@ -291,15 +291,16 @@ func Routes() *web.Router {
return routes
}
var ignSignInAnd Csrf = verifyAuthWithOptions ( & common . VerifyOptions { DisableCSRF : true } )
var optSignInIgnore Csrf = verifyAuthWithOptions ( & common . VerifyOptions { DisableCSRF : true } )
// registerRoutes register routes
func registerRoutes ( m * web . Router ) {
// required to be signed in or signed out
reqSignIn := verifyAuthWithOptions ( & common . VerifyOptions { SignInRequired : true } )
reqSignOut := verifyAuthWithOptions ( & common . VerifyOptions { SignOutRequired : true } )
// TODO: rename them to "optSignIn", which means that the "sign-in" could be optional, depends on the VerifyOptions (RequireSignInView )
ign SignIn := verifyAuthWithOptions ( & common . VerifyOptions { SignInRequired : setting . Service . RequireSignInView } )
ign ExploreSignIn := verifyAuthWithOptions ( & common . VerifyOptions { SignInRequired : setting . Service . RequireSignInView || setting . Service . Explore . RequireSigninView } )
// optional sign in (if signed in, use the user as doer, if not, no doer )
opt SignIn := verifyAuthWithOptions ( & common . VerifyOptions { SignInRequired : setting . Service . RequireSignInView } )
opt ExploreSignIn := verifyAuthWithOptions ( & common . VerifyOptions { SignInRequired : setting . Service . RequireSignInView || setting . Service . Explore . RequireSigninView } )
validation . AddBindingRules ( )
@ -470,7 +471,7 @@ func registerRoutes(m *web.Router) {
// Especially some AJAX requests, we can reduce middleware number to improve performance.
m . Get ( "/" , Home )
m . Get ( "/sitemap.xml" , sitemapEnabled , ign ExploreSignIn, HomeSitemap )
m . Get ( "/sitemap.xml" , sitemapEnabled , opt ExploreSignIn, HomeSitemap )
m . Group ( "/.well-known" , func ( ) {
m . Get ( "/openid-configuration" , auth . OIDCWellKnown )
m . Group ( "" , func ( ) {
@ -500,7 +501,7 @@ func registerRoutes(m *web.Router) {
}
} , explore . Code )
m . Get ( "/topics/search" , explore . TopicSearch )
} , ign ExploreSignIn)
} , opt ExploreSignIn)
m . Group ( "/issues" , func ( ) {
m . Get ( "" , user . Issues )
@ -558,12 +559,12 @@ func registerRoutes(m *web.Router) {
m . Post ( "/grant" , web . Bind ( forms . GrantApplicationForm { } ) , auth . GrantApplicationOAuth )
// TODO manage redirection
m . Post ( "/authorize" , web . Bind ( forms . AuthorizationForm { } ) , auth . AuthorizeOAuth )
} , ignSignInAnd Csrf, reqSignIn )
} , optSignInIgnore Csrf, reqSignIn )
m . Methods ( "GET, OPTIONS" , "/userinfo" , optionsCorsHandler ( ) , ignSignInAnd Csrf, auth . InfoOAuth )
m . Methods ( "POST, OPTIONS" , "/access_token" , optionsCorsHandler ( ) , web . Bind ( forms . AccessTokenForm { } ) , ignSignInAnd Csrf, auth . AccessTokenOAuth )
m . Methods ( "GET, OPTIONS" , "/keys" , optionsCorsHandler ( ) , ignSignInAnd Csrf, auth . OIDCKeys )
m . Methods ( "POST, OPTIONS" , "/introspect" , optionsCorsHandler ( ) , web . Bind ( forms . IntrospectTokenForm { } ) , ignSignInAnd Csrf, auth . IntrospectOAuth )
m . Methods ( "GET, OPTIONS" , "/userinfo" , optionsCorsHandler ( ) , optSignInIgnore Csrf, auth . InfoOAuth )
m . Methods ( "POST, OPTIONS" , "/access_token" , optionsCorsHandler ( ) , web . Bind ( forms . AccessTokenForm { } ) , optSignInIgnore Csrf, auth . AccessTokenOAuth )
m . Methods ( "GET, OPTIONS" , "/keys" , optionsCorsHandler ( ) , optSignInIgnore Csrf, auth . OIDCKeys )
m . Methods ( "POST, OPTIONS" , "/introspect" , optionsCorsHandler ( ) , web . Bind ( forms . IntrospectTokenForm { } ) , optSignInIgnore Csrf, auth . IntrospectOAuth )
} , oauth2Enabled )
m . Group ( "/user/settings" , func ( ) {
@ -685,7 +686,7 @@ func registerRoutes(m *web.Router) {
m . Post ( "/forgot_password" , auth . ForgotPasswdPost )
m . Post ( "/logout" , auth . SignOut )
m . Get ( "/stopwatches" , reqSignIn , user . GetStopwatches )
m . Get ( "/search_candidates" , ign ExploreSignIn, user . SearchCandidates )
m . Get ( "/search_candidates" , opt ExploreSignIn, user . SearchCandidates )
m . Group ( "/oauth2" , func ( ) {
m . Get ( "/{provider}" , auth . SignInOAuth )
m . Get ( "/{provider}/callback" , auth . SignInOAuthCallback )
@ -809,7 +810,7 @@ func registerRoutes(m *web.Router) {
m . Group ( "" , func ( ) {
m . Get ( "/{username}" , user . UsernameSubRoute )
m . Methods ( "GET, OPTIONS" , "/attachments/{uuid}" , optionsCorsHandler ( ) , repo . GetAttachment )
} , ign SignIn)
} , opt SignIn)
m . Post ( "/{username}" , reqSignIn , context . UserAssignmentWeb ( ) , user . Action )
@ -860,7 +861,7 @@ func registerRoutes(m *web.Router) {
m . Group ( "/{org}" , func ( ) {
m . Get ( "/members" , org . Members )
} , context . OrgAssignment ( ) )
} , ign SignIn)
} , opt SignIn)
// end "/org": members
m . Group ( "/org" , func ( ) {
@ -1043,14 +1044,14 @@ func registerRoutes(m *web.Router) {
m . Group ( "" , func ( ) {
m . Get ( "/code" , user . CodeSearch )
} , reqUnitAccess ( unit . TypeCode , perm . AccessModeRead , false ) , individualPermsChecker )
} , ign SignIn, context . UserAssignmentWeb ( ) , context . OrgAssignment ( ) )
} , opt SignIn, context . UserAssignmentWeb ( ) , context . OrgAssignment ( ) )
// end "/{username}/-": packages, projects, code
m . Group ( "/{username}/{reponame}/-" , func ( ) {
m . Group ( "/migrate" , func ( ) {
m . Get ( "/status" , repo . MigrateStatus )
} )
} , ign SignIn, context . RepoAssignment , reqRepoCodeReader )
} , opt SignIn, context . RepoAssignment , reqRepoCodeReader )
// end "/{username}/{reponame}/-": migrate
m . Group ( "/{username}/{reponame}/settings" , func ( ) {
@ -1145,10 +1146,10 @@ func registerRoutes(m *web.Router) {
// end "/{username}/{reponame}/settings"
// user/org home, including rss feeds
m . Get ( "/{username}/{reponame}" , ign SignIn, context . RepoAssignment , context . RepoRef ( ) , repo . SetEditorconfigIfExists , repo . Home )
m . Get ( "/{username}/{reponame}" , opt SignIn, context . RepoAssignment , context . RepoRef ( ) , repo . SetEditorconfigIfExists , repo . Home )
// TODO: maybe it should relax the permission to allow "any access"
m . Post ( "/{username}/{reponame}/markup" , ign SignIn, context . RepoAssignment , context . RequireRepoReaderOr ( unit . TypeCode , unit . TypeIssues , unit . TypePullRequests , unit . TypeReleases , unit . TypeWiki ) , web . Bind ( structs . MarkupOption { } ) , misc . Markup )
m . Post ( "/{username}/{reponame}/markup" , opt SignIn, context . RepoAssignment , context . RequireRepoReaderOr ( unit . TypeCode , unit . TypeIssues , unit . TypePullRequests , unit . TypeReleases , unit . TypeWiki ) , web . Bind ( structs . MarkupOption { } ) , misc . Markup )
m . Group ( "/{username}/{reponame}" , func ( ) {
m . Get ( "/find/*" , repo . FindFiles )
@ -1161,7 +1162,7 @@ func registerRoutes(m *web.Router) {
m . Combo ( "/compare/*" , repo . MustBeNotEmpty , repo . SetEditorconfigIfExists ) .
Get ( repo . SetDiffViewStyle , repo . SetWhitespaceBehavior , repo . CompareDiff ) .
Post ( reqSignIn , context . RepoMustNotBeArchived ( ) , reqRepoPullsReader , repo . MustAllowPulls , web . Bind ( forms . CreateIssueForm { } ) , repo . SetWhitespaceBehavior , repo . CompareAndPullRequestPost )
} , ign SignIn, context . RepoAssignment , reqRepoCodeReader )
} , opt SignIn, context . RepoAssignment , reqRepoCodeReader )
// end "/{username}/{reponame}": find, compare, list (code related)
m . Group ( "/{username}/{reponame}" , func ( ) {
@ -1184,7 +1185,7 @@ func registerRoutes(m *web.Router) {
} )
} , context . RepoRef ( ) )
m . Get ( "/issues/suggestions" , repo . IssueSuggestions )
} , ign SignIn, context . RepoAssignment , reqRepoIssuesOrPullsReader )
} , opt SignIn, context . RepoAssignment , reqRepoIssuesOrPullsReader )
// end "/{username}/{reponame}": view milestone, label, issue, pull, etc
m . Group ( "/{username}/{reponame}" , func ( ) {
@ -1194,7 +1195,7 @@ func registerRoutes(m *web.Router) {
m . Get ( "" , repo . ViewIssue )
} )
} )
} , ign SignIn, context . RepoAssignment , context . RequireRepoReaderOr ( unit . TypeIssues , unit . TypePullRequests , unit . TypeExternalTracker ) )
} , opt SignIn, context . RepoAssignment , context . RequireRepoReaderOr ( unit . TypeIssues , unit . TypePullRequests , unit . TypeExternalTracker ) )
// end "/{username}/{reponame}": issue/pull list, issue/pull view, external tracker
m . Group ( "/{username}/{reponame}" , func ( ) { // edit issues, pulls, labels, milestones, etc
@ -1331,7 +1332,7 @@ func registerRoutes(m *web.Router) {
repo . MustBeNotEmpty , context . RepoRefByType ( context . RepoRefTag , context . RepoRefByTypeOptions { IgnoreNotExistErr : true } ) )
m . Post ( "/tags/delete" , repo . DeleteTag , reqSignIn ,
repo . MustBeNotEmpty , context . RepoMustNotBeArchived ( ) , reqRepoCodeWriter , context . RepoRef ( ) )
} , ign SignIn, context . RepoAssignment , reqRepoCodeReader )
} , opt SignIn, context . RepoAssignment , reqRepoCodeReader )
// end "/{username}/{reponame}": repo tags
m . Group ( "/{username}/{reponame}" , func ( ) { // repo releases
@ -1356,12 +1357,12 @@ func registerRoutes(m *web.Router) {
m . Get ( "/edit/*" , repo . EditRelease )
m . Post ( "/edit/*" , web . Bind ( forms . EditReleaseForm { } ) , repo . EditReleasePost )
} , reqSignIn , repo . MustBeNotEmpty , context . RepoMustNotBeArchived ( ) , reqRepoReleaseWriter , repo . CommitInfoCache )
} , ign SignIn, context . RepoAssignment , reqRepoReleaseReader )
} , opt SignIn, context . RepoAssignment , reqRepoReleaseReader )
// end "/{username}/{reponame}": repo releases
m . Group ( "/{username}/{reponame}" , func ( ) { // to maintain compatibility with old attachments
m . Get ( "/attachments/{uuid}" , repo . GetAttachment )
} , ign SignIn, context . RepoAssignment )
} , opt SignIn, context . RepoAssignment )
// end "/{username}/{reponame}": compatibility with old attachments
m . Group ( "/{username}/{reponame}" , func ( ) {
@ -1372,7 +1373,7 @@ func registerRoutes(m *web.Router) {
if setting . Packages . Enabled {
m . Get ( "/packages" , repo . Packages )
}
} , ign SignIn, context . RepoAssignment )
} , opt SignIn, context . RepoAssignment )
m . Group ( "/{username}/{reponame}/projects" , func ( ) {
m . Get ( "" , repo . Projects )
@ -1397,7 +1398,7 @@ func registerRoutes(m *web.Router) {
} )
} )
} , reqRepoProjectsWriter , context . RepoMustNotBeArchived ( ) )
} , ign SignIn, context . RepoAssignment , reqRepoProjectsReader , repo . MustEnableRepoProjects )
} , opt SignIn, context . RepoAssignment , reqRepoProjectsReader , repo . MustEnableRepoProjects )
// end "/{username}/{reponame}/projects"
m . Group ( "/{username}/{reponame}/actions" , func ( ) {
@ -1427,7 +1428,7 @@ func registerRoutes(m *web.Router) {
m . Group ( "/workflows/{workflow_name}" , func ( ) {
m . Get ( "/badge.svg" , actions . GetWorkflowBadge )
} )
} , ign SignIn, context . RepoAssignment , reqRepoActionsReader , actions . MustEnableActions )
} , opt SignIn, context . RepoAssignment , reqRepoActionsReader , actions . MustEnableActions )
// end "/{username}/{reponame}/actions"
m . Group ( "/{username}/{reponame}/wiki" , func ( ) {
@ -1440,7 +1441,7 @@ func registerRoutes(m *web.Router) {
m . Get ( "/commit/{sha:[a-f0-9]{7,64}}" , repo . SetEditorconfigIfExists , repo . SetDiffViewStyle , repo . SetWhitespaceBehavior , repo . Diff )
m . Get ( "/commit/{sha:[a-f0-9]{7,64}}.{ext:patch|diff}" , repo . RawDiff )
m . Get ( "/raw/*" , repo . WikiRaw )
} , ign SignIn, context . RepoAssignment , repo . MustEnableWiki , reqRepoWikiReader , func ( ctx * context . Context ) {
} , opt SignIn, context . RepoAssignment , repo . MustEnableWiki , reqRepoWikiReader , func ( ctx * context . Context ) {
ctx . Data [ "PageIsWiki" ] = true
ctx . Data [ "CloneButtonOriginLink" ] = ctx . Repo . Repository . WikiCloneLink ( )
} )
@ -1462,7 +1463,7 @@ func registerRoutes(m *web.Router) {
m . Get ( "/data" , repo . RecentCommitsData )
} )
} ,
ign SignIn, context . RepoAssignment , context . RequireRepoReaderOr ( unit . TypePullRequests , unit . TypeIssues , unit . TypeReleases ) ,
opt SignIn, context . RepoAssignment , context . RequireRepoReaderOr ( unit . TypePullRequests , unit . TypeIssues , unit . TypeReleases ) ,
context . RepoRef ( ) , repo . MustBeNotEmpty ,
)
// end "/{username}/{reponame}/activity"
@ -1493,7 +1494,7 @@ func registerRoutes(m *web.Router) {
} , context . RepoMustNotBeArchived ( ) )
} )
} )
} , ign SignIn, context . RepoAssignment , repo . MustAllowPulls , reqRepoPullsReader )
} , opt SignIn, context . RepoAssignment , repo . MustAllowPulls , reqRepoPullsReader )
// end "/{username}/{reponame}/pulls/{index}": repo pull request
m . Group ( "/{username}/{reponame}" , func ( ) {
@ -1593,7 +1594,7 @@ func registerRoutes(m *web.Router) {
m . Get ( "/forks" , context . RepoRef ( ) , repo . Forks )
m . Get ( "/commit/{sha:([a-f0-9]{7,64})}.{ext:patch|diff}" , repo . MustBeNotEmpty , repo . RawDiff )
m . Post ( "/lastcommit/*" , context . RepoRefByType ( context . RepoRefCommit ) , repo . LastCommit )
} , ign SignIn, context . RepoAssignment , reqRepoCodeReader )
} , opt SignIn, context . RepoAssignment , reqRepoCodeReader )
// end "/{username}/{reponame}": repo code
m . Group ( "/{username}/{reponame}" , func ( ) {
@ -1601,13 +1602,11 @@ func registerRoutes(m *web.Router) {
m . Get ( "/watchers" , repo . Watchers )
m . Get ( "/search" , reqRepoCodeReader , repo . Search )
m . Post ( "/action/{action}" , reqSignIn , repo . Action )
} , ign SignIn, context . RepoAssignment , context . RepoRef ( ) )
} , opt SignIn, context . RepoAssignment , context . RepoRef ( ) )
common . AddOwnerRepoGitLFSRoutes ( m , ignSignInAndCsrf , lfsServerEnabled )
m . Group ( "/{username}/{reponame}" , func ( ) {
gitHTTPRouters ( m )
} )
// end "/{username}/{reponame}.git": git support
common . AddOwnerRepoGitLFSRoutes ( m , optSignInIgnoreCsrf , lfsServerEnabled ) // "/{username}/{reponame}/{lfs-paths}": git-lfs support
addOwnerRepoGitHTTPRouters ( m ) // "/{username}/{reponame}/{git-paths}": git http support
m . Group ( "/notifications" , func ( ) {
m . Get ( "" , user . Notifications )