We use cookies to ensure you get the best experience on our website
Home Esplora
Accedi
egonr
/
gogs
mirror da https://github.com/gogs/gogs
1
0
Forka 0
File
Ramo (Branch): copilot/replace-macaron-with-flamego
Rami (Branch) Tag
gogs
/
internal
/
route
/
repo
/
tasks.go

tasks.go 2.4 KB
Permalink Cronologia Originale

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475 
  1. package repo
    2. 

  2. 

  3. import (
    4. 

  4. 	"net/http"
    5. 

  5. 

  6. 	"github.com/flamego/flamego"
    7. 

  7. 	log "unknwon.dev/clog/v2"
    8. 

  8. 

  9. 	"gogs.io/gogs/internal/cryptoutil"
    10. 

  10. 	"gogs.io/gogs/internal/database"
    11. 

  11. )
    12. 

  12. 

  13. func TriggerTask(c flamego.Context) {
    14. 

  14. 	branch := c.Query("branch")
    15. 

  15. 	pusherID := c.QueryInt64("pusher")
    16. 

  16. 	secret := c.Query("secret")
    17. 

  17. 	if branch == "" || pusherID <= 0 || secret == "" {
    18. 

  18. 		c.ResponseWriter().WriteHeader(http.StatusBadRequest)
    19. 

  19. 		c.ResponseWriter().Write([]byte("Incomplete branch, pusher or secret"))
    20. 

  20. 		return
    21. 

  21. 	}
    22. 

  22. 

  23. 	username := c.Param("username")
    24. 

  24. 	reponame := c.Param("reponame")
    25. 

  25. 

  26. 	owner, err := database.Handle.Users().GetByUsername(c.Request().Context(), username)
    27. 

  27. 	if err != nil {
    28. 

  28. 		if database.IsErrUserNotExist(err) {
    29. 

  29. 			c.ResponseWriter().WriteHeader(http.StatusBadRequest)
    30. 

  30. 			c.ResponseWriter().Write([]byte("Owner does not exist"))
    31. 

  31. 		} else {
    32. 

  32. 			c.ResponseWriter().WriteHeader(http.StatusInternalServerError)
    33. 

  33. 			log.Error("Failed to get user [name: %s]: %v", username, err)
    34. 

  34. 		}
    35. 

  35. 		return
    36. 

  36. 	}
    37. 

  37. 

  38. 	// 🚨 SECURITY: No need to check existence of the repository if the client
    39. 

  39. 	// can't even get the valid secret. Mostly likely not a legitimate request.
    40. 

  40. 	if secret != cryptoutil.MD5(owner.Salt) {
    41. 

  41. 		c.ResponseWriter().WriteHeader(http.StatusBadRequest)
    42. 

  42. 		c.ResponseWriter().Write([]byte("Invalid secret"))
    43. 

  43. 		return
    44. 

  44. 	}
    45. 

  45. 

  46. 	repo, err := database.Handle.Repositories().GetByName(c.Request().Context(), owner.ID, reponame)
    47. 

  47. 	if err != nil {
    48. 

  48. 		if database.IsErrRepoNotExist(err) {
    49. 

  49. 			c.ResponseWriter().WriteHeader(http.StatusBadRequest)
    50. 

  50. 			c.ResponseWriter().Write([]byte("Repository does not exist"))
    51. 

  51. 		} else {
    52. 

  52. 			c.ResponseWriter().WriteHeader(http.StatusInternalServerError)
    53. 

  53. 			log.Error("Failed to get repository [owner_id: %d, name: %s]: %v", owner.ID, reponame, err)
    54. 

  54. 		}
    55. 

  55. 		return
    56. 

  56. 	}
    57. 

  57. 

  58. 	pusher, err := database.Handle.Users().GetByID(c.Request().Context(), pusherID)
    59. 

  59. 	if err != nil {
    60. 

  60. 		if database.IsErrUserNotExist(err) {
    61. 

  61. 			c.ResponseWriter().WriteHeader(http.StatusBadRequest)
    62. 

  62. 			c.ResponseWriter().Write([]byte("Pusher does not exist"))
    63. 

  63. 		} else {
    64. 

  64. 			c.ResponseWriter().WriteHeader(http.StatusInternalServerError)
    65. 

  65. 			log.Error("Failed to get user [id: %d]: %v", pusherID, err)
    66. 

  66. 		}
    67. 

  67. 		return
    68. 

  68. 	}
    69. 

  69. 

  70. 	log.Trace("TriggerTask: %s/%s@%s by %q", owner.Name, repo.Name, branch, pusher.Name)
    71. 

  71. 

  72. 	go database.HookQueue.Add(repo.ID)
    73. 

  73. 	go database.AddTestPullRequestTask(pusher, repo.ID, branch, true)
    74. 

  74. 	c.ResponseWriter().WriteHeader(http.StatusAccepted)
    75. 

  75. }
    76.