mirror of
https://github.com/woodpecker-ci/woodpecker.git
synced 2024-12-25 01:40:30 +00:00
261 lines
5.1 KiB
Go
261 lines
5.1 KiB
Go
package server
|
|
|
|
import (
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/drone/drone/Godeps/_workspace/src/github.com/gin-gonic/gin"
|
|
|
|
"github.com/drone/drone/pkg/bus"
|
|
"github.com/drone/drone/pkg/queue"
|
|
"github.com/drone/drone/pkg/remote"
|
|
"github.com/drone/drone/pkg/runner"
|
|
"github.com/drone/drone/pkg/store"
|
|
"github.com/drone/drone/pkg/token"
|
|
common "github.com/drone/drone/pkg/types"
|
|
)
|
|
|
|
func SetQueue(q queue.Queue) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
c.Set("queue", q)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func ToQueue(c *gin.Context) queue.Queue {
|
|
v, ok := c.Get("queue")
|
|
if !ok {
|
|
return nil
|
|
}
|
|
return v.(queue.Queue)
|
|
}
|
|
|
|
func SetBus(r bus.Bus) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
c.Set("bus", r)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func ToBus(c *gin.Context) bus.Bus {
|
|
v, ok := c.Get("bus")
|
|
if !ok {
|
|
return nil
|
|
}
|
|
return v.(bus.Bus)
|
|
}
|
|
|
|
func ToRemote(c *gin.Context) remote.Remote {
|
|
v, ok := c.Get("remote")
|
|
if !ok {
|
|
return nil
|
|
}
|
|
return v.(remote.Remote)
|
|
}
|
|
|
|
func SetRemote(r remote.Remote) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
c.Set("remote", r)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func ToRunner(c *gin.Context) runner.Runner {
|
|
v, ok := c.Get("runner")
|
|
if !ok {
|
|
return nil
|
|
}
|
|
return v.(runner.Runner)
|
|
}
|
|
|
|
func SetRunner(r runner.Runner) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
c.Set("runner", r)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func ToPerm(c *gin.Context) *common.Perm {
|
|
v, ok := c.Get("perm")
|
|
if !ok {
|
|
return nil
|
|
}
|
|
return v.(*common.Perm)
|
|
}
|
|
|
|
func ToUser(c *gin.Context) *common.User {
|
|
v, ok := c.Get("user")
|
|
if !ok {
|
|
return nil
|
|
}
|
|
return v.(*common.User)
|
|
}
|
|
|
|
func ToRepo(c *gin.Context) *common.Repo {
|
|
v, ok := c.Get("repo")
|
|
if !ok {
|
|
return nil
|
|
}
|
|
return v.(*common.Repo)
|
|
}
|
|
|
|
func ToDatastore(c *gin.Context) store.Store {
|
|
return c.MustGet("datastore").(store.Store)
|
|
}
|
|
|
|
func SetDatastore(ds store.Store) gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
c.Set("datastore", ds)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func SetUser() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
|
|
var store = ToDatastore(c)
|
|
var user *common.User
|
|
|
|
_, err := token.ParseRequest(c.Request, func(t *token.Token) (string, error) {
|
|
var err error
|
|
user, err = store.UserLogin(t.Text)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
return user.Hash, nil
|
|
})
|
|
|
|
if err == nil && user != nil && user.ID != 0 {
|
|
c.Set("user", user)
|
|
}
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func SetRepo() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
ds := ToDatastore(c)
|
|
u := ToUser(c)
|
|
owner := c.Params.ByName("owner")
|
|
name := c.Params.ByName("name")
|
|
r, err := ds.RepoName(owner, name)
|
|
switch {
|
|
case err != nil && u != nil:
|
|
c.Fail(404, err)
|
|
return
|
|
case err != nil && u == nil:
|
|
c.Fail(401, err)
|
|
return
|
|
}
|
|
c.Set("repo", r)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func SetPerm() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
remote := ToRemote(c)
|
|
user := ToUser(c)
|
|
repo := ToRepo(c)
|
|
perm := perms(remote, user, repo)
|
|
c.Set("perm", perm)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
func MustUser() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
u := ToUser(c)
|
|
if u == nil {
|
|
c.AbortWithStatus(401)
|
|
} else {
|
|
c.Set("user", u)
|
|
c.Next()
|
|
}
|
|
}
|
|
}
|
|
|
|
func MustAdmin() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
u := ToUser(c)
|
|
if u == nil {
|
|
c.AbortWithStatus(401)
|
|
} else if !u.Admin {
|
|
c.AbortWithStatus(403)
|
|
} else {
|
|
c.Set("user", u)
|
|
c.Next()
|
|
}
|
|
}
|
|
}
|
|
|
|
func CheckPull() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
u := ToUser(c)
|
|
m := ToPerm(c)
|
|
|
|
switch {
|
|
case u == nil && m == nil:
|
|
c.AbortWithStatus(401)
|
|
case u == nil && m.Pull == false:
|
|
c.AbortWithStatus(401)
|
|
case u != nil && m.Pull == false:
|
|
c.AbortWithStatus(404)
|
|
default:
|
|
c.Next()
|
|
}
|
|
}
|
|
}
|
|
|
|
func CheckPush() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
switch c.Request.Method {
|
|
case "GET", "OPTIONS":
|
|
c.Next()
|
|
return
|
|
}
|
|
|
|
u := ToUser(c)
|
|
m := ToPerm(c)
|
|
|
|
switch {
|
|
case u == nil && m.Push == false:
|
|
c.AbortWithStatus(401)
|
|
case u != nil && m.Push == false:
|
|
c.AbortWithStatus(404)
|
|
default:
|
|
c.Next()
|
|
}
|
|
}
|
|
}
|
|
|
|
func SetHeaders() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
|
|
c.Writer.Header().Add("Access-Control-Allow-Origin", "*")
|
|
c.Writer.Header().Add("X-Frame-Options", "DENY")
|
|
c.Writer.Header().Add("X-Content-Type-Options", "nosniff")
|
|
c.Writer.Header().Add("X-XSS-Protection", "1; mode=block")
|
|
c.Writer.Header().Add("Cache-Control", "no-cache")
|
|
c.Writer.Header().Add("Cache-Control", "no-store")
|
|
c.Writer.Header().Add("Cache-Control", "max-age=0")
|
|
c.Writer.Header().Add("Cache-Control", "must-revalidate")
|
|
c.Writer.Header().Add("Cache-Control", "value")
|
|
c.Writer.Header().Set("Last-Modified", time.Now().UTC().Format(http.TimeFormat))
|
|
c.Writer.Header().Set("Expires", "Thu, 01 Jan 1970 00:00:00 GMT")
|
|
if c.Request.TLS != nil {
|
|
c.Writer.Header().Add("Strict-Transport-Security", "max-age=31536000")
|
|
}
|
|
|
|
if c.Request.Method == "OPTIONS" {
|
|
c.Writer.Header().Set("Access-Control-Allow-Methods", "GET,POST,PUT,PATCH,DELETE,OPTIONS")
|
|
c.Writer.Header().Set("Access-Control-Allow-Headers", "Authorization")
|
|
c.Writer.Header().Set("Allow", "HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS")
|
|
c.Writer.Header().Set("Content-Type", "application/json")
|
|
c.Writer.WriteHeader(200)
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|