Add 403 and 501 pages
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"net/http"
)
func errorPage404(w http.ResponseWriter, params map[string]any) {
w.WriteHeader(http.StatusNotFound)
_ = templates.ExecuteTemplate(w, "404", params)
}
func errorPage400(w http.ResponseWriter, params map[string]any, msg string) {
w.WriteHeader(http.StatusBadRequest)
params["complete_error_msg"] = msg
_ = templates.ExecuteTemplate(w, "400", params)
}
func errorPage403(w http.ResponseWriter, params map[string]any, msg string) {
w.WriteHeader(http.StatusForbidden)
params["complete_error_msg"] = msg
_ = templates.ExecuteTemplate(w, "403", params)
}
func errorPage451(w http.ResponseWriter, params map[string]any, msg string) {
w.WriteHeader(http.StatusUnavailableForLegalReasons)
params["complete_error_msg"] = msg
_ = templates.ExecuteTemplate(w, "451", params)
}
func errorPage500(w http.ResponseWriter, params map[string]any, msg string) {
w.WriteHeader(http.StatusInternalServerError)
params["complete_error_msg"] = msg
_ = templates.ExecuteTemplate(w, "500", params)
}
func errorPage501(w http.ResponseWriter, params map[string]any) {
w.WriteHeader(http.StatusNotImplemented)
_ = templates.ExecuteTemplate(w, "501", params)
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"errors"
"net/http"
"path/filepath"
"strconv"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgtype"
)
func httpHandleGroupIndex(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var groupPath []string
var repos []nameDesc
var subgroups []nameDesc
var err error
var groupID int
var groupDesc string
groupPath = params["group_path"].([]string)
// The group itself
err = database.QueryRow(request.Context(), `
WITH RECURSIVE group_path_cte AS (
SELECT
id,
parent_group,
name,
1 AS depth
FROM groups
WHERE name = ($1::text[])[1]
AND parent_group IS NULL
UNION ALL
SELECT
g.id,
g.parent_group,
g.name,
group_path_cte.depth + 1
FROM groups g
JOIN group_path_cte ON g.parent_group = group_path_cte.id
WHERE g.name = ($1::text[])[group_path_cte.depth + 1]
AND group_path_cte.depth + 1 <= cardinality($1::text[])
)
SELECT c.id, COALESCE(g.description, '')
FROM group_path_cte c
JOIN groups g ON g.id = c.id
WHERE c.depth = cardinality($1::text[])
`,
pgtype.FlatArray[string](groupPath),
).Scan(&groupID, &groupDesc)
if errors.Is(err, pgx.ErrNoRows) {
errorPage404(writer, params)
return
} else if err != nil {
errorPage500(writer, params, "Error getting group: "+err.Error())
return
}
// ACL
var count int
err = database.QueryRow(request.Context(), `
SELECT COUNT(*)
FROM user_group_roles
WHERE user_id = $1
AND group_id = $2
`, params["user_id"].(int), groupID).Scan(&count)
if err != nil {
errorPage500(writer, params, "Error checking access: "+err.Error())
return
}
directAccess := (count > 0)
if request.Method == http.MethodPost {
if !directAccess {
http.Error(writer, "You do not have direct access to this group", http.StatusForbidden)
errorPage403(writer, params, "You do not have direct access to this group")
return
}
repoName := request.FormValue("repo_name")
repoDesc := request.FormValue("repo_desc")
contribReq := request.FormValue("repo_contrib")
if repoName == "" {
http.Error(writer, "Repo name is required", http.StatusBadRequest)
errorPage400(writer, params, "Repo name is required")
return
}
var newRepoID int
err := database.QueryRow(
request.Context(),
`INSERT INTO repos (name, description, group_id, contrib_requirements)
VALUES ($1, $2, $3, $4)
RETURNING id`,
repoName,
repoDesc,
groupID,
contribReq,
).Scan(&newRepoID)
if err != nil {
errorPage500(writer, params, "Error creating repo: "+err.Error())
return
}
filePath := filepath.Join(config.Git.RepoDir, strconv.Itoa(newRepoID)+".git")
_, err = database.Exec(
request.Context(),
`UPDATE repos
SET filesystem_path = $1
WHERE id = $2`,
filePath,
newRepoID,
)
if err != nil {
errorPage500(writer, params, "Error updating repo path: "+err.Error())
return
}
if err = gitInit(filePath); err != nil {
errorPage500(writer, params, "Error initializing repo: "+err.Error())
return
}
redirectUnconditionally(writer, request)
return
}
// Repos
var rows pgx.Rows
rows, err = database.Query(request.Context(), `
SELECT name, COALESCE(description, '')
FROM repos
WHERE group_id = $1
`, groupID)
if err != nil {
errorPage500(writer, params, "Error getting repos: "+err.Error())
return
}
defer rows.Close()
for rows.Next() {
var name, description string
if err = rows.Scan(&name, &description); err != nil {
errorPage500(writer, params, "Error getting repos: "+err.Error())
return
}
repos = append(repos, nameDesc{name, description})
}
if err = rows.Err(); err != nil {
errorPage500(writer, params, "Error getting repos: "+err.Error())
return
}
// Subgroups
rows, err = database.Query(request.Context(), `
SELECT name, COALESCE(description, '')
FROM groups
WHERE parent_group = $1
`, groupID)
if err != nil {
errorPage500(writer, params, "Error getting subgroups: "+err.Error())
return
}
defer rows.Close()
for rows.Next() {
var name, description string
if err = rows.Scan(&name, &description); err != nil {
errorPage500(writer, params, "Error getting subgroups: "+err.Error())
return
}
subgroups = append(subgroups, nameDesc{name, description})
}
if err = rows.Err(); err != nil {
errorPage500(writer, params, "Error getting subgroups: "+err.Error())
return
}
params["repos"] = repos
params["subgroups"] = subgroups
params["description"] = groupDesc
params["direct_access"] = directAccess
renderTemplate(writer, "group", params)
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"net/http"
"strconv"
"github.com/go-git/go-git/v5"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/object"
)
func httpHandleRepoContribOne(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var mrIDStr string
var mrIDInt int
var err error
var title, status, srcRefStr, dstBranchStr string
var repo *git.Repository
var srcRefHash plumbing.Hash
var dstBranchHash plumbing.Hash
var srcCommit, dstCommit, mergeBaseCommit *object.Commit
var mergeBases []*object.Commit
mrIDStr = params["mr_id"].(string)
mrIDInt64, err := strconv.ParseInt(mrIDStr, 10, strconv.IntSize)
if err != nil {
http.Error(writer, "Merge request ID not an integer: "+err.Error(), http.StatusBadRequest)
errorPage400(writer, params, "Merge request ID not an integer")
return
}
mrIDInt = int(mrIDInt64)
if err = database.QueryRow(request.Context(),
"SELECT COALESCE(title, ''), status, source_ref, COALESCE(destination_branch, '') FROM merge_requests WHERE id = $1",
mrIDInt,
).Scan(&title, &status, &srcRefStr, &dstBranchStr); err != nil {
errorPage500(writer, params, "Error querying merge request: "+err.Error())
return
}
repo = params["repo"].(*git.Repository)
if srcRefHash, err = getRefHash(repo, "branch", srcRefStr); err != nil {
errorPage500(writer, params, "Error getting source ref hash: "+err.Error())
return
}
if srcCommit, err = repo.CommitObject(srcRefHash); err != nil {
errorPage500(writer, params, "Error getting source commit: "+err.Error())
return
}
params["source_commit"] = srcCommit
if dstBranchStr == "" {
dstBranchStr = "HEAD"
dstBranchHash, err = getRefHash(repo, "", "")
} else {
dstBranchHash, err = getRefHash(repo, "branch", dstBranchStr)
}
if err != nil {
errorPage500(writer, params, "Error getting destination branch hash: "+err.Error())
return
}
if dstCommit, err = repo.CommitObject(dstBranchHash); err != nil {
errorPage500(writer, params, "Error getting destination commit: "+err.Error())
return
}
params["destination_commit"] = dstCommit
if mergeBases, err = srcCommit.MergeBase(dstCommit); err != nil {
errorPage500(writer, params, "Error getting merge base: "+err.Error())
return
}
mergeBaseCommit = mergeBases[0]
params["merge_base"] = mergeBaseCommit
patch, err := mergeBaseCommit.Patch(srcCommit)
if err != nil {
errorPage500(writer, params, "Error getting patch: "+err.Error())
return
}
params["file_patches"] = makeUsableFilePatches(patch)
params["mr_title"], params["mr_status"], params["mr_source_ref"], params["mr_destination_branch"] = title, status, srcRefStr, dstBranchStr
renderTemplate(writer, "repo_contrib_one", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "net/http" )
func httpHandleUsers(writer http.ResponseWriter, _ *http.Request, _ map[string]any) {
http.Error(writer, "Not implemented", http.StatusNotImplemented)
func httpHandleUsers(writer http.ResponseWriter, _ *http.Request, params map[string]any) {
errorPage501(writer, params)
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"errors"
"net/http"
"strconv"
"strings"
"github.com/jackc/pgx/v5"
"go.lindenii.runxiyu.org/lindenii-common/clog"
)
type forgeHTTPRouter struct{}
func (router *forgeHTTPRouter) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
var remoteAddr string
if config.HTTP.ReverseProxy {
remoteAddrs, ok := request.Header["X-Forwarded-For"]
if ok && len(remoteAddrs) == 1 {
remoteAddr = remoteAddrs[0]
} else {
remoteAddr = request.RemoteAddr
}
} else {
remoteAddr = request.RemoteAddr
}
clog.Info("Incoming HTTP: " + remoteAddr + " " + request.Method + " " + request.RequestURI)
var segments []string
var err error
var sepIndex int
params := make(map[string]any)
if segments, _, err = parseReqURI(request.RequestURI); err != nil {
http.Error(writer, err.Error(), http.StatusBadRequest)
errorPage400(writer, params, "Error parsing request URI: "+err.Error())
return
}
dirMode := false
if segments[len(segments)-1] == "" {
dirMode = true
segments = segments[:len(segments)-1]
}
params["url_segments"] = segments
params["dir_mode"] = dirMode
params["global"] = globalData
var userID int // 0 for none
userID, params["username"], err = getUserFromRequest(request)
params["user_id"] = userID
if err != nil && !errors.Is(err, http.ErrNoCookie) && !errors.Is(err, pgx.ErrNoRows) {
errorPage500(writer, params, "Error getting user info from request: "+err.Error())
return
}
if userID == 0 {
params["user_id_string"] = ""
} else {
params["user_id_string"] = strconv.Itoa(userID)
}
if len(segments) == 0 {
httpHandleIndex(writer, request, params)
return
}
if segments[0] == ":" {
if len(segments) < 2 {
errorPage404(writer, params)
return
} else if len(segments) == 2 && redirectDir(writer, request) {
return
}
switch segments[1] {
case "static":
staticHandler.ServeHTTP(writer, request)
return
case "source":
sourceHandler.ServeHTTP(writer, request)
return
}
}
if segments[0] == ":" {
switch segments[1] {
case "login":
httpHandleLogin(writer, request, params)
return
case "users":
httpHandleUsers(writer, request, params)
return
case "gc":
httpHandleGC(writer, request, params)
return
default:
errorPage404(writer, params)
return
}
}
sepIndex = -1
for i, part := range segments {
if part == ":" {
sepIndex = i
break
}
}
params["separator_index"] = sepIndex
var groupPath []string
var moduleType string
var moduleName string
if sepIndex > 0 {
groupPath = segments[:sepIndex]
} else {
groupPath = segments
}
params["group_path"] = groupPath
switch {
case sepIndex == -1:
if redirectDir(writer, request) {
return
}
httpHandleGroupIndex(writer, request, params)
case len(segments) == sepIndex+1:
errorPage404(writer, params)
return
case len(segments) == sepIndex+2:
errorPage404(writer, params)
return
default:
moduleType = segments[sepIndex+1]
moduleName = segments[sepIndex+2]
switch moduleType {
case "repos":
params["repo_name"] = moduleName
if len(segments) > sepIndex+3 {
switch segments[sepIndex+3] {
case "info":
if err = httpHandleRepoInfo(writer, request, params); err != nil {
errorPage500(writer, params, err.Error())
}
return
case "git-upload-pack":
if err = httpHandleUploadPack(writer, request, params); err != nil {
errorPage500(writer, params, err.Error())
}
return
}
}
if params["ref_type"], params["ref_name"], err = getParamRefTypeName(request); err != nil {
if errors.Is(err, errNoRefSpec) {
params["ref_type"] = ""
} else {
errorPage500(writer, params, "Error querying ref type: "+err.Error())
return
}
}
// TODO: subgroups
if params["repo"], params["repo_description"], params["repo_id"], err = openRepo(request.Context(), groupPath, moduleName); err != nil {
errorPage500(writer, params, "Error opening repo: "+err.Error())
return
}
if len(segments) == sepIndex+3 {
if redirectDir(writer, request) {
return
}
httpHandleRepoIndex(writer, request, params)
return
}
repoFeature := segments[sepIndex+3]
switch repoFeature {
case "tree":
if anyContain(segments[sepIndex+4:], "/") {
errorPage400(writer, params, "Repo tree paths may not contain slashes in any segments")
return
}
if dirMode {
params["rest"] = strings.Join(segments[sepIndex+4:], "/") + "/"
} else {
params["rest"] = strings.Join(segments[sepIndex+4:], "/")
}
if len(segments) < sepIndex+5 && redirectDir(writer, request) {
return
}
httpHandleRepoTree(writer, request, params)
case "raw":
if anyContain(segments[sepIndex+4:], "/") {
errorPage400(writer, params, "Repo tree paths may not contain slashes in any segments")
return
}
if dirMode {
params["rest"] = strings.Join(segments[sepIndex+4:], "/") + "/"
} else {
params["rest"] = strings.Join(segments[sepIndex+4:], "/")
}
if len(segments) < sepIndex+5 && redirectDir(writer, request) {
return
}
httpHandleRepoRaw(writer, request, params)
case "log":
if len(segments) > sepIndex+4 {
http.Error(writer, "Too many parameters", http.StatusBadRequest)
errorPage400(writer, params, "Too many parameters")
return
}
if redirectDir(writer, request) {
return
}
httpHandleRepoLog(writer, request, params)
case "commit":
if redirectNoDir(writer, request) {
return
}
params["commit_id"] = segments[sepIndex+4]
httpHandleRepoCommit(writer, request, params)
case "contrib":
if redirectDir(writer, request) {
return
}
switch len(segments) {
case sepIndex + 4:
httpHandleRepoContribIndex(writer, request, params)
case sepIndex + 5:
params["mr_id"] = segments[sepIndex+4]
httpHandleRepoContribOne(writer, request, params)
default:
http.Error(writer, "Too many parameters", http.StatusBadRequest)
errorPage400(writer, params, "Too many parameters")
} default: errorPage404(writer, params) return } default: errorPage404(writer, params) return } } }
{{/*
SPDX-License-Identifier: AGPL-3.0-only
SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
*/}}
{{- define "403" -}}
<!DOCTYPE html>
<html lang="en">
<head>
{{- template "head_common" . -}}
<title>403 Forbidden – {{ .global.forge_title }}</title>
</head>
<body class="403">
{{- template "header" . -}}
<div class="padding-wrapper complete-error-page">
<h1>403 Forbidden</h1>
<p>{{- .complete_error_msg -}}</p>
<hr />
<address>Lindenii Forge</address>
</div>
<footer>
{{- template "footer" . -}}
</footer>
</body>
</html>
{{- end -}}
{{/*
SPDX-License-Identifier: AGPL-3.0-only
SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
*/}}
{{- define "501" -}}
<!DOCTYPE html>
<html lang="en">
<head>
{{- template "head_common" . -}}
<title>501 Not Implemented – {{ .global.forge_title }}</title>
</head>
<body class="501">
{{- template "header" . -}}
<div class="padding-wrapper complete-error-page">
<h1>501 Not Implemented</h1>
<hr />
<address>Lindenii Forge</address>
</div>
<footer>
{{- template "footer" . -}}
</footer>
</body>
</html>
{{- end -}}