Browse Source

#2650 fix possbility that use email as pusher user name

Remove the possibility of using email as user name when user actually push
through combination of email and password with HTTP.

Also refactor update action function to replcae tons of arguments with
single PushUpdateOptions struct.
And define the user who pushes code as pusher, therefore variable names shouldn't
be confusing any more.
Unknwon 4 years ago
parent
commit
338af89d56
7 changed files with 71 additions and 49 deletions
  1. 1 1
      README.md
  2. 9 2
      cmd/serve.go
  3. 1 1
      gogs.go
  4. 50 40
      models/update.go
  5. 0 2
      modules/base/base.go
  6. 9 2
      routers/repo/http.go
  7. 1 1
      templates/.VERSION

+ 1 - 1
README.md

@@ -3,7 +3,7 @@ Gogs - Go Git Service [![Build Status](https://travis-ci.org/gogits/gogs.svg?bra
3 3
 
4 4
 ![](https://github.com/gogits/gogs/blob/master/public/img/gogs-large-resize.png?raw=true)
5 5
 
6
-##### Current version: 0.8.37
6
+##### Current version: 0.8.38
7 7
 
8 8
 | Web | UI  | Preview  |
9 9
 |:-------------:|:-------:|:-------:|

+ 9 - 2
cmd/serve.go

@@ -104,8 +104,15 @@ func handleUpdateTask(uuid string, user, repoUser *models.User, reponame string,
104 104
 		return
105 105
 	}
106 106
 
107
-	if err = models.Update(task.RefName, task.OldCommitID, task.NewCommitID,
108
-		user.Name, repoUser.Name, reponame, user.Id); err != nil {
107
+	if err = models.PushUpdate(models.PushUpdateOptions{
108
+		RefName:      task.RefName,
109
+		OldCommitID:  task.OldCommitID,
110
+		NewCommitID:  task.NewCommitID,
111
+		PusherID:     user.Id,
112
+		PusherName:   user.Name,
113
+		RepoUserName: repoUser.Name,
114
+		RepoName:     reponame,
115
+	}); err != nil {
109 116
 		log.GitLogger.Error(2, "Update: %v", err)
110 117
 	}
111 118
 

+ 1 - 1
gogs.go

@@ -17,7 +17,7 @@ import (
17 17
 	"github.com/gogits/gogs/modules/setting"
18 18
 )
19 19
 
20
-const APP_VER = "0.8.37.0217"
20
+const APP_VER = "0.8.38.0217"
21 21
 
22 22
 func init() {
23 23
 	runtime.GOMAXPROCS(runtime.NumCPU())

+ 50 - 40
models/update.go

@@ -10,7 +10,7 @@ import (
10 10
 	"os/exec"
11 11
 	"strings"
12 12
 
13
-	"github.com/gogits/git-module"
13
+	git "github.com/gogits/git-module"
14 14
 
15 15
 	"github.com/gogits/gogs/modules/log"
16 16
 )
@@ -65,94 +65,104 @@ func ListToPushCommits(l *list.List) *PushCommits {
65 65
 	return &PushCommits{l.Len(), commits, "", nil}
66 66
 }
67 67
 
68
-func Update(refName, oldCommitID, newCommitID, userName, repoUserName, repoName string, userID int64) error {
69
-	isNew := strings.HasPrefix(oldCommitID, "0000000")
70
-	if isNew &&
71
-		strings.HasPrefix(newCommitID, "0000000") {
72
-		return fmt.Errorf("old rev and new rev both 000000")
68
+type PushUpdateOptions struct {
69
+	RefName      string
70
+	OldCommitID  string
71
+	NewCommitID  string
72
+	PusherID     int64
73
+	PusherName   string
74
+	RepoUserName string
75
+	RepoName     string
76
+}
77
+
78
+// PushUpdate must be called for any push actions in order to
79
+// generates necessary push action history feeds.
80
+func PushUpdate(opts PushUpdateOptions) (err error) {
81
+	isNewRef := strings.HasPrefix(opts.OldCommitID, "0000000")
82
+	isDelRef := strings.HasPrefix(opts.NewCommitID, "0000000")
83
+	if isNewRef && isDelRef {
84
+		return fmt.Errorf("Old and new revisions both start with 000000")
73 85
 	}
74 86
 
75
-	f := RepoPath(repoUserName, repoName)
87
+	repoPath := RepoPath(opts.RepoUserName, opts.RepoName)
76 88
 
77 89
 	gitUpdate := exec.Command("git", "update-server-info")
78
-	gitUpdate.Dir = f
79
-	gitUpdate.Run()
90
+	gitUpdate.Dir = repoPath
91
+	if err = gitUpdate.Run(); err != nil {
92
+		return fmt.Errorf("Fail to call 'git update-server-info': %v", err)
93
+	}
80 94
 
81
-	isDel := strings.HasPrefix(newCommitID, "0000000")
82
-	if isDel {
83
-		log.GitLogger.Info("del rev", refName, "from", userName+"/"+repoName+".git", "by", userID)
95
+	if isDelRef {
96
+		log.GitLogger.Info("Reference '%s' has been deleted from '%s/%s' by %d",
97
+			opts.RefName, opts.RepoUserName, opts.RepoName, opts.PusherName)
84 98
 		return nil
85 99
 	}
86 100
 
87
-	gitRepo, err := git.OpenRepository(f)
101
+	gitRepo, err := git.OpenRepository(repoPath)
88 102
 	if err != nil {
89
-		return fmt.Errorf("runUpdate.Open repoId: %v", err)
103
+		return fmt.Errorf("OpenRepository: %v", err)
90 104
 	}
91 105
 
92
-	user, err := GetUserByName(repoUserName)
106
+	repoUser, err := GetUserByName(opts.RepoUserName)
93 107
 	if err != nil {
94
-		return fmt.Errorf("runUpdate.GetUserByName: %v", err)
108
+		return fmt.Errorf("GetUserByName: %v", err)
95 109
 	}
96 110
 
97
-	repo, err := GetRepositoryByName(user.Id, repoName)
111
+	repo, err := GetRepositoryByName(repoUser.Id, opts.RepoName)
98 112
 	if err != nil {
99
-		return fmt.Errorf("runUpdate.GetRepositoryByName userId: %v", err)
113
+		return fmt.Errorf("GetRepositoryByName: %v", err)
100 114
 	}
101 115
 
102 116
 	// Push tags.
103
-	if strings.HasPrefix(refName, "refs/tags/") {
104
-		tagName := git.RefEndName(refName)
105
-		tag, err := gitRepo.GetTag(tagName)
117
+	if strings.HasPrefix(opts.RefName, "refs/tags/") {
118
+		tag, err := gitRepo.GetTag(git.RefEndName(opts.RefName))
106 119
 		if err != nil {
107
-			log.GitLogger.Fatal(4, "runUpdate.GetTag: %v", err)
120
+			return fmt.Errorf("gitRepo.GetTag: %v", err)
108 121
 		}
109 122
 
123
+		// When tagger isn't available, fall back to get committer email.
110 124
 		var actEmail string
111 125
 		if tag.Tagger != nil {
112 126
 			actEmail = tag.Tagger.Email
113 127
 		} else {
114 128
 			cmt, err := tag.Commit()
115 129
 			if err != nil {
116
-				log.GitLogger.Fatal(4, "runUpdate.GetTag Commit: %v", err)
130
+				return fmt.Errorf("tag.Commit: %v", err)
117 131
 			}
118 132
 			actEmail = cmt.Committer.Email
119 133
 		}
120 134
 
121 135
 		commit := &PushCommits{}
122
-
123
-		if err = CommitRepoAction(userID, user.Id, userName, actEmail,
124
-			repo.ID, repoUserName, repoName, refName, commit, oldCommitID, newCommitID); err != nil {
125
-			log.GitLogger.Fatal(4, "CommitRepoAction: %s/%s:%v", repoUserName, repoName, err)
136
+		if err = CommitRepoAction(opts.PusherID, repoUser.Id, opts.PusherName, actEmail,
137
+			repo.ID, opts.RepoUserName, opts.RepoName, opts.RefName, commit, opts.OldCommitID, opts.NewCommitID); err != nil {
138
+			return fmt.Errorf("CommitRepoAction (tag): %v", err)
126 139
 		}
127 140
 		return err
128 141
 	}
129 142
 
130
-	newCommit, err := gitRepo.GetCommit(newCommitID)
143
+	newCommit, err := gitRepo.GetCommit(opts.NewCommitID)
131 144
 	if err != nil {
132
-		return fmt.Errorf("runUpdate GetCommit of newCommitId: %v", err)
145
+		return fmt.Errorf("gitRepo.GetCommit: %v", err)
133 146
 	}
134 147
 
135 148
 	// Push new branch.
136 149
 	var l *list.List
137
-	if isNew {
150
+	if isNewRef {
138 151
 		l, err = newCommit.CommitsBeforeLimit(10)
139 152
 		if err != nil {
140
-			return fmt.Errorf("CommitsBefore: %v", err)
153
+			return fmt.Errorf("newCommit.CommitsBeforeLimit: %v", err)
141 154
 		}
142 155
 	} else {
143
-		l, err = newCommit.CommitsBeforeUntil(oldCommitID)
156
+		l, err = newCommit.CommitsBeforeUntil(opts.OldCommitID)
144 157
 		if err != nil {
145
-			return fmt.Errorf("CommitsBeforeUntil: %v", err)
158
+			return fmt.Errorf("newCommit.CommitsBeforeUntil: %v", err)
146 159
 		}
147 160
 	}
148 161
 
149
-	if err != nil {
150
-		return fmt.Errorf("runUpdate.Commit repoId: %v", err)
151
-	}
152
-
153
-	if err = CommitRepoAction(userID, user.Id, userName, user.Email,
154
-		repo.ID, repoUserName, repoName, refName, ListToPushCommits(l), oldCommitID, newCommitID); err != nil {
155
-		return fmt.Errorf("runUpdate.models.CommitRepoAction: %s/%s:%v", repoUserName, repoName, err)
162
+	if err = CommitRepoAction(opts.PusherID, repoUser.Id, opts.PusherName, repoUser.Email,
163
+		repo.ID, opts.RepoUserName, opts.RepoName, opts.RefName, ListToPushCommits(l),
164
+		opts.OldCommitID, opts.NewCommitID); err != nil {
165
+		return fmt.Errorf("CommitRepoAction (branch): %v", err)
156 166
 	}
157 167
 	return nil
158 168
 }

+ 0 - 2
modules/base/base.go

@@ -16,8 +16,6 @@ type (
16 16
 	TplName string
17 17
 )
18 18
 
19
-var GoGetMetas = make(map[string]bool)
20
-
21 19
 // ExecPath returns the executable path.
22 20
 func ExecPath() (string, error) {
23 21
 	file, err := exec.LookPath(os.Args[0])

+ 9 - 2
routers/repo/http.go

@@ -134,7 +134,6 @@ func HTTP(ctx *middleware.Context) {
134 134
 				ctx.Handle(500, "GetUserByID", err)
135 135
 				return
136 136
 			}
137
-			authUsername = authUser.Name
138 137
 		}
139 138
 
140 139
 		if !isPublicPull {
@@ -202,7 +201,15 @@ func HTTP(ctx *middleware.Context) {
202 201
 					refName := fields[2]
203 202
 
204 203
 					// FIXME: handle error.
205
-					if err = models.Update(refName, oldCommitId, newCommitId, authUsername, username, reponame, authUser.Id); err == nil {
204
+					if err = models.PushUpdate(models.PushUpdateOptions{
205
+						RefName:      refName,
206
+						OldCommitID:  oldCommitId,
207
+						NewCommitID:  newCommitId,
208
+						PusherID:     authUser.Id,
209
+						PusherName:   authUser.Name,
210
+						RepoUserName: username,
211
+						RepoName:     reponame,
212
+					}); err == nil {
206 213
 						go models.HookQueue.Add(repo.ID)
207 214
 						go models.AddTestPullRequestTask(repo.ID, strings.TrimPrefix(refName, "refs/heads/"))
208 215
 					}

+ 1 - 1
templates/.VERSION

@@ -1 +1 @@
1
-0.8.37.0217
1
+0.8.38.0217