oppi.li / perf-test
loading up the forgejo repo on tangled to test page performance
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

Fix attachment download bug (#27486)

authored by

Lunny Xiao and committed by
GitHub 5c9fbcca 7ff1f252

+21 -21
+8 -4
services/auth/auth.go
··· 36 36 } 37 37 38 38 var ( 39 - gitRawReleasePathRe = regexp.MustCompile(`^/[a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+/(?:(?:git-(?:(?:upload)|(?:receive))-pack$)|(?:info/refs$)|(?:HEAD$)|(?:objects/)|(?:raw/)|(?:releases/download/))`) 40 - lfsPathRe = regexp.MustCompile(`^/[a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+/info/lfs/`) 39 + gitRawOrAttachPathRe = regexp.MustCompile(`^/[a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+/(?:(?:git-(?:(?:upload)|(?:receive))-pack$)|(?:info/refs$)|(?:HEAD$)|(?:objects/)|(?:raw/)|(?:releases/download/)|(?:attachments/))`) 40 + lfsPathRe = regexp.MustCompile(`^/[a-zA-Z0-9_.-]+/[a-zA-Z0-9_.-]+/info/lfs/`) 41 41 ) 42 42 43 - func isGitRawReleaseOrLFSPath(req *http.Request) bool { 44 - if gitRawReleasePathRe.MatchString(req.URL.Path) { 43 + func isGitRawOrAttachPath(req *http.Request) bool { 44 + return gitRawOrAttachPathRe.MatchString(req.URL.Path) 45 + } 46 + 47 + func isGitRawOrAttachOrLFSPath(req *http.Request) bool { 48 + if isGitRawOrAttachPath(req) { 45 49 return true 46 50 } 47 51 if setting.LFS.StartServer {
+9 -5
services/auth/auth_test.go
··· 85 85 "/owner/repo/releases/download/tag/repo.tar.gz", 86 86 true, 87 87 }, 88 + { 89 + "/owner/repo/attachments/6d92a9ee-5d8b-4993-97c9-6181bdaa8955", 90 + true, 91 + }, 88 92 } 89 93 lfsTests := []string{ 90 94 "/owner/repo/info/lfs/", ··· 104 108 t.Run(tt.path, func(t *testing.T) { 105 109 req, _ := http.NewRequest("POST", "http://localhost"+tt.path, nil) 106 110 setting.LFS.StartServer = false 107 - if got := isGitRawReleaseOrLFSPath(req); got != tt.want { 111 + if got := isGitRawOrAttachOrLFSPath(req); got != tt.want { 108 112 t.Errorf("isGitOrLFSPath() = %v, want %v", got, tt.want) 109 113 } 110 114 setting.LFS.StartServer = true 111 - if got := isGitRawReleaseOrLFSPath(req); got != tt.want { 115 + if got := isGitRawOrAttachOrLFSPath(req); got != tt.want { 112 116 t.Errorf("isGitOrLFSPath() = %v, want %v", got, tt.want) 113 117 } 114 118 }) ··· 117 121 t.Run(tt, func(t *testing.T) { 118 122 req, _ := http.NewRequest("POST", tt, nil) 119 123 setting.LFS.StartServer = false 120 - if got := isGitRawReleaseOrLFSPath(req); got != setting.LFS.StartServer { 121 - t.Errorf("isGitOrLFSPath(%q) = %v, want %v, %v", tt, got, setting.LFS.StartServer, gitRawReleasePathRe.MatchString(tt)) 124 + if got := isGitRawOrAttachOrLFSPath(req); got != setting.LFS.StartServer { 125 + t.Errorf("isGitOrLFSPath(%q) = %v, want %v, %v", tt, got, setting.LFS.StartServer, gitRawOrAttachPathRe.MatchString(tt)) 122 126 } 123 127 setting.LFS.StartServer = true 124 - if got := isGitRawReleaseOrLFSPath(req); got != setting.LFS.StartServer { 128 + if got := isGitRawOrAttachOrLFSPath(req); got != setting.LFS.StartServer { 125 129 t.Errorf("isGitOrLFSPath(%q) = %v, want %v", tt, got, setting.LFS.StartServer) 126 130 } 127 131 })
+1 -1
services/auth/basic.go
··· 42 42 // Returns nil if header is empty or validation fails. 43 43 func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error) { 44 44 // Basic authentication should only fire on API, Download or on Git or LFSPaths 45 - if !middleware.IsAPIPath(req) && !isContainerPath(req) && !isAttachmentDownload(req) && !isGitRawReleaseOrLFSPath(req) { 45 + if !middleware.IsAPIPath(req) && !isContainerPath(req) && !isAttachmentDownload(req) && !isGitRawOrAttachOrLFSPath(req) { 46 46 return nil, nil 47 47 } 48 48
+1 -1
services/auth/oauth2.go
··· 127 127 func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStore, sess SessionStore) (*user_model.User, error) { 128 128 // These paths are not API paths, but we still want to check for tokens because they maybe in the API returned URLs 129 129 if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) && !isAuthenticatedTokenRequest(req) && 130 - !gitRawReleasePathRe.MatchString(req.URL.Path) { 130 + !isGitRawOrAttachPath(req) { 131 131 return nil, nil 132 132 } 133 133
+1 -1
services/auth/reverseproxy.go
··· 117 117 } 118 118 119 119 // Make sure requests to API paths, attachment downloads, git and LFS do not create a new session 120 - if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) && !isGitRawReleaseOrLFSPath(req) { 120 + if !middleware.IsAPIPath(req) && !isAttachmentDownload(req) && !isGitRawOrAttachOrLFSPath(req) { 121 121 if sess != nil && (sess.Get("uid") == nil || sess.Get("uid").(int64) != user.ID) { 122 122 handleSignIn(w, req, sess, user) 123 123 }
+1 -9
services/convert/attachment.go
··· 4 4 package convert 5 5 6 6 import ( 7 - "strconv" 8 - 9 7 repo_model "code.gitea.io/gitea/models/repo" 10 - "code.gitea.io/gitea/modules/setting" 11 8 api "code.gitea.io/gitea/modules/structs" 12 9 ) 13 10 ··· 16 13 } 17 14 18 15 func APIAssetDownloadURL(repo *repo_model.Repository, attach *repo_model.Attachment) string { 19 - if attach.CustomDownloadURL != "" { 20 - return attach.CustomDownloadURL 21 - } 22 - 23 - // /repos/{owner}/{repo}/releases/{id}/assets/{attachment_id} 24 - return setting.AppURL + "api/repos/" + repo.FullName() + "/releases/" + strconv.FormatInt(attach.ReleaseID, 10) + "/assets/" + strconv.FormatInt(attach.ID, 10) 16 + return attach.DownloadURL() 25 17 } 26 18 27 19 // ToAttachment converts models.Attachment to api.Attachment for API usage