use sha of per-repo secret key for hook validation

This commit is contained in:
Brad Rydzewski 2015-08-11 01:36:07 -07:00
parent 25c905c7ed
commit d688121844
11 changed files with 324 additions and 214 deletions

View file

@ -21,7 +21,6 @@ func PostHook(c *gin.Context) {
remote := ToRemote(c)
store := ToDatastore(c)
queue_ := ToQueue(c)
sess := ToSession(c)
conf := ToSettings(c)
hook, err := remote.Hook(c.Request)
@ -40,14 +39,6 @@ func PostHook(c *gin.Context) {
return
}
// get the token and verify the hook is authorized
token := sess.GetLogin(c.Request)
if token == nil || token.Label != hook.Repo.FullName {
log.Errorf("invalid token sent with hook.")
c.AbortWithStatus(403)
return
}
// a build may be skipped if the text [CI SKIP]
// is found inside the commit message
if hook.Commit != nil && strings.Contains(hook.Commit.Message, "[CI SKIP]") {
@ -63,6 +54,13 @@ func PostHook(c *gin.Context) {
return
}
// get the token and verify the hook is authorized
if c.Request.FormValue("access_token") != hash(repo.FullName, repo.Hash) {
log.Errorf("invalid token sent with hook.")
c.AbortWithStatus(403)
return
}
switch {
case repo.UserID == 0:
log.Warnf("ignoring hook. repo %s has no owner.", repo.FullName)

View file

@ -82,12 +82,7 @@ func GetLogin(c *gin.Context) {
u.Secret = login.Secret
u.Email = login.Email
u.Avatar = login.Avatar
// TODO: remove this once gitlab implements setting
// avatar in the remote package, similar to github
if len(u.Avatar) == 0 {
u.Avatar = gravatar.Hash(u.Email)
}
u.Hash = common.GenerateToken()
// insert the user into the database
if err := store.AddUser(u); err != nil {

View file

@ -1,6 +1,8 @@
package server
import (
"crypto/sha256"
"encoding/hex"
"fmt"
"github.com/drone/drone/Godeps/_workspace/src/github.com/gin-gonic/gin"
@ -160,7 +162,6 @@ func DeleteRepo(c *gin.Context) {
//
func PostRepo(c *gin.Context) {
user := ToUser(c)
sess := ToSession(c)
store := ToDatastore(c)
owner := c.Params.ByName("owner")
name := c.Params.ByName("name")
@ -189,21 +190,6 @@ func PostRepo(c *gin.Context) {
return
}
token := &common.Token{}
token.Kind = common.TokenHook
token.Label = r.FullName
tokenstr, err := sess.GenerateToken(token)
if err != nil {
c.Fail(500, err)
return
}
link := fmt.Sprintf(
"%s/api/hook?access_token=%s",
httputil.GetURL(c.Request),
tokenstr,
)
// set the repository owner to the
// currently authenticated user.
r.UserID = user.ID
@ -211,12 +197,19 @@ func PostRepo(c *gin.Context) {
r.Hooks.Push = true
r.Hooks.PullRequest = true
r.Timeout = 60 // 1 hour default build time
r.Hash = common.GenerateToken()
r.Self = fmt.Sprintf(
"%s/%s",
httputil.GetURL(c.Request),
r.FullName,
)
link := fmt.Sprintf(
"%s/api/hook?access_token=%s",
httputil.GetURL(c.Request),
hash(r.FullName, r.Hash),
)
// generate an RSA key and add to the repo
key, err := sshutil.GeneratePrivateKey()
if err != nil {
@ -301,3 +294,9 @@ func perms(remote remote.Remote, u *common.User, r *common.Repo) *common.Perm {
}
return p
}
func hash(text, salt string) string {
hasher := sha256.New()
hasher.Write([]byte(text + salt))
return hex.EncodeToString(hasher.Sum(nil))
}

View file

@ -47,8 +47,8 @@ func createBuild(db buildDB, query string, v *Build) error {
var v10 string
var v11 string
var v12 string
var v13 int
var v14 string
var v13 string
var v14 int
var v15 string
var v16 string
var v17 string
@ -57,6 +57,9 @@ func createBuild(db buildDB, query string, v *Build) error {
var v20 string
var v21 string
var v22 string
var v23 string
var v24 string
var v25 string
v0 = v.RepoID
v1 = v.Number
v2 = v.Status
@ -65,32 +68,34 @@ func createBuild(db buildDB, query string, v *Build) error {
if v.Commit != nil {
v5 = v.Commit.Sha
v6 = v.Commit.Ref
v7 = v.Commit.Branch
v8 = v.Commit.Message
v9 = v.Commit.Timestamp
v10 = v.Commit.Remote
v7 = v.Commit.Link
v8 = v.Commit.Branch
v9 = v.Commit.Message
v10 = v.Commit.Timestamp
v11 = v.Commit.Remote
if v.Commit.Author != nil {
v11 = v.Commit.Author.Login
v12 = v.Commit.Author.Email
v12 = v.Commit.Author.Login
v13 = v.Commit.Author.Email
}
}
if v.PullRequest != nil {
v13 = v.PullRequest.Number
v14 = v.PullRequest.Title
v14 = v.PullRequest.Number
v15 = v.PullRequest.Title
v16 = v.PullRequest.Link
if v.PullRequest.Base != nil {
v15 = v.PullRequest.Base.Sha
v16 = v.PullRequest.Base.Ref
v17 = v.PullRequest.Base.Branch
v18 = v.PullRequest.Base.Message
v19 = v.PullRequest.Base.Timestamp
v20 = v.PullRequest.Base.Remote
v17 = v.PullRequest.Base.Sha
v18 = v.PullRequest.Base.Ref
v19 = v.PullRequest.Base.Link
v20 = v.PullRequest.Base.Branch
v21 = v.PullRequest.Base.Message
v22 = v.PullRequest.Base.Timestamp
v23 = v.PullRequest.Base.Remote
if v.PullRequest.Base.Author != nil {
v21 = v.PullRequest.Base.Author.Login
v22 = v.PullRequest.Base.Author.Email
v24 = v.PullRequest.Base.Author.Login
v25 = v.PullRequest.Base.Author.Email
}
}
}
res, err := db.Exec(query,
&v0,
&v1,
@ -115,6 +120,9 @@ func createBuild(db buildDB, query string, v *Build) error {
&v20,
&v21,
&v22,
&v23,
&v24,
&v25,
)
if err != nil {
return err
@ -139,8 +147,8 @@ func updateBuild(db buildDB, query string, v *Build) error {
var v11 string
var v12 string
var v13 string
var v14 int
var v15 string
var v14 string
var v15 int
var v16 string
var v17 string
var v18 string
@ -149,6 +157,9 @@ func updateBuild(db buildDB, query string, v *Build) error {
var v21 string
var v22 string
var v23 string
var v24 string
var v25 string
var v26 string
v0 = v.ID
v1 = v.RepoID
v2 = v.Number
@ -158,28 +169,31 @@ func updateBuild(db buildDB, query string, v *Build) error {
if v.Commit != nil {
v6 = v.Commit.Sha
v7 = v.Commit.Ref
v8 = v.Commit.Branch
v9 = v.Commit.Message
v10 = v.Commit.Timestamp
v11 = v.Commit.Remote
v8 = v.Commit.Link
v9 = v.Commit.Branch
v10 = v.Commit.Message
v11 = v.Commit.Timestamp
v12 = v.Commit.Remote
if v.Commit.Author != nil {
v12 = v.Commit.Author.Login
v13 = v.Commit.Author.Email
v13 = v.Commit.Author.Login
v14 = v.Commit.Author.Email
}
}
if v.PullRequest != nil {
v14 = v.PullRequest.Number
v15 = v.PullRequest.Title
v15 = v.PullRequest.Number
v16 = v.PullRequest.Title
v17 = v.PullRequest.Link
if v.PullRequest.Base != nil {
v16 = v.PullRequest.Base.Sha
v17 = v.PullRequest.Base.Ref
v18 = v.PullRequest.Base.Branch
v19 = v.PullRequest.Base.Message
v20 = v.PullRequest.Base.Timestamp
v21 = v.PullRequest.Base.Remote
v18 = v.PullRequest.Base.Sha
v19 = v.PullRequest.Base.Ref
v20 = v.PullRequest.Base.Link
v21 = v.PullRequest.Base.Branch
v22 = v.PullRequest.Base.Message
v23 = v.PullRequest.Base.Timestamp
v24 = v.PullRequest.Base.Remote
if v.PullRequest.Base.Author != nil {
v22 = v.PullRequest.Base.Author.Login
v23 = v.PullRequest.Base.Author.Email
v25 = v.PullRequest.Base.Author.Login
v26 = v.PullRequest.Base.Author.Email
}
}
}
@ -208,6 +222,9 @@ func updateBuild(db buildDB, query string, v *Build) error {
&v21,
&v22,
&v23,
&v24,
&v25,
&v26,
&v0,
)
return err
@ -228,8 +245,8 @@ func scanBuild(row *sql.Row) (*Build, error) {
var v11 string
var v12 string
var v13 string
var v14 int
var v15 string
var v14 string
var v15 int
var v16 string
var v17 string
var v18 string
@ -238,6 +255,9 @@ func scanBuild(row *sql.Row) (*Build, error) {
var v21 string
var v22 string
var v23 string
var v24 string
var v25 string
var v26 string
err := row.Scan(
&v0,
@ -264,6 +284,9 @@ func scanBuild(row *sql.Row) (*Build, error) {
&v21,
&v22,
&v23,
&v24,
&v25,
&v26,
)
if err != nil {
return nil, err
@ -279,26 +302,29 @@ func scanBuild(row *sql.Row) (*Build, error) {
v.Commit = &Commit{}
v.Commit.Sha = v6
v.Commit.Ref = v7
v.Commit.Branch = v8
v.Commit.Message = v9
v.Commit.Timestamp = v10
v.Commit.Remote = v11
v.Commit.Link = v8
v.Commit.Branch = v9
v.Commit.Message = v10
v.Commit.Timestamp = v11
v.Commit.Remote = v12
v.Commit.Author = &Author{}
v.Commit.Author.Login = v12
v.Commit.Author.Email = v13
v.Commit.Author.Login = v13
v.Commit.Author.Email = v14
v.PullRequest = &PullRequest{}
v.PullRequest.Number = v14
v.PullRequest.Title = v15
v.PullRequest.Number = v15
v.PullRequest.Title = v16
v.PullRequest.Link = v17
v.PullRequest.Base = &Commit{}
v.PullRequest.Base.Sha = v16
v.PullRequest.Base.Ref = v17
v.PullRequest.Base.Branch = v18
v.PullRequest.Base.Message = v19
v.PullRequest.Base.Timestamp = v20
v.PullRequest.Base.Remote = v21
v.PullRequest.Base.Sha = v18
v.PullRequest.Base.Ref = v19
v.PullRequest.Base.Link = v20
v.PullRequest.Base.Branch = v21
v.PullRequest.Base.Message = v22
v.PullRequest.Base.Timestamp = v23
v.PullRequest.Base.Remote = v24
v.PullRequest.Base.Author = &Author{}
v.PullRequest.Base.Author.Login = v22
v.PullRequest.Base.Author.Email = v23
v.PullRequest.Base.Author.Login = v25
v.PullRequest.Base.Author.Email = v26
return v, nil
}
@ -321,8 +347,8 @@ func scanBuilds(rows *sql.Rows) ([]*Build, error) {
var v11 string
var v12 string
var v13 string
var v14 int
var v15 string
var v14 string
var v15 int
var v16 string
var v17 string
var v18 string
@ -331,6 +357,9 @@ func scanBuilds(rows *sql.Rows) ([]*Build, error) {
var v21 string
var v22 string
var v23 string
var v24 string
var v25 string
var v26 string
err = rows.Scan(
&v0,
&v1,
@ -356,6 +385,9 @@ func scanBuilds(rows *sql.Rows) ([]*Build, error) {
&v21,
&v22,
&v23,
&v24,
&v25,
&v26,
)
if err != nil {
return vv, err
@ -371,26 +403,29 @@ func scanBuilds(rows *sql.Rows) ([]*Build, error) {
v.Commit = &Commit{}
v.Commit.Sha = v6
v.Commit.Ref = v7
v.Commit.Branch = v8
v.Commit.Message = v9
v.Commit.Timestamp = v10
v.Commit.Remote = v11
v.Commit.Link = v8
v.Commit.Branch = v9
v.Commit.Message = v10
v.Commit.Timestamp = v11
v.Commit.Remote = v12
v.Commit.Author = &Author{}
v.Commit.Author.Login = v12
v.Commit.Author.Email = v13
v.Commit.Author.Login = v13
v.Commit.Author.Email = v14
v.PullRequest = &PullRequest{}
v.PullRequest.Number = v14
v.PullRequest.Title = v15
v.PullRequest.Number = v15
v.PullRequest.Title = v16
v.PullRequest.Link = v17
v.PullRequest.Base = &Commit{}
v.PullRequest.Base.Sha = v16
v.PullRequest.Base.Ref = v17
v.PullRequest.Base.Branch = v18
v.PullRequest.Base.Message = v19
v.PullRequest.Base.Timestamp = v20
v.PullRequest.Base.Remote = v21
v.PullRequest.Base.Sha = v18
v.PullRequest.Base.Ref = v19
v.PullRequest.Base.Link = v20
v.PullRequest.Base.Branch = v21
v.PullRequest.Base.Message = v22
v.PullRequest.Base.Timestamp = v23
v.PullRequest.Base.Remote = v24
v.PullRequest.Base.Author = &Author{}
v.PullRequest.Base.Author.Login = v22
v.PullRequest.Base.Author.Email = v23
v.PullRequest.Base.Author.Login = v25
v.PullRequest.Base.Author.Email = v26
vv = append(vv, v)
}
return vv, rows.Err()
@ -406,6 +441,7 @@ SELECT
,build_finished
,build_commit_sha
,build_commit_ref
,build_commit_link
,build_commit_branch
,build_commit_message
,build_commit_timestamp
@ -414,8 +450,10 @@ SELECT
,build_commit_author_email
,build_pull_request_number
,build_pull_request_title
,build_pull_request_link
,build_pull_request_base_sha
,build_pull_request_base_ref
,build_pull_request_base_link
,build_pull_request_base_branch
,build_pull_request_base_message
,build_pull_request_base_timestamp
@ -435,6 +473,7 @@ SELECT
,build_finished
,build_commit_sha
,build_commit_ref
,build_commit_link
,build_commit_branch
,build_commit_message
,build_commit_timestamp
@ -443,8 +482,10 @@ SELECT
,build_commit_author_email
,build_pull_request_number
,build_pull_request_title
,build_pull_request_link
,build_pull_request_base_sha
,build_pull_request_base_ref
,build_pull_request_base_link
,build_pull_request_base_branch
,build_pull_request_base_message
,build_pull_request_base_timestamp
@ -465,6 +506,7 @@ SELECT
,build_finished
,build_commit_sha
,build_commit_ref
,build_commit_link
,build_commit_branch
,build_commit_message
,build_commit_timestamp
@ -473,8 +515,10 @@ SELECT
,build_commit_author_email
,build_pull_request_number
,build_pull_request_title
,build_pull_request_link
,build_pull_request_base_sha
,build_pull_request_base_ref
,build_pull_request_base_link
,build_pull_request_base_branch
,build_pull_request_base_message
,build_pull_request_base_timestamp
@ -495,6 +539,7 @@ SELECT
,build_finished
,build_commit_sha
,build_commit_ref
,build_commit_link
,build_commit_branch
,build_commit_message
,build_commit_timestamp
@ -503,8 +548,10 @@ SELECT
,build_commit_author_email
,build_pull_request_number
,build_pull_request_title
,build_pull_request_link
,build_pull_request_base_sha
,build_pull_request_base_ref
,build_pull_request_base_link
,build_pull_request_base_branch
,build_pull_request_base_message
,build_pull_request_base_timestamp
@ -525,6 +572,7 @@ SELECT
,build_finished
,build_commit_sha
,build_commit_ref
,build_commit_link
,build_commit_branch
,build_commit_message
,build_commit_timestamp
@ -533,8 +581,10 @@ SELECT
,build_commit_author_email
,build_pull_request_number
,build_pull_request_title
,build_pull_request_link
,build_pull_request_base_sha
,build_pull_request_base_ref
,build_pull_request_base_link
,build_pull_request_base_branch
,build_pull_request_base_message
,build_pull_request_base_timestamp
@ -556,6 +606,7 @@ SELECT
,build_finished
,build_commit_sha
,build_commit_ref
,build_commit_link
,build_commit_branch
,build_commit_message
,build_commit_timestamp
@ -564,8 +615,10 @@ SELECT
,build_commit_author_email
,build_pull_request_number
,build_pull_request_title
,build_pull_request_link
,build_pull_request_base_sha
,build_pull_request_base_ref
,build_pull_request_base_link
,build_pull_request_base_branch
,build_pull_request_base_message
,build_pull_request_base_timestamp
@ -591,6 +644,7 @@ INSERT INTO builds (
,build_finished
,build_commit_sha
,build_commit_ref
,build_commit_link
,build_commit_branch
,build_commit_message
,build_commit_timestamp
@ -599,15 +653,17 @@ INSERT INTO builds (
,build_commit_author_email
,build_pull_request_number
,build_pull_request_title
,build_pull_request_link
,build_pull_request_base_sha
,build_pull_request_base_ref
,build_pull_request_base_link
,build_pull_request_base_branch
,build_pull_request_base_message
,build_pull_request_base_timestamp
,build_pull_request_base_remote
,build_pull_request_base_author_login
,build_pull_request_base_author_email
) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);
) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);
`
const stmtBuildUpdate = `
@ -619,6 +675,7 @@ UPDATE builds SET
,build_finished = ?
,build_commit_sha = ?
,build_commit_ref = ?
,build_commit_link = ?
,build_commit_branch = ?
,build_commit_message = ?
,build_commit_timestamp = ?
@ -627,8 +684,10 @@ UPDATE builds SET
,build_commit_author_email = ?
,build_pull_request_number = ?
,build_pull_request_title = ?
,build_pull_request_link = ?
,build_pull_request_base_sha = ?
,build_pull_request_base_ref = ?
,build_pull_request_base_link = ?
,build_pull_request_base_branch = ?
,build_pull_request_base_message = ?
,build_pull_request_base_timestamp = ?
@ -645,30 +704,33 @@ WHERE build_id = ?
const stmtBuildTable = `
CREATE TABLE IF NOT EXISTS builds (
build_id INTEGER PRIMARY KEY AUTOINCREMENT
,build_repo_id INTEGER
,build_number INTEGER
,build_status VARCHAR(512)
,build_started INTEGER
,build_finished INTEGER
,build_commit_sha VARCHAR(512)
,build_commit_ref VARCHAR(512)
,build_commit_branch VARCHAR(512)
,build_commit_message VARCHAR(512)
,build_commit_timestamp VARCHAR(512)
,build_commit_remote VARCHAR(512)
,build_commit_author_login VARCHAR(512)
,build_commit_author_email VARCHAR(512)
,build_pull_request_number INTEGER
,build_pull_request_title VARCHAR(512)
,build_pull_request_base_sha VARCHAR(512)
,build_pull_request_base_ref VARCHAR(512)
,build_pull_request_base_branch VARCHAR(512)
,build_pull_request_base_message VARCHAR(512)
,build_pull_request_base_timestamp VARCHAR(512)
,build_pull_request_base_remote VARCHAR(512)
,build_pull_request_base_author_login VARCHAR(512)
,build_pull_request_base_author_email VARCHAR(512)
build_id INTEGER PRIMARY KEY AUTOINCREMENT
,build_repo_id INTEGER
,build_number INTEGER
,build_status VARCHAR
,build_started INTEGER
,build_finished INTEGER
,build_commit_sha VARCHAR
,build_commit_ref VARCHAR
,build_commit_link VARCHAR
,build_commit_branch VARCHAR
,build_commit_message VARCHAR
,build_commit_timestamp VARCHAR
,build_commit_remote VARCHAR
,build_commit_author_login VARCHAR
,build_commit_author_email VARCHAR
,build_pull_request_number INTEGER
,build_pull_request_title VARCHAR
,build_pull_request_link VARCHAR
,build_pull_request_base_sha VARCHAR
,build_pull_request_base_ref VARCHAR
,build_pull_request_base_link VARCHAR
,build_pull_request_base_branch VARCHAR
,build_pull_request_base_message VARCHAR
,build_pull_request_base_timestamp VARCHAR
,build_pull_request_base_remote VARCHAR
,build_pull_request_base_author_login VARCHAR
,build_pull_request_base_author_email VARCHAR
);
`

View file

@ -42,6 +42,7 @@ CREATE TABLE IF NOT EXISTS users (
,user_avatar VARCHAR(255)
,user_admin BOOLEAN
,user_active BOOLEAN
,user_hash VARCHAR(255)
,UNIQUE(user_login)
);
`
@ -67,6 +68,7 @@ CREATE TABLE IF NOT EXISTS repos (
,repo_hooks_push BOOLEAN
,repo_hooks_tags BOOLEAN
,repo_params BLOB
,repo_hash VARCHAR(255)
,UNIQUE(repo_owner, repo_name)
,UNIQUE(repo_full_name)
@ -96,6 +98,7 @@ CREATE TABLE IF NOT EXISTS builds (
,build_finished INTEGER
,build_commit_sha VARCHAR(512)
,build_commit_ref VARCHAR(512)
,build_commit_link VARCHAR(2048)
,build_commit_branch VARCHAR(512)
,build_commit_message VARCHAR(2048)
,build_commit_timestamp VARCHAR(512)
@ -104,8 +107,10 @@ CREATE TABLE IF NOT EXISTS builds (
,build_commit_author_email VARCHAR(512)
,build_pull_request_number INTEGER
,build_pull_request_title VARCHAR(512)
,build_pull_request_link VARCHAR(2048)
,build_pull_request_base_sha VARCHAR(512)
,build_pull_request_base_ref VARCHAR(512)
,build_pull_request_base_link VARCHAR(2048)
,build_pull_request_base_branch VARCHAR(512)
,build_pull_request_base_message VARCHAR(2048)
,build_pull_request_base_timestamp VARCHAR(512)

View file

@ -71,6 +71,7 @@ SELECT
,repo_hooks_push
,repo_hooks_tags
,repo_params
,repo_hash
FROM
repos r
,stars s

View file

@ -52,6 +52,7 @@ func createRepo(db repoDB, query string, v *Repo) error {
var v15 bool
var v16 bool
var v17 []byte
var v18 string
v0 = v.UserID
v1 = v.Owner
v2 = v.Name
@ -74,6 +75,7 @@ func createRepo(db repoDB, query string, v *Repo) error {
v16 = v.Hooks.Tags
}
v17, _ = json.Marshal(v.Params)
v18 = v.Hash
res, err := db.Exec(query,
&v0,
@ -94,6 +96,7 @@ func createRepo(db repoDB, query string, v *Repo) error {
&v15,
&v16,
&v17,
&v18,
)
if err != nil {
return err
@ -123,6 +126,7 @@ func updateRepo(db repoDB, query string, v *Repo) error {
var v16 bool
var v17 bool
var v18 []byte
var v19 string
v0 = v.ID
v1 = v.UserID
v2 = v.Owner
@ -146,6 +150,7 @@ func updateRepo(db repoDB, query string, v *Repo) error {
v17 = v.Hooks.Tags
}
v18, _ = json.Marshal(v.Params)
v19 = v.Hash
_, err := db.Exec(query,
&v1,
@ -166,6 +171,7 @@ func updateRepo(db repoDB, query string, v *Repo) error {
&v16,
&v17,
&v18,
&v19,
&v0,
)
return err
@ -191,6 +197,7 @@ func scanRepo(row *sql.Row) (*Repo, error) {
var v16 bool
var v17 bool
var v18 []byte
var v19 string
err := row.Scan(
&v0,
@ -212,6 +219,7 @@ func scanRepo(row *sql.Row) (*Repo, error) {
&v16,
&v17,
&v18,
&v19,
)
if err != nil {
return nil, err
@ -239,6 +247,7 @@ func scanRepo(row *sql.Row) (*Repo, error) {
v.Hooks.Push = v16
v.Hooks.Tags = v17
json.Unmarshal(v18, &v.Params)
v.Hash = v19
return v, nil
}
@ -266,6 +275,7 @@ func scanRepos(rows *sql.Rows) ([]*Repo, error) {
var v16 bool
var v17 bool
var v18 []byte
var v19 string
err = rows.Scan(
&v0,
&v1,
@ -286,6 +296,7 @@ func scanRepos(rows *sql.Rows) ([]*Repo, error) {
&v16,
&v17,
&v18,
&v19,
)
if err != nil {
return vv, err
@ -313,6 +324,7 @@ func scanRepos(rows *sql.Rows) ([]*Repo, error) {
v.Hooks.Push = v16
v.Hooks.Tags = v17
json.Unmarshal(v18, &v.Params)
v.Hash = v19
vv = append(vv, v)
}
return vv, rows.Err()
@ -339,6 +351,7 @@ SELECT
,repo_hooks_push
,repo_hooks_tags
,repo_params
,repo_hash
FROM repos
`
@ -363,6 +376,7 @@ SELECT
,repo_hooks_push
,repo_hooks_tags
,repo_params
,repo_hash
FROM repos
LIMIT ? OFFSET ?
`
@ -388,10 +402,37 @@ SELECT
,repo_hooks_push
,repo_hooks_tags
,repo_params
,repo_hash
FROM repos
WHERE repo_id = ?
`
const stmtRepoSelectRepoFullName = `
SELECT
repo_id
,repo_user_id
,repo_owner
,repo_name
,repo_full_name
,repo_avatar
,repo_self
,repo_link
,repo_clone
,repo_branch
,repo_private
,repo_trusted
,repo_timeout
,repo_keys_public
,repo_keys_private
,repo_hooks_pull_request
,repo_hooks_push
,repo_hooks_tags
,repo_params
,repo_hash
FROM repos
WHERE repo_full_name = ?
`
const stmtRepoSelectRepoUserId = `
SELECT
repo_id
@ -413,6 +454,7 @@ SELECT
,repo_hooks_push
,repo_hooks_tags
,repo_params
,repo_hash
FROM repos
WHERE repo_user_id = ?
`
@ -438,36 +480,12 @@ SELECT
,repo_hooks_push
,repo_hooks_tags
,repo_params
,repo_hash
FROM repos
WHERE repo_owner = ?
AND repo_name = ?
`
const stmtRepoSelectRepoFullName = `
SELECT
repo_id
,repo_user_id
,repo_owner
,repo_name
,repo_full_name
,repo_avatar
,repo_self
,repo_link
,repo_clone
,repo_branch
,repo_private
,repo_trusted
,repo_timeout
,repo_keys_public
,repo_keys_private
,repo_hooks_pull_request
,repo_hooks_push
,repo_hooks_tags
,repo_params
FROM repos
WHERE repo_full_name = ?
`
const stmtRepoSelectCount = `
SELECT count(1)
FROM repos
@ -493,7 +511,8 @@ INSERT INTO repos (
,repo_hooks_push
,repo_hooks_tags
,repo_params
) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);
,repo_hash
) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?);
`
const stmtRepoUpdate = `
@ -516,6 +535,7 @@ UPDATE repos SET
,repo_hooks_push = ?
,repo_hooks_tags = ?
,repo_params = ?
,repo_hash = ?
WHERE repo_id = ?
`
@ -526,28 +546,33 @@ WHERE repo_id = ?
const stmtRepoTable = `
CREATE TABLE IF NOT EXISTS repos (
repo_id INTEGER PRIMARY KEY AUTOINCREMENT
,repo_user_id INTEGER
,repo_owner VARCHAR
,repo_name VARCHAR
,repo_full_name VARCHAR
,repo_avatar VARCHAR
,repo_self VARCHAR
,repo_link VARCHAR
,repo_clone VARCHAR
,repo_branch VARCHAR
,repo_private BOOLEAN
,repo_trusted BOOLEAN
,repo_timeout INTEGER
,repo_keys_public VARCHAR
,repo_keys_private VARCHAR
,repo_hooks_pull_request BOOLEAN
,repo_hooks_push BOOLEAN
,repo_hooks_tags BOOLEAN
,repo_params BLOB
repo_id INTEGER PRIMARY KEY AUTOINCREMENT
,repo_user_id INTEGER
,repo_owner VARCHAR
,repo_name VARCHAR
,repo_full_name VARCHAR
,repo_avatar VARCHAR
,repo_self VARCHAR
,repo_link VARCHAR
,repo_clone VARCHAR
,repo_branch VARCHAR
,repo_private BOOLEAN
,repo_trusted BOOLEAN
,repo_timeout INTEGER
,repo_keys_public VARCHAR
,repo_keys_private VARCHAR
,repo_hooks_pull_request BOOLEAN
,repo_hooks_push BOOLEAN
,repo_hooks_tags BOOLEAN
,repo_params BLOB
,repo_hash VARCHAR
);
`
const stmtRepoRepoFullNameIndex = `
CREATE UNIQUE INDEX IF NOT EXISTS ux_repo_full_name ON repos (repo_full_name);
`
const stmtRepoRepoUserIdIndex = `
CREATE INDEX IF NOT EXISTS ix_repo_user_id ON repos (repo_user_id);
`
@ -555,7 +580,3 @@ CREATE INDEX IF NOT EXISTS ix_repo_user_id ON repos (repo_user_id);
const stmtRepoRepoOwnerNameIndex = `
CREATE UNIQUE INDEX IF NOT EXISTS ux_repo_owner_name ON repos (repo_owner,repo_name);
`
const stmtRepoRepoFullNameIndex = `
CREATE UNIQUE INDEX IF NOT EXISTS ux_repo_full_name ON repos (repo_full_name);
`

View file

@ -41,6 +41,7 @@ func createUser(db userDB, query string, v *User) error {
var v4 string
var v5 bool
var v6 bool
var v7 string
v0 = v.Login
v1 = v.Token
v2 = v.Secret
@ -48,6 +49,7 @@ func createUser(db userDB, query string, v *User) error {
v4 = v.Avatar
v5 = v.Active
v6 = v.Admin
v7 = v.Hash
res, err := db.Exec(query,
&v0,
@ -57,6 +59,7 @@ func createUser(db userDB, query string, v *User) error {
&v4,
&v5,
&v6,
&v7,
)
if err != nil {
return err
@ -75,6 +78,7 @@ func updateUser(db userDB, query string, v *User) error {
var v5 string
var v6 bool
var v7 bool
var v8 string
v0 = v.ID
v1 = v.Login
v2 = v.Token
@ -83,6 +87,7 @@ func updateUser(db userDB, query string, v *User) error {
v5 = v.Avatar
v6 = v.Active
v7 = v.Admin
v8 = v.Hash
_, err := db.Exec(query,
&v1,
@ -92,6 +97,7 @@ func updateUser(db userDB, query string, v *User) error {
&v5,
&v6,
&v7,
&v8,
&v0,
)
return err
@ -106,6 +112,7 @@ func scanUser(row *sql.Row) (*User, error) {
var v5 string
var v6 bool
var v7 bool
var v8 string
err := row.Scan(
&v0,
@ -116,6 +123,7 @@ func scanUser(row *sql.Row) (*User, error) {
&v5,
&v6,
&v7,
&v8,
)
if err != nil {
return nil, err
@ -130,6 +138,7 @@ func scanUser(row *sql.Row) (*User, error) {
v.Avatar = v5
v.Active = v6
v.Admin = v7
v.Hash = v8
return v, nil
}
@ -146,6 +155,7 @@ func scanUsers(rows *sql.Rows) ([]*User, error) {
var v5 string
var v6 bool
var v7 bool
var v8 string
err = rows.Scan(
&v0,
&v1,
@ -155,6 +165,7 @@ func scanUsers(rows *sql.Rows) ([]*User, error) {
&v5,
&v6,
&v7,
&v8,
)
if err != nil {
return vv, err
@ -169,6 +180,7 @@ func scanUsers(rows *sql.Rows) ([]*User, error) {
v.Avatar = v5
v.Active = v6
v.Admin = v7
v.Hash = v8
vv = append(vv, v)
}
return vv, rows.Err()
@ -184,6 +196,7 @@ SELECT
,user_avatar
,user_active
,user_admin
,user_hash
FROM users
`
@ -197,6 +210,7 @@ SELECT
,user_avatar
,user_active
,user_admin
,user_hash
FROM users
LIMIT ? OFFSET ?
`
@ -211,6 +225,7 @@ SELECT
,user_avatar
,user_active
,user_admin
,user_hash
FROM users
WHERE user_id = ?
`
@ -225,6 +240,7 @@ SELECT
,user_avatar
,user_active
,user_admin
,user_hash
FROM users
WHERE user_login = ?
`
@ -243,7 +259,8 @@ INSERT INTO users (
,user_avatar
,user_active
,user_admin
) VALUES (?,?,?,?,?,?,?);
,user_hash
) VALUES (?,?,?,?,?,?,?,?);
`
const stmtUserUpdate = `
@ -255,6 +272,7 @@ UPDATE users SET
,user_avatar = ?
,user_active = ?
,user_admin = ?
,user_hash = ?
WHERE user_id = ?
`
@ -265,14 +283,15 @@ WHERE user_id = ?
const stmtUserTable = `
CREATE TABLE IF NOT EXISTS users (
user_id INTEGER PRIMARY KEY AUTOINCREMENT
,user_login VARCHAR
,user_token VARCHAR
user_id INTEGER PRIMARY KEY AUTOINCREMENT
,user_login VARCHAR
,user_token VARCHAR
,user_secret VARCHAR
,user_email VARCHAR
,user_email VARCHAR
,user_avatar VARCHAR
,user_active BOOLEAN
,user_admin BOOLEAN
,user_admin BOOLEAN
,user_hash VARCHAR
);
`

View file

@ -26,12 +26,14 @@ type Build struct {
type PullRequest struct {
Number int `json:"number,omitempty"`
Title string `json:"title,omitempty"`
Link string `json:"link,omitempty"`
Base *Commit `json:"base_commit,omitempty"`
}
type Commit struct {
Sha string `json:"sha"`
Ref string `json:"ref"`
Link string `json:"link,omitempty"`
Branch string `json:"branch" sql:"index:ix_commit_branch"`
Message string `json:"message"`
Timestamp string `json:"timestamp,omitempty"`

View file

@ -1,19 +1,19 @@
package types
type Repo struct {
ID int64 `meddler:"repo_id,pk" json:"id"`
UserID int64 `meddler:"repo_user_id" json:"-" sql:"index:ix_repo_user_id"`
Owner string `meddler:"repo_owner" json:"owner" sql:"unique:ux_repo_owner_name"`
Name string `meddler:"repo_name" json:"name" sql:"unique:ux_repo_owner_name"`
FullName string `meddler:"repo_full_name" json:"full_name" sql:"unique:ux_repo_full_name"`
Avatar string `meddler:"repo_avatar" json:"avatar"`
Self string `meddler:"repo_self" json:"self_url"`
Link string `meddler:"repo_link" json:"link_url"`
Clone string `meddler:"repo_clone" json:"clone_url"`
Branch string `meddler:"repo_branch" json:"default_branch"`
Private bool `meddler:"repo_private" json:"private"`
Trusted bool `meddler:"repo_trusted" json:"trusted"`
Timeout int64 `meddler:"repo_timeout" json:"timeout"`
ID int64 `json:"id"`
UserID int64 `json:"-" sql:"index:ix_repo_user_id"`
Owner string `json:"owner" sql:"unique:ux_repo_owner_name"`
Name string `json:"name" sql:"unique:ux_repo_owner_name"`
FullName string `json:"full_name" sql:"unique:ux_repo_full_name"`
Avatar string `json:"avatar"`
Self string `json:"self_url"`
Link string `json:"link_url"`
Clone string `json:"clone_url"`
Branch string `json:"default_branch"`
Private bool `json:"private"`
Trusted bool `json:"trusted"`
Timeout int64 `json:"timeout"`
Keys *Keypair `json:"-"`
Hooks *Hooks `json:"hooks"`
@ -27,29 +27,33 @@ type Repo struct {
// considered secret and are therefore stored external
// to the source code repository inside Drone.
Params map[string]string `json:"-"`
// randomly generated hash used to sign repository
// tokens and encrypt and decrypt private variables.
Hash string `json:"-"`
}
type RepoLite struct {
ID int64 `meddler:"repo_id,pk" json:"id"`
UserID int64 `meddler:"user_id" json:"-"`
Owner string `meddler:"repo_owner" json:"owner"`
Name string `meddler:"repo_name" json:"name"`
FullName string `meddler:"repo_slug" json:"full_name"`
Language string `meddler:"repo_lang" json:"language"`
Private bool `meddler:"repo_private" json:"private"`
Created int64 `meddler:"repo_created" json:"created_at"`
Updated int64 `meddler:"repo_updated" json:"updated_at"`
ID int64 `json:"id"`
UserID int64 `json:"-"`
Owner string `json:"owner"`
Name string `json:"name"`
FullName string `json:"full_name"`
Language string `json:"language"`
Private bool `json:"private"`
Created int64 `json:"created_at"`
Updated int64 `json:"updated_at"`
}
type RepoCommit struct {
ID int64 `meddler:"repo_id,pk" json:"id"`
Owner string `meddler:"repo_owner" json:"owner"`
Name string `meddler:"repo_name" json:"name"`
FullName string `meddler:"repo_full_name" json:"full_name"`
Number int `meddler:"commit_sequence" json:"number"`
State string `meddler:"commit_state" json:"state"`
Started int64 `meddler:"commit_started" json:"started_at"`
Finished int64 `meddler:"commit_finished" json:"finished_at"`
ID int64 `json:"id"`
Owner string `json:"owner"`
Name string `json:"name"`
FullName string `json:"full_name"`
Number int `json:"number"`
State string `json:"state"`
Started int64 `json:"started_at"`
Finished int64 `json:"finished_at"`
}
type Perm struct {

View file

@ -9,4 +9,8 @@ type User struct {
Avatar string `json:"avatar,omitempty"`
Active bool `json:"active,omitempty"`
Admin bool `json:"admin,omitempty"`
// randomly generated hash used to sign user
// session and application tokens.
Hash string `json:"-"`
}