware
|
2021-01-26 23:36:53 +08:00
|
|
|
func APIContexter() func(http.Handler) http.Handler {
|
|
|
|
|
return func(next http.Handler) http.Handler {
|
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
2023-05-21 09:50:53 +08:00
|
|
|
base, baseCleanUp := NewBaseContext(w, req)
|
|
|
|
|
ctx := &APIContext{
|
|
|
|
|
Base: base,
|
|
|
|
|
Cache: mc.GetCache(),
|
|
|
|
|
Repo: &Repository{PullRequest: &PullRequest{}},
|
|
|
|
|
Org: &APIOrganization{},
|
2021-01-26 23:36:53 +08:00
|
|
|
}
|
2023-05-21 09:50:53 +08:00
|
|
|
defer baseCleanUp()
|
2021-01-26 23:36:53 +08:00
|
|
|
|
2025-03-28 22:22:21 +00:00
|
|
|
ctx.AppendContextValue(apiContextKey, ctx)
|
|
|
|
|
ctx.AppendContextValueFunc(gitrepo.RepositoryContextKey, func() any { return ctx.Repo.GitRepo })
|
2021-01-26 23:36:53 +08:00
|
|
|
|
2023-03-08 22:40:04 +02:00
|
|
|
httpcache.SetCacheControlInHeader(ctx.Resp.Header(), 0, "no-transform")
|
2021-08-06 21:47:10 +01:00
|
|
|
ctx.Resp.Header().Set(`X-Frame-Options`, setting.CORSConfig.XFrameOptions)
|
2021-01-26 23:36:53 +08:00
|
|
|
|
|
|
|
|
next.ServeHTTP(ctx.Resp, ctx.Req)
|
|
|
|
|
})
|
2016-03-13 17:37:44 -04:00
|
|
|
}
|
|
|
|
|
}
|
2016-11-14 17:33:58 -05:00
|
|
|
|
2019-03-18 21:29:43 -05:00
|
|
|
// NotFound handles 404s for APIContext
|
|
|
|
|
// String will replace message, errors will be added to a slice
|
2023-07-04 20:36:08 +02:00
|
|
|
func (ctx *APIContext) NotFound(objs ...any) {
|
2024-02-15 05:48:45 +08:00
|
|
|
message := ctx.Locale.TrString("error.not_found")
|
2024-10-07 18:36:07 +02:00
|
|
|
errors := make([]string, 0)
|
2019-03-18 21:29:43 -05:00
|
|
|
for _, obj := range objs {
|
2020-05-05 19:52:13 +01:00
|
|
|
// Ignore nil
|
|
|
|
|
if obj == nil {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
|
2019-03-18 21:29:43 -05:00
|
|
|
if err, ok := obj.(error); ok {
|
|
|
|
|
errors = append(errors, err.Error())
|
|
|
|
|
} else {
|
|
|
|
|
message = obj.(string)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-10-07 18:36:07 +02:00
|
|
|
ctx.JSON(http.StatusNotFound, APINotFound{
|
|
|
|
|
Message: message,
|
|
|
|
|
URL: setting.API.SwaggerURL,
|
|
|
|
|
Errors: errors,
|
2019-03-18 21:29:43 -05:00
|
|
|
})
|
|
|
|
|
}
|
2020-11-14 17:13:55 +01:00
|
|
|
|
2022-04-21 17:17:57 +02:00
|
|
|
// ReferencesGitRepo injects the GitRepo into the Context
|
|
|
|
|
// you can optional skip the IsEmpty check
|
|
|
|
|
func ReferencesGitRepo(allowEmpty ...bool) func(ctx *APIContext) (cancel context.CancelFunc) {
|
|
|
|
|
return func(ctx *APIContext) (cancel context.CancelFunc) {
|
2020-11-14 17:13:55 +01:00
|
|
|
// Empty repository does not have reference information.
|
2025-03-28 22:22:21 +00:00
|
|
|
if ctx.Repo.Repository.IsEmpty && (len(allowEmpty) == 0 || !allowEmpty[0]) {
|
2023-07-09 13:58:06 +02:00
|
|
|
return nil
|
2020-11-14 17:13:55 +01:00
|
|
|
}
|
|
|
|
|
|
2022-04-21 17:17:57 +02:00
|
|
|
// For API calls.
|
2020-11-14 17:13:55 +01:00
|
|
|
if ctx.Repo.GitRepo == nil {
|
Simplify how git repositories are opened (#28937)
## Purpose
This is a refactor toward building an abstraction over managing git
repositories.
Afterwards, it does not matter anymore if they are stored on the local
disk or somewhere remote.
## What this PR changes
We used `git.OpenRepository` everywhere previously.
Now, we should split them into two distinct functions:
Firstly, there are temporary repositories which do not change:
```go
git.OpenRepository(ctx, diskPath)
```
Gitea managed repositories having a record in the database in the
`repository` table are moved into the new package `gitrepo`:
```go
gitrepo.OpenRepository(ctx, repo_model.Repo)
```
Why is `repo_model.Repository` the second parameter instead of file
path?
Because then we can easily adapt our repository storage strategy.
The repositories can be stored locally, however, they could just as well
be stored on a remote server.
## Further changes in other PRs
- A Git Command wrapper on package `gitrepo` could be created. i.e.
`NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir:
repo.RepoPath()}`, the directory should be empty before invoking this
method and it can be filled in the function only. #28940
- Remove the `RepoPath()`/`WikiPath()` functions to reduce the
possibility of mistakes.
---------
Co-authored-by: delvh <dev.lh@web.de>
2024-01-28 04:09:51 +08:00
|
|
|
gitRepo, err := gitrepo.OpenRepository(ctx, ctx.Repo.Repository)
|
2020-11-14 17:13:55 +01:00
|
|
|
if err != nil {
|
Simplify how git repositories are opened (#28937)
## Purpose
This is a refactor toward building an abstraction over managing git
repositories.
Afterwards, it does not matter anymore if they are stored on the local
disk or somewhere remote.
## What this PR changes
We used `git.OpenRepository` everywhere previously.
Now, we should split them into two distinct functions:
Firstly, there are temporary repositories which do not change:
```go
git.OpenRepository(ctx, diskPath)
```
Gitea managed repositories having a record in the database in the
`repository` table are moved into the new package `gitrepo`:
```go
gitrepo.OpenRepository(ctx, repo_model.Repo)
```
Why is `repo_model.Repository` the second parameter instead of file
path?
Because then we can easily adapt our repository storage strategy.
The repositories can be stored locally, however, they could just as well
be stored on a remote server.
## Further changes in other PRs
- A Git Command wrapper on package `gitrepo` could be created. i.e.
`NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir:
repo.RepoPath()}`, the directory should be empty before invoking this
method and it can be filled in the function only. #28940
- Remove the `RepoPath()`/`WikiPath()` functions to reduce the
possibility of mistakes.
---------
Co-authored-by: delvh <dev.lh@web.de>
2024-01-28 04:09:51 +08:00
|
|
|
ctx.Error(http.StatusInternalServerError, fmt.Sprintf("Open Repository %v failed", ctx.Repo.Repository.FullName()), err)
|
2023-07-09 13:58:06 +02:00
|
|
|
return cancel
|
2020-11-14 17:13:55 +01:00
|
|
|
}
|
2022-04-21 17:17:57 +02:00
|
|
|
ctx.Repo.GitRepo = gitRepo
|
2020-11-14 17:13:55 +01:00
|
|
|
// We opened it, we should close it
|
2022-04-21 17:17:57 +02:00
|
|
|
return func() {
|
2020-11-14 17:13:55 +01:00
|
|
|
// If it's been set to nil then assume someone else has closed it.
|
|
|
|
|
if ctx.Repo.GitRepo != nil {
|
2023-05-21 09:50:53 +08:00
|
|
|
_ = ctx.Repo.GitRepo.Close()
|
2020-11-14 17:13:55 +01:00
|
|
|
}
|
2022-04-21 17:17:57 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-06-20 12:02:49 +02:00
|
|
|
return cancel
|
2022-04-21 17:17:57 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// RepoRefForAPI handles repository reference names when the ref name is not explicitly given
|
|
|
|
|
func RepoRefForAPI(next http.Handler) http.Handler {
|
|
|
|
|
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
|
|
|
|
|
ctx := GetAPIContext(req)
|
|
|
|
|
|
2025-02-20 21:50:46 +00:00
|
|
|
if ctx.Repo.Repository.IsEmpty {
|
2025-05-29 17:34:29 +02:00
|
|
|
ctx.NotFound(errors.New("repository is empty"))
|
2025-02-20 21:50:46 +00:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2022-04-21 17:17:57 +02:00
|
|
|
if ctx.Repo.GitRepo == nil {
|
2025-05-29 17:34:29 +02:00
|
|
|
ctx.InternalServerError(errors.New("no open git repo"))
|
2022-04-21 17:17:57 +02:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ref := ctx.FormTrim("ref"); len(ref) > 0 {
|
|
|
|
|
commit, err := ctx.Repo.GitRepo.GetCommit(ref)
|
|
|
|
|
if err != nil {
|
|
|
|
|
if git.IsErrNotExist(err) {
|
|
|
|
|
ctx.NotFound()
|
|
|
|
|
} else {
|
2023-04-26 17:14:35 +09:00
|
|
|
ctx.Error(http.StatusInternalServerError, "GetCommit", err)
|
2022-04-21 17:17:57 +02:00
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
ctx.Repo.Commit = commit
|
2023-08-12 03:33:12 -04:00
|
|
|
ctx.Repo.CommitID = ctx.Repo.Commit.ID.String()
|
2022-04-26 12:15:45 -05:00
|
|
|
ctx.Repo.TreePath = ctx.Params("*")
|
2023-04-27 14:06:45 +08:00
|
|
|
next.ServeHTTP(w, req)
|
2022-04-21 17:17:57 +02:00
|
|
|
return
|
2020-11-14 17:13:55 +01:00
|
|
|
}
|
|
|
|
|
|
2023-05-21 09:50:53 +08:00
|
|
|
refName := getRefName(ctx.Base, ctx.Repo, RepoRefAny)
|
2024-02-24 14:55:19 +08:00
|
|
|
var err error
|
2020-11-14 17:13:55 +01:00
|
|
|
|
|
|
|
|
if ctx.Repo.GitRepo.IsBranchExist(refName) {
|
|
|
|
|
ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetBranchCommit(refName)
|
|
|
|
|
if err != nil {
|
|
|
|
|
ctx.InternalServerError(err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
ctx.Repo.CommitID = ctx.Repo.Commit.ID.String()
|
|
|
|
|
} else if ctx.Repo.GitRepo.IsTagExist(refName) {
|
|
|
|
|
ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetTagCommit(refName)
|
|
|
|
|
if err != nil {
|
|
|
|
|
ctx.InternalServerError(err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
ctx.Repo.CommitID = ctx.Repo.Commit.ID.String()
|
2024-02-24 14:55:19 +08:00
|
|
|
} else if len(refName) == ctx.Repo.GetObjectFormat().FullLength() {
|
2020-11-14 17:13:55 +01:00
|
|
|
ctx.Repo.CommitID = refName
|
|
|
|
|
ctx.Repo.Commit, err = ctx.Repo.GitRepo.GetCommit(refName)
|
|
|
|
|
if err != nil {
|
|
|
|
|
ctx.NotFound("GetCommit", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
ctx.NotFound(fmt.Errorf("not exist: '%s'", ctx.Params("*")))
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-26 23:36:53 +08:00
|
|
|
next.ServeHTTP(w, req)
|
|
|
|
|
})
|
2020-11-14 17:13:55 +01:00
|
|
|
}
|
2023-05-21 09:50:53 +08:00
|
|
|
|
|
|
|
|
// HasAPIError returns true if error occurs in form validation.
|
|
|
|
|
func (ctx *APIContext) HasAPIError() bool {
|
|
|
|
|
hasErr, ok := ctx.Data["HasError"]
|
|
|
|
|
if !ok {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
return hasErr.(bool)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// GetErrMsg returns error message in form validation.
|
|
|
|
|
func (ctx *APIContext) GetErrMsg() string {
|
|
|
|
|
msg, _ := ctx.Data["ErrorMsg"].(string)
|
|
|
|
|
if msg == "" {
|
|
|
|
|
msg = "invalid form data"
|
|
|
|
|
}
|
|
|
|
|
return msg
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NotFoundOrServerError use error check function to determine if the error
|
|
|
|
|
// is about not found. It responds with 404 status code for not found error,
|
|
|
|
|
// or error context description for logging purpose of 500 server error.
|
|
|
|
|
func (ctx *APIContext) NotFoundOrServerError(logMsg string, errCheck func(error) bool, logErr error) {
|
|
|
|
|
if errCheck(logErr) {
|
|
|
|
|
ctx.JSON(http.StatusNotFound, nil)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
ctx.Error(http.StatusInternalServerError, "NotFoundOrServerError", logMsg)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// IsUserSiteAdmin returns true if current user is a site admin
|
|
|
|
|
func (ctx *APIContext) IsUserSiteAdmin() bool {
|
feat: remove admin-level permissions from repo-specific & public-only access tokens (#11468)
This PR is part of a series (#11311).
If the user authenticating to an API call is a Forgejo site administrator, or a Forgejo repo administrator, a wide variety of permission and ownership checks in the API are either bypassed, or are bypassable. If a user has created an access token with restricted resources, I understand the intent of the user is to create a token which has a layer of risk reduction in the event that the token is lost/leaked to an attacker. For this reason, it makes sense to me that restricted scope access tokens shouldn't inherit the owner's administrator access.
My intent is that repo-specific access tokens [will only be able to access specific authorization scopes](https://codeberg.org/forgejo/design/issues/50#issuecomment-11093951), probably: `repository:read`, `repository:write`, `issue:read`, `issue:write`, (`organization:read` / `user:read` maybe). This means that *most* admin access is not intended to be affected by this because repo-specific access tokens won't have, for example, `admin:write` scope. However, administrative access still grants elevated permissions in some areas that are relevant to these scopes, and need to be restricted:
- The `?sudo=otheruser` query parameter allows site administrators to impersonate other users in the API.
- Repository management rules are different for a site administrator, allowing them to create repos for another user, create repos in another organization, migrate a repository to an arbitrary owner, and transfer a repository to a prviate organization.
- Administrators have access to extra data through some APIs which would be in scope: the detailed configuration of branch protection rules, the some details of repository deploy keys (which repo, and which scope -- seems odd), (user:read -- user SSH keys, activity feeds of private users, user profiles of private users, user webhook configurations).
- Pull request reviews have additional perms for repo administrators, including the ability to dismiss PR reviews, delete PR reviews, and view draft PR reviews.
- Repo admins and site admins can comment on locked issues, and related to comments can edit or delete other user's comments and attachments.
- Repo admins can manage and view logged time on behalf of other users.
A handful of these permissions may make sense for repo-specific access tokens, but most of them clearly exceed the risk that would be expected from creating a limited scope access token. I'd generally prefer to take a restrictive approach, and we can relax it if real-world use-cases come in -- users will have a workaround of creating an access token without repo-specific restrictions if they are blocked from needed access.
**Breaking:** The administration restrictions introduced in this PR affect both repo-specific access tokens, and existing public-only access tokens.
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests for Go changes
(can be removed for JavaScript changes)
- I added test coverage for Go changes...
- [x] in their respective `*_test.go` for unit tests.
- [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I ran...
- [x] `make pr-go` before pushing
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [x] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change.
- Although repo-specific access tokens are not yet exposed to end users, the breaking changes to public-only tokens will be visible to users and require release notes.
- [ ] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/11468
Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org>
Co-authored-by: Mathieu Fenniak <mathieu@fenniak.net>
Co-committed-by: Mathieu Fenniak <mathieu@fenniak.net>
2026-03-04 16:17:41 +01:00
|
|
|
if !ctx.Reducer.AllowAdminOverride() {
|
|
|
|
|
return false
|
|
|
|
|
}
|
2023-05-21 09:50:53 +08:00
|
|
|
return ctx.IsSigned && ctx.Doer.IsAdmin
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// IsUserRepoAdmin returns true if current user is admin in current repo
|
|
|
|
|
func (ctx *APIContext) IsUserRepoAdmin() bool {
|
feat: remove admin-level permissions from repo-specific & public-only access tokens (#11468)
This PR is part of a series (#11311).
If the user authenticating to an API call is a Forgejo site administrator, or a Forgejo repo administrator, a wide variety of permission and ownership checks in the API are either bypassed, or are bypassable. If a user has created an access token with restricted resources, I understand the intent of the user is to create a token which has a layer of risk reduction in the event that the token is lost/leaked to an attacker. For this reason, it makes sense to me that restricted scope access tokens shouldn't inherit the owner's administrator access.
My intent is that repo-specific access tokens [will only be able to access specific authorization scopes](https://codeberg.org/forgejo/design/issues/50#issuecomment-11093951), probably: `repository:read`, `repository:write`, `issue:read`, `issue:write`, (`organization:read` / `user:read` maybe). This means that *most* admin access is not intended to be affected by this because repo-specific access tokens won't have, for example, `admin:write` scope. However, administrative access still grants elevated permissions in some areas that are relevant to these scopes, and need to be restricted:
- The `?sudo=otheruser` query parameter allows site administrators to impersonate other users in the API.
- Repository management rules are different for a site administrator, allowing them to create repos for another user, create repos in another organization, migrate a repository to an arbitrary owner, and transfer a repository to a prviate organization.
- Administrators have access to extra data through some APIs which would be in scope: the detailed configuration of branch protection rules, the some details of repository deploy keys (which repo, and which scope -- seems odd), (user:read -- user SSH keys, activity feeds of private users, user profiles of private users, user webhook configurations).
- Pull request reviews have additional perms for repo administrators, including the ability to dismiss PR reviews, delete PR reviews, and view draft PR reviews.
- Repo admins and site admins can comment on locked issues, and related to comments can edit or delete other user's comments and attachments.
- Repo admins can manage and view logged time on behalf of other users.
A handful of these permissions may make sense for repo-specific access tokens, but most of them clearly exceed the risk that would be expected from creating a limited scope access token. I'd generally prefer to take a restrictive approach, and we can relax it if real-world use-cases come in -- users will have a workaround of creating an access token without repo-specific restrictions if they are blocked from needed access.
**Breaking:** The administration restrictions introduced in this PR affect both repo-specific access tokens, and existing public-only access tokens.
## Checklist
The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).
### Tests for Go changes
(can be removed for JavaScript changes)
- I added test coverage for Go changes...
- [x] in their respective `*_test.go` for unit tests.
- [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I ran...
- [x] `make pr-go` before pushing
### Documentation
- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.
### Release notes
- [x] This change will be noticed by a Forgejo user or admin (feature, bug fix, performance, etc.). I suggest to include a release note for this change.
- Although repo-specific access tokens are not yet exposed to end users, the breaking changes to public-only tokens will be visible to users and require release notes.
- [ ] This change is not visible to a Forgejo user or admin (refactor, dependency upgrade, etc.). I think there is no need to add a release note for this change.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/11468
Reviewed-by: Andreas Ahlenstorf <aahlenst@noreply.codeberg.org>
Co-authored-by: Mathieu Fenniak <mathieu@fenniak.net>
Co-committed-by: Mathieu Fenniak <mathieu@fenniak.net>
2026-03-04 16:17:41 +01:00
|
|
|
if !ctx.Reducer.AllowAdminOverride() {
|
|
|
|
|
return false
|
|
|
|
|
}
|
2023-05-21 09:50:53 +08:00
|
|
|
return ctx.Repo.IsAdmin()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// IsUserRepoWriter returns true if current user has write privilege in current repo
|
|
|
|
|
func (ctx *APIContext) IsUserRepoWriter(unitTypes []unit.Type) bool {
|
2026-04-02 03:29:37 +02:00
|
|
|
return slices.ContainsFunc(unitTypes, ctx.Repo.CanWrite)
|
2023-05-21 09:50:53 +08:00
|
|
|
}
|
2025-09-15 15:53:35 +02:00
|
|
|
|
|
|
|
|
// Returns true when the requests indicates that it accepts a Github response.
|
|
|
|
|
// This should be used to return information in the way that the Github API
|
2026-01-26 22:57:33 +01:00
|
|
|
// specifies it. Avoids breaking compatibility with non-Github API clients.
|
2025-09-15 15:53:35 +02:00
|
|
|
func (ctx *APIContext) AcceptsGithubResponse() bool {
|
|
|
|
|
return ctx.Req.Header.Get("Accept") == "application/vnd.github+json"
|
|
|
|
|
}
|