woodpecker/server/api/user.go

// Copyright 2018 Drone.IO Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package api

import (
	"encoding/base32"
	"net/http"
	"strconv"

	"github.com/gin-gonic/gin"
	"github.com/gorilla/securecookie"
	"github.com/woodpecker-ci/woodpecker/server"
	"github.com/woodpecker-ci/woodpecker/server/model"
	"github.com/woodpecker-ci/woodpecker/server/router/middleware/session"
	"github.com/woodpecker-ci/woodpecker/server/store"
	"github.com/woodpecker-ci/woodpecker/shared/token"
)

func GetSelf(c *gin.Context) {
	c.JSON(http.StatusOK, session.User(c))
}

func GetFeed(c *gin.Context) {
	_store := store.FromContext(c)

	user := session.User(c)
	latest, _ := strconv.ParseBool(c.Query("latest"))

	if latest {
		feed, err := _store.RepoListLatest(user)
		if err != nil {
			c.String(http.StatusInternalServerError, "Error fetching feed. %s", err)
		} else {
			c.JSON(http.StatusOK, feed)
		}
		return
	}

	feed, err := _store.UserFeed(user)
	if err != nil {
		c.String(http.StatusInternalServerError, "Error fetching user feed. %s", err)
		return
	}
	c.JSON(http.StatusOK, feed)
}

func GetRepos(c *gin.Context) {
	_store := store.FromContext(c)
	_forge := server.Config.Services.Forge

	user := session.User(c)
	all, _ := strconv.ParseBool(c.Query("all"))

	activeRepos, err := _store.RepoList(user, true, true)
	if err != nil {
		c.String(http.StatusInternalServerError, "Error fetching repository list. %s", err)
		return
	}

	if all {
		active := map[string]bool{}
		for _, r := range activeRepos {
			active[r.FullName] = r.IsActive
		}

		_repos, err := _forge.Repos(c, user)
		if err != nil {
			c.String(http.StatusInternalServerError, "Error fetching repository list. %s", err)
			return
		}
		var repos []*model.Repo
		for _, r := range _repos {
			if r.Perm.Push {
				if active[r.FullName] {
					r.IsActive = true
				}
				repos = append(repos, r)
			}
		}

		c.JSON(http.StatusOK, repos)
		return
	}

	c.JSON(http.StatusOK, activeRepos)
}

func PostToken(c *gin.Context) {
	user := session.User(c)
	tokenString, err := token.New(token.UserToken, user.Login).Sign(user.Hash)
	if err != nil {
		_ = c.AbortWithError(http.StatusInternalServerError, err)
		return
	}
	c.String(http.StatusOK, tokenString)
}

func DeleteToken(c *gin.Context) {
	_store := store.FromContext(c)

	user := session.User(c)
	user.Hash = base32.StdEncoding.EncodeToString(
		securecookie.GenerateRandomKey(32),
	)
	if err := _store.UpdateUser(user); err != nil {
		c.String(http.StatusInternalServerError, "Error revoking tokens. %s", err)
		return
	}

	tokenString, err := token.New(token.UserToken, user.Login).Sign(user.Hash)
	if err != nil {
		_ = c.AbortWithError(http.StatusInternalServerError, err)
		return
	}
	c.String(http.StatusOK, tokenString)
}
add apache license header to files 2018-02-19 22:24:10 +00:00			`// Copyright 2018 Drone.IO Inc.`
Just fixed format with go fmt ./... 2018-03-21 13:02:17 +00:00			`//`
add apache license header to files 2018-02-19 22:24:10 +00:00			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
Just fixed format with go fmt ./... 2018-03-21 13:02:17 +00:00			`//`
add apache license header to files 2018-02-19 22:24:10 +00:00			`// http://www.apache.org/licenses/LICENSE-2.0`
Just fixed format with go fmt ./... 2018-03-21 13:02:17 +00:00			`//`
add apache license header to files 2018-02-19 22:24:10 +00:00			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

Reorganize code into server/{api,grpc,shared} packages (#337) * move api code to server/api * move grpc server for agent communication to server/grpc * move server.Config to server/config.go as it is used by both server/api and server/grpc * move shared code used by server/api and server/grpc to server/shared 2021-09-22 18:48:01 +00:00			`package api`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00
			`import (`
removed import that was mistakenly auto-added 2016-05-03 00:52:34 +00:00			`"encoding/base32"`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`"net/http"`
ability to flush user repo cache 2016-06-14 20:07:05 +00:00			`"strconv"`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00
			`"github.com/gin-gonic/gin"`
removed import that was mistakenly auto-added 2016-05-03 00:52:34 +00:00			`"github.com/gorilla/securecookie"`
Server obtain remote from glob config not from context (#540) 2021-11-26 12:01:54 +00:00			`"github.com/woodpecker-ci/woodpecker/server"`
Refactor: move model/ to server/model/ (#366) 2021-09-27 17:51:55 +00:00			`"github.com/woodpecker-ci/woodpecker/server/model"`
Move router package to server/router/ (#339) 2021-09-22 20:41:32 +00:00			`"github.com/woodpecker-ci/woodpecker/server/router/middleware/session"`
Move package store/ to server/store/ (#341) * Refactor: move store/ to server/store/ * fix pipeline for moved tests Co-authored-by: 6543 <6543@obermui.de> 2021-09-23 11:33:59 +00:00			`"github.com/woodpecker-ci/woodpecker/server/store"`
Relaced laszlocph/woodpecker with woodpecker-ci/woodpecker 2021-05-25 12:08:27 +00:00			`"github.com/woodpecker-ci/woodpecker/shared/token"`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`)`

			`func GetSelf(c *gin.Context) {`
Various fixes and improvements (#1643) - allow repo names to be case-insensitive - improve backend error handling on DB get errors (record not found -> 404, else -> 500) - replace magic numbers of http response codes - unify the look and feel of cancel / save buttons on forms and view them in one line --------- Co-authored-by: Lauris BH <lauris@nix.lv> 2023-03-19 12:52:58 +00:00			`c.JSON(http.StatusOK, session.User(c))`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`}`

			`func GetFeed(c *gin.Context) {`
Add linter revive (#554) * Add linter revive * Add underscore to variable name to prevent shadowing * Remove unnecessary leading underscore * Revert changes to vendor file * export ConfigFetcher as interface * no 'yoda conditions' * rename envsubst Co-authored-by: 6543 <6543@obermui.de> 2021-12-01 13:22:06 +00:00			`_store := store.FromContext(c)`
Remove some wrapper and make code more redable (#478) * meaningful var names * no context wrapper, use store directly * retrieve store from context once * rm store.GetRepoOwnerName 2021-10-28 09:12:58 +00:00
implement sync logic 2017-07-14 19:58:38 +00:00			`user := session.User(c)`
repo feed for latest build only 2016-06-15 00:34:47 +00:00			`latest, _ := strconv.ParseBool(c.Query("latest"))`

implement sync logic 2017-07-14 19:58:38 +00:00			`if latest {`
Add linter revive (#554) * Add linter revive * Add underscore to variable name to prevent shadowing * Remove unnecessary leading underscore * Revert changes to vendor file * export ConfigFetcher as interface * no 'yoda conditions' * rename envsubst Co-authored-by: 6543 <6543@obermui.de> 2021-12-01 13:22:06 +00:00			`feed, err := _store.RepoListLatest(user)`
implement sync logic 2017-07-14 19:58:38 +00:00			`if err != nil {`
Various fixes and improvements (#1643) - allow repo names to be case-insensitive - improve backend error handling on DB get errors (record not found -> 404, else -> 500) - replace magic numbers of http response codes - unify the look and feel of cancel / save buttons on forms and view them in one line --------- Co-authored-by: Lauris BH <lauris@nix.lv> 2023-03-19 12:52:58 +00:00			`c.String(http.StatusInternalServerError, "Error fetching feed. %s", err)`
implement sync logic 2017-07-14 19:58:38 +00:00			`} else {`
Various fixes and improvements (#1643) - allow repo names to be case-insensitive - improve backend error handling on DB get errors (record not found -> 404, else -> 500) - replace magic numbers of http response codes - unify the look and feel of cancel / save buttons on forms and view them in one line --------- Co-authored-by: Lauris BH <lauris@nix.lv> 2023-03-19 12:52:58 +00:00			`c.JSON(http.StatusOK, feed)`
implement sync logic 2017-07-14 19:58:38 +00:00			`}`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`return`
			`}`

Add linter revive (#554) * Add linter revive * Add underscore to variable name to prevent shadowing * Remove unnecessary leading underscore * Revert changes to vendor file * export ConfigFetcher as interface * no 'yoda conditions' * rename envsubst Co-authored-by: 6543 <6543@obermui.de> 2021-12-01 13:22:06 +00:00			`feed, err := _store.UserFeed(user)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`if err != nil {`
Various fixes and improvements (#1643) - allow repo names to be case-insensitive - improve backend error handling on DB get errors (record not found -> 404, else -> 500) - replace magic numbers of http response codes - unify the look and feel of cancel / save buttons on forms and view them in one line --------- Co-authored-by: Lauris BH <lauris@nix.lv> 2023-03-19 12:52:58 +00:00			`c.String(http.StatusInternalServerError, "Error fetching user feed. %s", err)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`return`
			`}`
Various fixes and improvements (#1643) - allow repo names to be case-insensitive - improve backend error handling on DB get errors (record not found -> 404, else -> 500) - replace magic numbers of http response codes - unify the look and feel of cancel / save buttons on forms and view them in one line --------- Co-authored-by: Lauris BH <lauris@nix.lv> 2023-03-19 12:52:58 +00:00			`c.JSON(http.StatusOK, feed)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`}`

			`func GetRepos(c *gin.Context) {`
Add linter revive (#554) * Add linter revive * Add underscore to variable name to prevent shadowing * Remove unnecessary leading underscore * Revert changes to vendor file * export ConfigFetcher as interface * no 'yoda conditions' * rename envsubst Co-authored-by: 6543 <6543@obermui.de> 2021-12-01 13:22:06 +00:00			`_store := store.FromContext(c)`
Split and refactor (#1394) Closes #974 2022-11-06 11:44:04 +00:00			`_forge := server.Config.Services.Forge`
Remove some wrapper and make code more redable (#478) * meaningful var names * no context wrapper, use store directly * retrieve store from context once * rm store.GetRepoOwnerName 2021-10-28 09:12:58 +00:00
			`user := session.User(c)`
			`all, _ := strconv.ParseBool(c.Query("all"))`
prevent per-user concurrent sync 2017-09-29 18:21:06 +00:00
Initiate Pagination Implementation for API and Infinite Scroll in UI (#1651) - Add pagination support to the API endpoints that return lists of items - Adjust UI to enable infinite scrolling via pagination 2023-04-30 01:40:13 +00:00			`activeRepos, err := _store.RepoList(user, true, true)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`if err != nil {`
Various fixes and improvements (#1643) - allow repo names to be case-insensitive - improve backend error handling on DB get errors (record not found -> 404, else -> 500) - replace magic numbers of http response codes - unify the look and feel of cancel / save buttons on forms and view them in one line --------- Co-authored-by: Lauris BH <lauris@nix.lv> 2023-03-19 12:52:58 +00:00			`c.String(http.StatusInternalServerError, "Error fetching repository list. %s", err)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`return`
			`}`
ability to pull full vs partial list 2016-06-14 22:20:17 +00:00
implement sync logic 2017-07-14 19:58:38 +00:00			`if all {`
Do not store inactive repos (#1658) Do not sync repos with forge if the repo is not necessary in DB. In the DB, only repos that were active once or repos that are currently active are stored. When trying to enable new repos, the repos list is fetched from the forge instead and displayed directly. In addition to this, the forge func `Perm` was removed and is now merged with `Repo`. Solves a TODO on RepoBatch. --------- Co-authored-by: Anbraten <anton@ju60.de> 2023-03-21 22:01:59 +00:00			`active := map[string]bool{}`
Initiate Pagination Implementation for API and Infinite Scroll in UI (#1651) - Add pagination support to the API endpoints that return lists of items - Adjust UI to enable infinite scrolling via pagination 2023-04-30 01:40:13 +00:00			`for _, r := range activeRepos {`
Do not store inactive repos (#1658) Do not sync repos with forge if the repo is not necessary in DB. In the DB, only repos that were active once or repos that are currently active are stored. When trying to enable new repos, the repos list is fetched from the forge instead and displayed directly. In addition to this, the forge func `Perm` was removed and is now merged with `Repo`. Solves a TODO on RepoBatch. --------- Co-authored-by: Anbraten <anton@ju60.de> 2023-03-21 22:01:59 +00:00			`active[r.FullName] = r.IsActive`
			`}`

			`_repos, err := _forge.Repos(c, user)`
			`if err != nil {`
			`c.String(http.StatusInternalServerError, "Error fetching repository list. %s", err)`
			`return`
			`}`
			`var repos []*model.Repo`
			`for _, r := range _repos {`
			`if r.Perm.Push {`
			`if active[r.FullName] {`
			`r.IsActive = true`
			`}`
			`repos = append(repos, r)`
			`}`
			`}`

ability to pull full vs partial list 2016-06-14 22:20:17 +00:00			`c.JSON(http.StatusOK, repos)`
			`return`
			`}`

Initiate Pagination Implementation for API and Infinite Scroll in UI (#1651) - Add pagination support to the API endpoints that return lists of items - Adjust UI to enable infinite scrolling via pagination 2023-04-30 01:40:13 +00:00			`c.JSON(http.StatusOK, activeRepos)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`}`

			`func PostToken(c *gin.Context) {`
			`user := session.User(c)`
Cleanup Code (#348) * Fix "Empty slice declaration using a literal" * Fix "collides with imported package name" * Remove unused code in pipeline * Remove unused oauth2.providerAuthHeaderWorks() * Add TODOs * Format Code * Cleanup doublestar import * Migrate deprecated functions Co-authored-by: Anbraten <anton@ju60.de> 2021-09-24 14:29:26 +00:00			`tokenString, err := token.New(token.UserToken, user.Login).Sign(user.Hash)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`if err != nil {`
Drop error only on purpose or else report back or log (#514) - Remove Deadcode - Simplify Code - Drop error only on purpose 2021-11-23 14:36:52 +00:00			`_ = c.AbortWithError(http.StatusInternalServerError, err)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`return`
			`}`
Cleanup Code (#348) * Fix "Empty slice declaration using a literal" * Fix "collides with imported package name" * Remove unused code in pipeline * Remove unused oauth2.providerAuthHeaderWorks() * Add TODOs * Format Code * Cleanup doublestar import * Migrate deprecated functions Co-authored-by: Anbraten <anton@ju60.de> 2021-09-24 14:29:26 +00:00			`c.String(http.StatusOK, tokenString)`
moving API to api package, swagger annotatoins 2016-03-30 20:15:28 +00:00			`}`

ability to revoke user tokens 2016-04-09 00:16:45 +00:00			`func DeleteToken(c *gin.Context) {`
Add linter revive (#554) * Add linter revive * Add underscore to variable name to prevent shadowing * Remove unnecessary leading underscore * Revert changes to vendor file * export ConfigFetcher as interface * no 'yoda conditions' * rename envsubst Co-authored-by: 6543 <6543@obermui.de> 2021-12-01 13:22:06 +00:00			`_store := store.FromContext(c)`
Remove some wrapper and make code more redable (#478) * meaningful var names * no context wrapper, use store directly * retrieve store from context once * rm store.GetRepoOwnerName 2021-10-28 09:12:58 +00:00
ability to revoke user tokens 2016-04-09 00:16:45 +00:00			`user := session.User(c)`
removed import that was mistakenly auto-added 2016-05-03 00:52:34 +00:00			`user.Hash = base32.StdEncoding.EncodeToString(`
			`securecookie.GenerateRandomKey(32),`
			`)`
Add linter revive (#554) * Add linter revive * Add underscore to variable name to prevent shadowing * Remove unnecessary leading underscore * Revert changes to vendor file * export ConfigFetcher as interface * no 'yoda conditions' * rename envsubst Co-authored-by: 6543 <6543@obermui.de> 2021-12-01 13:22:06 +00:00			`if err := _store.UpdateUser(user); err != nil {`
Various fixes and improvements (#1643) - allow repo names to be case-insensitive - improve backend error handling on DB get errors (record not found -> 404, else -> 500) - replace magic numbers of http response codes - unify the look and feel of cancel / save buttons on forms and view them in one line --------- Co-authored-by: Lauris BH <lauris@nix.lv> 2023-03-19 12:52:58 +00:00			`c.String(http.StatusInternalServerError, "Error revoking tokens. %s", err)`
ability to revoke user tokens 2016-04-09 00:16:45 +00:00			`return`
			`}`

Cleanup Code (#348) * Fix "Empty slice declaration using a literal" * Fix "collides with imported package name" * Remove unused code in pipeline * Remove unused oauth2.providerAuthHeaderWorks() * Add TODOs * Format Code * Cleanup doublestar import * Migrate deprecated functions Co-authored-by: Anbraten <anton@ju60.de> 2021-09-24 14:29:26 +00:00			`tokenString, err := token.New(token.UserToken, user.Login).Sign(user.Hash)`
ability to revoke user tokens 2016-04-09 00:16:45 +00:00			`if err != nil {`
Drop error only on purpose or else report back or log (#514) - Remove Deadcode - Simplify Code - Drop error only on purpose 2021-11-23 14:36:52 +00:00			`_ = c.AbortWithError(http.StatusInternalServerError, err)`
ability to revoke user tokens 2016-04-09 00:16:45 +00:00			`return`
			`}`
Cleanup Code (#348) * Fix "Empty slice declaration using a literal" * Fix "collides with imported package name" * Remove unused code in pipeline * Remove unused oauth2.providerAuthHeaderWorks() * Add TODOs * Format Code * Cleanup doublestar import * Migrate deprecated functions Co-authored-by: Anbraten <anton@ju60.de> 2021-09-24 14:29:26 +00:00			`c.String(http.StatusOK, tokenString)`
ability to revoke user tokens 2016-04-09 00:16:45 +00:00			`}`