Lindenii Project Forge
Login
Commit info
ID5614adc762adc2e94a9bf2d6d69fef46570ae376
AuthorRunxi Yu<me@runxiyu.org>
Author dateThu, 06 Mar 2025 20:44:21 +0800
CommitterRunxi Yu<me@runxiyu.org>
Committer dateThu, 06 Mar 2025 20:44:21 +0800
Actions
Get patch
http: Check for direct user access

// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>

package main

import (
	"fmt"
	"net/http"

	"github.com/jackc/pgx/v5"
	"github.com/jackc/pgx/v5/pgtype"
)

func handle_group_index(w http.ResponseWriter, r *http.Request, params map[string]any) {
	var group_path []string
	var repos []name_desc_t
	var subgroups []name_desc_t
	var err error
	var group_id int
	var group_description string

	group_path = params["group_path"].([]string)

	// The group itself
	err = database.QueryRow(r.Context(), `
		WITH RECURSIVE group_path_cte AS (
			SELECT
				id,
				parent_group,
				name,
				1 AS depth
			FROM groups
			WHERE name = ($1::text[])[1]
				AND parent_group IS NULL

			UNION ALL

			SELECT
				g.id,
				g.parent_group,
				g.name,
				group_path_cte.depth + 1
			FROM groups g
			JOIN group_path_cte ON g.parent_group = group_path_cte.id
			WHERE g.name = ($1::text[])[group_path_cte.depth + 1]
				AND group_path_cte.depth + 1 <= cardinality($1::text[])
		)
		SELECT c.id, COALESCE(g.description, '')
		FROM group_path_cte c
		JOIN groups g ON g.id = c.id
		WHERE c.depth = cardinality($1::text[])
	`,
		pgtype.FlatArray[string](group_path),
	).Scan(&group_id, &group_description)

	if err == pgx.ErrNoRows {
		http.Error(w, "Group not found", http.StatusNotFound)
		return
	} else if err != nil {
		http.Error(w, "Error getting group: "+err.Error(), http.StatusInternalServerError)
		return
	}


	// ACL
	var count int
	err = database.QueryRow(r.Context(), `
		SELECT COUNT(*)
		FROM user_group_roles
		WHERE user_id = $1
			AND group_id = $2
	`, params["user_id"].(int), group_id).Scan(&count)
	if err != nil {
		http.Error(w, "Error checking access: "+err.Error(), http.StatusInternalServerError)
		return
	}
	direct_access := (count > 0)


	// Repos
	var rows pgx.Rows
	rows, err = database.Query(r.Context(), `
		SELECT name, COALESCE(description, '')
		FROM repos
		WHERE group_id = $1
	`, group_id)
	if err != nil {
		http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
		return
	}
	defer rows.Close()

	for rows.Next() {
		var name, description string
		if err = rows.Scan(&name, &description); err != nil {
			http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
			return
		}
		repos = append(repos, name_desc_t{name, description})
	}
	if err = rows.Err(); err != nil {
		http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
		return
	}

	// Subgroups
	rows, err = database.Query(r.Context(), `
		SELECT name, COALESCE(description, '')
		FROM groups
		WHERE parent_group = $1
	`, group_id)
	if err != nil {
		http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
		return
	}
	defer rows.Close()

	for rows.Next() {
		var name, description string
		if err = rows.Scan(&name, &description); err != nil {
			http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
			return
		}
		subgroups = append(subgroups, name_desc_t{name, description})
	}
	if err = rows.Err(); err != nil {
		http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
		return
	}

	params["repos"] = repos
	params["subgroups"] = subgroups
	params["description"] = group_description

	params["direct_access"] = direct_access


	fmt.Println(group_path)

	render_template(w, "group", params)
}

// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>

package main

import (
	"errors"
	"fmt"
	"net/http"
	"strconv"
	"strings"

	"github.com/jackc/pgx/v5"
	"go.lindenii.runxiyu.org/lindenii-common/clog"
)

type http_router_t struct{}

func (router *http_router_t) ServeHTTP(w http.ResponseWriter, r *http.Request) {
	clog.Info("Incoming HTTP: " + r.RemoteAddr + " " + r.Method + " " + r.RequestURI)

	var segments []string
	var err error
	var non_empty_last_segments_len int
	var separator_index int
	params := make(map[string]any)

	if segments, _, err = parse_request_uri(r.RequestURI); err != nil {
		http.Error(w, err.Error(), http.StatusBadRequest)
		return
	}
	non_empty_last_segments_len = len(segments)
	if segments[len(segments)-1] == "" {
		non_empty_last_segments_len--
	}

	if segments[0] == ":" {
		if len(segments) < 2 {
			http.Error(w, "Blank system endpoint", http.StatusNotFound)
			return
		} else if len(segments) == 2 && redirect_with_slash(w, r) {
			return
		}

		switch segments[1] {
		case "static":
			static_handler.ServeHTTP(w, r)
			return
		case "source":
			source_handler.ServeHTTP(w, r)
			return
		}
	}

	params["url_segments"] = segments
	params["global"] = global_data
	var _user_id int // 0 for none
	_user_id, params["username"], err = get_user_info_from_request(r)

	params["user_id"] = _user_id

	if errors.Is(err, http.ErrNoCookie) {
	} else if errors.Is(err, pgx.ErrNoRows) {
	} else if err != nil {
		http.Error(w, "Error getting user info from request: "+err.Error(), http.StatusInternalServerError)
		return
	}

	if _user_id == 0 {

		params["user_id"] = ""

		params["user_id_string"] = ""

	} else {

		params["user_id"] = strconv.Itoa(_user_id)

		params["user_id_string"] = strconv.Itoa(_user_id)

	}

	if segments[0] == ":" {
		switch segments[1] {
		case "login":
			handle_login(w, r, params)
			return
		case "users":
			handle_users(w, r, params)
			return
		default:
			http.Error(w, fmt.Sprintf("Unknown system module type: %s", segments[1]), http.StatusNotFound)
			return
		}
	}

	separator_index = -1
	for i, part := range segments {
		if part == ":" {
			separator_index = i
			break
		}
	}

	params["separator_index"] = separator_index

	var group_path []string
	var module_type string
	var module_name string

	if separator_index > 0 {
		group_path = segments[:separator_index]
	} else {
		group_path = segments[:len(segments)-1]
	}
	params["group_path"] = group_path

	switch {
	case non_empty_last_segments_len == 0:
		handle_index(w, r, params)
	case separator_index == -1:
		if redirect_with_slash(w, r) {
			return
		}
		handle_group_index(w, r, params)
	case non_empty_last_segments_len == separator_index+1:
		http.Error(w, "Illegal path 1", http.StatusNotImplemented)
		return
	case non_empty_last_segments_len == separator_index+2:
		http.Error(w, "Illegal path 2", http.StatusNotImplemented)
		return
	default:
		module_type = segments[separator_index+1]
		module_name = segments[separator_index+2]
		switch module_type {
		case "repos":
			params["repo_name"] = module_name

			if non_empty_last_segments_len > separator_index+3 {
				switch segments[separator_index+3] {
				case "info":
					if err = handle_repo_info(w, r, params); err != nil {
						http.Error(w, err.Error(), http.StatusInternalServerError)
					}
					return
				case "git-upload-pack":
					if err = handle_upload_pack(w, r, params); err != nil {
						http.Error(w, err.Error(), http.StatusInternalServerError)
					}
					return
				}
			}

			if params["ref_type"], params["ref_name"], err = get_param_ref_and_type(r); err != nil {
				if errors.Is(err, err_no_ref_spec) {
					params["ref_type"] = ""
				} else {
					http.Error(w, "Error querying ref type: "+err.Error(), http.StatusInternalServerError)
					return
				}
			}

			// TODO: subgroups

			if params["repo"], params["repo_description"], params["repo_id"], err = open_git_repo(r.Context(), group_path, module_name); err != nil {
				http.Error(w, "Error opening repo: "+err.Error(), http.StatusInternalServerError)
				return
			}

			fmt.Println(non_empty_last_segments_len, separator_index, segments)

			if non_empty_last_segments_len == separator_index+3 {
				if redirect_with_slash(w, r) {
					return
				}
				handle_repo_index(w, r, params)
				return
			}

			repo_feature := segments[separator_index+3]
			switch repo_feature {
			case "tree":
				params["rest"] = strings.Join(segments[separator_index+4:], "/")
				if len(segments) < separator_index+5 && redirect_with_slash(w, r) {
					return
				}
				handle_repo_tree(w, r, params)
			case "raw":
				params["rest"] = strings.Join(segments[separator_index+4:], "/")
				if len(segments) < separator_index+5 && redirect_with_slash(w, r) {
					return
				}
				handle_repo_raw(w, r, params)
			case "log":
				if non_empty_last_segments_len > separator_index+4 {
					http.Error(w, "Too many parameters", http.StatusBadRequest)
					return
				}
				if redirect_with_slash(w, r) {
					return
				}
				handle_repo_log(w, r, params)
			case "commit":
				if redirect_without_slash(w, r) {
					return
				}
				params["commit_id"] = segments[separator_index+4]
				handle_repo_commit(w, r, params)
			case "contrib":
				if redirect_with_slash(w, r) {
					return
				}
				switch non_empty_last_segments_len {
				case separator_index + 4:
					handle_repo_contrib_index(w, r, params)
				case separator_index + 5:
					params["mr_id"] = segments[separator_index+4]
					handle_repo_contrib_one(w, r, params)
				default:
					http.Error(w, "Too many parameters", http.StatusBadRequest)
				}
			default:
				http.Error(w, fmt.Sprintf("Unknown repo feature: %s", repo_feature), http.StatusNotFound)
			}
		default:
			http.Error(w, fmt.Sprintf("Unknown module type: %s", module_type), http.StatusNotFound)
		}
	}
}

{{/*
	SPDX-License-Identifier: AGPL-3.0-only
	SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
*/}}
{{- define "header" -}}
<header id="main-header">
	<div id="main-header-forge-title">
		<a href="/">{{ .global.forge_title }}</a>
	</div>
	<div id="main-header-user">

		{{ if ne .user_id "" }}
			<a href="/:/users/{{ .user_id }}">{{ .username }}</a>

		{{ if ne .user_id_string "" }}
			<a href="/:/users/{{ .user_id_string }}">{{ .username }}</a>

		{{ else }}
			<a href="/:/login/">Login</a>
		{{ end }}
	</div>
</header>
{{- end -}}