Add ContextUser to http request context (#18798)

This PR adds a middleware which sets a ContextUser (like GetUserByParams before) in a single place which can be used by other methods. For routes which represent a repo or org the respective middlewares set the field too. Also fix a bug in modules/context/org.go during refactoring.
2025-05-18 08:00:01 +02:00 · 2022-03-26 10:04:22 +01:00 · 2022-03-26 10:04:22 +01:00 · 59b867dc2d
commit 59b867dc2d
parent f36701c702
23 changed files with 247 additions and 323 deletions
--- a/routers/api/v1/admin/user.go
+++ b/routers/api/v1/admin/user.go
@ -73,6 +73,7 @@ func CreateUser(ctx *context.APIContext) {
 	//     "$ref": "#/responses/forbidden"
 	//   "422":
 	//     "$ref": "#/responses/validationError"
+
 	form := web.GetForm(ctx).(*api.CreateUserOption)

 	u := &user_model.User{
@ -163,13 +164,10 @@ func EditUser(ctx *context.APIContext) {
 	//     "$ref": "#/responses/forbidden"
 	//   "422":
 	//     "$ref": "#/responses/validationError"
-	form := web.GetForm(ctx).(*api.EditUserOption)
-	u := user.GetUserByParams(ctx)
-	if ctx.Written() {
-		return
-	}

-	parseAuthSource(ctx, u, form.SourceID, form.LoginName)
+	form := web.GetForm(ctx).(*api.EditUserOption)
+
+	parseAuthSource(ctx, ctx.ContextUser, form.SourceID, form.LoginName)
 	if ctx.Written() {
 		return
 	}
@ -193,24 +191,24 @@ func EditUser(ctx *context.APIContext) {
 			ctx.Error(http.StatusBadRequest, "PasswordPwned", errors.New("PasswordPwned"))
 			return
 		}
-		if u.Salt, err = user_model.GetUserSalt(); err != nil {
+		if ctx.ContextUser.Salt, err = user_model.GetUserSalt(); err != nil {
 			ctx.Error(http.StatusInternalServerError, "UpdateUser", err)
 			return
 		}
-		if err = u.SetPassword(form.Password); err != nil {
+		if err = ctx.ContextUser.SetPassword(form.Password); err != nil {
 			ctx.InternalServerError(err)
 			return
 		}
 	}

 	if form.MustChangePassword != nil {
-		u.MustChangePassword = *form.MustChangePassword
+		ctx.ContextUser.MustChangePassword = *form.MustChangePassword
 	}

-	u.LoginName = form.LoginName
+	ctx.ContextUser.LoginName = form.LoginName

 	if form.FullName != nil {
-		u.FullName = *form.FullName
+		ctx.ContextUser.FullName = *form.FullName
 	}
 	var emailChanged bool
 	if form.Email != nil {
@ -225,47 +223,47 @@ func EditUser(ctx *context.APIContext) {
 			return
 		}

-		emailChanged = !strings.EqualFold(u.Email, email)
-		u.Email = email
+		emailChanged = !strings.EqualFold(ctx.ContextUser.Email, email)
+		ctx.ContextUser.Email = email
 	}
 	if form.Website != nil {
-		u.Website = *form.Website
+		ctx.ContextUser.Website = *form.Website
 	}
 	if form.Location != nil {
-		u.Location = *form.Location
+		ctx.ContextUser.Location = *form.Location
 	}
 	if form.Description != nil {
-		u.Description = *form.Description
+		ctx.ContextUser.Description = *form.Description
 	}
 	if form.Active != nil {
-		u.IsActive = *form.Active
+		ctx.ContextUser.IsActive = *form.Active
 	}
 	if len(form.Visibility) != 0 {
-		u.Visibility = api.VisibilityModes[form.Visibility]
+		ctx.ContextUser.Visibility = api.VisibilityModes[form.Visibility]
 	}
 	if form.Admin != nil {
-		u.IsAdmin = *form.Admin
+		ctx.ContextUser.IsAdmin = *form.Admin
 	}
 	if form.AllowGitHook != nil {
-		u.AllowGitHook = *form.AllowGitHook
+		ctx.ContextUser.AllowGitHook = *form.AllowGitHook
 	}
 	if form.AllowImportLocal != nil {
-		u.AllowImportLocal = *form.AllowImportLocal
+		ctx.ContextUser.AllowImportLocal = *form.AllowImportLocal
 	}
 	if form.MaxRepoCreation != nil {
-		u.MaxRepoCreation = *form.MaxRepoCreation
+		ctx.ContextUser.MaxRepoCreation = *form.MaxRepoCreation
 	}
 	if form.AllowCreateOrganization != nil {
-		u.AllowCreateOrganization = *form.AllowCreateOrganization
+		ctx.ContextUser.AllowCreateOrganization = *form.AllowCreateOrganization
 	}
 	if form.ProhibitLogin != nil {
-		u.ProhibitLogin = *form.ProhibitLogin
+		ctx.ContextUser.ProhibitLogin = *form.ProhibitLogin
 	}
 	if form.Restricted != nil {
-		u.IsRestricted = *form.Restricted
+		ctx.ContextUser.IsRestricted = *form.Restricted
 	}

-	if err := user_model.UpdateUser(u, emailChanged); err != nil {
+	if err := user_model.UpdateUser(ctx.ContextUser, emailChanged); err != nil {
 		if user_model.IsErrEmailAlreadyUsed(err) ||
 			user_model.IsErrEmailCharIsNotSupported(err) ||
 			user_model.IsErrEmailInvalid(err) {
@ -275,9 +273,9 @@ func EditUser(ctx *context.APIContext) {
 		}
 		return
 	}
-	log.Trace("Account profile updated by admin (%s): %s", ctx.Doer.Name, u.Name)
+	log.Trace("Account profile updated by admin (%s): %s", ctx.Doer.Name, ctx.ContextUser.Name)

-	ctx.JSON(http.StatusOK, convert.ToUser(u, ctx.Doer))
+	ctx.JSON(http.StatusOK, convert.ToUser(ctx.ContextUser, ctx.Doer))
 }

 // DeleteUser api for deleting a user
@ -301,17 +299,12 @@ func DeleteUser(ctx *context.APIContext) {
 	//   "422":
 	//     "$ref": "#/responses/validationError"

-	u := user.GetUserByParams(ctx)
-	if ctx.Written() {
+	if ctx.ContextUser.IsOrganization() {
+		ctx.Error(http.StatusUnprocessableEntity, "", fmt.Errorf("%s is an organization not a user", ctx.ContextUser.Name))
 		return
 	}

-	if u.IsOrganization() {
-		ctx.Error(http.StatusUnprocessableEntity, "", fmt.Errorf("%s is an organization not a user", u.Name))
-		return
-	}
-
-	if err := user_service.DeleteUser(u); err != nil {
+	if err := user_service.DeleteUser(ctx.ContextUser); err != nil {
 		if models.IsErrUserOwnRepos(err) ||
 			models.IsErrUserHasOrgs(err) {
 			ctx.Error(http.StatusUnprocessableEntity, "", err)
@ -320,7 +313,7 @@ func DeleteUser(ctx *context.APIContext) {
 		}
 		return
 	}
-	log.Trace("Account deleted by admin(%s): %s", ctx.Doer.Name, u.Name)
+	log.Trace("Account deleted by admin(%s): %s", ctx.Doer.Name, ctx.ContextUser.Name)

 	ctx.Status(http.StatusNoContent)
 }
@ -351,12 +344,10 @@ func CreatePublicKey(ctx *context.APIContext) {
 	//     "$ref": "#/responses/forbidden"
 	//   "422":
 	//     "$ref": "#/responses/validationError"
+
 	form := web.GetForm(ctx).(*api.CreateKeyOption)
-	u := user.GetUserByParams(ctx)
-	if ctx.Written() {
-		return
-	}
-	user.CreateUserPublicKey(ctx, *form, u.ID)
+
+	user.CreateUserPublicKey(ctx, *form, ctx.ContextUser.ID)
 }

 // DeleteUserPublicKey api for deleting a user's public key
@ -386,12 +377,7 @@ func DeleteUserPublicKey(ctx *context.APIContext) {
 	//   "404":
 	//     "$ref": "#/responses/notFound"

-	u := user.GetUserByParams(ctx)
-	if ctx.Written() {
-		return
-	}
-
-	if err := asymkey_service.DeletePublicKey(u, ctx.ParamsInt64(":id")); err != nil {
+	if err := asymkey_service.DeletePublicKey(ctx.ContextUser, ctx.ParamsInt64(":id")); err != nil {
 		if asymkey_model.IsErrKeyNotExist(err) {
 			ctx.NotFound()
 		} else if asymkey_model.IsErrKeyAccessDenied(err) {
@ -401,7 +387,7 @@ func DeleteUserPublicKey(ctx *context.APIContext) {
 		}
 		return
 	}
-	log.Trace("Key deleted by admin(%s): %s", ctx.Doer.Name, u.Name)
+	log.Trace("Key deleted by admin(%s): %s", ctx.Doer.Name, ctx.ContextUser.Name)

 	ctx.Status(http.StatusNoContent)
 }