Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-08 14:35:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

Eliminate context.loginAccount.get() by adding context.withLoginAccount() (#2729)

Browse Source
This commit is contained in:
Naoki Takezoe
2021-04-07 12:19:47 +09:00
committed by GitHub
parent cbdc0528ca
commit 9f7048a19c
11 changed files with 962 additions and 821 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/main/scala/gitbucket/core/controller/AccountController.scala
View File

@@ -629,7 +629,9 @@ trait AccountControllerBase extends AccountManagementControllerBase {
} }
get("/groups/new")(usersOnly { get("/groups/new")(usersOnly {
html.creategroup(List(GroupMember("", context.loginAccount.get.userName, true))) context.withLoginAccount { loginAccount =>
html.creategroup(List(GroupMember("", loginAccount.userName, true)))
}
}) })
post("/groups/new", newGroupForm)(usersOnly { form => post("/groups/new", newGroupForm)(usersOnly { form =>
@@ -716,25 +718,29 @@ trait AccountControllerBase extends AccountManagementControllerBase {
* Show the new repository form. * Show the new repository form.
*/ */
get("/new")(usersOnly { get("/new")(usersOnly {
html.newrepo(getGroupsByUserName(context.loginAccount.get.userName), context.settings.isCreateRepoOptionPublic) context.withLoginAccount { loginAccount =>
html.newrepo(getGroupsByUserName(loginAccount.userName), context.settings.isCreateRepoOptionPublic)
}
}) })
/** /**
* Create new repository. * Create new repository.
*/ */
post("/new", newRepositoryForm)(usersOnly { form => post("/new", newRepositoryForm)(usersOnly { form =>
if (context.settings.repositoryOperation.create || context.loginAccount.get.isAdmin) { context.withLoginAccount {
loginAccount =>
if (context.settings.repositoryOperation.create || loginAccount.isAdmin) {
LockUtil.lock(s"${form.owner}/${form.name}") { LockUtil.lock(s"${form.owner}/${form.name}") {
if (getRepository(form.owner, form.name).isDefined) { if (getRepository(form.owner, form.name).isDefined) {
// redirect to the repository if repository already exists // redirect to the repository if repository already exists
redirect(s"/${form.owner}/${form.name}") redirect(s"/${form.owner}/${form.name}")
} else if (!canCreateRepository(form.owner, context.loginAccount.get)) { } else if (!canCreateRepository(form.owner, loginAccount)) {
// Permission error // Permission error
Forbidden() Forbidden()
} else { } else {
// create repository asynchronously // create repository asynchronously
createRepository( createRepository(
context.loginAccount.get, loginAccount,
form.owner, form.owner,
form.name, form.name,
form.description, form.description,
@@ -747,10 +753,12 @@ trait AccountControllerBase extends AccountManagementControllerBase {
} }
} }
} else Forbidden() } else Forbidden()
}
}) })
get("/:owner/:repository/fork")(readableUsersOnly { repository => get("/:owner/:repository/fork")(readableUsersOnly { repository =>
val loginAccount = context.loginAccount.get context.withLoginAccount {
loginAccount =>
if (repository.repository.options.allowFork && (context.settings.repositoryOperation.fork || loginAccount.isAdmin)) { if (repository.repository.options.allowFork && (context.settings.repositoryOperation.fork || loginAccount.isAdmin)) {
val loginUserName = loginAccount.userName val loginUserName = loginAccount.userName
val groups = getGroupsByUserName(loginUserName) val groups = getGroupsByUserName(loginUserName)
@@ -772,10 +780,12 @@ trait AccountControllerBase extends AccountManagementControllerBase {
case _ => redirect(s"/${loginUserName}") case _ => redirect(s"/${loginUserName}")
} }
} else BadRequest() } else BadRequest()
}
}) })
post("/:owner/:repository/fork", accountForm)(readableUsersOnly { (form, repository) => post("/:owner/:repository/fork", accountForm)(readableUsersOnly { (form, repository) =>
val loginAccount = context.loginAccount.get context.withLoginAccount {
loginAccount =>
if (repository.repository.options.allowFork && (context.settings.repositoryOperation.fork || loginAccount.isAdmin)) { if (repository.repository.options.allowFork && (context.settings.repositoryOperation.fork || loginAccount.isAdmin)) {
val loginUserName = loginAccount.userName val loginUserName = loginAccount.userName
val accountName = form.accountName val accountName = form.accountName
@@ -793,6 +803,7 @@ trait AccountControllerBase extends AccountManagementControllerBase {
redirect(s"/${accountName}/${repository.name}") redirect(s"/${accountName}/${repository.name}")
} }
} else Forbidden() } else Forbidden()
}
}) })
private def existsAccount: Constraint = new Constraint() { private def existsAccount: Constraint = new Constraint() {

7
src/main/scala/gitbucket/core/controller/ControllerBase.scala
View File

@@ -303,6 +303,13 @@ case class Context(
} }
val sidebarCollapse = request.getSession.getAttribute("sidebar-collapse") != null val sidebarCollapse = request.getSession.getAttribute("sidebar-collapse") != null
def withLoginAccount(f: Account => Any): Any = {
loginAccount match {
case Some(loginAccount) => f(loginAccount)
case None => Unauthorized()
}
}
/** /**
* Get object from cache. * Get object from cache.
* *

45
src/main/scala/gitbucket/core/controller/DashboardController.scala
View File

@@ -1,6 +1,7 @@
package gitbucket.core.controller package gitbucket.core.controller
import gitbucket.core.dashboard.html import gitbucket.core.dashboard.html
import gitbucket.core.model.Account
import gitbucket.core.service._ import gitbucket.core.service._
import gitbucket.core.util.{Keys, UsersAuthenticator} import gitbucket.core.util.{Keys, UsersAuthenticator}
import gitbucket.core.util.Implicits._ import gitbucket.core.util.Implicits._
@@ -34,45 +35,63 @@ trait DashboardControllerBase extends ControllerBase {
with UsersAuthenticator => with UsersAuthenticator =>
get("/dashboard/repos")(usersOnly { get("/dashboard/repos")(usersOnly {
context.withLoginAccount { loginAccount =>
val repos = getVisibleRepositories( val repos = getVisibleRepositories(
context.loginAccount, context.loginAccount,
None, None,
withoutPhysicalInfo = true, withoutPhysicalInfo = true,
limit = context.settings.limitVisibleRepositories limit = context.settings.limitVisibleRepositories
) )
html.repos(getGroupNames(context.loginAccount.get.userName), repos, repos) html.repos(getGroupNames(loginAccount.userName), repos, repos)
}
}) })
get("/dashboard/issues")(usersOnly { get("/dashboard/issues")(usersOnly {
searchIssues("created_by") context.withLoginAccount { loginAccount =>
searchIssues(loginAccount, "created_by")
}
}) })
get("/dashboard/issues/assigned")(usersOnly { get("/dashboard/issues/assigned")(usersOnly {
searchIssues("assigned") context.withLoginAccount { loginAccount =>
searchIssues(loginAccount, "assigned")
}
}) })
get("/dashboard/issues/created_by")(usersOnly { get("/dashboard/issues/created_by")(usersOnly {
searchIssues("created_by") context.withLoginAccount { loginAccount =>
searchIssues(loginAccount, "created_by")
}
}) })
get("/dashboard/issues/mentioned")(usersOnly { get("/dashboard/issues/mentioned")(usersOnly {
searchIssues("mentioned") context.withLoginAccount { loginAccount =>
searchIssues(loginAccount, "mentioned")
}
}) })
get("/dashboard/pulls")(usersOnly { get("/dashboard/pulls")(usersOnly {
searchPullRequests("created_by") context.withLoginAccount { loginAccount =>
searchPullRequests(loginAccount, "created_by")
}
}) })
get("/dashboard/pulls/created_by")(usersOnly { get("/dashboard/pulls/created_by")(usersOnly {
searchPullRequests("created_by") context.withLoginAccount { loginAccount =>
searchPullRequests(loginAccount, "created_by")
}
}) })
get("/dashboard/pulls/assigned")(usersOnly { get("/dashboard/pulls/assigned")(usersOnly {
searchPullRequests("assigned") context.withLoginAccount { loginAccount =>
searchPullRequests(loginAccount, "assigned")
}
}) })
get("/dashboard/pulls/mentioned")(usersOnly { get("/dashboard/pulls/mentioned")(usersOnly {
searchPullRequests("mentioned") context.withLoginAccount { loginAccount =>
searchPullRequests(loginAccount, "mentioned")
}
}) })
private def getOrCreateCondition(key: String, filter: String, userName: String) = { private def getOrCreateCondition(key: String, filter: String, userName: String) = {
@@ -85,10 +104,10 @@ trait DashboardControllerBase extends ControllerBase {
} }
} }
private def searchIssues(filter: String) = { private def searchIssues(loginAccount: Account, filter: String) = {
import IssuesService._ import IssuesService._
val userName = context.loginAccount.get.userName val userName = loginAccount.userName
val condition = getOrCreateCondition(Keys.Session.DashboardIssues, filter, userName) val condition = getOrCreateCondition(Keys.Session.DashboardIssues, filter, userName)
val userRepos = getUserRepositories(userName, true).map(repo => repo.owner -> repo.name) val userRepos = getUserRepositories(userName, true).map(repo => repo.owner -> repo.name)
val page = IssueSearchCondition.page(request) val page = IssueSearchCondition.page(request)
@@ -115,11 +134,11 @@ trait DashboardControllerBase extends ControllerBase {
) )
} }
private def searchPullRequests(filter: String) = { private def searchPullRequests(loginAccount: Account, filter: String) = {
import IssuesService._ import IssuesService._
import PullRequestService._ import PullRequestService._
val userName = context.loginAccount.get.userName val userName = loginAccount.userName
val condition = getOrCreateCondition(Keys.Session.DashboardPulls, filter, userName) val condition = getOrCreateCondition(Keys.Session.DashboardPulls, filter, userName)
val allRepos = getAllRepositories(userName) val allRepos = getAllRepositories(userName)
val page = IssueSearchCondition.page(request) val page = IssueSearchCondition.page(request)

162
src/main/scala/gitbucket/core/controller/IssuesController.scala
View File

@@ -1,6 +1,7 @@
package gitbucket.core.controller package gitbucket.core.controller
import gitbucket.core.issues.html import gitbucket.core.issues.html
import gitbucket.core.model.Account
import gitbucket.core.service.IssuesService._ import gitbucket.core.service.IssuesService._
import gitbucket.core.service._ import gitbucket.core.service._
import gitbucket.core.util.SyntaxSugars._ import gitbucket.core.util.SyntaxSugars._
@@ -95,21 +96,20 @@ trait IssuesControllerBase extends ControllerBase {
}) })
get("/:owner/:repository/issues/:id")(referrersOnly { repository => get("/:owner/:repository/issues/:id")(referrersOnly { repository =>
defining(repository.owner, repository.name, params("id")) { val issueId = params("id")
case (owner, name, issueId) => getIssue(repository.owner, repository.name, issueId) map {
getIssue(owner, name, issueId) map {
issue => issue =>
if (issue.isPullRequest) { if (issue.isPullRequest) {
redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}") redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
} else { } else {
html.issue( html.issue(
issue, issue,
getComments(owner, name, issueId.toInt), getComments(repository.owner, repository.name, issueId.toInt),
getIssueLabels(owner, name, issueId.toInt), getIssueLabels(repository.owner, repository.name, issueId.toInt),
getAssignableUserNames(owner, name), getAssignableUserNames(repository.owner, repository.name),
getMilestonesWithIssueCount(owner, name), getMilestonesWithIssueCount(repository.owner, repository.name),
getPriorities(owner, name), getPriorities(repository.owner, repository.name),
getLabels(owner, name), getLabels(repository.owner, repository.name),
isIssueEditable(repository), isIssueEditable(repository),
isIssueManageable(repository), isIssueManageable(repository),
isIssueCommentManageable(repository), isIssueCommentManageable(repository),
@@ -117,28 +117,26 @@ trait IssuesControllerBase extends ControllerBase {
) )
} }
} getOrElse NotFound() } getOrElse NotFound()
}
}) })
get("/:owner/:repository/issues/new")(readableUsersOnly { repository => get("/:owner/:repository/issues/new")(readableUsersOnly { repository =>
if (isIssueEditable(repository)) { // TODO Should this check is provided by authenticator? if (isIssueEditable(repository)) { // TODO Should this check is provided by authenticator?
defining(repository.owner, repository.name) {
case (owner, name) =>
html.create( html.create(
getAssignableUserNames(owner, name), getAssignableUserNames(repository.owner, repository.name),
getMilestones(owner, name), getMilestones(repository.owner, repository.name),
getPriorities(owner, name), getPriorities(repository.owner, repository.name),
getDefaultPriority(owner, name), getDefaultPriority(repository.owner, repository.name),
getLabels(owner, name), getLabels(repository.owner, repository.name),
isIssueManageable(repository), isIssueManageable(repository),
getContentTemplate(repository, "ISSUE_TEMPLATE"), getContentTemplate(repository, "ISSUE_TEMPLATE"),
repository repository
) )
}
} else Unauthorized() } else Unauthorized()
}) })
post("/:owner/:repository/issues/new", issueCreateForm)(readableUsersOnly { (form, repository) => post("/:owner/:repository/issues/new", issueCreateForm)(readableUsersOnly { (form, repository) =>
context.withLoginAccount {
loginAccount =>
if (isIssueEditable(repository)) { // TODO Should this check is provided by authenticator? if (isIssueEditable(repository)) { // TODO Should this check is provided by authenticator?
val issue = createIssue( val issue = createIssue(
repository, repository,
@@ -148,59 +146,63 @@ trait IssuesControllerBase extends ControllerBase {
form.milestoneId, form.milestoneId,
form.priorityId, form.priorityId,
form.labelNames.toSeq.flatMap(_.split(",")), form.labelNames.toSeq.flatMap(_.split(",")),
context.loginAccount.get loginAccount
) )
redirect(s"/${issue.userName}/${issue.repositoryName}/issues/${issue.issueId}") redirect(s"/${issue.userName}/${issue.repositoryName}/issues/${issue.issueId}")
} else Unauthorized() } else Unauthorized()
}
}) })
ajaxPost("/:owner/:repository/issues/edit_title/:id", issueTitleEditForm)(readableUsersOnly { (title, repository) => ajaxPost("/:owner/:repository/issues/edit_title/:id", issueTitleEditForm)(readableUsersOnly { (title, repository) =>
defining(repository.owner, repository.name) { context.withLoginAccount {
case (owner, name) => loginAccount =>
getIssue(owner, name, params("id")).map { getIssue(repository.owner, repository.name, params("id")).map {
issue => issue =>
if (isEditableContent(owner, name, issue.openedUserName)) { if (isEditableContent(repository.owner, repository.name, issue.openedUserName, loginAccount)) {
if (issue.title != title) { if (issue.title != title) {
// update issue // update issue
updateIssue(owner, name, issue.issueId, title, issue.content) updateIssue(repository.owner, repository.name, issue.issueId, title, issue.content)
// extract references and create refer comment // extract references and create refer comment
createReferComment(owner, name, issue.copy(title = title), title, context.loginAccount.get) createReferComment(repository.owner, repository.name, issue.copy(title = title), title, loginAccount)
createComment( createComment(
owner, repository.owner,
name, repository.name,
context.loginAccount.get.userName, loginAccount.userName,
issue.issueId, issue.issueId,
issue.title + "\r\n" + title, issue.title + "\r\n" + title,
"change_title" "change_title"
) )
} }
redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}") redirect(s"/${repository.owner}/${repository.name}/issues/_data/${issue.issueId}")
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
} }
}) })
ajaxPost("/:owner/:repository/issues/edit/:id", issueEditForm)(readableUsersOnly { (content, repository) => ajaxPost("/:owner/:repository/issues/edit/:id", issueEditForm)(readableUsersOnly { (content, repository) =>
defining(repository.owner, repository.name) { context.withLoginAccount {
case (owner, name) => loginAccount =>
getIssue(owner, name, params("id")).map { issue => getIssue(repository.owner, repository.name, params("id")).map { issue =>
if (isEditableContent(owner, name, issue.openedUserName)) { if (isEditableContent(repository.owner, repository.name, issue.openedUserName, loginAccount)) {
// update issue // update issue
updateIssue(owner, name, issue.issueId, issue.title, content) updateIssue(repository.owner, repository.name, issue.issueId, issue.title, content)
// extract references and create refer comment // extract references and create refer comment
createReferComment(owner, name, issue, content.getOrElse(""), context.loginAccount.get) createReferComment(repository.owner, repository.name, issue, content.getOrElse(""), loginAccount)
redirect(s"/${owner}/${name}/issues/_data/${issue.issueId}") redirect(s"/${repository.owner}/${repository.name}/issues/_data/${issue.issueId}")
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
} }
}) })
post("/:owner/:repository/issue_comments/new", commentForm)(readableUsersOnly { (form, repository) => post("/:owner/:repository/issue_comments/new", commentForm)(readableUsersOnly { (form, repository) =>
context.withLoginAccount {
loginAccount =>
getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue => getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
val actionOpt = val actionOpt =
params.get("action").filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName)) params
.get("action")
.filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName, loginAccount))
handleComment(issue, Some(form.content), repository, actionOpt) map { handleComment(issue, Some(form.content), repository, actionOpt) map {
case (issue, id) => case (issue, id) =>
redirect( redirect(
@@ -208,12 +210,17 @@ trait IssuesControllerBase extends ControllerBase {
) )
} }
} getOrElse NotFound() } getOrElse NotFound()
}
}) })
post("/:owner/:repository/issue_comments/state", issueStateForm)(readableUsersOnly { (form, repository) => post("/:owner/:repository/issue_comments/state", issueStateForm)(readableUsersOnly { (form, repository) =>
context.withLoginAccount {
loginAccount =>
getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue => getIssue(repository.owner, repository.name, form.issueId.toString).flatMap { issue =>
val actionOpt = val actionOpt =
params.get("action").filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName)) params
.get("action")
.filter(_ => isEditableContent(issue.userName, issue.repositoryName, issue.openedUserName, loginAccount))
handleComment(issue, form.content, repository, actionOpt) map { handleComment(issue, form.content, repository, actionOpt) map {
case (issue, id) => case (issue, id) =>
redirect( redirect(
@@ -221,25 +228,25 @@ trait IssuesControllerBase extends ControllerBase {
) )
} }
} getOrElse NotFound() } getOrElse NotFound()
}
}) })
ajaxPost("/:owner/:repository/issue_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) => ajaxPost("/:owner/:repository/issue_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) =>
defining(repository.owner, repository.name) { context.withLoginAccount {
case (owner, name) => loginAccount =>
getComment(owner, name, params("id")).map { comment => getComment(repository.owner, repository.name, params("id")).map { comment =>
if (isEditableContent(owner, name, comment.commentedUserName)) { if (isEditableContent(repository.owner, repository.name, comment.commentedUserName, loginAccount)) {
updateComment(comment.issueId, comment.commentId, form.content) updateComment(comment.issueId, comment.commentId, form.content)
redirect(s"/${owner}/${name}/issue_comments/_data/${comment.commentId}") redirect(s"/${repository.owner}/${repository.name}/issue_comments/_data/${comment.commentId}")
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
} }
}) })
ajaxPost("/:owner/:repository/issue_comments/delete/:id")(readableUsersOnly { repository => ajaxPost("/:owner/:repository/issue_comments/delete/:id")(readableUsersOnly { repository =>
defining(repository.owner, repository.name) { context.withLoginAccount { loginAccount =>
case (owner, name) => getComment(repository.owner, repository.name, params("id")).map { comment =>
getComment(owner, name, params("id")).map { comment => if (isDeletableComment(repository.owner, repository.name, comment.commentedUserName, loginAccount)) {
if (isDeletableComment(owner, name, comment.commentedUserName)) {
Ok(deleteComment(repository.owner, repository.name, comment.issueId, comment.commentId)) Ok(deleteComment(repository.owner, repository.name, comment.issueId, comment.commentId))
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
@@ -247,9 +254,11 @@ trait IssuesControllerBase extends ControllerBase {
}) })
ajaxGet("/:owner/:repository/issues/_data/:id")(readableUsersOnly { repository => ajaxGet("/:owner/:repository/issues/_data/:id")(readableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
getIssue(repository.owner, repository.name, params("id")) map { getIssue(repository.owner, repository.name, params("id")) map {
x => x =>
if (isEditableContent(x.userName, x.repositoryName, x.openedUserName)) { if (isEditableContent(x.userName, x.repositoryName, x.openedUserName, loginAccount)) {
params.get("dataType") collect { params.get("dataType") collect {
case t if t == "html" => html.editissue(x.content, x.issueId, repository) case t if t == "html" => html.editissue(x.content, x.issueId, repository)
} getOrElse { } getOrElse {
@@ -273,12 +282,15 @@ trait IssuesControllerBase extends ControllerBase {
} }
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
}
}) })
ajaxGet("/:owner/:repository/issue_comments/_data/:id")(readableUsersOnly { repository => ajaxGet("/:owner/:repository/issue_comments/_data/:id")(readableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
getComment(repository.owner, repository.name, params("id")) map { getComment(repository.owner, repository.name, params("id")) map {
x => x =>
if (isEditableContent(x.userName, x.repositoryName, x.commentedUserName)) { if (isEditableContent(x.userName, x.repositoryName, x.commentedUserName, loginAccount)) {
params.get("dataType") collect { params.get("dataType") collect {
case t if t == "html" => html.editcomment(x.content, x.commentId, repository) case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
} getOrElse { } getOrElse {
@@ -301,6 +313,7 @@ trait IssuesControllerBase extends ControllerBase {
} }
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
}
}) })
ajaxPost("/:owner/:repository/issues/new/label")(writableUsersOnly { repository => ajaxPost("/:owner/:repository/issues/new/label")(writableUsersOnly { repository =>
@@ -353,8 +366,7 @@ trait IssuesControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/issues/batchedit/state")(writableUsersOnly { repository => post("/:owner/:repository/issues/batchedit/state")(writableUsersOnly { repository =>
defining(params.get("value")) { val action = params.get("value")
action =>
action match { action match {
case Some("open") => case Some("open") =>
executeBatch(repository) { issueId => executeBatch(repository) { issueId =>
@@ -362,17 +374,19 @@ trait IssuesControllerBase extends ControllerBase {
handleComment(issue, None, repository, Some("reopen")) handleComment(issue, None, repository, Some("reopen"))
} }
} }
if (params("uri").nonEmpty) {
redirect(params("uri"))
}
case Some("close") => case Some("close") =>
executeBatch(repository) { issueId => executeBatch(repository) { issueId =>
getIssue(repository.owner, repository.name, issueId.toString).foreach { issue => getIssue(repository.owner, repository.name, issueId.toString).foreach { issue =>
handleComment(issue, None, repository, Some("close")) handleComment(issue, None, repository, Some("close"))
} }
} }
case _ => BadRequest()
}
if (params("uri").nonEmpty) { if (params("uri").nonEmpty) {
redirect(params("uri")) redirect(params("uri"))
} }
case _ => BadRequest()
} }
}) })
@@ -390,30 +404,27 @@ trait IssuesControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/issues/batchedit/assign")(writableUsersOnly { repository => post("/:owner/:repository/issues/batchedit/assign")(writableUsersOnly { repository =>
defining(assignedUserName("value")) { value => val value = assignedUserName("value")
executeBatch(repository) { executeBatch(repository) {
updateAssignedUserName(repository.owner, repository.name, _, value, true) updateAssignedUserName(repository.owner, repository.name, _, value, true)
} }
if (params("uri").nonEmpty) { if (params("uri").nonEmpty) {
redirect(params("uri")) redirect(params("uri"))
} }
}
}) })
post("/:owner/:repository/issues/batchedit/milestone")(writableUsersOnly { repository => post("/:owner/:repository/issues/batchedit/milestone")(writableUsersOnly { repository =>
defining(milestoneId("value")) { value => val value = milestoneId("value")
executeBatch(repository) { executeBatch(repository) {
updateMilestoneId(repository.owner, repository.name, _, value, true) updateMilestoneId(repository.owner, repository.name, _, value, true)
} }
}
}) })
post("/:owner/:repository/issues/batchedit/priority")(writableUsersOnly { repository => post("/:owner/:repository/issues/batchedit/priority")(writableUsersOnly { repository =>
defining(priorityId("value")) { value => val value = priorityId("value")
executeBatch(repository) { executeBatch(repository) {
updatePriorityId(repository.owner, repository.name, _, value, true) updatePriorityId(repository.owner, repository.name, _, value, true)
} }
}
}) })
get("/:owner/:repository/_attached/:file")(referrersOnly { repository => get("/:owner/:repository/_attached/:file")(referrersOnly { repository =>
@@ -464,48 +475,51 @@ trait IssuesControllerBase extends ControllerBase {
} }
private def searchIssues(repository: RepositoryService.RepositoryInfo) = { private def searchIssues(repository: RepositoryService.RepositoryInfo) = {
defining(repository.owner, repository.name) {
case (owner, repoName) =>
val page = IssueSearchCondition.page(request) val page = IssueSearchCondition.page(request)
// retrieve search condition // retrieve search condition
val condition = IssueSearchCondition(request) val condition = IssueSearchCondition(request)
// search issues // search issues
val issues = val issues =
searchIssue(condition, IssueSearchOption.Issues, (page - 1) * IssueLimit, IssueLimit, owner -> repoName) searchIssue(
condition,
IssueSearchOption.Issues,
(page - 1) * IssueLimit,
IssueLimit,
repository.owner -> repository.name
)
html.list( html.list(
"issues", "issues",
issues.map(issue => (issue, None)), issues.map(issue => (issue, None)),
page, page,
getAssignableUserNames(owner, repoName), getAssignableUserNames(repository.owner, repository.name),
getMilestones(owner, repoName), getMilestones(repository.owner, repository.name),
getPriorities(owner, repoName), getPriorities(repository.owner, repository.name),
getLabels(owner, repoName), getLabels(repository.owner, repository.name),
countIssue(condition.copy(state = "open"), IssueSearchOption.Issues, owner -> repoName), countIssue(condition.copy(state = "open"), IssueSearchOption.Issues, repository.owner -> repository.name),
countIssue(condition.copy(state = "closed"), IssueSearchOption.Issues, owner -> repoName), countIssue(condition.copy(state = "closed"), IssueSearchOption.Issues, repository.owner -> repository.name),
condition, condition,
repository, repository,
isIssueEditable(repository), isIssueEditable(repository),
isIssueManageable(repository) isIssueManageable(repository)
) )
} }
}
/** /**
* Tests whether an issue or a comment is editable by a logged-in user. * Tests whether an issue or a comment is editable by a logged-in user.
*/ */
private def isEditableContent(owner: String, repository: String, author: String)( private def isEditableContent(owner: String, repository: String, author: String, loginAccount: Account)(
implicit context: Context implicit context: Context
): Boolean = { ): Boolean = {
hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName hasDeveloperRole(owner, repository, context.loginAccount) || author == loginAccount.userName
} }
/** /**
* Tests whether an issue comment is deletable by a logged-in user. * Tests whether an issue comment is deletable by a logged-in user.
*/ */
private def isDeletableComment(owner: String, repository: String, author: String)( private def isDeletableComment(owner: String, repository: String, author: String, loginAccount: Account)(
implicit context: Context implicit context: Context
): Boolean = { ): Boolean = {
hasOwnerRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName hasOwnerRole(owner, repository, context.loginAccount) || author == loginAccount.userName
} }
} }

116
src/main/scala/gitbucket/core/controller/PullRequestsController.scala
View File

@@ -8,7 +8,6 @@ import gitbucket.core.service.IssuesService._
import gitbucket.core.service.PullRequestService._ import gitbucket.core.service.PullRequestService._
import gitbucket.core.service.RepositoryService.RepositoryInfo import gitbucket.core.service.RepositoryService.RepositoryInfo
import gitbucket.core.service._ import gitbucket.core.service._
import gitbucket.core.util.SyntaxSugars._
import gitbucket.core.util.Directory._ import gitbucket.core.util.Directory._
import gitbucket.core.util.Implicits._ import gitbucket.core.util.Implicits._
import gitbucket.core.util._ import gitbucket.core.util._
@@ -111,24 +110,29 @@ trait PullRequestsControllerBase extends ControllerBase {
get("/:owner/:repository/pull/:id")(referrersOnly { repository => get("/:owner/:repository/pull/:id")(referrersOnly { repository =>
params("id").toIntOpt.flatMap { params("id").toIntOpt.flatMap {
issueId => issueId =>
val owner = repository.owner getPullRequest(repository.owner, repository.name, issueId) map {
val name = repository.name
getPullRequest(owner, name, issueId) map {
case (issue, pullreq) => case (issue, pullreq) =>
val (commits, diffs) = val (commits, diffs) =
getRequestCompareInfo(owner, name, pullreq.commitIdFrom, owner, name, pullreq.commitIdTo) getRequestCompareInfo(
repository.owner,
repository.name,
pullreq.commitIdFrom,
repository.owner,
repository.name,
pullreq.commitIdTo
)
html.conversation( html.conversation(
issue, issue,
pullreq, pullreq,
commits.flatten, commits.flatten,
getPullRequestComments(owner, name, issue.issueId, commits.flatten), getPullRequestComments(repository.owner, repository.name, issue.issueId, commits.flatten),
diffs.size, diffs.size,
getIssueLabels(owner, name, issueId), getIssueLabels(repository.owner, repository.name, issueId),
getAssignableUserNames(owner, name), getAssignableUserNames(repository.owner, repository.name),
getMilestonesWithIssueCount(owner, name), getMilestonesWithIssueCount(repository.owner, repository.name),
getPriorities(owner, name), getPriorities(repository.owner, repository.name),
getLabels(owner, name), getLabels(repository.owner, repository.name),
isEditable(repository), isEditable(repository),
isManageable(repository), isManageable(repository),
hasDeveloperRole(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount), hasDeveloperRole(pullreq.requestUserName, pullreq.requestRepositoryName, context.loginAccount),
@@ -162,12 +166,17 @@ trait PullRequestsControllerBase extends ControllerBase {
get("/:owner/:repository/pull/:id/commits")(referrersOnly { repository => get("/:owner/:repository/pull/:id/commits")(referrersOnly { repository =>
params("id").toIntOpt.flatMap { params("id").toIntOpt.flatMap {
issueId => issueId =>
val owner = repository.owner getPullRequest(repository.owner, repository.name, issueId) map {
val name = repository.name
getPullRequest(owner, name, issueId) map {
case (issue, pullreq) => case (issue, pullreq) =>
val (commits, diffs) = val (commits, diffs) =
getRequestCompareInfo(owner, name, pullreq.commitIdFrom, owner, name, pullreq.commitIdTo) getRequestCompareInfo(
repository.owner,
repository.name,
pullreq.commitIdFrom,
repository.owner,
repository.name,
pullreq.commitIdTo
)
val commitsWithStatus = commits.map { day => val commitsWithStatus = commits.map { day =>
day.map { commit => day.map { commit =>
@@ -179,7 +188,7 @@ trait PullRequestsControllerBase extends ControllerBase {
issue, issue,
pullreq, pullreq,
commitsWithStatus, commitsWithStatus,
getPullRequestComments(owner, name, issue.issueId, commits.flatten), getPullRequestComments(repository.owner, repository.name, issue.issueId, commits.flatten),
diffs.size, diffs.size,
isManageable(repository), isManageable(repository),
repository repository
@@ -191,19 +200,24 @@ trait PullRequestsControllerBase extends ControllerBase {
get("/:owner/:repository/pull/:id/files")(referrersOnly { repository => get("/:owner/:repository/pull/:id/files")(referrersOnly { repository =>
params("id").toIntOpt.flatMap { params("id").toIntOpt.flatMap {
issueId => issueId =>
val owner = repository.owner getPullRequest(repository.owner, repository.name, issueId) map {
val name = repository.name
getPullRequest(owner, name, issueId) map {
case (issue, pullreq) => case (issue, pullreq) =>
val (commits, diffs) = val (commits, diffs) =
getRequestCompareInfo(owner, name, pullreq.commitIdFrom, owner, name, pullreq.commitIdTo) getRequestCompareInfo(
repository.owner,
repository.name,
pullreq.commitIdFrom,
repository.owner,
repository.name,
pullreq.commitIdTo
)
html.files( html.files(
issue, issue,
pullreq, pullreq,
diffs, diffs,
commits.flatten, commits.flatten,
getPullRequestComments(owner, name, issue.issueId, commits.flatten), getPullRequestComments(repository.owner, repository.name, issue.issueId, commits.flatten),
isManageable(repository), isManageable(repository),
repository repository
) )
@@ -214,20 +228,20 @@ trait PullRequestsControllerBase extends ControllerBase {
ajaxGet("/:owner/:repository/pull/:id/mergeguide")(referrersOnly { repository => ajaxGet("/:owner/:repository/pull/:id/mergeguide")(referrersOnly { repository =>
params("id").toIntOpt.flatMap { params("id").toIntOpt.flatMap {
issueId => issueId =>
val owner = repository.owner getPullRequest(repository.owner, repository.name, issueId) map {
val name = repository.name
getPullRequest(owner, name, issueId) map {
case (issue, pullreq) => case (issue, pullreq) =>
val conflictMessage = LockUtil.lock(s"${owner}/${name}") { val conflictMessage = LockUtil.lock(s"${repository.owner}/${repository.name}") {
checkConflict(owner, name, pullreq.branch, issueId) checkConflict(repository.owner, repository.name, pullreq.branch, issueId)
} }
val hasMergePermission = hasDeveloperRole(owner, name, context.loginAccount) val hasMergePermission = hasDeveloperRole(repository.owner, repository.name, context.loginAccount)
val branchProtection = getProtectedBranchInfo(owner, name, pullreq.branch) val branchProtection = getProtectedBranchInfo(repository.owner, repository.name, pullreq.branch)
val mergeStatus = PullRequestService.MergeStatus( val mergeStatus = PullRequestService.MergeStatus(
conflictMessage = conflictMessage, conflictMessage = conflictMessage,
commitStatuses = getCommitStatuses(owner, name, pullreq.commitIdTo), commitStatuses = getCommitStatuses(repository.owner, repository.name, pullreq.commitIdTo),
branchProtection = branchProtection, branchProtection = branchProtection,
branchIsOutOfDate = JGitUtil.getShaByRef(owner, name, pullreq.branch) != Some(pullreq.commitIdFrom), branchIsOutOfDate = JGitUtil.getShaByRef(repository.owner, repository.name, pullreq.branch) != Some(
pullreq.commitIdFrom
),
needStatusCheck = context.loginAccount needStatusCheck = context.loginAccount
.map { u => .map { u =>
branchProtection.needStatusCheck(u.userName) branchProtection.needStatusCheck(u.userName)
@@ -363,23 +377,22 @@ trait PullRequestsControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/pull/:id/merge", mergeForm)(writableUsersOnly { (form, repository) => post("/:owner/:repository/pull/:id/merge", mergeForm)(writableUsersOnly { (form, repository) =>
context.withLoginAccount { loginAccount =>
params("id").toIntOpt.flatMap { issueId => params("id").toIntOpt.flatMap { issueId =>
val owner = repository.owner
val name = repository.name
mergePullRequest( mergePullRequest(
repository, repository,
issueId, issueId,
context.loginAccount.get, loginAccount,
form.message, form.message,
form.strategy, form.strategy,
form.isDraft, form.isDraft,
context.settings context.settings
) match { ) match {
case Right(objectId) => redirect(s"/${owner}/${name}/pull/${issueId}") case Right(objectId) => redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
case Left(message) => Some(BadRequest(message)) case Left(message) => Some(BadRequest(message))
} }
} getOrElse NotFound() } getOrElse NotFound()
}
}) })
get("/:owner/:repository/compare")(referrersOnly { forkedRepository => get("/:owner/:repository/compare")(referrersOnly { forkedRepository =>
@@ -549,15 +562,14 @@ trait PullRequestsControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/pulls/new", pullRequestForm)(readableUsersOnly { (form, repository) => post("/:owner/:repository/pulls/new", pullRequestForm)(readableUsersOnly { (form, repository) =>
defining(repository.owner, repository.name) { context.withLoginAccount {
case (owner, name) => loginAccount =>
val manageable = isManageable(repository) val manageable = isManageable(repository)
val loginUserName = context.loginAccount.get.userName
val issueId = insertIssue( val issueId = insertIssue(
owner = repository.owner, owner = repository.owner,
repository = repository.name, repository = repository.name,
loginUser = loginUserName, loginUser = loginAccount.userName,
title = form.title, title = form.title,
content = form.content, content = form.content,
assignedUserName = if (manageable) form.assignedUserName else None, assignedUserName = if (manageable) form.assignedUserName else None,
@@ -576,14 +588,14 @@ trait PullRequestsControllerBase extends ControllerBase {
commitIdFrom = form.commitIdFrom, commitIdFrom = form.commitIdFrom,
commitIdTo = form.commitIdTo, commitIdTo = form.commitIdTo,
isDraft = form.isDraft, isDraft = form.isDraft,
loginAccount = context.loginAccount.get, loginAccount = loginAccount,
settings = context.settings settings = context.settings
) )
// insert labels // insert labels
if (manageable) { if (manageable) {
form.labelNames.foreach { value => form.labelNames.foreach { value =>
val labels = getLabels(owner, name) val labels = getLabels(repository.owner, repository.name)
value.split(",").foreach { labelName => value.split(",").foreach { labelName =>
labels.find(_.labelName == labelName).map { label => labels.find(_.labelName == labelName).map { label =>
registerIssueLabel(repository.owner, repository.name, issueId, label.labelId) registerIssueLabel(repository.owner, repository.name, issueId, label.labelId)
@@ -592,7 +604,7 @@ trait PullRequestsControllerBase extends ControllerBase {
} }
} }
redirect(s"/${owner}/${name}/pull/${issueId}") redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
} }
}) })
@@ -639,9 +651,7 @@ trait PullRequestsControllerBase extends ControllerBase {
html.proposals(proposedBranches, targetRepository, repository) html.proposals(proposedBranches, targetRepository, repository)
}) })
private def searchPullRequests(userName: Option[String], repository: RepositoryService.RepositoryInfo) = private def searchPullRequests(userName: Option[String], repository: RepositoryService.RepositoryInfo) = {
defining(repository.owner, repository.name) {
case (owner, repoName) =>
val page = IssueSearchCondition.page(request) val page = IssueSearchCondition.page(request)
// retrieve search condition // retrieve search condition
val condition = IssueSearchCondition(request) val condition = IssueSearchCondition(request)
@@ -651,12 +661,12 @@ trait PullRequestsControllerBase extends ControllerBase {
IssueSearchOption.PullRequests, IssueSearchOption.PullRequests,
(page - 1) * PullRequestLimit, (page - 1) * PullRequestLimit,
PullRequestLimit, PullRequestLimit,
owner -> repoName repository.owner -> repository.name
) )
// commit status // commit status
val status = issues.map { issue => val status = issues.map { issue =>
issue.commitId.flatMap { commitId => issue.commitId.flatMap { commitId =>
getCommitStatusWithSummary(owner, repoName, commitId) getCommitStatusWithSummary(repository.owner, repository.name, commitId)
} }
} }
@@ -664,12 +674,12 @@ trait PullRequestsControllerBase extends ControllerBase {
"pulls", "pulls",
issues.zip(status), issues.zip(status),
page, page,
getAssignableUserNames(owner, repoName), getAssignableUserNames(repository.owner, repository.name),
getMilestones(owner, repoName), getMilestones(repository.owner, repository.name),
getPriorities(owner, repoName), getPriorities(repository.owner, repository.name),
getLabels(owner, repoName), getLabels(repository.owner, repository.name),
countIssue(condition.copy(state = "open"), IssueSearchOption.PullRequests, owner -> repoName), countIssue(condition.copy(state = "open"), IssueSearchOption.PullRequests, repository.owner -> repository.name),
countIssue(condition.copy(state = "closed"), IssueSearchOption.PullRequests, owner -> repoName), countIssue(condition.copy(state = "closed"), IssueSearchOption.PullRequests, repository.owner -> repository.name),
condition, condition,
repository, repository,
isEditable(repository), isEditable(repository),

15
src/main/scala/gitbucket/core/controller/ReleasesController.scala
View File

@@ -106,9 +106,9 @@ trait ReleaseControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/releases/:tag/create", releaseForm)(writableUsersOnly { (form, repository) => post("/:owner/:repository/releases/:tag/create", releaseForm)(writableUsersOnly { (form, repository) =>
context.withLoginAccount {
loginAccount =>
val tagName = params("tag") val tagName = params("tag")
val loginAccount = context.loginAccount.get
// Insert into RELEASE // Insert into RELEASE
createRelease(repository.owner, repository.name, form.name, form.content, tagName, loginAccount) createRelease(repository.owner, repository.name, form.name, form.content, tagName, loginAccount)
@@ -132,6 +132,7 @@ trait ReleaseControllerBase extends ControllerBase {
recordActivity(releaseInfo) recordActivity(releaseInfo)
redirect(s"/${repository.owner}/${repository.name}/releases/${tagName}") redirect(s"/${repository.owner}/${repository.name}/releases/${tagName}")
}
}) })
get("/:owner/:repository/changelog/*...*")(writableUsersOnly { repository => get("/:owner/:repository/changelog/*...*")(writableUsersOnly { repository =>
@@ -168,13 +169,14 @@ trait ReleaseControllerBase extends ControllerBase {
}).getOrElse(NotFound()) }).getOrElse(NotFound())
}) })
post("/:owner/:repository/releases/:tag/edit", releaseForm)(writableUsersOnly { post("/:owner/:repository/releases/:tag/edit", releaseForm)(writableUsersOnly { (form, repository) =>
(form, repository) => context.withLoginAccount {
loginAccount =>
val tagName = params("tag") val tagName = params("tag")
val loginAccount = context.loginAccount.get
getRelease(repository.owner, repository.name, tagName) getRelease(repository.owner, repository.name, tagName)
.map { release => .map {
release =>
// Update RELEASE // Update RELEASE
updateRelease(repository.owner, repository.name, tagName, form.name, form.content) updateRelease(repository.owner, repository.name, tagName, form.name, form.content)
@@ -210,6 +212,7 @@ trait ReleaseControllerBase extends ControllerBase {
redirect(s"/${release.userName}/${release.repositoryName}/releases/${tagName}") redirect(s"/${release.userName}/${release.repositoryName}/releases/${tagName}")
} }
.getOrElse(NotFound()) .getOrElse(NotFound())
}
}) })
post("/:owner/:repository/releases/:tag/delete")(writableUsersOnly { repository => post("/:owner/:repository/releases/:tag/delete")(writableUsersOnly { repository =>

18
src/main/scala/gitbucket/core/controller/RepositorySettingsController.scala
View File

@@ -385,7 +385,9 @@ trait RepositorySettingsControllerBase extends ControllerBase {
* Rename repository. * Rename repository.
*/ */
post("/:owner/:repository/settings/rename", renameForm)(ownerOnly { (form, repository) => post("/:owner/:repository/settings/rename", renameForm)(ownerOnly { (form, repository) =>
if (context.settings.repositoryOperation.rename || context.loginAccount.get.isAdmin) { context.withLoginAccount {
loginAccount =>
if (context.settings.repositoryOperation.rename || loginAccount.isAdmin) {
if (repository.name != form.repositoryName) { if (repository.name != form.repositoryName) {
// Update database and move git repository // Update database and move git repository
renameRepository(repository.owner, repository.name, repository.owner, form.repositoryName) renameRepository(repository.owner, repository.name, repository.owner, form.repositoryName)
@@ -393,20 +395,23 @@ trait RepositorySettingsControllerBase extends ControllerBase {
val renameInfo = RenameRepositoryInfo( val renameInfo = RenameRepositoryInfo(
repository.owner, repository.owner,
form.repositoryName, form.repositoryName,
context.loginAccount.get.userName, loginAccount.userName,
repository.name repository.name
) )
recordActivity(renameInfo) recordActivity(renameInfo)
} }
redirect(s"/${repository.owner}/${form.repositoryName}") redirect(s"/${repository.owner}/${form.repositoryName}")
} else Forbidden() } else Forbidden()
}
}) })
/** /**
* Transfer repository ownership. * Transfer repository ownership.
*/ */
post("/:owner/:repository/settings/transfer", transferForm)(ownerOnly { (form, repository) => post("/:owner/:repository/settings/transfer", transferForm)(ownerOnly { (form, repository) =>
if (context.settings.repositoryOperation.transfer || context.loginAccount.get.isAdmin) { context.withLoginAccount {
loginAccount =>
if (context.settings.repositoryOperation.transfer || loginAccount.isAdmin) {
// Change repository owner // Change repository owner
if (repository.owner != form.newOwner) { if (repository.owner != form.newOwner) {
// Update database and move git repository // Update database and move git repository
@@ -415,24 +420,27 @@ trait RepositorySettingsControllerBase extends ControllerBase {
val renameInfo = RenameRepositoryInfo( val renameInfo = RenameRepositoryInfo(
form.newOwner, form.newOwner,
repository.name, repository.name,
context.loginAccount.get.userName, loginAccount.userName,
repository.owner repository.owner
) )
recordActivity(renameInfo) recordActivity(renameInfo)
} }
redirect(s"/${form.newOwner}/${repository.name}") redirect(s"/${form.newOwner}/${repository.name}")
} else Forbidden() } else Forbidden()
}
}) })
/** /**
* Delete the repository. * Delete the repository.
*/ */
post("/:owner/:repository/settings/delete")(ownerOnly { repository => post("/:owner/:repository/settings/delete")(ownerOnly { repository =>
if (context.settings.repositoryOperation.delete || context.loginAccount.get.isAdmin) { context.withLoginAccount { loginAccount =>
if (context.settings.repositoryOperation.delete || loginAccount.isAdmin) {
// Delete the repository and related files // Delete the repository and related files
deleteRepository(repository.repository) deleteRepository(repository.repository)
redirect(s"/${repository.owner}") redirect(s"/${repository.owner}")
} else Forbidden() } else Forbidden()
}
}) })
/** /**

199
src/main/scala/gitbucket/core/controller/RepositoryViewerController.scala
View File

@@ -10,7 +10,6 @@ import gitbucket.core.service._
import gitbucket.core.service.RepositoryCommitFileService.CommitFile import gitbucket.core.service.RepositoryCommitFileService.CommitFile
import gitbucket.core.util._ import gitbucket.core.util._
import gitbucket.core.util.StringUtil._ import gitbucket.core.util.StringUtil._
import gitbucket.core.util.SyntaxSugars._
import gitbucket.core.util.Implicits._ import gitbucket.core.util.Implicits._
import gitbucket.core.util.Directory._ import gitbucket.core.util.Directory._
import gitbucket.core.model.{Account, WebHook} import gitbucket.core.model.{Account, WebHook}
@@ -221,10 +220,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
gitbucket.core.repo.html.creating(owner, repository) gitbucket.core.repo.html.creating(owner, repository)
} else { } else {
params.get("go-get") match { params.get("go-get") match {
case Some("1") => case Some("1") => getRepository(owner, repository).map(gitbucket.core.html.goget(_)) getOrElse NotFound()
defining(request.paths) { paths =>
getRepository(owner, repository).map(gitbucket.core.html.goget(_)) getOrElse NotFound()
}
case _ => referrersOnly(fileList(_)) case _ => referrersOnly(fileList(_))
} }
} }
@@ -306,9 +302,11 @@ trait RepositoryViewerControllerBase extends ControllerBase {
}) })
get("/:owner/:repository/new/*")(writableUsersOnly { repository => get("/:owner/:repository/new/*")(writableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
val (branch, path) = repository.splitPath(multiParams("splat").head) val (branch, path) = repository.splitPath(multiParams("splat").head)
val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch) val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch)
.needStatusCheck(context.loginAccount.get.userName) .needStatusCheck(loginAccount.userName)
Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git => Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch)) val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))
@@ -323,12 +321,15 @@ trait RepositoryViewerControllerBase extends ControllerBase {
commit = revCommit.getName commit = revCommit.getName
) )
} }
}
}) })
get("/:owner/:repository/upload/*")(writableUsersOnly { repository => get("/:owner/:repository/upload/*")(writableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
val (branch, path) = repository.splitPath(multiParams("splat").head) val (branch, path) = repository.splitPath(multiParams("splat").head)
val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch) val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch)
.needStatusCheck(context.loginAccount.get.userName) .needStatusCheck(loginAccount.userName)
Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git => Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch)) val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))
html.upload( html.upload(
@@ -339,41 +340,61 @@ trait RepositoryViewerControllerBase extends ControllerBase {
revCommit.name revCommit.name
) )
} }
}
}) })
post("/:owner/:repository/upload", uploadForm)(writableUsersOnly { (form, repository) => post("/:owner/:repository/upload", uploadForm)(writableUsersOnly { (form, repository) =>
val files = form.uploadFiles.split("\n").map { line => context.withLoginAccount {
loginAccount =>
val files = form.uploadFiles
.split("\n")
.map { line =>
val i = line.indexOf(':') val i = line.indexOf(':')
CommitFile(line.substring(0, i).trim, line.substring(i + 1).trim) CommitFile(line.substring(0, i).trim, line.substring(i + 1).trim)
} }
.toSeq
val newFiles = files.map { file => val newFiles = files.map { file =>
file.copy(name = if (form.path.length == 0) file.name else s"${form.path}/${file.name}") file.copy(name = if (form.path.length == 0) file.name else s"${form.path}/${file.name}")
} }.toSeq
if (form.newBranch) { if (form.newBranch) {
val newBranchName = createNewBranchForPullRequest(repository, form.branch) val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
val objectId = _commit(newBranchName) val objectId = _commit(newBranchName, files, newFiles, loginAccount)
val issueId = val issueId =
createIssueAndPullRequest(repository, form.branch, newBranchName, form.commit, objectId.name, form.message) createIssueAndPullRequest(
repository,
form.branch,
newBranchName,
form.commit,
objectId.name,
form.message,
loginAccount
)
redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}") redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
} else { } else {
_commit(form.branch) _commit(form.branch, files, newFiles, loginAccount)
if (form.path.length == 0) { if (form.path.length == 0) {
redirect(s"/${repository.owner}/${repository.name}/tree/${form.branch}") redirect(s"/${repository.owner}/${repository.name}/tree/${form.branch}")
} else { } else {
redirect(s"/${repository.owner}/${repository.name}/tree/${form.branch}/${form.path}") redirect(s"/${repository.owner}/${repository.name}/tree/${form.branch}/${form.path}")
} }
} }
}
def _commit(branchName: String): ObjectId = { def _commit(
branchName: String,
files: Seq[CommitFile],
newFiles: Seq[CommitFile],
loginAccount: Account
): ObjectId = {
commitFiles( commitFiles(
repository = repository, repository = repository,
branch = branchName, branch = branchName,
path = form.path, path = form.path,
files = files.toIndexedSeq, files = files.toIndexedSeq,
message = form.message.getOrElse("Add files via upload"), message = form.message.getOrElse("Add files via upload"),
loginAccount = context.loginAccount.get, loginAccount = loginAccount,
settings = context.settings settings = context.settings
) { ) {
case (git, headTip, builder, inserter) => case (git, headTip, builder, inserter) =>
@@ -396,15 +417,18 @@ trait RepositoryViewerControllerBase extends ControllerBase {
}) })
get("/:owner/:repository/edit/*")(writableUsersOnly { repository => get("/:owner/:repository/edit/*")(writableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
val (branch, path) = repository.splitPath(multiParams("splat").head) val (branch, path) = repository.splitPath(multiParams("splat").head)
val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch) val protectedBranch = getProtectedBranchInfo(repository.owner, repository.name, branch)
.needStatusCheck(context.loginAccount.get.userName) .needStatusCheck(loginAccount.userName)
Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) {
git => git =>
val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch)) val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(branch))
getPathObjectId(git, path, revCommit).map { getPathObjectId(git, path, revCommit)
.map {
objectId => objectId =>
val paths = path.split("/") val paths = path.split("/")
val info = EditorConfigUtil.getEditorConfigInfo(git, branch, path) val info = EditorConfigUtil.getEditorConfigInfo(git, branch, path)
@@ -423,6 +447,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
) )
} getOrElse NotFound() } getOrElse NotFound()
} }
}
}) })
get("/:owner/:repository/remove/*")(writableUsersOnly { repository => get("/:owner/:repository/remove/*")(writableUsersOnly { repository =>
@@ -446,21 +471,32 @@ trait RepositoryViewerControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/create", editorForm)(writableUsersOnly { (form, repository) => post("/:owner/:repository/create", editorForm)(writableUsersOnly { (form, repository) =>
context.withLoginAccount {
loginAccount =>
if (form.newBranch) { if (form.newBranch) {
val newBranchName = createNewBranchForPullRequest(repository, form.branch) val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
val objectId = _commit(newBranchName) val objectId = _commit(newBranchName, loginAccount)
val issueId = val issueId =
createIssueAndPullRequest(repository, form.branch, newBranchName, form.commit, objectId.name, form.message) createIssueAndPullRequest(
repository,
form.branch,
newBranchName,
form.commit,
objectId.name,
form.message,
loginAccount
)
redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}") redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
} else { } else {
_commit(form.branch) _commit(form.branch, loginAccount)
redirect( redirect(
s"/${repository.owner}/${repository.name}/blob/${form.branch}/${if (form.path.length == 0) urlEncode(form.newFileName) s"/${repository.owner}/${repository.name}/blob/${form.branch}/${if (form.path.length == 0) urlEncode(form.newFileName)
else s"${form.path}/${urlEncode(form.newFileName)}"}" else s"${form.path}/${urlEncode(form.newFileName)}"}"
) )
} }
}
def _commit(branchName: String): ObjectId = { def _commit(branchName: String, loginAccount: Account): ObjectId = {
commitFile( commitFile(
repository = repository, repository = repository,
branch = branchName, branch = branchName,
@@ -471,28 +507,39 @@ trait RepositoryViewerControllerBase extends ControllerBase {
charset = form.charset, charset = form.charset,
message = form.message.getOrElse(s"Create ${form.newFileName}"), message = form.message.getOrElse(s"Create ${form.newFileName}"),
commit = form.commit, commit = form.commit,
loginAccount = context.loginAccount.get, loginAccount = loginAccount,
settings = context.settings settings = context.settings
) )
} }
}) })
post("/:owner/:repository/update", editorForm)(writableUsersOnly { (form, repository) => post("/:owner/:repository/update", editorForm)(writableUsersOnly { (form, repository) =>
context.withLoginAccount {
loginAccount =>
if (form.newBranch) { if (form.newBranch) {
val newBranchName = createNewBranchForPullRequest(repository, form.branch) val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
val objectId = _commit(newBranchName) val objectId = _commit(newBranchName, loginAccount)
val issueId = val issueId =
createIssueAndPullRequest(repository, form.branch, newBranchName, form.commit, objectId.name, form.message) createIssueAndPullRequest(
repository,
form.branch,
newBranchName,
form.commit,
objectId.name,
form.message,
loginAccount
)
redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}") redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
} else { } else {
_commit(form.branch) _commit(form.branch, loginAccount)
redirect( redirect(
s"/${repository.owner}/${repository.name}/blob/${urlEncode(form.branch)}/${if (form.path.length == 0) urlEncode(form.newFileName) s"/${repository.owner}/${repository.name}/blob/${urlEncode(form.branch)}/${if (form.path.length == 0) urlEncode(form.newFileName)
else s"${form.path}/${urlEncode(form.newFileName)}"}" else s"${form.path}/${urlEncode(form.newFileName)}"}"
) )
} }
}
def _commit(branchName: String): ObjectId = { def _commit(branchName: String, loginAccount: Account): ObjectId = {
commitFile( commitFile(
repository = repository, repository = repository,
branch = branchName, branch = branchName,
@@ -507,28 +554,39 @@ trait RepositoryViewerControllerBase extends ControllerBase {
form.message.getOrElse(s"Rename ${form.oldFileName.get} to ${form.newFileName}") form.message.getOrElse(s"Rename ${form.oldFileName.get} to ${form.newFileName}")
}, },
commit = form.commit, commit = form.commit,
loginAccount = context.loginAccount.get, loginAccount = loginAccount,
settings = context.settings settings = context.settings
) )
} }
}) })
post("/:owner/:repository/remove", deleteForm)(writableUsersOnly { (form, repository) => post("/:owner/:repository/remove", deleteForm)(writableUsersOnly { (form, repository) =>
context.withLoginAccount {
loginAccount =>
if (form.newBranch) { if (form.newBranch) {
val newBranchName = createNewBranchForPullRequest(repository, form.branch) val newBranchName = createNewBranchForPullRequest(repository, form.branch, loginAccount)
val objectId = _commit(newBranchName) val objectId = _commit(newBranchName, loginAccount)
val issueId = val issueId =
createIssueAndPullRequest(repository, form.branch, newBranchName, form.commit, objectId.name, form.message) createIssueAndPullRequest(
repository,
form.branch,
newBranchName,
form.commit,
objectId.name,
form.message,
loginAccount
)
redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}") redirect(s"/${repository.owner}/${repository.name}/pull/${issueId}")
} else { } else {
_commit(form.branch) _commit(form.branch, loginAccount)
redirect( redirect(
s"/${repository.owner}/${repository.name}/tree/${form.branch}${if (form.path.length == 0) "" s"/${repository.owner}/${repository.name}/tree/${form.branch}${if (form.path.length == 0) ""
else "/" + form.path}" else "/" + form.path}"
) )
} }
}
def _commit(branchName: String): ObjectId = { def _commit(branchName: String, loginAccount: Account): ObjectId = {
commitFile( commitFile(
repository = repository, repository = repository,
branch = branchName, branch = branchName,
@@ -539,23 +597,27 @@ trait RepositoryViewerControllerBase extends ControllerBase {
charset = "", charset = "",
message = form.message.getOrElse(s"Delete ${form.fileName}"), message = form.message.getOrElse(s"Delete ${form.fileName}"),
commit = form.commit, commit = form.commit,
loginAccount = context.loginAccount.get, loginAccount = loginAccount,
settings = context.settings settings = context.settings
) )
} }
}) })
private def getNewBranchName(repository: RepositoryInfo): String = { private def getNewBranchName(repository: RepositoryInfo, loginAccount: Account): String = {
var i = 1 var i = 1
val branchNamePrefix = cutTail(context.loginAccount.get.userName.replaceAll("[^a-zA-Z0-9-_]", "-"), 25) val branchNamePrefix = cutTail(loginAccount.userName.replaceAll("[^a-zA-Z0-9-_]", "-"), 25)
while (repository.branchList.exists(p => p.contains(s"$branchNamePrefix-patch-$i"))) { while (repository.branchList.exists(p => p.contains(s"$branchNamePrefix-patch-$i"))) {
i += 1 i += 1
} }
s"$branchNamePrefix-patch-$i" s"$branchNamePrefix-patch-$i"
} }
private def createNewBranchForPullRequest(repository: RepositoryInfo, baseBranchName: String): String = { private def createNewBranchForPullRequest(
val newBranchName = getNewBranchName(repository) repository: RepositoryInfo,
baseBranchName: String,
loginAccount: Account
): String = {
val newBranchName = getNewBranchName(repository, loginAccount)
Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git => Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
JGitUtil.createBranch(git, baseBranchName, newBranchName) JGitUtil.createBranch(git, baseBranchName, newBranchName)
} }
@@ -563,7 +625,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
val settings = loadSystemSettings() val settings = loadSystemSettings()
callWebHookOf(repository.owner, repository.name, WebHook.Create, settings) { callWebHookOf(repository.owner, repository.name, WebHook.Create, settings) {
for { for {
sender <- context.loginAccount sender <- Some(loginAccount)
owner <- getAccountByUserName(repository.owner) owner <- getAccountByUserName(repository.owner)
} yield { } yield {
WebHookCreatePayload( WebHookCreatePayload(
@@ -584,12 +646,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
requestBranch: String, requestBranch: String,
commitIdFrom: String, commitIdFrom: String,
commitIdTo: String, commitIdTo: String,
commitMessage: Option[String] commitMessage: Option[String],
loginAccount: Account
): Int = { ): Int = {
val issueId = insertIssue( val issueId = insertIssue(
owner = repository.owner, owner = repository.owner,
repository = repository.name, repository = repository.name,
loginUser = context.loginAccount.get.userName, loginUser = loginAccount.userName,
title = requestBranch, title = requestBranch,
content = commitMessage, content = commitMessage,
assignedUserName = None, assignedUserName = None,
@@ -607,7 +670,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
commitIdFrom = commitIdFrom, commitIdFrom = commitIdFrom,
commitIdTo = commitIdTo, commitIdTo = commitIdTo,
isDraft = false, isDraft = false,
loginAccount = context.loginAccount.get, loginAccount = loginAccount,
settings = context.settings settings = context.settings
) )
issueId issueId
@@ -720,8 +783,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
try { try {
Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) {
git => git =>
defining(JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))) { val revCommit = JGitUtil.getRevCommitFromId(git, git.getRepository.resolve(id))
revCommit =>
val diffs = JGitUtil.getDiffs(git, None, id, true, false) val diffs = JGitUtil.getDiffs(git, None, id, true, false)
val oldCommitId = JGitUtil.getParentCommitId(git, id) val oldCommitId = JGitUtil.getParentCommitId(git, id)
@@ -740,7 +802,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
flash.get("error") flash.get("error")
) )
} }
}
} catch { } catch {
case e: MissingObjectException => NotFound() case e: MissingObjectException => NotFound()
} }
@@ -772,11 +833,12 @@ trait RepositoryViewerControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/commit/:id/comment/new", commentForm)(readableUsersOnly { (form, repository) => post("/:owner/:repository/commit/:id/comment/new", commentForm)(readableUsersOnly { (form, repository) =>
context.withLoginAccount { loginAccount =>
val id = params("id") val id = params("id")
createCommitComment( createCommitComment(
repository, repository,
id, id,
context.loginAccount.get, loginAccount,
form.content, form.content,
form.fileName, form.fileName,
form.oldLineNumber, form.oldLineNumber,
@@ -786,6 +848,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
) )
redirect(s"/${repository.owner}/${repository.name}/commit/${id}") redirect(s"/${repository.owner}/${repository.name}/commit/${id}")
}
}) })
ajaxGet("/:owner/:repository/commit/:id/comment/_form")(readableUsersOnly { repository => ajaxGet("/:owner/:repository/commit/:id/comment/_form")(readableUsersOnly { repository =>
@@ -807,11 +870,13 @@ trait RepositoryViewerControllerBase extends ControllerBase {
}) })
ajaxPost("/:owner/:repository/commit/:id/comment/_data/new", commentForm)(readableUsersOnly { (form, repository) => ajaxPost("/:owner/:repository/commit/:id/comment/_data/new", commentForm)(readableUsersOnly { (form, repository) =>
context.withLoginAccount {
loginAccount =>
val id = params("id") val id = params("id")
val commentId = createCommitComment( val commentId = createCommitComment(
repository, repository,
id, id,
context.loginAccount.get, loginAccount,
form.content, form.content,
form.fileName, form.fileName,
form.oldLineNumber, form.oldLineNumber,
@@ -823,12 +888,15 @@ trait RepositoryViewerControllerBase extends ControllerBase {
val comment = getCommitComment(repository.owner, repository.name, commentId.toString).get val comment = getCommitComment(repository.owner, repository.name, commentId.toString).get
helper.html helper.html
.commitcomment(comment, hasDeveloperRole(repository.owner, repository.name, context.loginAccount), repository) .commitcomment(comment, hasDeveloperRole(repository.owner, repository.name, context.loginAccount), repository)
}
}) })
ajaxGet("/:owner/:repository/commit_comments/_data/:id")(readableUsersOnly { repository => ajaxGet("/:owner/:repository/commit_comments/_data/:id")(readableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
getCommitComment(repository.owner, repository.name, params("id")) map { getCommitComment(repository.owner, repository.name, params("id")) map {
x => x =>
if (isEditable(x.userName, x.repositoryName, x.commentedUserName)) { if (isEditable(x.userName, x.repositoryName, x.commentedUserName, loginAccount)) {
params.get("dataType") collect { params.get("dataType") collect {
case t if t == "html" => html.editcomment(x.content, x.commentId, repository) case t if t == "html" => html.editcomment(x.content, x.commentId, repository)
} getOrElse { } getOrElse {
@@ -851,25 +919,25 @@ trait RepositoryViewerControllerBase extends ControllerBase {
} }
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
}
}) })
ajaxPost("/:owner/:repository/commit_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) => ajaxPost("/:owner/:repository/commit_comments/edit/:id", commentForm)(readableUsersOnly { (form, repository) =>
defining(repository.owner, repository.name) { context.withLoginAccount {
case (owner, name) => loginAccount =>
getCommitComment(owner, name, params("id")).map { comment => getCommitComment(repository.owner, repository.name, params("id")).map { comment =>
if (isEditable(owner, name, comment.commentedUserName)) { if (isEditable(repository.owner, repository.name, comment.commentedUserName, loginAccount)) {
updateCommitComment(comment.commentId, form.content) updateCommitComment(comment.commentId, form.content)
redirect(s"/${owner}/${name}/commit_comments/_data/${comment.commentId}") redirect(s"/${repository.owner}/${repository.name}/commit_comments/_data/${comment.commentId}")
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
} }
}) })
ajaxPost("/:owner/:repository/commit_comments/delete/:id")(readableUsersOnly { repository => ajaxPost("/:owner/:repository/commit_comments/delete/:id")(readableUsersOnly { repository =>
defining(repository.owner, repository.name) { context.withLoginAccount { loginAccount =>
case (owner, name) => getCommitComment(repository.owner, repository.name, params("id")).map { comment =>
getCommitComment(owner, name, params("id")).map { comment => if (isEditable(repository.owner, repository.name, comment.commentedUserName, loginAccount)) {
if (isEditable(owner, name, comment.commentedUserName)) {
Ok(deleteCommitComment(comment.commentId)) Ok(deleteCommitComment(comment.commentId))
} else Unauthorized() } else Unauthorized()
} getOrElse NotFound() } getOrElse NotFound()
@@ -995,16 +1063,19 @@ trait RepositoryViewerControllerBase extends ControllerBase {
* Deletes branch. * Deletes branch.
*/ */
get("/:owner/:repository/delete/*")(writableUsersOnly { repository => get("/:owner/:repository/delete/*")(writableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
val branchName = multiParams("splat").head val branchName = multiParams("splat").head
val userName = context.loginAccount.get.userName
if (repository.repository.defaultBranch != branchName) { if (repository.repository.defaultBranch != branchName) {
Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git => Using.resource(Git.open(getRepositoryDir(repository.owner, repository.name))) { git =>
git.branchDelete().setForce(true).setBranchNames(branchName).call() git.branchDelete().setForce(true).setBranchNames(branchName).call()
val deleteBranchInfo = DeleteBranchInfo(repository.owner, repository.name, userName, branchName) val deleteBranchInfo =
DeleteBranchInfo(repository.owner, repository.name, loginAccount.userName, branchName)
recordActivity(deleteBranchInfo) recordActivity(deleteBranchInfo)
} }
} }
redirect(s"/${repository.owner}/${repository.name}/branches") redirect(s"/${repository.owner}/${repository.name}/branches")
}
}) })
/** /**
@@ -1090,7 +1161,7 @@ trait RepositoryViewerControllerBase extends ControllerBase {
// get specified commit // get specified commit
JGitUtil.getDefaultBranch(git, repository, revstr).map { JGitUtil.getDefaultBranch(git, repository, revstr).map {
case (objectId, revision) => case (objectId, revision) =>
defining(JGitUtil.getRevCommitFromId(git, objectId)) { revCommit => val revCommit = JGitUtil.getRevCommitFromId(git, objectId)
val lastModifiedCommit = val lastModifiedCommit =
if (path == ".") revCommit else JGitUtil.getLastModifiedCommit(git, revCommit, path) if (path == ".") revCommit else JGitUtil.getLastModifiedCommit(git, revCommit, path)
val commitCount = JGitUtil.getCommitCount(git, lastModifiedCommit.getName) val commitCount = JGitUtil.getCommitCount(git, lastModifiedCommit.getName)
@@ -1137,7 +1208,6 @@ trait RepositoryViewerControllerBase extends ControllerBase {
flash.get("info"), flash.get("info"),
flash.get("error") flash.get("error")
) )
}
} getOrElse NotFound() } getOrElse NotFound()
} }
} }
@@ -1257,8 +1327,9 @@ trait RepositoryViewerControllerBase extends ControllerBase {
} }
} }
private def isEditable(owner: String, repository: String, author: String)(implicit context: Context): Boolean = private def isEditable(owner: String, repository: String, author: String, loginAccount: Account): Boolean = {
hasDeveloperRole(owner, repository, context.loginAccount) || author == context.loginAccount.get.userName hasDeveloperRole(owner, repository, Some(loginAccount)) || author == loginAccount.userName
}
private def conflict: Constraint = new Constraint() { private def conflict: Constraint = new Constraint() {
override def validate(name: String, value: String, messages: Messages): Option[String] = { override def validate(name: String, value: String, messages: Messages): Option[String] = {

24
src/main/scala/gitbucket/core/controller/SystemSettingsController.scala
View File

@@ -9,7 +9,6 @@ import gitbucket.core.service.{AccountService, RepositoryService}
import gitbucket.core.ssh.SshServer import gitbucket.core.ssh.SshServer
import gitbucket.core.util.Implicits._ import gitbucket.core.util.Implicits._
import gitbucket.core.util.StringUtil._ import gitbucket.core.util.StringUtil._
import gitbucket.core.util.SyntaxSugars._
import gitbucket.core.util.{AdminAuthenticator, Mailer} import gitbucket.core.util.{AdminAuthenticator, Mailer}
import org.apache.commons.io.IOUtils import org.apache.commons.io.IOUtils
import org.apache.commons.mail.EmailException import org.apache.commons.mail.EmailException
@@ -463,15 +462,13 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
}) })
get("/admin/users/:groupName/_editgroup")(adminOnly { get("/admin/users/:groupName/_editgroup")(adminOnly {
defining(params("groupName")) { groupName => val groupName = params("groupName")
html.usergroup(getAccountByUserName(groupName, true), getGroupMembers(groupName)) html.usergroup(getAccountByUserName(groupName, true), getGroupMembers(groupName))
}
}) })
post("/admin/users/:groupName/_editgroup", editGroupForm)(adminOnly { form => post("/admin/users/:groupName/_editgroup", editGroupForm)(adminOnly { form =>
defining( val groupName = params("groupName")
params("groupName"), val members = form.members
form.members
.split(",") .split(",")
.map { .map {
_.split(":") match { _.split(":") match {
@@ -479,8 +476,7 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
} }
} }
.toList .toList
) {
case (groupName, members) =>
getAccountByUserName(groupName, true).map { getAccountByUserName(groupName, true).map {
account => account =>
updateGroup(groupName, form.description, form.url, form.isRemoved) updateGroup(groupName, form.description, form.url, form.isRemoved)
@@ -511,7 +507,6 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
redirect("/admin/users") redirect("/admin/users")
} getOrElse NotFound() } getOrElse NotFound()
}
}) })
get("/admin/data")(adminOnly { get("/admin/data")(adminOnly {
@@ -559,12 +554,11 @@ trait SystemSettingsControllerBase extends AccountManagementControllerBase {
protected def disableByNotYourself(paramName: String): Constraint = protected def disableByNotYourself(paramName: String): Constraint =
new Constraint() { new Constraint() {
override def validate(name: String, value: String, messages: Messages): Option[String] = { override def validate(name: String, value: String, messages: Messages): Option[String] = {
params.get(paramName).flatMap { userName => for {
if (userName == context.loginAccount.get.userName && params.get("removed") == Some("true")) userName <- params.get(paramName)
Some("You can't disable your account yourself") loginAccount <- context.loginAccount
else if userName == loginAccount.userName && params.get("removed") == Some("true")
None } yield "You can't disable your account yourself"
}
} }
} }

29
src/main/scala/gitbucket/core/controller/WikiController.scala
View File

@@ -136,11 +136,13 @@ trait WikiControllerBase extends ControllerBase {
}) })
get("/:owner/:repository/wiki/:page/_revert/:commitId")(readableUsersOnly { repository => get("/:owner/:repository/wiki/:page/_revert/:commitId")(readableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
if (isEditable(repository)) { if (isEditable(repository)) {
val pageName = StringUtil.urlDecode(params("page")) val pageName = StringUtil.urlDecode(params("page"))
val Array(from, to) = params("commitId").split("\\.\\.\\.") val Array(from, to) = params("commitId").split("\\.\\.\\.")
if (revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, Some(pageName))) { if (revertWikiPage(repository.owner, repository.name, from, to, loginAccount, Some(pageName))) {
redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}") redirect(s"/${repository.owner}/${repository.name}/wiki/${StringUtil.urlEncode(pageName)}")
} else { } else {
flash.update("info", "This patch was not able to be reversed.") flash.update("info", "This patch was not able to be reversed.")
@@ -149,19 +151,23 @@ trait WikiControllerBase extends ControllerBase {
) )
} }
} else Unauthorized() } else Unauthorized()
}
}) })
get("/:owner/:repository/wiki/_revert/:commitId")(readableUsersOnly { repository => get("/:owner/:repository/wiki/_revert/:commitId")(readableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
if (isEditable(repository)) { if (isEditable(repository)) {
val Array(from, to) = params("commitId").split("\\.\\.\\.") val Array(from, to) = params("commitId").split("\\.\\.\\.")
if (revertWikiPage(repository.owner, repository.name, from, to, context.loginAccount.get, None)) { if (revertWikiPage(repository.owner, repository.name, from, to, loginAccount, None)) {
redirect(s"/${repository.owner}/${repository.name}/wiki") redirect(s"/${repository.owner}/${repository.name}/wiki")
} else { } else {
flash.update("info", "This patch was not able to be reversed.") flash.update("info", "This patch was not able to be reversed.")
redirect(s"/${repository.owner}/${repository.name}/wiki/_compare/${from}...${to}") redirect(s"/${repository.owner}/${repository.name}/wiki/_compare/${from}...${to}")
} }
} else Unauthorized() } else Unauthorized()
}
}) })
get("/:owner/:repository/wiki/:page/_edit")(readableUsersOnly { repository => get("/:owner/:repository/wiki/:page/_edit")(readableUsersOnly { repository =>
@@ -172,9 +178,9 @@ trait WikiControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/wiki/_edit", editForm)(readableUsersOnly { (form, repository) => post("/:owner/:repository/wiki/_edit", editForm)(readableUsersOnly { (form, repository) =>
if (isEditable(repository)) { context.withLoginAccount {
defining(context.loginAccount.get) {
loginAccount => loginAccount =>
if (isEditable(repository)) {
saveWikiPage( saveWikiPage(
repository.owner, repository.owner,
repository.name, repository.name,
@@ -201,8 +207,8 @@ trait WikiControllerBase extends ControllerBase {
} else { } else {
redirect(s"/${repository.owner}/${repository.name}/wiki") redirect(s"/${repository.owner}/${repository.name}/wiki")
} }
}
} else Unauthorized() } else Unauthorized()
}
}) })
get("/:owner/:repository/wiki/_new")(readableUsersOnly { repository => get("/:owner/:repository/wiki/_new")(readableUsersOnly { repository =>
@@ -212,9 +218,9 @@ trait WikiControllerBase extends ControllerBase {
}) })
post("/:owner/:repository/wiki/_new", newForm)(readableUsersOnly { (form, repository) => post("/:owner/:repository/wiki/_new", newForm)(readableUsersOnly { (form, repository) =>
if (isEditable(repository)) { context.withLoginAccount {
defining(context.loginAccount.get) {
loginAccount => loginAccount =>
if (isEditable(repository)) {
saveWikiPage( saveWikiPage(
repository.owner, repository.owner,
repository.name, repository.name,
@@ -242,16 +248,15 @@ trait WikiControllerBase extends ControllerBase {
} else { } else {
redirect(s"/${repository.owner}/${repository.name}/wiki") redirect(s"/${repository.owner}/${repository.name}/wiki")
} }
}
} else Unauthorized() } else Unauthorized()
}
}) })
get("/:owner/:repository/wiki/:page/_delete")(readableUsersOnly { repository => get("/:owner/:repository/wiki/:page/_delete")(readableUsersOnly { repository =>
context.withLoginAccount {
loginAccount =>
if (isEditable(repository)) { if (isEditable(repository)) {
val pageName = StringUtil.urlDecode(params("page")) val pageName = StringUtil.urlDecode(params("page"))
defining(context.loginAccount.get) {
loginAccount =>
deleteWikiPage( deleteWikiPage(
repository.owner, repository.owner,
repository.name, repository.name,
@@ -270,8 +275,8 @@ trait WikiControllerBase extends ControllerBase {
updateLastActivityDate(repository.owner, repository.name) updateLastActivityDate(repository.owner, repository.name)
redirect(s"/${repository.owner}/${repository.name}/wiki") redirect(s"/${repository.owner}/${repository.name}/wiki")
}
} else Unauthorized() } else Unauthorized()
}
}) })
get("/:owner/:repository/wiki/_pages")(referrersOnly { repository => get("/:owner/:repository/wiki/_pages")(referrersOnly { repository =>

3
src/main/scala/gitbucket/core/util/SyntaxSugars.scala
View File

@@ -1,12 +1,11 @@
package gitbucket.core.util package gitbucket.core.util
import scala.language.reflectiveCalls
/** /**
* Provides control facilities. * Provides control facilities.
*/ */
object SyntaxSugars { object SyntaxSugars {
@deprecated("Use scala.util.Try instead", "4.36.0")
def defining[A, B](value: A)(f: A => B): B = f(value) def defining[A, B](value: A)(f: A => B): B = f(value)
@deprecated("Use scala.util.Try instead", "4.36.0") @deprecated("Use scala.util.Try instead", "4.36.0")