mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-11-23 02:11:01 +00:00
modified code to redirect user to the login screen on 401
This commit is contained in:
parent
275e7a3e3d
commit
2c15873f37
7 changed files with 123 additions and 91 deletions
|
@ -5,7 +5,7 @@ var app = angular.module('app', [
|
|||
'ui.filters'
|
||||
]);
|
||||
|
||||
app.config(['$routeProvider', '$locationProvider', function($routeProvider, $locationProvider) {
|
||||
app.config(['$routeProvider', '$locationProvider', '$httpProvider', function($routeProvider, $locationProvider, $httpProvider) {
|
||||
$routeProvider.when('/', {
|
||||
templateUrl: '/views/home.html',
|
||||
controller: 'HomeController',
|
||||
|
@ -135,6 +135,17 @@ app.config(['$routeProvider', '$locationProvider', function($routeProvider, $loc
|
|||
|
||||
// use the HTML5 History API
|
||||
$locationProvider.html5Mode(true);
|
||||
|
||||
$httpProvider.interceptors.push(function($q, $location) {
|
||||
return {
|
||||
'responseError': function(rejection) {
|
||||
if (rejection.status == 401) {
|
||||
$location.path('/login');
|
||||
}
|
||||
return $q.reject(rejection);
|
||||
}
|
||||
};
|
||||
});
|
||||
}]);
|
||||
|
||||
/* also see https://coderwall.com/p/vcfo4q */
|
||||
|
@ -148,6 +159,7 @@ app.run(['$location', '$rootScope', '$routeParams', 'feed', 'stdout', function($
|
|||
$rootScope.$on('$routeChangeSuccess', function (event, current, previous) {
|
||||
document.title = current.$$route.title + ' · drone.io';
|
||||
});
|
||||
|
||||
}]);
|
||||
|
||||
|
||||
|
|
|
@ -1,52 +0,0 @@
|
|||
package handler
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"net/http"
|
||||
|
||||
"github.com/drone/drone/server/database"
|
||||
"github.com/drone/drone/server/session"
|
||||
"github.com/gorilla/pat"
|
||||
)
|
||||
|
||||
type BranchHandler struct {
|
||||
perms database.PermManager
|
||||
repos database.RepoManager
|
||||
commits database.CommitManager
|
||||
sess session.Session
|
||||
}
|
||||
|
||||
func NewBranchHandler(repos database.RepoManager, commits database.CommitManager, perms database.PermManager, sess session.Session) *BranchHandler {
|
||||
return &BranchHandler{perms, repos, commits, sess}
|
||||
}
|
||||
|
||||
// GetBranches gets a list of all branches and their most recent commits.
|
||||
// GET /v1/repos/{host}/{owner}/{name}/branches
|
||||
func (h *BranchHandler) GetBranches(w http.ResponseWriter, r *http.Request) error {
|
||||
var host, owner, name = parseRepo(r)
|
||||
|
||||
// get the user form the session.
|
||||
user := h.sess.User(r)
|
||||
|
||||
// get the repository from the database.
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
}
|
||||
|
||||
// user must have read access to the repository.
|
||||
if ok, _ := h.perms.Read(user, repo); !ok {
|
||||
return notFound{err}
|
||||
}
|
||||
|
||||
branches, err := h.commits.ListBranches(repo.ID)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
}
|
||||
|
||||
return json.NewEncoder(w).Encode(branches)
|
||||
}
|
||||
|
||||
func (h *BranchHandler) Register(r *pat.Router) {
|
||||
r.Get("/v1/repos/{host}/{owner}/{name}/branches", errorHandler(h.GetBranches))
|
||||
}
|
|
@ -35,13 +35,20 @@ func (h *CommitHandler) GetFeed(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
// get the repository from the database.
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have read access to the repository.
|
||||
if ok, _ := h.perms.Read(user, repo); !ok {
|
||||
return notFound{err}
|
||||
ok, _ := h.perms.Read(user, repo)
|
||||
switch {
|
||||
case ok == false && user == nil:
|
||||
return notAuthorized{}
|
||||
case ok == false && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
commits, err := h.commits.ListBranch(repo.ID, branch)
|
||||
|
@ -64,13 +71,20 @@ func (h *CommitHandler) GetCommit(w http.ResponseWriter, r *http.Request) error
|
|||
|
||||
// get the repository from the database.
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have read access to the repository.
|
||||
if ok, _ := h.perms.Read(user, repo); !ok {
|
||||
return notFound{err}
|
||||
ok, _ := h.perms.Read(user, repo)
|
||||
switch {
|
||||
case ok == false && user == nil:
|
||||
return notAuthorized{}
|
||||
case ok == false && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
commit, err := h.commits.FindSha(repo.ID, branch, sha)
|
||||
|
@ -93,13 +107,20 @@ func (h *CommitHandler) GetCommitOutput(w http.ResponseWriter, r *http.Request)
|
|||
|
||||
// get the repository from the database.
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have read access to the repository.
|
||||
if ok, _ := h.perms.Read(user, repo); !ok {
|
||||
return notFound{err}
|
||||
ok, _ := h.perms.Read(user, repo)
|
||||
switch {
|
||||
case ok == false && user == nil:
|
||||
return notAuthorized{}
|
||||
case ok == false && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
commit, err := h.commits.FindSha(repo.ID, branch, sha)
|
||||
|
@ -131,8 +152,11 @@ func (h *CommitHandler) PostCommit(w http.ResponseWriter, r *http.Request) error
|
|||
|
||||
// get the repo from the database
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have admin access to the repository.
|
||||
|
|
|
@ -26,8 +26,11 @@ func NewRemoteHandler(users database.UserManager, remotes database.RemoteManager
|
|||
func (h *RemoteHandler) GetRemotes(w http.ResponseWriter, r *http.Request) error {
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
// get all remotes
|
||||
remotes, err := h.remotes.List()
|
||||
|
@ -100,8 +103,11 @@ func (h *RemoteHandler) PostRemote(w http.ResponseWriter, r *http.Request) error
|
|||
func (h *RemoteHandler) PutRemote(w http.ResponseWriter, r *http.Request) error {
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
// unmarshal the remote from the payload
|
||||
defer r.Body.Close()
|
||||
|
|
|
@ -38,16 +38,21 @@ func (h *RepoHandler) GetRepo(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
// get the repository from the database.
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have read access to the repository.
|
||||
role := h.perms.Find(user, repo)
|
||||
if !role.Read {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case role.Read == false && user == nil:
|
||||
return notAuthorized{}
|
||||
case role.Read == false && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// if the user is not requesting admin data we can
|
||||
// return exactly what we have.
|
||||
if len(admin) == 0 {
|
||||
|
@ -85,8 +90,11 @@ func (h *RepoHandler) PostRepo(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
// get the repo from the database
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have admin access to the repository.
|
||||
|
@ -155,8 +163,11 @@ func (h *RepoHandler) PutRepo(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
// get the repo from the database
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have admin access to the repository.
|
||||
|
@ -221,8 +232,11 @@ func (h *RepoHandler) DeleteRepo(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
// get the repo from the database
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have admin access to the repository.
|
||||
|
@ -254,13 +268,20 @@ func (h *RepoHandler) GetFeed(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
// get the repository from the database.
|
||||
repo, err := h.repos.FindName(host, owner, name)
|
||||
if err != nil {
|
||||
return notFound{err}
|
||||
switch {
|
||||
case err != nil && user == nil:
|
||||
return notAuthorized{}
|
||||
case err != nil && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// user must have read access to the repository.
|
||||
if ok, _ := h.perms.Read(user, repo); !ok {
|
||||
return notFound{err}
|
||||
ok, _ := h.perms.Read(user, repo)
|
||||
switch {
|
||||
case ok == false && user == nil:
|
||||
return notAuthorized{}
|
||||
case ok == false && user != nil:
|
||||
return notFound{}
|
||||
}
|
||||
|
||||
// lists the most recent commits across all branches.
|
||||
|
|
|
@ -24,8 +24,11 @@ func NewServerHandler(servers database.ServerManager, sess session.Session) *Ser
|
|||
func (h *ServerHandler) GetServers(w http.ResponseWriter, r *http.Request) error {
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
// get all servers
|
||||
servers, err := h.servers.List()
|
||||
|
@ -41,8 +44,11 @@ func (h *ServerHandler) GetServers(w http.ResponseWriter, r *http.Request) error
|
|||
func (h *ServerHandler) PostServer(w http.ResponseWriter, r *http.Request) error {
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
// unmarshal the server from the payload
|
||||
defer r.Body.Close()
|
||||
|
@ -65,8 +71,11 @@ func (h *ServerHandler) DeleteServer(w http.ResponseWriter, r *http.Request) err
|
|||
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
// get the server
|
||||
server, err := h.servers.FindName(name)
|
||||
|
|
|
@ -24,8 +24,11 @@ func NewUsersHandler(users database.UserManager, sess session.Session) *UsersHan
|
|||
func (h *UsersHandler) GetUsers(w http.ResponseWriter, r *http.Request) error {
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
// get all users
|
||||
users, err := h.users.List()
|
||||
|
@ -44,8 +47,11 @@ func (h *UsersHandler) GetUser(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
user, err := h.users.FindLogin(remote, login)
|
||||
if err != nil {
|
||||
|
@ -63,8 +69,11 @@ func (h *UsersHandler) PostUser(w http.ResponseWriter, r *http.Request) error {
|
|||
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
|
||||
account := model.NewUser(remote, login, "")
|
||||
|
@ -85,8 +94,11 @@ func (h *UsersHandler) DeleteUser(w http.ResponseWriter, r *http.Request) error
|
|||
|
||||
// get the user form the session
|
||||
user := h.sess.User(r)
|
||||
if user == nil || !user.Admin {
|
||||
switch {
|
||||
case user == nil:
|
||||
return notAuthorized{}
|
||||
case user.Admin == false:
|
||||
return forbidden{}
|
||||
}
|
||||
account, err := h.users.FindLogin(remote, login)
|
||||
if err != nil {
|
||||
|
|
Loading…
Reference in a new issue