wip: load repo to ctx

7 months ago · 21910a1718
parent 3e5881a0c5
commit 21910a1718
3 changed files with 42 additions and 2 deletions
--- a/routers/api/v1/activitypub/repository.go
+++ b/routers/api/v1/activitypub/repository.go
@ -1,4 +1,4 @@
-// Copyright 2022 The Gitea Authors. All rights reserved.
+// Copyright 2023 The Gitea forgejoAuthors. All rights reserved.
 // SPDX-License-Identifier: MIT

 package activitypub
--- a/routers/api/v1/api.go
+++ b/routers/api/v1/api.go
@ -833,6 +833,11 @@ func Routes() *web.Route {
 					m.Get("", activitypub.Person)
 					m.Post("/inbox", activitypub.ReqHTTPSignature(), activitypub.PersonInbox)
 				}, context_service.UserIDAssignmentAPI())
+				// TODO: implement ctx
+				m.Group("/repository-id/{repsitory-id}", func() {
+					m.Get("", activitypub.Repository)
+					m.Post("/inbox", activitypub.ReqHTTPSignature(), activitypub.RepositoryInbox)
+				}, context_service.RepositoryAssignmentAPI())
 			}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryActivityPub))
 		}

@ -1006,7 +1011,10 @@ func Routes() *web.Route {
 			repo.CreateOrgRepoDeprecated)

 		// requires repo scope
-		m.Combo("/repositories/{id}", reqToken(), tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)).Get(repo.GetByID)
+		m.Combo("/repositories/{id}", 
+			reqToken(), 
+			tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository)
+		).Get(repo.GetByID)

 		// Repos (requires repo scope)
 		m.Group("/repos", func() {
--- a/services/context/repository.go
+++ b/services/context/repository.go
@ -0,0 +1,32 @@
+// Copyright 2023 The forgejo Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package context
+
+import (
+	"net/http"
+
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/context"
+)
+
+// RepositoryIDAssignmentAPI returns a middleware to handle context-repo assignment for api routes
+func RepositoryIDAssignmentAPI() func(ctx *context.APIContext) {
+	return func(ctx *context.APIContext) {
+		// TODO: enough validation for security?
+		repositoryID := ctx.ParamsInt64(":repository-id")
+
+		//TODO: check auth here ?
+		if !ctx.Repo.HasAccess() && !ctx.IsUserSiteAdmin() {
+			ctx.Error(http.StatusForbidden, "reqAnyRepoReader", "user should have any permission to read repository or permissions of site admin")
+			return
+		}
+
+		var err error
+		ctx.Repo, err = repo_model.GetRepositoryByID(ctx, repositoryID)
+
+		if err != nil {
+			ctx.Error(http.StatusInternalServerError, "GetRepositoryByID", err)
+		}
+	}
+}