Merge branch 'main' into lunny/refactor_transfer

.eslintrc.cjs

@@ -403,7 +403,7 @@ module.exports = {
     'github/a11y-svg-has-accessible-name': [0],
     'github/array-foreach': [0],
     'github/async-currenttarget': [2],
-    'github/async-preventdefault': [2],
+    'github/async-preventdefault': [0], // https://github.com/github/eslint-plugin-github/issues/599
     'github/authenticity-token': [0],
     'github/get-attribute': [0],
     'github/js-class-name': [0],

flake.nix

@@ -29,9 +29,14 @@
             poetry
 
             # backend
+            go_1_23
             gofumpt
             sqlite
           ];
+          shellHook = ''
+            export GO="${pkgs.go_1_23}/bin/go"
+            export GOROOT="${pkgs.go_1_23}/share/go"
+          '';
         };
       }
     );

models/fixtures/access.yml

@@ -171,3 +171,9 @@
   user_id: 40
   repo_id: 61
   mode: 4
+
+-
+  id: 30
+  user_id: 40
+  repo_id: 1
+  mode: 2

models/git/branch.go

@@ -440,6 +440,8 @@ type FindRecentlyPushedNewBranchesOptions struct {
 }
 
 type RecentlyPushedNewBranch struct {
+	BranchRepo        *repo_model.Repository
+	BranchName        string
 	BranchDisplayName string
 	BranchLink        string
 	BranchCompareURL  string
@@ -540,7 +542,9 @@ func FindRecentlyPushedNewBranches(ctx context.Context, doer *user_model.User, o
 				branchDisplayName = fmt.Sprintf("%s:%s", branch.Repo.FullName(), branchDisplayName)
 			}
 			newBranches = append(newBranches, &RecentlyPushedNewBranch{
+				BranchRepo:        branch.Repo,
 				BranchDisplayName: branchDisplayName,
+				BranchName:        branch.Name,
 				BranchLink:        fmt.Sprintf("%s/src/branch/%s", branch.Repo.Link(), util.PathEscapeSegments(branch.Name)),
 				BranchCompareURL:  branch.Repo.ComposeBranchCompareURL(opts.BaseRepo, branch.Name),
 				CommitTime:        branch.CommitTime,

models/perm/access/repo_permission.go

@@ -175,10 +175,14 @@ func (p *Permission) LogString() string {
 	return fmt.Sprintf(format, args...)
 }
 
-func applyEveryoneRepoPermission(user *user_model.User, perm *Permission) {
+func finalProcessRepoUnitPermission(user *user_model.User, perm *Permission) {
 	if user == nil || user.ID <= 0 {
+		// for anonymous access, it could be:
+		// AccessMode is None or Read, units has repo units, unitModes is nil
 		return
 	}
+
+	// apply everyone access permissions
 	for _, u := range perm.units {
 		if u.EveryoneAccessMode >= perm_model.AccessModeRead && u.EveryoneAccessMode > perm.everyoneAccessMode[u.Type] {
 			if perm.everyoneAccessMode == nil {
@@ -187,17 +191,40 @@ func applyEveryoneRepoPermission(user *user_model.User, perm *Permission) {
 			perm.everyoneAccessMode[u.Type] = u.EveryoneAccessMode
 		}
 	}
+
+	if perm.unitsMode == nil {
+		// if unitsMode is not set, then it means that the default p.AccessMode applies to all units
+		return
+	}
+
+	// remove no permission units
+	origPermUnits := perm.units
+	perm.units = make([]*repo_model.RepoUnit, 0, len(perm.units))
+	for _, u := range origPermUnits {
+		shouldKeep := false
+		for t := range perm.unitsMode {
+			if shouldKeep = u.Type == t; shouldKeep {
+				break
+			}
+		}
+		for t := range perm.everyoneAccessMode {
+			if shouldKeep = shouldKeep || u.Type == t; shouldKeep {
+				break
+			}
+		}
+		if shouldKeep {
+			perm.units = append(perm.units, u)
+		}
+	}
 }
 
 // GetUserRepoPermission returns the user permissions to the repository
 func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, user *user_model.User) (perm Permission, err error) {
 	defer func() {
 		if err == nil {
-			applyEveryoneRepoPermission(user, &perm)
-		}
-		if log.IsTrace() {
-			log.Trace("Permission Loaded for user %-v in repo %-v, permissions: %-+v", user, repo, perm)
+			finalProcessRepoUnitPermission(user, &perm)
 		}
+		log.Trace("Permission Loaded for user %-v in repo %-v, permissions: %-+v", user, repo, perm)
 	}()
 
 	if err = repo.LoadUnits(ctx); err != nil {
@@ -294,16 +321,6 @@ func GetUserRepoPermission(ctx context.Context, repo *repo_model.Repository, use
 		}
 	}
 
-	// remove no permission units
-	perm.units = make([]*repo_model.RepoUnit, 0, len(repo.Units))
-	for t := range perm.unitsMode {
-		for _, u := range repo.Units {
-			if u.Type == t {
-				perm.units = append(perm.units, u)
-			}
-		}
-	}
-
 	return perm, err
 }
 

models/perm/access/repo_permission_test.go

@@ -50,7 +50,7 @@ func TestApplyEveryoneRepoPermission(t *testing.T) {
 			{Type: unit.TypeWiki, EveryoneAccessMode: perm_model.AccessModeRead},
 		},
 	}
-	applyEveryoneRepoPermission(nil, &perm)
+	finalProcessRepoUnitPermission(nil, &perm)
 	assert.False(t, perm.CanRead(unit.TypeWiki))
 
 	perm = Permission{
@@ -59,7 +59,7 @@ func TestApplyEveryoneRepoPermission(t *testing.T) {
 			{Type: unit.TypeWiki, EveryoneAccessMode: perm_model.AccessModeRead},
 		},
 	}
-	applyEveryoneRepoPermission(&user_model.User{ID: 0}, &perm)
+	finalProcessRepoUnitPermission(&user_model.User{ID: 0}, &perm)
 	assert.False(t, perm.CanRead(unit.TypeWiki))
 
 	perm = Permission{
@@ -68,7 +68,7 @@ func TestApplyEveryoneRepoPermission(t *testing.T) {
 			{Type: unit.TypeWiki, EveryoneAccessMode: perm_model.AccessModeRead},
 		},
 	}
-	applyEveryoneRepoPermission(&user_model.User{ID: 1}, &perm)
+	finalProcessRepoUnitPermission(&user_model.User{ID: 1}, &perm)
 	assert.True(t, perm.CanRead(unit.TypeWiki))
 
 	perm = Permission{
@@ -77,20 +77,22 @@ func TestApplyEveryoneRepoPermission(t *testing.T) {
 			{Type: unit.TypeWiki, EveryoneAccessMode: perm_model.AccessModeRead},
 		},
 	}
-	applyEveryoneRepoPermission(&user_model.User{ID: 1}, &perm)
+	finalProcessRepoUnitPermission(&user_model.User{ID: 1}, &perm)
 	// it should work the same as "EveryoneAccessMode: none" because the default AccessMode should be applied to units
 	assert.True(t, perm.CanWrite(unit.TypeWiki))
 
 	perm = Permission{
 		units: []*repo_model.RepoUnit{
+			{Type: unit.TypeCode}, // will be removed
 			{Type: unit.TypeWiki, EveryoneAccessMode: perm_model.AccessModeRead},
 		},
 		unitsMode: map[unit.Type]perm_model.AccessMode{
 			unit.TypeWiki: perm_model.AccessModeWrite,
 		},
 	}
-	applyEveryoneRepoPermission(&user_model.User{ID: 1}, &perm)
+	finalProcessRepoUnitPermission(&user_model.User{ID: 1}, &perm)
 	assert.True(t, perm.CanWrite(unit.TypeWiki))
+	assert.Len(t, perm.units, 1)
 }
 
 func TestUnitAccessMode(t *testing.T) {

models/repo/license.go

@@ -54,6 +54,7 @@ func UpdateRepoLicenses(ctx context.Context, repo *Repository, commitID string,
 		for _, o := range oldLicenses {
 			// Update already existing license
 			if o.License == license {
+				o.CommitID = commitID
 				if _, err := db.GetEngine(ctx).ID(o.ID).Cols("`commit_id`").Update(o); err != nil {
 					return err
 				}

models/unittest/fscopy.go

@@ -11,35 +11,13 @@ import (
 	"code.gitea.io/gitea/modules/util"
 )
 
-// Copy copies file from source to target path.
-func Copy(src, dest string) error {
-	// Gather file information to set back later.
-	si, err := os.Lstat(src)
-	if err != nil {
-		return err
-	}
-
-	// Handle symbolic link.
-	if si.Mode()&os.ModeSymlink != 0 {
-		target, err := os.Readlink(src)
-		if err != nil {
-			return err
-		}
-		// NOTE: os.Chmod and os.Chtimes don't recognize symbolic link,
-		// which will lead "no such file or directory" error.
-		return os.Symlink(target, dest)
-	}
-
-	return util.CopyFile(src, dest)
-}
-
-// Sync synchronizes the two files. This is skipped if both files
+// SyncFile synchronizes the two files. This is skipped if both files
 // exist and the size, modtime, and mode match.
-func Sync(srcPath, destPath string) error {
+func SyncFile(srcPath, destPath string) error {
 	dest, err := os.Stat(destPath)
 	if err != nil {
 		if os.IsNotExist(err) {
-			return Copy(srcPath, destPath)
+			return util.CopyFile(srcPath, destPath)
 		}
 		return err
 	}
@@ -55,7 +33,7 @@ func Sync(srcPath, destPath string) error {
 		return nil
 	}
 
-	return Copy(srcPath, destPath)
+	return util.CopyFile(srcPath, destPath)
 }
 
 // SyncDirs synchronizes files recursively from source to target directory.
@@ -66,23 +44,31 @@ func SyncDirs(srcPath, destPath string) error {
 		return err
 	}
 
+	// the keep file is used to keep the directory in a git repository, it doesn't need to be synced
+	// and go-git doesn't work with the ".keep" file (it would report errors like "ref is empty")
+	const keepFile = ".keep"
+
 	// find and delete all untracked files
 	destFiles, err := util.ListDirRecursively(destPath, &util.ListDirOptions{IncludeDir: true})
 	if err != nil {
 		return err
 	}
 	for _, destFile := range destFiles {
 		destFilePath := filepath.Join(destPath, destFile)
+		shouldRemove := filepath.Base(destFilePath) == keepFile
 		if _, err = os.Stat(filepath.Join(srcPath, destFile)); err != nil {
 			if os.IsNotExist(err) {
-				// if src file does not exist, remove dest file
-				if err = os.RemoveAll(destFilePath); err != nil {
-					return err
-				}
+				shouldRemove = true
 			} else {
 				return err
 			}
 		}
+		// if src file does not exist, remove dest file
+		if shouldRemove {
+			if err = os.RemoveAll(destFilePath); err != nil {
+				return err
+			}
+		}
 	}
 
 	// sync src files to dest
@@ -95,8 +81,8 @@ func SyncDirs(srcPath, destPath string) error {
 		// util.ListDirRecursively appends a slash to the directory name
 		if strings.HasSuffix(srcFile, "/") {
 			err = os.MkdirAll(destFilePath, os.ModePerm)
-		} else {
-			err = Sync(filepath.Join(srcPath, srcFile), destFilePath)
+		} else if filepath.Base(destFilePath) != keepFile {
+			err = SyncFile(filepath.Join(srcPath, srcFile), destFilePath)
 		}
 		if err != nil {
 			return err

modules/repository/branch.go

@@ -6,7 +6,6 @@ package repository
 import (
 	"context"
 	"fmt"
-	"strings"
 
 	"code.gitea.io/gitea/models/db"
 	git_model "code.gitea.io/gitea/models/git"
@@ -52,9 +51,6 @@ func SyncRepoBranchesWithRepo(ctx context.Context, repo *repo_model.Repository,
 	{
 		branches, _, err := gitRepo.GetBranchNames(0, 0)
 		if err != nil {
-			if strings.Contains(err.Error(), "ref file is empty") {
-				return 0, nil
-			}
 			return 0, err
 		}
 		log.Trace("SyncRepoBranches[%s]: branches[%d]: %v", repo.FullName(), len(branches), branches)

modules/web/handler.go

@@ -121,7 +121,7 @@ func wrapHandlerProvider[T http.Handler](hp func(next http.Handler) T, funcInfo
 	return func(next http.Handler) http.Handler {
 		h := hp(next) // this handle could be dynamically generated, so we can't use it for debug info
 		return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) {
-			routing.UpdateFuncInfo(req.Context(), funcInfo)
+			defer routing.RecordFuncInfo(req.Context(), funcInfo)()
 			h.ServeHTTP(resp, req)
 		})
 	}
@@ -157,7 +157,7 @@ func toHandlerProvider(handler any) func(next http.Handler) http.Handler {
 				return // it's doing pre-check, just return
 			}
 
-			routing.UpdateFuncInfo(req.Context(), funcInfo)
+			defer routing.RecordFuncInfo(req.Context(), funcInfo)()
 			ret := fn.Call(argsIn)
 
 			// handle the return value (no-op at the moment)

modules/web/routing/context.go

@@ -12,16 +12,18 @@ type contextKeyType struct{}
 
 var contextKey contextKeyType
 
-// UpdateFuncInfo updates a context's func info
-func UpdateFuncInfo(ctx context.Context, funcInfo *FuncInfo) {
-	record, ok := ctx.Value(contextKey).(*requestRecord)
-	if !ok {
-		return
+// RecordFuncInfo records a func info into context
+func RecordFuncInfo(ctx context.Context, funcInfo *FuncInfo) (end func()) {
+	// TODO: reqCtx := reqctx.FromContext(ctx), add trace support
+	end = func() {}
+
+	// save the func info into the context record
+	if record, ok := ctx.Value(contextKey).(*requestRecord); ok {
+		record.lock.Lock()
+		record.funcInfo = funcInfo
+		record.lock.Unlock()
 	}
-
-	record.lock.Lock()
-	record.funcInfo = funcInfo
-	record.lock.Unlock()
+	return end
 }
 
 // MarkLongPolling marks the request is a long-polling request, and the logger may output different message for it