bench-forgejo/modules/context/context.go

// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package context

import (
	"fmt"
	"html"
	"html/template"
	"io"
	"net/http"
	"strings"
	"time"

	"code.gitea.io/gitea/models"
	"code.gitea.io/gitea/modules/auth"
	"code.gitea.io/gitea/modules/base"
	"code.gitea.io/gitea/modules/log"
	"code.gitea.io/gitea/modules/setting"
	"github.com/go-macaron/cache"
	"github.com/go-macaron/csrf"
	"github.com/go-macaron/i18n"
	"github.com/go-macaron/session"
	macaron "gopkg.in/macaron.v1"
)

// Context represents context of a request.
type Context struct {
	*macaron.Context
	Cache   cache.Cache
	csrf    csrf.CSRF
	Flash   *session.Flash
	Session session.Store

	User        *models.User
	IsSigned    bool
	IsBasicAuth bool

	Repo *Repository
	Org  *Organization
}

// HasAPIError returns true if error occurs in form validation.
func (ctx *Context) HasAPIError() bool {
	hasErr, ok := ctx.Data["HasError"]
	if !ok {
		return false
	}
	return hasErr.(bool)
}

// GetErrMsg returns error message
func (ctx *Context) GetErrMsg() string {
	return ctx.Data["ErrorMsg"].(string)
}

// HasError returns true if error occurs in form validation.
func (ctx *Context) HasError() bool {
	hasErr, ok := ctx.Data["HasError"]
	if !ok {
		return false
	}
	ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
	ctx.Data["Flash"] = ctx.Flash
	return hasErr.(bool)
}

// HasValue returns true if value of given name exists.
func (ctx *Context) HasValue(name string) bool {
	_, ok := ctx.Data[name]
	return ok
}

// HTML calls Context.HTML and converts template name to string.
func (ctx *Context) HTML(status int, name base.TplName) {
	log.Debug("Template: %s", name)
	ctx.Context.HTML(status, string(name))
}

// RenderWithErr used for page has form validation but need to prompt error to users.
func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {
	if form != nil {
		auth.AssignForm(form, ctx.Data)
	}
	ctx.Flash.ErrorMsg = msg
	ctx.Data["Flash"] = ctx.Flash
	ctx.HTML(200, tpl)
}

// Handle handles and logs error by given status.
func (ctx *Context) Handle(status int, title string, err error) {
	if err != nil {
		log.Error(4, "%s: %v", title, err)
		if macaron.Env != macaron.PROD {
			ctx.Data["ErrorMsg"] = err
		}
	}

	switch status {
	case 404:
		ctx.Data["Title"] = "Page Not Found"
	case 500:
		ctx.Data["Title"] = "Internal Server Error"
	}
	ctx.HTML(status, base.TplName(fmt.Sprintf("status/%d", status)))
}

// NotFoundOrServerError use error check function to determine if the error
// is about not found. It responses with 404 status code for not found error,
// or error context description for logging purpose of 500 server error.
func (ctx *Context) NotFoundOrServerError(title string, errck func(error) bool, err error) {
	if errck(err) {
		ctx.Handle(404, title, err)
		return
	}

	ctx.Handle(500, title, err)
}

// HandleText handles HTTP status code
func (ctx *Context) HandleText(status int, title string) {
	if (status/100 == 4) || (status/100 == 5) {
		log.Error(4, "%s", title)
	}
	ctx.PlainText(status, []byte(title))
}

// ServeContent serves content to http request
func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {
	modtime := time.Now()
	for _, p := range params {
		switch v := p.(type) {
		case time.Time:
			modtime = v
		}
	}
	ctx.Resp.Header().Set("Content-Description", "File Transfer")
	ctx.Resp.Header().Set("Content-Type", "application/octet-stream")
	ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)
	ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")
	ctx.Resp.Header().Set("Expires", "0")
	ctx.Resp.Header().Set("Cache-Control", "must-revalidate")
	ctx.Resp.Header().Set("Pragma", "public")
	http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r)
}

// Contexter initializes a classic context for a request.
func Contexter() macaron.Handler {
	return func(c *macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f *session.Flash, x csrf.CSRF) {
		ctx := &Context{
			Context: c,
			Cache:   cache,
			csrf:    x,
			Flash:   f,
			Session: sess,
			Repo: &Repository{
				PullRequest: &PullRequest{},
			},
			Org: &Organization{},
		}
		// Compute current URL for real-time change language.
		ctx.Data["Link"] = setting.AppSubURL + strings.TrimSuffix(ctx.Req.URL.Path, "/")

		ctx.Data["PageStartTime"] = time.Now()

		// Get user from session if logged in.
		ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)

		if ctx.User != nil {
			ctx.IsSigned = true
			ctx.Data["IsSigned"] = ctx.IsSigned
			ctx.Data["SignedUser"] = ctx.User
			ctx.Data["SignedUserID"] = ctx.User.ID
			ctx.Data["SignedUserName"] = ctx.User.Name
			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
		} else {
			ctx.Data["SignedUserID"] = 0
			ctx.Data["SignedUserName"] = ""
		}

		// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
		if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
			if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
				ctx.Handle(500, "ParseMultipartForm", err)
				return
			}
		}

		ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`)

		ctx.Data["CsrfToken"] = html.EscapeString(x.GetToken())
		ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + ctx.Data["CsrfToken"].(string) + `">`)
		log.Debug("Session ID: %s", sess.ID())
		log.Debug("CSRF Token: %v", ctx.Data["CsrfToken"])

		ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton
		ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding
		ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion
		ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn

		c.Map(ctx)
	}
}
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`// Copyright 2014 The Gogs Authors. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

Rename module: middleware -> context 2016-03-11 22:26:52 +05:30			`package context`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30
			`import (`
Clean code 2014-03-15 18:47:16 +05:30			`"fmt"`
Fixes xss, clickjacking & password autocompletion 2016-11-30 03:19:06 +05:30			`"html"`
add csrf check 2014-03-22 23:14:02 +05:30			`"html/template"`
zip archive download 2014-04-15 21:57:29 +05:30			`"io"`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`"net/http"`
Add auto-login 2014-03-23 02:10:09 +05:30			`"strings"`
fork render 2014-03-19 19:27:55 +05:30			`"time"`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30
Update import paths from github.com/go-gitea to code.gitea.io (#135) - Update import paths from github.com/go-gitea to code.gitea.io - Fix import path for travis See https://docs.travis-ci.com/user/languages/go#Go-Import-Path 2016-11-10 21:54:48 +05:30			`"code.gitea.io/gitea/models"`
			`"code.gitea.io/gitea/modules/auth"`
			`"code.gitea.io/gitea/modules/base"`
			`"code.gitea.io/gitea/modules/log"`
			`"code.gitea.io/gitea/modules/setting"`
Fix imports found by goimports. 2016-11-05 22:26:35 +05:30			`"github.com/go-macaron/cache"`
			`"github.com/go-macaron/csrf"`
			`"github.com/go-macaron/i18n"`
			`"github.com/go-macaron/session"`
			`macaron "gopkg.in/macaron.v1"`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`)`

Clean code 2014-03-15 18:47:16 +05:30			`// Context represents context of a request.`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`type Context struct {`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`*macaron.Context`
Convert captcha, cache, csrf as middlewares 2014-08-01 02:55:34 +05:30			`Cache cache.Cache`
			`csrf csrf.CSRF`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`Flash *session.Flash`
			`Session session.Store`

more APIs on #12 2014-11-18 21:37:16 +05:30			`User *models.User`
			`IsSigned bool`
			`IsBasicAuth bool`
modify RepoAssignment 2014-03-15 21:33:23 +05:30
Rename module: middleware -> context 2016-03-11 22:26:52 +05:30			`Repo *Repository`
Add APIContext 2016-03-14 03:07:44 +05:30			`Org *Organization`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`}`

Golint fixed for modules/context 2016-11-25 12:21:01 +05:30			`// HasAPIError returns true if error occurs in form validation.`
			`func (ctx *Context) HasAPIError() bool {`
Clean api code 2014-05-05 22:38:01 +05:30			`hasErr, ok := ctx.Data["HasError"]`
			`if !ok {`
			`return false`
			`}`
			`return hasErr.(bool)`
			`}`

Golint fixed for modules/context 2016-11-25 12:21:01 +05:30			`// GetErrMsg returns error message`
Clean api code 2014-05-05 22:38:01 +05:30			`func (ctx *Context) GetErrMsg() string {`
			`return ctx.Data["ErrorMsg"].(string)`
			`}`

Clean code 2014-03-15 20:22:14 +05:30			`// HasError returns true if error occurs in form validation.`
			`func (ctx *Context) HasError() bool {`
			`hasErr, ok := ctx.Data["HasError"]`
			`if !ok {`
			`return false`
			`}`
Clean oauth code 2014-04-14 03:42:07 +05:30			`ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)`
			`ctx.Data["Flash"] = ctx.Flash`
Clean code 2014-03-15 20:22:14 +05:30			`return hasErr.(bool)`
			`}`

UI: install - new version 2015-07-08 17:17:56 +05:30			`// HasValue returns true if value of given name exists.`
			`func (ctx *Context) HasValue(name string) bool {`
			`_, ok := ctx.Data[name]`
			`return ok`
			`}`

Finish new repo settings page 2014-08-02 23:17:33 +05:30			`// HTML calls Context.HTML and converts template name to string.`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`func (ctx *Context) HTML(status int, name base.TplName) {`
#2014 allow switch branches between two orgs in compose PR 2015-12-20 11:36:54 +05:30			`log.Debug("Template: %s", name)`
Finish new repo settings page 2014-08-02 23:17:33 +05:30			`ctx.Context.HTML(status, string(name))`
Work on admin 2014-03-20 17:20:26 +05:30			`}`

Clean code 2014-03-15 20:22:14 +05:30			`// RenderWithErr used for page has form validation but need to prompt error to users.`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {`
Add: rename repository 2014-04-04 01:20:55 +05:30			`if form != nil {`
			`auth.AssignForm(form, ctx.Data)`
			`}`
Add flash 2014-04-11 02:06:50 +05:30			`ctx.Flash.ErrorMsg = msg`
			`ctx.Data["Flash"] = ctx.Flash`
Work on admin 2014-03-20 17:20:26 +05:30			`ctx.HTML(200, tpl)`
Clean code 2014-03-15 20:22:14 +05:30			`}`

Clean code 2014-03-15 18:47:16 +05:30			`// Handle handles and logs error by given status.`
			`func (ctx *Context) Handle(status int, title string, err error) {`
Add router log config option 2014-05-02 04:23:41 +05:30			`if err != nil {`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`log.Error(4, "%s: %v", title, err)`
			`if macaron.Env != macaron.PROD {`
Add router log config option 2014-05-02 04:23:41 +05:30			`ctx.Data["ErrorMsg"] = err`
			`}`
Add some log 2014-03-19 14:18:45 +05:30			`}`

Add router log config option 2014-05-02 04:23:41 +05:30			`switch status {`
			`case 404:`
			`ctx.Data["Title"] = "Page Not Found"`
			`case 500:`
			`ctx.Data["Title"] = "Internal Server Error"`
			`}`
In progress of name template name constant 2014-06-22 22:44:03 +05:30			`ctx.HTML(status, base.TplName(fmt.Sprintf("status/%d", status)))`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`}`

router/repo: code refactoring 2016-08-30 14:38:38 +05:30			`// NotFoundOrServerError use error check function to determine if the error`
			`// is about not found. It responses with 404 status code for not found error,`
			`// or error context description for logging purpose of 500 server error.`
			`func (ctx *Context) NotFoundOrServerError(title string, errck func(error) bool, err error) {`
#1601 support delete issue comment 2016-07-26 00:18:17 +05:30			`if errck(err) {`
router/repo: code refactoring 2016-08-30 14:38:38 +05:30			`ctx.Handle(404, title, err)`
#1601 support delete issue comment 2016-07-26 00:18:17 +05:30			`return`
			`}`

			`ctx.Handle(500, title, err)`
			`}`

Golint fixed for modules/context 2016-11-25 12:21:01 +05:30			`// HandleText handles HTTP status code`
Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain. 2015-03-28 20:00:05 +05:30			`func (ctx *Context) HandleText(status int, title string) {`
UI: install - new version 2015-07-08 17:17:56 +05:30			`if (status/100 == 4) \|\| (status/100 == 5) {`
Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain. 2015-03-28 20:00:05 +05:30			`log.Error(4, "%s", title)`
			`}`
fix import path, fix #1782 2015-10-16 06:58:12 +05:30			`ctx.PlainText(status, []byte(title))`
Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain. 2015-03-28 20:00:05 +05:30			`}`

Golint fixed for modules/context 2016-11-25 12:21:01 +05:30			`// ServeContent serves content to http request`
zip archive download 2014-04-15 21:57:29 +05:30			`func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {`
			`modtime := time.Now()`
			`for _, p := range params {`
			`switch v := p.(type) {`
			`case time.Time:`
			`modtime = v`
			`}`
			`}`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`ctx.Resp.Header().Set("Content-Description", "File Transfer")`
			`ctx.Resp.Header().Set("Content-Type", "application/octet-stream")`
			`ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)`
			`ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")`
			`ctx.Resp.Header().Set("Expires", "0")`
			`ctx.Resp.Header().Set("Cache-Control", "must-revalidate")`
			`ctx.Resp.Header().Set("Pragma", "public")`
Fix API broken 2014-10-19 08:56:55 +05:30			`http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r)`
Work on form resubmit 2014-04-11 00:07:43 +05:30			`}`

New UI merge in progress 2014-07-26 09:54:27 +05:30			`// Contexter initializes a classic context for a request.`
			`func Contexter() macaron.Handler {`
Convert captcha, cache, csrf as middlewares 2014-08-01 02:55:34 +05:30			`return func(c macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f session.Flash, x csrf.CSRF) {`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`ctx := &Context{`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`Context: c,`
Convert captcha, cache, csrf as middlewares 2014-08-01 02:55:34 +05:30			`Cache: cache,`
			`csrf: x,`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`Flash: f,`
			`Session: sess,`
Rename module: middleware -> context 2016-03-11 22:26:52 +05:30			`Repo: &Repository{`
			`PullRequest: &PullRequest{},`
Fix pull request availability check 2016-03-07 10:27:46 +05:30			`},`
Add APIContext 2016-03-14 03:07:44 +05:30			`Org: &Organization{},`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`}`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`// Compute current URL for real-time change language.`
Golint fixed for modules/setting (#262) * golint fixed for modules/setting * typo fixed and renamed UNIXSOCKET to UnixSocket 2016-11-27 15:44:25 +05:30			`ctx.Data["Link"] = setting.AppSubURL + strings.TrimSuffix(ctx.Req.URL.Path, "/")`
Work on form resubmit 2014-04-11 00:07:43 +05:30
New UI merge in progress 2014-07-26 09:54:27 +05:30			`ctx.Data["PageStartTime"] = time.Now()`
update session 2014-03-22 18:19:53 +05:30
Fix typos in models/ and modules/ (#1248) 2017-03-15 06:22:01 +05:30			`// Get user from session if logged in.`
#842 able to use access token replace basic auth 2015-09-02 12:10:15 +05:30			`ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)`
work on #609 2014-11-08 01:16:13 +05:30
New UI merge in progress 2014-07-26 09:54:27 +05:30			`if ctx.User != nil {`
			`ctx.IsSigned = true`
			`ctx.Data["IsSigned"] = ctx.IsSigned`
			`ctx.Data["SignedUser"] = ctx.User`
Refactor User.Id to User.ID 2016-07-23 22:38:22 +05:30			`ctx.Data["SignedUserID"] = ctx.User.ID`
Fix #605, fix #255, fix #101 2014-11-07 08:36:41 +05:30			`ctx.Data["SignedUserName"] = ctx.User.Name`
Work on admin 2014-03-20 17:32:14 +05:30			`ctx.Data["IsAdmin"] = ctx.User.IsAdmin`
Fix #605, fix #255, fix #101 2014-11-07 08:36:41 +05:30			`} else {`
able edit issue title 2015-08-19 20:44:57 +05:30			`ctx.Data["SignedUserID"] = 0`
Fix #605, fix #255, fix #101 2014-11-07 08:36:41 +05:30			`ctx.Data["SignedUserName"] = ""`
fix context 2014-03-15 18:20:17 +05:30			`}`
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30
Add file upload for attachments 2014-07-24 18:49:59 +05:30			`// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.`
New UI merge in progress 2014-07-26 09:54:27 +05:30			`if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {`
			`if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size`
			`ctx.Handle(500, "ParseMultipartForm", err)`
Add file upload for attachments 2014-07-24 18:49:59 +05:30			`return`
			`}`
			`}`

Fixes xss, clickjacking & password autocompletion 2016-11-30 03:19:06 +05:30			ctx.Resp.Header().Set(`X-Frame-Options`, `SAMEORIGIN`)

			`ctx.Data["CsrfToken"] = html.EscapeString(x.GetToken())`
			ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + ctx.Data["CsrfToken"].(string) + `">`)
#1692 APIs: Users Followers - User profile un/follow - List user's followers/following 2015-12-21 17:54:11 +05:30			`log.Debug("Session ID: %s", sess.ID())`
			`log.Debug("CSRF Token: %v", ctx.Data["CsrfToken"])`
fork render 2014-03-19 19:27:55 +05:30
code fix for #908, and work for #884 2015-02-07 07:46:23 +05:30			`ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton`
#1080: Remove footer ads/branding from default template 2015-03-23 19:49:19 +05:30			`ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding`
fix #1957 - disable version display This allows the admin to disable the version information about gogs and go in use in the footer. 2015-11-19 03:02:31 +05:30			`ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion`
Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369) * Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION Omit the configuration variable (the default) to be dependent. Fixes #1363 * Move OpenID settings under Service object * Show OpenID SignUp and SignIn status in admin panel / configuration 2017-03-29 16:27:43 +05:30			`ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn`
code fix for #908, and work for #884 2015-02-07 07:46:23 +05:30
move templateFuncs to one file, add middleware context. 2014-03-15 16:31:50 +05:30			`c.Map(ctx)`
			`}`
			`}`