woodpecker/plugin/remote/gitlab/gitlab.go
2015-08-10 10:20:58 +03:00

304 lines
7.6 KiB
Go

package gitlab
import (
"crypto/tls"
"fmt"
"io/ioutil"
"net/http"
"net/url"
"strconv"
"strings"
"time"
"code.google.com/p/goauth2/oauth"
"github.com/Bugagazavr/go-gitlab-client"
"github.com/drone/drone/shared/httputil"
"github.com/drone/drone/shared/model"
)
type Gitlab struct {
url string
SkipVerify bool
Open bool
Client string
Secret string
}
func New(url string, skipVerify, open bool, client, secret string) *Gitlab {
return &Gitlab{
url: url,
SkipVerify: skipVerify,
Open: open,
Client: client,
Secret: secret,
}
}
// Authorize handles authentication with thrid party remote systems,
// such as github or bitbucket, and returns user data.
func (r *Gitlab) Authorize(res http.ResponseWriter, req *http.Request) (*model.Login, error) {
host := httputil.GetURL(req)
config := NewOauthConfig(r, host)
var code = req.FormValue("code")
var state = req.FormValue("state")
if len(code) == 0 {
var random = GetRandom()
httputil.SetCookie(res, req, "gitlab_state", random)
http.Redirect(res, req, config.AuthCodeURL(random), http.StatusSeeOther)
return nil, nil
}
cookieState := httputil.GetCookie(req, "gitlab_state")
httputil.DelCookie(res, req, "gitlab_state")
if cookieState != state {
return nil, fmt.Errorf("Error matching state in OAuth2 redirect")
}
var trans = &oauth.Transport{
Config: config,
Transport: &http.Transport{
Proxy: http.ProxyFromEnvironment,
TLSClientConfig: &tls.Config{InsecureSkipVerify: r.SkipVerify},
},
}
var token, err = trans.Exchange(code)
if err != nil {
return nil, fmt.Errorf("Error exchanging token. %s", err)
}
var client = NewClient(r.url, token.AccessToken, r.SkipVerify)
var user, errr = client.CurrentUser()
if errr != nil {
return nil, fmt.Errorf("Error retrieving current user. %s", errr)
}
var login = new(model.Login)
login.ID = int64(user.Id)
login.Access = token.AccessToken
login.Secret = token.RefreshToken
login.Login = user.Username
login.Email = user.Email
return login, nil
}
// GetKind returns the identifier of this remote GitHub instane.
func (r *Gitlab) GetKind() string {
return model.RemoteGitlab
}
// GetHost returns the hostname of this remote GitHub instance.
func (r *Gitlab) GetHost() string {
uri, _ := url.Parse(r.url)
return uri.Host
}
// GetRepos fetches all repositories that the specified
// user has access to in the remote system.
func (r *Gitlab) GetRepos(user *model.User) ([]*model.Repo, error) {
var repos []*model.Repo
var client = NewClient(r.url, user.Access, r.SkipVerify)
var list, err = client.AllProjects()
if err != nil {
return nil, err
}
var remote = r.GetKind()
var hostname = r.GetHost()
for _, item := range list {
var repo = model.Repo{
UserID: user.ID,
Remote: remote,
Host: hostname,
Owner: item.Namespace.Path,
Name: item.Path,
Private: !item.Public,
CloneURL: item.HttpRepoUrl,
GitURL: item.HttpRepoUrl,
SSHURL: item.SshRepoUrl,
URL: item.Url,
Role: &model.Perm{},
}
if repo.Private {
repo.CloneURL = repo.SSHURL
}
// if the user is the owner we can assume full access,
// otherwise check for the permission items.
if repo.Owner == user.Login {
repo.Role = new(model.Perm)
repo.Role.Admin = true
repo.Role.Write = true
repo.Role.Read = true
} else {
// Fetch current project
project, err := client.Project(strconv.Itoa(item.Id))
if err != nil || project.Permissions == nil {
continue
}
repo.Role.Admin = IsAdmin(project)
repo.Role.Write = IsWrite(project)
repo.Role.Read = IsRead(project)
}
repos = append(repos, &repo)
}
return repos, err
}
// GetScript fetches the build script (.drone.yml) from the remote
// repository and returns in string format.
func (r *Gitlab) GetScript(user *model.User, repo *model.Repo, hook *model.Hook) ([]byte, error) {
var client = NewClient(r.url, user.Access, r.SkipVerify)
var path = ns(repo.Owner, repo.Name)
return client.RepoRawFile(path, hook.Sha, ".drone.yml")
}
// Activate activates a repository by adding a Post-commit hook and
// a Public Deploy key, if applicable.
func (r *Gitlab) Activate(user *model.User, repo *model.Repo, link string) error {
var client = NewClient(r.url, user.Access, r.SkipVerify)
var path = ns(repo.Owner, repo.Name)
var title, err = GetKeyTitle(link)
if err != nil {
return err
}
// if the repository is private we'll need
// to upload a github key to the repository
if repo.Private {
var err = client.AddProjectDeployKey(path, title, repo.PublicKey)
if err != nil {
return err
}
}
// append the repo owner / name to the hook url since gitlab
// doesn't send this detail in the post-commit hook
link += "?owner=" + repo.Owner + "&name=" + repo.Name
// add the hook
return client.AddProjectHook(path, link, true, false, true, false)
}
// Deactivate removes a repository by removing all the post-commit hooks
// which are equal to link and removing the SSH deploy key.
func (r *Gitlab) Deactivate(user *model.User, repo *model.Repo, link string) error {
var client = NewClient(r.url, user.Access, r.SkipVerify)
var path = ns(repo.Owner, repo.Name)
keys, err := client.ProjectDeployKeys(path)
if err != nil {
return err
}
var pubkey = strings.TrimSpace(repo.PublicKey)
for _, k := range keys {
if pubkey == strings.TrimSpace(k.Key) {
if err := client.RemoveProjectDeployKey(path, strconv.Itoa(k.Id)); err != nil {
return err
}
break
}
}
hooks, err := client.ProjectHooks(path)
if err != nil {
return err
}
link += "?owner=" + repo.Owner + "&name=" + repo.Name
for _, h := range hooks {
if link == h.Url {
if err := client.RemoveProjectHook(path, strconv.Itoa(h.Id)); err != nil {
return err
}
break
}
}
return nil
}
// ParseHook parses the post-commit hook from the Request body
// and returns the required data in a standard format.
func (r *Gitlab) ParseHook(req *http.Request) (*model.Hook, error) {
defer req.Body.Close()
var payload, _ = ioutil.ReadAll(req.Body)
var parsed, err = gogitlab.ParseHook(payload)
if err != nil {
return nil, err
}
if len(parsed.After) == 0 || parsed.TotalCommitsCount == 0 {
return nil, nil
}
if parsed.ObjectKind == "merge_request" {
// TODO (bradrydzewski) figure out how to handle merge requests
return nil, nil
}
if len(parsed.After) == 0 {
return nil, nil
}
var hook = new(model.Hook)
hook.Owner = req.FormValue("owner")
hook.Repo = req.FormValue("name")
hook.Sha = parsed.After
hook.Branch = parsed.Branch()
var head = parsed.Head()
hook.Message = head.Message
hook.Timestamp = head.Timestamp
// extracts the commit author (ideally email)
// from the post-commit hook
switch {
case head.Author != nil:
hook.Author = head.Author.Email
case head.Author == nil:
hook.Author = parsed.UserName
}
return hook, nil
}
func (r *Gitlab) OpenRegistration() bool {
return r.Open
}
func (r *Gitlab) GetToken(user *model.User) (*model.Token, error) {
expiry := time.Unix(user.TokenExpiry, 0)
if user.TokenExpiry == 0 && len(user.Access) != 0 ||
expiry.Sub(time.Now()) > (60*time.Second) {
return nil, nil
}
t := &oauth.Transport{
Config: NewOauthConfig(r, ""),
Token: &oauth.Token{
AccessToken: user.Access,
RefreshToken: user.Secret,
Expiry: expiry,
},
Transport: &http.Transport{
Proxy: http.ProxyFromEnvironment,
TLSClientConfig: &tls.Config{InsecureSkipVerify: r.SkipVerify},
},
}
if err := t.Refresh(); err != nil {
return nil, err
}
var token = new(model.Token)
token.AccessToken = t.Token.AccessToken
token.RefreshToken = t.Token.RefreshToken
token.Expiry = t.Token.Expiry.Unix()
return token, nil
}