Variable name lengths
linters:
enable-all: true
disable:
- tenv
- depguard
- err113 # dynamically defined errors are fine for our purposes
- forcetypeassert # type assertion failures are usually programming errors
- gochecknoglobals # doesn't matter since this isn't a library
- gochecknoinits # we use inits sparingly for good reasons
- godox # they're just used as markers for where needs improvements
- ireturn # doesn't work well with how we use generics
- lll # long lines are acceptable
- mnd # it's a bit ridiculous to replace all of them
- nakedret # patterns should be consistent
- nonamedreturns # i like named returns
- wrapcheck # wrapping all errors is just not necessary
- maintidx # e
- nestif # e
- gocognit # e
- gocyclo # e
- cyclop # e
- goconst # e
- funlen # e
- wsl # e
- nlreturn # e
- wrapcheck # e
- varnamelen # e
issues: max-issues-per-linter: 0 max-same-issues: 0
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"bufio"
"context"
"errors"
"io"
"net/http"
"net/url"
"strings"
"github.com/jackc/pgx/v5"
)
func fedauth(ctx context.Context, userID int, service, remoteUsername, pubkey string) (bool, error) {
var err error
matched := false
usernameEscaped := url.PathEscape(remoteUsername)
var req *http.Request
switch service {
case "sr.ht":
req, err = http.NewRequestWithContext(ctx, http.MethodGet, "https://meta.sr.ht/~"+usernameEscaped+".keys", nil)
case "github":
req, err = http.NewRequestWithContext(ctx, http.MethodGet, "https://github.com/"+usernameEscaped+".keys", nil)
case "codeberg":
req, err = http.NewRequestWithContext(ctx, http.MethodGet, "https://codeberg.org/"+usernameEscaped+".keys", nil)
case "tangled":
req, err = http.NewRequestWithContext(ctx, http.MethodGet, "https://tangled.sh/keys/"+usernameEscaped, nil)
// TODO: Don't rely on one webview
default:
return false, errors.New("unknown federated service")
}
if err != nil {
return false, err
}
resp, err := http.DefaultClient.Do(req)
if err != nil {
return false, err
}
defer func() {
_ = resp.Body.Close()
}()
buf := bufio.NewReader(resp.Body)
for {
line, err := buf.ReadString('\n')
if errors.Is(err, io.EOF) {
break
} else if err != nil {
return false, err
}
lineSplit := strings.Split(line, " ")
if len(lineSplit) < 2 {
continue
}
line = strings.Join(lineSplit[:2], " ")
if line == pubkey {
matched = true
break
}
}
if !matched {
return false, nil
}
var tx pgx.Tx
if tx, err = database.Begin(ctx); err != nil {
var txn pgx.Tx
if txn, err = database.Begin(ctx); err != nil {
return false, err
}
defer func() {
_ = tx.Rollback(ctx)
_ = txn.Rollback(ctx)
}()
if _, err = tx.Exec(ctx, `UPDATE users SET type = 'federated' WHERE id = $1 AND type = 'pubkey_only'`, userID); err != nil {
if _, err = txn.Exec(ctx, `UPDATE users SET type = 'federated' WHERE id = $1 AND type = 'pubkey_only'`, userID); err != nil {
return false, err }
if _, err = tx.Exec(ctx, `INSERT INTO federated_identities (user_id, service, remote_username) VALUES ($1, $2, $3)`, userID, service, remoteUsername); err != nil {
if _, err = txn.Exec(ctx, `INSERT INTO federated_identities (user_id, service, remote_username) VALUES ($1, $2, $3)`, userID, service, remoteUsername); err != nil {
return false, err }
if err = tx.Commit(ctx); err != nil {
if err = txn.Commit(ctx); err != nil {
return false, err } return true, nil }
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"bytes"
"context"
"encoding/binary"
"errors"
"fmt"
"io"
"net"
"os"
"path/filepath"
"strconv"
"strings"
"syscall"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/object"
"github.com/jackc/pgx/v5"
"go.lindenii.runxiyu.org/lindenii-common/ansiec"
"go.lindenii.runxiyu.org/lindenii-common/clog"
)
var (
errGetFD = errors.New("unable to get file descriptor")
errGetUcred = errors.New("failed getsockopt")
)
// hooksHandler handles a connection from hookc via the
// unix socket.
func hooksHandler(conn net.Conn) {
var ctx context.Context
var cancel context.CancelFunc
var ucred *syscall.Ucred
var err error
var cookie []byte
var packPass packPass
var sshStderr io.Writer
var ok bool
var hookRet byte
defer conn.Close()
ctx, cancel = context.WithCancel(context.Background())
defer cancel()
// There aren't reasonable cases where someone would run this as
// another user.
if ucred, err = getUcred(conn); err != nil {
if _, err = conn.Write([]byte{1}); err != nil {
return
}
writeRedError(conn, "\nUnable to get peer credentials: %v", err)
return
}
uint32uid := uint32(os.Getuid()) //#nosec G115
if ucred.Uid != uint32uid {
if _, err = conn.Write([]byte{1}); err != nil {
return
}
writeRedError(conn, "\nUID mismatch")
return
}
cookie = make([]byte, 64)
if _, err = conn.Read(cookie); err != nil {
if _, err = conn.Write([]byte{1}); err != nil {
return
}
writeRedError(conn, "\nFailed to read cookie: %v", err)
return
}
packPass, ok = packPasses.Load(string(cookie))
if !ok {
if _, err = conn.Write([]byte{1}); err != nil {
{
var ok bool
packPass, ok = packPasses.Load(string(cookie))
if !ok {
if _, err = conn.Write([]byte{1}); err != nil {
return
}
writeRedError(conn, "\nInvalid handler cookie")
return }
writeRedError(conn, "\nInvalid handler cookie") return
}
sshStderr = packPass.session.Stderr()
_, _ = sshStderr.Write([]byte{'\n'})
hookRet = func() byte {
var argc64 uint64
if err = binary.Read(conn, binary.NativeEndian, &argc64); err != nil {
writeRedError(sshStderr, "Failed to read argc: %v", err)
return 1
}
var args []string
for range argc64 {
var arg bytes.Buffer
for {
b := make([]byte, 1) n, err := conn.Read(b)
nextByte := make([]byte, 1) n, err := conn.Read(nextByte)
if err != nil || n != 1 {
writeRedError(sshStderr, "Failed to read arg: %v", err)
return 1
}
if b[0] == 0 {
if nextByte[0] == 0 {
break }
arg.WriteByte(b[0])
arg.WriteByte(nextByte[0])
}
args = append(args, arg.String())
}
gitEnv := make(map[string]string)
for {
var envLine bytes.Buffer
for {
b := make([]byte, 1) n, err := conn.Read(b)
nextByte := make([]byte, 1) n, err := conn.Read(nextByte)
if err != nil || n != 1 {
writeRedError(sshStderr, "Failed to read environment variable: %v", err)
return 1
}
if b[0] == 0 {
if nextByte[0] == 0 {
break }
envLine.WriteByte(b[0])
envLine.WriteByte(nextByte[0])
}
if envLine.Len() == 0 {
break
}
kv := envLine.String()
parts := strings.SplitN(kv, "=", 2)
if len(parts) < 2 {
writeRedError(sshStderr, "Invalid environment variable line: %v", kv)
return 1
}
gitEnv[parts[0]] = parts[1]
}
var stdin bytes.Buffer
if _, err = io.Copy(&stdin, conn); err != nil {
writeRedError(conn, "Failed to read to the stdin buffer: %v", err)
}
switch filepath.Base(args[0]) {
case "pre-receive":
if packPass.directAccess {
return 0
}
allOK := true
for {
var line, oldOID, rest, newIOID, refName string
var found bool
var oldHash, newHash plumbing.Hash
var oldCommit, newCommit *object.Commit
var pushOptCount int
pushOptCount, err = strconv.Atoi(gitEnv["GIT_PUSH_OPTION_COUNT"])
if err != nil {
writeRedError(sshStderr, "Failed to parse GIT_PUSH_OPTION_COUNT: %v", err)
return 1
}
// TODO: Allow existing users (even if they are already federated or registered) to add a federated user ID... though perhaps this should be in the normal SSH interface instead of the git push interface?
// Also it'd be nice to be able to combine users or whatever
if packPass.contribReq == "federated" && packPass.userType != "federated" && packPass.userType != "registered" {
if pushOptCount == 0 {
writeRedError(sshStderr, "This repo requires contributors to be either federated or registered users. You must supply your federated user ID as a push option. For example, git push -o fedid=sr.ht:runxiyu")
return 1
}
for i := range pushOptCount {
pushOpt, ok := gitEnv[fmt.Sprintf("GIT_PUSH_OPTION_%d", i)]
for pushOptIndex := range pushOptCount {
pushOpt, ok := gitEnv[fmt.Sprintf("GIT_PUSH_OPTION_%d", pushOptIndex)]
if !ok {
writeRedError(sshStderr, "Failed to get push option %d", i)
writeRedError(sshStderr, "Failed to get push option %d", pushOptIndex)
return 1
}
if strings.HasPrefix(pushOpt, "fedid=") {
fedUserID := strings.TrimPrefix(pushOpt, "fedid=")
service, username, found := strings.Cut(fedUserID, ":")
if !found {
writeRedError(sshStderr, "Invalid federated user identifier %#v does not contain a colon", fedUserID)
return 1
}
ok, err := fedauth(ctx, packPass.userID, service, username, packPass.pubkey)
if err != nil {
writeRedError(sshStderr, "Failed to verify federated user identifier %#v: %v", fedUserID, err)
return 1
}
if !ok {
writeRedError(sshStderr, "Failed to verify federated user identifier %#v: you don't seem to be on the list", fedUserID)
return 1
}
break
}
if i == pushOptCount-1 {
if pushOptIndex == pushOptCount-1 {
writeRedError(sshStderr, "This repo requires contributors to be either federated or registered users. You must supply your federated user ID as a push option. For example, git push -o fedid=sr.ht:runxiyu")
return 1
}
}
}
line, err = stdin.ReadString('\n')
if errors.Is(err, io.EOF) {
break
} else if err != nil {
writeRedError(sshStderr, "Failed to read pre-receive line: %v", err)
return 1
}
line = line[:len(line)-1]
oldOID, rest, found = strings.Cut(line, " ")
if !found {
writeRedError(sshStderr, "Invalid pre-receive line: %v", line)
return 1
}
newIOID, refName, found = strings.Cut(rest, " ")
if !found {
writeRedError(sshStderr, "Invalid pre-receive line: %v", line)
return 1
}
if strings.HasPrefix(refName, "refs/heads/contrib/") {
if allZero(oldOID) { // New branch
fmt.Fprintln(sshStderr, ansiec.Blue+"POK"+ansiec.Reset, refName)
var newMRID int
if packPass.userID != 0 {
err = database.QueryRow(ctx,
"INSERT INTO merge_requests (repo_id, creator, source_ref, status) VALUES ($1, $2, $3, 'open') RETURNING id",
packPass.repoID, packPass.userID, strings.TrimPrefix(refName, "refs/heads/"),
).Scan(&newMRID)
} else {
err = database.QueryRow(ctx,
"INSERT INTO merge_requests (repo_id, source_ref, status) VALUES ($1, $2, 'open') RETURNING id",
packPass.repoID, strings.TrimPrefix(refName, "refs/heads/"),
).Scan(&newMRID)
}
if err != nil {
writeRedError(sshStderr, "Error creating merge request: %v", err)
return 1
}
mergeRequestWebURL := fmt.Sprintf("%s/contrib/%d/", genHTTPRemoteURL(packPass.groupPath, packPass.repoName), newMRID)
fmt.Fprintln(sshStderr, ansiec.Blue+"Created merge request at", mergeRequestWebURL+ansiec.Reset)
select {
case ircSendBuffered <- "PRIVMSG #chat :New merge request at " + mergeRequestWebURL:
default:
clog.Error("IRC SendQ exceeded")
}
} else { // Existing contrib branch
var existingMRUser int
var isAncestor bool
err = database.QueryRow(ctx,
"SELECT COALESCE(creator, 0) FROM merge_requests WHERE source_ref = $1 AND repo_id = $2",
strings.TrimPrefix(refName, "refs/heads/"), packPass.repoID,
).Scan(&existingMRUser)
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
writeRedError(sshStderr, "No existing merge request for existing contrib branch: %v", err)
} else {
writeRedError(sshStderr, "Error querying for existing merge request: %v", err)
}
return 1
}
if existingMRUser == 0 {
allOK = false
fmt.Fprintln(sshStderr, ansiec.Red+"NAK"+ansiec.Reset, refName, "(branch belongs to unowned MR)")
continue
}
if existingMRUser != packPass.userID {
allOK = false
fmt.Fprintln(sshStderr, ansiec.Red+"NAK"+ansiec.Reset, refName, "(branch belongs another user's MR)")
continue
}
oldHash = plumbing.NewHash(oldOID)
if oldCommit, err = packPass.repo.CommitObject(oldHash); err != nil {
writeRedError(sshStderr, "Daemon failed to get old commit: %v", err)
return 1
}
// Potential BUG: I'm not sure if new_commit is guaranteed to be
// detectable as they haven't been merged into the main repo's
// objects yet. But it seems to work, and I don't think there's
// any reason for this to only work intermitently.
newHash = plumbing.NewHash(newIOID)
if newCommit, err = packPass.repo.CommitObject(newHash); err != nil {
writeRedError(sshStderr, "Daemon failed to get new commit: %v", err)
return 1
}
if isAncestor, err = oldCommit.IsAncestor(newCommit); err != nil {
writeRedError(sshStderr, "Daemon failed to check if old commit is ancestor: %v", err)
return 1
}
if !isAncestor {
// TODO: Create MR snapshot ref instead
allOK = false
fmt.Fprintln(sshStderr, ansiec.Red+"NAK"+ansiec.Reset, refName, "(force pushes are not supported yet)")
continue
}
fmt.Fprintln(sshStderr, ansiec.Blue+"POK"+ansiec.Reset, refName)
}
} else { // Non-contrib branch
allOK = false
fmt.Fprintln(sshStderr, ansiec.Red+"NAK"+ansiec.Reset, refName, "(you cannot push to branches outside of contrib/*)")
}
}
fmt.Fprintln(sshStderr)
if allOK {
fmt.Fprintln(sshStderr, "Overall "+ansiec.Green+"ACK"+ansiec.Reset+" (all checks passed)")
return 0
}
fmt.Fprintln(sshStderr, "Overall "+ansiec.Red+"NAK"+ansiec.Reset+" (one or more branches failed checks)")
return 1
default:
fmt.Fprintln(sshStderr, ansiec.Red+"Invalid hook:", args[0]+ansiec.Reset)
return 1
}
}()
fmt.Fprintln(sshStderr)
_, _ = conn.Write([]byte{hookRet})
}
func serveGitHooks(listener net.Listener) error {
for {
conn, err := listener.Accept()
if err != nil {
return err
}
go hooksHandler(conn)
}
}
func getUcred(conn net.Conn) (ucred *syscall.Ucred, err error) {
unixConn := conn.(*net.UnixConn)
var fd *os.File
var unixConnFD *os.File
if fd, err = unixConn.File(); err != nil {
if unixConnFD, err = unixConn.File(); err != nil {
return nil, errGetFD }
defer fd.Close()
defer unixConnFD.Close()
if ucred, err = syscall.GetsockoptUcred(int(fd.Fd()), syscall.SOL_SOCKET, syscall.SO_PEERCRED); err != nil {
if ucred, err = syscall.GetsockoptUcred(int(unixConnFD.Fd()), syscall.SOL_SOCKET, syscall.SO_PEERCRED); err != nil {
return nil, errGetUcred
}
return ucred, nil
}
func allZero(s string) bool {
for _, r := range s {
if r != '0' {
return false
}
}
return true
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"context"
"errors"
"io"
"iter"
"os"
"strings"
"github.com/go-git/go-git/v5"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/object"
"github.com/jackc/pgx/v5/pgtype"
)
// openRepo opens a git repository by group and repo name.
func openRepo(ctx context.Context, groupPath []string, repoName string) (repo *git.Repository, description string, repoID int, err error) {
var fsPath string
err = database.QueryRow(ctx, `
WITH RECURSIVE group_path_cte AS (
-- Start: match the first name in the path where parent_group IS NULL
SELECT
id,
parent_group,
name,
1 AS depth
FROM groups
WHERE name = ($1::text[])[1]
AND parent_group IS NULL
UNION ALL
-- Recurse: join next segment of the path
SELECT
g.id,
g.parent_group,
g.name,
group_path_cte.depth + 1
FROM groups g
JOIN group_path_cte ON g.parent_group = group_path_cte.id
WHERE g.name = ($1::text[])[group_path_cte.depth + 1]
AND group_path_cte.depth + 1 <= cardinality($1::text[])
)
SELECT
r.filesystem_path,
COALESCE(r.description, ''),
r.id
FROM group_path_cte g
JOIN repos r ON r.group_id = g.id
WHERE g.depth = cardinality($1::text[])
AND r.name = $2
`, pgtype.FlatArray[string](groupPath), repoName).Scan(&fsPath, &description, &repoID)
if err != nil {
return
}
repo, err = git.PlainOpen(fsPath)
return
}
// go-git's tree entries are not friendly for use in HTML templates.
type displayTreeEntry struct {
Name string
Mode string
Size int64
IsFile bool
IsSubtree bool
}
func makeDisplayTree(tree *object.Tree) (displayTree []displayTreeEntry) {
for _, entry := range tree.Entries {
displayEntry := displayTreeEntry{} //exhaustruct:ignore
var err error
var osMode os.FileMode
if osMode, err = entry.Mode.ToOSFileMode(); err != nil {
displayEntry.Mode = "x---------"
} else {
displayEntry.Mode = osMode.String()
}
displayEntry.IsFile = entry.Mode.IsFile()
if displayEntry.Size, err = tree.Size(entry.Name); err != nil {
displayEntry.Size = 0
}
displayEntry.Name = strings.TrimPrefix(entry.Name, "/")
displayTree = append(displayTree, displayEntry)
}
return displayTree
}
func commitIterSeqErr(commitIter object.CommitIter) (iter.Seq[*object.Commit], *error) {
var err error
return func(yield func(*object.Commit) bool) {
for {
commit, err2 := commitIter.Next()
if err2 != nil {
if errors.Is(err2, io.EOF) {
return
}
err = err2
return
}
if !yield(commit) {
return
}
}
}, &err
}
func iterSeqLimit[T any](s iter.Seq[T], n uint) iter.Seq[T] {
return func(yield func(T) bool) {
var i uint
var iterations uint
for v := range s {
if i > n-1 {
if iterations > n-1 {
return
}
if !yield(v) {
return
}
i++
iterations++
}
}
}
func getRecentCommits(repo *git.Repository, headHash plumbing.Hash, numCommits int) (recentCommits []*object.Commit, err error) {
var commitIter object.CommitIter
var thisCommit *object.Commit
commitIter, err = repo.Log(&git.LogOptions{From: headHash}) //exhaustruct:ignore
if err != nil {
return nil, err
}
recentCommits = make([]*object.Commit, 0)
defer commitIter.Close()
if numCommits < 0 {
for {
thisCommit, err = commitIter.Next()
if errors.Is(err, io.EOF) {
return recentCommits, nil
} else if err != nil {
return nil, err
}
recentCommits = append(recentCommits, thisCommit)
}
} else {
for range numCommits {
thisCommit, err = commitIter.Next()
if errors.Is(err, io.EOF) {
return recentCommits, nil
} else if err != nil {
return nil, err
}
recentCommits = append(recentCommits, thisCommit)
}
}
return recentCommits, err
}
func fmtCommitAsPatch(commit *object.Commit) (parentCommitHash plumbing.Hash, patch *object.Patch, err error) {
var parentCommit *object.Commit
var commitTree *object.Tree
parentCommit, err = commit.Parent(0)
switch {
case errors.Is(err, object.ErrParentNotFound):
if commitTree, err = commit.Tree(); err != nil {
return
}
if patch, err = nullTree.Patch(commitTree); err != nil {
return
}
case err != nil:
return
default:
parentCommitHash = parentCommit.Hash
if patch, err = parentCommit.Patch(commit); err != nil {
return
}
}
return
}
var nullTree object.Tree
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "net/http" )
func getUserFromRequest(r *http.Request) (id int, username string, err error) {
func getUserFromRequest(request *http.Request) (id int, username string, err error) {
var sessionCookie *http.Cookie
if sessionCookie, err = r.Cookie("session"); err != nil {
if sessionCookie, err = request.Cookie("session"); err != nil {
return } err = database.QueryRow(
r.Context(),
request.Context(),
"SELECT user_id, COALESCE(username, '') FROM users u JOIN sessions s ON u.id = s.user_id WHERE s.session_id = $1;", sessionCookie.Value, ).Scan(&id, &username) return }
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "net/http" "runtime" )
func httpHandleGC(w http.ResponseWriter, r *http.Request, _ map[string]any) {
func httpHandleGC(writer http.ResponseWriter, request *http.Request, _ map[string]any) {
runtime.GC()
http.Redirect(w, r, "/", http.StatusSeeOther)
http.Redirect(writer, request, "/", http.StatusSeeOther)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "errors" "net/http" "path/filepath" "strconv" "github.com/jackc/pgx/v5" "github.com/jackc/pgx/v5/pgtype" )
func httpHandleGroupIndex(w http.ResponseWriter, r *http.Request, params map[string]any) {
func httpHandleGroupIndex(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var groupPath []string var repos []nameDesc var subgroups []nameDesc var err error var groupID int var groupDesc string groupPath = params["group_path"].([]string) // The group itself
err = database.QueryRow(r.Context(), `
err = database.QueryRow(request.Context(), `
WITH RECURSIVE group_path_cte AS (
SELECT
id,
parent_group,
name,
1 AS depth
FROM groups
WHERE name = ($1::text[])[1]
AND parent_group IS NULL
UNION ALL
SELECT
g.id,
g.parent_group,
g.name,
group_path_cte.depth + 1
FROM groups g
JOIN group_path_cte ON g.parent_group = group_path_cte.id
WHERE g.name = ($1::text[])[group_path_cte.depth + 1]
AND group_path_cte.depth + 1 <= cardinality($1::text[])
)
SELECT c.id, COALESCE(g.description, '')
FROM group_path_cte c
JOIN groups g ON g.id = c.id
WHERE c.depth = cardinality($1::text[])
`,
pgtype.FlatArray[string](groupPath),
).Scan(&groupID, &groupDesc)
if errors.Is(err, pgx.ErrNoRows) {
errorPage404(w, params)
errorPage404(writer, params)
return
} else if err != nil {
http.Error(w, "Error getting group: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting group: "+err.Error(), http.StatusInternalServerError)
return } // ACL var count int
err = database.QueryRow(r.Context(), `
err = database.QueryRow(request.Context(), `
SELECT COUNT(*)
FROM user_group_roles
WHERE user_id = $1
AND group_id = $2
`, params["user_id"].(int), groupID).Scan(&count)
if err != nil {
http.Error(w, "Error checking access: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error checking access: "+err.Error(), http.StatusInternalServerError)
return } directAccess := (count > 0)
if r.Method == http.MethodPost {
if request.Method == http.MethodPost {
if !directAccess {
http.Error(w, "You do not have direct access to this group", http.StatusForbidden)
http.Error(writer, "You do not have direct access to this group", http.StatusForbidden)
return }
repoName := r.FormValue("repo_name")
repoDesc := r.FormValue("repo_desc")
contribReq := r.FormValue("repo_contrib")
repoName := request.FormValue("repo_name")
repoDesc := request.FormValue("repo_desc")
contribReq := request.FormValue("repo_contrib")
if repoName == "" {
http.Error(w, "Repo name is required", http.StatusBadRequest)
http.Error(writer, "Repo name is required", http.StatusBadRequest)
return } var newRepoID int err := database.QueryRow(
r.Context(),
request.Context(),
`INSERT INTO repos (name, description, group_id, contrib_requirements)
VALUES ($1, $2, $3, $4)
RETURNING id`,
repoName,
repoDesc,
groupID,
contribReq,
).Scan(&newRepoID)
if err != nil {
http.Error(w, "Error creating repo: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error creating repo: "+err.Error(), http.StatusInternalServerError)
return } filePath := filepath.Join(config.Git.RepoDir, strconv.Itoa(newRepoID)+".git") _, err = database.Exec(
r.Context(),
request.Context(),
`UPDATE repos
SET filesystem_path = $1
WHERE id = $2`,
filePath,
newRepoID,
)
if err != nil {
http.Error(w, "Error updating repo path: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error updating repo path: "+err.Error(), http.StatusInternalServerError)
return
}
if err = gitInit(filePath); err != nil {
http.Error(w, "Error initializing repo: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error initializing repo: "+err.Error(), http.StatusInternalServerError)
return }
redirectUnconditionally(w, r)
redirectUnconditionally(writer, request)
return } // Repos var rows pgx.Rows
rows, err = database.Query(r.Context(), `
rows, err = database.Query(request.Context(), `
SELECT name, COALESCE(description, '')
FROM repos
WHERE group_id = $1
`, groupID)
if err != nil {
http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
return
}
defer rows.Close()
for rows.Next() {
var name, description string
if err = rows.Scan(&name, &description); err != nil {
http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
return
}
repos = append(repos, nameDesc{name, description})
}
if err = rows.Err(); err != nil {
http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
return } // Subgroups
rows, err = database.Query(r.Context(), `
rows, err = database.Query(request.Context(), `
SELECT name, COALESCE(description, '')
FROM groups
WHERE parent_group = $1
`, groupID)
if err != nil {
http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
return
}
defer rows.Close()
for rows.Next() {
var name, description string
if err = rows.Scan(&name, &description); err != nil {
http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
return
}
subgroups = append(subgroups, nameDesc{name, description})
}
if err = rows.Err(); err != nil {
http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
return } params["repos"] = repos params["subgroups"] = subgroups params["description"] = groupDesc params["direct_access"] = directAccess
renderTemplate(w, "group", params)
renderTemplate(writer, "group", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "net/http" "runtime" "github.com/dustin/go-humanize" )
func httpHandleIndex(w http.ResponseWriter, r *http.Request, params map[string]any) {
func httpHandleIndex(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var err error var groups []nameDesc
groups, err = queryNameDesc(r.Context(), "SELECT name, COALESCE(description, '') FROM groups WHERE parent_group IS NULL")
groups, err = queryNameDesc(request.Context(), "SELECT name, COALESCE(description, '') FROM groups WHERE parent_group IS NULL")
if err != nil {
http.Error(w, "Error querying groups: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error querying groups: "+err.Error(), http.StatusInternalServerError)
return
}
params["groups"] = groups
// Memory currently allocated
memstats := runtime.MemStats{} //exhaustruct:ignore
runtime.ReadMemStats(&memstats)
params["mem"] = humanize.IBytes(memstats.Alloc)
renderTemplate(w, "index", params)
renderTemplate(writer, "index", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "crypto/rand" "encoding/base64" "errors" "fmt" "net/http" "time" "github.com/alexedwards/argon2id" "github.com/jackc/pgx/v5" )
func httpHandleLogin(w http.ResponseWriter, r *http.Request, params map[string]any) {
func httpHandleLogin(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var username, password string var userID int var passwordHash string var err error var passwordMatches bool var cookieValue string var now time.Time var expiry time.Time var cookie http.Cookie
if r.Method != http.MethodPost {
renderTemplate(w, "login", params)
if request.Method != http.MethodPost {
renderTemplate(writer, "login", params)
return }
username = r.PostFormValue("username")
password = r.PostFormValue("password")
username = request.PostFormValue("username")
password = request.PostFormValue("password")
err = database.QueryRow(r.Context(),
err = database.QueryRow(request.Context(),
"SELECT id, COALESCE(password, '') FROM users WHERE username = $1",
username,
).Scan(&userID, &passwordHash)
if err != nil {
if errors.Is(err, pgx.ErrNoRows) {
params["login_error"] = "Unknown username"
renderTemplate(w, "login", params)
renderTemplate(writer, "login", params)
return }
http.Error(w, "Error querying user information: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error querying user information: "+err.Error(), http.StatusInternalServerError)
return
}
if passwordHash == "" {
params["login_error"] = "User has no password"
renderTemplate(w, "login", params)
renderTemplate(writer, "login", params)
return
}
if passwordMatches, err = argon2id.ComparePasswordAndHash(password, passwordHash); err != nil {
http.Error(w, "Error comparing password and hash: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error comparing password and hash: "+err.Error(), http.StatusInternalServerError)
return
}
if !passwordMatches {
params["login_error"] = "Invalid password"
renderTemplate(w, "login", params)
renderTemplate(writer, "login", params)
return
}
if cookieValue, err = randomUrlsafeStr(16); err != nil {
http.Error(w, "Error getting random string: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting random string: "+err.Error(), http.StatusInternalServerError)
return
}
now = time.Now()
expiry = now.Add(time.Duration(config.HTTP.CookieExpiry) * time.Second)
cookie = http.Cookie{
Name: "session",
Value: cookieValue,
SameSite: http.SameSiteLaxMode,
HttpOnly: true,
Secure: false, // TODO
Expires: expiry,
Path: "/",
} //exhaustruct:ignore
http.SetCookie(w, &cookie)
http.SetCookie(writer, &cookie)
_, err = database.Exec(r.Context(), "INSERT INTO sessions (user_id, session_id) VALUES ($1, $2)", userID, cookieValue)
_, err = database.Exec(request.Context(), "INSERT INTO sessions (user_id, session_id) VALUES ($1, $2)", userID, cookieValue)
if err != nil {
http.Error(w, "Error inserting session: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error inserting session: "+err.Error(), http.StatusInternalServerError)
return }
http.Redirect(w, r, "/", http.StatusSeeOther)
http.Redirect(writer, request, "/", http.StatusSeeOther)
}
// randomUrlsafeStr generates a random string of the given entropic size
// using the URL-safe base64 encoding. The actual size of the string returned
// will be 4*sz.
func randomUrlsafeStr(sz int) (string, error) {
r := make([]byte, 3*sz)
_, err := rand.Read(r)
if err != nil {
return "", fmt.Errorf("error generating random string: %w", err)
}
return base64.RawURLEncoding.EncodeToString(r), nil
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"fmt"
"net/http"
"strings"
"github.com/go-git/go-git/v5"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/filemode"
"github.com/go-git/go-git/v5/plumbing/format/diff"
"github.com/go-git/go-git/v5/plumbing/object"
"go.lindenii.runxiyu.org/lindenii-common/misc"
)
// The file patch type from go-git isn't really usable in HTML templates
// either.
type usableFilePatch struct {
From diff.File
To diff.File
Chunks []usableChunk
}
type usableChunk struct {
Operation diff.Operation
Content string
}
func httpHandleRepoCommit(w http.ResponseWriter, r *http.Request, params map[string]any) {
func httpHandleRepoCommit(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var repo *git.Repository
var commitIDStrSpec, commitIDStrSpecNoSuffix string
var commitID plumbing.Hash
var parentCommitHash plumbing.Hash
var commitObj *object.Commit
var commitIDStr string
var err error
var patch *object.Patch
repo, commitIDStrSpec = params["repo"].(*git.Repository), params["commit_id"].(string)
commitIDStrSpecNoSuffix = strings.TrimSuffix(commitIDStrSpec, ".patch")
commitID = plumbing.NewHash(commitIDStrSpecNoSuffix)
if commitObj, err = repo.CommitObject(commitID); err != nil {
http.Error(w, "Error getting commit object: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting commit object: "+err.Error(), http.StatusInternalServerError)
return
}
if commitIDStrSpecNoSuffix != commitIDStrSpec {
var patchStr string
if patchStr, err = fmtCommitPatch(commitObj); err != nil {
http.Error(w, "Error formatting patch: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error formatting patch: "+err.Error(), http.StatusInternalServerError)
return }
fmt.Fprintln(w, patchStr)
fmt.Fprintln(writer, patchStr)
return
}
commitIDStr = commitObj.Hash.String()
if commitIDStr != commitIDStrSpec {
http.Redirect(w, r, commitIDStr, http.StatusSeeOther)
http.Redirect(writer, request, commitIDStr, http.StatusSeeOther)
return
}
params["commit_object"] = commitObj
params["commit_id"] = commitIDStr
parentCommitHash, patch, err = fmtCommitAsPatch(commitObj)
if err != nil {
http.Error(w, "Error getting patch from commit: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting patch from commit: "+err.Error(), http.StatusInternalServerError)
return } params["parent_commitHash"] = parentCommitHash.String() params["patch"] = patch params["file_patches"] = makeUsableFilePatches(patch)
renderTemplate(w, "repo_commit", params)
renderTemplate(writer, "repo_commit", params)
}
type fakeDiffFile struct {
hash plumbing.Hash
mode filemode.FileMode
path string
}
func (f fakeDiffFile) Hash() plumbing.Hash {
return f.hash
}
func (f fakeDiffFile) Mode() filemode.FileMode {
return f.mode
}
func (f fakeDiffFile) Path() string {
return f.path
}
var nullFakeDiffFile = fakeDiffFile{
hash: plumbing.NewHash("0000000000000000000000000000000000000000"),
mode: misc.FirstOrPanic(filemode.New("100644")),
path: "",
}
func makeUsableFilePatches(patch diff.Patch) (usableFilePatches []usableFilePatch) {
// TODO: Remove unnecessary context
// TODO: Prepend "+"/"-"/" " instead of solely distinguishing based on color
for _, filePatch := range patch.FilePatches() {
var from, to diff.File
var fromFile, toFile diff.File
var ufp usableFilePatch
chunks := []usableChunk{}
from, to = filePatch.Files()
if from == nil {
from = nullFakeDiffFile
fromFile, toFile = filePatch.Files()
if fromFile == nil {
fromFile = nullFakeDiffFile
}
if to == nil {
to = nullFakeDiffFile
if toFile == nil {
toFile = nullFakeDiffFile
}
for _, chunk := range filePatch.Chunks() {
var content string
content = chunk.Content()
if len(content) > 0 && content[0] == '\n' {
content = "\n" + content
} // Horrible hack to fix how browsers newlines that immediately proceed <pre>
chunks = append(chunks, usableChunk{
Operation: chunk.Type(),
Content: content,
})
}
ufp = usableFilePatch{
Chunks: chunks,
From: from, To: to,
From: fromFile, To: toFile,
} usableFilePatches = append(usableFilePatches, ufp) } return }
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"net/http"
"github.com/jackc/pgx/v5"
)
type idTitleStatus struct {
ID int
Title string
Status string
}
func httpHandleRepoContribIndex(w http.ResponseWriter, r *http.Request, params map[string]any) {
func httpHandleRepoContribIndex(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var rows pgx.Rows var result []idTitleStatus var err error
if rows, err = database.Query(r.Context(),
if rows, err = database.Query(request.Context(),
"SELECT id, COALESCE(title, 'Untitled'), status FROM merge_requests WHERE repo_id = $1",
params["repo_id"],
); err != nil {
http.Error(w, "Error querying merge requests: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error querying merge requests: "+err.Error(), http.StatusInternalServerError)
return
}
defer rows.Close()
for rows.Next() {
var id int
var title, status string
if err = rows.Scan(&id, &title, &status); err != nil {
http.Error(w, "Error scanning merge request: "+err.Error(), http.StatusInternalServerError)
var mrID int
var mrTitle, mrStatus string
if err = rows.Scan(&mrID, &mrTitle, &mrStatus); err != nil {
http.Error(writer, "Error scanning merge request: "+err.Error(), http.StatusInternalServerError)
return }
result = append(result, idTitleStatus{id, title, status})
result = append(result, idTitleStatus{mrID, mrTitle, mrStatus})
}
if err = rows.Err(); err != nil {
http.Error(w, "Error ranging over merge requests: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error ranging over merge requests: "+err.Error(), http.StatusInternalServerError)
return } params["merge_requests"] = result
renderTemplate(w, "repo_contrib_index", params)
renderTemplate(writer, "repo_contrib_index", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "net/http" "strconv" "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/object" )
func httpHandleRepoContribOne(w http.ResponseWriter, r *http.Request, params map[string]any) {
func httpHandleRepoContribOne(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var mrIDStr string
var mrIDInt int
var err error
var title, status, srcRefStr, dstBranchStr string
var repo *git.Repository
var srcRefHash plumbing.Hash
var dstBranchHash plumbing.Hash
var srcCommit, dstCommit, mergeBaseCommit *object.Commit
var mergeBases []*object.Commit
mrIDStr = params["mr_id"].(string)
mrIDInt64, err := strconv.ParseInt(mrIDStr, 10, strconv.IntSize)
if err != nil {
http.Error(w, "Merge request ID not an integer: "+err.Error(), http.StatusBadRequest)
http.Error(writer, "Merge request ID not an integer: "+err.Error(), http.StatusBadRequest)
return } mrIDInt = int(mrIDInt64)
if err = database.QueryRow(r.Context(),
if err = database.QueryRow(request.Context(),
"SELECT COALESCE(title, ''), status, source_ref, COALESCE(destination_branch, '') FROM merge_requests WHERE id = $1",
mrIDInt,
).Scan(&title, &status, &srcRefStr, &dstBranchStr); err != nil {
http.Error(w, "Error querying merge request: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error querying merge request: "+err.Error(), http.StatusInternalServerError)
return
}
repo = params["repo"].(*git.Repository)
if srcRefHash, err = getRefHash(repo, "branch", srcRefStr); err != nil {
http.Error(w, "Error getting source ref hash: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting source ref hash: "+err.Error(), http.StatusInternalServerError)
return
}
if srcCommit, err = repo.CommitObject(srcRefHash); err != nil {
http.Error(w, "Error getting source commit: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting source commit: "+err.Error(), http.StatusInternalServerError)
return
}
params["source_commit"] = srcCommit
if dstBranchStr == "" {
dstBranchStr = "HEAD"
dstBranchHash, err = getRefHash(repo, "", "")
} else {
dstBranchHash, err = getRefHash(repo, "branch", dstBranchStr)
}
if err != nil {
http.Error(w, "Error getting destination branch hash: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting destination branch hash: "+err.Error(), http.StatusInternalServerError)
return
}
if dstCommit, err = repo.CommitObject(dstBranchHash); err != nil {
http.Error(w, "Error getting destination commit: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting destination commit: "+err.Error(), http.StatusInternalServerError)
return
}
params["destination_commit"] = dstCommit
if mergeBases, err = srcCommit.MergeBase(dstCommit); err != nil {
http.Error(w, "Error getting merge base: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting merge base: "+err.Error(), http.StatusInternalServerError)
return
}
mergeBaseCommit = mergeBases[0]
params["merge_base"] = mergeBaseCommit
patch, err := mergeBaseCommit.Patch(srcCommit)
if err != nil {
http.Error(w, "Error getting patch: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting patch: "+err.Error(), http.StatusInternalServerError)
return } params["file_patches"] = makeUsableFilePatches(patch) params["mr_title"], params["mr_status"], params["mr_source_ref"], params["mr_destination_branch"] = title, status, srcRefStr, dstBranchStr
renderTemplate(w, "repo_contrib_one", params)
renderTemplate(writer, "repo_contrib_one", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "iter" "net/http" "strings" "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/object" "github.com/go-git/go-git/v5/plumbing/storer" )
func httpHandleRepoIndex(w http.ResponseWriter, _ *http.Request, params map[string]any) {
func httpHandleRepoIndex(writer http.ResponseWriter, _ *http.Request, params map[string]any) {
var repo *git.Repository
var repoName string
var groupPath []string
var refHash plumbing.Hash
var err error
var commitIter object.CommitIter
var commitIterSeq iter.Seq[*object.Commit]
var commitObj *object.Commit
var tree *object.Tree
var notes []string
var branches []string
var branchesIter storer.ReferenceIter
var logOptions git.LogOptions
repo, repoName, groupPath = params["repo"].(*git.Repository), params["repo_name"].(string), params["group_path"].([]string)
if strings.Contains(repoName, "\n") || sliceContainsNewlines(groupPath) {
notes = append(notes, "Path contains newlines; HTTP Git access impossible")
}
refHash, err = getRefHash(repo, params["ref_type"].(string), params["ref_name"].(string))
if err != nil {
goto no_ref
}
branchesIter, err = repo.Branches()
if err == nil {
_ = branchesIter.ForEach(func(branch *plumbing.Reference) error {
branches = append(branches, branch.Name().Short())
return nil
})
}
params["branches"] = branches
logOptions = git.LogOptions{From: refHash} //exhaustruct:ignore
if commitIter, err = repo.Log(&logOptions); err != nil {
goto no_ref
}
commitIterSeq, params["commits_err"] = commitIterSeqErr(commitIter)
params["commits"] = iterSeqLimit(commitIterSeq, 3)
if commitObj, err = repo.CommitObject(refHash); err != nil {
goto no_ref
}
if tree, err = commitObj.Tree(); err != nil {
goto no_ref
}
params["files"] = makeDisplayTree(tree)
params["readme_filename"], params["readme"] = renderReadmeAtTree(tree)
no_ref:
params["http_clone_url"] = genHTTPRemoteURL(groupPath, repoName)
params["ssh_clone_url"] = genSSHRemoteURL(groupPath, repoName)
params["notes"] = notes
renderTemplate(w, "repo_index", params)
renderTemplate(writer, "repo_index", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "fmt" "io" "net/http" "os/exec" "github.com/jackc/pgx/v5/pgtype" )
func httpHandleRepoInfo(w http.ResponseWriter, r *http.Request, params map[string]any) (err error) {
func httpHandleRepoInfo(writer http.ResponseWriter, request *http.Request, params map[string]any) (err error) {
groupPath := params["group_path"].([]string) repoName := params["repo_name"].(string) var repoPath string
if err := database.QueryRow(r.Context(), `
if err := database.QueryRow(request.Context(), `
WITH RECURSIVE group_path_cte AS (
-- Start: match the first name in the path where parent_group IS NULL
SELECT
id,
parent_group,
name,
1 AS depth
FROM groups
WHERE name = ($1::text[])[1]
AND parent_group IS NULL
UNION ALL
-- Recurse: jion next segment of the path
SELECT
g.id,
g.parent_group,
g.name,
group_path_cte.depth + 1
FROM groups g
JOIN group_path_cte ON g.parent_group = group_path_cte.id
WHERE g.name = ($1::text[])[group_path_cte.depth + 1]
AND group_path_cte.depth + 1 <= cardinality($1::text[])
)
SELECT r.filesystem_path
FROM group_path_cte c
JOIN repos r ON r.group_id = c.id
WHERE c.depth = cardinality($1::text[])
AND r.name = $2
`,
pgtype.FlatArray[string](groupPath),
repoName,
).Scan(&repoPath); err != nil {
return err
}
w.Header().Set("Content-Type", "application/x-git-upload-pack-advertisement")
w.WriteHeader(http.StatusOK)
writer.Header().Set("Content-Type", "application/x-git-upload-pack-advertisement")
writer.WriteHeader(http.StatusOK)
cmd := exec.Command("git", "upload-pack", "--stateless-rpc", "--advertise-refs", repoPath)
stdout, err := cmd.StdoutPipe()
if err != nil {
return err
}
defer func() {
_ = stdout.Close()
}()
cmd.Stderr = cmd.Stdout
if err = cmd.Start(); err != nil {
return err
}
if err = packLine(w, "# service=git-upload-pack\n"); err != nil {
if err = packLine(writer, "# service=git-upload-pack\n"); err != nil {
return err }
if err = packFlush(w); err != nil {
if err = packFlush(writer); err != nil {
return }
if _, err = io.Copy(w, stdout); err != nil {
if _, err = io.Copy(writer, stdout); err != nil {
return err
}
if err = cmd.Wait(); err != nil {
return err
}
return nil
}
// Taken from https://github.com/icyphox/legit, MIT license.
func packLine(w io.Writer, s string) error {
_, err := fmt.Fprintf(w, "%04x%s", len(s)+4, s)
return err
}
// Taken from https://github.com/icyphox/legit, MIT license.
func packFlush(w io.Writer) error {
_, err := fmt.Fprint(w, "0000")
return err
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "net/http" "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/object" ) // TODO: I probably shouldn't include *all* commits here...
func httpHandleRepoLog(w http.ResponseWriter, _ *http.Request, params map[string]any) {
func httpHandleRepoLog(writer http.ResponseWriter, _ *http.Request, params map[string]any) {
var repo *git.Repository
var refHash plumbing.Hash
var err error
var commits []*object.Commit
repo = params["repo"].(*git.Repository)
if refHash, err = getRefHash(repo, params["ref_type"].(string), params["ref_name"].(string)); err != nil {
http.Error(w, "Error getting ref hash: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting ref hash: "+err.Error(), http.StatusInternalServerError)
return
}
if commits, err = getRecentCommits(repo, refHash, -1); err != nil {
http.Error(w, "Error getting recent commits: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting recent commits: "+err.Error(), http.StatusInternalServerError)
return } params["commits"] = commits
renderTemplate(w, "repo_log", params)
renderTemplate(writer, "repo_log", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "fmt" "net/http" "strings" "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/object" )
func httpHandleRepoRaw(w http.ResponseWriter, r *http.Request, params map[string]any) {
func httpHandleRepoRaw(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var rawPathSpec, pathSpec string
var repo *git.Repository
var refHash plumbing.Hash
var commitObj *object.Commit
var tree *object.Tree
var err error
rawPathSpec = params["rest"].(string)
repo, pathSpec = params["repo"].(*git.Repository), strings.TrimSuffix(rawPathSpec, "/")
params["path_spec"] = pathSpec
if refHash, err = getRefHash(repo, params["ref_type"].(string), params["ref_name"].(string)); err != nil {
http.Error(w, "Error getting ref hash: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting ref hash: "+err.Error(), http.StatusInternalServerError)
return
}
if commitObj, err = repo.CommitObject(refHash); err != nil {
http.Error(w, "Error getting commit object: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting commit object: "+err.Error(), http.StatusInternalServerError)
return
}
if tree, err = commitObj.Tree(); err != nil {
http.Error(w, "Error getting file tree: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting file tree: "+err.Error(), http.StatusInternalServerError)
return
}
var target *object.Tree
if pathSpec == "" {
target = tree
} else {
if target, err = tree.Tree(pathSpec); err != nil {
var file *object.File
var fileContent string
if file, err = tree.File(pathSpec); err != nil {
http.Error(w, "Error retrieving path: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error retrieving path: "+err.Error(), http.StatusInternalServerError)
return }
if redirectNoDir(w, r) {
if redirectNoDir(writer, request) {
return
}
if fileContent, err = file.Contents(); err != nil {
http.Error(w, "Error reading file: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error reading file: "+err.Error(), http.StatusInternalServerError)
return }
fmt.Fprint(w, fileContent)
fmt.Fprint(writer, fileContent)
return } }
if redirectDir(w, r) {
if redirectDir(writer, request) {
return } params["files"] = makeDisplayTree(target)
renderTemplate(w, "repo_raw_dir", params)
renderTemplate(writer, "repo_raw_dir", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "bytes" "html/template" "net/http" "path" "strings" "github.com/alecthomas/chroma/v2" chromaHTML "github.com/alecthomas/chroma/v2/formatters/html" chromaLexers "github.com/alecthomas/chroma/v2/lexers" chromaStyles "github.com/alecthomas/chroma/v2/styles" "github.com/go-git/go-git/v5" "github.com/go-git/go-git/v5/plumbing" "github.com/go-git/go-git/v5/plumbing/object" )
func httpHandleRepoTree(w http.ResponseWriter, r *http.Request, params map[string]any) {
func httpHandleRepoTree(writer http.ResponseWriter, request *http.Request, params map[string]any) {
var rawPathSpec, pathSpec string
var repo *git.Repository
var refHash plumbing.Hash
var commitObject *object.Commit
var tree *object.Tree
var err error
rawPathSpec = params["rest"].(string)
repo, pathSpec = params["repo"].(*git.Repository), strings.TrimSuffix(rawPathSpec, "/")
params["path_spec"] = pathSpec
if refHash, err = getRefHash(repo, params["ref_type"].(string), params["ref_name"].(string)); err != nil {
http.Error(w, "Error getting ref hash: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting ref hash: "+err.Error(), http.StatusInternalServerError)
return
}
if commitObject, err = repo.CommitObject(refHash); err != nil {
http.Error(w, "Error getting commit object: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting commit object: "+err.Error(), http.StatusInternalServerError)
return
}
if tree, err = commitObject.Tree(); err != nil {
http.Error(w, "Error getting file tree: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting file tree: "+err.Error(), http.StatusInternalServerError)
return
}
var target *object.Tree
if pathSpec == "" {
target = tree
} else {
if target, err = tree.Tree(pathSpec); err != nil {
var file *object.File
var fileContent string
var lexer chroma.Lexer
var iterator chroma.Iterator
var style *chroma.Style
var formatter *chromaHTML.Formatter
var formattedHTML template.HTML
if file, err = tree.File(pathSpec); err != nil {
http.Error(w, "Error retrieving path: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error retrieving path: "+err.Error(), http.StatusInternalServerError)
return }
if redirectNoDir(w, r) {
if redirectNoDir(writer, request) {
return
}
if fileContent, err = file.Contents(); err != nil {
http.Error(w, "Error reading file: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error reading file: "+err.Error(), http.StatusInternalServerError)
return
}
lexer = chromaLexers.Match(pathSpec)
if lexer == nil {
lexer = chromaLexers.Fallback
}
if iterator, err = lexer.Tokenise(nil, fileContent); err != nil {
http.Error(w, "Error tokenizing code: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error tokenizing code: "+err.Error(), http.StatusInternalServerError)
return
}
var formattedHTMLStr bytes.Buffer
style = chromaStyles.Get("autumn")
formatter = chromaHTML.New(chromaHTML.WithClasses(true), chromaHTML.TabWidth(8))
if err = formatter.Format(&formattedHTMLStr, style, iterator); err != nil {
http.Error(w, "Error formatting code: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error formatting code: "+err.Error(), http.StatusInternalServerError)
return } formattedHTML = template.HTML(formattedHTMLStr.Bytes()) //#nosec G203 params["file_contents"] = formattedHTML
renderTemplate(w, "repo_tree_file", params)
renderTemplate(writer, "repo_tree_file", params)
return
}
}
if len(rawPathSpec) != 0 && rawPathSpec[len(rawPathSpec)-1] != '/' {
http.Redirect(w, r, path.Base(pathSpec)+"/", http.StatusSeeOther)
http.Redirect(writer, request, path.Base(pathSpec)+"/", http.StatusSeeOther)
return } params["readme_filename"], params["readme"] = renderReadmeAtTree(target) params["files"] = makeDisplayTree(target)
renderTemplate(w, "repo_tree_dir", params)
renderTemplate(writer, "repo_tree_dir", params)
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "io" "net/http" "os" "os/exec" "github.com/jackc/pgx/v5/pgtype" )
func httpHandleUploadPack(w http.ResponseWriter, r *http.Request, params map[string]any) (err error) {
func httpHandleUploadPack(writer http.ResponseWriter, request *http.Request, params map[string]any) (err error) {
var groupPath []string var repoName string var repoPath string var stdout io.ReadCloser var stdin io.WriteCloser var cmd *exec.Cmd groupPath, repoName = params["group_path"].([]string), params["repo_name"].(string)
if err := database.QueryRow(r.Context(), `
if err := database.QueryRow(request.Context(), `
WITH RECURSIVE group_path_cte AS (
-- Start: match the first name in the path where parent_group IS NULL
SELECT
id,
parent_group,
name,
1 AS depth
FROM groups
WHERE name = ($1::text[])[1]
AND parent_group IS NULL
UNION ALL
-- Recurse: jion next segment of the path
SELECT
g.id,
g.parent_group,
g.name,
group_path_cte.depth + 1
FROM groups g
JOIN group_path_cte ON g.parent_group = group_path_cte.id
WHERE g.name = ($1::text[])[group_path_cte.depth + 1]
AND group_path_cte.depth + 1 <= cardinality($1::text[])
)
SELECT r.filesystem_path
FROM group_path_cte c
JOIN repos r ON r.group_id = c.id
WHERE c.depth = cardinality($1::text[])
AND r.name = $2
`,
pgtype.FlatArray[string](groupPath),
repoName,
).Scan(&repoPath); err != nil {
return err
}
w.Header().Set("Content-Type", "application/x-git-upload-pack-result")
w.Header().Set("Connection", "Keep-Alive")
w.Header().Set("Transfer-Encoding", "chunked")
w.WriteHeader(http.StatusOK)
writer.Header().Set("Content-Type", "application/x-git-upload-pack-result")
writer.Header().Set("Connection", "Keep-Alive")
writer.Header().Set("Transfer-Encoding", "chunked")
writer.WriteHeader(http.StatusOK)
cmd = exec.Command("git", "upload-pack", "--stateless-rpc", repoPath)
cmd.Env = append(os.Environ(), "LINDENII_FORGE_HOOKS_SOCKET_PATH="+config.Hooks.Socket)
if stdout, err = cmd.StdoutPipe(); err != nil {
return err
}
cmd.Stderr = cmd.Stdout
defer func() {
_ = stdout.Close()
}()
if stdin, err = cmd.StdinPipe(); err != nil {
return err
}
defer func() {
_ = stdin.Close()
}()
if err = cmd.Start(); err != nil {
return err
}
if _, err = io.Copy(stdin, r.Body); err != nil {
if _, err = io.Copy(stdin, request.Body); err != nil {
return err
}
if err = stdin.Close(); err != nil {
return err
}
if _, err = io.Copy(w, stdout); err != nil {
if _, err = io.Copy(writer, stdout); err != nil {
return err
}
if err = cmd.Wait(); err != nil {
return err
}
return nil
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "net/http" )
func httpHandleUsers(w http.ResponseWriter, _ *http.Request, _ map[string]any) {
http.Error(w, "Not implemented", http.StatusNotImplemented)
func httpHandleUsers(writer http.ResponseWriter, _ *http.Request, _ map[string]any) {
http.Error(writer, "Not implemented", http.StatusNotImplemented)
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"errors"
"net/http"
"strconv"
"strings"
"github.com/jackc/pgx/v5"
"go.lindenii.runxiyu.org/lindenii-common/clog"
)
type forgeHTTPRouter struct{}
func (router *forgeHTTPRouter) ServeHTTP(w http.ResponseWriter, r *http.Request) {
clog.Info("Incoming HTTP: " + r.RemoteAddr + " " + r.Method + " " + r.RequestURI)
func (router *forgeHTTPRouter) ServeHTTP(writer http.ResponseWriter, request *http.Request) {
clog.Info("Incoming HTTP: " + request.RemoteAddr + " " + request.Method + " " + request.RequestURI)
var segments []string var err error var sepIndex int params := make(map[string]any)
if segments, _, err = parseReqURI(r.RequestURI); err != nil {
http.Error(w, err.Error(), http.StatusBadRequest)
if segments, _, err = parseReqURI(request.RequestURI); err != nil {
http.Error(writer, err.Error(), http.StatusBadRequest)
return
}
if segments[len(segments)-1] == "" {
segments = segments[:len(segments)-1]
}
params["url_segments"] = segments
params["global"] = globalData
var userID int // 0 for none
userID, params["username"], err = getUserFromRequest(r)
userID, params["username"], err = getUserFromRequest(request)
params["user_id"] = userID
if err != nil && !errors.Is(err, http.ErrNoCookie) && !errors.Is(err, pgx.ErrNoRows) {
http.Error(w, "Error getting user info from request: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error getting user info from request: "+err.Error(), http.StatusInternalServerError)
return
}
if userID == 0 {
params["user_id_string"] = ""
} else {
params["user_id_string"] = strconv.Itoa(userID)
}
if len(segments) == 0 {
httpHandleIndex(w, r, params)
httpHandleIndex(writer, request, params)
return
}
if segments[0] == ":" {
if len(segments) < 2 {
errorPage404(w, params)
errorPage404(writer, params)
return
} else if len(segments) == 2 && redirectDir(w, r) {
} else if len(segments) == 2 && redirectDir(writer, request) {
return
}
switch segments[1] {
case "static":
staticHandler.ServeHTTP(w, r)
staticHandler.ServeHTTP(writer, request)
return case "source":
sourceHandler.ServeHTTP(w, r)
sourceHandler.ServeHTTP(writer, request)
return
}
}
if segments[0] == ":" {
switch segments[1] {
case "login":
httpHandleLogin(w, r, params)
httpHandleLogin(writer, request, params)
return case "users":
httpHandleUsers(w, r, params)
httpHandleUsers(writer, request, params)
return case "gc":
httpHandleGC(w, r, params)
httpHandleGC(writer, request, params)
return default:
errorPage404(w, params)
errorPage404(writer, params)
return
}
}
sepIndex = -1
for i, part := range segments {
if part == ":" {
sepIndex = i
break
}
}
params["separator_index"] = sepIndex
var groupPath []string
var moduleType string
var moduleName string
if sepIndex > 0 {
groupPath = segments[:sepIndex]
} else {
groupPath = segments
}
params["group_path"] = groupPath
switch {
case sepIndex == -1:
if redirectDir(w, r) {
if redirectDir(writer, request) {
return }
httpHandleGroupIndex(w, r, params)
httpHandleGroupIndex(writer, request, params)
case len(segments) == sepIndex+1:
errorPage404(w, params)
errorPage404(writer, params)
return case len(segments) == sepIndex+2:
errorPage404(w, params)
errorPage404(writer, params)
return
default:
moduleType = segments[sepIndex+1]
moduleName = segments[sepIndex+2]
switch moduleType {
case "repos":
params["repo_name"] = moduleName
if len(segments) > sepIndex+3 {
switch segments[sepIndex+3] {
case "info":
if err = httpHandleRepoInfo(w, r, params); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
if err = httpHandleRepoInfo(writer, request, params); err != nil {
http.Error(writer, err.Error(), http.StatusInternalServerError)
} return case "git-upload-pack":
if err = httpHandleUploadPack(w, r, params); err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError)
if err = httpHandleUploadPack(writer, request, params); err != nil {
http.Error(writer, err.Error(), http.StatusInternalServerError)
} return } }
if params["ref_type"], params["ref_name"], err = getParamRefTypeName(r); err != nil {
if params["ref_type"], params["ref_name"], err = getParamRefTypeName(request); err != nil {
if errors.Is(err, errNoRefSpec) {
params["ref_type"] = ""
} else {
http.Error(w, "Error querying ref type: "+err.Error(), http.StatusInternalServerError)
http.Error(writer, "Error querying ref type: "+err.Error(), http.StatusInternalServerError)
return } } // TODO: subgroups
if params["repo"], params["repo_description"], params["repo_id"], err = openRepo(r.Context(), groupPath, moduleName); err != nil {
http.Error(w, "Error opening repo: "+err.Error(), http.StatusInternalServerError)
if params["repo"], params["repo_description"], params["repo_id"], err = openRepo(request.Context(), groupPath, moduleName); err != nil {
http.Error(writer, "Error opening repo: "+err.Error(), http.StatusInternalServerError)
return
}
if len(segments) == sepIndex+3 {
if redirectDir(w, r) {
if redirectDir(writer, request) {
return }
httpHandleRepoIndex(w, r, params)
httpHandleRepoIndex(writer, request, params)
return
}
repoFeature := segments[sepIndex+3]
switch repoFeature {
case "tree":
if anyContain(segments[sepIndex+4:], "/") {
errorPage400(w, params, "Repo tree paths may not contain slashes in any segments")
errorPage400(writer, params, "Repo tree paths may not contain slashes in any segments")
return } params["rest"] = strings.Join(segments[sepIndex+4:], "/")
if len(segments) < sepIndex+5 && redirectDir(w, r) {
if len(segments) < sepIndex+5 && redirectDir(writer, request) {
return }
httpHandleRepoTree(w, r, params)
httpHandleRepoTree(writer, request, params)
case "raw":
if anyContain(segments[sepIndex+4:], "/") {
errorPage400(w, params, "Repo tree paths may not contain slashes in any segments")
errorPage400(writer, params, "Repo tree paths may not contain slashes in any segments")
return } params["rest"] = strings.Join(segments[sepIndex+4:], "/")
if len(segments) < sepIndex+5 && redirectDir(w, r) {
if len(segments) < sepIndex+5 && redirectDir(writer, request) {
return }
httpHandleRepoRaw(w, r, params)
httpHandleRepoRaw(writer, request, params)
case "log":
if len(segments) > sepIndex+4 {
http.Error(w, "Too many parameters", http.StatusBadRequest)
http.Error(writer, "Too many parameters", http.StatusBadRequest)
return }
if redirectDir(w, r) {
if redirectDir(writer, request) {
return }
httpHandleRepoLog(w, r, params)
httpHandleRepoLog(writer, request, params)
case "commit":
if redirectNoDir(w, r) {
if redirectNoDir(writer, request) {
return } params["commit_id"] = segments[sepIndex+4]
httpHandleRepoCommit(w, r, params)
httpHandleRepoCommit(writer, request, params)
case "contrib":
if redirectDir(w, r) {
if redirectDir(writer, request) {
return
}
switch len(segments) {
case sepIndex + 4:
httpHandleRepoContribIndex(w, r, params)
httpHandleRepoContribIndex(writer, request, params)
case sepIndex + 5: params["mr_id"] = segments[sepIndex+4]
httpHandleRepoContribOne(w, r, params)
httpHandleRepoContribOne(writer, request, params)
default:
http.Error(w, "Too many parameters", http.StatusBadRequest)
http.Error(writer, "Too many parameters", http.StatusBadRequest)
} default:
errorPage404(w, params)
errorPage404(writer, params)
return } default:
errorPage404(w, params)
errorPage404(writer, params)
return } } }
package main
import (
"crypto/tls"
"net"
"go.lindenii.runxiyu.org/lindenii-common/clog"
irc "go.lindenii.runxiyu.org/lindenii-irc"
)
var (
ircSendBuffered chan string
ircSendDirectChan chan errorBack[string]
)
type errorBack[T any] struct {
content T
errorBack chan error
}
func ircBotSession() error {
var err error
var underlyingConn net.Conn
if config.IRC.TLS {
underlyingConn, err = tls.Dial(config.IRC.Net, config.IRC.Addr, nil)
} else {
underlyingConn, err = net.Dial(config.IRC.Net, config.IRC.Addr)
}
if err != nil {
return err
}
defer underlyingConn.Close()
conn := irc.NewConn(underlyingConn)
logAndWriteLn := func(s string) (n int, err error) {
clog.Debug("IRC tx: " + s)
return conn.WriteString(s + "\r\n")
}
_, err = logAndWriteLn("NICK " + config.IRC.Nick)
if err != nil {
return err
}
_, err = logAndWriteLn("USER " + config.IRC.User + " 0 * :" + config.IRC.Gecos)
if err != nil {
return err
}
readLoopError := make(chan error)
writeLoopAbort := make(chan struct{})
go func() {
for {
select {
case <-writeLoopAbort:
return
default:
}
msg, line, err := conn.ReadMessage()
if err != nil {
readLoopError <- err
return
}
clog.Debug("IRC rx: " + line)
switch msg.Command {
case "001":
_, err = logAndWriteLn("JOIN #chat")
if err != nil {
readLoopError <- err
return
}
case "PING":
_, err = logAndWriteLn("PONG :" + msg.Args[0])
if err != nil {
readLoopError <- err
return
}
case "JOIN":
c, ok := msg.Source.(irc.Client)
if !ok {
clog.Error("IRC server told us a non-client is joining a channel...")
}
if c.Nick != config.IRC.Nick {
continue
}
_, err = logAndWriteLn("PRIVMSG #chat :test")
if err != nil {
readLoopError <- err
return
}
default:
}
}
}()
for {
select {
case err = <-readLoopError:
return err
case s := <-ircSendBuffered: _, err = logAndWriteLn(s)
case line := <-ircSendBuffered: _, err = logAndWriteLn(line)
if err != nil {
select {
case ircSendBuffered <- s:
case ircSendBuffered <- line:
default:
clog.Error("unable to requeue IRC message: " + s)
clog.Error("unable to requeue IRC message: " + line)
}
writeLoopAbort <- struct{}{}
return err
}
case se := <-ircSendDirectChan: _, err = logAndWriteLn(se.content) se.errorBack <- err
case lineErrorBack := <-ircSendDirectChan: _, err = logAndWriteLn(lineErrorBack.content) lineErrorBack.errorBack <- err
if err != nil {
writeLoopAbort <- struct{}{}
return err
}
}
}
}
func ircSendDirect(s string) error {
ech := make(chan error, 1)
ircSendDirectChan <- errorBack[string]{
content: s,
errorBack: ech,
}
return <-ech
}
func ircBotLoop() {
ircSendBuffered = make(chan string, config.IRC.SendQ)
ircSendDirectChan = make(chan errorBack[string])
for {
err := ircBotSession()
clog.Error("IRC error: " + err.Error())
}
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"embed"
"html/template"
"io/fs"
"net/http"
"github.com/tdewolff/minify/v2"
"github.com/tdewolff/minify/v2/html"
)
// We embed all source for easy AGPL compliance.
//
//go:embed .gitignore .gitattributes
//go:embed LICENSE README.md
//go:embed *.go go.mod go.sum
//go:embed *.scfg
//go:embed Makefile
//go:embed static/* templates/* scripts/* sql/*
//go:embed hookc/*.c
//go:embed vendor/*
var sourceFS embed.FS
var sourceHandler = http.StripPrefix(
"/:/source/",
http.FileServer(http.FS(sourceFS)),
)
//go:embed templates/* static/* hookc/hookc
var resourcesFS embed.FS
var templates *template.Template
func loadTemplates() (err error) {
m := minify.New()
minifier := html.Minifier{TemplateDelims: [2]string{"{{", "}}"}, KeepDefaultAttrVals: true} //exhaustruct:ignore
m.Add("text/html", &minifier)
minifier := minify.New()
minifierOptions := html.Minifier{
TemplateDelims: [2]string{"{{", "}}"},
KeepDefaultAttrVals: true,
} //exhaustruct:ignore
minifier.Add("text/html", &minifierOptions)
templates = template.New("templates").Funcs(template.FuncMap{
"first_line": firstLine,
"base_name": baseName,
"path_escape": pathEscape,
"query_escape": queryEscape,
"dereference_error": dereferenceOrZero[error],
})
err = fs.WalkDir(resourcesFS, "templates", func(path string, d fs.DirEntry, err error) error {
if err != nil {
return err
}
if !d.IsDir() {
content, err := fs.ReadFile(resourcesFS, path)
if err != nil {
return err
}
minified, err := m.Bytes("text/html", content)
minified, err := minifier.Bytes("text/html", content)
if err != nil {
return err
}
_, err = templates.Parse(string(minified))
if err != nil {
return err
}
}
return nil
})
return err
}
var staticHandler http.Handler
func init() {
staticFS, err := fs.Sub(resourcesFS, "static")
if err != nil {
panic(err)
}
staticHandler = http.StripPrefix("/:/static/", http.FileServer(http.FS(staticFS)))
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"errors"
"net/http"
"net/url"
"strings"
)
var (
errDupRefSpec = errors.New("duplicate ref spec")
errNoRefSpec = errors.New("no ref spec")
)
func getParamRefTypeName(r *http.Request) (retRefType, retRefName string, err error) {
qr := r.URL.RawQuery
q, err := url.ParseQuery(qr)
func getParamRefTypeName(request *http.Request) (retRefType, retRefName string, err error) {
rawQuery := request.URL.RawQuery
queryValues, err := url.ParseQuery(rawQuery)
if err != nil {
return
}
done := false
for _, refType := range []string{"commit", "branch", "tag"} {
refName, ok := q[refType]
refName, ok := queryValues[refType]
if ok {
if done {
err = errDupRefSpec
return
}
done = true
if len(refName) != 1 {
err = errDupRefSpec
return
}
retRefName = refName[0]
retRefType = refType
}
}
if !done {
err = errNoRefSpec
}
return
}
func parseReqURI(requestURI string) (segments []string, params url.Values, err error) {
path, paramsStr, _ := strings.Cut(requestURI, "?")
segments = strings.Split(strings.TrimPrefix(path, "/"), "/")
for i, segment := range segments {
segments[i], err = url.PathUnescape(segment)
if err != nil {
return
}
}
params, err = url.ParseQuery(paramsStr)
return
}
func redirectDir(w http.ResponseWriter, r *http.Request) bool {
requestURI := r.RequestURI
func redirectDir(writer http.ResponseWriter, request *http.Request) bool {
requestURI := request.RequestURI
pathEnd := strings.IndexAny(requestURI, "?#")
var path, rest string
if pathEnd == -1 {
path = requestURI
} else {
path = requestURI[:pathEnd]
rest = requestURI[pathEnd:]
}
if !strings.HasSuffix(path, "/") {
http.Redirect(w, r, path+"/"+rest, http.StatusSeeOther)
http.Redirect(writer, request, path+"/"+rest, http.StatusSeeOther)
return true } return false }
func redirectNoDir(w http.ResponseWriter, r *http.Request) bool {
requestURI := r.RequestURI
func redirectNoDir(writer http.ResponseWriter, request *http.Request) bool {
requestURI := request.RequestURI
pathEnd := strings.IndexAny(requestURI, "?#")
var path, rest string
if pathEnd == -1 {
path = requestURI
} else {
path = requestURI[:pathEnd]
rest = requestURI[pathEnd:]
}
if strings.HasSuffix(path, "/") {
http.Redirect(w, r, strings.TrimSuffix(path, "/")+rest, http.StatusSeeOther)
http.Redirect(writer, request, strings.TrimSuffix(path, "/")+rest, http.StatusSeeOther)
return true } return false }
func redirectUnconditionally(w http.ResponseWriter, r *http.Request) {
requestURI := r.RequestURI
func redirectUnconditionally(writer http.ResponseWriter, request *http.Request) {
requestURI := request.RequestURI
pathEnd := strings.IndexAny(requestURI, "?#")
var path, rest string
if pathEnd == -1 {
path = requestURI
} else {
path = requestURI[:pathEnd]
rest = requestURI[pathEnd:]
}
http.Redirect(w, r, path+rest, http.StatusSeeOther)
http.Redirect(writer, request, path+rest, http.StatusSeeOther)
}
func segmentsToURL(segments []string) string {
for i, segment := range segments {
segments[i] = url.PathEscape(segment)
}
return strings.Join(segments, "/")
}
func anyContain(ss []string, c string) bool {
for _, s := range ss {
if strings.Contains(s, c) {
return true
}
}
return false
}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"context"
"github.com/jackc/pgx/v5"
)
func addUserSSH(ctx context.Context, pubkey string) (userID int, err error) {
var tx pgx.Tx
var txn pgx.Tx
if tx, err = database.Begin(ctx); err != nil {
if txn, err = database.Begin(ctx); err != nil {
return
}
defer func() {
_ = tx.Rollback(ctx)
_ = txn.Rollback(ctx)
}()
if err = tx.QueryRow(ctx, `INSERT INTO users (type) VALUES ('pubkey_only') RETURNING id`).Scan(&userID); err != nil {
if err = txn.QueryRow(ctx, `INSERT INTO users (type) VALUES ('pubkey_only') RETURNING id`).Scan(&userID); err != nil {
return }
if _, err = tx.Exec(ctx, `INSERT INTO ssh_public_keys (key_string, user_id) VALUES ($1, $2)`, pubkey, userID); err != nil {
if _, err = txn.Exec(ctx, `INSERT INTO ssh_public_keys (key_string, user_id) VALUES ($1, $2)`, pubkey, userID); err != nil {
return }
err = tx.Commit(ctx)
err = txn.Commit(ctx)
return }