2018-02-19 22:24:10 +00:00
|
|
|
// Copyright 2018 Drone.IO Inc.
|
2018-03-21 13:02:17 +00:00
|
|
|
//
|
2018-02-19 22:24:10 +00:00
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
2018-03-21 13:02:17 +00:00
|
|
|
//
|
2018-02-19 22:24:10 +00:00
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
2018-03-21 13:02:17 +00:00
|
|
|
//
|
2018-02-19 22:24:10 +00:00
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
2021-09-22 18:48:01 +00:00
|
|
|
package api
|
2015-09-30 01:21:17 +00:00
|
|
|
|
|
|
|
import (
|
2016-05-03 00:47:58 +00:00
|
|
|
"encoding/base32"
|
2015-09-30 01:21:17 +00:00
|
|
|
"fmt"
|
|
|
|
"net/http"
|
2017-07-14 19:58:38 +00:00
|
|
|
"strconv"
|
2015-09-30 01:21:17 +00:00
|
|
|
|
|
|
|
"github.com/gin-gonic/gin"
|
2016-05-03 00:47:58 +00:00
|
|
|
"github.com/gorilla/securecookie"
|
2021-11-23 14:36:52 +00:00
|
|
|
"github.com/rs/zerolog/log"
|
2015-09-30 01:21:17 +00:00
|
|
|
|
2021-09-22 18:48:01 +00:00
|
|
|
"github.com/woodpecker-ci/woodpecker/server"
|
2021-09-27 17:51:55 +00:00
|
|
|
"github.com/woodpecker-ci/woodpecker/server/model"
|
2021-09-22 20:41:32 +00:00
|
|
|
"github.com/woodpecker-ci/woodpecker/server/router/middleware/session"
|
2021-09-23 11:33:59 +00:00
|
|
|
"github.com/woodpecker-ci/woodpecker/server/store"
|
2021-05-25 12:08:27 +00:00
|
|
|
"github.com/woodpecker-ci/woodpecker/shared/token"
|
2015-09-30 01:21:17 +00:00
|
|
|
)
|
|
|
|
|
2021-11-27 15:06:00 +00:00
|
|
|
// TODO: make it set system wide via environment variables
|
|
|
|
const defaultTimeout = 60 // 1 hour default build time
|
|
|
|
const maxTimeout = defaultTimeout * 2
|
|
|
|
|
2015-09-30 01:21:17 +00:00
|
|
|
func PostRepo(c *gin.Context) {
|
2021-12-01 13:22:06 +00:00
|
|
|
remote := server.Config.Services.Remote
|
|
|
|
_store := store.FromContext(c)
|
2015-09-30 01:21:17 +00:00
|
|
|
user := session.User(c)
|
2017-07-14 19:58:38 +00:00
|
|
|
repo := session.Repo(c)
|
2015-09-30 01:21:17 +00:00
|
|
|
|
2017-07-14 19:58:38 +00:00
|
|
|
if repo.IsActive {
|
2021-11-27 15:06:00 +00:00
|
|
|
c.String(http.StatusConflict, "Repository is already active.")
|
2015-09-30 01:21:17 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-07-14 19:58:38 +00:00
|
|
|
repo.IsActive = true
|
|
|
|
repo.UserID = user.ID
|
2021-10-09 01:26:35 +00:00
|
|
|
repo.AllowPull = true
|
2021-09-18 14:28:35 +00:00
|
|
|
|
2017-07-14 19:58:38 +00:00
|
|
|
if repo.Visibility == "" {
|
|
|
|
repo.Visibility = model.VisibilityPublic
|
2021-11-22 11:55:13 +00:00
|
|
|
if repo.IsSCMPrivate {
|
2017-07-14 19:58:38 +00:00
|
|
|
repo.Visibility = model.VisibilityPrivate
|
|
|
|
}
|
2015-09-30 01:21:17 +00:00
|
|
|
}
|
2021-09-18 14:28:35 +00:00
|
|
|
|
2017-07-14 19:58:38 +00:00
|
|
|
if repo.Timeout == 0 {
|
2021-11-27 15:06:00 +00:00
|
|
|
repo.Timeout = defaultTimeout
|
|
|
|
} else if repo.Timeout > maxTimeout {
|
|
|
|
repo.Timeout = maxTimeout
|
2015-09-30 01:21:17 +00:00
|
|
|
}
|
2021-09-18 14:28:35 +00:00
|
|
|
|
2017-07-14 19:58:38 +00:00
|
|
|
if repo.Hash == "" {
|
|
|
|
repo.Hash = base32.StdEncoding.EncodeToString(
|
|
|
|
securecookie.GenerateRandomKey(32),
|
|
|
|
)
|
2015-09-30 01:21:17 +00:00
|
|
|
}
|
|
|
|
|
2017-07-14 19:58:38 +00:00
|
|
|
// creates the jwt token used to verify the repository
|
|
|
|
t := token.New(token.HookToken, repo.FullName)
|
|
|
|
sig, err := t.Sign(repo.Hash)
|
2015-09-30 01:21:17 +00:00
|
|
|
if err != nil {
|
2021-11-27 15:06:00 +00:00
|
|
|
c.String(http.StatusInternalServerError, err.Error())
|
2015-09-30 01:21:17 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
link := fmt.Sprintf(
|
|
|
|
"%s/hook?access_token=%s",
|
2021-09-22 18:48:01 +00:00
|
|
|
server.Config.Server.Host,
|
2015-09-30 01:21:17 +00:00
|
|
|
sig,
|
|
|
|
)
|
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
err = remote.Activate(c, user, repo, link)
|
2015-09-30 01:21:17 +00:00
|
|
|
if err != nil {
|
2021-11-27 15:06:00 +00:00
|
|
|
c.String(http.StatusInternalServerError, err.Error())
|
2015-09-30 01:21:17 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
from, err := remote.Repo(c, user, repo.Owner, repo.Name)
|
2017-07-21 15:53:11 +00:00
|
|
|
if err == nil {
|
|
|
|
repo.Update(from)
|
|
|
|
}
|
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
err = _store.UpdateRepo(repo)
|
2015-09-30 01:21:17 +00:00
|
|
|
if err != nil {
|
2021-11-27 15:06:00 +00:00
|
|
|
c.String(http.StatusInternalServerError, err.Error())
|
2015-09-30 01:21:17 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-11-27 15:06:00 +00:00
|
|
|
c.JSON(http.StatusOK, repo)
|
2015-09-30 01:21:17 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func PatchRepo(c *gin.Context) {
|
2021-12-01 13:22:06 +00:00
|
|
|
_store := store.FromContext(c)
|
2015-09-30 01:21:17 +00:00
|
|
|
repo := session.Repo(c)
|
|
|
|
user := session.User(c)
|
|
|
|
|
2017-04-12 12:12:21 +00:00
|
|
|
in := new(model.RepoPatch)
|
2015-09-30 01:21:17 +00:00
|
|
|
if err := c.Bind(in); err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusBadRequest, err)
|
2015-09-30 01:21:17 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2021-11-27 15:06:00 +00:00
|
|
|
if in.Timeout != nil && *in.Timeout > maxTimeout && !user.Admin {
|
|
|
|
c.String(http.StatusForbidden, fmt.Sprintf("Timeout is not allowed to be higher than max timeout (%dmin)", maxTimeout))
|
|
|
|
}
|
|
|
|
if in.IsTrusted != nil && *in.IsTrusted != repo.IsTrusted && !user.Admin {
|
|
|
|
log.Trace().Msgf("user '%s' wants to make repo trusted without being an instance admin ", user.Login)
|
|
|
|
c.String(http.StatusForbidden, "Insufficient privileges")
|
2017-04-11 17:06:45 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2015-09-30 01:21:17 +00:00
|
|
|
if in.AllowPull != nil {
|
|
|
|
repo.AllowPull = *in.AllowPull
|
|
|
|
}
|
2017-04-11 17:06:45 +00:00
|
|
|
if in.IsGated != nil {
|
|
|
|
repo.IsGated = *in.IsGated
|
|
|
|
}
|
|
|
|
if in.IsTrusted != nil {
|
2015-09-30 01:21:17 +00:00
|
|
|
repo.IsTrusted = *in.IsTrusted
|
|
|
|
}
|
2017-04-11 17:06:45 +00:00
|
|
|
if in.Timeout != nil {
|
2015-09-30 01:21:17 +00:00
|
|
|
repo.Timeout = *in.Timeout
|
|
|
|
}
|
2017-04-12 12:12:21 +00:00
|
|
|
if in.Config != nil {
|
|
|
|
repo.Config = *in.Config
|
|
|
|
}
|
2017-05-22 22:44:58 +00:00
|
|
|
if in.Visibility != nil {
|
|
|
|
switch *in.Visibility {
|
2021-11-22 11:55:13 +00:00
|
|
|
case string(model.VisibilityInternal), string(model.VisibilityPrivate), string(model.VisibilityPublic):
|
|
|
|
repo.Visibility = model.RepoVisibly(*in.Visibility)
|
2017-05-22 22:44:58 +00:00
|
|
|
default:
|
2021-11-27 15:06:00 +00:00
|
|
|
c.String(http.StatusBadRequest, "Invalid visibility type")
|
2017-05-22 22:44:58 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
2017-08-13 00:01:10 +00:00
|
|
|
if in.BuildCounter != nil {
|
|
|
|
repo.Counter = *in.BuildCounter
|
|
|
|
}
|
2015-09-30 01:21:17 +00:00
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
err := _store.UpdateRepo(repo)
|
2015-09-30 01:21:17 +00:00
|
|
|
if err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
2015-09-30 01:21:17 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2016-03-30 20:15:28 +00:00
|
|
|
c.JSON(http.StatusOK, repo)
|
2015-09-30 01:21:17 +00:00
|
|
|
}
|
|
|
|
|
2016-06-14 21:05:53 +00:00
|
|
|
func ChownRepo(c *gin.Context) {
|
2021-12-01 13:22:06 +00:00
|
|
|
_store := store.FromContext(c)
|
2016-06-14 21:05:53 +00:00
|
|
|
repo := session.Repo(c)
|
|
|
|
user := session.User(c)
|
|
|
|
repo.UserID = user.ID
|
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
err := _store.UpdateRepo(repo)
|
2016-06-14 21:05:53 +00:00
|
|
|
if err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
2016-06-14 21:05:53 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
c.JSON(http.StatusOK, repo)
|
|
|
|
}
|
|
|
|
|
2015-09-30 01:21:17 +00:00
|
|
|
func GetRepo(c *gin.Context) {
|
2016-03-30 20:15:28 +00:00
|
|
|
c.JSON(http.StatusOK, session.Repo(c))
|
2015-09-30 01:21:17 +00:00
|
|
|
}
|
|
|
|
|
2021-10-13 12:16:26 +00:00
|
|
|
func GetRepoPermissions(c *gin.Context) {
|
|
|
|
perm := session.Perm(c)
|
|
|
|
c.JSON(http.StatusOK, perm)
|
|
|
|
}
|
|
|
|
|
2021-10-27 00:47:55 +00:00
|
|
|
func GetRepoBranches(c *gin.Context) {
|
|
|
|
repo := session.Repo(c)
|
|
|
|
user := session.User(c)
|
2021-11-26 12:01:54 +00:00
|
|
|
r := server.Config.Services.Remote
|
2021-10-27 00:47:55 +00:00
|
|
|
|
|
|
|
branches, err := r.Branches(c, user, repo)
|
|
|
|
if err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
2021-10-27 00:47:55 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
c.JSON(http.StatusOK, branches)
|
|
|
|
}
|
|
|
|
|
2015-09-30 01:21:17 +00:00
|
|
|
func DeleteRepo(c *gin.Context) {
|
2017-07-14 19:58:38 +00:00
|
|
|
remove, _ := strconv.ParseBool(c.Query("remove"))
|
2021-12-01 13:22:06 +00:00
|
|
|
remote := server.Config.Services.Remote
|
|
|
|
_store := store.FromContext(c)
|
2021-10-28 09:12:58 +00:00
|
|
|
|
2015-09-30 01:21:17 +00:00
|
|
|
repo := session.Repo(c)
|
2015-10-05 01:34:06 +00:00
|
|
|
user := session.User(c)
|
2015-09-30 01:21:17 +00:00
|
|
|
|
2017-07-14 19:58:38 +00:00
|
|
|
repo.IsActive = false
|
|
|
|
repo.UserID = 0
|
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
err := _store.UpdateRepo(repo)
|
2015-09-30 01:21:17 +00:00
|
|
|
if err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
2015-10-05 01:34:06 +00:00
|
|
|
return
|
2015-09-30 01:21:17 +00:00
|
|
|
}
|
2015-10-05 01:34:06 +00:00
|
|
|
|
2017-07-14 19:58:38 +00:00
|
|
|
if remove {
|
2021-12-01 13:22:06 +00:00
|
|
|
err := _store.DeleteRepo(repo)
|
2017-07-14 19:58:38 +00:00
|
|
|
if err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
2017-07-14 19:58:38 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
if err := remote.Deactivate(c, user, repo, server.Config.Server.Host); err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
2021-09-28 10:56:59 +00:00
|
|
|
return
|
|
|
|
}
|
2017-08-25 00:03:11 +00:00
|
|
|
c.JSON(200, repo)
|
2015-09-30 01:21:17 +00:00
|
|
|
}
|
2017-04-12 13:32:44 +00:00
|
|
|
|
|
|
|
func RepairRepo(c *gin.Context) {
|
2021-12-01 13:22:06 +00:00
|
|
|
remote := server.Config.Services.Remote
|
|
|
|
_store := store.FromContext(c)
|
2017-04-12 13:32:44 +00:00
|
|
|
repo := session.Repo(c)
|
|
|
|
user := session.User(c)
|
|
|
|
|
2017-08-21 21:56:37 +00:00
|
|
|
// creates the jwt token used to verify the repository
|
2017-04-12 13:32:44 +00:00
|
|
|
t := token.New(token.HookToken, repo.FullName)
|
|
|
|
sig, err := t.Sign(repo.Hash)
|
|
|
|
if err != nil {
|
|
|
|
c.String(500, err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// reconstruct the link
|
2021-09-22 18:48:01 +00:00
|
|
|
host := server.Config.Server.Host
|
2017-04-12 13:32:44 +00:00
|
|
|
link := fmt.Sprintf(
|
|
|
|
"%s/hook?access_token=%s",
|
|
|
|
host,
|
|
|
|
sig,
|
|
|
|
)
|
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
if err := remote.Deactivate(c, user, repo, host); err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
log.Trace().Err(err).Msgf("deactivate repo '%s' to repair failed", repo.FullName)
|
|
|
|
}
|
2021-12-01 13:22:06 +00:00
|
|
|
if err := remote.Activate(c, user, repo, link); err != nil {
|
2017-04-12 13:32:44 +00:00
|
|
|
c.String(500, err.Error())
|
|
|
|
return
|
|
|
|
}
|
2017-08-26 22:52:57 +00:00
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
from, err := remote.Repo(c, user, repo.Owner, repo.Name)
|
2021-11-23 14:36:52 +00:00
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Msgf("get repo '%s/%s' from remote", repo.Owner, repo.Name)
|
|
|
|
c.AbortWithStatus(http.StatusInternalServerError)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
repo.Name = from.Name
|
|
|
|
repo.Owner = from.Owner
|
|
|
|
repo.FullName = from.FullName
|
|
|
|
repo.Avatar = from.Avatar
|
|
|
|
repo.Link = from.Link
|
|
|
|
repo.Clone = from.Clone
|
|
|
|
repo.IsSCMPrivate = from.IsSCMPrivate
|
|
|
|
if repo.IsSCMPrivate != from.IsSCMPrivate {
|
|
|
|
repo.ResetVisibility()
|
|
|
|
}
|
2021-12-01 13:22:06 +00:00
|
|
|
if err := _store.UpdateRepo(repo); err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
|
|
|
return
|
2017-08-26 22:52:57 +00:00
|
|
|
}
|
|
|
|
|
2017-04-12 13:32:44 +00:00
|
|
|
c.Writer.WriteHeader(http.StatusOK)
|
|
|
|
}
|
2017-08-21 21:56:37 +00:00
|
|
|
|
|
|
|
func MoveRepo(c *gin.Context) {
|
2021-12-01 13:22:06 +00:00
|
|
|
remote := server.Config.Services.Remote
|
|
|
|
_store := store.FromContext(c)
|
2017-08-21 21:56:37 +00:00
|
|
|
repo := session.Repo(c)
|
|
|
|
user := session.User(c)
|
|
|
|
|
|
|
|
to, exists := c.GetQuery("to")
|
|
|
|
if !exists {
|
|
|
|
err := fmt.Errorf("Missing required to query value")
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
2017-08-21 22:49:09 +00:00
|
|
|
return
|
2017-08-21 21:56:37 +00:00
|
|
|
}
|
|
|
|
|
2017-08-21 22:49:09 +00:00
|
|
|
owner, name, errParse := model.ParseRepo(to)
|
2017-08-21 21:56:37 +00:00
|
|
|
if errParse != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, errParse)
|
2017-08-21 22:49:09 +00:00
|
|
|
return
|
2017-08-21 21:56:37 +00:00
|
|
|
}
|
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
from, err := remote.Repo(c, user, owner, name)
|
2017-08-21 21:56:37 +00:00
|
|
|
if err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, err)
|
2017-08-21 22:49:09 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
if !from.Perm.Admin {
|
|
|
|
c.AbortWithStatus(http.StatusUnauthorized)
|
|
|
|
return
|
2017-08-21 21:56:37 +00:00
|
|
|
}
|
2017-08-21 22:49:09 +00:00
|
|
|
|
2017-08-21 21:56:37 +00:00
|
|
|
repo.Name = from.Name
|
|
|
|
repo.Owner = from.Owner
|
|
|
|
repo.FullName = from.FullName
|
|
|
|
repo.Avatar = from.Avatar
|
|
|
|
repo.Link = from.Link
|
|
|
|
repo.Clone = from.Clone
|
2021-11-22 11:55:13 +00:00
|
|
|
repo.IsSCMPrivate = from.IsSCMPrivate
|
|
|
|
if repo.IsSCMPrivate != from.IsSCMPrivate {
|
2017-08-21 22:49:09 +00:00
|
|
|
repo.ResetVisibility()
|
|
|
|
}
|
2017-08-21 21:56:37 +00:00
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
errStore := _store.UpdateRepo(repo)
|
2017-08-21 21:56:37 +00:00
|
|
|
if errStore != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
_ = c.AbortWithError(http.StatusInternalServerError, errStore)
|
2017-08-21 21:56:37 +00:00
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2017-08-26 22:52:57 +00:00
|
|
|
// creates the jwt token used to verify the repository
|
|
|
|
t := token.New(token.HookToken, repo.FullName)
|
|
|
|
sig, err := t.Sign(repo.Hash)
|
|
|
|
if err != nil {
|
|
|
|
c.String(500, err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// reconstruct the link
|
2021-09-22 18:48:01 +00:00
|
|
|
host := server.Config.Server.Host
|
2017-08-26 22:52:57 +00:00
|
|
|
link := fmt.Sprintf(
|
|
|
|
"%s/hook?access_token=%s",
|
|
|
|
host,
|
|
|
|
sig,
|
|
|
|
)
|
2017-08-21 21:56:37 +00:00
|
|
|
|
2021-12-01 13:22:06 +00:00
|
|
|
if err := remote.Deactivate(c, user, repo, host); err != nil {
|
2021-11-23 14:36:52 +00:00
|
|
|
log.Trace().Err(err).Msgf("deactivate repo '%s' for move to activate later, got an error", repo.FullName)
|
|
|
|
}
|
2021-12-01 13:22:06 +00:00
|
|
|
if err := remote.Activate(c, user, repo, link); err != nil {
|
2017-08-26 22:52:57 +00:00
|
|
|
c.String(500, err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
c.Writer.WriteHeader(http.StatusOK)
|
|
|
|
}
|