mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-10-31 06:21:11 +00:00
21151ea5ce
Second part of #6327 to fix the Maven package naming. This pull request includes: * Changing the group and artifact IDs from being separated by `-` to `:` as suggested by [Maven](https://maven.apache.org/pom.html#Maven_Coordinates). * Making Maven package names case-sensitive * Migrating the database to: * Handle collisions of package names (e.g., groupId: foo- with artifactId: bar and groupId: foo with artifactId: -bar) by moving them into their own packages. * Fix the missing group ID issue (#6329). * Update lower_name to match the name value for maven pkgs to make it case-sensetive. ## Checklist The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org). ### Tests - I added test coverage for Go changes... - [x] in their respective `*_test.go` for unit tests. - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server. - I added test coverage for JavaScript changes... - [ ] in `web_src/js/*.test.js` if it can be unit tested. - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)). ### Documentation - [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change. - [x] I did not document these changes and I do not expect someone else to do it. ### Release notes - [ ] I do not want this change to show in the release notes. - [x] I want the title to show in the release notes with a link to this pull request. - [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title. Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6352 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org> Co-authored-by: Julian Schlarb <julian.schlarb@denktmit.de> Co-committed-by: Julian Schlarb <julian.schlarb@denktmit.de>
212 lines
5.8 KiB
Go
212 lines
5.8 KiB
Go
// Copyright 2021 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package generic
|
|
|
|
import (
|
|
"errors"
|
|
"net/http"
|
|
"regexp"
|
|
"strings"
|
|
"unicode"
|
|
|
|
packages_model "forgejo.org/models/packages"
|
|
"forgejo.org/modules/log"
|
|
packages_module "forgejo.org/modules/packages"
|
|
"forgejo.org/routers/api/packages/helper"
|
|
"forgejo.org/services/context"
|
|
packages_service "forgejo.org/services/packages"
|
|
)
|
|
|
|
var (
|
|
packageNameRegex = regexp.MustCompile(`\A[-_+.\w]+\z`)
|
|
filenameRegex = regexp.MustCompile(`\A[-_+=:;.()\[\]{}~!@#$%^& \w]+\z`)
|
|
)
|
|
|
|
func apiError(ctx *context.Context, status int, obj any) {
|
|
helper.LogAndProcessError(ctx, status, obj, func(message string) {
|
|
ctx.PlainText(status, message)
|
|
})
|
|
}
|
|
|
|
// DownloadPackageFile serves the specific generic package.
|
|
func DownloadPackageFile(ctx *context.Context) {
|
|
s, u, pf, err := packages_service.GetFileStreamByPackageNameAndVersion(
|
|
ctx,
|
|
&packages_service.PackageInfo{
|
|
Owner: ctx.Package.Owner,
|
|
PackageType: packages_model.TypeGeneric,
|
|
Name: ctx.Params("packagename"),
|
|
Version: ctx.Params("packageversion"),
|
|
},
|
|
&packages_service.PackageFileInfo{
|
|
Filename: ctx.Params("filename"),
|
|
},
|
|
)
|
|
if err != nil {
|
|
if err == packages_model.ErrPackageNotExist || err == packages_model.ErrPackageFileNotExist {
|
|
apiError(ctx, http.StatusNotFound, err)
|
|
return
|
|
}
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
helper.ServePackageFile(ctx, s, u, pf)
|
|
}
|
|
|
|
func isValidPackageName(packageName string) bool {
|
|
if len(packageName) == 1 && !unicode.IsLetter(rune(packageName[0])) && !unicode.IsNumber(rune(packageName[0])) {
|
|
return false
|
|
}
|
|
return packageNameRegex.MatchString(packageName) && packageName != ".."
|
|
}
|
|
|
|
func isValidFileName(filename string) bool {
|
|
return filenameRegex.MatchString(filename) &&
|
|
strings.TrimSpace(filename) == filename &&
|
|
filename != "." && filename != ".."
|
|
}
|
|
|
|
// UploadPackage uploads the specific generic package.
|
|
// Duplicated packages get rejected.
|
|
func UploadPackage(ctx *context.Context) {
|
|
packageName := ctx.Params("packagename")
|
|
filename := ctx.Params("filename")
|
|
|
|
if !isValidPackageName(packageName) {
|
|
apiError(ctx, http.StatusBadRequest, errors.New("invalid package name"))
|
|
return
|
|
}
|
|
|
|
if !isValidFileName(filename) {
|
|
apiError(ctx, http.StatusBadRequest, errors.New("invalid filename"))
|
|
return
|
|
}
|
|
|
|
packageVersion := ctx.Params("packageversion")
|
|
if packageVersion != strings.TrimSpace(packageVersion) {
|
|
apiError(ctx, http.StatusBadRequest, errors.New("invalid package version"))
|
|
return
|
|
}
|
|
|
|
upload, needToClose, err := ctx.UploadStream()
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
if needToClose {
|
|
defer upload.Close()
|
|
}
|
|
|
|
buf, err := packages_module.CreateHashedBufferFromReader(upload)
|
|
if err != nil {
|
|
log.Error("Error creating hashed buffer: %v", err)
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
defer buf.Close()
|
|
|
|
_, _, err = packages_service.CreatePackageOrAddFileToExisting(
|
|
ctx,
|
|
&packages_service.PackageCreationInfo{
|
|
PackageInfo: packages_service.PackageInfo{
|
|
Owner: ctx.Package.Owner,
|
|
PackageType: packages_model.TypeGeneric,
|
|
Name: packageName,
|
|
Version: packageVersion,
|
|
},
|
|
Creator: ctx.Doer,
|
|
},
|
|
&packages_service.PackageFileCreationInfo{
|
|
PackageFileInfo: packages_service.PackageFileInfo{
|
|
Filename: filename,
|
|
},
|
|
Creator: ctx.Doer,
|
|
Data: buf,
|
|
IsLead: true,
|
|
},
|
|
)
|
|
if err != nil {
|
|
switch err {
|
|
case packages_model.ErrDuplicatePackageFile:
|
|
apiError(ctx, http.StatusConflict, err)
|
|
case packages_service.ErrQuotaTotalCount, packages_service.ErrQuotaTypeSize, packages_service.ErrQuotaTotalSize:
|
|
apiError(ctx, http.StatusForbidden, err)
|
|
default:
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
}
|
|
return
|
|
}
|
|
|
|
ctx.Status(http.StatusCreated)
|
|
}
|
|
|
|
// DeletePackage deletes the specific generic package.
|
|
func DeletePackage(ctx *context.Context) {
|
|
err := packages_service.RemovePackageVersionByNameAndVersion(
|
|
ctx,
|
|
ctx.Doer,
|
|
&packages_service.PackageInfo{
|
|
Owner: ctx.Package.Owner,
|
|
PackageType: packages_model.TypeGeneric,
|
|
Name: ctx.Params("packagename"),
|
|
Version: ctx.Params("packageversion"),
|
|
},
|
|
)
|
|
if err != nil {
|
|
if errors.Is(err, packages_model.ErrPackageNotExist) {
|
|
apiError(ctx, http.StatusNotFound, err)
|
|
return
|
|
}
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
ctx.Status(http.StatusNoContent)
|
|
}
|
|
|
|
// DeletePackageFile deletes the specific file of a generic package.
|
|
func DeletePackageFile(ctx *context.Context) {
|
|
pv, pf, err := func() (*packages_model.PackageVersion, *packages_model.PackageFile, error) {
|
|
pv, err := packages_model.GetVersionByNameAndVersion(ctx, ctx.Package.Owner.ID, packages_model.TypeGeneric, ctx.Params("packagename"), ctx.Params("packageversion"))
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
pf, err := packages_model.GetFileForVersionByName(ctx, pv.ID, ctx.Params("filename"), packages_model.EmptyFileKey)
|
|
if err != nil {
|
|
return nil, nil, err
|
|
}
|
|
|
|
return pv, pf, nil
|
|
}()
|
|
if err != nil {
|
|
if errors.Is(err, packages_model.ErrPackageNotExist) || errors.Is(err, packages_model.ErrPackageFileNotExist) {
|
|
apiError(ctx, http.StatusNotFound, err)
|
|
return
|
|
}
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
pfs, err := packages_model.GetFilesByVersionID(ctx, pv.ID)
|
|
if err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
|
|
if len(pfs) == 1 {
|
|
if err := packages_service.RemovePackageVersion(ctx, ctx.Doer, pv); err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
} else {
|
|
if err := packages_service.DeletePackageFile(ctx, pf); err != nil {
|
|
apiError(ctx, http.StatusInternalServerError, err)
|
|
return
|
|
}
|
|
}
|
|
|
|
ctx.Status(http.StatusNoContent)
|
|
}
|