diff --git a/pkg/context/context.go b/pkg/context/context.go index 0b1ebbc71..a098e3a74 100644 --- a/pkg/context/context.go +++ b/pkg/context/context.go @@ -137,13 +137,13 @@ func (c *Context) SubURLRedirect(location string, status ...int) { } // RenderWithErr used for page has form validation but need to prompt error to users. -func (c *Context) RenderWithErr(msg, tpl string, f interface{}) { +func (c *Context) RenderWithErr(msg, tpl string, f interface{}, http_status int) { if f != nil { form.Assign(f, c.Data) } c.Flash.ErrorMsg = msg c.Data["Flash"] = c.Flash - c.HTML(http.StatusOK, tpl) + c.HTML(http_status, tpl) } // Handle handles and logs error by given status. diff --git a/routes/admin/auths.go b/routes/admin/auths.go index 56a0aad60..7b3bdcac8 100644 --- a/routes/admin/auths.go +++ b/routes/admin/auths.go @@ -6,6 +6,7 @@ package admin import ( "fmt" + "net/http" "github.com/Unknwon/com" "github.com/go-xorm/core" @@ -158,7 +159,7 @@ func NewAuthSourcePost(c *context.Context, f form.Authentication) { }); err != nil { if models.IsErrLoginSourceAlreadyExist(err) { c.Data["Err_Name"] = true - c.RenderWithErr(c.Tr("admin.auths.login_source_exist", err.(models.ErrLoginSourceAlreadyExist).Name), AUTH_NEW, f) + c.RenderWithErr(c.Tr("admin.auths.login_source_exist", err.(models.ErrLoginSourceAlreadyExist).Name), AUTH_NEW, f, http.StatusBadRequest) } else { c.Handle(500, "CreateSource", err) } diff --git a/routes/admin/users.go b/routes/admin/users.go index cfeb73de0..5925366a1 100644 --- a/routes/admin/users.go +++ b/routes/admin/users.go @@ -6,6 +6,7 @@ package admin import ( "strings" + "net/http" "github.com/Unknwon/com" log "gopkg.in/clog.v1" @@ -97,16 +98,16 @@ func NewUserPost(c *context.Context, f form.AdminCrateUser) { switch { case models.IsErrUserAlreadyExist(err): c.Data["Err_UserName"] = true - c.RenderWithErr(c.Tr("form.username_been_taken"), USER_NEW, &f) + c.RenderWithErr(c.Tr("form.username_been_taken"), USER_NEW, &f, http.StatusBadRequest) case models.IsErrEmailAlreadyUsed(err): c.Data["Err_Email"] = true - c.RenderWithErr(c.Tr("form.email_been_used"), USER_NEW, &f) + c.RenderWithErr(c.Tr("form.email_been_used"), USER_NEW, &f, http.StatusBadRequest) case models.IsErrNameReserved(err): c.Data["Err_UserName"] = true - c.RenderWithErr(c.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), USER_NEW, &f) + c.RenderWithErr(c.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), USER_NEW, &f, http.StatusBadRequest) case models.IsErrNamePatternNotAllowed(err): c.Data["Err_UserName"] = true - c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), USER_NEW, &f) + c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), USER_NEW, &f, http.StatusBadRequest) default: c.Handle(500, "CreateUser", err) } @@ -217,7 +218,7 @@ func EditUserPost(c *context.Context, f form.AdminEditUser) { if err := models.UpdateUser(u); err != nil { if models.IsErrEmailAlreadyUsed(err) { c.Data["Err_Email"] = true - c.RenderWithErr(c.Tr("form.email_been_used"), USER_EDIT, &f) + c.RenderWithErr(c.Tr("form.email_been_used"), USER_EDIT, &f, http.StatusBadRequest) } else { c.Handle(500, "UpdateUser", err) } diff --git a/routes/install.go b/routes/install.go index 948c67c2d..7c2facdfa 100644 --- a/routes/install.go +++ b/routes/install.go @@ -6,6 +6,7 @@ package routes import ( "net/mail" + "net/http" "os" "os/exec" "path/filepath" @@ -186,7 +187,7 @@ func InstallPost(c *context.Context, f form.Install) { } if _, err := exec.LookPath("git"); err != nil { - c.RenderWithErr(c.Tr("install.test_git_failed", err), INSTALL, &f) + c.RenderWithErr(c.Tr("install.test_git_failed", err), INSTALL, &f, http.StatusOK) return } @@ -203,7 +204,7 @@ func InstallPost(c *context.Context, f form.Install) { if models.DbCfg.Type == "sqlite3" && len(models.DbCfg.Path) == 0 { c.FormErr("DbPath") - c.RenderWithErr(c.Tr("install.err_empty_db_path"), INSTALL, &f) + c.RenderWithErr(c.Tr("install.err_empty_db_path"), INSTALL, &f, http.StatusBadRequest) return } @@ -212,10 +213,10 @@ func InstallPost(c *context.Context, f form.Install) { if err := models.NewTestEngine(x); err != nil { if strings.Contains(err.Error(), `Unknown database type: sqlite3`) { c.FormErr("DbType") - c.RenderWithErr(c.Tr("install.sqlite3_not_available", "https://gogs.io/docs/installation/install_from_binary.html"), INSTALL, &f) + c.RenderWithErr(c.Tr("install.sqlite3_not_available", "https://gogs.io/docs/installation/install_from_binary.html"), INSTALL, &f, http.StatusOK) } else { c.FormErr("DbSetting") - c.RenderWithErr(c.Tr("install.invalid_db_setting", err), INSTALL, &f) + c.RenderWithErr(c.Tr("install.invalid_db_setting", err), INSTALL, &f, http.StatusOK) } return } @@ -224,7 +225,7 @@ func InstallPost(c *context.Context, f form.Install) { f.RepoRootPath = strings.Replace(f.RepoRootPath, "\\", "/", -1) if err := os.MkdirAll(f.RepoRootPath, os.ModePerm); err != nil { c.FormErr("RepoRootPath") - c.RenderWithErr(c.Tr("install.invalid_repo_path", err), INSTALL, &f) + c.RenderWithErr(c.Tr("install.invalid_repo_path", err), INSTALL, &f, http.StatusOK) return } @@ -232,21 +233,21 @@ func InstallPost(c *context.Context, f form.Install) { f.LogRootPath = strings.Replace(f.LogRootPath, "\\", "/", -1) if err := os.MkdirAll(f.LogRootPath, os.ModePerm); err != nil { c.FormErr("LogRootPath") - c.RenderWithErr(c.Tr("install.invalid_log_root_path", err), INSTALL, &f) + c.RenderWithErr(c.Tr("install.invalid_log_root_path", err), INSTALL, &f, http.StatusOK) return } currentUser, match := setting.IsRunUserMatchCurrentUser(f.RunUser) if !match { c.FormErr("RunUser") - c.RenderWithErr(c.Tr("install.run_user_not_match", f.RunUser, currentUser), INSTALL, &f) + c.RenderWithErr(c.Tr("install.run_user_not_match", f.RunUser, currentUser), INSTALL, &f, http.StatusOK) return } // Check host address and port if len(f.SMTPHost) > 0 && !strings.Contains(f.SMTPHost, ":") { c.FormErr("SMTP", "SMTPHost") - c.RenderWithErr(c.Tr("install.smtp_host_missing_port"), INSTALL, &f) + c.RenderWithErr(c.Tr("install.smtp_host_missing_port"), INSTALL, &f, http.StatusOK) return } @@ -255,7 +256,7 @@ func InstallPost(c *context.Context, f form.Install) { _, err := mail.ParseAddress(f.SMTPFrom) if err != nil { c.FormErr("SMTP", "SMTPFrom") - c.RenderWithErr(c.Tr("install.invalid_smtp_from", err), INSTALL, &f) + c.RenderWithErr(c.Tr("install.invalid_smtp_from", err), INSTALL, &f, http.StatusOK) return } } @@ -263,19 +264,19 @@ func InstallPost(c *context.Context, f form.Install) { // Check logic loophole between disable self-registration and no admin account. if f.DisableRegistration && len(f.AdminName) == 0 { c.FormErr("Services", "Admin") - c.RenderWithErr(c.Tr("install.no_admin_and_disable_registration"), INSTALL, f) + c.RenderWithErr(c.Tr("install.no_admin_and_disable_registration"), INSTALL, f, http.StatusOK) return } // Check admin password. if len(f.AdminName) > 0 && len(f.AdminPasswd) == 0 { c.FormErr("Admin", "AdminPasswd") - c.RenderWithErr(c.Tr("install.err_empty_admin_password"), INSTALL, f) + c.RenderWithErr(c.Tr("install.err_empty_admin_password"), INSTALL, f, http.StatusOK) return } if f.AdminPasswd != f.AdminConfirmPasswd { c.FormErr("Admin", "AdminPasswd") - c.RenderWithErr(c.Tr("form.password_not_match"), INSTALL, f) + c.RenderWithErr(c.Tr("form.password_not_match"), INSTALL, f, http.StatusOK) return } @@ -348,14 +349,14 @@ func InstallPost(c *context.Context, f form.Install) { cfg.Section("security").Key("INSTALL_LOCK").SetValue("true") secretKey, err := tool.RandomString(15) if err != nil { - c.RenderWithErr(c.Tr("install.secret_key_failed", err), INSTALL, &f) + c.RenderWithErr(c.Tr("install.secret_key_failed", err), INSTALL, &f, http.StatusInternalServerError) return } cfg.Section("security").Key("SECRET_KEY").SetValue(secretKey) os.MkdirAll(filepath.Dir(setting.CustomConf), os.ModePerm) if err := cfg.SaveTo(setting.CustomConf); err != nil { - c.RenderWithErr(c.Tr("install.save_config_failed", err), INSTALL, &f) + c.RenderWithErr(c.Tr("install.save_config_failed", err), INSTALL, &f, http.StatusInternalServerError) return } @@ -374,7 +375,7 @@ func InstallPost(c *context.Context, f form.Install) { if !models.IsErrUserAlreadyExist(err) { setting.InstallLock = false c.FormErr("AdminName", "AdminEmail") - c.RenderWithErr(c.Tr("install.invalid_admin_setting", err), INSTALL, &f) + c.RenderWithErr(c.Tr("install.invalid_admin_setting", err), INSTALL, &f, http.StatusBadRequest) return } log.Info("Admin account already exist") diff --git a/routes/org/org.go b/routes/org/org.go index 775e9915d..023fcdc4d 100644 --- a/routes/org/org.go +++ b/routes/org/org.go @@ -5,6 +5,7 @@ package org import ( + "net/http" log "gopkg.in/clog.v1" "github.com/gogits/gogs/models" @@ -40,11 +41,11 @@ func CreatePost(c *context.Context, f form.CreateOrg) { c.Data["Err_OrgName"] = true switch { case models.IsErrUserAlreadyExist(err): - c.RenderWithErr(c.Tr("form.org_name_been_taken"), CREATE, &f) + c.RenderWithErr(c.Tr("form.org_name_been_taken"), CREATE, &f, http.StatusBadRequest) case models.IsErrNameReserved(err): - c.RenderWithErr(c.Tr("org.form.name_reserved", err.(models.ErrNameReserved).Name), CREATE, &f) + c.RenderWithErr(c.Tr("org.form.name_reserved", err.(models.ErrNameReserved).Name), CREATE, &f, http.StatusBadRequest) case models.IsErrNamePatternNotAllowed(err): - c.RenderWithErr(c.Tr("org.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), CREATE, &f) + c.RenderWithErr(c.Tr("org.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), CREATE, &f, http.StatusBadRequest) default: c.Handle(500, "CreateOrganization", err) } diff --git a/routes/org/setting.go b/routes/org/setting.go index 397ffa8f7..5fbe30c33 100644 --- a/routes/org/setting.go +++ b/routes/org/setting.go @@ -6,6 +6,7 @@ package org import ( "strings" + "net/http" log "gopkg.in/clog.v1" @@ -48,15 +49,15 @@ func SettingsPost(c *context.Context, f form.UpdateOrgSetting) { return } else if isExist { c.Data["OrgName"] = true - c.RenderWithErr(c.Tr("form.username_been_taken"), SETTINGS_OPTIONS, &f) + c.RenderWithErr(c.Tr("form.username_been_taken"), SETTINGS_OPTIONS, &f, http.StatusBadRequest) return } else if err = models.ChangeUserName(org, f.Name); err != nil { c.Data["OrgName"] = true switch { case models.IsErrNameReserved(err): - c.RenderWithErr(c.Tr("user.form.name_reserved"), SETTINGS_OPTIONS, &f) + c.RenderWithErr(c.Tr("user.form.name_reserved"), SETTINGS_OPTIONS, &f, http.StatusBadRequest) case models.IsErrNamePatternNotAllowed(err): - c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed"), SETTINGS_OPTIONS, &f) + c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed"), SETTINGS_OPTIONS, &f, http.StatusBadRequest) default: c.Handle(500, "ChangeUserName", err) } @@ -114,7 +115,7 @@ func SettingsDelete(c *context.Context) { if c.Req.Method == "POST" { if _, err := models.UserSignIn(c.User.Name, c.Query("password")); err != nil { if errors.IsUserNotExist(err) { - c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil) + c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil, http.StatusBadRequest) } else { c.Handle(500, "UserSignIn", err) } diff --git a/routes/org/teams.go b/routes/org/teams.go index c97d470d0..8b45d526e 100644 --- a/routes/org/teams.go +++ b/routes/org/teams.go @@ -6,6 +6,7 @@ package org import ( "path" + "net/http" "github.com/Unknwon/com" log "gopkg.in/clog.v1" @@ -171,9 +172,9 @@ func NewTeamPost(c *context.Context, f form.CreateTeam) { c.Data["Err_TeamName"] = true switch { case models.IsErrTeamAlreadyExist(err): - c.RenderWithErr(c.Tr("form.team_name_been_taken"), TEAM_NEW, &f) + c.RenderWithErr(c.Tr("form.team_name_been_taken"), TEAM_NEW, &f, http.StatusBadRequest) case models.IsErrNameReserved(err): - c.RenderWithErr(c.Tr("org.form.team_name_reserved", err.(models.ErrNameReserved).Name), TEAM_NEW, &f) + c.RenderWithErr(c.Tr("org.form.team_name_reserved", err.(models.ErrNameReserved).Name), TEAM_NEW, &f, http.StatusBadRequest) default: c.Handle(500, "NewTeam", err) } @@ -249,7 +250,7 @@ func EditTeamPost(c *context.Context, f form.CreateTeam) { c.Data["Err_TeamName"] = true switch { case models.IsErrTeamAlreadyExist(err): - c.RenderWithErr(c.Tr("form.team_name_been_taken"), TEAM_NEW, &f) + c.RenderWithErr(c.Tr("form.team_name_been_taken"), TEAM_NEW, &f, http.StatusBadRequest) default: c.Handle(500, "UpdateTeam", err) } diff --git a/routes/repo/editor.go b/routes/repo/editor.go index 4cd78d70f..7ebe0975b 100644 --- a/routes/repo/editor.go +++ b/routes/repo/editor.go @@ -165,14 +165,14 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) { if len(f.TreePath) == 0 { c.FormErr("TreePath") - c.RenderWithErr(c.Tr("repo.editor.filename_cannot_be_empty"), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.filename_cannot_be_empty"), EDIT_FILE, &f, http.StatusBadRequest) return } if oldBranchName != branchName { if _, err := c.Repo.Repository.GetBranch(branchName); err == nil { c.FormErr("NewBranchName") - c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), EDIT_FILE, &f, http.StatusBadRequest) return } } @@ -193,17 +193,17 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) { if index != len(treeNames)-1 { if !entry.IsDir() { c.FormErr("TreePath") - c.RenderWithErr(c.Tr("repo.editor.directory_is_a_file", part), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.directory_is_a_file", part), EDIT_FILE, &f, http.StatusBadRequest) return } } else { if entry.IsLink() { c.FormErr("TreePath") - c.RenderWithErr(c.Tr("repo.editor.file_is_a_symlink", part), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.file_is_a_symlink", part), EDIT_FILE, &f, http.StatusBadRequest) return } else if entry.IsDir() { c.FormErr("TreePath") - c.RenderWithErr(c.Tr("repo.editor.filename_is_a_directory", part), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.filename_is_a_directory", part), EDIT_FILE, &f, http.StatusBadRequest) return } } @@ -214,7 +214,7 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) { if err != nil { if git.IsErrNotExist(err) { c.FormErr("TreePath") - c.RenderWithErr(c.Tr("repo.editor.file_editing_no_longer_exists", oldTreePath), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.file_editing_no_longer_exists", oldTreePath), EDIT_FILE, &f, http.StatusBadRequest) } else { c.ServerError("GetTreeEntryByPath", err) } @@ -229,7 +229,7 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) { for _, file := range files { if file == f.TreePath { - c.RenderWithErr(c.Tr("repo.editor.file_changed_while_editing", c.Repo.RepoLink+"/compare/"+lastCommit+"..."+c.Repo.CommitID), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.file_changed_while_editing", c.Repo.RepoLink+"/compare/"+lastCommit+"..."+c.Repo.CommitID), EDIT_FILE, &f, http.StatusInternalServerError) return } } @@ -247,7 +247,7 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) { } if entry != nil { c.FormErr("TreePath") - c.RenderWithErr(c.Tr("repo.editor.file_already_exists", f.TreePath), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.file_already_exists", f.TreePath), EDIT_FILE, &f, http.StatusBadRequest) return } } @@ -277,7 +277,7 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) { IsNewFile: isNewFile, }); err != nil { c.FormErr("TreePath") - c.RenderWithErr(c.Tr("repo.editor.fail_to_update_file", f.TreePath, err), EDIT_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.fail_to_update_file", f.TreePath, err), EDIT_FILE, &f, http.StatusInternalServerError) return } @@ -358,7 +358,7 @@ func DeleteFilePost(c *context.Context, f form.DeleteRepoFile) { if oldBranchName != branchName { if _, err := c.Repo.Repository.GetBranch(branchName); err == nil { c.Data["Err_NewBranchName"] = true - c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), DELETE_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), DELETE_FILE, &f, http.StatusBadRequest) return } } @@ -455,7 +455,7 @@ func UploadFilePost(c *context.Context, f form.UploadRepoFile) { if oldBranchName != branchName { if _, err := c.Repo.Repository.GetBranch(branchName); err == nil { c.Data["Err_NewBranchName"] = true - c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), UPLOAD_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), UPLOAD_FILE, &f, http.StatusBadRequest) return } } @@ -477,7 +477,7 @@ func UploadFilePost(c *context.Context, f form.UploadRepoFile) { // User can only upload files to a directory. if !entry.IsDir() { c.Data["Err_TreePath"] = true - c.RenderWithErr(c.Tr("repo.editor.directory_is_a_file", part), UPLOAD_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.directory_is_a_file", part), UPLOAD_FILE, &f, http.StatusBadRequest) return } } @@ -501,7 +501,7 @@ func UploadFilePost(c *context.Context, f form.UploadRepoFile) { Files: f.Files, }); err != nil { c.Data["Err_TreePath"] = true - c.RenderWithErr(c.Tr("repo.editor.unable_to_upload_files", f.TreePath, err), UPLOAD_FILE, &f) + c.RenderWithErr(c.Tr("repo.editor.unable_to_upload_files", f.TreePath, err), UPLOAD_FILE, &f, http.StatusInternalServerError) return } diff --git a/routes/repo/issue.go b/routes/repo/issue.go index 8920bc323..7491a079a 100644 --- a/routes/repo/issue.go +++ b/routes/repo/issue.go @@ -1131,7 +1131,7 @@ func NewMilestonePost(c *context.Context, f form.CreateMilestone) { deadline, err := time.ParseInLocation("2006-01-02", f.Deadline, time.Local) if err != nil { c.Data["Err_Deadline"] = true - c.RenderWithErr(c.Tr("repo.milestones.invalid_due_date_format"), MILESTONE_NEW, &f) + c.RenderWithErr(c.Tr("repo.milestones.invalid_due_date_format"), MILESTONE_NEW, &f, http.StatusBadRequest) return } @@ -1191,7 +1191,7 @@ func EditMilestonePost(c *context.Context, f form.CreateMilestone) { deadline, err := time.ParseInLocation("2006-01-02", f.Deadline, time.Local) if err != nil { c.Data["Err_Deadline"] = true - c.RenderWithErr(c.Tr("repo.milestones.invalid_due_date_format"), MILESTONE_NEW, &f) + c.RenderWithErr(c.Tr("repo.milestones.invalid_due_date_format"), MILESTONE_NEW, &f, http.StatusBadRequest) return } diff --git a/routes/repo/pull.go b/routes/repo/pull.go index 48eb76e79..242558364 100644 --- a/routes/repo/pull.go +++ b/routes/repo/pull.go @@ -8,6 +8,7 @@ import ( "container/list" "path" "strings" + "net/http" "github.com/Unknwon/com" log "gopkg.in/clog.v1" @@ -118,7 +119,7 @@ func ForkPost(c *context.Context, f form.CreateRepo) { // Cannot fork to same owner if ctxUser.ID == baseRepo.OwnerID { - c.RenderWithErr(c.Tr("repo.settings.cannot_fork_to_same_owner"), FORK, &f) + c.RenderWithErr(c.Tr("repo.settings.cannot_fork_to_same_owner"), FORK, &f, http.StatusBadRequest) return } @@ -127,11 +128,11 @@ func ForkPost(c *context.Context, f form.CreateRepo) { c.Data["Err_RepoName"] = true switch { case models.IsErrRepoAlreadyExist(err): - c.RenderWithErr(c.Tr("repo.settings.new_owner_has_same_repo"), FORK, &f) + c.RenderWithErr(c.Tr("repo.settings.new_owner_has_same_repo"), FORK, &f, http.StatusBadRequest) case models.IsErrNameReserved(err): - c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), FORK, &f) + c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), FORK, &f, http.StatusBadRequest) case models.IsErrNamePatternNotAllowed(err): - c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), FORK, &f) + c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), FORK, &f, http.StatusBadRequest) default: c.ServerError("ForkPost", err) } diff --git a/routes/repo/release.go b/routes/repo/release.go index 86dfe6f77..6f609aa39 100644 --- a/routes/repo/release.go +++ b/routes/repo/release.go @@ -7,6 +7,7 @@ package repo import ( "fmt" "strings" + "net/http" log "gopkg.in/clog.v1" @@ -176,7 +177,7 @@ func NewReleasePost(c *context.Context, f form.NewRelease) { } if !c.Repo.GitRepo.IsBranchExist(f.Target) { - c.RenderWithErr(c.Tr("form.target_branch_not_exist"), RELEASE_NEW, &f) + c.RenderWithErr(c.Tr("form.target_branch_not_exist"), RELEASE_NEW, &f, http.StatusBadRequest) return } @@ -224,9 +225,9 @@ func NewReleasePost(c *context.Context, f form.NewRelease) { c.Data["Err_TagName"] = true switch { case models.IsErrReleaseAlreadyExist(err): - c.RenderWithErr(c.Tr("repo.release.tag_name_already_exist"), RELEASE_NEW, &f) + c.RenderWithErr(c.Tr("repo.release.tag_name_already_exist"), RELEASE_NEW, &f, http.StatusBadRequest) case models.IsErrInvalidTagName(err): - c.RenderWithErr(c.Tr("repo.release.tag_name_invalid"), RELEASE_NEW, &f) + c.RenderWithErr(c.Tr("repo.release.tag_name_invalid"), RELEASE_NEW, &f, http.StatusBadRequest) default: c.Handle(500, "NewRelease", err) } diff --git a/routes/repo/repo.go b/routes/repo/repo.go index ea3c1a600..7f71a7f63 100644 --- a/routes/repo/repo.go +++ b/routes/repo/repo.go @@ -9,6 +9,7 @@ import ( "os" "path" "strings" + "net/http" "github.com/Unknwon/com" log "gopkg.in/clog.v1" @@ -88,16 +89,16 @@ func Create(c *context.Context) { func handleCreateError(c *context.Context, owner *models.User, err error, name, tpl string, form interface{}) { switch { case errors.IsReachLimitOfRepo(err): - c.RenderWithErr(c.Tr("repo.form.reach_limit_of_creation", owner.RepoCreationNum()), tpl, form) + c.RenderWithErr(c.Tr("repo.form.reach_limit_of_creation", owner.RepoCreationNum()), tpl, form, http.StatusNotAcceptable) case models.IsErrRepoAlreadyExist(err): c.Data["Err_RepoName"] = true - c.RenderWithErr(c.Tr("form.repo_name_been_taken"), tpl, form) + c.RenderWithErr(c.Tr("form.repo_name_been_taken"), tpl, form, http.StatusBadRequest) case models.IsErrNameReserved(err): c.Data["Err_RepoName"] = true - c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), tpl, form) + c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), tpl, form, http.StatusBadRequest) case models.IsErrNamePatternNotAllowed(err): c.Data["Err_RepoName"] = true - c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), tpl, form) + c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), tpl, form, http.StatusBadRequest) default: c.Handle(500, name, err) } @@ -181,11 +182,11 @@ func MigratePost(c *context.Context, f form.MigrateRepo) { addrErr := err.(models.ErrInvalidCloneAddr) switch { case addrErr.IsURLError: - c.RenderWithErr(c.Tr("form.url_error"), MIGRATE, &f) + c.RenderWithErr(c.Tr("form.url_error"), MIGRATE, &f, http.StatusBadRequest) case addrErr.IsPermissionDenied: - c.RenderWithErr(c.Tr("repo.migrate.permission_denied"), MIGRATE, &f) + c.RenderWithErr(c.Tr("repo.migrate.permission_denied"), MIGRATE, &f, http.StatusForbidden) case addrErr.IsInvalidPath: - c.RenderWithErr(c.Tr("repo.migrate.invalid_local_path"), MIGRATE, &f) + c.RenderWithErr(c.Tr("repo.migrate.invalid_local_path"), MIGRATE, &f, http.StatusInternalServerError) default: c.Handle(500, "Unknown error", err) } @@ -217,11 +218,11 @@ func MigratePost(c *context.Context, f form.MigrateRepo) { if strings.Contains(err.Error(), "Authentication failed") || strings.Contains(err.Error(), "could not read Username") { c.Data["Err_Auth"] = true - c.RenderWithErr(c.Tr("form.auth_failed", models.HandleMirrorCredentials(err.Error(), true)), MIGRATE, &f) + c.RenderWithErr(c.Tr("form.auth_failed", models.HandleMirrorCredentials(err.Error(), true)), MIGRATE, &f, http.StatusUnauthorized) return } else if strings.Contains(err.Error(), "fatal:") { c.Data["Err_CloneAddr"] = true - c.RenderWithErr(c.Tr("repo.migrate.failed", models.HandleMirrorCredentials(err.Error(), true)), MIGRATE, &f) + c.RenderWithErr(c.Tr("repo.migrate.failed", models.HandleMirrorCredentials(err.Error(), true)), MIGRATE, &f, http.StatusInternalServerError) return } diff --git a/routes/repo/setting.go b/routes/repo/setting.go index 71369320c..ff89a5bce 100644 --- a/routes/repo/setting.go +++ b/routes/repo/setting.go @@ -8,6 +8,7 @@ import ( "fmt" "strings" "time" + "net/http" log "gopkg.in/clog.v1" @@ -60,11 +61,11 @@ func SettingsPost(c *context.Context, f form.RepoSetting) { c.FormErr("RepoName") switch { case models.IsErrRepoAlreadyExist(err): - c.RenderWithErr(c.Tr("form.repo_name_been_taken"), SETTINGS_OPTIONS, &f) + c.RenderWithErr(c.Tr("form.repo_name_been_taken"), SETTINGS_OPTIONS, &f, http.StatusBadRequest) case models.IsErrNameReserved(err): - c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), SETTINGS_OPTIONS, &f) + c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), SETTINGS_OPTIONS, &f, http.StatusBadRequest) case models.IsErrNamePatternNotAllowed(err): - c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SETTINGS_OPTIONS, &f) + c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SETTINGS_OPTIONS, &f, http.StatusBadRequest) default: c.ServerError("ChangeRepositoryName", err) } @@ -163,7 +164,7 @@ func SettingsPost(c *context.Context, f form.RepoSetting) { return } if repo.Name != f.RepoName { - c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil) + c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest) return } @@ -197,7 +198,7 @@ func SettingsPost(c *context.Context, f form.RepoSetting) { return } if repo.Name != f.RepoName { - c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil) + c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest) return } @@ -214,13 +215,13 @@ func SettingsPost(c *context.Context, f form.RepoSetting) { c.ServerError("IsUserExist", err) return } else if !isExist { - c.RenderWithErr(c.Tr("form.enterred_invalid_owner_name"), SETTINGS_OPTIONS, nil) + c.RenderWithErr(c.Tr("form.enterred_invalid_owner_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest) return } if err = models.TransferOwnership(c.User, newOwner, repo); err != nil { if models.IsErrRepoAlreadyExist(err) { - c.RenderWithErr(c.Tr("repo.settings.new_owner_has_same_repo"), SETTINGS_OPTIONS, nil) + c.RenderWithErr(c.Tr("repo.settings.new_owner_has_same_repo"), SETTINGS_OPTIONS, nil, http.StatusBadRequest) } else { c.ServerError("TransferOwnership", err) } @@ -236,7 +237,7 @@ func SettingsPost(c *context.Context, f form.RepoSetting) { return } if repo.Name != f.RepoName { - c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil) + c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest) return } @@ -262,7 +263,7 @@ func SettingsPost(c *context.Context, f form.RepoSetting) { return } if repo.Name != f.RepoName { - c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil) + c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest) return } @@ -603,10 +604,10 @@ func SettingsDeployKeysPost(c *context.Context, f form.AddSSHKey) { switch { case models.IsErrKeyAlreadyExist(err): c.Data["Err_Content"] = true - c.RenderWithErr(c.Tr("repo.settings.key_been_used"), SETTINGS_DEPLOY_KEYS, &f) + c.RenderWithErr(c.Tr("repo.settings.key_been_used"), SETTINGS_DEPLOY_KEYS, &f, http.StatusBadRequest) case models.IsErrKeyNameAlreadyUsed(err): c.Data["Err_Title"] = true - c.RenderWithErr(c.Tr("repo.settings.key_name_used"), SETTINGS_DEPLOY_KEYS, &f) + c.RenderWithErr(c.Tr("repo.settings.key_name_used"), SETTINGS_DEPLOY_KEYS, &f, http.StatusBadRequest) default: c.Handle(500, "AddDeployKey", err) } diff --git a/routes/repo/wiki.go b/routes/repo/wiki.go index ad2cfbae6..8082857c5 100644 --- a/routes/repo/wiki.go +++ b/routes/repo/wiki.go @@ -210,7 +210,7 @@ func NewWikiPost(c *context.Context, f form.NewWiki) { if err := c.Repo.Repository.AddWikiPage(c.User, f.Title, f.Content, f.Message); err != nil { if models.IsErrWikiAlreadyExist(err) { c.Data["Err_Title"] = true - c.RenderWithErr(c.Tr("repo.wiki.page_already_exists"), WIKI_NEW, &f) + c.RenderWithErr(c.Tr("repo.wiki.page_already_exists"), WIKI_NEW, &f, 400) } else { c.Handle(500, "AddWikiPage", err) } diff --git a/routes/user/auth.go b/routes/user/auth.go index 34fdbd858..23e94434c 100644 --- a/routes/user/auth.go +++ b/routes/user/auth.go @@ -6,6 +6,7 @@ package user import ( "fmt" + "net/http" "net/url" "github.com/go-macaron/captcha" @@ -85,7 +86,8 @@ func Login(c *context.Context) { // Check auto-login. isSucceed, err := AutoLogin(c) if err != nil { - c.Handle(500, "AutoLogin", err) + log.Warn("%s authfail : Autologin failure", c.RemoteAddr()) + c.Handle(http.StatusInternalServerError, "AutoLogin", err) return } @@ -106,7 +108,7 @@ func Login(c *context.Context) { return } - c.HTML(200, LOGIN) + c.HTML(http.StatusOK, LOGIN) } func afterLogin(c *context.Context, u *models.User, remember bool) { @@ -141,14 +143,16 @@ func LoginPost(c *context.Context, f form.SignIn) { c.Data["Title"] = c.Tr("sign_in") if c.HasError() { - c.Success(LOGIN) + log.Warn("%s authfail : Content error", c.RemoteAddr(), f.UserName) + c.HTML(http.StatusBadRequest, LOGIN) return } u, err := models.UserSignIn(f.UserName, f.Password) if err != nil { + log.Warn("%s authfail : Authentication failure for user '%s'", c.RemoteAddr(), f.UserName) if errors.IsUserNotExist(err) { - c.RenderWithErr(c.Tr("form.username_password_incorrect"), LOGIN, &f) + c.RenderWithErr(c.Tr("form.username_password_incorrect"), LOGIN, &f, http.StatusUnauthorized) } else { c.ServerError("UserSignIn", err) } @@ -256,11 +260,11 @@ func SignUp(c *context.Context) { if setting.Service.DisableRegistration { c.Data["DisableRegistration"] = true - c.HTML(200, SIGNUP) + c.HTML(http.StatusOK, SIGNUP) return } - c.HTML(200, SIGNUP) + c.HTML(http.StatusOK, SIGNUP) } func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) { @@ -269,24 +273,24 @@ func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) { c.Data["EnableCaptcha"] = setting.Service.EnableCaptcha if setting.Service.DisableRegistration { - c.Error(403) + c.Error(http.StatusForbidden) return } if c.HasError() { - c.HTML(200, SIGNUP) + c.HTML(http.StatusOK, SIGNUP) return } if setting.Service.EnableCaptcha && !cpt.VerifyReq(c.Req) { c.Data["Err_Captcha"] = true - c.RenderWithErr(c.Tr("form.captcha_incorrect"), SIGNUP, &f) + c.RenderWithErr(c.Tr("form.captcha_incorrect"), SIGNUP, &f, http.StatusBadRequest) return } if f.Password != f.Retype { c.Data["Err_Password"] = true - c.RenderWithErr(c.Tr("form.password_not_match"), SIGNUP, &f) + c.RenderWithErr(c.Tr("form.password_not_match"), SIGNUP, &f, http.StatusBadRequest) return } @@ -300,18 +304,18 @@ func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) { switch { case models.IsErrUserAlreadyExist(err): c.Data["Err_UserName"] = true - c.RenderWithErr(c.Tr("form.username_been_taken"), SIGNUP, &f) + c.RenderWithErr(c.Tr("form.username_been_taken"), SIGNUP, &f, http.StatusBadRequest) case models.IsErrEmailAlreadyUsed(err): c.Data["Err_Email"] = true - c.RenderWithErr(c.Tr("form.email_been_used"), SIGNUP, &f) + c.RenderWithErr(c.Tr("form.email_been_used"), SIGNUP, &f, http.StatusBadRequest) case models.IsErrNameReserved(err): c.Data["Err_UserName"] = true - c.RenderWithErr(c.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), SIGNUP, &f) + c.RenderWithErr(c.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), SIGNUP, &f, http.StatusBadRequest) case models.IsErrNamePatternNotAllowed(err): c.Data["Err_UserName"] = true - c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SIGNUP, &f) + c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SIGNUP, &f, http.StatusBadRequest) default: - c.Handle(500, "CreateUser", err) + c.Handle(http.StatusInternalServerError, "CreateUser", err) } return } @@ -322,7 +326,7 @@ func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) { u.IsAdmin = true u.IsActive = true if err := models.UpdateUser(u); err != nil { - c.Handle(500, "UpdateUser", err) + c.Handle(http.StatusInternalServerError, "UpdateUser", err) return } } @@ -333,7 +337,7 @@ func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) { c.Data["IsSendRegisterMail"] = true c.Data["Email"] = u.Email c.Data["Hours"] = setting.Service.ActiveCodeLives / 60 - c.HTML(200, ACTIVATE) + c.HTML(http.StatusOK, ACTIVATE) if err := c.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil { log.Error(4, "Set cache(MailResendLimit) fail: %v", err) @@ -349,7 +353,7 @@ func Activate(c *context.Context) { if len(code) == 0 { c.Data["IsActivatePage"] = true if c.User.IsActive { - c.Error(404) + c.Error(http.StatusNotFound) return } // Resend confirmation email. @@ -455,7 +459,7 @@ func ForgotPasswdPost(c *context.Context) { if !u.IsLocal() { c.Data["Err_Email"] = true - c.RenderWithErr(c.Tr("auth.non_local_account"), FORGOT_PASSWORD, nil) + c.RenderWithErr(c.Tr("auth.non_local_account"), FORGOT_PASSWORD, nil, http.StatusBadRequest) return } @@ -504,7 +508,7 @@ func ResetPasswdPost(c *context.Context) { if len(passwd) < 6 { c.Data["IsResetForm"] = true c.Data["Err_Password"] = true - c.RenderWithErr(c.Tr("auth.password_too_short"), RESET_PASSWORD, nil) + c.RenderWithErr(c.Tr("auth.password_too_short"), RESET_PASSWORD, nil, http.StatusBadRequest) return } diff --git a/routes/user/setting.go b/routes/user/setting.go index 723b3da24..ec80ea402 100644 --- a/routes/user/setting.go +++ b/routes/user/setting.go @@ -8,6 +8,7 @@ import ( "bytes" "encoding/base64" "fmt" + "net/http" "html/template" "image/png" "io/ioutil" @@ -86,7 +87,7 @@ func SettingsPost(c *context.Context, f form.UpdateProfile) { return } - c.RenderWithErr(msg, SETTINGS_PROFILE, &f) + c.RenderWithErr(msg, SETTINGS_PROFILE, &f, http.StatusBadRequest) return } @@ -263,7 +264,7 @@ func SettingsEmailPost(c *context.Context, f form.AddEmail) { } if err := models.AddEmailAddress(email); err != nil { if models.IsErrEmailAlreadyUsed(err) { - c.RenderWithErr(c.Tr("form.email_been_used"), SETTINGS_EMAILS, &f) + c.RenderWithErr(c.Tr("form.email_been_used"), SETTINGS_EMAILS, &f, http.StatusBadRequest) } else { c.ServerError("AddEmailAddress", err) } @@ -346,10 +347,10 @@ func SettingsSSHKeysPost(c *context.Context, f form.AddSSHKey) { switch { case models.IsErrKeyAlreadyExist(err): c.FormErr("Content") - c.RenderWithErr(c.Tr("settings.ssh_key_been_used"), SETTINGS_SSH_KEYS, &f) + c.RenderWithErr(c.Tr("settings.ssh_key_been_used"), SETTINGS_SSH_KEYS, &f, http.StatusBadRequest) case models.IsErrKeyNameAlreadyUsed(err): c.FormErr("Title") - c.RenderWithErr(c.Tr("settings.ssh_key_name_used"), SETTINGS_SSH_KEYS, &f) + c.RenderWithErr(c.Tr("settings.ssh_key_name_used"), SETTINGS_SSH_KEYS, &f, http.StatusBadRequest) default: c.ServerError("AddPublicKey", err) } @@ -635,7 +636,7 @@ func SettingsDelete(c *context.Context) { if c.Req.Method == "POST" { if _, err := models.UserSignIn(c.User.Name, c.Query("password")); err != nil { if errors.IsUserNotExist(err) { - c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil) + c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil, http.StatusUnauthorized) } else { c.ServerError("UserSignIn", err) }