github/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-08-22 18:56:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

revert formatting changes

Browse Source
This commit is contained in:
Denys Konovalov 2024-01-21 15:29:23 +01:00
parent 34566ea494
commit 897c67b555
No known key found for this signature in database
GPG Key ID: 0037E1B0E33BD2C9
1 changed files with 58 additions and 302 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

360
routers/api/v1/api.go
View File

@ -234,11 +234,7 @@ func repoAssignment() func(ctx *context.APIContext) {
func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.APIContext) { func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
if ctx.Package.AccessMode < accessMode && !ctx.IsUserSiteAdmin() { if ctx.Package.AccessMode < accessMode && !ctx.IsUserSiteAdmin() {
ctx.Error( ctx.Error(http.StatusForbidden, "reqPackageAccess", "user should have specific permission or be a site admin")
http.StatusForbidden,
"reqPackageAccess",
"user should have specific permission or be a site admin",
)
return return
} }
} }
@ -246,9 +242,7 @@ func reqPackageAccess(accessMode perm.AccessMode) func(ctx *context.APIContext)
// if a token is being used for auth, we check that it contains the required scope // if a token is being used for auth, we check that it contains the required scope
// if a token is not being used, reqToken will enforce other sign in methods // if a token is not being used, reqToken will enforce other sign in methods
func tokenRequiresScopes( func tokenRequiresScopes(requiredScopeCategories ...auth_model.AccessTokenScopeCategory) func(ctx *context.APIContext) {
requiredScopeCategories ...auth_model.AccessTokenScopeCategory,
) func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
// no scope required // no scope required
if len(requiredScopeCategories) == 0 { if len(requiredScopeCategories) == 0 {
@ -266,46 +260,27 @@ func tokenRequiresScopes(
// use the http method to determine the access level // use the http method to determine the access level
requiredScopeLevel := auth_model.Read requiredScopeLevel := auth_model.Read
if ctx.Req.Method == "POST" || ctx.Req.Method == "PUT" || ctx.Req.Method == "PATCH" || if ctx.Req.Method == "POST" || ctx.Req.Method == "PUT" || ctx.Req.Method == "PATCH" || ctx.Req.Method == "DELETE" {
ctx.Req.Method == "DELETE" {
requiredScopeLevel = auth_model.Write requiredScopeLevel = auth_model.Write
} }
// get the required scope for the given access level and category // get the required scope for the given access level and category
requiredScopes := auth_model.GetRequiredScopes( requiredScopes := auth_model.GetRequiredScopes(requiredScopeLevel, requiredScopeCategories...)
requiredScopeLevel,
requiredScopeCategories...)
// check if scope only applies to public resources // check if scope only applies to public resources
publicOnly, err := scope.PublicOnly() publicOnly, err := scope.PublicOnly()
if err != nil { if err != nil {
ctx.Error( ctx.Error(http.StatusForbidden, "tokenRequiresScope", "parsing public resource scope failed: "+err.Error())
http.StatusForbidden,
"tokenRequiresScope",
"parsing public resource scope failed: "+err.Error(),
)
return return
} }
// this context is used by the middleware in the specific route // this context is used by the middleware in the specific route
ctx.Data["ApiTokenScopePublicRepoOnly"] = publicOnly && ctx.Data["ApiTokenScopePublicRepoOnly"] = publicOnly && auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryRepository)
auth_model.ContainsCategory( ctx.Data["ApiTokenScopePublicOrgOnly"] = publicOnly && auth_model.ContainsCategory(requiredScopeCategories, auth_model.AccessTokenScopeCategoryOrganization)
requiredScopeCategories,
auth_model.AccessTokenScopeCategoryRepository,
)
ctx.Data["ApiTokenScopePublicOrgOnly"] = publicOnly &&
auth_model.ContainsCategory(
requiredScopeCategories,
auth_model.AccessTokenScopeCategoryOrganization,
)
allow, err := scope.HasScope(requiredScopes...) allow, err := scope.HasScope(requiredScopes...)
if err != nil { if err != nil {
ctx.Error( ctx.Error(http.StatusForbidden, "tokenRequiresScope", "checking scope failed: "+err.Error())
http.StatusForbidden,
"tokenRequiresScope",
"checking scope failed: "+err.Error(),
)
return return
} }
@ -313,14 +288,7 @@ func tokenRequiresScopes(
return return
} }
ctx.Error( ctx.Error(http.StatusForbidden, "tokenRequiresScope", fmt.Sprintf("token does not have at least one of required scope(s): %v", requiredScopes))
http.StatusForbidden,
"tokenRequiresScope",
fmt.Sprintf(
"token does not have at least one of required scope(s): %v",
requiredScopes,
),
)
} }
} }
@ -338,11 +306,7 @@ func reqToken() func(ctx *context.APIContext) {
if pubRepoExists && publicRepo.(bool) && if pubRepoExists && publicRepo.(bool) &&
ctx.Repo.Repository != nil && ctx.Repo.Repository.IsPrivate { ctx.Repo.Repository != nil && ctx.Repo.Repository.IsPrivate {
ctx.Error( ctx.Error(http.StatusForbidden, "reqToken", "token scope is limited to public repos")
http.StatusForbidden,
"reqToken",
"token scope is limited to public repos",
)
return return
} }
@ -365,19 +329,14 @@ func reqToken() func(ctx *context.APIContext) {
func reqExploreSignIn() func(ctx *context.APIContext) { func reqExploreSignIn() func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
if setting.Service.Explore.RequireSigninView && !ctx.IsSigned { if setting.Service.Explore.RequireSigninView && !ctx.IsSigned {
ctx.Error( ctx.Error(http.StatusUnauthorized, "reqExploreSignIn", "you must be signed in to search for users")
http.StatusUnauthorized,
"reqExploreSignIn",
"you must be signed in to search for users",
)
} }
} }
} }
func reqBasicOrRevProxyAuth() func(ctx *context.APIContext) { func reqBasicOrRevProxyAuth() func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
if ctx.IsSigned && setting.Service.EnableReverseProxyAuthAPI && if ctx.IsSigned && setting.Service.EnableReverseProxyAuthAPI && ctx.Data["AuthedMethod"].(string) == auth.ReverseProxyMethodName {
ctx.Data["AuthedMethod"].(string) == auth.ReverseProxyMethodName {
return return
} }
if !ctx.IsBasicAuth { if !ctx.IsBasicAuth {
@ -411,11 +370,7 @@ func reqOwner() func(ctx *context.APIContext) {
func reqSelfOrAdmin() func(ctx *context.APIContext) { func reqSelfOrAdmin() func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
if !ctx.IsUserSiteAdmin() && ctx.ContextUser != ctx.Doer { if !ctx.IsUserSiteAdmin() && ctx.ContextUser != ctx.Doer {
ctx.Error( ctx.Error(http.StatusForbidden, "reqSelfOrAdmin", "doer should be the site admin or be same as the contextUser")
http.StatusForbidden,
"reqSelfOrAdmin",
"doer should be the site admin or be same as the contextUser",
)
return return
} }
} }
@ -425,11 +380,7 @@ func reqSelfOrAdmin() func(ctx *context.APIContext) {
func reqAdmin() func(ctx *context.APIContext) { func reqAdmin() func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
if !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() { if !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() {
ctx.Error( ctx.Error(http.StatusForbidden, "reqAdmin", "user should be an owner or a collaborator with admin write of a repository")
http.StatusForbidden,
"reqAdmin",
"user should be an owner or a collaborator with admin write of a repository",
)
return return
} }
} }
@ -439,11 +390,7 @@ func reqAdmin() func(ctx *context.APIContext) {
func reqRepoWriter(unitTypes ...unit.Type) func(ctx *context.APIContext) { func reqRepoWriter(unitTypes ...unit.Type) func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
if !ctx.IsUserRepoWriter(unitTypes) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() { if !ctx.IsUserRepoWriter(unitTypes) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() {
ctx.Error( ctx.Error(http.StatusForbidden, "reqRepoWriter", "user should have a permission to write to a repo")
http.StatusForbidden,
"reqRepoWriter",
"user should have a permission to write to a repo",
)
return return
} }
} }
@ -452,13 +399,8 @@ func reqRepoWriter(unitTypes ...unit.Type) func(ctx *context.APIContext) {
// reqRepoBranchWriter user should have a permission to write to a branch, or be a site admin // reqRepoBranchWriter user should have a permission to write to a branch, or be a site admin
func reqRepoBranchWriter(ctx *context.APIContext) { func reqRepoBranchWriter(ctx *context.APIContext) {
options, ok := web.GetForm(ctx).(api.FileOptionInterface) options, ok := web.GetForm(ctx).(api.FileOptionInterface)
if !ok || if !ok || (!ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, options.Branch()) && !ctx.IsUserSiteAdmin()) {
(!ctx.Repo.CanWriteToBranch(ctx, ctx.Doer, options.Branch()) && !ctx.IsUserSiteAdmin()) { ctx.Error(http.StatusForbidden, "reqRepoBranchWriter", "user should have a permission to write to this branch")
ctx.Error(
http.StatusForbidden,
"reqRepoBranchWriter",
"user should have a permission to write to this branch",
)
return return
} }
} }
@ -467,11 +409,7 @@ func reqRepoBranchWriter(ctx *context.APIContext) {
func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) { func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
if !ctx.Repo.CanRead(unitType) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() { if !ctx.Repo.CanRead(unitType) && !ctx.IsUserRepoAdmin() && !ctx.IsUserSiteAdmin() {
ctx.Error( ctx.Error(http.StatusForbidden, "reqRepoReader", "user should have specific read permission or be a repo admin or a site admin")
http.StatusForbidden,
"reqRepoReader",
"user should have specific read permission or be a repo admin or a site admin",
)
return return
} }
} }
@ -481,11 +419,7 @@ func reqRepoReader(unitType unit.Type) func(ctx *context.APIContext) {
func reqAnyRepoReader() func(ctx *context.APIContext) { func reqAnyRepoReader() func(ctx *context.APIContext) {
return func(ctx *context.APIContext) { return func(ctx *context.APIContext) {
if !ctx.Repo.HasAccess() && !ctx.IsUserSiteAdmin() { if !ctx.Repo.HasAccess() && !ctx.IsUserSiteAdmin() {
ctx.Error( ctx.Error(http.StatusForbidden, "reqAnyRepoReader", "user should have any permission to read repository or permissions of site admin")
http.StatusForbidden,
"reqAnyRepoReader",
"user should have any permission to read repository or permissions of site admin",
)
return return
} }
} }
@ -740,11 +674,7 @@ func mustEnableWiki(ctx *context.APIContext) {
func mustNotBeArchived(ctx *context.APIContext) { func mustNotBeArchived(ctx *context.APIContext) {
if ctx.Repo.Repository.IsArchived { if ctx.Repo.Repository.IsArchived {
ctx.Error( ctx.Error(http.StatusLocked, "RepoArchived", fmt.Errorf("%s is archived", ctx.Repo.Repository.LogString()))
http.StatusLocked,
"RepoArchived",
fmt.Errorf("%s is archived", ctx.Repo.Repository.LogString()),
)
return return
} }
} }
@ -762,11 +692,7 @@ func bind[T any](_ T) any {
theObj := new(T) // create a new form obj for every request but not use obj directly theObj := new(T) // create a new form obj for every request but not use obj directly
errs := binding.Bind(ctx.Req, theObj) errs := binding.Bind(ctx.Req, theObj)
if len(errs) > 0 { if len(errs) > 0 {
ctx.Error( ctx.Error(http.StatusUnprocessableEntity, "validationError", fmt.Sprintf("%s: %s", errs[0].FieldNames, errs[0].Error()))
http.StatusUnprocessableEntity,
"validationError",
fmt.Sprintf("%s: %s", errs[0].FieldNames, errs[0].Error()),
)
return return
} }
web.SetForm(ctx, theObj) web.SetForm(ctx, theObj)
@ -816,11 +742,7 @@ func verifyAuthWithOptions(options *common.VerifyOptions) func(ctx *context.APIC
return return
} }
if !ctx.Doer.IsActive || ctx.Doer.ProhibitLogin { if !ctx.Doer.IsActive || ctx.Doer.ProhibitLogin {
log.Info( log.Info("Failed authentication attempt for %s from %s", ctx.Doer.Name, ctx.RemoteAddr())
"Failed authentication attempt for %s from %s",
ctx.Doer.Name,
ctx.RemoteAddr(),
)
ctx.Data["Title"] = ctx.Tr("auth.prohibit_login") ctx.Data["Title"] = ctx.Tr("auth.prohibit_login")
ctx.JSON(http.StatusForbidden, map[string]string{ ctx.JSON(http.StatusForbidden, map[string]string{
"message": "This account is prohibited from signing in, please contact your site administrator.", "message": "This account is prohibited from signing in, please contact your site administrator.",
@ -904,10 +826,8 @@ func Routes() *web.Route {
AllowedOrigins: setting.CORSConfig.AllowDomain, AllowedOrigins: setting.CORSConfig.AllowDomain,
AllowedMethods: setting.CORSConfig.Methods, AllowedMethods: setting.CORSConfig.Methods,
AllowCredentials: setting.CORSConfig.AllowCredentials, AllowCredentials: setting.CORSConfig.AllowCredentials,
AllowedHeaders: append( AllowedHeaders: append([]string{"Authorization", "X-Gitea-OTP"}, setting.CORSConfig.Headers...),
[]string{"Authorization", "X-Gitea-OTP"}, MaxAge: int(setting.CORSConfig.MaxAge.Seconds()),
setting.CORSConfig.Headers...),
MaxAge: int(setting.CORSConfig.MaxAge.Seconds()),
})) }))
} }
m.Use(context.APIContexter()) m.Use(context.APIContexter())
@ -988,12 +908,7 @@ func Routes() *web.Route {
m.Get("/heatmap", user.GetUserHeatmapData) m.Get("/heatmap", user.GetUserHeatmapData)
} }
m.Get( m.Get("/repos", tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository), reqExploreSignIn(), user.ListUserRepos)
"/repos",
tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository),
reqExploreSignIn(),
user.ListUserRepos,
)
m.Group("/tokens", func() { m.Group("/tokens", func() {
m.Combo("").Get(user.ListAccessTokens). m.Combo("").Get(user.ListAccessTokens).
Post(bind(api.CreateAccessTokenOption{}), reqToken(), user.CreateAccessToken) Post(bind(api.CreateAccessTokenOption{}), reqToken(), user.CreateAccessToken)
@ -1087,8 +1002,7 @@ func Routes() *web.Route {
m.Post("/gpg_key_verify", bind(api.VerifyGPGKeyOption{}), user.VerifyUserGPGKey) m.Post("/gpg_key_verify", bind(api.VerifyGPGKeyOption{}), user.VerifyUserGPGKey)
// (repo scope) // (repo scope)
m.Combo("/repos", tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)). m.Combo("/repos", tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)).Get(user.ListMyRepos).
Get(user.ListMyRepos).
Post(bind(api.CreateRepoOption{}), repo.Create) Post(bind(api.CreateRepoOption{}), repo.Create)
// (repo scope) // (repo scope)
@ -1123,20 +1037,13 @@ func Routes() *web.Route {
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser), reqToken()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser), reqToken())
// Repositories (requires repo scope, org scope) // Repositories (requires repo scope, org scope)
m.Post( m.Post("/org/{org}/repos", tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization, auth_model.AccessTokenScopeCategoryRepository),
"/org/{org}/repos",
tokenRequiresScopes(
auth_model.AccessTokenScopeCategoryOrganization,
auth_model.AccessTokenScopeCategoryRepository,
),
reqToken(), reqToken(),
bind(api.CreateRepoOption{}), bind(api.CreateRepoOption{}),
repo.CreateOrgRepoDeprecated, repo.CreateOrgRepoDeprecated)
)
// requires repo scope // requires repo scope
m.Combo("/repositories/{id}", reqToken(), tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)). m.Combo("/repositories/{id}", reqToken(), tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)).Get(repo.GetByID)
Get(repo.GetByID)
// Repos (requires repo scope) // Repos (requires repo scope)
m.Group("/repos", func() { m.Group("/repos", func() {
@ -1149,13 +1056,7 @@ func Routes() *web.Route {
m.Combo("").Get(reqAnyRepoReader(), repo.Get). m.Combo("").Get(reqAnyRepoReader(), repo.Get).
Delete(reqToken(), reqOwner(), repo.Delete). Delete(reqToken(), reqOwner(), repo.Delete).
Patch(reqToken(), reqAdmin(), bind(api.EditRepoOption{}), repo.Edit) Patch(reqToken(), reqAdmin(), bind(api.EditRepoOption{}), repo.Edit)
m.Post( m.Post("/generate", reqToken(), reqRepoReader(unit.TypeCode), bind(api.GenerateRepoOption{}), repo.Generate)
"/generate",
reqToken(),
reqRepoReader(unit.TypeCode),
bind(api.GenerateRepoOption{}),
repo.Generate,
)
m.Group("/transfer", func() { m.Group("/transfer", func() {
m.Post("", reqOwner(), bind(api.TransferRepoOption{}), repo.Transfer) m.Post("", reqOwner(), bind(api.TransferRepoOption{}), repo.Transfer)
m.Post("/accept", repo.AcceptTransfer) m.Post("/accept", repo.AcceptTransfer)
@ -1187,12 +1088,7 @@ func Routes() *web.Route {
m.Combo("").Get(repo.GetHook). m.Combo("").Get(repo.GetHook).
Patch(bind(api.EditHookOption{}), repo.EditHook). Patch(bind(api.EditHookOption{}), repo.EditHook).
Delete(repo.DeleteHook) Delete(repo.DeleteHook)
m.Post( m.Post("/tests", context.ReferencesGitRepo(), context.RepoRefForAPI, repo.TestHook)
"/tests",
context.ReferencesGitRepo(),
context.RepoRefForAPI,
repo.TestHook,
)
}) })
}, reqToken(), reqAdmin(), reqWebhooksEnabled()) }, reqToken(), reqAdmin(), reqWebhooksEnabled())
m.Group("/collaborators", func() { m.Group("/collaborators", func() {
@ -1212,79 +1108,31 @@ func Routes() *web.Route {
Put(reqAdmin(), repo.AddTeam). Put(reqAdmin(), repo.AddTeam).
Delete(reqAdmin(), repo.DeleteTeam) Delete(reqAdmin(), repo.DeleteTeam)
}, reqToken()) }, reqToken())
m.Get( m.Get("/raw/*", context.ReferencesGitRepo(), context.RepoRefForAPI, reqRepoReader(unit.TypeCode), repo.GetRawFile)
"/raw/*", m.Get("/media/*", context.ReferencesGitRepo(), context.RepoRefForAPI, reqRepoReader(unit.TypeCode), repo.GetRawFileOrLFS)
context.ReferencesGitRepo(),
context.RepoRefForAPI,
reqRepoReader(unit.TypeCode),
repo.GetRawFile,
)
m.Get(
"/media/*",
context.ReferencesGitRepo(),
context.RepoRefForAPI,
reqRepoReader(unit.TypeCode),
repo.GetRawFileOrLFS,
)
m.Get("/archive/*", reqRepoReader(unit.TypeCode), repo.GetArchive) m.Get("/archive/*", reqRepoReader(unit.TypeCode), repo.GetArchive)
m.Combo("/forks").Get(repo.ListForks). m.Combo("/forks").Get(repo.ListForks).
Post(reqToken(), reqRepoReader(unit.TypeCode), bind(api.CreateForkOption{}), repo.CreateFork) Post(reqToken(), reqRepoReader(unit.TypeCode), bind(api.CreateForkOption{}), repo.CreateFork)
m.Group("/branches", func() { m.Group("/branches", func() {
m.Get("", repo.ListBranches) m.Get("", repo.ListBranches)
m.Get("/*", repo.GetBranch) m.Get("/*", repo.GetBranch)
m.Delete( m.Delete("/*", reqToken(), reqRepoWriter(unit.TypeCode), mustNotBeArchived, repo.DeleteBranch)
"/*", m.Post("", reqToken(), reqRepoWriter(unit.TypeCode), mustNotBeArchived, bind(api.CreateBranchRepoOption{}), repo.CreateBranch)
reqToken(),
reqRepoWriter(unit.TypeCode),
mustNotBeArchived,
repo.DeleteBranch,
)
m.Post(
"",
reqToken(),
reqRepoWriter(unit.TypeCode),
mustNotBeArchived,
bind(api.CreateBranchRepoOption{}),
repo.CreateBranch,
)
}, context.ReferencesGitRepo(), reqRepoReader(unit.TypeCode)) }, context.ReferencesGitRepo(), reqRepoReader(unit.TypeCode))
m.Group("/branch_protections", func() { m.Group("/branch_protections", func() {
m.Get("", repo.ListBranchProtections) m.Get("", repo.ListBranchProtections)
m.Post( m.Post("", bind(api.CreateBranchProtectionOption{}), mustNotBeArchived, repo.CreateBranchProtection)
"",
bind(api.CreateBranchProtectionOption{}),
mustNotBeArchived,
repo.CreateBranchProtection,
)
m.Group("/{name}", func() { m.Group("/{name}", func() {
m.Get("", repo.GetBranchProtection) m.Get("", repo.GetBranchProtection)
m.Patch( m.Patch("", bind(api.EditBranchProtectionOption{}), mustNotBeArchived, repo.EditBranchProtection)
"",
bind(api.EditBranchProtectionOption{}),
mustNotBeArchived,
repo.EditBranchProtection,
)
m.Delete("", repo.DeleteBranchProtection) m.Delete("", repo.DeleteBranchProtection)
}) })
}, reqToken(), reqAdmin()) }, reqToken(), reqAdmin())
m.Group("/tags", func() { m.Group("/tags", func() {
m.Get("", repo.ListTags) m.Get("", repo.ListTags)
m.Get("/*", repo.GetTag) m.Get("/*", repo.GetTag)
m.Post( m.Post("", reqToken(), reqRepoWriter(unit.TypeCode), mustNotBeArchived, bind(api.CreateTagOption{}), repo.CreateTag)
"", m.Delete("/*", reqToken(), reqRepoWriter(unit.TypeCode), mustNotBeArchived, repo.DeleteTag)
reqToken(),
reqRepoWriter(unit.TypeCode),
mustNotBeArchived,
bind(api.CreateTagOption{}),
repo.CreateTag,
)
m.Delete(
"/*",
reqToken(),
reqRepoWriter(unit.TypeCode),
mustNotBeArchived,
repo.DeleteTag,
)
}, reqRepoReader(unit.TypeCode), context.ReferencesGitRepo(true)) }, reqRepoReader(unit.TypeCode), context.ReferencesGitRepo(true))
m.Group("/keys", func() { m.Group("/keys", func() {
m.Combo("").Get(repo.ListDeployKeys). m.Combo("").Get(repo.ListDeployKeys).
@ -1302,14 +1150,7 @@ func Routes() *web.Route {
Patch(mustNotBeArchived, reqToken(), reqRepoWriter(unit.TypeWiki), bind(api.CreateWikiPageOptions{}), repo.EditWikiPage). Patch(mustNotBeArchived, reqToken(), reqRepoWriter(unit.TypeWiki), bind(api.CreateWikiPageOptions{}), repo.EditWikiPage).
Delete(mustNotBeArchived, reqToken(), reqRepoWriter(unit.TypeWiki), repo.DeleteWikiPage) Delete(mustNotBeArchived, reqToken(), reqRepoWriter(unit.TypeWiki), repo.DeleteWikiPage)
m.Get("/revisions/{pageName}", repo.ListPageRevisions) m.Get("/revisions/{pageName}", repo.ListPageRevisions)
m.Post( m.Post("/new", reqToken(), mustNotBeArchived, reqRepoWriter(unit.TypeWiki), bind(api.CreateWikiPageOptions{}), repo.NewWikiPage)
"/new",
reqToken(),
mustNotBeArchived,
reqRepoWriter(unit.TypeWiki),
bind(api.CreateWikiPageOptions{}),
repo.NewWikiPage,
)
m.Get("/pages", repo.ListWikiPages) m.Get("/pages", repo.ListWikiPages)
}, mustEnableWiki) }, mustEnableWiki)
m.Post("/markup", reqToken(), bind(api.MarkupOption{}), misc.Markup) m.Post("/markup", reqToken(), bind(api.MarkupOption{}), misc.Markup)
@ -1354,13 +1195,7 @@ func Routes() *web.Route {
Get(repo.GetPushMirrorByName) Get(repo.GetPushMirrorByName)
}, reqAdmin(), reqToken()) }, reqAdmin(), reqToken())
m.Get( m.Get("/editorconfig/{filename}", context.ReferencesGitRepo(), context.RepoRefForAPI, reqRepoReader(unit.TypeCode), repo.GetEditorconfig)
"/editorconfig/{filename}",
context.ReferencesGitRepo(),
context.RepoRefForAPI,
reqRepoReader(unit.TypeCode),
repo.GetEditorconfig,
)
m.Group("/pulls", func() { m.Group("/pulls", func() {
m.Combo("").Get(repo.ListPullRequests). m.Combo("").Get(repo.ListPullRequests).
Post(reqToken(), mustNotBeArchived, bind(api.CreatePullRequestOption{}), repo.CreatePullRequest) Post(reqToken(), mustNotBeArchived, bind(api.CreatePullRequestOption{}), repo.CreatePullRequest)
@ -1386,12 +1221,7 @@ func Routes() *web.Route {
Post(reqToken(), bind(api.SubmitPullReviewOptions{}), repo.SubmitPullReview) Post(reqToken(), bind(api.SubmitPullReviewOptions{}), repo.SubmitPullReview)
m.Combo("/comments"). m.Combo("/comments").
Get(repo.GetPullReviewComments) Get(repo.GetPullReviewComments)
m.Post( m.Post("/dismissals", reqToken(), bind(api.DismissPullReviewOptions{}), repo.DismissPullReview)
"/dismissals",
reqToken(),
bind(api.DismissPullReviewOptions{}),
repo.DismissPullReview,
)
m.Post("/undismissals", reqToken(), repo.UnDismissPullReview) m.Post("/undismissals", reqToken(), repo.UnDismissPullReview)
}) })
}) })
@ -1423,47 +1253,15 @@ func Routes() *web.Route {
m.Get("/tags/{sha}", repo.GetAnnotatedTag) m.Get("/tags/{sha}", repo.GetAnnotatedTag)
m.Get("/notes/{sha}", repo.GetNote) m.Get("/notes/{sha}", repo.GetNote)
}, context.ReferencesGitRepo(true), reqRepoReader(unit.TypeCode)) }, context.ReferencesGitRepo(true), reqRepoReader(unit.TypeCode))
m.Post( m.Post("/diffpatch", reqRepoWriter(unit.TypeCode), reqToken(), bind(api.ApplyDiffPatchFileOptions{}), mustNotBeArchived, repo.ApplyDiffPatch)
"/diffpatch",
reqRepoWriter(unit.TypeCode),
reqToken(),
bind(api.ApplyDiffPatchFileOptions{}),
mustNotBeArchived,
repo.ApplyDiffPatch,
)
m.Group("/contents", func() { m.Group("/contents", func() {
m.Get("", repo.GetContentsList) m.Get("", repo.GetContentsList)
m.Post( m.Post("", reqToken(), bind(api.ChangeFilesOptions{}), reqRepoBranchWriter, mustNotBeArchived, repo.ChangeFiles)
"",
reqToken(),
bind(api.ChangeFilesOptions{}),
reqRepoBranchWriter,
mustNotBeArchived,
repo.ChangeFiles,
)
m.Get("/*", repo.GetContents) m.Get("/*", repo.GetContents)
m.Group("/*", func() { m.Group("/*", func() {
m.Post( m.Post("", bind(api.CreateFileOptions{}), reqRepoBranchWriter, mustNotBeArchived, repo.CreateFile)
"", m.Put("", bind(api.UpdateFileOptions{}), reqRepoBranchWriter, mustNotBeArchived, repo.UpdateFile)
bind(api.CreateFileOptions{}), m.Delete("", bind(api.DeleteFileOptions{}), reqRepoBranchWriter, mustNotBeArchived, repo.DeleteFile)
reqRepoBranchWriter,
mustNotBeArchived,
repo.CreateFile,
)
m.Put(
"",
bind(api.UpdateFileOptions{}),
reqRepoBranchWriter,
mustNotBeArchived,
repo.UpdateFile,
)
m.Delete(
"",
bind(api.DeleteFileOptions{}),
reqRepoBranchWriter,
mustNotBeArchived,
repo.DeleteFile,
)
}, reqToken()) }, reqToken())
}, reqRepoReader(unit.TypeCode)) }, reqRepoReader(unit.TypeCode))
m.Get("/signing-key.gpg", misc.SigningKey) m.Get("/signing-key.gpg", misc.SigningKey)
@ -1477,11 +1275,7 @@ func Routes() *web.Route {
}, reqAnyRepoReader()) }, reqAnyRepoReader())
m.Get("/issue_templates", context.ReferencesGitRepo(), repo.GetIssueTemplates) m.Get("/issue_templates", context.ReferencesGitRepo(), repo.GetIssueTemplates)
m.Get("/issue_config", context.ReferencesGitRepo(), repo.GetIssueConfig) m.Get("/issue_config", context.ReferencesGitRepo(), repo.GetIssueConfig)
m.Get( m.Get("/issue_config/validate", context.ReferencesGitRepo(), repo.ValidateIssueConfig)
"/issue_config/validate",
context.ReferencesGitRepo(),
repo.ValidateIssueConfig,
)
m.Get("/languages", reqRepoReader(unit.TypeCode), repo.GetLanguages) m.Get("/languages", reqRepoReader(unit.TypeCode), repo.GetLanguages)
m.Get("/activities/feeds", repo.ListRepoActivityFeeds) m.Get("/activities/feeds", repo.ListRepoActivityFeeds)
m.Get("/new_pin_allowed", repo.AreNewIssuePinsAllowed) m.Get("/new_pin_allowed", repo.AreNewIssuePinsAllowed)
@ -1539,8 +1333,7 @@ func Routes() *web.Route {
m.Group("/comments", func() { m.Group("/comments", func() {
m.Combo("").Get(repo.ListIssueComments). m.Combo("").Get(repo.ListIssueComments).
Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueCommentOption{}), repo.CreateIssueComment) Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueCommentOption{}), repo.CreateIssueComment)
m.Combo("/{id}", reqToken()). m.Combo("/{id}", reqToken()).Patch(bind(api.EditIssueCommentOption{}), repo.EditIssueCommentDeprecated).
Patch(bind(api.EditIssueCommentOption{}), repo.EditIssueCommentDeprecated).
Delete(repo.DeleteIssueCommentDeprecated) Delete(repo.DeleteIssueCommentDeprecated)
}) })
m.Get("/timeline", repo.ListIssueCommentsAndTimeline) m.Get("/timeline", repo.ListIssueCommentsAndTimeline)
@ -1558,8 +1351,7 @@ func Routes() *web.Route {
Delete(repo.ResetIssueTime) Delete(repo.ResetIssueTime)
m.Delete("/{id}", repo.DeleteTime) m.Delete("/{id}", repo.DeleteTime)
}, reqToken()) }, reqToken())
m.Combo("/deadline"). m.Combo("/deadline").Post(reqToken(), bind(api.EditDeadlineOption{}), repo.UpdateIssueDeadline)
Post(reqToken(), bind(api.EditDeadlineOption{}), repo.UpdateIssueDeadline)
m.Group("/stopwatch", func() { m.Group("/stopwatch", func() {
m.Post("/start", repo.StartIssueStopwatch) m.Post("/start", repo.StartIssueStopwatch)
m.Post("/stop", repo.StopIssueStopwatch) m.Post("/stop", repo.StopIssueStopwatch)
@ -1615,9 +1407,7 @@ func Routes() *web.Route {
Delete(reqToken(), reqRepoWriter(unit.TypeIssues, unit.TypePullRequests), repo.DeleteMilestone) Delete(reqToken(), reqRepoWriter(unit.TypeIssues, unit.TypePullRequests), repo.DeleteMilestone)
}) })
m.Group("/projects", func() { m.Group("/projects", func() {
m. m.Combo("").Get(projects.ListRepoProjects).
Combo("").
Get(projects.ListRepoProjects).
Post(bind(api.NewProjectPayload{}), projects.CreateRepoProject) Post(bind(api.NewProjectPayload{}), projects.CreateRepoProject)
}, mustEnableIssues) }, mustEnableIssues)
}, repoAssignment()) }, repoAssignment())
@ -1627,43 +1417,20 @@ func Routes() *web.Route {
m.Group("/packages/{username}", func() { m.Group("/packages/{username}", func() {
m.Group("/{type}/{name}/{version}", func() { m.Group("/{type}/{name}/{version}", func() {
m.Get("", reqToken(), packages.GetPackage) m.Get("", reqToken(), packages.GetPackage)
m.Delete( m.Delete("", reqToken(), reqPackageAccess(perm.AccessModeWrite), packages.DeletePackage)
"",
reqToken(),
reqPackageAccess(perm.AccessModeWrite),
packages.DeletePackage,
)
m.Get("/files", reqToken(), packages.ListPackageFiles) m.Get("/files", reqToken(), packages.ListPackageFiles)
}) })
m.Get("/", reqToken(), packages.ListPackages) m.Get("/", reqToken(), packages.ListPackages)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryPackage), context_service.UserAssignmentAPI(), context.PackageAssignmentAPI(), reqPackageAccess(perm.AccessModeRead)) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryPackage), context_service.UserAssignmentAPI(), context.PackageAssignmentAPI(), reqPackageAccess(perm.AccessModeRead))
// Organizations // Organizations
m.Get( m.Get("/user/orgs", reqToken(), tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser, auth_model.AccessTokenScopeCategoryOrganization), org.ListMyOrgs)
"/user/orgs",
reqToken(),
tokenRequiresScopes(
auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization,
),
org.ListMyOrgs,
)
m.Group("/users/{username}/orgs", func() { m.Group("/users/{username}/orgs", func() {
m.Get("", reqToken(), org.ListUserOrgs) m.Get("", reqToken(), org.ListUserOrgs)
m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions) m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser, auth_model.AccessTokenScopeCategoryOrganization), context_service.UserAssignmentAPI()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser, auth_model.AccessTokenScopeCategoryOrganization), context_service.UserAssignmentAPI())
m.Post( m.Post("/orgs", tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization), reqToken(), bind(api.CreateOrgOption{}), org.Create)
"/orgs", m.Get("/orgs", org.GetAll, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization))
tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization),
reqToken(),
bind(api.CreateOrgOption{}),
org.Create,
)
m.Get(
"/orgs",
org.GetAll,
tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization),
)
m.Group("/orgs/{org}", func() { m.Group("/orgs/{org}", func() {
m.Combo("").Get(org.Get). m.Combo("").Get(org.Get).
Patch(reqToken(), reqOrgOwnership(), bind(api.EditOrgOption{}), org.Edit). Patch(reqToken(), reqOrgOwnership(), bind(api.EditOrgOption{}), org.Edit).
@ -1700,13 +1467,7 @@ func Routes() *web.Route {
}, reqToken(), reqOrgMembership()) }, reqToken(), reqOrgMembership())
m.Group("/labels", func() { m.Group("/labels", func() {
m.Get("", org.ListLabels) m.Get("", org.ListLabels)
m.Post( m.Post("", reqToken(), reqOrgOwnership(), bind(api.CreateLabelOption{}), org.CreateLabel)
"",
reqToken(),
reqOrgOwnership(),
bind(api.CreateLabelOption{}),
org.CreateLabel,
)
m.Combo("/{id}").Get(reqToken(), org.GetLabel). m.Combo("/{id}").Get(reqToken(), org.GetLabel).
Patch(reqToken(), reqOrgOwnership(), bind(api.EditLabelOption{}), org.EditLabel). Patch(reqToken(), reqOrgOwnership(), bind(api.EditLabelOption{}), org.EditLabel).
Delete(reqToken(), reqOrgOwnership(), org.DeleteLabel) Delete(reqToken(), reqOrgOwnership(), org.DeleteLabel)
@ -1723,10 +1484,8 @@ func Routes() *web.Route {
m.Delete("", org.DeleteAvatar) m.Delete("", org.DeleteAvatar)
}, reqToken(), reqOrgOwnership()) }, reqToken(), reqOrgOwnership())
m.Get("/activities/feeds", org.ListOrgActivityFeeds) m.Get("/activities/feeds", org.ListOrgActivityFeeds)
m.Group("/projects", func() { m.Group("/projects", func() {
m.Combo(""). m.Combo("").Get(projects.ListOrgProjects).
Get(projects.ListOrgProjects).
Post(bind(api.NewProjectPayload{}), projects.CreateOrgProject) Post(bind(api.NewProjectPayload{}), projects.CreateOrgProject)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryIssue), reqToken(), reqOrgMembership()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryIssue), reqToken(), reqOrgMembership())
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization), orgAssignment(true)) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryOrganization), orgAssignment(true))
@ -1793,11 +1552,8 @@ func Routes() *web.Route {
m.Get("/registration-token", admin.GetRegistrationToken) m.Get("/registration-token", admin.GetRegistrationToken)
}) })
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryAdmin), reqToken(), reqSiteAdmin()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryAdmin), reqToken(), reqSiteAdmin())
m.Group("/projects", func() { m.Group("/projects", func() {
m. m.Combo("/{id}").Get(projects.GetProject).
Combo("/{id}").
Get(projects.GetProject).
Patch(bind(api.UpdateProjectPayload{}), projects.UpdateProject). Patch(bind(api.UpdateProjectPayload{}), projects.UpdateProject).
Delete(projects.DeleteProject) Delete(projects.DeleteProject)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryIssue), reqToken()) }, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryIssue), reqToken())