diff --git a/cmd/serve.go b/cmd/serve.go index fed65bba1..ecf07114f 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -78,35 +78,18 @@ func runServ(c *cli.Context) { setup("serv.log") fail := func(userMessage, logMessage string, args ...interface{}) { - fmt.Fprintln(os.Stderr, "Gogs: ", userMessage) - log.GitLogger.Fatal(2, logMessage, args...) + fmt.Fprintln(os.Stderr, "Gogs:", userMessage) + log.GitLogger.Fatal(3, logMessage, args...) } if len(c.Args()) < 1 { fail("Not enough arguments", "Not enough arguments") } - keys := strings.Split(c.Args()[0], "-") - if len(keys) != 2 { - fail("key-id format error", "Invalid key id: %s", c.Args()[0]) - } - - keyId, err := com.StrTo(keys[1]).Int64() - if err != nil { - fail("key-id format error", "Invalid key id: %s", err) - } - - user, err := models.GetUserByKeyId(keyId) - if err != nil { - fail("internal error", "Failed to get user by key ID(%d): %v", keyId, err) - } - cmd := os.Getenv("SSH_ORIGINAL_COMMAND") - if cmd == "" { - fmt.Printf("Hi, %s! You've successfully authenticated, but Gogs does not provide shell access.\n", user.Name) - if user.IsAdmin { - println("If this is unexpected, please log in with password and setup Gogs under another user.") - } + if len(cmd) == 0 { + println("Hi there, You've successfully authenticated, but Gogs does not provide shell access.") + println("If this is unexpected, please log in with password and setup Gogs under another user.") return } @@ -121,7 +104,7 @@ func runServ(c *cli.Context) { repoUser, err := models.GetUserByName(repoUserName) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { fail("Repository owner does not exist", "Unregistered owner: %s", repoUserName) } fail("Internal error", "Failed to get repository owner(%s): %v", repoUserName, err) @@ -130,11 +113,7 @@ func runServ(c *cli.Context) { repo, err := models.GetRepositoryByName(repoUser.Id, repoName) if err != nil { if models.IsErrRepoNotExist(err) { - if user.Id == repoUser.Id || repoUser.IsOwnedBy(user.Id) { - fail("Repository does not exist", "Repository does not exist: %s/%s", repoUser.Name, repoName) - } else { - fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, repoName) - } + fail(_ACCESS_DENIED_MESSAGE, "Repository does not exist: %s/%s", repoUser.Name, repoName) } fail("Internal error", "Failed to get repository: %v", err) } @@ -144,17 +123,39 @@ func runServ(c *cli.Context) { fail("Unknown git command", "Unknown git command %s", verb) } - mode, err := models.AccessLevel(user, repo) - if err != nil { - fail("Internal error", "Fail to check access: %v", err) - } else if mode < requestedMode { - clientMessage := _ACCESS_DENIED_MESSAGE - if mode >= models.ACCESS_MODE_READ { - clientMessage = "You do not have sufficient authorization for this action" + // Allow anonymous clone for public repositories. + var ( + keyID int64 + user *models.User + ) + if requestedMode == models.ACCESS_MODE_WRITE || repo.IsPrivate { + keys := strings.Split(c.Args()[0], "-") + if len(keys) != 2 { + fail("key-id format error", "Invalid key id: %s", c.Args()[0]) + } + + keyID, err = com.StrTo(keys[1]).Int64() + if err != nil { + fail("key-id format error", "Invalid key id: %s", err) + } + + user, err = models.GetUserByKeyId(keyID) + if err != nil { + fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err) + } + + mode, err := models.AccessLevel(user, repo) + if err != nil { + fail("Internal error", "Fail to check access: %v", err) + } else if mode < requestedMode { + clientMessage := _ACCESS_DENIED_MESSAGE + if mode >= models.ACCESS_MODE_READ { + clientMessage = "You do not have sufficient authorization for this action" + } + fail(clientMessage, + "User %s does not have level %v access to repository %s", + user.Name, requestedMode, repoPath) } - fail(clientMessage, - "User %s does not have level %v access to repository %s", - user.Name, requestedMode, repoPath) } uuid := uuid.NewV4().String() @@ -201,12 +202,15 @@ func runServ(c *cli.Context) { } // Update key activity. - key, err := models.GetPublicKeyById(keyId) - if err != nil { - fail("Internal error", "GetPublicKeyById: %v", err) - } - key.Updated = time.Now() - if err = models.UpdatePublicKey(key); err != nil { - fail("Internal error", "UpdatePublicKey: %v", err) + if keyID > 0 { + key, err := models.GetPublicKeyById(keyID) + if err != nil { + fail("Internal error", "GetPublicKeyById: %v", err) + } + + key.Updated = time.Now() + if err = models.UpdatePublicKey(key); err != nil { + fail("Internal error", "UpdatePublicKey: %v", err) + } } } diff --git a/gogs.go b/gogs.go index 712f86061..1513bbfae 100644 --- a/gogs.go +++ b/gogs.go @@ -17,7 +17,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.6.3.0802 Beta" +const APP_VER = "0.6.3.0805 Beta" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) diff --git a/models/error.go b/models/error.go index 04f850def..067eace23 100644 --- a/models/error.go +++ b/models/error.go @@ -54,6 +54,20 @@ func (err ErrUserAlreadyExist) Error() string { return fmt.Sprintf("user already exists: [name: %s]", err.Name) } +type ErrUserNotExist struct { + UID int64 + Name string +} + +func IsErrUserNotExist(err error) bool { + _, ok := err.(ErrUserNotExist) + return ok +} + +func (err ErrUserNotExist) Error() string { + return fmt.Sprintf("user does not exist: [uid: %d, name: %s]", err.UID, err.Name) +} + type ErrEmailAlreadyUsed struct { Email string } diff --git a/models/issue.go b/models/issue.go index f9930aa67..77b38cbc0 100644 --- a/models/issue.go +++ b/models/issue.go @@ -57,7 +57,7 @@ type Issue struct { func (i *Issue) GetPoster() (err error) { i.Poster, err = GetUserById(i.PosterId) - if err == ErrUserNotExist { + if IsErrUserNotExist(err) { i.Poster = &User{Name: "FakeUser"} return nil } @@ -92,7 +92,7 @@ func (i *Issue) GetAssignee() (err error) { return nil } i.Assignee, err = GetUserById(i.AssigneeId) - if err == ErrUserNotExist { + if IsErrUserNotExist(err) { return nil } return err diff --git a/models/login.go b/models/login.go index 10f782bee..82cea35f4 100644 --- a/models/login.go +++ b/models/login.go @@ -41,7 +41,7 @@ var ( var LoginTypes = map[LoginType]string{ LDAP: "LDAP", SMTP: "SMTP", - PAM: "PAM", + PAM: "PAM", } // Ensure structs implemented interface. @@ -192,7 +192,7 @@ func UserSignIn(uname, passwd string) (*User, error) { // Now verify password. if u.LoginType == PLAIN { if !u.ValidatePassword(passwd) { - return nil, ErrUserNotExist + return nil, ErrUserNotExist{u.Id, u.Name} } return u, nil } @@ -229,7 +229,7 @@ func UserSignIn(uname, passwd string) (*User, error) { } } - return nil, ErrUserNotExist + return nil, ErrUserNotExist{u.Id, u.Name} } var source LoginSource @@ -261,7 +261,7 @@ func LoginUserLdapSource(u *User, name, passwd string, sourceId int64, cfg *LDAP name, fn, sn, mail, logged := cfg.Ldapsource.SearchEntry(name, passwd) if !logged { // User not in LDAP, do nothing - return nil, ErrUserNotExist + return nil, ErrUserNotExist{u.Id, u.Name} } if !autoRegister { return u, nil @@ -362,7 +362,7 @@ func LoginUserSMTPSource(u *User, name, passwd string, sourceId int64, cfg *SMTP if err := SmtpAuth(cfg.Host, cfg.Port, auth, cfg.TLS); err != nil { if strings.Contains(err.Error(), "Username and Password not accepted") { - return nil, ErrUserNotExist + return nil, ErrUserNotExist{u.Id, u.Name} } return nil, err } @@ -397,7 +397,7 @@ func LoginUserSMTPSource(u *User, name, passwd string, sourceId int64, cfg *SMTP func LoginUserPAMSource(u *User, name, passwd string, sourceId int64, cfg *PAMConfig, autoRegister bool) (*User, error) { if err := pam.PAMAuth(cfg.ServiceName, name, passwd); err != nil { if strings.Contains(err.Error(), "Authentication failure") { - return nil, ErrUserNotExist + return nil, ErrUserNotExist{u.Id, u.Name} } return nil, err } diff --git a/models/repo.go b/models/repo.go index a2b29ff31..117837fc5 100644 --- a/models/repo.go +++ b/models/repo.go @@ -624,7 +624,7 @@ func GetRepositoriesWithUsers(num, offset int) ([]*Repository, error) { if err != nil { return nil, err } else if !has { - return nil, ErrUserNotExist + return nil, ErrUserNotExist{repo.OwnerId, ""} } } diff --git a/models/user.go b/models/user.go index e239ea174..c5d4b9d91 100644 --- a/models/user.go +++ b/models/user.go @@ -36,7 +36,6 @@ const ( ) var ( - ErrUserNotExist = errors.New("User does not exist") ErrUserNotKeyOwner = errors.New("User does not the owner of public key") ErrEmailNotExist = errors.New("E-mail does not exist") ErrEmailNotActivated = errors.New("E-mail address has not been activated") @@ -555,7 +554,7 @@ func getUserById(e Engine, id int64) (*User, error) { if err != nil { return nil, err } else if !has { - return nil, ErrUserNotExist + return nil, ErrUserNotExist{id, ""} } return u, nil } @@ -568,14 +567,14 @@ func GetUserById(id int64) (*User, error) { // GetUserByName returns user by given name. func GetUserByName(name string) (*User, error) { if len(name) == 0 { - return nil, ErrUserNotExist + return nil, ErrUserNotExist{0, name} } u := &User{LowerName: strings.ToLower(name)} has, err := x.Get(u) if err != nil { return nil, err } else if !has { - return nil, ErrUserNotExist + return nil, ErrUserNotExist{0, name} } return u, nil } @@ -700,7 +699,7 @@ func MakeEmailPrimary(email *EmailAddress) error { if err != nil { return err } else if !has { - return ErrUserNotExist + return ErrUserNotExist{email.Uid, ""} } // Make sure the former primary email doesn't disappear @@ -763,7 +762,7 @@ func ValidateCommitsWithEmails(oldCommits *list.List) *list.List { // GetUserByEmail returns the user object by given e-mail if exists. func GetUserByEmail(email string) (*User, error) { if len(email) == 0 { - return nil, ErrUserNotExist + return nil, ErrUserNotExist{0, "email"} } // First try to find the user by primary email user := &User{Email: strings.ToLower(email)} @@ -785,7 +784,7 @@ func GetUserByEmail(email string) (*User, error) { return GetUserById(emailAddress.Uid) } - return nil, ErrUserNotExist + return nil, ErrUserNotExist{0, "email"} } // SearchUserByName returns given number of users whose name contains keyword. diff --git a/modules/auth/auth.go b/modules/auth/auth.go index 155a82728..7e01abc3b 100644 --- a/modules/auth/auth.go +++ b/modules/auth/auth.go @@ -55,7 +55,7 @@ func SignedInId(req *http.Request, sess session.Store) int64 { } if id, ok := uid.(int64); ok { if _, err := models.GetUserById(id); err != nil { - if err != models.ErrUserNotExist { + if !models.IsErrUserNotExist(err) { log.Error(4, "GetUserById: %v", err) } return 0 @@ -80,7 +80,7 @@ func SignedInUser(req *http.Request, sess session.Store) (*models.User, bool) { if len(webAuthUser) > 0 { u, err := models.GetUserByName(webAuthUser) if err != nil { - if err != models.ErrUserNotExist { + if !models.IsErrUserNotExist(err) { log.Error(4, "GetUserByName: %v", err) return nil, false } @@ -115,7 +115,7 @@ func SignedInUser(req *http.Request, sess session.Store) (*models.User, bool) { u, err := models.UserSignIn(uname, passwd) if err != nil { - if err != models.ErrUserNotExist { + if !models.IsErrUserNotExist(err) { log.Error(4, "UserSignIn: %v", err) } return nil, false diff --git a/modules/middleware/org.go b/modules/middleware/org.go index 1ac4bcf1a..065e1b1e9 100644 --- a/modules/middleware/org.go +++ b/modules/middleware/org.go @@ -34,7 +34,7 @@ func OrgAssignment(redirect bool, args ...bool) macaron.Handler { var err error ctx.Org.Organization, err = models.GetUserByName(orgName) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Handle(404, "GetUserByName", err) } else if redirect { log.Error(4, "GetUserByName", err) diff --git a/modules/middleware/repo.go b/modules/middleware/repo.go index 0aaecec84..c14df2750 100644 --- a/modules/middleware/repo.go +++ b/modules/middleware/repo.go @@ -41,7 +41,7 @@ func ApiRepoAssignment() macaron.Handler { } else { u, err = models.GetUserByName(userName) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Error(404) } else { ctx.JSON(500, &base.ApiJsonErr{"GetUserByName: " + err.Error(), base.DOC_URL}) @@ -217,7 +217,7 @@ func RepoAssignment(redirect bool, args ...bool) macaron.Handler { } else { u, err = models.GetUserByName(userName) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Handle(404, "GetUserByName", err) } else { ctx.Handle(500, "GetUserByName", err) diff --git a/routers/api/v1/repo.go b/routers/api/v1/repo.go index 7da5f8173..d683eac3f 100644 --- a/routers/api/v1/repo.go +++ b/routers/api/v1/repo.go @@ -139,7 +139,7 @@ func CreateRepo(ctx *middleware.Context, opt api.CreateRepoOption) { func CreateOrgRepo(ctx *middleware.Context, opt api.CreateRepoOption) { org, err := models.GetOrgByName(ctx.Params(":org")) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Error(404) } else { ctx.Error(500) @@ -157,7 +157,7 @@ func CreateOrgRepo(ctx *middleware.Context, opt api.CreateRepoOption) { func MigrateRepo(ctx *middleware.Context, form auth.MigrateRepoForm) { u, err := models.GetUserByName(ctx.Query("username")) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.HandleAPI(422, err) } else { ctx.HandleAPI(500, err) @@ -174,7 +174,7 @@ func MigrateRepo(ctx *middleware.Context, form auth.MigrateRepoForm) { if form.Uid != u.Id { org, err := models.GetUserById(form.Uid) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.HandleAPI(422, err) } else { ctx.HandleAPI(500, err) diff --git a/routers/api/v1/user.go b/routers/api/v1/user.go index a4648297b..feecda483 100644 --- a/routers/api/v1/user.go +++ b/routers/api/v1/user.go @@ -61,7 +61,7 @@ func SearchUsers(ctx *middleware.Context) { func GetUserInfo(ctx *middleware.Context) { u, err := models.GetUserByName(ctx.Params(":username")) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Error(404) } else { ctx.JSON(500, &base.ApiJsonErr{"GetUserByName: " + err.Error(), base.DOC_URL}) diff --git a/routers/org/members.go b/routers/org/members.go index c8c90cfe4..dd742bb7a 100644 --- a/routers/org/members.go +++ b/routers/org/members.go @@ -100,7 +100,7 @@ func Invitation(ctx *middleware.Context) { uname := ctx.Query("uname") u, err := models.GetUserByName(uname) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Flash.Error(ctx.Tr("form.user_not_exist")) ctx.Redirect(ctx.Org.OrgLink + "/invitations/new") } else { diff --git a/routers/org/teams.go b/routers/org/teams.go index 7436e30ee..6968512fe 100644 --- a/routers/org/teams.go +++ b/routers/org/teams.go @@ -77,7 +77,7 @@ func TeamsAction(ctx *middleware.Context) { var u *models.User u, err = models.GetUserByName(uname) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Flash.Error(ctx.Tr("form.user_not_exist")) ctx.Redirect(ctx.Org.OrgLink + "/teams/" + ctx.Org.Team.LowerName) } else { diff --git a/routers/repo/http.go b/routers/repo/http.go index 4e5aba04e..45b0ec59c 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -55,7 +55,7 @@ func Http(ctx *middleware.Context) { repoUser, err := models.GetUserByName(username) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Handle(404, "GetUserByName", nil) } else { ctx.Handle(500, "GetUserByName", err) @@ -107,7 +107,7 @@ func Http(ctx *middleware.Context) { authUser, err = models.UserSignIn(authUsername, authPasswd) if err != nil { - if err != models.ErrUserNotExist { + if !models.IsErrUserNotExist(err) { ctx.Handle(500, "UserSignIn error: %v", err) return } diff --git a/routers/repo/repo.go b/routers/repo/repo.go index 605071d11..f8df726cb 100644 --- a/routers/repo/repo.go +++ b/routers/repo/repo.go @@ -35,7 +35,7 @@ func checkContextUser(ctx *middleware.Context, uid int64) *models.User { } org, err := models.GetUserById(uid) - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { return ctx.User } diff --git a/routers/repo/setting.go b/routers/repo/setting.go index c37148081..12fc428c1 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -118,7 +118,7 @@ func SettingsPost(ctx *middleware.Context, form auth.RepoSettingForm) { } if _, err = models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil) } else { ctx.Handle(500, "UserSignIn", err) @@ -151,7 +151,7 @@ func SettingsPost(ctx *middleware.Context, form auth.RepoSettingForm) { } if _, err := models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_OPTIONS, nil) } else { ctx.Handle(500, "UserSignIn", err) @@ -185,7 +185,7 @@ func SettingsCollaboration(ctx *middleware.Context) { u, err := models.GetUserByName(name) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Flash.Error(ctx.Tr("form.user_not_exist")) ctx.Redirect(setting.AppSubUrl + ctx.Req.URL.Path) } else { diff --git a/routers/user/auth.go b/routers/user/auth.go index 52675a777..4b29a29ec 100644 --- a/routers/user/auth.go +++ b/routers/user/auth.go @@ -60,7 +60,7 @@ func SignIn(ctx *middleware.Context) { u, err := models.GetUserByName(uname) if err != nil { - if err != models.ErrUserNotExist { + if !models.IsErrUserNotExist(err) { ctx.Handle(500, "GetUserByName", err) } else { ctx.HTML(200, SIGNIN) @@ -105,7 +105,7 @@ func SignInPost(ctx *middleware.Context, form auth.SignInForm) { u, err := models.UserSignIn(form.UserName, form.Password) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.RenderWithErr(ctx.Tr("form.username_password_incorrect"), SIGNIN, &form) } else { ctx.Handle(500, "UserSignIn", err) @@ -328,7 +328,7 @@ func Activate(ctx *middleware.Context) { user.IsActive = true user.Rands = models.GetUserSalt() if err := models.UpdateUser(user); err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Error(404) } else { ctx.Handle(500, "UpdateUser", err) @@ -391,7 +391,7 @@ func ForgotPasswdPost(ctx *middleware.Context) { email := ctx.Query("email") u, err := models.GetUserByEmail(email) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Data["Err_Email"] = true ctx.RenderWithErr(ctx.Tr("auth.email_not_associate"), FORGOT_PASSWORD, nil) } else { diff --git a/routers/user/home.go b/routers/user/home.go index 503f9e366..5e77b837f 100644 --- a/routers/user/home.go +++ b/routers/user/home.go @@ -38,7 +38,7 @@ func Dashboard(ctx *middleware.Context) { // Organization. org, err := models.GetUserByName(orgName) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Handle(404, "GetUserByName", err) } else { ctx.Handle(500, "GetUserByName", err) @@ -115,7 +115,7 @@ func Dashboard(ctx *middleware.Context) { // FIXME: cache results? u, err := models.GetUserByName(act.ActUserName) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { continue } ctx.Handle(500, "GetUserByName", err) @@ -176,7 +176,7 @@ func Profile(ctx *middleware.Context) { u, err := models.GetUserByName(uname) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { ctx.Handle(404, "GetUserByName", err) } else { ctx.Handle(500, "GetUserByName", err) @@ -223,7 +223,7 @@ func Profile(ctx *middleware.Context) { // FIXME: cache results? u, err := models.GetUserByName(act.ActUserName) if err != nil { - if err == models.ErrUserNotExist { + if models.IsErrUserNotExist(err) { continue } ctx.Handle(500, "GetUserByName", err) @@ -247,10 +247,10 @@ func Profile(ctx *middleware.Context) { func Email2User(ctx *middleware.Context) { u, err := models.GetUserByEmail(ctx.Query("email")) if err != nil { - if err == models.ErrUserNotExist { - ctx.Handle(404, "user.Email2User(GetUserByEmail)", err) + if models.IsErrUserNotExist(err) { + ctx.Handle(404, "GetUserByEmail", err) } else { - ctx.Handle(500, "user.Email2User(GetUserByEmail)", err) + ctx.Handle(500, "GetUserByEmail", err) } return } diff --git a/templates/.VERSION b/templates/.VERSION index 8c77c2163..2d7fe8987 100644 --- a/templates/.VERSION +++ b/templates/.VERSION @@ -1 +1 @@ -0.6.3.0802 Beta \ No newline at end of file +0.6.3.0805 Beta \ No newline at end of file