mirror of
https://github.com/go-gitea/gitea.git
synced 2026-07-15 20:40:52 +09:00
cbe1b703dc
This PR replaces a set of struct-based `Get` lookups with explicit `db.Get` / `db.Exist` conditions in places where zero-value fields can lead to ambiguous matches or incorrect records being returned. The main goal is to make read paths deterministic and avoid accidentally matching the wrong row when only part of a struct is populated. ### What changed - replace many `db.GetEngine(ctx).Get(bean)` calls with explicit `builder.Eq` conditions across models such as actions, admin tasks, issues, pull requests, repositories, users, packages, redirects, watches, stars, and follows - use quoted column names where needed for reserved fields like `index`, `type`, and `name` - add dedicated user lookup helpers for: - primary email - OAuth login source / login name - update sign-in and OAuth-related flows to use explicit individual-user lookups instead of partially populated `User` structs - tighten package property and Terraform lock lookups to avoid ambiguous reads and updates - keep existing fallback behavior where needed, while removing reliance on zero-value struct matching ### User-facing impact These changes primarily affect authentication and account lookup paths: - email/username sign-in now re-fetches users through explicit keys - OAuth2 auto-linking now resolves users by name or primary email explicitly - OAuth2 login/sync now looks up users by login source, login type, and login name explicitly - non-individual accounts are no longer implicitly matched through partial user lookups in these flows This should reduce the risk of incorrect account matches and make query behavior more predictable across the codebase. --------- Co-authored-by: bircni <bircni@icloud.com>
89 lines
2.4 KiB
Go
89 lines
2.4 KiB
Go
// Copyright 2017 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package repo
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"strings"
|
|
|
|
"gitea.dev/models/db"
|
|
"gitea.dev/modules/util"
|
|
|
|
"xorm.io/builder"
|
|
)
|
|
|
|
// ErrRedirectNotExist represents a "RedirectNotExist" kind of error.
|
|
type ErrRedirectNotExist struct {
|
|
OwnerID int64
|
|
RepoName string
|
|
}
|
|
|
|
// IsErrRedirectNotExist check if an error is an ErrRepoRedirectNotExist.
|
|
func IsErrRedirectNotExist(err error) bool {
|
|
_, ok := err.(ErrRedirectNotExist)
|
|
return ok
|
|
}
|
|
|
|
func (err ErrRedirectNotExist) Error() string {
|
|
return fmt.Sprintf("repository redirect does not exist [uid: %d, name: %s]", err.OwnerID, err.RepoName)
|
|
}
|
|
|
|
func (err ErrRedirectNotExist) Unwrap() error {
|
|
return util.ErrNotExist
|
|
}
|
|
|
|
// Redirect represents that a repo name should be redirected to another
|
|
type Redirect struct {
|
|
ID int64 `xorm:"pk autoincr"`
|
|
OwnerID int64 `xorm:"UNIQUE(s)"`
|
|
LowerName string `xorm:"UNIQUE(s) INDEX NOT NULL"`
|
|
RedirectRepoID int64 // repoID to redirect to
|
|
}
|
|
|
|
// TableName represents real table name in database
|
|
func (Redirect) TableName() string {
|
|
return "repo_redirect"
|
|
}
|
|
|
|
func init() {
|
|
db.RegisterModel(new(Redirect))
|
|
}
|
|
|
|
// LookupRedirect look up if a repository has a redirect name
|
|
func LookupRedirect(ctx context.Context, ownerID int64, repoName string) (int64, error) {
|
|
repoName = strings.ToLower(repoName)
|
|
redirect, has, err := db.Get[Redirect](ctx, builder.Eq{"owner_id": ownerID, "lower_name": repoName})
|
|
if err != nil {
|
|
return 0, err
|
|
} else if !has {
|
|
return 0, ErrRedirectNotExist{OwnerID: ownerID, RepoName: repoName}
|
|
}
|
|
return redirect.RedirectRepoID, nil
|
|
}
|
|
|
|
// NewRedirect create a new repo redirect
|
|
func NewRedirect(ctx context.Context, ownerID, repoID int64, oldRepoName, newRepoName string) error {
|
|
oldRepoName = strings.ToLower(oldRepoName)
|
|
newRepoName = strings.ToLower(newRepoName)
|
|
|
|
if err := DeleteRedirect(ctx, ownerID, newRepoName); err != nil {
|
|
return err
|
|
}
|
|
|
|
return db.Insert(ctx, &Redirect{
|
|
OwnerID: ownerID,
|
|
LowerName: oldRepoName,
|
|
RedirectRepoID: repoID,
|
|
})
|
|
}
|
|
|
|
// DeleteRedirect delete any redirect from the specified repo name to
|
|
// anything else
|
|
func DeleteRedirect(ctx context.Context, ownerID int64, repoName string) error {
|
|
repoName = strings.ToLower(repoName)
|
|
_, err := db.GetEngine(ctx).Delete(&Redirect{OwnerID: ownerID, LowerName: repoName})
|
|
return err
|
|
}
|