afan
/
gitea
Наблюдаван 1
Харесван 0
Разклонения 0
Код Задачи 0 Заявки за сливане 0 Версии 0 Уики Activity
gitea源码
2 Ревизии
2 Клонове
ИН на ревизия: f5d5e77162
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
from 'f5d5e77162'
${ noResults }
gitea/cmd/admin_user_generate_access_...

admin_user_generate_access_token.go 2.2KB
История Директен файл

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. // Copyright 2023 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package cmd

  5. 

  6. import (

  7. 	"context"

  8. 	"errors"

  9. 	"fmt"

  10. 

  11. 	auth_model "code.gitea.io/gitea/models/auth"

  12. 	user_model "code.gitea.io/gitea/models/user"

  13. 

  14. 	"github.com/urfave/cli/v3"

  15. )

  16. 

  17. var microcmdUserGenerateAccessToken = &cli.Command{

  18. 	Name:  "generate-access-token",

  19. 	Usage: "Generate an access token for a specific user",

  20. 	Flags: []cli.Flag{

  21. 		&cli.StringFlag{

  22. 			Name:    "username",

  23. 			Aliases: []string{"u"},

  24. 			Usage:   "Username",

  25. 		},

  26. 		&cli.StringFlag{

  27. 			Name:    "token-name",

  28. 			Aliases: []string{"t"},

  29. 			Usage:   "Token name",

  30. 			Value:   "gitea-admin",

  31. 		},

  32. 		&cli.BoolFlag{

  33. 			Name:  "raw",

  34. 			Usage: "Display only the token value",

  35. 		},

  36. 		&cli.StringFlag{

  37. 			Name:  "scopes",

  38. 			Value: "all",

  39. 			Usage: `Comma separated list of scopes to apply to access token, examples: "all", "public-only,read:issue", "write:repository,write:user"`,

  40. 		},

  41. 	},

  42. 	Action: runGenerateAccessToken,

  43. }

  44. 

  45. func runGenerateAccessToken(ctx context.Context, c *cli.Command) error {

  46. 	if !c.IsSet("username") {

  47. 		return errors.New("you must provide a username to generate a token for")

  48. 	}

  49. 

  50. 	if err := initDB(ctx); err != nil {

  51. 		return err

  52. 	}

  53. 

  54. 	user, err := user_model.GetUserByName(ctx, c.String("username"))

  55. 	if err != nil {

  56. 		return err

  57. 	}

  58. 

  59. 	// construct token with name and user so we can make sure it is unique

  60. 	t := &auth_model.AccessToken{

  61. 		Name: c.String("token-name"),

  62. 		UID:  user.ID,

  63. 	}

  64. 

  65. 	exist, err := auth_model.AccessTokenByNameExists(ctx, t)

  66. 	if err != nil {

  67. 		return err

  68. 	}

  69. 	if exist {

  70. 		return errors.New("access token name has been used already")

  71. 	}

  72. 

  73. 	// make sure the scopes are valid

  74. 	accessTokenScope, err := auth_model.AccessTokenScope(c.String("scopes")).Normalize()

  75. 	if err != nil {

  76. 		return fmt.Errorf("invalid access token scope provided: %w", err)

  77. 	}

  78. 	if !accessTokenScope.HasPermissionScope() {

  79. 		return errors.New("access token does not have any permission")

  80. 	}

  81. 	t.Scope = accessTokenScope

  82. 

  83. 	// create the token

  84. 	if err := auth_model.NewAccessToken(ctx, t); err != nil {

  85. 		return err

  86. 	}

  87. 

  88. 	if c.Bool("raw") {

  89. 		fmt.Printf("%s\n", t.Token)

  90. 	} else {

  91. 		fmt.Printf("Access token was successfully created: %s\n", t.Token)

  92. 	}

  93. 

  94. 	return nil

  95. }