| Commit info | |
|---|---|
| ID | fa62d8eae273d89937d65d6a294f028e1ce22d88 |
| Author | Runxi Yu<me@runxiyu.org> |
| Author date | Thu, 06 Mar 2025 22:01:08 +0800 |
| Committer | Runxi Yu<me@runxiyu.org> |
| Committer date | Thu, 06 Mar 2025 22:01:31 +0800 |
| Actions | Get patch |
group/index: Allow repo creation via web
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"bufio"
"context"
"errors"
"os"
"github.com/jackc/pgx/v5/pgxpool"
"go.lindenii.runxiyu.org/lindenii-common/scfg"
)
var database *pgxpool.Pool
var err_unsupported_database_type = errors.New("unsupported database type")
var config struct {
HTTP struct {
Net string `scfg:"net"`
Addr string `scfg:"addr"`
CookieExpiry int `scfg:"cookie_expiry"`
Root string `scfg:"root"`
} `scfg:"http"`
Hooks struct {
Socket string `scfg:"socket"`
Execs string `scfg:"execs"`
} `scfg:"hooks"`
Git struct {
RepoDir string `scfg:"repo_dir"`
} `scfg:"git"`
SSH struct {
Net string `scfg:"net"`
Addr string `scfg:"addr"`
Key string `scfg:"key"`
Root string `scfg:"root"`
} `scfg:"ssh"`
General struct {
Title string `scfg:"title"`
} `scfg:"general"`
DB struct {
Type string `scfg:"type"`
Conn string `scfg:"conn"`
} `scfg:"db"`
}
func load_config(path string) (err error) {
var config_file *os.File
var decoder *scfg.Decoder
if config_file, err = os.Open(path); err != nil {
return err
}
defer config_file.Close()
decoder = scfg.NewDecoder(bufio.NewReader(config_file))
if err = decoder.Decode(&config); err != nil {
return err
}
if config.DB.Type != "postgres" {
return err_unsupported_database_type
}
if database, err = pgxpool.New(context.Background(), config.DB.Conn); err != nil {
return err
}
global_data["forge_title"] = config.General.Title
return nil
}
http {
# What network transport should we listen on?
# Examples: tcp tcp4 tcp6 unix
net tcp
# What address to listen on?
# Examples for net tcp*: 127.0.0.1:8080 :80
# Example for unix: /var/run/lindenii/forge/http.sock
addr /var/run/lindenii/forge/http.sock
# How many seconds should cookies be remembered before they are purged?
cookie_expiry 604800
# What is the canonical URL of the web root?
root https://forge.example.org
}
git {
repo_dir /var/lib/lindenii/forge/repos
}
ssh {
# What network transport should we listen on?
# This should be "tcp" in almost all cases.
net tcp
# What address to listen on?
addr :22
# What is the path to the SSH host key? Generate it with ssh-keygen.
# The key must have an empty password.
key /etc/lindenii/ssh_host_ed25519_key
# What is the canonical SSH URL?
root ssh://forge.example.org
}
general {
title "Test Forge"
}
db {
# What type of database are we connecting to?
# Currently only "postgres" is supported.
type postgres
# What is the connection string?
conn postgresql:///lindenii-forge?host=/var/run/postgresql
}
hooks {
# On which UNIX domain socket should we listen for hook callbacks on?
socket /var/run/lindenii/forge/hooks.sock
# Where should hook executables be put?
execs /usr/libexec/lindenii/forge/hooks
}
// SPDX-License-Identifier: AGPL-3.0-only // SPDX-FileContributor: Runxi Yu <https://runxiyu.org> package main import ( "net/http"
"path/filepath" "strconv"
"github.com/jackc/pgx/v5"
"github.com/jackc/pgx/v5/pgtype"
)
func handle_group_index(w http.ResponseWriter, r *http.Request, params map[string]any) {
var group_path []string
var repos []name_desc_t
var subgroups []name_desc_t
var err error
var group_id int
var group_description string
group_path = params["group_path"].([]string)
// The group itself
err = database.QueryRow(r.Context(), `
WITH RECURSIVE group_path_cte AS (
SELECT
id,
parent_group,
name,
1 AS depth
FROM groups
WHERE name = ($1::text[])[1]
AND parent_group IS NULL
UNION ALL
SELECT
g.id,
g.parent_group,
g.name,
group_path_cte.depth + 1
FROM groups g
JOIN group_path_cte ON g.parent_group = group_path_cte.id
WHERE g.name = ($1::text[])[group_path_cte.depth + 1]
AND group_path_cte.depth + 1 <= cardinality($1::text[])
)
SELECT c.id, COALESCE(g.description, '')
FROM group_path_cte c
JOIN groups g ON g.id = c.id
WHERE c.depth = cardinality($1::text[])
`,
pgtype.FlatArray[string](group_path),
).Scan(&group_id, &group_description)
if err == pgx.ErrNoRows {
http.Error(w, "Group not found", http.StatusNotFound)
return
} else if err != nil {
http.Error(w, "Error getting group: "+err.Error(), http.StatusInternalServerError)
return
}
// ACL
var count int
err = database.QueryRow(r.Context(), `
SELECT COUNT(*)
FROM user_group_roles
WHERE user_id = $1
AND group_id = $2
`, params["user_id"].(int), group_id).Scan(&count)
if err != nil {
http.Error(w, "Error checking access: "+err.Error(), http.StatusInternalServerError)
return
}
direct_access := (count > 0)
if r.Method == "POST" {
if !direct_access {
http.Error(w, "You do not have direct access to this group", http.StatusForbidden)
return
}
repo_name := r.FormValue("repo_name")
repo_description := r.FormValue("repo_description")
contrib_requirements := r.FormValue("repo_contrib")
if repo_name == "" {
http.Error(w, "Repo name is required", http.StatusBadRequest)
return
}
var new_repo_id int
err := database.QueryRow(
r.Context(),
`INSERT INTO repos (name, description, group_id, contrib_requirements)
VALUES ($1, $2, $3, $4)
RETURNING id`,
repo_name,
repo_description,
group_id,
contrib_requirements,
).Scan(&new_repo_id)
if err != nil {
http.Error(w, "Error creating repo: "+err.Error(), http.StatusInternalServerError)
return
}
file_path := filepath.Join(config.Git.RepoDir, strconv.Itoa(new_repo_id)+".git")
_, err = database.Exec(
r.Context(),
`UPDATE repos
SET filesystem_path = $1
WHERE id = $2`,
file_path,
new_repo_id,
)
if err != nil {
http.Error(w, "Error updating repo path: "+err.Error(), http.StatusInternalServerError)
return
}
if err = git_bare_init_with_default_hooks(file_path); err != nil {
http.Error(w, "Error initializing repo: "+err.Error(), http.StatusInternalServerError)
return
}
redirect_unconditionally(w, r)
return
}
// Repos
var rows pgx.Rows
rows, err = database.Query(r.Context(), `
SELECT name, COALESCE(description, '')
FROM repos
WHERE group_id = $1
`, group_id)
if err != nil {
http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
return
}
defer rows.Close()
for rows.Next() {
var name, description string
if err = rows.Scan(&name, &description); err != nil {
http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
return
}
repos = append(repos, name_desc_t{name, description})
}
if err = rows.Err(); err != nil {
http.Error(w, "Error getting repos: "+err.Error(), http.StatusInternalServerError)
return
}
// Subgroups
rows, err = database.Query(r.Context(), `
SELECT name, COALESCE(description, '')
FROM groups
WHERE parent_group = $1
`, group_id)
if err != nil {
http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
return
}
defer rows.Close()
for rows.Next() {
var name, description string
if err = rows.Scan(&name, &description); err != nil {
http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
return
}
subgroups = append(subgroups, name_desc_t{name, description})
}
if err = rows.Err(); err != nil {
http.Error(w, "Error getting subgroups: "+err.Error(), http.StatusInternalServerError)
return
}
params["repos"] = repos
params["subgroups"] = subgroups
params["description"] = group_description
params["direct_access"] = direct_access
render_template(w, "group", params)
}
/*
* SPDX-License-Identifier: AGPL-3.0-only
* SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
* SPDX-FileContributor: luk3yx <https://luk3yx.github.io>
*/
/* Base styles and variables */
html {
font-family: sans-serif;
background-color: var(--background-color);
color: var(--text-color);
--background-color: hsl(0, 0%, 100%);
--text-color: hsl(0, 0%, 0%);
--link-color: hsl(320, 50%, 36%);
--light-text-color: hsl(0, 0%, 45%);
--darker-border-color: hsl(0, 0%, 72%);
--lighter-border-color: hsl(0, 0%, 85%);
--text-decoration-color: hsl(0, 0%, 72%);
--darker-box-background-color: hsl(0, 0%, 92%);
--lighter-box-background-color: hsl(0, 0%, 95%);
--primary-color: hsl(320, 50%, 36%);
--primary-color-contrast: hsl(320, 0%, 100%);
--danger-color: hsl(0, 50%, 36%);
--danger-color-contrast: hsl(0, 0%, 100%);
}
/* Dark mode overrides */
@media (prefers-color-scheme: dark) {
html {
--background-color: hsl(0, 0%, 0%);
--text-color: hsl(0, 0%, 100%);
--link-color: hsl(320, 50%, 76%);
--light-text-color: hsl(0, 0%, 78%);
--darker-border-color: hsl(0, 0%, 35%);
--lighter-border-color: hsl(0, 0%, 25%);
--text-decoration-color: hsl(0, 0%, 30%);
--darker-box-background-color: hsl(0, 0%, 20%);
--lighter-box-background-color: hsl(0, 0%, 15%);
}
}
/* Global layout */
body {
margin: 0;
}
html, code, pre {
font-size: 0.96rem; /* TODO: Not always correct */
}
/* Toggle table controls */
.toggle-table-off, .toggle-table-on {
opacity: 0;
position: absolute;
}
.toggle-table-off:focus-visible + table > thead > tr > th > label,
.toggle-table-on:focus-visible + table > thead > tr > th > label {
outline: 1.5px var(--primary-color) solid;
}
.toggle-table-off + table > thead > tr > th, .toggle-table-on + table > thead > tr > th {
padding: 0;
}
.toggle-table-off + table > thead > tr > th > label, .toggle-table-on + table > thead > tr > th > label {
width: 100%;
display: inline-block;
padding: 3px 0;
cursor: pointer;
}
.toggle-table-off:checked + table > tbody {
display: none;
}
.toggle-table-on + table > tbody {
display: none;
}
.toggle-table-on:checked + table > tbody {
display: table-row-group;
}
/* Footer styles */
footer {
margin-top: 1rem;
margin-left: auto;
margin-right: auto;
display: block;
padding: 0 5px;
width: fit-content;
text-align: center;
color: var(--light-text-color);
}
footer a:link, footer a:visited {
color: inherit;
}
/* Padding containers */
.padding-wrapper {
margin: 1rem auto;
max-width: 60rem;
padding: 0 5px;
}
.padding {
padding: 0 5px;
}
/* Link styles */
a:link, a:visited {
text-decoration-color: var(--text-decoration-color);
color: var(--link-color);
}
/* Readme inline code styling */
#readme code:not(pre > code) {
background-color: var(--lighter-box-background-color);
border-radius: 2px;
padding: 2px;
}
/* Readme word breaks to avoid overfull hboxes */
#readme {
word-break: break-word;
}
/* Table styles */
table {
border: var(--lighter-border-color) solid 1px;
border-spacing: 0px;
border-collapse: collapse;
}
table.wide {
width: 100%;
}
td, th {
padding: 3px 5px;
border: var(--lighter-border-color) solid 1px;
}
.pad {
padding: 3px 5px;
}
th, thead, tfoot {
background-color: var(--lighter-box-background-color);
}
th[scope=row] {
text-align: left;
}
tr.title-row > th, th.title-row, .title-row {
background-color: var(--lighter-box-background-color);
}
td > pre {
margin: 0;
}
#readme > *:last-child {
margin-bottom: 0;
}
#readme > *:first-child {
margin-top: 0;
}
/* Table misc and scrolling */
.commit-id {
font-family: monospace;
word-break: break-word;
}
.scroll {
overflow-x: auto;
}
/* Diff/chunk styles */
.chunk-unchanged {
color: grey;
}
.chunk-addition {
background-color: green;
}
@media (prefers-color-scheme: dark) {
.chunk-addition {
background-color: lime;
}
}
.chunk-deletion {
background-color: red;
}
.chunk-unknown {
background-color: yellow;
}
pre.chunk {
margin-top: 0;
margin-bottom: 0;
}
.centering {
text-align: center;
}
/* Toggle content sections */
.toggle-off-wrapper, .toggle-on-wrapper {
border: var(--lighter-border-color) solid 1px;
}
.toggle-off-toggle, .toggle-on-toggle {
opacity: 0;
position: absolute;
}
.toggle-off-header, .toggle-on-header {
font-weight: bold;
cursor: pointer;
display: block;
width: 100%;
background-color: var(--lighter-box-background-color);
}
.toggle-off-header > div, .toggle-on-header > div {
padding: 3px 5px;
display: block;
}
.toggle-on-content {
display: none;
}
.toggle-on-toggle:focus-visible + .toggle-on-header, .toggle-off-toggle:focus-visible + .toggle-off-header {
outline: 1.5px var(--primary-color) solid;
}
.toggle-on-toggle:checked + .toggle-on-header + .toggle-on-content {
display: block;
}
.toggle-off-content {
display: block;
}
.toggle-off-toggle:checked + .toggle-off-header + .toggle-off-content {
display: none;
}
*:focus-visible {
outline: 1.5px var(--primary-color) solid;
}
/* File display styles */
.file-patch + .file-patch {
margin-top: 0.5rem;
}
.file-content {
padding: 3px 5px;
}
.file-header {
font-family: monospace;
display: flex;
flex-direction: row;
align-items: center;
}
.file-header::after {
content: "\25b6";
font-family: sans-serif;
margin-left: auto;
line-height: 100%;
margin-right: 0.25em;
}
.file-toggle:checked + .file-header::after {
content: "\25bc";
}
/* Form elements */
textarea {
box-sizing: border-box;
background-color: var(--lighter-box-background-color);
resize: vertical;
}
textarea,
input[type=text],
input[type=password] {
font-family: sans-serif;
font-size: smaller;
background-color: var(--lighter-box-background-color);
color: var(--text-color);
border: none;
padding: 0.3rem;
width: 100%;
box-sizing: border-box;
}
td.tdinput, th.tdinput {
padding: 0;
position: relative;
}
td.tdinput textarea,
td.tdinput input[type=text],
td.tdinput input[type=password],
th.tdinput textarea,
th.tdinput input[type=text],
th.tdinput input[type=password] {
background-color: transparent;
}
td.tdinput select {
position: absolute;
background-color: var(--background-color);
border: none;
/*
width: 100%;
height: 100%;
*/
box-sizing: border-box;
top: 0;
left: 0;
right: 0;
bottom: 0;
}
/* Button styles */
.btn-primary, a.btn-primary {
background: var(--primary-color);
color: var(--primary-color-contrast);
border: var(--lighter-border-color) 1px solid;
font-weight: bold;
}
.btn-danger, a.btn-danger {
background: var(--danger-color);
color: var(--danger-color-contrast);
border: var(--lighter-border-color) 1px solid;
font-weight: bold;
}
.btn-white, a.btn-white {
background: var(--primary-color-contrast);
color: var(--primary-color);
border: var(--lighter-border-color) 1px solid;
}
.btn-normal, a.btn-normal,
input[type=file]::file-selector-button {
background: var(--lighter-box-background-color);
border: var(--lighter-border-color) 1px solid !important;
color: var(--text-color);
}
.btn, .btn-white, .btn-danger, .btn-normal, .btn-primary,
input[type=submit],
input[type=file]::file-selector-button {
display: inline-block;
width: auto;
min-width: fit-content;
border-radius: 0;
padding: .1rem .75rem;
font-size: 0.9rem;
transition: background .1s linear;
cursor: pointer;
}
a.btn, a.btn-white, a.btn-danger, a.btn-normal, a.btn-primary {
text-decoration: none;
}
/* Header layout */
header#main-header {
background-color: var(--lighter-box-background-color);
display: flex;
justify-content: space-between;
align-items: center;
padding: 10px;
}
header#main-header > div#main-header-forge-title {
flex-grow: 1;
}
header#main-header > div#main-header-user {
display: flex;
align-items: center;
}
table + table {
margin-top: 1rem;
}
{{/*
SPDX-License-Identifier: AGPL-3.0-only
SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
*/}}
{{- define "group" -}}
{{ $group_path := .group_path }}
<!DOCTYPE html>
<html lang="en">
<head>
{{ template "head_common" . }}
<title>{{ range $i, $s := .group_path }}{{ $s }}{{ if ne $i (len $group_path) }} / {{ end }}{{ end }} – {{ .global.forge_title }}</title>
</head>
<body class="group">
{{ template "header" . }}
<div class="padding-wrapper">
<p>{{ range $i, $s := .group_path }}{{ $s }}{{ if ne $i (len $group_path) }} / {{ end }}{{ end }}
{{ if .description }}
<p>{{ .description }}</p>
{{ end }}
{{ template "group_view" . }}
</div>
{{ if .direct_access }}
<div class="padding-wrapper">
<form method="POST" enctype="application/x-www-form-urlencoded">
<table>
<thead>
<tr>
<th class="title-row" colspan="2">
Create repo
</th>
</tr>
</thead>
<tbody>
<tr>
<th scope="row">Name</th>
<td class="tdinput">
<input id="repo-name-input" name="repo_name" type="text" />
</td>
</tr>
<tr>
<th scope="row">Description</th>
<td class="tdinput">
<input id="repo-desc-input" name="repo_desc" type="text" />
</td>
</tr>
<tr> <th scope="row">Contrib</th> <td class="tdinput"> <select id="repo-contrib-input" name="repo_contrib"> <option value="public">Public</option> <option value="registered_user">Registered user</option> <option value="ssh_pubkey">SSH public key</option> <option value="closed">Closed</option> </select> </td> </tr>
</tbody>
<tfoot>
<tr>
<td class="th-like" colspan="2">
<div class="flex-justify">
<div class="left">
</div>
<div class="right">
<input class="btn-primary" type="submit" value="Create" />
</div>
</div>
</td>
</tr>
</tfoot>
</table>
</form>
</div>
{{ end }}
<footer>
{{ template "footer" . }}
</footer>
</body>
</html>
{{- end -}}
// SPDX-License-Identifier: AGPL-3.0-only
// SPDX-FileContributor: Runxi Yu <https://runxiyu.org>
package main
import (
"errors"
"net/http"
"net/url"
"strings"
)
var (
err_duplicate_ref_spec = errors.New("duplicate ref spec")
err_no_ref_spec = errors.New("no ref spec")
)
func get_param_ref_and_type(r *http.Request) (ref_type, ref string, err error) {
qr := r.URL.RawQuery
q, err := url.ParseQuery(qr)
if err != nil {
return
}
done := false
for _, _ref_type := range []string{"commit", "branch", "tag"} {
_ref, ok := q[_ref_type]
if ok {
if done {
err = err_duplicate_ref_spec
return
} else {
done = true
if len(_ref) != 1 {
err = err_duplicate_ref_spec
return
}
ref = _ref[0]
ref_type = _ref_type
}
}
}
if !done {
err = err_no_ref_spec
}
return
}
func parse_request_uri(request_uri string) (segments []string, params url.Values, err error) {
path, params_string, _ := strings.Cut(request_uri, "?")
segments = strings.Split(strings.TrimPrefix(path, "/"), "/")
for i, segment := range segments {
segments[i], err = url.PathUnescape(segment)
if err != nil {
return
}
}
params, err = url.ParseQuery(params_string)
return
}
func redirect_with_slash(w http.ResponseWriter, r *http.Request) bool {
request_uri := r.RequestURI
path_end := strings.IndexAny(request_uri, "?#")
var path, rest string
if path_end == -1 {
path = request_uri
} else {
path = request_uri[:path_end]
rest = request_uri[path_end:]
}
if !strings.HasSuffix(path, "/") {
http.Redirect(w, r, path+"/"+rest, http.StatusSeeOther)
return true
}
return false
}
func redirect_without_slash(w http.ResponseWriter, r *http.Request) bool {
request_uri := r.RequestURI
path_end := strings.IndexAny(request_uri, "?#")
var path, rest string
if path_end == -1 {
path = request_uri
} else {
path = request_uri[:path_end]
rest = request_uri[path_end:]
}
if strings.HasSuffix(path, "/") {
http.Redirect(w, r, strings.TrimSuffix(path, "/")+rest, http.StatusSeeOther)
return true
}
return false
}
func redirect_unconditionally(w http.ResponseWriter, r *http.Request) {
request_uri := r.RequestURI
path_end := strings.IndexAny(request_uri, "?#")
var path, rest string
if path_end == -1 {
path = request_uri
} else {
path = request_uri[:path_end]
rest = request_uri[path_end:]
}
http.Redirect(w, r, path+rest, http.StatusSeeOther)
}
func path_escape_cat_segments(segments []string) string {
for i, segment := range segments {
segments[i] = url.PathEscape(segment)
}
return strings.Join(segments, "/")
}