/// <inheritdoc/> protected override async Task HandleRequirementAsync( AuthorizationHandlerContext context, GiteaPushPermissionRequirement requirement) { if (_httpContext == null) { return; } string org = _httpContext.GetRouteValue("org")?.ToString(); string app = _httpContext.GetRouteValue("app")?.ToString(); if (string.IsNullOrWhiteSpace(org) || string.IsNullOrWhiteSpace(app)) { _httpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest; return; } RepositoryClient.Model.Repository repository = await _giteaApiWrapper.GetRepository(org, app); if (repository?.Permissions?.Push == true || repository?.Permissions?.Admin == true) { context.Succeed(requirement); } else { _httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; } }
/// <inheritdoc /> public async Task <RepositoryClient.Model.Repository> CreateRepository(string org, CreateRepoOption options) { var repository = new RepositoryClient.Model.Repository(); string developerUserName = AuthenticationHelper.GetDeveloperUserName(_httpContextAccessor.HttpContext); string urlEnd = developerUserName == org ? "user/repos" : $"org/{org}/repos"; HttpResponseMessage response = await _httpClient.PostAsJsonAsync(urlEnd, options); if (response.StatusCode == HttpStatusCode.Created) { repository = await response.Content.ReadAsAsync <RepositoryClient.Model.Repository>(); repository.RepositoryCreatedStatus = HttpStatusCode.Created; } else if (response.StatusCode == HttpStatusCode.Conflict) { // The repository with the same name already exists, 409 from Gitea API repository.RepositoryCreatedStatus = HttpStatusCode.Conflict; } else { _logger.LogError("User " + AuthenticationHelper.GetDeveloperUserName(_httpContextAccessor.HttpContext) + " Create repository failed with statuscode " + response.StatusCode + " for " + org + " and repo-name " + options.Name); } return(repository); }
/// <inheritdoc/> public async Task <RepositoryClient.Model.Repository> GetRepository(string org, string repository) { RepositoryClient.Model.Repository returnRepository = null; string giteaUrl = $"repos/{org}/{repository}"; HttpResponseMessage response = await _httpClient.GetAsync(giteaUrl); if (response.StatusCode == HttpStatusCode.OK) { returnRepository = await response.Content.ReadAsAsync <RepositoryClient.Model.Repository>(); } else { _logger.LogWarning($"User {AuthenticationHelper.GetDeveloperUserName(_httpContextAccessor.HttpContext)} fetching app {org}/{repository} failed with reponsecode {response.StatusCode}"); } if (!string.IsNullOrEmpty(returnRepository?.Owner?.Login)) { returnRepository.IsClonedToLocal = IsLocalRepo(returnRepository.Owner.Login, returnRepository.Name); Organization organisation = await GetCachedOrg(returnRepository.Owner.Login); if (organisation.Id != -1) { returnRepository.Owner.UserType = UserType.Org; } } return(returnRepository); }
/// <inheritdoc/> protected override async Task HandleRequirementAsync( AuthorizationHandlerContext context, GiteaDeployPermissionRequirement requirement) { if (_httpContext == null) { return; } string org = _httpContext.GetRouteValue("org")?.ToString(); string app = _httpContext.GetRouteValue("app")?.ToString(); if (string.IsNullOrWhiteSpace(org) || string.IsNullOrWhiteSpace(app)) { _httpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest; return; } if (!_settings.CheckTeamMembershipForDeploy) { RepositoryClient.Model.Repository repository = await _giteaApiWrapper.GetRepository(org, app); if (repository?.Permissions?.Push == true || repository?.Permissions?.Admin == true) { context.Succeed(requirement); } else { _httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; } return; } string environment = _httpContext.GetRouteValue("environment")?.ToString(); if (string.IsNullOrEmpty(environment)) { _httpContext.Request.EnableBuffering(); using (var reader = new StreamReader( _httpContext.Request.Body, encoding: Encoding.UTF8, detectEncodingFromByteOrderMarks: false, bufferSize: 1024, leaveOpen: true)) { string body = await reader.ReadToEndAsync(); try { CreateDeploymentRequestViewModel model = JsonConvert.DeserializeObject <CreateDeploymentRequestViewModel>(body); environment = model.Environment.Name; } catch { reader.Close(); _httpContext.Response.StatusCode = (int)HttpStatusCode.BadRequest; return; } // Reset the request body stream position so the next middleware can read it _httpContext.Request.Body.Position = 0; } } string matchTeam = $"Deploy-{environment}"; List <Team> teams = await _giteaApiWrapper.GetTeams(); bool any = teams.Any(t => t.Organization.Username.Equals( org, System.StringComparison.OrdinalIgnoreCase) && t.Name.Equals(matchTeam, System.StringComparison.OrdinalIgnoreCase)); if (any) { context.Succeed(requirement); } else { _httpContext.Response.StatusCode = (int)HttpStatusCode.Forbidden; } }