2017-01-20 01:58:46 -05:00
|
|
|
// Copyright 2017 The Gitea Authors. All rights reserved.
|
2022-11-27 13:20:29 -05:00
|
|
|
// SPDX-License-Identifier: MIT
|
2017-01-20 01:58:46 -05:00
|
|
|
|
|
|
|
|
package repo
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"fmt"
|
2020-01-04 18:20:08 -05:00
|
|
|
"net/http"
|
2017-01-20 01:58:46 -05:00
|
|
|
|
2022-05-11 06:09:36 -04:00
|
|
|
access_model "code.gitea.io/gitea/models/perm/access"
|
2021-11-19 08:39:57 -05:00
|
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
2021-04-12 10:49:26 -04:00
|
|
|
"code.gitea.io/gitea/modules/httpcache"
|
2017-01-20 01:58:46 -05:00
|
|
|
"code.gitea.io/gitea/modules/log"
|
|
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2020-08-18 00:23:45 -04:00
|
|
|
"code.gitea.io/gitea/modules/storage"
|
2023-07-07 01:31:56 -04:00
|
|
|
"code.gitea.io/gitea/modules/util"
|
2021-06-08 19:33:54 -04:00
|
|
|
"code.gitea.io/gitea/routers/common"
|
2021-09-08 11:19:30 -04:00
|
|
|
"code.gitea.io/gitea/services/attachment"
|
2024-02-27 02:12:22 -05:00
|
|
|
"code.gitea.io/gitea/services/context"
|
|
|
|
|
"code.gitea.io/gitea/services/context/upload"
|
2022-06-06 04:01:49 -04:00
|
|
|
repo_service "code.gitea.io/gitea/services/repository"
|
2017-01-20 01:58:46 -05:00
|
|
|
)
|
|
|
|
|
|
2020-10-05 01:49:33 -04:00
|
|
|
// UploadIssueAttachment response for Issue/PR attachments
|
|
|
|
|
func UploadIssueAttachment(ctx *context.Context) {
|
2021-09-08 11:19:30 -04:00
|
|
|
uploadAttachment(ctx, ctx.Repo.Repository.ID, setting.Attachment.AllowedTypes)
|
2017-01-20 01:58:46 -05:00
|
|
|
}
|
|
|
|
|
|
2020-10-05 01:49:33 -04:00
|
|
|
// UploadReleaseAttachment response for uploading release attachments
|
|
|
|
|
func UploadReleaseAttachment(ctx *context.Context) {
|
2021-09-08 11:19:30 -04:00
|
|
|
uploadAttachment(ctx, ctx.Repo.Repository.ID, setting.Repository.Release.AllowedTypes)
|
2020-10-05 01:49:33 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// UploadAttachment response for uploading attachments
|
2021-09-08 11:19:30 -04:00
|
|
|
func uploadAttachment(ctx *context.Context, repoID int64, allowedTypes string) {
|
2020-08-18 00:23:45 -04:00
|
|
|
if !setting.Attachment.Enabled {
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.Error(http.StatusNotFound, "attachment is not enabled")
|
2017-01-20 01:58:46 -05:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
file, header, err := ctx.Req.FormFile("file")
|
|
|
|
|
if err != nil {
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.Error(http.StatusInternalServerError, fmt.Sprintf("FormFile: %v", err))
|
2017-01-20 01:58:46 -05:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
defer file.Close()
|
|
|
|
|
|
2023-10-03 06:30:41 -04:00
|
|
|
attach, err := attachment.UploadAttachment(ctx, file, allowedTypes, header.Size, &repo_model.Attachment{
|
2022-12-09 01:35:56 -05:00
|
|
|
Name: header.Filename,
|
|
|
|
|
UploaderID: ctx.Doer.ID,
|
|
|
|
|
RepoID: repoID,
|
|
|
|
|
})
|
2017-01-20 01:58:46 -05:00
|
|
|
if err != nil {
|
2021-09-08 11:19:30 -04:00
|
|
|
if upload.IsErrFileTypeForbidden(err) {
|
|
|
|
|
ctx.Error(http.StatusBadRequest, err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.Error(http.StatusInternalServerError, fmt.Sprintf("NewAttachment: %v", err))
|
2017-01-20 01:58:46 -05:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
log.Trace("New attachment uploaded: %s", attach.UUID)
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.JSON(http.StatusOK, map[string]string{
|
2017-01-20 01:58:46 -05:00
|
|
|
"uuid": attach.UUID,
|
|
|
|
|
})
|
|
|
|
|
}
|
2019-10-15 08:19:32 -04:00
|
|
|
|
|
|
|
|
// DeleteAttachment response for deleting issue's attachment
|
|
|
|
|
func DeleteAttachment(ctx *context.Context) {
|
2021-08-10 20:31:13 -04:00
|
|
|
file := ctx.FormString("file")
|
2022-05-20 10:08:52 -04:00
|
|
|
attach, err := repo_model.GetAttachmentByUUID(ctx, file)
|
2019-10-15 08:19:32 -04:00
|
|
|
if err != nil {
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.Error(http.StatusBadRequest, err.Error())
|
2019-10-15 08:19:32 -04:00
|
|
|
return
|
|
|
|
|
}
|
2022-03-22 03:03:22 -04:00
|
|
|
if !ctx.IsSigned || (ctx.Doer.ID != attach.UploaderID) {
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.Error(http.StatusForbidden)
|
2020-02-27 18:10:27 -05:00
|
|
|
return
|
|
|
|
|
}
|
2023-09-15 02:13:19 -04:00
|
|
|
err = repo_model.DeleteAttachment(ctx, attach, true)
|
2019-10-15 08:19:32 -04:00
|
|
|
if err != nil {
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.Error(http.StatusInternalServerError, fmt.Sprintf("DeleteAttachment: %v", err))
|
2019-10-15 08:19:32 -04:00
|
|
|
return
|
|
|
|
|
}
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.JSON(http.StatusOK, map[string]string{
|
2019-10-15 08:19:32 -04:00
|
|
|
"uuid": attach.UUID,
|
|
|
|
|
})
|
|
|
|
|
}
|
2020-01-04 18:20:08 -05:00
|
|
|
|
2023-04-12 05:05:23 -04:00
|
|
|
// GetAttachment serve attachments with the given UUID
|
|
|
|
|
func ServeAttachment(ctx *context.Context, uuid string) {
|
|
|
|
|
attach, err := repo_model.GetAttachmentByUUID(ctx, uuid)
|
2020-01-04 18:20:08 -05:00
|
|
|
if err != nil {
|
2021-11-19 08:39:57 -05:00
|
|
|
if repo_model.IsErrAttachmentNotExist(err) {
|
2021-04-05 11:30:52 -04:00
|
|
|
ctx.Error(http.StatusNotFound)
|
2020-01-04 18:20:08 -05:00
|
|
|
} else {
|
|
|
|
|
ctx.ServerError("GetAttachmentByUUID", err)
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2022-12-02 21:48:26 -05:00
|
|
|
repository, unitType, err := repo_service.LinkedRepository(ctx, attach)
|
2020-01-04 18:20:08 -05:00
|
|
|
if err != nil {
|
|
|
|
|
ctx.ServerError("LinkedRepository", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-20 12:46:10 -05:00
|
|
|
if repository == nil { // If not linked
|
2022-03-22 03:03:22 -04:00
|
|
|
if !(ctx.IsSigned && attach.UploaderID == ctx.Doer.ID) { // We block if not the uploader
|
2020-01-04 18:20:08 -05:00
|
|
|
ctx.Error(http.StatusNotFound)
|
|
|
|
|
return
|
|
|
|
|
}
|
2022-01-20 12:46:10 -05:00
|
|
|
} else { // If we have the repository we check access
|
2022-05-11 06:09:36 -04:00
|
|
|
perm, err := access_model.GetUserRepoPermission(ctx, repository, ctx.Doer)
|
2020-01-04 18:20:08 -05:00
|
|
|
if err != nil {
|
|
|
|
|
ctx.Error(http.StatusInternalServerError, "GetUserRepoPermission", err.Error())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if !perm.CanRead(unitType) {
|
|
|
|
|
ctx.Error(http.StatusNotFound)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 12:20:16 -04:00
|
|
|
if attach.ExternalURL != "" {
|
|
|
|
|
ctx.Redirect(attach.ExternalURL)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 02:13:19 -04:00
|
|
|
if err := attach.IncreaseDownloadCount(ctx); err != nil {
|
2021-04-12 10:49:26 -04:00
|
|
|
ctx.ServerError("IncreaseDownloadCount", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2023-06-13 23:42:38 -04:00
|
|
|
if setting.Attachment.Storage.MinioConfig.ServeDirect {
|
2022-01-20 12:46:10 -05:00
|
|
|
// If we have a signed url (S3, object storage), redirect to this directly.
|
Fix `missing signature key` error when pulling Docker images with `SERVE_DIRECT` enabled (#32365)
Fix #28121
I did some tests and found that the `missing signature key` error is
caused by an incorrect `Content-Type` header. Gitea correctly sets the
`Content-Type` header when serving files.
https://github.com/go-gitea/gitea/blob/348d1d0f322ca57c459acd902f54821d687ca804/routers/api/packages/container/container.go#L712-L717
However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may
be set to an incorrect value by the storage service. To fix this issue,
we can use query parameters to override response header values.
https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
<img width="600px"
src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555"
/>
In this PR, I introduced a new parameter to the `URL` method to support
additional parameters.
```
URL(path, name string, reqParams url.Values) (*url.URL, error)
```
---
Most S3-like services support specifying the content type when storing
objects. However, Gitea always use `application/octet-stream`.
Therefore, I believe we also need to improve the `Save` method to
support storing objects with the correct content type.
https://github.com/go-gitea/gitea/blob/b7fb20e73e63b8edc9b90c52073e248bef428fcc/modules/storage/minio.go#L214-L221
(cherry picked from commit 0690cb076bf63f71988a709f62a9c04660b51a4f)
Conflicts:
- modules/storage/azureblob.go
Dropped the change, as we do not support Azure blob storage.
- modules/storage/helper.go
Resolved by adjusting their `discardStorage` to our
`DiscardStorage`
- routers/api/actions/artifacts.go
routers/api/actions/artifactsv4.go
routers/web/repo/actions/view.go
routers/web/repo/download.go
Resolved the conflicts by manually adding the new `nil`
parameter to the `storage.Attachments.URL()` calls.
Originally conflicted due to differences in the if expression
above these calls.
2024-10-31 11:28:25 -04:00
|
|
|
u, err := storage.Attachments.URL(attach.RelativePath(), attach.Name, nil)
|
2020-08-18 00:23:45 -04:00
|
|
|
|
|
|
|
|
if u != nil && err == nil {
|
|
|
|
|
ctx.Redirect(u.String())
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-12 10:49:26 -04:00
|
|
|
if httpcache.HandleGenericETagCache(ctx.Req, ctx.Resp, `"`+attach.UUID+`"`) {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-20 12:46:10 -05:00
|
|
|
// If we have matched and access to release or issue
|
2020-08-18 00:23:45 -04:00
|
|
|
fr, err := storage.Attachments.Open(attach.RelativePath())
|
2020-01-04 18:20:08 -05:00
|
|
|
if err != nil {
|
|
|
|
|
ctx.ServerError("Open", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
defer fr.Close()
|
|
|
|
|
|
2023-07-07 01:31:56 -04:00
|
|
|
common.ServeContentByReadSeeker(ctx.Base, attach.Name, util.ToPointer(attach.CreatedUnix.AsTime()), fr)
|
2020-01-04 18:20:08 -05:00
|
|
|
}
|
2023-04-12 05:05:23 -04:00
|
|
|
|
|
|
|
|
// GetAttachment serve attachments
|
|
|
|
|
func GetAttachment(ctx *context.Context) {
|
|
|
|
|
ServeAttachment(ctx, ctx.Params(":uuid"))
|
|
|
|
|
}
|