Skip to content

Commit cb640e7

Browse files
GamerGirlandCoGamerGirlandCo
committed
fix optional path segments not working out as planned
1 parent 4e7a2d4 commit cb640e7

File tree

6 files changed

+140
-79
lines changed

6 files changed

+140
-79
lines changed

routers/api/v1/api.go

Lines changed: 19 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -71,14 +71,12 @@ import (
7171
"strconv"
7272
"strings"
7373

74-
actions_model "code.gitea.io/gitea/models/actions"
7574
auth_model "code.gitea.io/gitea/models/auth"
76-
"code.gitea.io/gitea/models/db"
75+
group_model "code.gitea.io/gitea/models/group"
7776
"code.gitea.io/gitea/models/organization"
7877
"code.gitea.io/gitea/models/perm"
7978
access_model "code.gitea.io/gitea/models/perm/access"
8079
repo_model "code.gitea.io/gitea/models/repo"
81-
group_model "code.gitea.io/gitea/models/group"
8280
shared_group_model "code.gitea.io/gitea/models/shared/group"
8381
"code.gitea.io/gitea/models/unit"
8482
user_model "code.gitea.io/gitea/models/user"
@@ -1181,11 +1179,13 @@ func Routes() *web.Router {
11811179
// (repo scope)
11821180
m.Group("/starred", func() {
11831181
m.Get("", user.GetMyStarredRepos)
1184-
m.Group("/{username}/{group_id}?/{reponame}", func() {
1182+
fn := func() {
11851183
m.Get("", user.IsStarring)
11861184
m.Put("", user.Star)
11871185
m.Delete("", user.Unstar)
1188-
}, repoAssignment(), checkTokenPublicOnly())
1186+
}
1187+
m.Group("/{username}/{reponame}", fn, repoAssignment(), checkTokenPublicOnly())
1188+
m.Group("/{username}/{group_id}/{reponame}", fn, repoAssignment(), checkTokenPublicOnly())
11891189
}, reqStarsEnabled(), tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository))
11901190
m.Get("/times", repo.ListMyTrackedTimes)
11911191
m.Get("/stopwatches", repo.GetStopwatches)
@@ -1232,8 +1232,7 @@ func Routes() *web.Router {
12321232

12331233
// (repo scope)
12341234
m.Post("/migrate", reqToken(), bind(api.MigrateRepoOptions{}), repo.Migrate)
1235-
1236-
m.Group("/{username}/{group_id}?/{reponame}", func() {
1235+
fn := func() {
12371236
m.Get("/compare/*", reqRepoReader(unit.TypeCode), repo.CompareDiff)
12381237

12391238
m.Combo("").Get(reqAnyRepoReader(), repo.Get).
@@ -1519,27 +1518,31 @@ func Routes() *web.Router {
15191518
}, reqAdmin(), reqToken())
15201519

15211520
m.Methods("HEAD,GET", "/{ball_type:tarball|zipball|bundle}/*", reqRepoReader(unit.TypeCode), context.ReferencesGitRepo(true), repo.DownloadArchive)
1522-
}, repoAssignment(), checkTokenPublicOnly())
1521+
}
1522+
m.Group("/{username}/{reponame}", fn, repoAssignment(), checkTokenPublicOnly())
1523+
m.Group("/{username}/{group_id}/{reponame}", fn, repoAssignment(), checkTokenPublicOnly())
15231524
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository))
15241525

15251526
// Artifacts direct download endpoint authenticates via signed url
15261527
// it is protected by the "sig" parameter (to help to access private repo), so no need to use other middlewares
1527-
m.Get("/repos/{username}/{group_id}?/{reponame}/actions/artifacts/{artifact_id}/zip/raw", repo.DownloadArtifactRaw)
1528+
m.Get("/repos/{username}/{reponame}/actions/artifacts/{artifact_id}/zip/raw", repo.DownloadArtifactRaw)
1529+
m.Get("/repos/{username}/{group_id}/{reponame}/actions/artifacts/{artifact_id}/zip/raw", repo.DownloadArtifactRaw)
15281530

15291531
// Notifications (requires notifications scope)
15301532
m.Group("/repos", func() {
1531-
m.Group("/{username}/{group_id}?/{reponame}", func() {
1533+
fn := func() {
15321534
m.Combo("/notifications", reqToken()).
15331535
Get(notify.ListRepoNotifications).
15341536
Put(notify.ReadRepoNotifications)
1535-
}, repoAssignment(), checkTokenPublicOnly())
1537+
}
1538+
m.Group("/{username}/{reponame}", fn, repoAssignment(), checkTokenPublicOnly())
1539+
m.Group("/{username}/{group_id}/{reponame}", fn, repoAssignment(), checkTokenPublicOnly())
15361540
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryNotification))
15371541

15381542
// Issue (requires issue scope)
15391543
m.Group("/repos", func() {
15401544
m.Get("/issues/search", repo.SearchIssues)
1541-
1542-
m.Group("/{username}/{group_id}?/{reponame}", func() {
1545+
fn := func() {
15431546
m.Group("/issues", func() {
15441547
m.Combo("").Get(repo.ListIssues).
15451548
Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueOption{}), reqRepoReader(unit.TypeIssues), repo.CreateIssue)
@@ -1651,7 +1654,9 @@ func Routes() *web.Router {
16511654
Patch(reqToken(), reqRepoWriter(unit.TypeIssues, unit.TypePullRequests), bind(api.EditMilestoneOption{}), repo.EditMilestone).
16521655
Delete(reqToken(), reqRepoWriter(unit.TypeIssues, unit.TypePullRequests), repo.DeleteMilestone)
16531656
})
1654-
}, repoAssignment(), checkTokenPublicOnly())
1657+
}
1658+
m.Group("/{username}/{reponame}", fn, repoAssignment(), checkTokenPublicOnly())
1659+
m.Group("/{username}/{group_id}/{reponame}", fn, repoAssignment(), checkTokenPublicOnly())
16551660
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryIssue))
16561661

16571662
// NOTE: these are Gitea package management API - see packages.CommonRoutes and packages.DockerContainerRoutes for endpoints that implement package manager APIs

routers/common/lfs.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ const RouterMockPointCommonLFS = "common-lfs"
1414

1515
func AddOwnerRepoGitLFSRoutes(m *web.Router, middlewares ...any) {
1616
// shared by web and internal routers
17-
m.Group("/{username}/{reponame}/info/lfs", func() {
17+
fn := func() {
1818
m.Post("/objects/batch", lfs.CheckAcceptMediaType, lfs.BatchHandler)
1919
m.Put("/objects/{oid}/{size}", lfs.UploadHandler)
2020
m.Get("/objects/{oid}/{filename}", lfs.DownloadHandler)
@@ -27,5 +27,7 @@ func AddOwnerRepoGitLFSRoutes(m *web.Router, middlewares ...any) {
2727
m.Post("/{lid}/unlock", lfs.UnLockHandler)
2828
}, lfs.CheckAcceptMediaType)
2929
m.Any("/*", http.NotFound)
30-
}, append([]any{web.RouterMockPoint(RouterMockPointCommonLFS)}, middlewares...)...)
30+
}
31+
m.Group("/{username}/{reponame}/info/lfs", fn, append([]any{web.RouterMockPoint(RouterMockPointCommonLFS)}, middlewares...)...)
32+
m.Group("/{username}/{group_id}/{reponame}/info/lfs", fn, append([]any{web.RouterMockPoint(RouterMockPointCommonLFS)}, middlewares...)...)
3133
}

routers/web/githttp.go

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ import (
1010
)
1111

1212
func addOwnerRepoGitHTTPRouters(m *web.Router) {
13-
m.Group("/{username}/{group_id}?/{reponame}", func() {
13+
fn := func() {
1414
m.Methods("POST,OPTIONS", "/git-upload-pack", repo.ServiceUploadPack)
1515
m.Methods("POST,OPTIONS", "/git-receive-pack", repo.ServiceReceivePack)
1616
m.Methods("GET,OPTIONS", "/info/refs", repo.GetInfoRefs)
@@ -22,5 +22,7 @@ func addOwnerRepoGitHTTPRouters(m *web.Router) {
2222
m.Methods("GET,OPTIONS", "/objects/{head:[0-9a-f]{2}}/{hash:[0-9a-f]{38,62}}", repo.GetLooseObject)
2323
m.Methods("GET,OPTIONS", "/objects/pack/pack-{file:[0-9a-f]{40,64}}.pack", repo.GetPackFile)
2424
m.Methods("GET,OPTIONS", "/objects/pack/pack-{file:[0-9a-f]{40,64}}.idx", repo.GetIdxFile)
25-
}, optSignInIgnoreCsrf, repo.HTTPGitEnabledHandler, repo.CorsHandler(), context.UserAssignmentWeb())
25+
}
26+
m.Group("/{username}/{reponame}", fn, optSignInIgnoreCsrf, repo.HTTPGitEnabledHandler, repo.CorsHandler(), context.UserAssignmentWeb())
27+
m.Group("/{username}/{group_id}/{reponame}", fn, optSignInIgnoreCsrf, repo.HTTPGitEnabledHandler, repo.CorsHandler(), context.UserAssignmentWeb())
2628
}

0 commit comments

Comments
 (0)