diff --git a/models/repo.go b/models/repo.go index 4be655d2..7cecdea4 100644 --- a/models/repo.go +++ b/models/repo.go @@ -10,6 +10,7 @@ import ( "io/ioutil" "os" "os/exec" + "path" "path/filepath" "regexp" "strings" @@ -162,7 +163,7 @@ func CreateRepository(user *User, repoName, desc, repoLang, license string, priv access := Access{ UserName: user.Name, - RepoName: repo.Name, + RepoName: strings.ToLower(path.Join(user.Name, repo.Name)), Mode: AU_WRITABLE, } if _, err = session.Insert(&access); err != nil { @@ -510,7 +511,6 @@ func NotifyWatchers(act *Action) error { continue } - act.Id = 0 act.UserId = watches[i].UserId if _, err = orm.InsertOne(act); err != nil { return errors.New("repo.NotifyWatchers(create action): " + err.Error()) diff --git a/serve.go b/serve.go index ad31260f..dcbddfe4 100644 --- a/serve.go +++ b/serve.go @@ -90,13 +90,13 @@ func runServ(k *cli.Context) { keyId, err := strconv.ParseInt(keys[1], 10, 64) if err != nil { fmt.Println("auth file format error") - log.Error("auth file format error") + log.Error("auth file format error", err) return } user, err := models.GetUserByKeyId(keyId) if err != nil { fmt.Println("You have no right to access") - log.Error("You have no right to access") + log.Error("SSH visit error", err) return } @@ -107,13 +107,14 @@ func runServ(k *cli.Context) { } verb, args := parseCmd(cmd) - rRepo := strings.Trim(args, "'") - rr := strings.SplitN(rRepo, "/", 2) + repoPath := strings.Trim(args, "'") + rr := strings.SplitN(repoPath, "/", 2) if len(rr) != 2 { println("Unavilable repository", args) log.Error("Unavilable repository %v", args) return } + repoUserName := rr[0] repoName := rr[1] if strings.HasSuffix(repoName, ".git") { repoName = repoName[:len(repoName)-4] @@ -122,27 +123,17 @@ func runServ(k *cli.Context) { isWrite := In(verb, COMMANDS_WRITE) isRead := In(verb, COMMANDS_READONLY) - /*//repo, err := models.GetRepositoryByName(user.Id, repoName) - //var isExist bool = true + repoUser, err := models.GetUserByName(repoUserName) if err != nil { - if err == models.ErrRepoNotExist { - //isExist = false - if isRead { - println("Repository", user.Name+"/"+repoName, "is not exist") - log.Error("Repository " + user.Name + "/" + repoName + " is not exist") - return - } - } else { - println("Get repository error:", err) - log.Error("Get repository error: " + err.Error()) - return - } - }*/ + fmt.Println("You have no right to access") + log.Error("Get user failed", err) + return + } // access check switch { case isWrite: - has, err := models.HasAccess(user.Name, repoName, models.AU_WRITABLE) + has, err := models.HasAccess(user.Name, strings.ToLower(path.Join(repoUserName, repoName)), models.AU_WRITABLE) if err != nil { println("Inernel error:", err) log.Error(err.Error()) @@ -150,18 +141,29 @@ func runServ(k *cli.Context) { } if !has { println("You have no right to write this repository") - log.Error("You have no right to access this repository") + log.Error("User %s has no right to write repository %s", user.Name, repoPath) return } case isRead: - has, err := models.HasAccess(user.Name, repoName, models.AU_READABLE) + repo, err := models.GetRepositoryByName(repoUser.Id, repoName) + if err != nil { + println("Get repository error:", err) + log.Error("Get repository error: " + err.Error()) + return + } + + if !repo.IsPrivate { + break + } + + has, err := models.HasAccess(user.Name, repoPath, models.AU_READABLE) if err != nil { println("Inernel error") log.Error(err.Error()) return } if !has { - has, err = models.HasAccess(user.Name, repoName, models.AU_WRITABLE) + has, err = models.HasAccess(user.Name, repoPath, models.AU_WRITABLE) if err != nil { println("Inernel error") log.Error(err.Error()) @@ -184,7 +186,7 @@ func runServ(k *cli.Context) { os.Setenv("userId", strconv.Itoa(int(user.Id))) os.Setenv("repoName", repoName) - gitcmd := exec.Command(verb, rRepo) + gitcmd := exec.Command(verb, repoPath) gitcmd.Dir = base.RepoRootPath gitcmd.Stdout = os.Stdout gitcmd.Stdin = os.Stdin