afan
/
gitea
關注 1
收藏 0
複製 0
程式碼 問題 0 合併請求 0 版本發佈 0 Wiki 活動
gitea源码
3 提交
2 分支
分支: master
分支列表 標籤
${ item.name }
建立分支 ${ searchTerm }
from 'master'
${ noResults }
gitea/routers/web/user/setting/applications.go

applications.go 4.0KB
永久連結 歷史記錄 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139 
  1. // Copyright 2014 The Gogs Authors. All rights reserved.

  2. // Copyright 2018 The Gitea Authors. All rights reserved.

  3. // SPDX-License-Identifier: MIT

  4. 

  5. package setting

  6. 

  7. import (

  8. 	"net/http"

  9. 	"strings"

  10. 

  11. 	auth_model "code.gitea.io/gitea/models/auth"

  12. 	"code.gitea.io/gitea/models/db"

  13. 	user_model "code.gitea.io/gitea/models/user"

  14. 	"code.gitea.io/gitea/modules/setting"

  15. 	"code.gitea.io/gitea/modules/templates"

  16. 	"code.gitea.io/gitea/modules/util"

  17. 	"code.gitea.io/gitea/modules/web"

  18. 	"code.gitea.io/gitea/services/context"

  19. 	"code.gitea.io/gitea/services/forms"

  20. )

  21. 

  22. const (

  23. 	tplSettingsApplications templates.TplName = "user/settings/applications"

  24. )

  25. 

  26. // Applications render manage access token page

  27. func Applications(ctx *context.Context) {

  28. 	ctx.Data["Title"] = ctx.Tr("settings.applications")

  29. 	ctx.Data["PageIsSettingsApplications"] = true

  30. 	ctx.Data["UserDisabledFeatures"] = user_model.DisabledFeaturesWithLoginType(ctx.Doer)

  31. 

  32. 	loadApplicationsData(ctx)

  33. 

  34. 	ctx.HTML(http.StatusOK, tplSettingsApplications)

  35. }

  36. 

  37. // ApplicationsPost response for add user's access token

  38. func ApplicationsPost(ctx *context.Context) {

  39. 	form := web.GetForm(ctx).(*forms.NewAccessTokenForm)

  40. 	ctx.Data["Title"] = ctx.Tr("settings")

  41. 	ctx.Data["PageIsSettingsApplications"] = true

  42. 	ctx.Data["UserDisabledFeatures"] = user_model.DisabledFeaturesWithLoginType(ctx.Doer)

  43. 

  44. 	_ = ctx.Req.ParseForm()

  45. 	var scopeNames []string

  46. 	const accessTokenScopePrefix = "scope-"

  47. 	for k, v := range ctx.Req.Form {

  48. 		if strings.HasPrefix(k, accessTokenScopePrefix) {

  49. 			scopeNames = append(scopeNames, v...)

  50. 		}

  51. 	}

  52. 

  53. 	scope, err := auth_model.AccessTokenScope(strings.Join(scopeNames, ",")).Normalize()

  54. 	if err != nil {

  55. 		ctx.ServerError("GetScope", err)

  56. 		return

  57. 	}

  58. 	if !scope.HasPermissionScope() {

  59. 		ctx.Flash.Error(ctx.Tr("settings.at_least_one_permission"), true)

  60. 	}

  61. 

  62. 	if ctx.HasError() {

  63. 		loadApplicationsData(ctx)

  64. 		ctx.HTML(http.StatusOK, tplSettingsApplications)

  65. 		return

  66. 	}

  67. 

  68. 	t := &auth_model.AccessToken{

  69. 		UID:   ctx.Doer.ID,

  70. 		Name:  form.Name,

  71. 		Scope: scope,

  72. 	}

  73. 

  74. 	exist, err := auth_model.AccessTokenByNameExists(ctx, t)

  75. 	if err != nil {

  76. 		ctx.ServerError("AccessTokenByNameExists", err)

  77. 		return

  78. 	}

  79. 	if exist {

  80. 		ctx.Flash.Error(ctx.Tr("settings.generate_token_name_duplicate", t.Name))

  81. 		ctx.Redirect(setting.AppSubURL + "/user/settings/applications")

  82. 		return

  83. 	}

  84. 

  85. 	if err := auth_model.NewAccessToken(ctx, t); err != nil {

  86. 		ctx.ServerError("NewAccessToken", err)

  87. 		return

  88. 	}

  89. 

  90. 	ctx.Flash.Success(ctx.Tr("settings.generate_token_success"))

  91. 	ctx.Flash.Info(t.Token)

  92. 

  93. 	ctx.Redirect(setting.AppSubURL + "/user/settings/applications")

  94. }

  95. 

  96. // DeleteApplication response for delete user access token

  97. func DeleteApplication(ctx *context.Context) {

  98. 	if err := auth_model.DeleteAccessTokenByID(ctx, ctx.FormInt64("id"), ctx.Doer.ID); err != nil {

  99. 		ctx.Flash.Error("DeleteAccessTokenByID: " + err.Error())

  100. 	} else {

  101. 		ctx.Flash.Success(ctx.Tr("settings.delete_token_success"))

  102. 	}

  103. 

  104. 	ctx.JSONRedirect(setting.AppSubURL + "/user/settings/applications")

  105. }

  106. 

  107. func loadApplicationsData(ctx *context.Context) {

  108. 	ctx.Data["AccessTokenScopePublicOnly"] = auth_model.AccessTokenScopePublicOnly

  109. 	tokens, err := db.Find[auth_model.AccessToken](ctx, auth_model.ListAccessTokensOptions{UserID: ctx.Doer.ID})

  110. 	if err != nil {

  111. 		ctx.ServerError("ListAccessTokens", err)

  112. 		return

  113. 	}

  114. 	ctx.Data["Tokens"] = tokens

  115. 	ctx.Data["EnableOAuth2"] = setting.OAuth2.Enabled

  116. 

  117. 	// Handle specific ordered token categories for admin or non-admin users

  118. 	tokenCategoryNames := auth_model.GetAccessTokenCategories()

  119. 	if !ctx.Doer.IsAdmin {

  120. 		tokenCategoryNames = util.SliceRemoveAll(tokenCategoryNames, "admin")

  121. 	}

  122. 	ctx.Data["TokenCategories"] = tokenCategoryNames

  123. 

  124. 	if setting.OAuth2.Enabled {

  125. 		ctx.Data["Applications"], err = db.Find[auth_model.OAuth2Application](ctx, auth_model.FindOAuth2ApplicationsOptions{

  126. 			OwnerID: ctx.Doer.ID,

  127. 		})

  128. 		if err != nil {

  129. 			ctx.ServerError("GetOAuth2ApplicationsByUserID", err)

  130. 			return

  131. 		}

  132. 		ctx.Data["Grants"], err = auth_model.GetOAuth2GrantsByUserID(ctx, ctx.Doer.ID)

  133. 		if err != nil {

  134. 			ctx.ServerError("GetOAuth2GrantsByUserID", err)

  135. 			return

  136. 		}

  137. 	}

  138. }