gitea/modules/middleware/context.go

// Copyright 2014 The Gogs Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package middleware

import (
	"fmt"
	"html/template"
	"io"
	"net/http"
	"strings"
	"time"

	"github.com/go-macaron/cache"
	"github.com/go-macaron/csrf"
	"github.com/go-macaron/i18n"
	"github.com/go-macaron/session"
	"gopkg.in/macaron.v1"

	"github.com/gogits/git-module"

	"github.com/gogits/gogs/models"
	"github.com/gogits/gogs/modules/auth"
	"github.com/gogits/gogs/modules/base"
	"github.com/gogits/gogs/modules/log"
	"github.com/gogits/gogs/modules/setting"
)

type RepoContext struct {
	AccessMode   models.AccessMode
	IsWatching   bool
	IsViewBranch bool
	IsViewTag    bool
	IsViewCommit bool
	Repository   *models.Repository
	Owner        *models.User
	Commit       *git.Commit
	Tag          *git.Tag
	GitRepo      *git.Repository
	BranchName   string
	TagName      string
	TreeName     string
	CommitID     string
	RepoLink     string
	CloneLink    models.CloneLink
	CommitsCount int64
	Mirror       *models.Mirror
}

// Context represents context of a request.
type Context struct {
	*macaron.Context
	Cache   cache.Cache
	csrf    csrf.CSRF
	Flash   *session.Flash
	Session session.Store

	User        *models.User
	IsSigned    bool
	IsBasicAuth bool

	Repo *RepoContext

	Org struct {
		IsOwner      bool
		IsMember     bool
		IsAdminTeam  bool // In owner team or team that has admin permission level.
		Organization *models.User
		OrgLink      string

		Team *models.Team
	}
}

// IsOwner returns true if current user is the owner of repository.
func (r *RepoContext) IsOwner() bool {
	return r.AccessMode >= models.ACCESS_MODE_OWNER
}

// IsAdmin returns true if current user has admin or higher access of repository.
func (r *RepoContext) IsAdmin() bool {
	return r.AccessMode >= models.ACCESS_MODE_ADMIN
}

// IsPusher returns true if current user has write or higher access of repository.
func (r *RepoContext) IsPusher() bool {
	return r.AccessMode >= models.ACCESS_MODE_WRITE
}

// Return if the current user has read access for this repository
func (r *RepoContext) HasAccess() bool {
	return r.AccessMode >= models.ACCESS_MODE_READ
}

// HasError returns true if error occurs in form validation.
func (ctx *Context) HasApiError() bool {
	hasErr, ok := ctx.Data["HasError"]
	if !ok {
		return false
	}
	return hasErr.(bool)
}

func (ctx *Context) GetErrMsg() string {
	return ctx.Data["ErrorMsg"].(string)
}

// HasError returns true if error occurs in form validation.
func (ctx *Context) HasError() bool {
	hasErr, ok := ctx.Data["HasError"]
	if !ok {
		return false
	}
	ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)
	ctx.Data["Flash"] = ctx.Flash
	return hasErr.(bool)
}

// HasValue returns true if value of given name exists.
func (ctx *Context) HasValue(name string) bool {
	_, ok := ctx.Data[name]
	return ok
}

// HTML calls Context.HTML and converts template name to string.
func (ctx *Context) HTML(status int, name base.TplName) {
	log.Debug("Template: %s", name)
	ctx.Context.HTML(status, string(name))
}

// RenderWithErr used for page has form validation but need to prompt error to users.
func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {
	if form != nil {
		auth.AssignForm(form, ctx.Data)
	}
	ctx.Flash.ErrorMsg = msg
	ctx.Data["Flash"] = ctx.Flash
	ctx.HTML(200, tpl)
}

// Handle handles and logs error by given status.
func (ctx *Context) Handle(status int, title string, err error) {
	if err != nil {
		log.Error(4, "%s: %v", title, err)
		if macaron.Env != macaron.PROD {
			ctx.Data["ErrorMsg"] = err
		}
	}

	switch status {
	case 404:
		ctx.Data["Title"] = "Page Not Found"
	case 500:
		ctx.Data["Title"] = "Internal Server Error"
	}
	ctx.HTML(status, base.TplName(fmt.Sprintf("status/%d", status)))
}

func (ctx *Context) HandleText(status int, title string) {
	if (status/100 == 4) || (status/100 == 5) {
		log.Error(4, "%s", title)
	}
	ctx.PlainText(status, []byte(title))
}

// APIError logs error with title if status is 500.
func (ctx *Context) APIError(status int, title string, obj interface{}) {
	var message string
	if err, ok := obj.(error); ok {
		message = err.Error()
	} else {
		message = obj.(string)
	}

	if status == 500 {
		log.Error(4, "%s: %s", title, message)
	}

	ctx.JSON(status, map[string]string{
		"message": message,
		"url":     base.DOC_URL,
	})
}

func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {
	modtime := time.Now()
	for _, p := range params {
		switch v := p.(type) {
		case time.Time:
			modtime = v
		}
	}
	ctx.Resp.Header().Set("Content-Description", "File Transfer")
	ctx.Resp.Header().Set("Content-Type", "application/octet-stream")
	ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)
	ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")
	ctx.Resp.Header().Set("Expires", "0")
	ctx.Resp.Header().Set("Cache-Control", "must-revalidate")
	ctx.Resp.Header().Set("Pragma", "public")
	http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r)
}

// Contexter initializes a classic context for a request.
func Contexter() macaron.Handler {
	return func(c *macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f *session.Flash, x csrf.CSRF) {
		ctx := &Context{
			Context: c,
			Cache:   cache,
			csrf:    x,
			Flash:   f,
			Session: sess,
			Repo:    &RepoContext{},
		}
		// Compute current URL for real-time change language.
		ctx.Data["Link"] = setting.AppSubUrl + strings.TrimSuffix(ctx.Req.URL.Path, "/")

		ctx.Data["PageStartTime"] = time.Now()

		// Get user from session if logined.
		ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)

		if ctx.User != nil {
			ctx.IsSigned = true
			ctx.Data["IsSigned"] = ctx.IsSigned
			ctx.Data["SignedUser"] = ctx.User
			ctx.Data["SignedUserID"] = ctx.User.Id
			ctx.Data["SignedUserName"] = ctx.User.Name
			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
		} else {
			ctx.Data["SignedUserID"] = 0
			ctx.Data["SignedUserName"] = ""
		}

		// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.
		if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {
			if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size
				ctx.Handle(500, "ParseMultipartForm", err)
				return
			}
		}

		ctx.Data["CsrfToken"] = x.GetToken()
		ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + x.GetToken() + `">`)
		log.Debug("CSRF Token: %v | %v", ctx.Data["CsrfToken"], ctx.GetCookie("_csrf"))

		ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton
		ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding
		ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion

		c.Map(ctx)
	}
}
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`// Copyright 2014 The Gogs Authors. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

			`package middleware`

			`import (`
Clean code 2014-03-15 14:17:16 +01:00			`"fmt"`
add csrf check 2014-03-22 18:44:02 +01:00			`"html/template"`
zip archive download 2014-04-15 18:27:29 +02:00			`"io"`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`"net/http"`
Add auto-login 2014-03-22 21:40:09 +01:00			`"strings"`
fork render 2014-03-19 14:57:55 +01:00			`"time"`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00
fix import path, fix #1782 2015-10-16 03:28:12 +02:00			`"github.com/go-macaron/cache"`
			`"github.com/go-macaron/csrf"`
			`"github.com/go-macaron/i18n"`
			`"github.com/go-macaron/session"`
			`"gopkg.in/macaron.v1"`
add cache 2014-03-21 14:06:47 +01:00
rename import path 2015-12-15 23:25:45 +01:00			`"github.com/gogits/git-module"`
move out git module and #1573 send push hook 2015-12-10 02:46:05 +01:00
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`"github.com/gogits/gogs/models"`
			`"github.com/gogits/gogs/modules/auth"`
fix 2014-03-21 14:31:47 +01:00			`"github.com/gogits/gogs/modules/base"`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`"github.com/gogits/gogs/modules/log"`
Fixed #209 2014-05-26 02:11:25 +02:00			`"github.com/gogits/gogs/modules/setting"`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`)`

new create webhook UI 2015-08-26 18:30:06 +02:00			`type RepoContext struct {`
			`AccessMode models.AccessMode`
			`IsWatching bool`
unified name: IsViewBranch, IsViewCommit and IsViewTag 2015-12-09 06:32:53 +01:00			`IsViewBranch bool`
			`IsViewTag bool`
			`IsViewCommit bool`
new create webhook UI 2015-08-26 18:30:06 +02:00			`Repository *models.Repository`
			`Owner *models.User`
			`Commit *git.Commit`
			`Tag *git.Tag`
			`GitRepo *git.Repository`
			`BranchName string`
			`TagName string`
			`TreeName string`
rename fields 2015-08-31 09:24:28 +02:00			`CommitID string`
new create webhook UI 2015-08-26 18:30:06 +02:00			`RepoLink string`
			`CloneLink models.CloneLink`
move out git module and #1573 send push hook 2015-12-10 02:46:05 +01:00			`CommitsCount int64`
new create webhook UI 2015-08-26 18:30:06 +02:00			`Mirror *models.Mirror`
			`}`

Clean code 2014-03-15 14:17:16 +01:00			`// Context represents context of a request.`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`type Context struct {`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`*macaron.Context`
Convert captcha, cache, csrf as middlewares 2014-07-31 23:25:34 +02:00			`Cache cache.Cache`
			`csrf csrf.CSRF`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`Flash *session.Flash`
			`Session session.Store`

more APIs on #12 2014-11-18 17:07:16 +01:00			`User *models.User`
			`IsSigned bool`
			`IsBasicAuth bool`
modify RepoAssignment 2014-03-15 17:03:23 +01:00
wiki: finish edit 2015-11-27 07:50:38 +01:00			`Repo *RepoContext`
Page: `/org/:orgname/settings` 2014-08-14 08:12:21 +02:00
			`Org struct {`
			`IsOwner bool`
			`IsMember bool`
Finish new organization members and invitation page 2014-08-15 12:29:41 +02:00			`IsAdminTeam bool // In owner team or team that has admin permission level.`
Page: `/org/:orgname/settings` 2014-08-14 08:12:21 +02:00			`Organization *models.User`
Finish new organization members and invitation page 2014-08-15 12:29:41 +02:00			`OrgLink string`
Finish team list, create new team, join/leave team page 2014-08-16 10:21:17 +02:00
			`Team *models.Team`
Page: `/org/:orgname/settings` 2014-08-14 08:12:21 +02:00			`}`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`}`

able edit issue labels/milestone/assignee 2015-08-14 18:42:43 +02:00			`// IsOwner returns true if current user is the owner of repository.`
wiki: finish edit 2015-11-27 07:50:38 +01:00			`func (r *RepoContext) IsOwner() bool {`
able edit issue labels/milestone/assignee 2015-08-14 18:42:43 +02:00			`return r.AccessMode >= models.ACCESS_MODE_OWNER`
			`}`

			`// IsAdmin returns true if current user has admin or higher access of repository.`
wiki: finish edit 2015-11-27 07:50:38 +01:00			`func (r *RepoContext) IsAdmin() bool {`
able edit issue labels/milestone/assignee 2015-08-14 18:42:43 +02:00			`return r.AccessMode >= models.ACCESS_MODE_ADMIN`
Updating context and fixing permission issues The boolean flags in the repo context have been replaced with mode and two methods Also, the permissions have been brought more in line with https://help.github.com/articles/permission-levels-for-an-organization-repository/ , Admin Team members are able to change settings of their repositories. 2015-02-16 11:51:56 +01:00			`}`

wiki: finish edit 2015-11-27 07:50:38 +01:00			`// IsPusher returns true if current user has write or higher access of repository.`
			`func (r *RepoContext) IsPusher() bool {`
			`return r.AccessMode >= models.ACCESS_MODE_WRITE`
			`}`

Updating context and fixing permission issues The boolean flags in the repo context have been replaced with mode and two methods Also, the permissions have been brought more in line with https://help.github.com/articles/permission-levels-for-an-organization-repository/ , Admin Team members are able to change settings of their repositories. 2015-02-16 11:51:56 +01:00			`// Return if the current user has read access for this repository`
wiki: finish edit 2015-11-27 07:50:38 +01:00			`func (r *RepoContext) HasAccess() bool {`
Updating context and fixing permission issues The boolean flags in the repo context have been replaced with mode and two methods Also, the permissions have been brought more in line with https://help.github.com/articles/permission-levels-for-an-organization-repository/ , Admin Team members are able to change settings of their repositories. 2015-02-16 11:51:56 +01:00			`return r.AccessMode >= models.ACCESS_MODE_READ`
			`}`

Clean api code 2014-05-05 19:08:01 +02:00			`// HasError returns true if error occurs in form validation.`
			`func (ctx *Context) HasApiError() bool {`
			`hasErr, ok := ctx.Data["HasError"]`
			`if !ok {`
			`return false`
			`}`
			`return hasErr.(bool)`
			`}`

			`func (ctx *Context) GetErrMsg() string {`
			`return ctx.Data["ErrorMsg"].(string)`
			`}`

Clean code 2014-03-15 15:52:14 +01:00			`// HasError returns true if error occurs in form validation.`
			`func (ctx *Context) HasError() bool {`
			`hasErr, ok := ctx.Data["HasError"]`
			`if !ok {`
			`return false`
			`}`
Clean oauth code 2014-04-14 00:12:07 +02:00			`ctx.Flash.ErrorMsg = ctx.Data["ErrorMsg"].(string)`
			`ctx.Data["Flash"] = ctx.Flash`
Clean code 2014-03-15 15:52:14 +01:00			`return hasErr.(bool)`
			`}`

UI: install - new version 2015-07-08 13:47:56 +02:00			`// HasValue returns true if value of given name exists.`
			`func (ctx *Context) HasValue(name string) bool {`
			`_, ok := ctx.Data[name]`
			`return ok`
			`}`

Finish new repo settings page 2014-08-02 19:47:33 +02:00			`// HTML calls Context.HTML and converts template name to string.`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`func (ctx *Context) HTML(status int, name base.TplName) {`
#2014 allow switch branches between two orgs in compose PR 2015-12-20 07:06:54 +01:00			`log.Debug("Template: %s", name)`
Finish new repo settings page 2014-08-02 19:47:33 +02:00			`ctx.Context.HTML(status, string(name))`
Work on admin 2014-03-20 12:50:26 +01:00			`}`

Clean code 2014-03-15 15:52:14 +01:00			`// RenderWithErr used for page has form validation but need to prompt error to users.`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`func (ctx *Context) RenderWithErr(msg string, tpl base.TplName, form interface{}) {`
Add: rename repository 2014-04-03 21:50:55 +02:00			`if form != nil {`
			`auth.AssignForm(form, ctx.Data)`
			`}`
Add flash 2014-04-10 22:36:50 +02:00			`ctx.Flash.ErrorMsg = msg`
			`ctx.Data["Flash"] = ctx.Flash`
Work on admin 2014-03-20 12:50:26 +01:00			`ctx.HTML(200, tpl)`
Clean code 2014-03-15 15:52:14 +01:00			`}`

Clean code 2014-03-15 14:17:16 +01:00			`// Handle handles and logs error by given status.`
			`func (ctx *Context) Handle(status int, title string, err error) {`
Add router log config option 2014-05-02 00:53:41 +02:00			`if err != nil {`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`log.Error(4, "%s: %v", title, err)`
			`if macaron.Env != macaron.PROD {`
Add router log config option 2014-05-02 00:53:41 +02:00			`ctx.Data["ErrorMsg"] = err`
			`}`
Add some log 2014-03-19 09:48:45 +01:00			`}`

Add router log config option 2014-05-02 00:53:41 +02:00			`switch status {`
			`case 404:`
			`ctx.Data["Title"] = "Page Not Found"`
			`case 500:`
			`ctx.Data["Title"] = "Internal Server Error"`
			`}`
In progress of name template name constant 2014-06-22 19:14:03 +02:00			`ctx.HTML(status, base.TplName(fmt.Sprintf("status/%d", status)))`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`}`

Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain. 2015-03-28 15:30:05 +01:00			`func (ctx *Context) HandleText(status int, title string) {`
UI: install - new version 2015-07-08 13:47:56 +02:00			`if (status/100 == 4) \|\| (status/100 == 5) {`
Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain. 2015-03-28 15:30:05 +01:00			`log.Error(4, "%s", title)`
			`}`
fix import path, fix #1782 2015-10-16 03:28:12 +02:00			`ctx.PlainText(status, []byte(title))`
Set Content-Type to text/plain for http status 401 This is because git command line shows the failure reason only if Content-Type is text/plain. 2015-03-28 15:30:05 +01:00			`}`

unified API error response 2015-10-09 02:36:07 +02:00			`// APIError logs error with title if status is 500.`
			`func (ctx *Context) APIError(status int, title string, obj interface{}) {`
routers: able to migrate repo from local path - modules/middleware/context.go: add HandleAPI method 2015-02-22 15:49:25 +01:00			`var message string`
			`if err, ok := obj.(error); ok {`
			`message = err.Error()`
			`} else {`
			`message = obj.(string)`
			`}`
unified API error response 2015-10-09 02:36:07 +02:00
			`if status == 500 {`
			`log.Error(4, "%s: %s", title, message)`
			`}`

routers: able to migrate repo from local path - modules/middleware/context.go: add HandleAPI method 2015-02-22 15:49:25 +01:00			`ctx.JSON(status, map[string]string{`
			`"message": message,`
unified API error response 2015-10-09 02:36:07 +02:00			`"url": base.DOC_URL,`
routers: able to migrate repo from local path - modules/middleware/context.go: add HandleAPI method 2015-02-22 15:49:25 +01:00			`})`
			`}`

zip archive download 2014-04-15 18:27:29 +02:00			`func (ctx *Context) ServeContent(name string, r io.ReadSeeker, params ...interface{}) {`
			`modtime := time.Now()`
			`for _, p := range params {`
			`switch v := p.(type) {`
			`case time.Time:`
			`modtime = v`
			`}`
			`}`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`ctx.Resp.Header().Set("Content-Description", "File Transfer")`
			`ctx.Resp.Header().Set("Content-Type", "application/octet-stream")`
			`ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+name)`
			`ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary")`
			`ctx.Resp.Header().Set("Expires", "0")`
			`ctx.Resp.Header().Set("Cache-Control", "must-revalidate")`
			`ctx.Resp.Header().Set("Pragma", "public")`
Fix API broken 2014-10-19 05:26:55 +02:00			`http.ServeContent(ctx.Resp, ctx.Req.Request, name, modtime, r)`
Work on form resubmit 2014-04-10 20:37:43 +02:00			`}`

New UI merge in progress 2014-07-26 06:24:27 +02:00			`// Contexter initializes a classic context for a request.`
			`func Contexter() macaron.Handler {`
Convert captcha, cache, csrf as middlewares 2014-07-31 23:25:34 +02:00			`return func(c macaron.Context, l i18n.Locale, cache cache.Cache, sess session.Store, f session.Flash, x csrf.CSRF) {`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`ctx := &Context{`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`Context: c,`
Convert captcha, cache, csrf as middlewares 2014-07-31 23:25:34 +02:00			`Cache: cache,`
			`csrf: x,`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`Flash: f,`
			`Session: sess,`
fix panic for #2045 2015-12-04 23:20:23 +01:00			`Repo: &RepoContext{},`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`}`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`// Compute current URL for real-time change language.`
save custom avatar as PNG 2015-11-13 22:43:43 +01:00			`ctx.Data["Link"] = setting.AppSubUrl + strings.TrimSuffix(ctx.Req.URL.Path, "/")`
Work on form resubmit 2014-04-10 20:37:43 +02:00
New UI merge in progress 2014-07-26 06:24:27 +02:00			`ctx.Data["PageStartTime"] = time.Now()`
update session 2014-03-22 13:49:53 +01:00
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`// Get user from session if logined.`
#842 able to use access token replace basic auth 2015-09-02 08:40:15 +02:00			`ctx.User, ctx.IsBasicAuth = auth.SignedInUser(ctx.Context, ctx.Session)`
work on #609 2014-11-07 20:46:13 +01:00
New UI merge in progress 2014-07-26 06:24:27 +02:00			`if ctx.User != nil {`
			`ctx.IsSigned = true`
			`ctx.Data["IsSigned"] = ctx.IsSigned`
			`ctx.Data["SignedUser"] = ctx.User`
able edit issue title 2015-08-19 17:14:57 +02:00			`ctx.Data["SignedUserID"] = ctx.User.Id`
Fix #605, fix #255, fix #101 2014-11-07 04:06:41 +01:00			`ctx.Data["SignedUserName"] = ctx.User.Name`
Work on admin 2014-03-20 13:02:14 +01:00			`ctx.Data["IsAdmin"] = ctx.User.IsAdmin`
Fix #605, fix #255, fix #101 2014-11-07 04:06:41 +01:00			`} else {`
able edit issue title 2015-08-19 17:14:57 +02:00			`ctx.Data["SignedUserID"] = 0`
Fix #605, fix #255, fix #101 2014-11-07 04:06:41 +01:00			`ctx.Data["SignedUserName"] = ""`
fix context 2014-03-15 13:50:17 +01:00			`}`
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00
Add file upload for attachments 2014-07-24 15:19:59 +02:00			`// If request sends files, parse them here otherwise the Query() can't be parsed and the CsrfToken will be invalid.`
New UI merge in progress 2014-07-26 06:24:27 +02:00			`if ctx.Req.Method == "POST" && strings.Contains(ctx.Req.Header.Get("Content-Type"), "multipart/form-data") {`
			`if err := ctx.Req.ParseMultipartForm(setting.AttachmentMaxSize << 20); err != nil && !strings.Contains(err.Error(), "EOF") { // 32MB max size`
			`ctx.Handle(500, "ParseMultipartForm", err)`
Add file upload for attachments 2014-07-24 15:19:59 +02:00			`return`
			`}`
			`}`

Convert captcha, cache, csrf as middlewares 2014-07-31 23:25:34 +02:00			`ctx.Data["CsrfToken"] = x.GetToken()`
			ctx.Data["CsrfTokenHtml"] = template.HTML(`<input type="hidden" name="_csrf" value="` + x.GetToken() + `">`)
#2014 allow switch branches between two orgs in compose PR 2015-12-20 07:06:54 +01:00			`log.Debug("CSRF Token: %v \| %v", ctx.Data["CsrfToken"], ctx.GetCookie("_csrf"))`
fork render 2014-03-19 14:57:55 +01:00
code fix for #908, and work for #884 2015-02-07 03:16:23 +01:00			`ctx.Data["ShowRegistrationButton"] = setting.Service.ShowRegistrationButton`
#1080: Remove footer ads/branding from default template 2015-03-23 15:19:19 +01:00			`ctx.Data["ShowFooterBranding"] = setting.ShowFooterBranding`
fix #1957 - disable version display This allows the admin to disable the version information about gogs and go in use in the footer. 2015-11-18 22:32:31 +01:00			`ctx.Data["ShowFooterVersion"] = setting.ShowFooterVersion`
code fix for #908, and work for #884 2015-02-07 03:16:23 +01:00
move templateFuncs to one file, add middleware context. 2014-03-15 12:01:50 +01:00			`c.Map(ctx)`
			`}`
			`}`