wangwei
/
aiforge
Not watched
1
0
Fork 0
Code
Releases 128 Wiki Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
7198 Commits
197 Branches
346 MB
641 Download
Tree: 48c101affe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '48c101affe'
${ noResults }
aiforge/modules/private/key.go

key.go 3.9 kB
Raw Normal View History

Make gitea serv use api/internal (#4886) * Start to move to internal/private * Add GetPublicKeyByID * Add HasDeployKey * Add private.UpdateDeployKeyUpdated * Add private.GetUserByKeyID * Add private.AccessLevel * Add private.CheckUnitUser * Fix mistakes I made * Some cleaning + moving code to separate files * Fix error handling * Remove useless error handling for setup * lint: fix comment on exported func * fix copyright header * Fix order of args
7 years ago
Fix ssh deploy and user key constraints (#1357) (#5939) 1. A key can either be an ssh user key or a deploy key. It cannot be both. 2. If a key is a user key - it can only be associated with one user. 3. If a key is a deploy key - it can be used in multiple repositories and the permissions it has on those repositories can be different. 4. If a repository is deleted, its deploy keys must be deleted too. We currently don't enforce any of this and multiple repositories access with different permissions doesn't work at all. This PR enforces the following constraints: - [x] You should not be able to add the same user key as another user - [x] You should not be able to add a ssh user key which is being used as a deploy key - [x] You should not be able to add a ssh deploy key which is being used as a user key - [x] If you add an ssh deploy key to another repository you should be able to use it in different modes without losing the ability to use it in the other mode. - [x] If you delete a repository you must delete all its deploy keys. Fix #1357
6 years ago
Make gitea serv use api/internal (#4886) * Start to move to internal/private * Add GetPublicKeyByID * Add HasDeployKey * Add private.UpdateDeployKeyUpdated * Add private.GetUserByKeyID * Add private.AccessLevel * Add private.CheckUnitUser * Fix mistakes I made * Some cleaning + moving code to separate files * Fix error handling * Remove useless error handling for setup * lint: fix comment on exported func * fix copyright header * Fix order of args
7 years ago
 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141 
  1. // Copyright 2018 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package private

  6. 

  7. import (

  8. 	"encoding/json"

  9. 	"fmt"

  10. 

  11. 	"code.gitea.io/gitea/models"

  12. 	"code.gitea.io/gitea/modules/log"

  13. 	"code.gitea.io/gitea/modules/setting"

  14. )

  15. 

  16. // UpdateDeployKeyUpdated update deploy key updates

  17. func UpdateDeployKeyUpdated(keyID int64, repoID int64) error {

  18. 	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/keys/%d/update", repoID, keyID)

  19. 	log.GitLogger.Trace("UpdateDeployKeyUpdated: %s", reqURL)

  20. 

  21. 	resp, err := newInternalRequest(reqURL, "POST").Response()

  22. 	if err != nil {

  23. 		return err

  24. 	}

  25. 

  26. 	defer resp.Body.Close()

  27. 

  28. 	// All 2XX status codes are accepted and others will return an error

  29. 	if resp.StatusCode/100 != 2 {

  30. 		return fmt.Errorf("Failed to update deploy key: %s", decodeJSONError(resp).Err)

  31. 	}

  32. 	return nil

  33. }

  34. 

  35. // GetDeployKey check if repo has deploy key

  36. func GetDeployKey(keyID, repoID int64) (*models.DeployKey, error) {

  37. 	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/keys/%d", repoID, keyID)

  38. 	log.GitLogger.Trace("GetDeployKey: %s", reqURL)

  39. 

  40. 	resp, err := newInternalRequest(reqURL, "GET").Response()

  41. 	if err != nil {

  42. 		return nil, err

  43. 	}

  44. 	defer resp.Body.Close()

  45. 

  46. 	switch resp.StatusCode {

  47. 	case 404:

  48. 		return nil, nil

  49. 	case 200:

  50. 		var dKey models.DeployKey

  51. 		if err := json.NewDecoder(resp.Body).Decode(&dKey); err != nil {

  52. 			return nil, err

  53. 		}

  54. 		return &dKey, nil

  55. 	default:

  56. 		return nil, fmt.Errorf("Failed to get deploy key: %s", decodeJSONError(resp).Err)

  57. 	}

  58. }

  59. 

  60. // HasDeployKey check if repo has deploy key

  61. func HasDeployKey(keyID, repoID int64) (bool, error) {

  62. 	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/repositories/%d/has-keys/%d", repoID, keyID)

  63. 	log.GitLogger.Trace("HasDeployKey: %s", reqURL)

  64. 

  65. 	resp, err := newInternalRequest(reqURL, "GET").Response()

  66. 	if err != nil {

  67. 		return false, err

  68. 	}

  69. 	defer resp.Body.Close()

  70. 

  71. 	if resp.StatusCode == 200 {

  72. 		return true, nil

  73. 	}

  74. 	return false, nil

  75. }

  76. 

  77. // GetPublicKeyByID  get public ssh key by his ID

  78. func GetPublicKeyByID(keyID int64) (*models.PublicKey, error) {

  79. 	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d", keyID)

  80. 	log.GitLogger.Trace("GetPublicKeyByID: %s", reqURL)

  81. 

  82. 	resp, err := newInternalRequest(reqURL, "GET").Response()

  83. 	if err != nil {

  84. 		return nil, err

  85. 	}

  86. 

  87. 	defer resp.Body.Close()

  88. 

  89. 	if resp.StatusCode != 200 {

  90. 		return nil, fmt.Errorf("Failed to get repository: %s", decodeJSONError(resp).Err)

  91. 	}

  92. 

  93. 	var pKey models.PublicKey

  94. 	if err := json.NewDecoder(resp.Body).Decode(&pKey); err != nil {

  95. 		return nil, err

  96. 	}

  97. 	return &pKey, nil

  98. }

  99. 

  100. // GetUserByKeyID get user attached to key

  101. func GetUserByKeyID(keyID int64) (*models.User, error) {

  102. 	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d/user", keyID)

  103. 	log.GitLogger.Trace("GetUserByKeyID: %s", reqURL)

  104. 

  105. 	resp, err := newInternalRequest(reqURL, "GET").Response()

  106. 	if err != nil {

  107. 		return nil, err

  108. 	}

  109. 	defer resp.Body.Close()

  110. 

  111. 	if resp.StatusCode != 200 {

  112. 		return nil, fmt.Errorf("Failed to get user: %s", decodeJSONError(resp).Err)

  113. 	}

  114. 

  115. 	var user models.User

  116. 	if err := json.NewDecoder(resp.Body).Decode(&user); err != nil {

  117. 		return nil, err

  118. 	}

  119. 

  120. 	return &user, nil

  121. }

  122. 

  123. // UpdatePublicKeyUpdated update public key updates

  124. func UpdatePublicKeyUpdated(keyID int64) error {

  125. 	// Ask for running deliver hook and test pull request tasks.

  126. 	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/ssh/%d/update", keyID)

  127. 	log.GitLogger.Trace("UpdatePublicKeyUpdated: %s", reqURL)

  128. 

  129. 	resp, err := newInternalRequest(reqURL, "POST").Response()

  130. 	if err != nil {

  131. 		return err

  132. 	}

  133. 

  134. 	defer resp.Body.Close()

  135. 

  136. 	// All 2XX status codes are accepted and others will return an error

  137. 	if resp.StatusCode/100 != 2 {

  138. 		return fmt.Errorf("Failed to update public key: %s", decodeJSONError(resp).Err)

  139. 	}

  140. 	return nil

  141. }

No Description