Lindenii Project Forge
Login

server

Lindenii Forge’s main backend daemon
Commit info
ID
d1a1358c447175bdfd2c44f0baf2f53201ed096a
Author
Runxi Yu <me@runxiyu.org>
Author date
Tue, 18 Mar 2025 20:12:32 +0800
Committer
Runxi Yu <me@runxiyu.org>
Committer date
Tue, 18 Mar 2025 20:12:32 +0800
Actions
Get patch
gofumpt

// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>

package main

import (
	"context"

	"github.com/jackc/pgx/v5/pgtype"
)

// get_path_perm_by_group_repo_key returns the filesystem path and direct
// access permission for a given repo and a provided ssh public key.

func get_path_perm_by_group_repo_key(ctx context.Context, group_path []string, repo_name, ssh_pubkey string) (repo_id int, filesystem_path string, access bool, contrib_requirements string, user_type string, user_id int, err error) {

func get_path_perm_by_group_repo_key(ctx context.Context, group_path []string, repo_name, ssh_pubkey string) (repo_id int, filesystem_path string, access bool, contrib_requirements, user_type string, user_id int, err error) {

	err = database.QueryRow(ctx, `
WITH RECURSIVE group_path_cte AS (
	-- Start: match the first name in the path where parent_group IS NULL
	SELECT
		id,
		parent_group,
		name,
		1 AS depth
	FROM groups
	WHERE name = ($1::text[])[1]
		AND parent_group IS NULL

	UNION ALL

	-- Recurse: join next segment of the path
	SELECT
		g.id,
		g.parent_group,
		g.name,
		group_path_cte.depth + 1
	FROM groups g
	JOIN group_path_cte ON g.parent_group = group_path_cte.id
	WHERE g.name = ($1::text[])[group_path_cte.depth + 1]
		AND group_path_cte.depth + 1 <= cardinality($1::text[])
)
SELECT
	r.id,
	r.filesystem_path,
	CASE WHEN ugr.user_id IS NOT NULL THEN TRUE ELSE FALSE END AS has_role_in_group,
	r.contrib_requirements,
	COALESCE(u.type, ''),
	COALESCE(u.id, 0)
FROM group_path_cte g
JOIN repos r ON r.group_id = g.id
LEFT JOIN ssh_public_keys s ON s.key_string = $3
LEFT JOIN users u ON u.id = s.user_id
LEFT JOIN user_group_roles ugr ON ugr.group_id = g.id AND ugr.user_id = u.id
WHERE g.depth = cardinality($1::text[])
	AND r.name = $2
`, pgtype.FlatArray[string](group_path), repo_name, ssh_pubkey,
	).Scan(&repo_id, &filesystem_path, &access, &contrib_requirements, &user_type, &user_id)
	return
}

// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>

package main

import (
	"net/http"
	"strings"

	"github.com/go-git/go-git/v5"
	"github.com/go-git/go-git/v5/plumbing"

	"github.com/go-git/go-git/v5/plumbing/storer"

	"github.com/go-git/go-git/v5/plumbing/object"

	"github.com/go-git/go-git/v5/plumbing/storer"

)

func handle_repo_index(w http.ResponseWriter, r *http.Request, params map[string]any) {
	var repo *git.Repository
	var repo_name string
	var group_path []string
	var ref_hash plumbing.Hash
	var err error
	var recent_commits []*object.Commit
	var commit_object *object.Commit
	var tree *object.Tree
	var notes []string
	var branches []string
	var branches_ storer.ReferenceIter

	repo, repo_name, group_path = params["repo"].(*git.Repository), params["repo_name"].(string), params["group_path"].([]string)

	if strings.Contains(repo_name, "\n") || slice_contains_newline(group_path) {
		notes = append(notes, "Path contains newlines; HTTP Git access impossible")
	}

	ref_hash, err = get_ref_hash_from_type_and_name(repo, params["ref_type"].(string), params["ref_name"].(string))
	if err != nil {
		goto no_ref
	}

	branches_, err = repo.Branches()

	if err != nil {}
	err = branches_.ForEach(func (branch *plumbing.Reference) error {

	if err != nil {
	}
	err = branches_.ForEach(func(branch *plumbing.Reference) error {

		branches = append(branches, branch.Name().Short())
		return nil
	})

	if err != nil {}

	if err != nil {
	}

	params["branches"] = branches

	if recent_commits, err = get_recent_commits(repo, ref_hash, 3); err != nil {
		goto no_ref
	}
	params["commits"] = recent_commits

	if commit_object, err = repo.CommitObject(ref_hash); err != nil {
		goto no_ref
	}

	if tree, err = commit_object.Tree(); err != nil {
		goto no_ref
	}

	params["files"] = build_display_git_tree(tree)
	params["readme_filename"], params["readme"] = render_readme_at_tree(tree)

no_ref:

	params["http_clone_url"] = generate_http_remote_url(group_path, repo_name)
	params["ssh_clone_url"] = generate_ssh_remote_url(group_path, repo_name)
	params["notes"] = notes

	render_template(w, "repo_index", params)
}

// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>

package main

import (
	"errors"
	"fmt"
	"os"
	"os/exec"

	glider_ssh "github.com/gliderlabs/ssh"
	"github.com/go-git/go-git/v5"
	"go.lindenii.runxiyu.org/lindenii-common/cmap"
)

type pack_to_hook_t struct {
	session              glider_ssh.Session
	repo                 *git.Repository
	pubkey               string
	direct_access        bool
	repo_path            string
	user_id              int
	user_type            string
	repo_id              int
	group_path           []string
	repo_name            string
	contrib_requirements string
}

var pack_to_hook_by_cookie = cmap.Map[string, pack_to_hook_t]{}

// ssh_handle_receive_pack handles attempts to push to repos.

func ssh_handle_receive_pack(session glider_ssh.Session, pubkey string, repo_identifier string) (err error) {

func ssh_handle_receive_pack(session glider_ssh.Session, pubkey, repo_identifier string) (err error) {

	group_path, repo_name, repo_id, repo_path, direct_access, contrib_requirements, user_type, user_id, err := get_repo_path_perms_from_ssh_path_pubkey(session.Context(), repo_identifier, pubkey)
	if err != nil {
		return err
	}
	repo, err := git.PlainOpen(repo_path)
	if err != nil {
		return err
	}

	repo_config, err := repo.Config()
	if err != nil {
		return err
	}

	repo_config_core := repo_config.Raw.Section("core")
	if repo_config_core == nil {
		return errors.New("Repository has no core section in config")
	}

	hooksPath := repo_config_core.OptionAll("hooksPath")
	if len(hooksPath) != 1 || hooksPath[0] != config.Hooks.Execs {
		return errors.New("Repository has hooksPath set to an unexpected value")
	}

	if !direct_access {
		switch contrib_requirements {
		case "closed":
			if !direct_access {
				return errors.New("You need direct access to push to this repo.")
			}
		case "registered_user":
			if user_type != "registered" {
				return errors.New("You need to be a registered user to push to this repo.")
			}
		case "ssh_pubkey":
			fallthrough
		case "federated":
			if pubkey == "" {
				return errors.New("You need to have an SSH public key to push to this repo.")
			}
			if user_type == "" {
				user_id, err = add_user_ssh(session.Context(), pubkey)
				if err != nil {
					return err
				}
				fmt.Fprintln(session.Stderr(), "You are now registered as user ID", user_id)
				user_type = "pubkey_only"
			}

		case "public":
		default:
			panic("unknown contrib_requirements value " + contrib_requirements)
		}
	}

	cookie, err := random_urlsafe_string(16)
	if err != nil {
		fmt.Fprintln(session.Stderr(), "Error while generating cookie:", err)
	}

	pack_to_hook_by_cookie.Store(cookie, pack_to_hook_t{
		session:              session,
		pubkey:               pubkey,
		direct_access:        direct_access,
		repo_path:            repo_path,
		user_id:              user_id,
		repo_id:              repo_id,
		group_path:           group_path,
		repo_name:            repo_name,
		repo:                 repo,
		contrib_requirements: contrib_requirements,
		user_type:            user_type,
	})
	defer pack_to_hook_by_cookie.Delete(cookie)
	// The Delete won't execute until proc.Wait returns unless something
	// horribly wrong such as a panic occurs.

	proc := exec.CommandContext(session.Context(), "git-receive-pack", repo_path)
	proc.Env = append(os.Environ(),
		"LINDENII_FORGE_HOOKS_SOCKET_PATH="+config.Hooks.Socket,
		"LINDENII_FORGE_HOOKS_COOKIE="+cookie,
	)
	proc.Stdin = session
	proc.Stdout = session
	proc.Stderr = session.Stderr()

	if err = proc.Start(); err != nil {
		fmt.Fprintln(session.Stderr(), "Error while starting process:", err)
		return err
	}

	err = proc.Wait()
	if exitError, ok := err.(*exec.ExitError); ok {
		fmt.Fprintln(session.Stderr(), "Process exited with error", exitError.ExitCode())
	} else if err != nil {
		fmt.Fprintln(session.Stderr(), "Error while waiting for process:", err)
	}

	return err
}

// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>

package main

import (
	"fmt"
	"os"
	"os/exec"

	glider_ssh "github.com/gliderlabs/ssh"
)

// ssh_handle_upload_pack handles clones/fetches. It just uses git-upload-pack
// and has no ACL checks.

func ssh_handle_upload_pack(session glider_ssh.Session, pubkey string, repo_identifier string) (err error) {

func ssh_handle_upload_pack(session glider_ssh.Session, pubkey, repo_identifier string) (err error) {

	var repo_path string
	if _, _, _, repo_path, _, _, _, _, err = get_repo_path_perms_from_ssh_path_pubkey(session.Context(), repo_identifier, pubkey); err != nil {
		return err
	}

	proc := exec.CommandContext(session.Context(), "git-upload-pack", repo_path)
	proc.Env = append(os.Environ(), "LINDENII_FORGE_HOOKS_SOCKET_PATH="+config.Hooks.Socket)
	proc.Stdin = session
	proc.Stdout = session
	proc.Stderr = session.Stderr()

	if err = proc.Start(); err != nil {
		fmt.Fprintln(session.Stderr(), "Error while starting process:", err)
		return err
	}

	err = proc.Wait()
	if exitError, ok := err.(*exec.ExitError); ok {
		fmt.Fprintln(session.Stderr(), "Process exited with error", exitError.ExitCode())
	} else if err != nil {
		fmt.Fprintln(session.Stderr(), "Error while waiting for process:", err)
	}

	return err
}

// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>

package main

import (
	"context"
	"errors"
	"fmt"
	"io"
	"net/url"
	"strings"

	"go.lindenii.runxiyu.org/lindenii-common/ansiec"
)

var err_ssh_illegal_endpoint = errors.New("illegal endpoint during SSH access")


func get_repo_path_perms_from_ssh_path_pubkey(ctx context.Context, ssh_path string, ssh_pubkey string) (group_path []string, repo_name string, repo_id int, repo_path string, direct_access bool, contrib_requirements string, user_type string, user_id int, err error) {

func get_repo_path_perms_from_ssh_path_pubkey(ctx context.Context, ssh_path, ssh_pubkey string) (group_path []string, repo_name string, repo_id int, repo_path string, direct_access bool, contrib_requirements, user_type string, user_id int, err error) {

	var segments []string
	var separator_index int
	var module_type, module_name string

	segments = strings.Split(strings.TrimPrefix(ssh_path, "/"), "/")

	for i, segment := range segments {
		var err error
		segments[i], err = url.PathUnescape(segment)
		if err != nil {
			return []string{}, "", 0, "", false, "", "", 0, err
		}
	}

	if segments[0] == ":" {
		return []string{}, "", 0, "", false, "", "", 0, err_ssh_illegal_endpoint
	}

	separator_index = -1
	for i, part := range segments {
		if part == ":" {
			separator_index = i
			break
		}
	}
	if segments[len(segments)-1] == "" {
		segments = segments[:len(segments)-1]
	}

	switch {
	case separator_index == -1:
		return []string{}, "", 0, "", false, "", "", 0, err_ssh_illegal_endpoint
	case len(segments) <= separator_index+2:
		return []string{}, "", 0, "", false, "", "", 0, err_ssh_illegal_endpoint
	}

	group_path = segments[:separator_index]
	module_type = segments[separator_index+1]
	module_name = segments[separator_index+2]
	repo_name = module_name
	switch module_type {
	case "repos":
		_1, _2, _3, _4, _5, _6, _7 := get_path_perm_by_group_repo_key(ctx, group_path, module_name, ssh_pubkey)
		return group_path, repo_name, _1, _2, _3, _4, _5, _6, _7
	default:
		return []string{}, "", 0, "", false, "", "", 0, err_ssh_illegal_endpoint
	}
}

func wf_error(w io.Writer, format string, args ...any) {
	fmt.Fprintln(w, ansiec.Red+fmt.Sprintf(format, args...)+ansiec.Reset)
}