kot.pink / core
forked from tangled.org/core
Monorepo for Tangled — https://tangled.org
fork atom
core / appview / repo / router.go
at knot-xrpc 2.8 kB view raw
1package repo 2 3import ( 4 "net/http" 5 6 "github.com/go-chi/chi/v5" 7 "tangled.sh/tangled.sh/core/appview/middleware" 8) 9 10func (rp *Repo) Router(mw *middleware.Middleware) http.Handler { 11 r := chi.NewRouter() 12 r.Get("/", rp.RepoIndex) 13 r.Get("/commits/{ref}", rp.RepoLog) 14 r.Route("/tree/{ref}", func(r chi.Router) { 15 r.Get("/", rp.RepoIndex) 16 r.Get("/*", rp.RepoTree) 17 }) 18 r.Get("/commit/{ref}", rp.RepoCommit) 19 r.Get("/branches", rp.RepoBranches) 20 r.Route("/tags", func(r chi.Router) { 21 r.Get("/", rp.RepoTags) 22 r.Route("/{tag}", func(r chi.Router) { 23 r.Use(middleware.AuthMiddleware(rp.oauth)) 24 // require auth to download for now 25 r.Get("/download/{file}", rp.DownloadArtifact) 26 27 // require repo:push to upload or delete artifacts 28 // 29 // additionally: only the uploader can truly delete an artifact 30 // (record+blob will live on their pds) 31 r.Group(func(r chi.Router) { 32 r.With(mw.RepoPermissionMiddleware("repo:push")) 33 r.Post("/upload", rp.AttachArtifact) 34 r.Delete("/{file}", rp.DeleteArtifact) 35 }) 36 }) 37 }) 38 r.Get("/blob/{ref}/*", rp.RepoBlob) 39 r.Get("/raw/{ref}/*", rp.RepoBlobRaw) 40 41 // intentionally doesn't use /* as this isn't 42 // a file path 43 r.Get("/archive/{ref}", rp.DownloadArchive) 44 45 r.Route("/fork", func(r chi.Router) { 46 r.Use(middleware.AuthMiddleware(rp.oauth)) 47 r.Get("/", rp.ForkRepo) 48 r.Post("/", rp.ForkRepo) 49 r.With(mw.RepoPermissionMiddleware("repo:owner")).Route("/sync", func(r chi.Router) { 50 r.Post("/", rp.SyncRepoFork) 51 }) 52 }) 53 54 r.Route("/compare", func(r chi.Router) { 55 r.Get("/", rp.RepoCompareNew) // start an new comparison 56 57 // we have to wildcard here since we want to support GitHub's compare syntax 58 // /compare/{ref1}...{ref2} 59 // for example: 60 // /compare/master...some/feature 61 // /compare/master...example.com:another/feature <- this is a fork 62 r.Get("/{base}/{head}", rp.RepoCompare) 63 r.Get("/*", rp.RepoCompare) 64 }) 65 66 // settings routes, needs auth 67 r.Group(func(r chi.Router) { 68 r.Use(middleware.AuthMiddleware(rp.oauth)) 69 // repo description can only be edited by owner 70 r.With(mw.RepoPermissionMiddleware("repo:owner")).Route("/description", func(r chi.Router) { 71 r.Put("/", rp.RepoDescription) 72 r.Get("/", rp.RepoDescription) 73 r.Get("/edit", rp.RepoDescriptionEdit) 74 }) 75 r.With(mw.RepoPermissionMiddleware("repo:settings")).Route("/settings", func(r chi.Router) { 76 r.Get("/", rp.RepoSettings) 77 r.With(mw.RepoPermissionMiddleware("repo:owner")).Post("/spindle", rp.EditSpindle) 78 r.With(mw.RepoPermissionMiddleware("repo:invite")).Put("/collaborator", rp.AddCollaborator) 79 r.With(mw.RepoPermissionMiddleware("repo:delete")).Delete("/delete", rp.DeleteRepo) 80 r.Put("/branches/default", rp.SetDefaultBranch) 81 r.Put("/secrets", rp.Secrets) 82 r.Delete("/secrets", rp.Secrets) 83 }) 84 }) 85 86 return r 87}