woodpecker/server/router/middleware/session/user.go

// Copyright 2018 Drone.IO Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package session

import (
	"net/http"
	"strconv"

	"github.com/gin-gonic/gin"
	"github.com/rs/zerolog/log"

	"go.woodpecker-ci.org/woodpecker/v2/server"
	"go.woodpecker-ci.org/woodpecker/v2/server/model"
	"go.woodpecker-ci.org/woodpecker/v2/server/store"
	"go.woodpecker-ci.org/woodpecker/v2/shared/token"
)

func User(c *gin.Context) *model.User {
	v, ok := c.Get("user")
	if !ok {
		return nil
	}
	u, ok := v.(*model.User)
	if !ok {
		return nil
	}
	return u
}

func SetUser() gin.HandlerFunc {
	return func(c *gin.Context) {
		var user *model.User

		t, err := token.ParseRequest(c.Request, func(t *token.Token) (string, error) {
			var err error
			user, err = store.FromContext(c).GetUserLogin(t.Text)
			return user.Hash, err
		})
		if err == nil {
			c.Set("user", user)

			// if this is a session token (ie not the API token)
			// this means the user is accessing with a web browser,
			// so we should implement CSRF protection measures.
			if t.Kind == token.SessToken {
				err = token.CheckCsrf(c.Request, func(_ *token.Token) (string, error) {
					return user.Hash, nil
				})
				// if csrf token validation fails, exit immediately
				// with a not authorized error.
				if err != nil {
					c.AbortWithStatus(http.StatusUnauthorized)
					return
				}
			}
		}
		c.Next()
	}
}

func MustAdmin() gin.HandlerFunc {
	return func(c *gin.Context) {
		user := User(c)
		switch {
		case user == nil:
			c.String(401, "User not authorized")
			c.Abort()
		case !user.Admin:
			c.String(403, "User not authorized")
			c.Abort()
		default:
			c.Next()
		}
	}
}

func MustRepoAdmin() gin.HandlerFunc {
	return func(c *gin.Context) {
		user := User(c)
		perm := Perm(c)
		switch {
		case user == nil:
			c.String(401, "User not authorized")
			c.Abort()
		case !perm.Admin:
			c.String(403, "User not authorized")
			c.Abort()
		default:
			c.Next()
		}
	}
}

func MustUser() gin.HandlerFunc {
	return func(c *gin.Context) {
		user := User(c)
		switch {
		case user == nil:
			c.String(401, "User not authorized")
			c.Abort()
		default:
			c.Next()
		}
	}
}

func MustOrgMember(admin bool) gin.HandlerFunc {
	return func(c *gin.Context) {
		_store := store.FromContext(c)

		user := User(c)
		if user == nil {
			c.String(http.StatusUnauthorized, "User not authorized")
			c.Abort()
			return
		}

		orgID, err := strconv.ParseInt(c.Param("org_id"), 10, 64)
		if err != nil {
			c.String(http.StatusBadRequest, "Error parsing org id. %s", err)
			return
		}

		org, err := _store.OrgGet(orgID)
		if err != nil {
			c.String(http.StatusNotFound, "Organization not found")
			return
		}

		// User can access his own, admin can access all
		if (org.Name == user.Login) || user.Admin {
			c.Next()
			return
		}

		perm, err := server.Config.Services.Membership.Get(c, user, org.Name)
		if err != nil {
			log.Error().Err(err).Msg("failed to check membership")
			c.String(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))
			c.Abort()
			return
		}

		if perm == nil || (!admin && !perm.Member) || (admin && !perm.Admin) {
			c.String(http.StatusForbidden, "user not authorized")
			c.Abort()
			return
		}

		c.Next()
	}
}
add apache license header to files 2018-02-19 22:24:10 +00:00			`// Copyright 2018 Drone.IO Inc.`
Just fixed format with go fmt ./... 2018-03-21 13:02:17 +00:00			`//`
add apache license header to files 2018-02-19 22:24:10 +00:00			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
Just fixed format with go fmt ./... 2018-03-21 13:02:17 +00:00			`//`
add apache license header to files 2018-02-19 22:24:10 +00:00			`// http://www.apache.org/licenses/LICENSE-2.0`
Just fixed format with go fmt ./... 2018-03-21 13:02:17 +00:00			`//`
add apache license header to files 2018-02-19 22:24:10 +00:00			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

updated vendor files and paths 2015-09-30 01:21:17 +00:00			`package session`

			`import (`
			`"net/http"`
Use id to access orgs (#1873) closes #1743 fixes: setting secrets for own user namespace - create org in database - use orgID for org related APIs Co-authored-by: 6543 <6543@obermui.de> 2023-07-21 17:45:32 +00:00			`"strconv"`
updated vendor files and paths 2015-09-30 01:21:17 +00:00
Replace `goimports` with `gci` (#3202) `gci` seems to be much more strict. 2024-01-14 17:22:06 +00:00			`"github.com/gin-gonic/gin"`
			`"github.com/rs/zerolog/log"`

Update go module path for major version 2 (#2905) https://go.dev/doc/modules/release-workflow#breaking Fixes https://github.com/woodpecker-ci/woodpecker/issues/2913 fixes #2654 ``` runephilosof@fedora:~/code/platform-woodpecker/woodpecker-repo-configurator (master)$ go get go.woodpecker-ci.org/woodpecker@v2.0.0 go: go.woodpecker-ci.org/woodpecker@v2.0.0: invalid version: module contains a go.mod file, so module path must match major version ("go.woodpecker-ci.org/woodpecker/v2") ``` --------- Co-authored-by: qwerty287 <80460567+qwerty287@users.noreply.github.com> 2023-12-08 07:15:08 +00:00			`"go.woodpecker-ci.org/woodpecker/v2/server"`
			`"go.woodpecker-ci.org/woodpecker/v2/server/model"`
			`"go.woodpecker-ci.org/woodpecker/v2/server/store"`
			`"go.woodpecker-ci.org/woodpecker/v2/shared/token"`
updated vendor files and paths 2015-09-30 01:21:17 +00:00			`)`

			`func User(c gin.Context) model.User {`
			`v, ok := c.Get("user")`
			`if !ok {`
			`return nil`
			`}`
			`u, ok := v.(*model.User)`
			`if !ok {`
			`return nil`
			`}`
			`return u`
			`}`

			`func SetUser() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`var user *model.User`

			`t, err := token.ParseRequest(c.Request, func(t *token.Token) (string, error) {`
			`var err error`
Remove some wrapper and make code more redable (#478) * meaningful var names * no context wrapper, use store directly * retrieve store from context once * rm store.GetRepoOwnerName 2021-10-28 09:12:58 +00:00			`user, err = store.FromContext(c).GetUserLogin(t.Text)`
updated vendor files and paths 2015-09-30 01:21:17 +00:00			`return user.Hash, err`
			`})`
			`if err == nil {`
			`c.Set("user", user)`

			`// if this is a session token (ie not the API token)`
			`// this means the user is accessing with a web browser,`
			`// so we should implement CSRF protection measures.`
			`if t.Kind == token.SessToken {`
Fix linter (#3354) 2024-02-08 21:49:07 +00:00			`err = token.CheckCsrf(c.Request, func(_ *token.Token) (string, error) {`
updated vendor files and paths 2015-09-30 01:21:17 +00:00			`return user.Hash, nil`
			`})`
			`// if csrf token validation fails, exit immediately`
			`// with a not authorized error.`
			`if err != nil {`
			`c.AbortWithStatus(http.StatusUnauthorized)`
			`return`
			`}`
			`}`
			`}`
			`c.Next()`
			`}`
			`}`

			`func MustAdmin() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`user := User(c)`
			`switch {`
			`case user == nil:`
use new .drone.sig signature file 2016-04-22 00:10:19 +00:00			`c.String(401, "User not authorized")`
			`c.Abort()`
Drop error only on purpose or else report back or log (#514) - Remove Deadcode - Simplify Code - Drop error only on purpose 2021-11-23 14:36:52 +00:00			`case !user.Admin:`
fix: update http status code 2020-11-27 03:29:07 +00:00			`c.String(403, "User not authorized")`
use new .drone.sig signature file 2016-04-22 00:10:19 +00:00			`c.Abort()`
updated vendor files and paths 2015-09-30 01:21:17 +00:00			`default:`
			`c.Next()`
			`}`
			`}`
			`}`

Disallow non admin users to deactivate repo 2016-07-21 17:43:29 +00:00			`func MustRepoAdmin() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`user := User(c)`
			`perm := Perm(c)`
			`switch {`
			`case user == nil:`
			`c.String(401, "User not authorized")`
			`c.Abort()`
Drop error only on purpose or else report back or log (#514) - Remove Deadcode - Simplify Code - Drop error only on purpose 2021-11-23 14:36:52 +00:00			`case !perm.Admin:`
Disallow non admin users to deactivate repo 2016-07-21 17:43:29 +00:00			`c.String(403, "User not authorized")`
			`c.Abort()`
			`default:`
			`c.Next()`
			`}`
			`}`
			`}`

updated vendor files and paths 2015-09-30 01:21:17 +00:00			`func MustUser() gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`user := User(c)`
			`switch {`
			`case user == nil:`
use new .drone.sig signature file 2016-04-22 00:10:19 +00:00			`c.String(401, "User not authorized")`
			`c.Abort()`
updated vendor files and paths 2015-09-30 01:21:17 +00:00			`default:`
			`c.Next()`
			`}`
			`}`
			`}`
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00
			`func MustOrgMember(admin bool) gin.HandlerFunc {`
			`return func(c *gin.Context) {`
Use id to access orgs (#1873) closes #1743 fixes: setting secrets for own user namespace - create org in database - use orgID for org related APIs Co-authored-by: 6543 <6543@obermui.de> 2023-07-21 17:45:32 +00:00			`_store := store.FromContext(c)`

Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`user := User(c)`
			`if user == nil {`
			`c.String(http.StatusUnauthorized, "User not authorized")`
			`c.Abort()`
			`return`
			`}`
Use id to access orgs (#1873) closes #1743 fixes: setting secrets for own user namespace - create org in database - use orgID for org related APIs Co-authored-by: 6543 <6543@obermui.de> 2023-07-21 17:45:32 +00:00
			`orgID, err := strconv.ParseInt(c.Param("org_id"), 10, 64)`
			`if err != nil {`
			`c.String(http.StatusBadRequest, "Error parsing org id. %s", err)`
			`return`
			`}`

			`org, err := _store.OrgGet(orgID)`
			`if err != nil {`
			`c.String(http.StatusNotFound, "Organization not found")`
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`return`
			`}`
Use id to access orgs (#1873) closes #1743 fixes: setting secrets for own user namespace - create org in database - use orgID for org related APIs Co-authored-by: 6543 <6543@obermui.de> 2023-07-21 17:45:32 +00:00
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`// User can access his own, admin can access all`
Use id to access orgs (#1873) closes #1743 fixes: setting secrets for own user namespace - create org in database - use orgID for org related APIs Co-authored-by: 6543 <6543@obermui.de> 2023-07-21 17:45:32 +00:00			`if (org.Name == user.Login) \|\| user.Admin {`
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`c.Next()`
			`return`
			`}`

Use id to access orgs (#1873) closes #1743 fixes: setting secrets for own user namespace - create org in database - use orgID for org related APIs Co-authored-by: 6543 <6543@obermui.de> 2023-07-21 17:45:32 +00:00			`perm, err := server.Config.Services.Membership.Get(c, user, org.Name)`
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`if err != nil {`
Lowercase all log strings (#3173) from #3161 --------- Co-authored-by: 6543 <6543@obermui.de> 2024-01-11 18:17:07 +00:00			`log.Error().Err(err).Msg("failed to check membership")`
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`c.String(http.StatusInternalServerError, http.StatusText(http.StatusInternalServerError))`
			`c.Abort()`
			`return`
			`}`
Use id to access orgs (#1873) closes #1743 fixes: setting secrets for own user namespace - create org in database - use orgID for org related APIs Co-authored-by: 6543 <6543@obermui.de> 2023-07-21 17:45:32 +00:00
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`if perm == nil \|\| (!admin && !perm.Member) \|\| (admin && !perm.Admin) {`
Lowercase all log strings (#3173) from #3161 --------- Co-authored-by: 6543 <6543@obermui.de> 2024-01-11 18:17:07 +00:00			`c.String(http.StatusForbidden, "user not authorized")`
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`c.Abort()`
			`return`
			`}`
Use id to access orgs (#1873) closes #1743 fixes: setting secrets for own user namespace - create org in database - use orgID for org related APIs Co-authored-by: 6543 <6543@obermui.de> 2023-07-21 17:45:32 +00:00
Add method to check organization membership (#1037) * Add remote method to check organization membership * Use named return parameters in interface * Add membership check service * Update Gitea SDK 2022-07-25 01:09:35 +00:00			`c.Next()`
			`}`
			`}`