mirror of
https://github.com/go-gitea/gitea.git
synced 2026-06-28 16:46:17 +02:00
cbe1b703dc
This PR replaces a set of struct-based `Get` lookups with explicit `db.Get` / `db.Exist` conditions in places where zero-value fields can lead to ambiguous matches or incorrect records being returned. The main goal is to make read paths deterministic and avoid accidentally matching the wrong row when only part of a struct is populated. ### What changed - replace many `db.GetEngine(ctx).Get(bean)` calls with explicit `builder.Eq` conditions across models such as actions, admin tasks, issues, pull requests, repositories, users, packages, redirects, watches, stars, and follows - use quoted column names where needed for reserved fields like `index`, `type`, and `name` - add dedicated user lookup helpers for: - primary email - OAuth login source / login name - update sign-in and OAuth-related flows to use explicit individual-user lookups instead of partially populated `User` structs - tighten package property and Terraform lock lookups to avoid ambiguous reads and updates - keep existing fallback behavior where needed, while removing reliance on zero-value struct matching ### User-facing impact These changes primarily affect authentication and account lookup paths: - email/username sign-in now re-fetches users through explicit keys - OAuth2 auto-linking now resolves users by name or primary email explicitly - OAuth2 login/sync now looks up users by login source, login type, and login name explicitly - non-individual accounts are no longer implicitly matched through partial user lookups in these flows This should reduce the risk of incorrect account matches and make query behavior more predictable across the codebase. --------- Co-authored-by: bircni <bircni@icloud.com>
199 lines
5.6 KiB
Go
199 lines
5.6 KiB
Go
// Copyright 2019 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package issue
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
|
|
"gitea.dev/models/db"
|
|
issues_model "gitea.dev/models/issues"
|
|
access_model "gitea.dev/models/perm/access"
|
|
repo_model "gitea.dev/models/repo"
|
|
user_model "gitea.dev/models/user"
|
|
"gitea.dev/modules/gitrepo"
|
|
"gitea.dev/modules/json"
|
|
"gitea.dev/modules/log"
|
|
"gitea.dev/modules/timeutil"
|
|
git_service "gitea.dev/services/git"
|
|
notify_service "gitea.dev/services/notify"
|
|
|
|
"xorm.io/builder"
|
|
)
|
|
|
|
// CreateRefComment creates a commit reference comment to issue.
|
|
func CreateRefComment(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, issue *issues_model.Issue, content, commitSHA string) error {
|
|
if len(commitSHA) == 0 {
|
|
return errors.New("cannot create reference with empty commit SHA")
|
|
}
|
|
|
|
if user_model.IsUserBlockedBy(ctx, doer, issue.PosterID, repo.OwnerID) {
|
|
if isAdmin, _ := access_model.IsUserRepoAdmin(ctx, repo, doer); !isAdmin {
|
|
return user_model.ErrBlockedUser
|
|
}
|
|
}
|
|
|
|
// Check if same reference from same commit has already existed.
|
|
has, err := db.Exist[issues_model.Comment](ctx, builder.Eq{
|
|
"`type`": issues_model.CommentTypeCommitRef,
|
|
"issue_id": issue.ID,
|
|
"commit_sha": commitSHA,
|
|
})
|
|
if err != nil {
|
|
return fmt.Errorf("check reference comment: %w", err)
|
|
} else if has {
|
|
return nil
|
|
}
|
|
|
|
_, err = issues_model.CreateComment(ctx, &issues_model.CreateCommentOptions{
|
|
Type: issues_model.CommentTypeCommitRef,
|
|
Doer: doer,
|
|
Repo: repo,
|
|
Issue: issue,
|
|
CommitSHA: commitSHA,
|
|
Content: content,
|
|
})
|
|
return err
|
|
}
|
|
|
|
// CreateIssueComment creates a plain issue comment.
|
|
func CreateIssueComment(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, issue *issues_model.Issue, content string, attachments []string) (*issues_model.Comment, error) {
|
|
if user_model.IsUserBlockedBy(ctx, doer, issue.PosterID, repo.OwnerID) {
|
|
if isAdmin, _ := access_model.IsUserRepoAdmin(ctx, repo, doer); !isAdmin {
|
|
return nil, user_model.ErrBlockedUser
|
|
}
|
|
}
|
|
|
|
comment, err := issues_model.CreateComment(ctx, &issues_model.CreateCommentOptions{
|
|
Type: issues_model.CommentTypeComment,
|
|
Doer: doer,
|
|
Repo: repo,
|
|
Issue: issue,
|
|
Content: content,
|
|
Attachments: attachments,
|
|
})
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
mentions, err := issues_model.FindAndUpdateIssueMentions(ctx, issue, doer, comment.Content)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
// reload issue to ensure it has the latest data, especially the number of comments
|
|
issue, err = issues_model.GetIssueByID(ctx, issue.ID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
notify_service.CreateIssueComment(ctx, doer, repo, issue, comment, mentions)
|
|
|
|
return comment, nil
|
|
}
|
|
|
|
// UpdateComment updates information of comment.
|
|
func UpdateComment(ctx context.Context, c *issues_model.Comment, contentVersion int, doer *user_model.User, oldContent string) error {
|
|
if err := c.LoadIssue(ctx); err != nil {
|
|
return err
|
|
}
|
|
if err := c.Issue.LoadRepo(ctx); err != nil {
|
|
return err
|
|
}
|
|
|
|
if user_model.IsUserBlockedBy(ctx, doer, c.Issue.PosterID, c.Issue.Repo.OwnerID) {
|
|
if isAdmin, _ := access_model.IsUserRepoAdmin(ctx, c.Issue.Repo, doer); !isAdmin {
|
|
return user_model.ErrBlockedUser
|
|
}
|
|
}
|
|
|
|
needsContentHistory := c.Content != oldContent && c.Type.HasContentSupport()
|
|
if needsContentHistory {
|
|
hasContentHistory, err := issues_model.HasIssueContentHistory(ctx, c.IssueID, c.ID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
if !hasContentHistory {
|
|
if err = issues_model.SaveIssueContentHistory(ctx, c.PosterID, c.IssueID, c.ID,
|
|
c.CreatedUnix, oldContent, true); err != nil {
|
|
return err
|
|
}
|
|
}
|
|
}
|
|
|
|
if err := issues_model.UpdateComment(ctx, c, contentVersion, doer); err != nil {
|
|
return err
|
|
}
|
|
|
|
if needsContentHistory {
|
|
err := issues_model.SaveIssueContentHistory(ctx, doer.ID, c.IssueID, c.ID, timeutil.TimeStampNow(), c.Content, false)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
}
|
|
|
|
notify_service.UpdateComment(ctx, doer, c, oldContent)
|
|
|
|
return nil
|
|
}
|
|
|
|
// DeleteComment deletes the comment
|
|
func DeleteComment(ctx context.Context, doer *user_model.User, comment *issues_model.Comment) error {
|
|
err := db.WithTx(ctx, func(ctx context.Context) error {
|
|
return issues_model.DeleteComment(ctx, comment)
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
notify_service.DeleteComment(ctx, doer, comment)
|
|
|
|
return nil
|
|
}
|
|
|
|
// LoadCommentPushCommits Load push commits
|
|
func LoadCommentPushCommits(ctx context.Context, c *issues_model.Comment) error {
|
|
if c.Content == "" || c.Commits != nil || c.Type != issues_model.CommentTypePullRequestPush {
|
|
return nil
|
|
}
|
|
|
|
var data issues_model.PushActionContent
|
|
if err := json.Unmarshal([]byte(c.Content), &data); err != nil {
|
|
log.Debug("Unmarshal: %v", err) // no need to show 500 error to end user when the JSON is broken
|
|
return nil
|
|
}
|
|
|
|
c.IsForcePush = data.IsForcePush
|
|
|
|
if c.IsForcePush {
|
|
if len(data.CommitIDs) != 2 {
|
|
return nil
|
|
}
|
|
c.OldCommit, c.NewCommit = data.CommitIDs[0], data.CommitIDs[1]
|
|
} else {
|
|
if err := c.LoadIssue(ctx); err != nil {
|
|
return err
|
|
}
|
|
if err := c.Issue.LoadRepo(ctx); err != nil {
|
|
return err
|
|
}
|
|
|
|
gitRepo, closer, err := gitrepo.RepositoryFromContextOrOpen(ctx, c.Issue.Repo)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer closer.Close()
|
|
|
|
c.Commits, err = git_service.ConvertFromGitCommit(ctx, gitRepo.GetCommitsFromIDs(data.CommitIDs), c.Issue.Repo, "") // no current ref sub path for PR commit list
|
|
if err != nil {
|
|
log.Debug("ConvertFromGitCommit: %v", err) // no need to show 500 error to end user when the commit does not exist
|
|
} else {
|
|
c.CommitsNum = int64(len(c.Commits))
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|