afan
/
gitea
Obserwuj 1
Gwiazdka 0
Forkuj 0
Kod Problemy 0 Pull Requests 0 Wydania 0 Wiki Aktywność
gitea源码
1 Commit
2 Gałęzie
Drzewo: 61128e8e94
Gałęzie Tagi
${ item.name }
Utwórz gałąź ${ searchTerm }
z '61128e8e94'
${ noResults }
gitea/routers/web/repo/issue_comment.go

issue_comment.go 14KB
Historia Czysty

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483 
  1. // Copyright 2024 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package repo

  5. 

  6. import (

  7. 	"errors"

  8. 	"fmt"

  9. 	"html/template"

  10. 	"net/http"

  11. 	"strconv"

  12. 	"strings"

  13. 

  14. 	issues_model "code.gitea.io/gitea/models/issues"

  15. 	"code.gitea.io/gitea/models/renderhelper"

  16. 	user_model "code.gitea.io/gitea/models/user"

  17. 	"code.gitea.io/gitea/modules/git"

  18. 	"code.gitea.io/gitea/modules/gitrepo"

  19. 	"code.gitea.io/gitea/modules/htmlutil"

  20. 	"code.gitea.io/gitea/modules/log"

  21. 	"code.gitea.io/gitea/modules/markup/markdown"

  22. 	repo_module "code.gitea.io/gitea/modules/repository"

  23. 	"code.gitea.io/gitea/modules/setting"

  24. 	api "code.gitea.io/gitea/modules/structs"

  25. 	"code.gitea.io/gitea/modules/web"

  26. 	"code.gitea.io/gitea/services/context"

  27. 	"code.gitea.io/gitea/services/convert"

  28. 	"code.gitea.io/gitea/services/forms"

  29. 	issue_service "code.gitea.io/gitea/services/issue"

  30. 	pull_service "code.gitea.io/gitea/services/pull"

  31. )

  32. 

  33. // NewComment create a comment for issue

  34. func NewComment(ctx *context.Context) {

  35. 	form := web.GetForm(ctx).(*forms.CreateCommentForm)

  36. 	issue := GetActionIssue(ctx)

  37. 	if ctx.Written() {

  38. 		return

  39. 	}

  40. 

  41. 	if !ctx.IsSigned || (ctx.Doer.ID != issue.PosterID && !ctx.Repo.CanReadIssuesOrPulls(issue.IsPull)) {

  42. 		if log.IsTrace() {

  43. 			if ctx.IsSigned {

  44. 				issueType := "issues"

  45. 				if issue.IsPull {

  46. 					issueType = "pulls"

  47. 				}

  48. 				log.Trace("Permission Denied: User %-v not the Poster (ID: %d) and cannot read %s in Repo %-v.\n"+

  49. 					"User in Repo has Permissions: %-+v",

  50. 					ctx.Doer,

  51. 					issue.PosterID,

  52. 					issueType,

  53. 					ctx.Repo.Repository,

  54. 					ctx.Repo.Permission)

  55. 			} else {

  56. 				log.Trace("Permission Denied: Not logged in")

  57. 			}

  58. 		}

  59. 

  60. 		ctx.HTTPError(http.StatusForbidden)

  61. 		return

  62. 	}

  63. 

  64. 	if issue.IsLocked && !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) && !ctx.Doer.IsAdmin {

  65. 		ctx.JSONError(ctx.Tr("repo.issues.comment_on_locked"))

  66. 		return

  67. 	}

  68. 

  69. 	var attachments []string

  70. 	if setting.Attachment.Enabled {

  71. 		attachments = form.Files

  72. 	}

  73. 

  74. 	if ctx.HasError() {

  75. 		ctx.JSONError(ctx.GetErrMsg())

  76. 		return

  77. 	}

  78. 

  79. 	var comment *issues_model.Comment

  80. 	defer func() {

  81. 		// Check if issue admin/poster changes the status of issue.

  82. 		if (ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) || (ctx.IsSigned && issue.IsPoster(ctx.Doer.ID))) &&

  83. 			(form.Status == "reopen" || form.Status == "close") &&

  84. 			!(issue.IsPull && issue.PullRequest.HasMerged) {

  85. 			// Duplication and conflict check should apply to reopen pull request.

  86. 			var pr *issues_model.PullRequest

  87. 

  88. 			if form.Status == "reopen" && issue.IsPull {

  89. 				pull := issue.PullRequest

  90. 				var err error

  91. 				pr, err = issues_model.GetUnmergedPullRequest(ctx, pull.HeadRepoID, pull.BaseRepoID, pull.HeadBranch, pull.BaseBranch, pull.Flow)

  92. 				if err != nil {

  93. 					if !issues_model.IsErrPullRequestNotExist(err) {

  94. 						ctx.JSONError(ctx.Tr("repo.issues.dependency.pr_close_blocked"))

  95. 						return

  96. 					}

  97. 				}

  98. 

  99. 				// Regenerate patch and test conflict.

  100. 				if pr == nil {

  101. 					issue.PullRequest.HeadCommitID = ""

  102. 					pull_service.StartPullRequestCheckImmediately(ctx, issue.PullRequest)

  103. 				}

  104. 

  105. 				// check whether the ref of PR <refs/pulls/pr_index/head> in base repo is consistent with the head commit of head branch in the head repo

  106. 				// get head commit of PR

  107. 				if pull.Flow == issues_model.PullRequestFlowGithub {

  108. 					prHeadRef := pull.GetGitHeadRefName()

  109. 					if err := pull.LoadBaseRepo(ctx); err != nil {

  110. 						ctx.ServerError("Unable to load base repo", err)

  111. 						return

  112. 					}

  113. 					prHeadCommitID, err := git.GetFullCommitID(ctx, pull.BaseRepo.RepoPath(), prHeadRef)

  114. 					if err != nil {

  115. 						ctx.ServerError("Get head commit Id of pr fail", err)

  116. 						return

  117. 					}

  118. 

  119. 					// get head commit of branch in the head repo

  120. 					if err := pull.LoadHeadRepo(ctx); err != nil {

  121. 						ctx.ServerError("Unable to load head repo", err)

  122. 						return

  123. 					}

  124. 					if ok := gitrepo.IsBranchExist(ctx, pull.HeadRepo, pull.BaseBranch); !ok {

  125. 						// todo localize

  126. 						ctx.JSONError("The origin branch is delete, cannot reopen.")

  127. 						return

  128. 					}

  129. 					headBranchRef := pull.GetGitHeadBranchRefName()

  130. 					headBranchCommitID, err := git.GetFullCommitID(ctx, pull.HeadRepo.RepoPath(), headBranchRef)

  131. 					if err != nil {

  132. 						ctx.ServerError("Get head commit Id of head branch fail", err)

  133. 						return

  134. 					}

  135. 

  136. 					err = pull.LoadIssue(ctx)

  137. 					if err != nil {

  138. 						ctx.ServerError("load the issue of pull request error", err)

  139. 						return

  140. 					}

  141. 

  142. 					if prHeadCommitID != headBranchCommitID {

  143. 						// force push to base repo

  144. 						err := git.Push(ctx, pull.HeadRepo.RepoPath(), git.PushOptions{

  145. 							Remote: pull.BaseRepo.RepoPath(),

  146. 							Branch: pull.HeadBranch + ":" + prHeadRef,

  147. 							Force:  true,

  148. 							Env:    repo_module.InternalPushingEnvironment(pull.Issue.Poster, pull.BaseRepo),

  149. 						})

  150. 						if err != nil {

  151. 							ctx.ServerError("force push error", err)

  152. 							return

  153. 						}

  154. 					}

  155. 				}

  156. 			}

  157. 

  158. 			if pr != nil {

  159. 				ctx.Flash.Info(ctx.Tr("repo.pulls.open_unmerged_pull_exists", pr.Index))

  160. 			} else {

  161. 				if form.Status == "close" && !issue.IsClosed {

  162. 					if err := issue_service.CloseIssue(ctx, issue, ctx.Doer, ""); err != nil {

  163. 						log.Error("CloseIssue: %v", err)

  164. 						if issues_model.IsErrDependenciesLeft(err) {

  165. 							if issue.IsPull {

  166. 								ctx.JSONError(ctx.Tr("repo.issues.dependency.pr_close_blocked"))

  167. 							} else {

  168. 								ctx.JSONError(ctx.Tr("repo.issues.dependency.issue_close_blocked"))

  169. 							}

  170. 							return

  171. 						}

  172. 					} else {

  173. 						if err := stopTimerIfAvailable(ctx, ctx.Doer, issue); err != nil {

  174. 							ctx.ServerError("stopTimerIfAvailable", err)

  175. 							return

  176. 						}

  177. 						log.Trace("Issue [%d] status changed to closed: %v", issue.ID, issue.IsClosed)

  178. 					}

  179. 				} else if form.Status == "reopen" && issue.IsClosed {

  180. 					if err := issue_service.ReopenIssue(ctx, issue, ctx.Doer, ""); err != nil {

  181. 						log.Error("ReopenIssue: %v", err)

  182. 					}

  183. 				}

  184. 			}

  185. 		}

  186. 

  187. 		// Redirect to comment hashtag if there is any actual content.

  188. 		typeName := "issues"

  189. 		if issue.IsPull {

  190. 			typeName = "pulls"

  191. 		}

  192. 		if comment != nil {

  193. 			ctx.JSONRedirect(fmt.Sprintf("%s/%s/%d#%s", ctx.Repo.RepoLink, typeName, issue.Index, comment.HashTag()))

  194. 		} else {

  195. 			ctx.JSONRedirect(fmt.Sprintf("%s/%s/%d", ctx.Repo.RepoLink, typeName, issue.Index))

  196. 		}

  197. 	}()

  198. 

  199. 	// Fix #321: Allow empty comments, as long as we have attachments.

  200. 	if len(form.Content) == 0 && len(attachments) == 0 {

  201. 		return

  202. 	}

  203. 

  204. 	comment, err := issue_service.CreateIssueComment(ctx, ctx.Doer, ctx.Repo.Repository, issue, form.Content, attachments)

  205. 	if err != nil {

  206. 		if errors.Is(err, user_model.ErrBlockedUser) {

  207. 			ctx.JSONError(ctx.Tr("repo.issues.comment.blocked_user"))

  208. 		} else {

  209. 			ctx.ServerError("CreateIssueComment", err)

  210. 		}

  211. 		return

  212. 	}

  213. 

  214. 	log.Trace("Comment created: %d/%d/%d", ctx.Repo.Repository.ID, issue.ID, comment.ID)

  215. }

  216. 

  217. // UpdateCommentContent change comment of issue's content

  218. func UpdateCommentContent(ctx *context.Context) {

  219. 	comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64("id"))

  220. 	if err != nil {

  221. 		ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err)

  222. 		return

  223. 	}

  224. 

  225. 	if err := comment.LoadIssue(ctx); err != nil {

  226. 		ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err)

  227. 		return

  228. 	}

  229. 

  230. 	if comment.Issue.RepoID != ctx.Repo.Repository.ID {

  231. 		ctx.NotFound(issues_model.ErrCommentNotExist{})

  232. 		return

  233. 	}

  234. 

  235. 	if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) {

  236. 		ctx.HTTPError(http.StatusForbidden)

  237. 		return

  238. 	}

  239. 

  240. 	if !comment.Type.HasContentSupport() {

  241. 		ctx.HTTPError(http.StatusNoContent)

  242. 		return

  243. 	}

  244. 

  245. 	newContent := ctx.FormString("content")

  246. 	contentVersion := ctx.FormInt("content_version")

  247. 	if contentVersion != comment.ContentVersion {

  248. 		ctx.JSONError(ctx.Tr("repo.comments.edit.already_changed"))

  249. 		return

  250. 	}

  251. 

  252. 	if newContent != comment.Content {

  253. 		// allow to save empty content

  254. 		oldContent := comment.Content

  255. 		comment.Content = newContent

  256. 

  257. 		if err = issue_service.UpdateComment(ctx, comment, contentVersion, ctx.Doer, oldContent); err != nil {

  258. 			if errors.Is(err, user_model.ErrBlockedUser) {

  259. 				ctx.JSONError(ctx.Tr("repo.issues.comment.blocked_user"))

  260. 			} else if errors.Is(err, issues_model.ErrCommentAlreadyChanged) {

  261. 				ctx.JSONError(ctx.Tr("repo.comments.edit.already_changed"))

  262. 			} else {

  263. 				ctx.ServerError("UpdateComment", err)

  264. 			}

  265. 			return

  266. 		}

  267. 	}

  268. 

  269. 	if err := comment.LoadAttachments(ctx); err != nil {

  270. 		ctx.ServerError("LoadAttachments", err)

  271. 		return

  272. 	}

  273. 

  274. 	// when the update request doesn't intend to update attachments (eg: change checkbox state), ignore attachment updates

  275. 	if !ctx.FormBool("ignore_attachments") {

  276. 		if err := updateAttachments(ctx, comment, ctx.FormStrings("files[]")); err != nil {

  277. 			ctx.ServerError("UpdateAttachments", err)

  278. 			return

  279. 		}

  280. 	}

  281. 

  282. 	var renderedContent template.HTML

  283. 	if comment.Content != "" {

  284. 		rctx := renderhelper.NewRenderContextRepoComment(ctx, ctx.Repo.Repository, renderhelper.RepoCommentOptions{

  285. 			FootnoteContextID: strconv.FormatInt(comment.ID, 10),

  286. 		})

  287. 		renderedContent, err = markdown.RenderString(rctx, comment.Content)

  288. 		if err != nil {

  289. 			ctx.ServerError("RenderString", err)

  290. 			return

  291. 		}

  292. 	}

  293. 

  294. 	if strings.TrimSpace(string(renderedContent)) == "" {

  295. 		renderedContent = htmlutil.HTMLFormat(`<span class="no-content">%s</span>`, ctx.Tr("repo.issues.no_content"))

  296. 	}

  297. 

  298. 	ctx.JSON(http.StatusOK, map[string]any{

  299. 		"content":        renderedContent,

  300. 		"contentVersion": comment.ContentVersion,

  301. 		"attachments":    attachmentsHTML(ctx, comment.Attachments, comment.Content),

  302. 	})

  303. }

  304. 

  305. // DeleteComment delete comment of issue

  306. func DeleteComment(ctx *context.Context) {

  307. 	comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64("id"))

  308. 	if err != nil {

  309. 		ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err)

  310. 		return

  311. 	}

  312. 

  313. 	if err := comment.LoadIssue(ctx); err != nil {

  314. 		ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err)

  315. 		return

  316. 	}

  317. 

  318. 	if comment.Issue.RepoID != ctx.Repo.Repository.ID {

  319. 		ctx.NotFound(issues_model.ErrCommentNotExist{})

  320. 		return

  321. 	}

  322. 

  323. 	if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanWriteIssuesOrPulls(comment.Issue.IsPull)) {

  324. 		ctx.HTTPError(http.StatusForbidden)

  325. 		return

  326. 	} else if !comment.Type.HasContentSupport() {

  327. 		ctx.HTTPError(http.StatusNoContent)

  328. 		return

  329. 	}

  330. 

  331. 	if err = issue_service.DeleteComment(ctx, ctx.Doer, comment); err != nil {

  332. 		ctx.ServerError("DeleteComment", err)

  333. 		return

  334. 	}

  335. 

  336. 	ctx.Status(http.StatusOK)

  337. }

  338. 

  339. // ChangeCommentReaction create a reaction for comment

  340. func ChangeCommentReaction(ctx *context.Context) {

  341. 	form := web.GetForm(ctx).(*forms.ReactionForm)

  342. 	comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64("id"))

  343. 	if err != nil {

  344. 		ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err)

  345. 		return

  346. 	}

  347. 

  348. 	if err := comment.LoadIssue(ctx); err != nil {

  349. 		ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err)

  350. 		return

  351. 	}

  352. 

  353. 	if comment.Issue.RepoID != ctx.Repo.Repository.ID {

  354. 		ctx.NotFound(issues_model.ErrCommentNotExist{})

  355. 		return

  356. 	}

  357. 

  358. 	if !ctx.IsSigned || (ctx.Doer.ID != comment.PosterID && !ctx.Repo.CanReadIssuesOrPulls(comment.Issue.IsPull)) {

  359. 		if log.IsTrace() {

  360. 			if ctx.IsSigned {

  361. 				issueType := "issues"

  362. 				if comment.Issue.IsPull {

  363. 					issueType = "pulls"

  364. 				}

  365. 				log.Trace("Permission Denied: User %-v not the Poster (ID: %d) and cannot read %s in Repo %-v.\n"+

  366. 					"User in Repo has Permissions: %-+v",

  367. 					ctx.Doer,

  368. 					comment.Issue.PosterID,

  369. 					issueType,

  370. 					ctx.Repo.Repository,

  371. 					ctx.Repo.Permission)

  372. 			} else {

  373. 				log.Trace("Permission Denied: Not logged in")

  374. 			}

  375. 		}

  376. 

  377. 		ctx.HTTPError(http.StatusForbidden)

  378. 		return

  379. 	}

  380. 

  381. 	if !comment.Type.HasContentSupport() {

  382. 		ctx.HTTPError(http.StatusNoContent)

  383. 		return

  384. 	}

  385. 

  386. 	switch ctx.PathParam("action") {

  387. 	case "react":

  388. 		reaction, err := issue_service.CreateCommentReaction(ctx, ctx.Doer, comment, form.Content)

  389. 		if err != nil {

  390. 			if issues_model.IsErrForbiddenIssueReaction(err) || errors.Is(err, user_model.ErrBlockedUser) {

  391. 				ctx.ServerError("ChangeIssueReaction", err)

  392. 				return

  393. 			}

  394. 			log.Info("CreateCommentReaction: %s", err)

  395. 			break

  396. 		}

  397. 		// Reload new reactions

  398. 		comment.Reactions = nil

  399. 		if err = comment.LoadReactions(ctx, ctx.Repo.Repository); err != nil {

  400. 			log.Info("comment.LoadReactions: %s", err)

  401. 			break

  402. 		}

  403. 

  404. 		log.Trace("Reaction for comment created: %d/%d/%d/%d", ctx.Repo.Repository.ID, comment.Issue.ID, comment.ID, reaction.ID)

  405. 	case "unreact":

  406. 		if err := issues_model.DeleteCommentReaction(ctx, ctx.Doer.ID, comment.Issue.ID, comment.ID, form.Content); err != nil {

  407. 			ctx.ServerError("DeleteCommentReaction", err)

  408. 			return

  409. 		}

  410. 

  411. 		// Reload new reactions

  412. 		comment.Reactions = nil

  413. 		if err = comment.LoadReactions(ctx, ctx.Repo.Repository); err != nil {

  414. 			log.Info("comment.LoadReactions: %s", err)

  415. 			break

  416. 		}

  417. 

  418. 		log.Trace("Reaction for comment removed: %d/%d/%d", ctx.Repo.Repository.ID, comment.Issue.ID, comment.ID)

  419. 	default:

  420. 		ctx.NotFound(nil)

  421. 		return

  422. 	}

  423. 

  424. 	if len(comment.Reactions) == 0 {

  425. 		ctx.JSON(http.StatusOK, map[string]any{

  426. 			"empty": true,

  427. 			"html":  "",

  428. 		})

  429. 		return

  430. 	}

  431. 

  432. 	html, err := ctx.RenderToHTML(tplReactions, map[string]any{

  433. 		"ActionURL": fmt.Sprintf("%s/comments/%d/reactions", ctx.Repo.RepoLink, comment.ID),

  434. 		"Reactions": comment.Reactions.GroupByType(),

  435. 	})

  436. 	if err != nil {

  437. 		ctx.ServerError("ChangeCommentReaction.HTMLString", err)

  438. 		return

  439. 	}

  440. 	ctx.JSON(http.StatusOK, map[string]any{

  441. 		"html": html,

  442. 	})

  443. }

  444. 

  445. // GetCommentAttachments returns attachments for the comment

  446. func GetCommentAttachments(ctx *context.Context) {

  447. 	comment, err := issues_model.GetCommentByID(ctx, ctx.PathParamInt64("id"))

  448. 	if err != nil {

  449. 		ctx.NotFoundOrServerError("GetCommentByID", issues_model.IsErrCommentNotExist, err)

  450. 		return

  451. 	}

  452. 

  453. 	if err := comment.LoadIssue(ctx); err != nil {

  454. 		ctx.NotFoundOrServerError("LoadIssue", issues_model.IsErrIssueNotExist, err)

  455. 		return

  456. 	}

  457. 

  458. 	if comment.Issue.RepoID != ctx.Repo.Repository.ID {

  459. 		ctx.NotFound(issues_model.ErrCommentNotExist{})

  460. 		return

  461. 	}

  462. 

  463. 	if !ctx.Repo.Permission.CanReadIssuesOrPulls(comment.Issue.IsPull) {

  464. 		ctx.NotFound(issues_model.ErrCommentNotExist{})

  465. 		return

  466. 	}

  467. 

  468. 	if !comment.Type.HasAttachmentSupport() {

  469. 		ctx.ServerError("GetCommentAttachments", fmt.Errorf("comment type %v does not support attachments", comment.Type))

  470. 		return

  471. 	}

  472. 

  473. 	attachments := make([]*api.Attachment, 0)

  474. 	if err := comment.LoadAttachments(ctx); err != nil {

  475. 		ctx.ServerError("LoadAttachments", err)

  476. 		return

  477. 	}

  478. 	for i := 0; i < len(comment.Attachments); i++ {

  479. 		attachments = append(attachments, convert.ToAttachment(ctx.Repo.Repository, comment.Attachments[i]))

  480. 	}

  481. 	ctx.JSON(http.StatusOK, attachments)

  482. }