appview/repo/router.go at v1.11.0-alpha · julien.rbrt.fr/tangled-core

Monorepo for Tangled — https://tangled.org
tangled-core / appview / repo / router.go
at v1.11.0-alpha 3.1 kB view raw
 1package repo
 2
 3import (
 4	"net/http"
 5
 6	"github.com/go-chi/chi/v5"
 7	"tangled.org/core/appview/middleware"
 8)
 9
10func (rp *Repo) Router(mw *middleware.Middleware) http.Handler {
11	r := chi.NewRouter()
12	r.Get("/", rp.Index)
13	r.Get("/opengraph", rp.Opengraph)
14	r.Get("/feed.atom", rp.AtomFeed)
15	r.Get("/commits/{ref}", rp.Log)
16	r.Route("/tree/{ref}", func(r chi.Router) {
17		r.Get("/", rp.Index)
18		r.Get("/*", rp.Tree)
19	})
20	r.Get("/commit/{ref}", rp.Commit)
21	r.Get("/branches", rp.Branches)
22	r.Delete("/branches", rp.DeleteBranch)
23	r.Route("/tags", func(r chi.Router) {
24		r.Get("/", rp.Tags)
25		r.Route("/{tag}", func(r chi.Router) {
26			r.Get("/download/{file}", rp.DownloadArtifact)
27
28			// require repo:push to upload or delete artifacts
29			//
30			// additionally: only the uploader can truly delete an artifact
31			// (record+blob will live on their pds)
32			r.Group(func(r chi.Router) {
33				r.Use(middleware.AuthMiddleware(rp.oauth))
34				r.Use(mw.RepoPermissionMiddleware("repo:push"))
35				r.Post("/upload", rp.AttachArtifact)
36				r.Delete("/{file}", rp.DeleteArtifact)
37			})
38		})
39	})
40	r.Get("/blob/{ref}/*", rp.Blob)
41	r.Get("/raw/{ref}/*", rp.RepoBlobRaw)
42
43	// intentionally doesn't use /* as this isn't
44	// a file path
45	r.Get("/archive/{ref}", rp.DownloadArchive)
46
47	r.Route("/fork", func(r chi.Router) {
48		r.Use(middleware.AuthMiddleware(rp.oauth))
49		r.Get("/", rp.ForkRepo)
50		r.Post("/", rp.ForkRepo)
51		r.With(mw.RepoPermissionMiddleware("repo:owner")).Route("/sync", func(r chi.Router) {
52			r.Post("/", rp.SyncRepoFork)
53		})
54	})
55
56	r.Route("/compare", func(r chi.Router) {
57		r.Get("/", rp.CompareNew) // start an new comparison
58
59		// we have to wildcard here since we want to support GitHub's compare syntax
60		//   /compare/{ref1}...{ref2}
61		// for example:
62		//   /compare/master...some/feature
63		//   /compare/master...example.com:another/feature <- this is a fork
64		r.Get("/*", rp.Compare)
65	})
66
67	// label panel in issues/pulls/discussions/tasks
68	r.Route("/label", func(r chi.Router) {
69		r.Get("/", rp.LabelPanel)
70		r.Get("/edit", rp.EditLabelPanel)
71	})
72
73	// settings routes, needs auth
74	r.Group(func(r chi.Router) {
75		r.Use(middleware.AuthMiddleware(rp.oauth))
76		r.With(mw.RepoPermissionMiddleware("repo:settings")).Route("/settings", func(r chi.Router) {
77			r.Get("/", rp.Settings)
78			r.With(mw.RepoPermissionMiddleware("repo:owner")).Put("/base", rp.EditBaseSettings)
79			r.With(mw.RepoPermissionMiddleware("repo:owner")).Post("/spindle", rp.EditSpindle)
80			r.With(mw.RepoPermissionMiddleware("repo:owner")).Put("/label", rp.AddLabelDef)
81			r.With(mw.RepoPermissionMiddleware("repo:owner")).Delete("/label", rp.DeleteLabelDef)
82			r.With(mw.RepoPermissionMiddleware("repo:owner")).Post("/label/subscribe", rp.SubscribeLabel)
83			r.With(mw.RepoPermissionMiddleware("repo:owner")).Post("/label/unsubscribe", rp.UnsubscribeLabel)
84			r.With(mw.RepoPermissionMiddleware("repo:invite")).Put("/collaborator", rp.AddCollaborator)
85			r.With(mw.RepoPermissionMiddleware("repo:delete")).Delete("/delete", rp.DeleteRepo)
86			r.Put("/branches/default", rp.SetDefaultBranch)
87			r.Put("/secrets", rp.Secrets)
88			r.Delete("/secrets", rp.Secrets)
89		})
90	})
91
92	return r
93}