From 3abe398244f67578d4a4a6ef1185a3abfc6a8bb0 Mon Sep 17 00:00:00 2001 From: Naoki Takezoe Date: Mon, 16 Apr 2018 19:41:11 +0900 Subject: [PATCH 1/2] Apply ApiAuthenticationFilter to /api/* to cover APIs other than GitHub API --- src/main/scala/ScalatraBootstrap.scala | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/scala/ScalatraBootstrap.scala b/src/main/scala/ScalatraBootstrap.scala index 70e4bf7b3..bc80bfd9d 100644 --- a/src/main/scala/ScalatraBootstrap.scala +++ b/src/main/scala/ScalatraBootstrap.scala @@ -28,7 +28,7 @@ class ScalatraBootstrap extends LifeCycle with SystemSettingsService { context.addFilter("apiAuthenticationFilter", new ApiAuthenticationFilter) context .getFilterRegistration("apiAuthenticationFilter") - .addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/v3/*") + .addMappingForUrlPatterns(EnumSet.allOf(classOf[DispatcherType]), true, "/api/*") // Register controllers context.mount(new PreProcessController, "/*") From db17508559d293bc5f862b9cf1f5894acfb0943f Mon Sep 17 00:00:00 2001 From: Naoki Takezoe Date: Tue, 17 Apr 2018 10:05:05 +0900 Subject: [PATCH 2/2] Fix error response processing of APIs --- .../gitbucket/core/controller/ControllerBase.scala | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/src/main/scala/gitbucket/core/controller/ControllerBase.scala b/src/main/scala/gitbucket/core/controller/ControllerBase.scala index ecb3d13bd..3097e91c2 100644 --- a/src/main/scala/gitbucket/core/controller/ControllerBase.scala +++ b/src/main/scala/gitbucket/core/controller/ControllerBase.scala @@ -2,7 +2,7 @@ package gitbucket.core.controller import java.io.FileInputStream -import gitbucket.core.api.ApiError +import gitbucket.core.api.{ApiError, JsonFormat} import gitbucket.core.model.Account import gitbucket.core.service.{AccountService, RepositoryService, SystemSettingsService} import gitbucket.core.util.SyntaxSugars._ @@ -46,6 +46,7 @@ abstract class ControllerBase before("/api/v3/*") { contentType = formats("json") + request.setAttribute(Keys.Request.APIv3, true) } override def requestPath(uri: String, idx: Int): String = { @@ -67,9 +68,6 @@ abstract class ControllerBase // Git repository chain.doFilter(request, response) } else { - if (path.startsWith("/api/v3/")) { - httpRequest.setAttribute(Keys.Request.APIv3, true) - } // Scalatra actions super.doFilter(request, response, chain) } @@ -125,7 +123,7 @@ abstract class ControllerBase org.scalatra.NotFound() } else if (request.hasAttribute(Keys.Request.APIv3)) { contentType = formats("json") - org.scalatra.NotFound(ApiError("Not Found")) + org.scalatra.NotFound(JsonFormat(ApiError("Not Found"))) } else { org.scalatra.NotFound(gitbucket.core.html.error("Not Found")) } @@ -145,7 +143,7 @@ abstract class ControllerBase org.scalatra.Unauthorized() } else if (request.hasAttribute(Keys.Request.APIv3)) { contentType = formats("json") - org.scalatra.Unauthorized(ApiError("Requires authentication")) + org.scalatra.Unauthorized(JsonFormat(ApiError("Requires authentication"))) } else if (!isBrowser(request.getHeader("USER-AGENT"))) { org.scalatra.Unauthorized() } else { @@ -177,7 +175,7 @@ abstract class ControllerBase org.scalatra.InternalServerError() } else if (request.hasAttribute(Keys.Request.APIv3)) { contentType = formats("json") - org.scalatra.InternalServerError(ApiError("Internal Server Error")) + org.scalatra.InternalServerError(JsonFormat(ApiError("Internal Server Error"))) } else { org.scalatra.InternalServerError(gitbucket.core.html.error("Internal Server Error", Some(e))) }