241 lines
6.0 KiB
Go
241 lines
6.0 KiB
Go
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
// Use of this source code is governed by a MIT-style
|
|
// license that can be found in the LICENSE file.
|
|
|
|
package middleware
|
|
|
|
import (
|
|
"fmt"
|
|
"html/template"
|
|
"io"
|
|
"net/http"
|
|
"path"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/Unknwon/macaron"
|
|
"github.com/macaron-contrib/i18n"
|
|
"github.com/macaron-contrib/session"
|
|
|
|
"github.com/gogits/gogs/models"
|
|
"github.com/gogits/gogs/modules/auth"
|
|
"github.com/gogits/gogs/modules/base"
|
|
"github.com/gogits/gogs/modules/git"
|
|
"github.com/gogits/gogs/modules/log"
|
|
"github.com/gogits/gogs/modules/setting"
|
|
)
|
|
|
|
// Context represents context of a request.
|
|
type Context struct {
|
|
*macaron.Context
|
|
i18n.Locale
|
|
Flash *session.Flash
|
|
Session session.Store
|
|
|
|
User *models.User
|
|
IsSigned bool
|
|
|
|
csrfToken string
|
|
|
|
Repo struct {
|
|
IsOwner bool
|
|
IsTrueOwner bool
|
|
IsWatching bool
|
|
IsBranch bool
|
|
IsTag bool
|
|
IsCommit bool
|
|
HasAccess bool
|
|
Repository *models.Repository
|
|
Owner *models.User
|
|
Commit *git.Commit
|
|
Tag *git.Tag
|
|
GitRepo *git.Repository
|
|
BranchName string
|
|
TagName string
|
|
CommitId string
|
|
RepoLink string
|
|
CloneLink struct {
|
|
SSH string
|
|
HTTPS string
|
|
Git string
|
|
}
|
|
CommitsCount int
|
|
Mirror *models.Mirror
|
|
}
|
|
}
|
|
|
|
// Query querys form parameter.
|
|
func (ctx *Context) Query(name string) string {
|
|
ctx.Req.ParseForm()
|
|
return ctx.Req.Form.Get(name)
|
|
}
|
|
|
|
// func (ctx *Context) Param(name string) string {
|
|
// return ctx.p[name]
|
|
// }
|
|
|
|
// HasError returns true if error occurs in form validation.
|
|
func (ctx *Context) HasApiError() bool {
|
|
hasErr, ok := ctx.Data["HasError"]
|
|
if !ok {
|
|
return false
|
|
}
|
|
return hasErr.(bool)
|
|
}
|
|
|
|
func (ctx *Context) GetErrMsg() string {
|
|
return ctx.Data["ErrorMsg"].(string)
|
|
}
|
|
|
|
// HasError returns true if error occurs in form validation.
|
|
func (ctx *Context) HasError() bool {
|
|
hasErr, ok := ctx.Data["HasError"]
|
|
if !ok {
|
|
return false
|
|
}
|
|
ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
|
|
ctx.Data["Flash"] = ctx.Flash
|
|
return hasErr.(bool)
|
|
}
|
|
|
|
// HTML calls render.HTML underlying but reduce one argument.
|
|
func (ctx *Context) HTML(status int, name base.TplName) {
|
|
ctx.Render.HTML(status, string(name), ctx.Data)
|
|
}
|
|
|
|
// RenderWithErr used for page has form validation but need to prompt error to users.
|
|
func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {
|
|
if form != nil {
|
|
auth.AssignForm(form, ctx.Data)
|
|
}
|
|
ctx.Flash.ErrorMsg = msg
|
|
ctx.Data["Flash"] = ctx.Flash
|
|
ctx.HTML(200, tpl)
|
|
}
|
|
|
|
// Handle handles and logs error by given status.
|
|
func (ctx *Context) Handle(status int, title string, err error) {
|
|
if err != nil {
|
|
log.Error(4, "%s: %v", title, err)
|
|
if macaron.Env != macaron.PROD {
|
|
ctx.Data["ErrorMsg"] = err
|
|
}
|
|
}
|
|
|
|
switch status {
|
|
case 404:
|
|
ctx.Data["Title"] = "Page Not Found"
|
|
case 500:
|
|
ctx.Data["Title"] = "Internal Server Error"
|
|
}
|
|
ctx.HTML(status, base.TplName(fmt.Sprintf("status/%d", status)))
|
|
}
|
|
|
|
func (ctx *Context) CsrfToken() string {
|
|
if len(ctx.csrfToken) > 0 {
|
|
return ctx.csrfToken
|
|
}
|
|
|
|
token := ctx.GetCookie("_csrf")
|
|
if len(token) == 0 {
|
|
token = base.GetRandomString(30)
|
|
ctx.SetCookie("_csrf", token)
|
|
}
|
|
ctx.csrfToken = token
|
|
return token
|
|
}
|
|
|
|
func (ctx *Context) CsrfTokenValid() bool {
|
|
token := ctx.Query("_csrf")
|
|
if token == "" {
|
|
token = ctx.Req.Header.Get("X-Csrf-Token")
|
|
}
|
|
if token == "" {
|
|
return false
|
|
} else if ctx.csrfToken != token {
|
|
return false
|
|
}
|
|
return true
|
|
}
|
|
|
|
func (ctx *Context) ServeFile(file string, names ...string) {
|
|
var name string
|
|
if len(names) > 0 {
|
|
name = names[0]
|
|
} else {
|
|
name = path.Base(file)
|
|
}
|
|
ctx.Resp.Header().Set("Content-Description", "File Transfer")
|
|
ctx.Resp.Header().Set("Content-Type", "application/octet-stream")
|
|
ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)
|
|
ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")
|
|
ctx.Resp.Header().Set("Expires", "0")
|
|
ctx.Resp.Header().Set("Cache-Control", "must-revalidate")
|
|
ctx.Resp.Header().Set("Pragma", "public")
|
|
http.ServeFile(ctx.Resp, ctx.Req, file)
|
|
}
|
|
|
|
func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {
|
|
modtime := time.Now()
|
|
for _, p := range params {
|
|
switch v := p.(type) {
|
|
case time.Time:
|
|
modtime = v
|
|
}
|
|
}
|
|
ctx.Resp.Header().Set("Content-Description", "File Transfer")
|
|
ctx.Resp.Header().Set("Content-Type", "application/octet-stream")
|
|
ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)
|
|
ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")
|
|
ctx.Resp.Header().Set("Expires", "0")
|
|
ctx.Resp.Header().Set("Cache-Control", "must-revalidate")
|
|
ctx.Resp.Header().Set("Pragma", "public")
|
|
http.ServeContent(ctx.Resp, ctx.Req, name, modtime, r)
|
|
}
|
|
|
|
// Contexter initializes a classic context for a request.
|
|
func Contexter() macaron.Handler {
|
|
return func(c *macaron.Context, l i18n.Locale, sess session.Store, f *session.Flash) {
|
|
ctx := &Context{
|
|
Context: c,
|
|
Locale: l,
|
|
Flash: f,
|
|
Session: sess,
|
|
}
|
|
// Cache: setting.Cache,
|
|
|
|
// Compute current URL for real-time change language.
|
|
link := ctx.Req.RequestURI
|
|
i := strings.Index(link, "?")
|
|
if i > -1 {
|
|
link = link[:i]
|
|
}
|
|
ctx.Data["Link"] = link
|
|
|
|
ctx.Data["PageStartTime"] = time.Now()
|
|
|
|
// Get user from session if logined.
|
|
ctx.User = auth.SignedInUser(ctx.Req.Header, ctx.Session)
|
|
if ctx.User != nil {
|
|
ctx.IsSigned = true
|
|
ctx.Data["IsSigned"] = ctx.IsSigned
|
|
ctx.Data["SignedUser"] = ctx.User
|
|
ctx.Data["IsAdmin"] = ctx.User.IsAdmin
|
|
}
|
|
|
|
// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
|
|
if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
|
|
if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
|
|
ctx.Handle(500, "ParseMultipartForm", err)
|
|
return
|
|
}
|
|
}
|
|
|
|
// get or create csrf token
|
|
ctx.Data["CsrfToken"] = ctx.CsrfToken()
|
|
ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + ctx.csrfToken + `">`)
|
|
|
|
c.Map(ctx)
|
|
}
|
|
}
|