diff --git a/packaging/root/etc/drone/drone.toml b/packaging/root/etc/drone/drone.toml index 3f74c6bcf..084db1d15 100644 --- a/packaging/root/etc/drone/drone.toml +++ b/packaging/root/etc/drone/drone.toml @@ -22,22 +22,11 @@ port=":80" driver="sqlite3" datasource="/var/lib/drone/drone.sqlite" - -##################################################################### -# Open Registration allows users to self-register for Drone. -# This is recommended if Drone is being hosted behind a -# firewall. -# -# When false, the system admin will need to manually add -# users to Drone through the admin screens. -# -# [registration] -# open=true - # [github] # client="" # secret="" # orgs=[] +# open=false # [github_enterprise] # client="" @@ -46,18 +35,22 @@ datasource="/var/lib/drone/drone.sqlite" # url="" # orgs=[] # private_mode=false +# open=false # [bitbucket] # client="" # secret="" +# open=false # [gitlab] # url="" # skip_verify=false +# open=false # [gogs] # url="" # secret="" +# open=false ##################################################################### # SMTP configuration for Drone. This is required if you plan diff --git a/plugin/remote/bitbucket/bitbucket.go b/plugin/remote/bitbucket/bitbucket.go index 22f3c114a..c049384a4 100644 --- a/plugin/remote/bitbucket/bitbucket.go +++ b/plugin/remote/bitbucket/bitbucket.go @@ -27,19 +27,21 @@ type Bitbucket struct { API string Client string Secret string + Open bool } -func New(url, api, client, secret string) *Bitbucket { +func New(url, api, client, secret string, open bool) *Bitbucket { return &Bitbucket{ URL: url, API: api, Client: client, Secret: secret, + Open: open, } } -func NewDefault(client, secret string) *Bitbucket { - return New(DefaultURL, DefaultAPI, client, secret) +func NewDefault(client, secret string, open bool) *Bitbucket { + return New(DefaultURL, DefaultAPI, client, secret, open) } // Authorize handles Bitbucket API Authorization @@ -269,3 +271,7 @@ func (r *Bitbucket) ParseHook(req *http.Request) (*model.Hook, error) { Message: hook.Commits[len(hook.Commits)-1].Message, }, nil } + +func (r *Bitbucket) OpenRegistration() bool { + return r.Open +} diff --git a/plugin/remote/bitbucket/register.go b/plugin/remote/bitbucket/register.go index ae513a87a..108c68d90 100644 --- a/plugin/remote/bitbucket/register.go +++ b/plugin/remote/bitbucket/register.go @@ -9,6 +9,7 @@ var ( // Bitbucket cloud configuration details bitbucketClient = config.String("bitbucket-client", "") bitbucketSecret = config.String("bitbucket-secret", "") + bitbucketOpen = config.Bool("bitbucket-open", false) ) // Registers the Bitbucket plugin using the default @@ -19,6 +20,6 @@ func Register() { return } remote.Register( - NewDefault(*bitbucketClient, *bitbucketSecret), + NewDefault(*bitbucketClient, *bitbucketSecret, *bitbucketOpen), ) } diff --git a/plugin/remote/github/github.go b/plugin/remote/github/github.go index 840d493f1..3919cae66 100644 --- a/plugin/remote/github/github.go +++ b/plugin/remote/github/github.go @@ -28,9 +28,10 @@ type GitHub struct { Private bool SkipVerify bool Orgs []string + Open bool } -func New(url, api, client, secret string, private, skipVerify bool, orgs []string) *GitHub { +func New(url, api, client, secret string, private, skipVerify bool, orgs []string, open bool) *GitHub { var github = GitHub{ URL: url, API: api, @@ -39,6 +40,7 @@ func New(url, api, client, secret string, private, skipVerify bool, orgs []strin Private: private, SkipVerify: skipVerify, Orgs: orgs, + Open: open, } // the API must have a trailing slash if !strings.HasSuffix(github.API, "/") { @@ -51,8 +53,8 @@ func New(url, api, client, secret string, private, skipVerify bool, orgs []strin return &github } -func NewDefault(client, secret string, orgs []string) *GitHub { - return New(DefaultURL, DefaultAPI, client, secret, false, false, orgs) +func NewDefault(client, secret string, orgs []string, open bool) *GitHub { + return New(DefaultURL, DefaultAPI, client, secret, false, false, orgs, open) } // Authorize handles GitHub API Authorization. @@ -305,3 +307,7 @@ func (r *GitHub) ParsePullRequestHook(req *http.Request) (*model.Hook, error) { return &hook, nil } + +func (r *GitHub) OpenRegistration() bool { + return r.Open +} diff --git a/plugin/remote/github/register.go b/plugin/remote/github/register.go index 52c72838c..21d714e05 100644 --- a/plugin/remote/github/register.go +++ b/plugin/remote/github/register.go @@ -10,6 +10,7 @@ var ( githubClient = config.String("github-client", "") githubSecret = config.String("github-secret", "") githubOrgs = config.Strings("github-orgs") + githubOpen = config.Bool("github-open", false) // GitHub Enterprise configuration details githubEnterpriseURL = config.String("github-enterprise-url", "") @@ -19,6 +20,7 @@ var ( githubEnterprisePrivate = config.Bool("github-enterprise-private-mode", true) githubEnterpriseSkipVerify = config.Bool("github-enterprise-skip-verify", false) githubEnterpriseOrgs = config.Strings("github-enterprise-orgs") + githubEnterpriseOpen = config.Bool("github-enterprise-open", false) ) // Registers the GitHub plugins using the default @@ -35,7 +37,7 @@ func registerGitHub() { return } remote.Register( - NewDefault(*githubClient, *githubSecret, *githubOrgs), + NewDefault(*githubClient, *githubSecret, *githubOrgs, *githubOpen), ) } @@ -56,6 +58,7 @@ func registerGitHubEnterprise() { *githubEnterprisePrivate, *githubEnterpriseSkipVerify, *githubEnterpriseOrgs, + *githubEnterpriseOpen, ), ) } diff --git a/plugin/remote/gitlab/gitlab.go b/plugin/remote/gitlab/gitlab.go index 560678ece..73f5bf9ec 100644 --- a/plugin/remote/gitlab/gitlab.go +++ b/plugin/remote/gitlab/gitlab.go @@ -13,12 +13,14 @@ import ( type Gitlab struct { url string SkipVerify bool + Open bool } -func New(url string, skipVerify bool) *Gitlab { +func New(url string, skipVerify, open bool) *Gitlab { return &Gitlab{ url: url, SkipVerify: skipVerify, + Open: open, } } @@ -191,3 +193,7 @@ func (r *Gitlab) ParseHook(req *http.Request) (*model.Hook, error) { return hook, nil } + +func (r *Gitlab) OpenRegistration() bool { + return r.Open +} diff --git a/plugin/remote/gitlab/gitlab_test.go b/plugin/remote/gitlab/gitlab_test.go index 38c331364..81d0d4e53 100644 --- a/plugin/remote/gitlab/gitlab_test.go +++ b/plugin/remote/gitlab/gitlab_test.go @@ -14,7 +14,7 @@ func Test_Github(t *testing.T) { var server = testdata.NewServer() defer server.Close() - var gitlab = New(server.URL, false) + var gitlab = New(server.URL, false, false) var user = model.User{ Access: "e3b0c44298fc1c149afbf4c8996fb", } diff --git a/plugin/remote/gitlab/register.go b/plugin/remote/gitlab/register.go index c4e7e4c48..ebd45a8b9 100644 --- a/plugin/remote/gitlab/register.go +++ b/plugin/remote/gitlab/register.go @@ -8,6 +8,7 @@ import ( var ( gitlabURL = config.String("gitlab-url", "") gitlabSkipVerify = config.Bool("gitlab-skip-verify", false) + gitlabOpen = config.Bool("gitlab-open", false) ) // Registers the Gitlab plugin using the default @@ -21,6 +22,7 @@ func Register() { New( *gitlabURL, *gitlabSkipVerify, + *gitlabOpen, ), ) } diff --git a/plugin/remote/gogs/gogs.go b/plugin/remote/gogs/gogs.go index 9ad32a209..c1ee50f7c 100644 --- a/plugin/remote/gogs/gogs.go +++ b/plugin/remote/gogs/gogs.go @@ -16,10 +16,11 @@ import ( type Gogs struct { URL string Secret string + Open bool } -func New(url string, secret string) *Gogs { - return &Gogs{URL: url, Secret: secret} +func New(url string, secret string, open bool) *Gogs { + return &Gogs{URL: url, Secret: secret, Open: open} } // Authorize handles Gogs authorization @@ -181,3 +182,7 @@ func (r *Gogs) ParseHook(req *http.Request) (*model.Hook, error) { Message: payload.Commits[0].Message, }, nil } + +func (r *Gogs) OpenRegistration() bool { + return r.Open +} diff --git a/plugin/remote/gogs/register.go b/plugin/remote/gogs/register.go index 592d729f3..aa2479e6f 100644 --- a/plugin/remote/gogs/register.go +++ b/plugin/remote/gogs/register.go @@ -8,6 +8,7 @@ import ( var ( gogsUrl = config.String("gogs-url", "") gogsSecret = config.String("gogs-secret", "") + gogsOpen = config.Bool("gogs-open", false) ) // Registers the Gogs plugin using the default @@ -18,6 +19,6 @@ func Register() { return } remote.Register( - New(*gogsUrl, *gogsSecret), + New(*gogsUrl, *gogsSecret, *gogsOpen), ) } diff --git a/plugin/remote/remote.go b/plugin/remote/remote.go index ad6c3f162..cfba0108e 100644 --- a/plugin/remote/remote.go +++ b/plugin/remote/remote.go @@ -32,6 +32,9 @@ type Remote interface { // ParseHook parses the post-commit hook from the Request body // and returns the required data in a standard format. ParseHook(r *http.Request) (*model.Hook, error) + + // Registration returns true if open registration is allowed + OpenRegistration() bool } // List of registered plugins. diff --git a/server/capability/capability.go b/server/capability/capability.go deleted file mode 100644 index 704e75a0a..000000000 --- a/server/capability/capability.go +++ /dev/null @@ -1,23 +0,0 @@ -package capability - -import ( - "code.google.com/p/go.net/context" -) - -type Capability map[string]bool - -// Get the capability value from the map. -func (c Capability) Get(key string) bool { - return c[key] -} - -// Sets the capability value in the map. -func (c Capability) Set(key string, value bool) { - c[key] = value -} - -// Enabled returns true if the capability is -// enabled in the system. -func Enabled(c context.Context, key string) bool { - return FromContext(c).Get(key) -} diff --git a/server/capability/capability_test.go b/server/capability/capability_test.go deleted file mode 100644 index b0ffe2ae3..000000000 --- a/server/capability/capability_test.go +++ /dev/null @@ -1,24 +0,0 @@ -package capability - -import ( - "testing" - - "code.google.com/p/go.net/context" - "github.com/franela/goblin" -) - -func TestBlobstore(t *testing.T) { - caps := map[string]bool{} - caps[Registration] = true - - ctx := NewContext(context.Background(), caps) - - g := goblin.Goblin(t) - g.Describe("Capabilities", func() { - - g.It("Should get capabilities from context", func() { - g.Assert(Enabled(ctx, Registration)).Equal(true) - g.Assert(Enabled(ctx, "Fake Key")).Equal(false) - }) - }) -} diff --git a/server/capability/const.go b/server/capability/const.go deleted file mode 100644 index 7d4da039c..000000000 --- a/server/capability/const.go +++ /dev/null @@ -1,5 +0,0 @@ -package capability - -const ( - Registration = "REGISTRATION" -) diff --git a/server/capability/context.go b/server/capability/context.go deleted file mode 100644 index 1f225be15..000000000 --- a/server/capability/context.go +++ /dev/null @@ -1,32 +0,0 @@ -package capability - -import ( - "code.google.com/p/go.net/context" -) - -const reqkey = "capability" - -// NewContext returns a Context whose Value method returns the -// application's Blobstore data. -func NewContext(parent context.Context, caps Capability) context.Context { - return &wrapper{parent, caps} -} - -type wrapper struct { - context.Context - caps Capability -} - -// Value returns the named key from the context. -func (c *wrapper) Value(key interface{}) interface{} { - if key == reqkey { - return c.caps - } - return c.Context.Value(key) -} - -// FromContext returns the capability map for the -// current context. -func FromContext(c context.Context) Capability { - return c.Value(reqkey).(Capability) -} diff --git a/server/handler/login.go b/server/handler/login.go index 2f08debed..2ae13603a 100644 --- a/server/handler/login.go +++ b/server/handler/login.go @@ -6,7 +6,6 @@ import ( "net/http" "github.com/drone/drone/plugin/remote" - "github.com/drone/drone/server/capability" "github.com/drone/drone/server/datastore" "github.com/drone/drone/server/session" "github.com/drone/drone/server/sync" @@ -49,7 +48,7 @@ func GetLogin(c web.C, w http.ResponseWriter, r *http.Request) { // if self-registration is disabled we should // return a notAuthorized error. the only exception // is if no users exist yet in the system we'll proceed. - if capability.Enabled(ctx, capability.Registration) == false { + if remote.OpenRegistration() == false { users, err := datastore.GetUserList(ctx) if err != nil || len(users) != 0 { log.Println("Unable to create account. Registration is closed") diff --git a/server/main.go b/server/main.go index ae41dc7b3..b5192380c 100644 --- a/server/main.go +++ b/server/main.go @@ -26,7 +26,6 @@ import ( "github.com/drone/drone/plugin/remote/gitlab" "github.com/drone/drone/plugin/remote/gogs" "github.com/drone/drone/server/blobstore" - "github.com/drone/drone/server/capability" "github.com/drone/drone/server/datastore" "github.com/drone/drone/server/datastore/database" "github.com/drone/drone/server/worker/director" @@ -56,10 +55,6 @@ var ( sslcrt = config.String("server-ssl-cert", "") sslkey = config.String("server-ssl-key", "") - // Enable self-registration. When false, the system admin - // must grant user access. - open = config.Bool("registration-open", false) - workers *pool.Pool worker *director.Director pub *pubsub.PubSub @@ -70,8 +65,6 @@ var ( nodes StringArr db *sql.DB - - caps map[string]bool ) func main() { @@ -104,9 +97,6 @@ func main() { gitlab.Register() gogs.Register() - caps = map[string]bool{} - caps[capability.Registration] = *open - // setup the database and cancel all pending // commits in the system. db = database.MustConnect(*driver, *datasource) @@ -170,7 +160,6 @@ func ContextMiddleware(c *web.C, h http.Handler) http.Handler { ctx = pool.NewContext(ctx, workers) ctx = director.NewContext(ctx, worker) ctx = pubsub.NewContext(ctx, pub) - ctx = capability.NewContext(ctx, caps) // add the context to the goji web context webcontext.Set(c, ctx)