Ensure URL format of git repositories
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
parent
c5a75b6fa8
commit
3b716d73c7
@ -7,6 +7,7 @@ import (
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
@ -67,7 +68,6 @@ func declareAPIAuthRepositoriesRoutes(router *gin.RouterGroup) {
|
||||
if r.IdWork == work.(*Work).Id {
|
||||
// Is the URL used elsewhere?
|
||||
repos, _ := getRepositoriesByURI(r.URI)
|
||||
log.Println(repos)
|
||||
if len(repos) > 1 {
|
||||
r.AlreadyUsed = true
|
||||
}
|
||||
@ -95,6 +95,28 @@ func declareAPIAuthRepositoriesRoutes(router *gin.RouterGroup) {
|
||||
return
|
||||
}
|
||||
|
||||
uri, err := url.Parse(repository.URI)
|
||||
if err != nil {
|
||||
tmp := strings.Split(repository.URI, ":")
|
||||
if len(tmp) == 2 {
|
||||
uri, err = url.Parse(fmt.Sprintf("ssh://%s/%s", tmp[0], tmp[1]))
|
||||
} else if len(tmp) == 3 {
|
||||
uri, err = url.Parse(fmt.Sprintf("%s://%s/%s", tmp[0], tmp[1], tmp[2]))
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": fmt.Sprintf("invalid repository URL: %s", err.Error())})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if strings.Contains(uri.Host, "epita.fr") {
|
||||
if !strings.HasPrefix(uri.Path, fmt.Sprintf("/%s/", u.Login)) {
|
||||
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"errmsg": "repository URL forbidden"})
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
var w *Work
|
||||
if work, ok := c.Get("work"); ok {
|
||||
w = work.(*Work)
|
||||
@ -128,7 +150,6 @@ func declareAPIAuthRepositoriesRoutes(router *gin.RouterGroup) {
|
||||
|
||||
// Is the URL used elsewhere?
|
||||
repos, _ := getRepositoriesByURI(repo.URI)
|
||||
log.Println(repos)
|
||||
if len(repos) > 1 {
|
||||
repo.AlreadyUsed = true
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user