2018-05-17 06:05:00 +02:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
|
|
|
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
2022-11-27 13:20:29 -05:00
|
|
|
// SPDX-License-Identifier: MIT
|
2018-05-17 06:05:00 +02:00
|
|
|
|
|
|
|
|
package setting
|
|
|
|
|
|
|
|
|
|
import (
|
2021-04-05 17:30:52 +02:00
|
|
|
"net/http"
|
2025-02-27 14:40:12 -05:00
|
|
|
"strings"
|
2021-04-05 17:30:52 +02:00
|
|
|
|
2022-08-25 10:31:57 +08:00
|
|
|
auth_model "code.gitea.io/gitea/models/auth"
|
2023-11-24 11:49:41 +08:00
|
|
|
"code.gitea.io/gitea/models/db"
|
2018-05-17 06:05:00 +02:00
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2024-12-22 23:33:19 +08:00
|
|
|
"code.gitea.io/gitea/modules/templates"
|
2025-02-27 14:40:12 -05:00
|
|
|
"code.gitea.io/gitea/modules/util"
|
2021-01-26 23:36:53 +08:00
|
|
|
"code.gitea.io/gitea/modules/web"
|
2024-02-27 15:12:22 +08:00
|
|
|
"code.gitea.io/gitea/services/context"
|
2021-04-06 20:44:05 +01:00
|
|
|
"code.gitea.io/gitea/services/forms"
|
2018-05-17 06:05:00 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
2024-12-22 23:33:19 +08:00
|
|
|
tplSettingsApplications templates.TplName = "user/settings/applications"
|
2018-05-17 06:05:00 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Applications render manage access token page
|
|
|
|
|
func Applications(ctx *context.Context) {
|
2023-02-01 19:56:10 -03:00
|
|
|
ctx.Data["Title"] = ctx.Tr("settings.applications")
|
2018-05-17 06:05:00 +02:00
|
|
|
ctx.Data["PageIsSettingsApplications"] = true
|
|
|
|
|
|
2018-06-18 20:24:45 +02:00
|
|
|
loadApplicationsData(ctx)
|
2018-05-17 06:05:00 +02:00
|
|
|
|
2021-04-05 17:30:52 +02:00
|
|
|
ctx.HTML(http.StatusOK, tplSettingsApplications)
|
2018-05-17 06:05:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// ApplicationsPost response for add user's access token
|
2021-01-26 23:36:53 +08:00
|
|
|
func ApplicationsPost(ctx *context.Context) {
|
2021-04-06 20:44:05 +01:00
|
|
|
form := web.GetForm(ctx).(*forms.NewAccessTokenForm)
|
2025-12-19 09:50:48 -08:00
|
|
|
ctx.Data["Title"] = ctx.Tr("settings_title")
|
2018-05-17 06:05:00 +02:00
|
|
|
ctx.Data["PageIsSettingsApplications"] = true
|
|
|
|
|
|
2025-02-27 14:40:12 -05:00
|
|
|
_ = ctx.Req.ParseForm()
|
|
|
|
|
var scopeNames []string
|
2025-04-10 12:18:07 -05:00
|
|
|
const accessTokenScopePrefix = "scope-"
|
2025-02-27 14:40:12 -05:00
|
|
|
for k, v := range ctx.Req.Form {
|
2025-04-10 12:18:07 -05:00
|
|
|
if strings.HasPrefix(k, accessTokenScopePrefix) {
|
2025-02-27 14:40:12 -05:00
|
|
|
scopeNames = append(scopeNames, v...)
|
|
|
|
|
}
|
2018-05-17 06:05:00 +02:00
|
|
|
}
|
|
|
|
|
|
2025-02-27 14:40:12 -05:00
|
|
|
scope, err := auth_model.AccessTokenScope(strings.Join(scopeNames, ",")).Normalize()
|
2023-01-17 16:46:03 -05:00
|
|
|
if err != nil {
|
|
|
|
|
ctx.ServerError("GetScope", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
2025-04-02 07:00:54 -07:00
|
|
|
if !scope.HasPermissionScope() {
|
2025-02-27 14:40:12 -05:00
|
|
|
ctx.Flash.Error(ctx.Tr("settings.at_least_one_permission"), true)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ctx.HasError() {
|
|
|
|
|
loadApplicationsData(ctx)
|
|
|
|
|
ctx.HTML(http.StatusOK, tplSettingsApplications)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-25 10:31:57 +08:00
|
|
|
t := &auth_model.AccessToken{
|
2023-01-17 16:46:03 -05:00
|
|
|
UID: ctx.Doer.ID,
|
|
|
|
|
Name: form.Name,
|
|
|
|
|
Scope: scope,
|
2018-05-17 06:05:00 +02:00
|
|
|
}
|
2020-04-13 21:02:48 +02:00
|
|
|
|
2023-09-15 08:13:19 +02:00
|
|
|
exist, err := auth_model.AccessTokenByNameExists(ctx, t)
|
2020-04-13 21:02:48 +02:00
|
|
|
if err != nil {
|
|
|
|
|
ctx.ServerError("AccessTokenByNameExists", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if exist {
|
|
|
|
|
ctx.Flash.Error(ctx.Tr("settings.generate_token_name_duplicate", t.Name))
|
|
|
|
|
ctx.Redirect(setting.AppSubURL + "/user/settings/applications")
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
2023-09-15 08:13:19 +02:00
|
|
|
if err := auth_model.NewAccessToken(ctx, t); err != nil {
|
2018-05-17 06:05:00 +02:00
|
|
|
ctx.ServerError("NewAccessToken", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctx.Flash.Success(ctx.Tr("settings.generate_token_success"))
|
2019-05-04 11:45:34 -04:00
|
|
|
ctx.Flash.Info(t.Token)
|
2018-05-17 06:05:00 +02:00
|
|
|
|
|
|
|
|
ctx.Redirect(setting.AppSubURL + "/user/settings/applications")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// DeleteApplication response for delete user access token
|
|
|
|
|
func DeleteApplication(ctx *context.Context) {
|
2023-09-15 08:13:19 +02:00
|
|
|
if err := auth_model.DeleteAccessTokenByID(ctx, ctx.FormInt64("id"), ctx.Doer.ID); err != nil {
|
2018-05-17 06:05:00 +02:00
|
|
|
ctx.Flash.Error("DeleteAccessTokenByID: " + err.Error())
|
|
|
|
|
} else {
|
|
|
|
|
ctx.Flash.Success(ctx.Tr("settings.delete_token_success"))
|
|
|
|
|
}
|
|
|
|
|
|
2023-07-26 14:04:01 +08:00
|
|
|
ctx.JSONRedirect(setting.AppSubURL + "/user/settings/applications")
|
2018-05-17 06:05:00 +02:00
|
|
|
}
|
2018-06-18 20:24:45 +02:00
|
|
|
|
|
|
|
|
func loadApplicationsData(ctx *context.Context) {
|
2023-06-04 14:57:16 -04:00
|
|
|
ctx.Data["AccessTokenScopePublicOnly"] = auth_model.AccessTokenScopePublicOnly
|
2023-11-24 11:49:41 +08:00
|
|
|
tokens, err := db.Find[auth_model.AccessToken](ctx, auth_model.ListAccessTokensOptions{UserID: ctx.Doer.ID})
|
2018-06-18 20:24:45 +02:00
|
|
|
if err != nil {
|
|
|
|
|
ctx.ServerError("ListAccessTokens", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
ctx.Data["Tokens"] = tokens
|
2024-01-28 07:36:44 -05:00
|
|
|
ctx.Data["EnableOAuth2"] = setting.OAuth2.Enabled
|
2025-02-27 14:40:12 -05:00
|
|
|
|
|
|
|
|
// Handle specific ordered token categories for admin or non-admin users
|
|
|
|
|
tokenCategoryNames := auth_model.GetAccessTokenCategories()
|
|
|
|
|
if !ctx.Doer.IsAdmin {
|
|
|
|
|
tokenCategoryNames = util.SliceRemoveAll(tokenCategoryNames, "admin")
|
|
|
|
|
}
|
|
|
|
|
ctx.Data["TokenCategories"] = tokenCategoryNames
|
|
|
|
|
|
2024-01-28 07:36:44 -05:00
|
|
|
if setting.OAuth2.Enabled {
|
2023-11-24 11:49:41 +08:00
|
|
|
ctx.Data["Applications"], err = db.Find[auth_model.OAuth2Application](ctx, auth_model.FindOAuth2ApplicationsOptions{
|
|
|
|
|
OwnerID: ctx.Doer.ID,
|
|
|
|
|
})
|
2019-03-08 17:42:50 +01:00
|
|
|
if err != nil {
|
|
|
|
|
ctx.ServerError("GetOAuth2ApplicationsByUserID", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
2022-08-25 10:31:57 +08:00
|
|
|
ctx.Data["Grants"], err = auth_model.GetOAuth2GrantsByUserID(ctx, ctx.Doer.ID)
|
2019-04-17 10:18:16 +02:00
|
|
|
if err != nil {
|
|
|
|
|
ctx.ServerError("GetOAuth2GrantsByUserID", err)
|
|
|
|
|
return
|
|
|
|
|
}
|
2019-03-08 17:42:50 +01:00
|
|
|
}
|
2018-06-18 20:24:45 +02:00
|
|
|
}
|