julien.rbrt.fr / tangled-core
forked from tangled.org/core
Monorepo for Tangled — https://tangled.org
fork atom
tangled-core / appview / state / router.go
at improve-repo-name-checks 7.6 kB view raw
1package state 2 3import ( 4 "net/http" 5 "strings" 6 7 "github.com/go-chi/chi/v5" 8 "tangled.sh/tangled.sh/core/appview/middleware" 9 "tangled.sh/tangled.sh/core/appview/settings" 10 "tangled.sh/tangled.sh/core/appview/state/userutil" 11) 12 13func (s *State) Router() http.Handler { 14 router := chi.NewRouter() 15 16 if s.t != nil { 17 // top-level telemetry middleware 18 // router.Use(s.t.RequestDuration()) 19 // router.Use(s.t.RequestInFlight()) 20 } 21 22 router.HandleFunc("/*", func(w http.ResponseWriter, r *http.Request) { 23 pat := chi.URLParam(r, "*") 24 if strings.HasPrefix(pat, "did:") || strings.HasPrefix(pat, "@") { 25 s.UserRouter().ServeHTTP(w, r) 26 } else { 27 // Check if the first path element is a valid handle without '@' or a flattened DID 28 pathParts := strings.SplitN(pat, "/", 2) 29 if len(pathParts) > 0 { 30 if userutil.IsHandleNoAt(pathParts[0]) { 31 // Redirect to the same path but with '@' prefixed to the handle 32 redirectPath := "@" + pat 33 http.Redirect(w, r, "/"+redirectPath, http.StatusFound) 34 return 35 } else if userutil.IsFlattenedDid(pathParts[0]) { 36 // Redirect to the unflattened DID version 37 unflattenedDid := userutil.UnflattenDid(pathParts[0]) 38 var redirectPath string 39 if len(pathParts) > 1 { 40 redirectPath = unflattenedDid + "/" + pathParts[1] 41 } else { 42 redirectPath = unflattenedDid 43 } 44 http.Redirect(w, r, "/"+redirectPath, http.StatusFound) 45 return 46 } 47 } 48 s.StandardRouter().ServeHTTP(w, r) 49 } 50 }) 51 52 return router 53} 54 55func (s *State) UserRouter() http.Handler { 56 r := chi.NewRouter() 57 // strip @ from user 58 r.Use(StripLeadingAt) 59 60 r.With(ResolveIdent(s)).Route("/{user}", func(r chi.Router) { 61 r.Get("/", s.ProfilePage) 62 r.With(ResolveRepo(s)).Route("/{repo}", func(r chi.Router) { 63 r.Get("/", s.RepoIndex) 64 r.Get("/commits/{ref}", s.RepoLog) 65 r.Route("/tree/{ref}", func(r chi.Router) { 66 r.Get("/", s.RepoIndex) 67 r.Get("/*", s.RepoTree) 68 }) 69 r.Get("/commit/{ref}", s.RepoCommit) 70 r.Get("/branches", s.RepoBranches) 71 r.Route("/tags", func(r chi.Router) { 72 r.Get("/", s.RepoTags) 73 r.Route("/{tag}", func(r chi.Router) { 74 r.Use(middleware.AuthMiddleware(s.auth)) 75 // require auth to download for now 76 r.Get("/download/{file}", s.DownloadArtifact) 77 78 // require repo:push to upload or delete artifacts 79 // 80 // additionally: only the uploader can truly delete an artifact 81 // (record+blob will live on their pds) 82 r.Group(func(r chi.Router) { 83 r.With(RepoPermissionMiddleware(s, "repo:push")) 84 r.Post("/upload", s.AttachArtifact) 85 r.Delete("/{file}", s.DeleteArtifact) 86 }) 87 }) 88 }) 89 r.Get("/blob/{ref}/*", s.RepoBlob) 90 r.Get("/raw/{ref}/*", s.RepoBlobRaw) 91 92 r.Route("/issues", func(r chi.Router) { 93 r.With(middleware.Paginate).Get("/", s.RepoIssues) 94 r.Get("/{issue}", s.RepoSingleIssue) 95 96 r.Group(func(r chi.Router) { 97 r.Use(middleware.AuthMiddleware(s.auth)) 98 r.Get("/new", s.NewIssue) 99 r.Post("/new", s.NewIssue) 100 r.Post("/{issue}/comment", s.NewIssueComment) 101 r.Route("/{issue}/comment/{comment_id}/", func(r chi.Router) { 102 r.Get("/", s.IssueComment) 103 r.Delete("/", s.DeleteIssueComment) 104 r.Get("/edit", s.EditIssueComment) 105 r.Post("/edit", s.EditIssueComment) 106 }) 107 r.Post("/{issue}/close", s.CloseIssue) 108 r.Post("/{issue}/reopen", s.ReopenIssue) 109 }) 110 }) 111 112 r.Route("/fork", func(r chi.Router) { 113 r.Use(middleware.AuthMiddleware(s.auth)) 114 r.Get("/", s.ForkRepo) 115 r.Post("/", s.ForkRepo) 116 }) 117 118 r.Route("/pulls", func(r chi.Router) { 119 r.Get("/", s.RepoPulls) 120 r.With(middleware.AuthMiddleware(s.auth)).Route("/new", func(r chi.Router) { 121 r.Get("/", s.NewPull) 122 r.Get("/patch-upload", s.PatchUploadFragment) 123 r.Post("/validate-patch", s.ValidatePatch) 124 r.Get("/compare-branches", s.CompareBranchesFragment) 125 r.Get("/compare-forks", s.CompareForksFragment) 126 r.Get("/fork-branches", s.CompareForksBranchesFragment) 127 r.Post("/", s.NewPull) 128 }) 129 130 r.Route("/{pull}", func(r chi.Router) { 131 r.Use(ResolvePull(s)) 132 r.Get("/", s.RepoSinglePull) 133 134 r.Route("/round/{round}", func(r chi.Router) { 135 r.Get("/", s.RepoPullPatch) 136 r.Get("/interdiff", s.RepoPullInterdiff) 137 r.Get("/actions", s.PullActions) 138 r.With(middleware.AuthMiddleware(s.auth)).Route("/comment", func(r chi.Router) { 139 r.Get("/", s.PullComment) 140 r.Post("/", s.PullComment) 141 }) 142 }) 143 144 r.Route("/round/{round}.patch", func(r chi.Router) { 145 r.Get("/", s.RepoPullPatchRaw) 146 }) 147 148 r.Group(func(r chi.Router) { 149 r.Use(middleware.AuthMiddleware(s.auth)) 150 r.Route("/resubmit", func(r chi.Router) { 151 r.Get("/", s.ResubmitPull) 152 r.Post("/", s.ResubmitPull) 153 }) 154 r.Post("/close", s.ClosePull) 155 r.Post("/reopen", s.ReopenPull) 156 // collaborators only 157 r.Group(func(r chi.Router) { 158 r.Use(RepoPermissionMiddleware(s, "repo:push")) 159 r.Post("/merge", s.MergePull) 160 // maybe lock, etc. 161 }) 162 }) 163 }) 164 }) 165 166 // These routes get proxied to the knot 167 r.Get("/info/refs", s.InfoRefs) 168 r.Post("/git-upload-pack", s.UploadPack) 169 170 // settings routes, needs auth 171 r.Group(func(r chi.Router) { 172 r.Use(middleware.AuthMiddleware(s.auth)) 173 // repo description can only be edited by owner 174 r.With(RepoPermissionMiddleware(s, "repo:owner")).Route("/description", func(r chi.Router) { 175 r.Put("/", s.RepoDescription) 176 r.Get("/", s.RepoDescription) 177 r.Get("/edit", s.RepoDescriptionEdit) 178 }) 179 r.With(RepoPermissionMiddleware(s, "repo:settings")).Route("/settings", func(r chi.Router) { 180 r.Get("/", s.RepoSettings) 181 r.With(RepoPermissionMiddleware(s, "repo:invite")).Put("/collaborator", s.AddCollaborator) 182 r.With(RepoPermissionMiddleware(s, "repo:delete")).Delete("/delete", s.DeleteRepo) 183 r.Put("/branches/default", s.SetDefaultBranch) 184 }) 185 }) 186 }) 187 }) 188 189 r.NotFound(func(w http.ResponseWriter, r *http.Request) { 190 s.pages.Error404(w) 191 }) 192 193 return r 194} 195 196func (s *State) StandardRouter() http.Handler { 197 r := chi.NewRouter() 198 199 r.Handle("/static/*", s.pages.Static()) 200 201 r.Get("/", s.Timeline) 202 203 r.With(middleware.AuthMiddleware(s.auth)).Post("/logout", s.Logout) 204 205 r.Route("/login", func(r chi.Router) { 206 r.Get("/", s.Login) 207 r.Post("/", s.Login) 208 }) 209 210 r.Route("/knots", func(r chi.Router) { 211 r.Use(middleware.AuthMiddleware(s.auth)) 212 r.Get("/", s.Knots) 213 r.Post("/key", s.RegistrationKey) 214 215 r.Route("/{domain}", func(r chi.Router) { 216 r.Post("/init", s.InitKnotServer) 217 r.Get("/", s.KnotServerInfo) 218 r.Route("/member", func(r chi.Router) { 219 r.Use(KnotOwner(s)) 220 r.Get("/", s.ListMembers) 221 r.Put("/", s.AddMember) 222 r.Delete("/", s.RemoveMember) 223 }) 224 }) 225 }) 226 227 r.Route("/repo", func(r chi.Router) { 228 r.Route("/new", func(r chi.Router) { 229 r.Use(middleware.AuthMiddleware(s.auth)) 230 r.Get("/", s.NewRepo) 231 r.Post("/", s.NewRepo) 232 }) 233 // r.Post("/import", s.ImportRepo) 234 }) 235 236 r.With(middleware.AuthMiddleware(s.auth)).Route("/follow", func(r chi.Router) { 237 r.Post("/", s.Follow) 238 r.Delete("/", s.Follow) 239 }) 240 241 r.With(middleware.AuthMiddleware(s.auth)).Route("/star", func(r chi.Router) { 242 r.Post("/", s.Star) 243 r.Delete("/", s.Star) 244 }) 245 246 r.Mount("/settings", s.SettingsRouter()) 247 248 r.Get("/keys/{user}", s.Keys) 249 250 r.NotFound(func(w http.ResponseWriter, r *http.Request) { 251 s.pages.Error404(w) 252 }) 253 return r 254} 255 256func (s *State) SettingsRouter() http.Handler { 257 settings := &settings.Settings{ 258 Db: s.db, 259 Auth: s.auth, 260 Pages: s.pages, 261 Config: s.config, 262 } 263 264 return settings.Router() 265}