playground
/
gogs
mirror of https://github.com/gogits/gogs.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

Enhanced HTTP response code + authentication failure log messages 

Add an http_status int argument to RenderWithErr(). In most case
it is set to http.StatusBadRequest.
Authentication failure log messages (that should be matched by fail2ban) are
composed like : "^<DATE> \[ WARN\] <IP> authfail : <REASON>$"
pull/3357/head
Gogs 7 years ago
parent
b1100b5e34
commit
103417e1d3
16 changed files with 116 additions and 101 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      pkg/context/context.go
  2. 3
      routes/admin/auths.go
  3. 11
      routes/admin/users.go
  4. 31
      routes/install.go
  5. 7
      routes/org/org.go
  6. 9
      routes/org/setting.go
  7. 7
      routes/org/teams.go
  8. 26
      routes/repo/editor.go
  9. 4
      routes/repo/issue.go
  10. 9
      routes/repo/pull.go
  11. 7
      routes/repo/release.go
  12. 19
      routes/repo/repo.go
  13. 23
      routes/repo/setting.go
  14. 2
      routes/repo/wiki.go
  15. 44
      routes/user/auth.go
  16. 11
      routes/user/setting.go

4
pkg/context/context.go
Unescape View File

@ -137,13 +137,13 @@ func (c *Context) SubURLRedirect(location string, status ...int) {
} }
// RenderWithErr used for page has form validation but need to prompt error to users. // RenderWithErr used for page has form validation but need to prompt error to users.
func (c *Context) RenderWithErr(msg, tpl string, f interface{}) { func (c *Context) RenderWithErr(msg, tpl string, f interface{}, http_status int) {
if f != nil { if f != nil {
form.Assign(f, c.Data) form.Assign(f, c.Data)
} }
c.Flash.ErrorMsg = msg c.Flash.ErrorMsg = msg
c.Data["Flash"] = c.Flash c.Data["Flash"] = c.Flash
c.HTML(http.StatusOK, tpl) c.HTML(http_status, tpl)
} }
// Handle handles and logs error by given status. // Handle handles and logs error by given status.

3
routes/admin/auths.go
Unescape View File

@ -6,6 +6,7 @@ package admin
import ( import (
"fmt" "fmt"
"net/http"
"github.com/Unknwon/com" "github.com/Unknwon/com"
"github.com/go-xorm/core" "github.com/go-xorm/core"
@ -158,7 +159,7 @@ func NewAuthSourcePost(c *context.Context, f form.Authentication) {
}); err != nil { }); err != nil {
if models.IsErrLoginSourceAlreadyExist(err) { if models.IsErrLoginSourceAlreadyExist(err) {
c.Data["Err_Name"] = true c.Data["Err_Name"] = true
c.RenderWithErr(c.Tr("admin.auths.login_source_exist", err.(models.ErrLoginSourceAlreadyExist).Name), AUTH_NEW, f) c.RenderWithErr(c.Tr("admin.auths.login_source_exist", err.(models.ErrLoginSourceAlreadyExist).Name), AUTH_NEW, f, http.StatusBadRequest)
} else { } else {
c.Handle(500, "CreateSource", err) c.Handle(500, "CreateSource", err)
} }

11
routes/admin/users.go
Unescape View File

@ -6,6 +6,7 @@ package admin
import ( import (
"strings" "strings"
"net/http"
"github.com/Unknwon/com" "github.com/Unknwon/com"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
@ -97,16 +98,16 @@ func NewUserPost(c *context.Context, f form.AdminCrateUser) {
switch { switch {
case models.IsErrUserAlreadyExist(err): case models.IsErrUserAlreadyExist(err):
c.Data["Err_UserName"] = true c.Data["Err_UserName"] = true
c.RenderWithErr(c.Tr("form.username_been_taken"), USER_NEW, &f) c.RenderWithErr(c.Tr("form.username_been_taken"), USER_NEW, &f, http.StatusBadRequest)
case models.IsErrEmailAlreadyUsed(err): case models.IsErrEmailAlreadyUsed(err):
c.Data["Err_Email"] = true c.Data["Err_Email"] = true
c.RenderWithErr(c.Tr("form.email_been_used"), USER_NEW, &f) c.RenderWithErr(c.Tr("form.email_been_used"), USER_NEW, &f, http.StatusBadRequest)
case models.IsErrNameReserved(err): case models.IsErrNameReserved(err):
c.Data["Err_UserName"] = true c.Data["Err_UserName"] = true
c.RenderWithErr(c.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), USER_NEW, &f) c.RenderWithErr(c.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), USER_NEW, &f, http.StatusBadRequest)
case models.IsErrNamePatternNotAllowed(err): case models.IsErrNamePatternNotAllowed(err):
c.Data["Err_UserName"] = true c.Data["Err_UserName"] = true
c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), USER_NEW, &f) c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), USER_NEW, &f, http.StatusBadRequest)
default: default:
c.Handle(500, "CreateUser", err) c.Handle(500, "CreateUser", err)
} }
@ -217,7 +218,7 @@ func EditUserPost(c *context.Context, f form.AdminEditUser) {
if err := models.UpdateUser(u); err != nil { if err := models.UpdateUser(u); err != nil {
if models.IsErrEmailAlreadyUsed(err) { if models.IsErrEmailAlreadyUsed(err) {
c.Data["Err_Email"] = true c.Data["Err_Email"] = true
c.RenderWithErr(c.Tr("form.email_been_used"), USER_EDIT, &f) c.RenderWithErr(c.Tr("form.email_been_used"), USER_EDIT, &f, http.StatusBadRequest)
} else { } else {
c.Handle(500, "UpdateUser", err) c.Handle(500, "UpdateUser", err)
} }

31
routes/install.go
Unescape View File

@ -6,6 +6,7 @@ package routes
import ( import (
"net/mail" "net/mail"
"net/http"
"os" "os"
"os/exec" "os/exec"
"path/filepath" "path/filepath"
@ -186,7 +187,7 @@ func InstallPost(c *context.Context, f form.Install) {
} }
if _, err := exec.LookPath("git"); err != nil { if _, err := exec.LookPath("git"); err != nil {
c.RenderWithErr(c.Tr("install.test_git_failed", err), INSTALL, &f) c.RenderWithErr(c.Tr("install.test_git_failed", err), INSTALL, &f, http.StatusOK)
return return
} }
@ -203,7 +204,7 @@ func InstallPost(c *context.Context, f form.Install) {
if models.DbCfg.Type == "sqlite3" && len(models.DbCfg.Path) == 0 { if models.DbCfg.Type == "sqlite3" && len(models.DbCfg.Path) == 0 {
c.FormErr("DbPath") c.FormErr("DbPath")
c.RenderWithErr(c.Tr("install.err_empty_db_path"), INSTALL, &f) c.RenderWithErr(c.Tr("install.err_empty_db_path"), INSTALL, &f, http.StatusBadRequest)
return return
} }
@ -212,10 +213,10 @@ func InstallPost(c *context.Context, f form.Install) {
if err := models.NewTestEngine(x); err != nil { if err := models.NewTestEngine(x); err != nil {
if strings.Contains(err.Error(), `Unknown database type: sqlite3`) { if strings.Contains(err.Error(), `Unknown database type: sqlite3`) {
c.FormErr("DbType") c.FormErr("DbType")
c.RenderWithErr(c.Tr("install.sqlite3_not_available", "https://gogs.io/docs/installation/install_from_binary.html"), INSTALL, &f) c.RenderWithErr(c.Tr("install.sqlite3_not_available", "https://gogs.io/docs/installation/install_from_binary.html"), INSTALL, &f, http.StatusOK)
} else { } else {
c.FormErr("DbSetting") c.FormErr("DbSetting")
c.RenderWithErr(c.Tr("install.invalid_db_setting", err), INSTALL, &f) c.RenderWithErr(c.Tr("install.invalid_db_setting", err), INSTALL, &f, http.StatusOK)
} }
return return
} }
@ -224,7 +225,7 @@ func InstallPost(c *context.Context, f form.Install) {
f.RepoRootPath = strings.Replace(f.RepoRootPath, "\\", "/", -1) f.RepoRootPath = strings.Replace(f.RepoRootPath, "\\", "/", -1)
if err := os.MkdirAll(f.RepoRootPath, os.ModePerm); err != nil { if err := os.MkdirAll(f.RepoRootPath, os.ModePerm); err != nil {
c.FormErr("RepoRootPath") c.FormErr("RepoRootPath")
c.RenderWithErr(c.Tr("install.invalid_repo_path", err), INSTALL, &f) c.RenderWithErr(c.Tr("install.invalid_repo_path", err), INSTALL, &f, http.StatusOK)
return return
} }
@ -232,21 +233,21 @@ func InstallPost(c *context.Context, f form.Install) {
f.LogRootPath = strings.Replace(f.LogRootPath, "\\", "/", -1) f.LogRootPath = strings.Replace(f.LogRootPath, "\\", "/", -1)
if err := os.MkdirAll(f.LogRootPath, os.ModePerm); err != nil { if err := os.MkdirAll(f.LogRootPath, os.ModePerm); err != nil {
c.FormErr("LogRootPath") c.FormErr("LogRootPath")
c.RenderWithErr(c.Tr("install.invalid_log_root_path", err), INSTALL, &f) c.RenderWithErr(c.Tr("install.invalid_log_root_path", err), INSTALL, &f, http.StatusOK)
return return
} }
currentUser, match := setting.IsRunUserMatchCurrentUser(f.RunUser) currentUser, match := setting.IsRunUserMatchCurrentUser(f.RunUser)
if !match { if !match {
c.FormErr("RunUser") c.FormErr("RunUser")
c.RenderWithErr(c.Tr("install.run_user_not_match", f.RunUser, currentUser), INSTALL, &f) c.RenderWithErr(c.Tr("install.run_user_not_match", f.RunUser, currentUser), INSTALL, &f, http.StatusOK)
return return
} }
// Check host address and port // Check host address and port
if len(f.SMTPHost) > 0 && !strings.Contains(f.SMTPHost, ":") { if len(f.SMTPHost) > 0 && !strings.Contains(f.SMTPHost, ":") {
c.FormErr("SMTP", "SMTPHost") c.FormErr("SMTP", "SMTPHost")
c.RenderWithErr(c.Tr("install.smtp_host_missing_port"), INSTALL, &f) c.RenderWithErr(c.Tr("install.smtp_host_missing_port"), INSTALL, &f, http.StatusOK)
return return
} }
@ -255,7 +256,7 @@ func InstallPost(c *context.Context, f form.Install) {
_, err := mail.ParseAddress(f.SMTPFrom) _, err := mail.ParseAddress(f.SMTPFrom)
if err != nil { if err != nil {
c.FormErr("SMTP", "SMTPFrom") c.FormErr("SMTP", "SMTPFrom")
c.RenderWithErr(c.Tr("install.invalid_smtp_from", err), INSTALL, &f) c.RenderWithErr(c.Tr("install.invalid_smtp_from", err), INSTALL, &f, http.StatusOK)
return return
} }
} }
@ -263,19 +264,19 @@ func InstallPost(c *context.Context, f form.Install) {
// Check logic loophole between disable self-registration and no admin account. // Check logic loophole between disable self-registration and no admin account.
if f.DisableRegistration && len(f.AdminName) == 0 { if f.DisableRegistration && len(f.AdminName) == 0 {
c.FormErr("Services", "Admin") c.FormErr("Services", "Admin")
c.RenderWithErr(c.Tr("install.no_admin_and_disable_registration"), INSTALL, f) c.RenderWithErr(c.Tr("install.no_admin_and_disable_registration"), INSTALL, f, http.StatusOK)
return return
} }
// Check admin password. // Check admin password.
if len(f.AdminName) > 0 && len(f.AdminPasswd) == 0 { if len(f.AdminName) > 0 && len(f.AdminPasswd) == 0 {
c.FormErr("Admin", "AdminPasswd") c.FormErr("Admin", "AdminPasswd")
c.RenderWithErr(c.Tr("install.err_empty_admin_password"), INSTALL, f) c.RenderWithErr(c.Tr("install.err_empty_admin_password"), INSTALL, f, http.StatusOK)
return return
} }
if f.AdminPasswd != f.AdminConfirmPasswd { if f.AdminPasswd != f.AdminConfirmPasswd {
c.FormErr("Admin", "AdminPasswd") c.FormErr("Admin", "AdminPasswd")
c.RenderWithErr(c.Tr("form.password_not_match"), INSTALL, f) c.RenderWithErr(c.Tr("form.password_not_match"), INSTALL, f, http.StatusOK)
return return
} }
@ -348,14 +349,14 @@ func InstallPost(c *context.Context, f form.Install) {
cfg.Section("security").Key("INSTALL_LOCK").SetValue("true") cfg.Section("security").Key("INSTALL_LOCK").SetValue("true")
secretKey, err := tool.RandomString(15) secretKey, err := tool.RandomString(15)
if err != nil { if err != nil {
c.RenderWithErr(c.Tr("install.secret_key_failed", err), INSTALL, &f) c.RenderWithErr(c.Tr("install.secret_key_failed", err), INSTALL, &f, http.StatusInternalServerError)
return return
} }
cfg.Section("security").Key("SECRET_KEY").SetValue(secretKey) cfg.Section("security").Key("SECRET_KEY").SetValue(secretKey)
os.MkdirAll(filepath.Dir(setting.CustomConf), os.ModePerm) os.MkdirAll(filepath.Dir(setting.CustomConf), os.ModePerm)
if err := cfg.SaveTo(setting.CustomConf); err != nil { if err := cfg.SaveTo(setting.CustomConf); err != nil {
c.RenderWithErr(c.Tr("install.save_config_failed", err), INSTALL, &f) c.RenderWithErr(c.Tr("install.save_config_failed", err), INSTALL, &f, http.StatusInternalServerError)
return return
} }
@ -374,7 +375,7 @@ func InstallPost(c *context.Context, f form.Install) {
if !models.IsErrUserAlreadyExist(err) { if !models.IsErrUserAlreadyExist(err) {
setting.InstallLock = false setting.InstallLock = false
c.FormErr("AdminName", "AdminEmail") c.FormErr("AdminName", "AdminEmail")
c.RenderWithErr(c.Tr("install.invalid_admin_setting", err), INSTALL, &f) c.RenderWithErr(c.Tr("install.invalid_admin_setting", err), INSTALL, &f, http.StatusBadRequest)
return return
} }
log.Info("Admin account already exist") log.Info("Admin account already exist")

7
routes/org/org.go
Unescape View File

@ -5,6 +5,7 @@
package org package org
import ( import (
"net/http"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
"github.com/gogits/gogs/models" "github.com/gogits/gogs/models"
@ -40,11 +41,11 @@ func CreatePost(c *context.Context, f form.CreateOrg) {
c.Data["Err_OrgName"] = true c.Data["Err_OrgName"] = true
switch { switch {
case models.IsErrUserAlreadyExist(err): case models.IsErrUserAlreadyExist(err):
c.RenderWithErr(c.Tr("form.org_name_been_taken"), CREATE, &f) c.RenderWithErr(c.Tr("form.org_name_been_taken"), CREATE, &f, http.StatusBadRequest)
case models.IsErrNameReserved(err): case models.IsErrNameReserved(err):
c.RenderWithErr(c.Tr("org.form.name_reserved", err.(models.ErrNameReserved).Name), CREATE, &f) c.RenderWithErr(c.Tr("org.form.name_reserved", err.(models.ErrNameReserved).Name), CREATE, &f, http.StatusBadRequest)
case models.IsErrNamePatternNotAllowed(err): case models.IsErrNamePatternNotAllowed(err):
c.RenderWithErr(c.Tr("org.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), CREATE, &f) c.RenderWithErr(c.Tr("org.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), CREATE, &f, http.StatusBadRequest)
default: default:
c.Handle(500, "CreateOrganization", err) c.Handle(500, "CreateOrganization", err)
} }

9
routes/org/setting.go
Unescape View File

@ -6,6 +6,7 @@ package org
import ( import (
"strings" "strings"
"net/http"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
@ -48,15 +49,15 @@ func SettingsPost(c *context.Context, f form.UpdateOrgSetting) {
return return
} else if isExist { } else if isExist {
c.Data["OrgName"] = true c.Data["OrgName"] = true
c.RenderWithErr(c.Tr("form.username_been_taken"), SETTINGS_OPTIONS, &f) c.RenderWithErr(c.Tr("form.username_been_taken"), SETTINGS_OPTIONS, &f, http.StatusBadRequest)
return return
} else if err = models.ChangeUserName(org, f.Name); err != nil { } else if err = models.ChangeUserName(org, f.Name); err != nil {
c.Data["OrgName"] = true c.Data["OrgName"] = true
switch { switch {
case models.IsErrNameReserved(err): case models.IsErrNameReserved(err):
c.RenderWithErr(c.Tr("user.form.name_reserved"), SETTINGS_OPTIONS, &f) c.RenderWithErr(c.Tr("user.form.name_reserved"), SETTINGS_OPTIONS, &f, http.StatusBadRequest)
case models.IsErrNamePatternNotAllowed(err): case models.IsErrNamePatternNotAllowed(err):
c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed"), SETTINGS_OPTIONS, &f) c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed"), SETTINGS_OPTIONS, &f, http.StatusBadRequest)
default: default:
c.Handle(500, "ChangeUserName", err) c.Handle(500, "ChangeUserName", err)
} }
@ -114,7 +115,7 @@ func SettingsDelete(c *context.Context) {
if c.Req.Method == "POST" { if c.Req.Method == "POST" {
if _, err := models.UserSignIn(c.User.Name, c.Query("password")); err != nil { if _, err := models.UserSignIn(c.User.Name, c.Query("password")); err != nil {
if errors.IsUserNotExist(err) { if errors.IsUserNotExist(err) {
c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil) c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil, http.StatusBadRequest)
} else { } else {
c.Handle(500, "UserSignIn", err) c.Handle(500, "UserSignIn", err)
} }

7
routes/org/teams.go
Unescape View File

@ -6,6 +6,7 @@ package org
import ( import (
"path" "path"
"net/http"
"github.com/Unknwon/com" "github.com/Unknwon/com"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
@ -171,9 +172,9 @@ func NewTeamPost(c *context.Context, f form.CreateTeam) {
c.Data["Err_TeamName"] = true c.Data["Err_TeamName"] = true
switch { switch {
case models.IsErrTeamAlreadyExist(err): case models.IsErrTeamAlreadyExist(err):
c.RenderWithErr(c.Tr("form.team_name_been_taken"), TEAM_NEW, &f) c.RenderWithErr(c.Tr("form.team_name_been_taken"), TEAM_NEW, &f, http.StatusBadRequest)
case models.IsErrNameReserved(err): case models.IsErrNameReserved(err):
c.RenderWithErr(c.Tr("org.form.team_name_reserved", err.(models.ErrNameReserved).Name), TEAM_NEW, &f) c.RenderWithErr(c.Tr("org.form.team_name_reserved", err.(models.ErrNameReserved).Name), TEAM_NEW, &f, http.StatusBadRequest)
default: default:
c.Handle(500, "NewTeam", err) c.Handle(500, "NewTeam", err)
} }
@ -249,7 +250,7 @@ func EditTeamPost(c *context.Context, f form.CreateTeam) {
c.Data["Err_TeamName"] = true c.Data["Err_TeamName"] = true
switch { switch {
case models.IsErrTeamAlreadyExist(err): case models.IsErrTeamAlreadyExist(err):
c.RenderWithErr(c.Tr("form.team_name_been_taken"), TEAM_NEW, &f) c.RenderWithErr(c.Tr("form.team_name_been_taken"), TEAM_NEW, &f, http.StatusBadRequest)
default: default:
c.Handle(500, "UpdateTeam", err) c.Handle(500, "UpdateTeam", err)
} }

26
routes/repo/editor.go
Unescape View File

@ -165,14 +165,14 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) {
if len(f.TreePath) == 0 { if len(f.TreePath) == 0 {
c.FormErr("TreePath") c.FormErr("TreePath")
c.RenderWithErr(c.Tr("repo.editor.filename_cannot_be_empty"), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.filename_cannot_be_empty"), EDIT_FILE, &f, http.StatusBadRequest)
return return
} }
if oldBranchName != branchName { if oldBranchName != branchName {
if _, err := c.Repo.Repository.GetBranch(branchName); err == nil { if _, err := c.Repo.Repository.GetBranch(branchName); err == nil {
c.FormErr("NewBranchName") c.FormErr("NewBranchName")
c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), EDIT_FILE, &f, http.StatusBadRequest)
return return
} }
} }
@ -193,17 +193,17 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) {
if index != len(treeNames)-1 { if index != len(treeNames)-1 {
if !entry.IsDir() { if !entry.IsDir() {
c.FormErr("TreePath") c.FormErr("TreePath")
c.RenderWithErr(c.Tr("repo.editor.directory_is_a_file", part), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.directory_is_a_file", part), EDIT_FILE, &f, http.StatusBadRequest)
return return
} }
} else { } else {
if entry.IsLink() { if entry.IsLink() {
c.FormErr("TreePath") c.FormErr("TreePath")
c.RenderWithErr(c.Tr("repo.editor.file_is_a_symlink", part), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.file_is_a_symlink", part), EDIT_FILE, &f, http.StatusBadRequest)
return return
} else if entry.IsDir() { } else if entry.IsDir() {
c.FormErr("TreePath") c.FormErr("TreePath")
c.RenderWithErr(c.Tr("repo.editor.filename_is_a_directory", part), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.filename_is_a_directory", part), EDIT_FILE, &f, http.StatusBadRequest)
return return
} }
} }
@ -214,7 +214,7 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) {
if err != nil { if err != nil {
if git.IsErrNotExist(err) { if git.IsErrNotExist(err) {
c.FormErr("TreePath") c.FormErr("TreePath")
c.RenderWithErr(c.Tr("repo.editor.file_editing_no_longer_exists", oldTreePath), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.file_editing_no_longer_exists", oldTreePath), EDIT_FILE, &f, http.StatusBadRequest)
} else { } else {
c.ServerError("GetTreeEntryByPath", err) c.ServerError("GetTreeEntryByPath", err)
} }
@ -229,7 +229,7 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) {
for _, file := range files { for _, file := range files {
if file == f.TreePath { if file == f.TreePath {
c.RenderWithErr(c.Tr("repo.editor.file_changed_while_editing", c.Repo.RepoLink+"/compare/"+lastCommit+"..."+c.Repo.CommitID), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.file_changed_while_editing", c.Repo.RepoLink+"/compare/"+lastCommit+"..."+c.Repo.CommitID), EDIT_FILE, &f, http.StatusInternalServerError)
return return
} }
} }
@ -247,7 +247,7 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) {
} }
if entry != nil { if entry != nil {
c.FormErr("TreePath") c.FormErr("TreePath")
c.RenderWithErr(c.Tr("repo.editor.file_already_exists", f.TreePath), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.file_already_exists", f.TreePath), EDIT_FILE, &f, http.StatusBadRequest)
return return
} }
} }
@ -277,7 +277,7 @@ func editFilePost(c *context.Context, f form.EditRepoFile, isNewFile bool) {
IsNewFile: isNewFile, IsNewFile: isNewFile,
}); err != nil { }); err != nil {
c.FormErr("TreePath") c.FormErr("TreePath")
c.RenderWithErr(c.Tr("repo.editor.fail_to_update_file", f.TreePath, err), EDIT_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.fail_to_update_file", f.TreePath, err), EDIT_FILE, &f, http.StatusInternalServerError)
return return
} }
@ -358,7 +358,7 @@ func DeleteFilePost(c *context.Context, f form.DeleteRepoFile) {
if oldBranchName != branchName { if oldBranchName != branchName {
if _, err := c.Repo.Repository.GetBranch(branchName); err == nil { if _, err := c.Repo.Repository.GetBranch(branchName); err == nil {
c.Data["Err_NewBranchName"] = true c.Data["Err_NewBranchName"] = true
c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), DELETE_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), DELETE_FILE, &f, http.StatusBadRequest)
return return
} }
} }
@ -455,7 +455,7 @@ func UploadFilePost(c *context.Context, f form.UploadRepoFile) {
if oldBranchName != branchName { if oldBranchName != branchName {
if _, err := c.Repo.Repository.GetBranch(branchName); err == nil { if _, err := c.Repo.Repository.GetBranch(branchName); err == nil {
c.Data["Err_NewBranchName"] = true c.Data["Err_NewBranchName"] = true
c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), UPLOAD_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.branch_already_exists", branchName), UPLOAD_FILE, &f, http.StatusBadRequest)
return return
} }
} }
@ -477,7 +477,7 @@ func UploadFilePost(c *context.Context, f form.UploadRepoFile) {
// User can only upload files to a directory. // User can only upload files to a directory.
if !entry.IsDir() { if !entry.IsDir() {
c.Data["Err_TreePath"] = true c.Data["Err_TreePath"] = true
c.RenderWithErr(c.Tr("repo.editor.directory_is_a_file", part), UPLOAD_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.directory_is_a_file", part), UPLOAD_FILE, &f, http.StatusBadRequest)
return return
} }
} }
@ -501,7 +501,7 @@ func UploadFilePost(c *context.Context, f form.UploadRepoFile) {
Files: f.Files, Files: f.Files,
}); err != nil { }); err != nil {
c.Data["Err_TreePath"] = true c.Data["Err_TreePath"] = true
c.RenderWithErr(c.Tr("repo.editor.unable_to_upload_files", f.TreePath, err), UPLOAD_FILE, &f) c.RenderWithErr(c.Tr("repo.editor.unable_to_upload_files", f.TreePath, err), UPLOAD_FILE, &f, http.StatusInternalServerError)
return return
} }

4
routes/repo/issue.go
Unescape View File

@ -1131,7 +1131,7 @@ func NewMilestonePost(c *context.Context, f form.CreateMilestone) {
deadline, err := time.ParseInLocation("2006-01-02", f.Deadline, time.Local) deadline, err := time.ParseInLocation("2006-01-02", f.Deadline, time.Local)
if err != nil { if err != nil {
c.Data["Err_Deadline"] = true c.Data["Err_Deadline"] = true
c.RenderWithErr(c.Tr("repo.milestones.invalid_due_date_format"), MILESTONE_NEW, &f) c.RenderWithErr(c.Tr("repo.milestones.invalid_due_date_format"), MILESTONE_NEW, &f, http.StatusBadRequest)
return return
} }
@ -1191,7 +1191,7 @@ func EditMilestonePost(c *context.Context, f form.CreateMilestone) {
deadline, err := time.ParseInLocation("2006-01-02", f.Deadline, time.Local) deadline, err := time.ParseInLocation("2006-01-02", f.Deadline, time.Local)
if err != nil { if err != nil {
c.Data["Err_Deadline"] = true c.Data["Err_Deadline"] = true
c.RenderWithErr(c.Tr("repo.milestones.invalid_due_date_format"), MILESTONE_NEW, &f) c.RenderWithErr(c.Tr("repo.milestones.invalid_due_date_format"), MILESTONE_NEW, &f, http.StatusBadRequest)
return return
} }

9
routes/repo/pull.go
Unescape View File

@ -8,6 +8,7 @@ import (
"container/list" "container/list"
"path" "path"
"strings" "strings"
"net/http"
"github.com/Unknwon/com" "github.com/Unknwon/com"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
@ -118,7 +119,7 @@ func ForkPost(c *context.Context, f form.CreateRepo) {
// Cannot fork to same owner // Cannot fork to same owner
if ctxUser.ID == baseRepo.OwnerID { if ctxUser.ID == baseRepo.OwnerID {
c.RenderWithErr(c.Tr("repo.settings.cannot_fork_to_same_owner"), FORK, &f) c.RenderWithErr(c.Tr("repo.settings.cannot_fork_to_same_owner"), FORK, &f, http.StatusBadRequest)
return return
} }
@ -127,11 +128,11 @@ func ForkPost(c *context.Context, f form.CreateRepo) {
c.Data["Err_RepoName"] = true c.Data["Err_RepoName"] = true
switch { switch {
case models.IsErrRepoAlreadyExist(err): case models.IsErrRepoAlreadyExist(err):
c.RenderWithErr(c.Tr("repo.settings.new_owner_has_same_repo"), FORK, &f) c.RenderWithErr(c.Tr("repo.settings.new_owner_has_same_repo"), FORK, &f, http.StatusBadRequest)
case models.IsErrNameReserved(err): case models.IsErrNameReserved(err):
c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), FORK, &f) c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), FORK, &f, http.StatusBadRequest)
case models.IsErrNamePatternNotAllowed(err): case models.IsErrNamePatternNotAllowed(err):
c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), FORK, &f) c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), FORK, &f, http.StatusBadRequest)
default: default:
c.ServerError("ForkPost", err) c.ServerError("ForkPost", err)
} }

7
routes/repo/release.go
Unescape View File

@ -7,6 +7,7 @@ package repo
import ( import (
"fmt" "fmt"
"strings" "strings"
"net/http"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
@ -176,7 +177,7 @@ func NewReleasePost(c *context.Context, f form.NewRelease) {
} }
if !c.Repo.GitRepo.IsBranchExist(f.Target) { if !c.Repo.GitRepo.IsBranchExist(f.Target) {
c.RenderWithErr(c.Tr("form.target_branch_not_exist"), RELEASE_NEW, &f) c.RenderWithErr(c.Tr("form.target_branch_not_exist"), RELEASE_NEW, &f, http.StatusBadRequest)
return return
} }
@ -224,9 +225,9 @@ func NewReleasePost(c *context.Context, f form.NewRelease) {
c.Data["Err_TagName"] = true c.Data["Err_TagName"] = true
switch { switch {
case models.IsErrReleaseAlreadyExist(err): case models.IsErrReleaseAlreadyExist(err):
c.RenderWithErr(c.Tr("repo.release.tag_name_already_exist"), RELEASE_NEW, &f) c.RenderWithErr(c.Tr("repo.release.tag_name_already_exist"), RELEASE_NEW, &f, http.StatusBadRequest)
case models.IsErrInvalidTagName(err): case models.IsErrInvalidTagName(err):
c.RenderWithErr(c.Tr("repo.release.tag_name_invalid"), RELEASE_NEW, &f) c.RenderWithErr(c.Tr("repo.release.tag_name_invalid"), RELEASE_NEW, &f, http.StatusBadRequest)
default: default:
c.Handle(500, "NewRelease", err) c.Handle(500, "NewRelease", err)
} }

19
routes/repo/repo.go
Unescape View File

@ -9,6 +9,7 @@ import (
"os" "os"
"path" "path"
"strings" "strings"
"net/http"
"github.com/Unknwon/com" "github.com/Unknwon/com"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
@ -88,16 +89,16 @@ func Create(c *context.Context) {
func handleCreateError(c *context.Context, owner *models.User, err error, name, tpl string, form interface{}) { func handleCreateError(c *context.Context, owner *models.User, err error, name, tpl string, form interface{}) {
switch { switch {
case errors.IsReachLimitOfRepo(err): case errors.IsReachLimitOfRepo(err):
c.RenderWithErr(c.Tr("repo.form.reach_limit_of_creation", owner.RepoCreationNum()), tpl, form) c.RenderWithErr(c.Tr("repo.form.reach_limit_of_creation", owner.RepoCreationNum()), tpl, form, http.StatusNotAcceptable)
case models.IsErrRepoAlreadyExist(err): case models.IsErrRepoAlreadyExist(err):
c.Data["Err_RepoName"] = true c.Data["Err_RepoName"] = true
c.RenderWithErr(c.Tr("form.repo_name_been_taken"), tpl, form) c.RenderWithErr(c.Tr("form.repo_name_been_taken"), tpl, form, http.StatusBadRequest)
case models.IsErrNameReserved(err): case models.IsErrNameReserved(err):
c.Data["Err_RepoName"] = true c.Data["Err_RepoName"] = true
c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), tpl, form) c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), tpl, form, http.StatusBadRequest)
case models.IsErrNamePatternNotAllowed(err): case models.IsErrNamePatternNotAllowed(err):
c.Data["Err_RepoName"] = true c.Data["Err_RepoName"] = true
c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), tpl, form) c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), tpl, form, http.StatusBadRequest)
default: default:
c.Handle(500, name, err) c.Handle(500, name, err)
} }
@ -181,11 +182,11 @@ func MigratePost(c *context.Context, f form.MigrateRepo) {
addrErr := err.(models.ErrInvalidCloneAddr) addrErr := err.(models.ErrInvalidCloneAddr)
switch { switch {
case addrErr.IsURLError: case addrErr.IsURLError:
c.RenderWithErr(c.Tr("form.url_error"), MIGRATE, &f) c.RenderWithErr(c.Tr("form.url_error"), MIGRATE, &f, http.StatusBadRequest)
case addrErr.IsPermissionDenied: case addrErr.IsPermissionDenied:
c.RenderWithErr(c.Tr("repo.migrate.permission_denied"), MIGRATE, &f) c.RenderWithErr(c.Tr("repo.migrate.permission_denied"), MIGRATE, &f, http.StatusForbidden)
case addrErr.IsInvalidPath: case addrErr.IsInvalidPath:
c.RenderWithErr(c.Tr("repo.migrate.invalid_local_path"), MIGRATE, &f) c.RenderWithErr(c.Tr("repo.migrate.invalid_local_path"), MIGRATE, &f, http.StatusInternalServerError)
default: default:
c.Handle(500, "Unknown error", err) c.Handle(500, "Unknown error", err)
} }
@ -217,11 +218,11 @@ func MigratePost(c *context.Context, f form.MigrateRepo) {
if strings.Contains(err.Error(), "Authentication failed") || if strings.Contains(err.Error(), "Authentication failed") ||
strings.Contains(err.Error(), "could not read Username") { strings.Contains(err.Error(), "could not read Username") {
c.Data["Err_Auth"] = true c.Data["Err_Auth"] = true
c.RenderWithErr(c.Tr("form.auth_failed", models.HandleMirrorCredentials(err.Error(), true)), MIGRATE, &f) c.RenderWithErr(c.Tr("form.auth_failed", models.HandleMirrorCredentials(err.Error(), true)), MIGRATE, &f, http.StatusUnauthorized)
return return
} else if strings.Contains(err.Error(), "fatal:") { } else if strings.Contains(err.Error(), "fatal:") {
c.Data["Err_CloneAddr"] = true c.Data["Err_CloneAddr"] = true
c.RenderWithErr(c.Tr("repo.migrate.failed", models.HandleMirrorCredentials(err.Error(), true)), MIGRATE, &f) c.RenderWithErr(c.Tr("repo.migrate.failed", models.HandleMirrorCredentials(err.Error(), true)), MIGRATE, &f, http.StatusInternalServerError)
return return
} }

23
routes/repo/setting.go
Unescape View File

@ -8,6 +8,7 @@ import (
"fmt" "fmt"
"strings" "strings"
"time" "time"
"net/http"
log "gopkg.in/clog.v1" log "gopkg.in/clog.v1"
@ -60,11 +61,11 @@ func SettingsPost(c *context.Context, f form.RepoSetting) {
c.FormErr("RepoName") c.FormErr("RepoName")
switch { switch {
case models.IsErrRepoAlreadyExist(err): case models.IsErrRepoAlreadyExist(err):
c.RenderWithErr(c.Tr("form.repo_name_been_taken"), SETTINGS_OPTIONS, &f) c.RenderWithErr(c.Tr("form.repo_name_been_taken"), SETTINGS_OPTIONS, &f, http.StatusBadRequest)
case models.IsErrNameReserved(err): case models.IsErrNameReserved(err):
c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), SETTINGS_OPTIONS, &f) c.RenderWithErr(c.Tr("repo.form.name_reserved", err.(models.ErrNameReserved).Name), SETTINGS_OPTIONS, &f, http.StatusBadRequest)
case models.IsErrNamePatternNotAllowed(err): case models.IsErrNamePatternNotAllowed(err):
c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SETTINGS_OPTIONS, &f) c.RenderWithErr(c.Tr("repo.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SETTINGS_OPTIONS, &f, http.StatusBadRequest)
default: default:
c.ServerError("ChangeRepositoryName", err) c.ServerError("ChangeRepositoryName", err)
} }
@ -163,7 +164,7 @@ func SettingsPost(c *context.Context, f form.RepoSetting) {
return return
} }
if repo.Name != f.RepoName { if repo.Name != f.RepoName {
c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil) c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest)
return return
} }
@ -197,7 +198,7 @@ func SettingsPost(c *context.Context, f form.RepoSetting) {
return return
} }
if repo.Name != f.RepoName { if repo.Name != f.RepoName {
c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil) c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest)
return return
} }
@ -214,13 +215,13 @@ func SettingsPost(c *context.Context, f form.RepoSetting) {
c.ServerError("IsUserExist", err) c.ServerError("IsUserExist", err)
return return
} else if !isExist { } else if !isExist {
c.RenderWithErr(c.Tr("form.enterred_invalid_owner_name"), SETTINGS_OPTIONS, nil) c.RenderWithErr(c.Tr("form.enterred_invalid_owner_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest)
return return
} }
if err = models.TransferOwnership(c.User, newOwner, repo); err != nil { if err = models.TransferOwnership(c.User, newOwner, repo); err != nil {
if models.IsErrRepoAlreadyExist(err) { if models.IsErrRepoAlreadyExist(err) {
c.RenderWithErr(c.Tr("repo.settings.new_owner_has_same_repo"), SETTINGS_OPTIONS, nil) c.RenderWithErr(c.Tr("repo.settings.new_owner_has_same_repo"), SETTINGS_OPTIONS, nil, http.StatusBadRequest)
} else { } else {
c.ServerError("TransferOwnership", err) c.ServerError("TransferOwnership", err)
} }
@ -236,7 +237,7 @@ func SettingsPost(c *context.Context, f form.RepoSetting) {
return return
} }
if repo.Name != f.RepoName { if repo.Name != f.RepoName {
c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil) c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest)
return return
} }
@ -262,7 +263,7 @@ func SettingsPost(c *context.Context, f form.RepoSetting) {
return return
} }
if repo.Name != f.RepoName { if repo.Name != f.RepoName {
c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil) c.RenderWithErr(c.Tr("form.enterred_invalid_repo_name"), SETTINGS_OPTIONS, nil, http.StatusBadRequest)
return return
} }
@ -603,10 +604,10 @@ func SettingsDeployKeysPost(c *context.Context, f form.AddSSHKey) {
switch { switch {
case models.IsErrKeyAlreadyExist(err): case models.IsErrKeyAlreadyExist(err):
c.Data["Err_Content"] = true c.Data["Err_Content"] = true
c.RenderWithErr(c.Tr("repo.settings.key_been_used"), SETTINGS_DEPLOY_KEYS, &f) c.RenderWithErr(c.Tr("repo.settings.key_been_used"), SETTINGS_DEPLOY_KEYS, &f, http.StatusBadRequest)
case models.IsErrKeyNameAlreadyUsed(err): case models.IsErrKeyNameAlreadyUsed(err):
c.Data["Err_Title"] = true c.Data["Err_Title"] = true
c.RenderWithErr(c.Tr("repo.settings.key_name_used"), SETTINGS_DEPLOY_KEYS, &f) c.RenderWithErr(c.Tr("repo.settings.key_name_used"), SETTINGS_DEPLOY_KEYS, &f, http.StatusBadRequest)
default: default:
c.Handle(500, "AddDeployKey", err) c.Handle(500, "AddDeployKey", err)
} }

2
routes/repo/wiki.go
Unescape View File

@ -210,7 +210,7 @@ func NewWikiPost(c *context.Context, f form.NewWiki) {
if err := c.Repo.Repository.AddWikiPage(c.User, f.Title, f.Content, f.Message); err != nil { if err := c.Repo.Repository.AddWikiPage(c.User, f.Title, f.Content, f.Message); err != nil {
if models.IsErrWikiAlreadyExist(err) { if models.IsErrWikiAlreadyExist(err) {
c.Data["Err_Title"] = true c.Data["Err_Title"] = true
c.RenderWithErr(c.Tr("repo.wiki.page_already_exists"), WIKI_NEW, &f) c.RenderWithErr(c.Tr("repo.wiki.page_already_exists"), WIKI_NEW, &f, 400)
} else { } else {
c.Handle(500, "AddWikiPage", err) c.Handle(500, "AddWikiPage", err)
} }

44
routes/user/auth.go
Unescape View File

@ -6,6 +6,7 @@ package user
import ( import (
"fmt" "fmt"
"net/http"
"net/url" "net/url"
"github.com/go-macaron/captcha" "github.com/go-macaron/captcha"
@ -85,7 +86,8 @@ func Login(c *context.Context) {
// Check auto-login. // Check auto-login.
isSucceed, err := AutoLogin(c) isSucceed, err := AutoLogin(c)
if err != nil { if err != nil {
c.Handle(500, "AutoLogin", err) log.Warn("%s authfail : Autologin failure", c.RemoteAddr())
c.Handle(http.StatusInternalServerError, "AutoLogin", err)
return return
} }
@ -106,7 +108,7 @@ func Login(c *context.Context) {
return return
} }
c.HTML(200, LOGIN) c.HTML(http.StatusOK, LOGIN)
} }
func afterLogin(c *context.Context, u *models.User, remember bool) { func afterLogin(c *context.Context, u *models.User, remember bool) {
@ -141,14 +143,16 @@ func LoginPost(c *context.Context, f form.SignIn) {
c.Data["Title"] = c.Tr("sign_in") c.Data["Title"] = c.Tr("sign_in")
if c.HasError() { if c.HasError() {
c.Success(LOGIN) log.Warn("%s authfail : Content error", c.RemoteAddr(), f.UserName)
c.HTML(http.StatusBadRequest, LOGIN)
return return
} }
u, err := models.UserSignIn(f.UserName, f.Password) u, err := models.UserSignIn(f.UserName, f.Password)
if err != nil { if err != nil {
log.Warn("%s authfail : Authentication failure for user '%s'", c.RemoteAddr(), f.UserName)
if errors.IsUserNotExist(err) { if errors.IsUserNotExist(err) {
c.RenderWithErr(c.Tr("form.username_password_incorrect"), LOGIN, &f) c.RenderWithErr(c.Tr("form.username_password_incorrect"), LOGIN, &f, http.StatusUnauthorized)
} else { } else {
c.ServerError("UserSignIn", err) c.ServerError("UserSignIn", err)
} }
@ -256,11 +260,11 @@ func SignUp(c *context.Context) {
if setting.Service.DisableRegistration { if setting.Service.DisableRegistration {
c.Data["DisableRegistration"] = true c.Data["DisableRegistration"] = true
c.HTML(200, SIGNUP) c.HTML(http.StatusOK, SIGNUP)
return return
} }
c.HTML(200, SIGNUP) c.HTML(http.StatusOK, SIGNUP)
} }
func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) { func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) {
@ -269,24 +273,24 @@ func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) {
c.Data["EnableCaptcha"] = setting.Service.EnableCaptcha c.Data["EnableCaptcha"] = setting.Service.EnableCaptcha
if setting.Service.DisableRegistration { if setting.Service.DisableRegistration {
c.Error(403) c.Error(http.StatusForbidden)
return return
} }
if c.HasError() { if c.HasError() {
c.HTML(200, SIGNUP) c.HTML(http.StatusOK, SIGNUP)
return return
} }
if setting.Service.EnableCaptcha && !cpt.VerifyReq(c.Req) { if setting.Service.EnableCaptcha && !cpt.VerifyReq(c.Req) {
c.Data["Err_Captcha"] = true c.Data["Err_Captcha"] = true
c.RenderWithErr(c.Tr("form.captcha_incorrect"), SIGNUP, &f) c.RenderWithErr(c.Tr("form.captcha_incorrect"), SIGNUP, &f, http.StatusBadRequest)
return return
} }
if f.Password != f.Retype { if f.Password != f.Retype {
c.Data["Err_Password"] = true c.Data["Err_Password"] = true
c.RenderWithErr(c.Tr("form.password_not_match"), SIGNUP, &f) c.RenderWithErr(c.Tr("form.password_not_match"), SIGNUP, &f, http.StatusBadRequest)
return return
} }
@ -300,18 +304,18 @@ func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) {
switch { switch {
case models.IsErrUserAlreadyExist(err): case models.IsErrUserAlreadyExist(err):
c.Data["Err_UserName"] = true c.Data["Err_UserName"] = true
c.RenderWithErr(c.Tr("form.username_been_taken"), SIGNUP, &f) c.RenderWithErr(c.Tr("form.username_been_taken"), SIGNUP, &f, http.StatusBadRequest)
case models.IsErrEmailAlreadyUsed(err): case models.IsErrEmailAlreadyUsed(err):
c.Data["Err_Email"] = true c.Data["Err_Email"] = true
c.RenderWithErr(c.Tr("form.email_been_used"), SIGNUP, &f) c.RenderWithErr(c.Tr("form.email_been_used"), SIGNUP, &f, http.StatusBadRequest)
case models.IsErrNameReserved(err): case models.IsErrNameReserved(err):
c.Data["Err_UserName"] = true c.Data["Err_UserName"] = true
c.RenderWithErr(c.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), SIGNUP, &f) c.RenderWithErr(c.Tr("user.form.name_reserved", err.(models.ErrNameReserved).Name), SIGNUP, &f, http.StatusBadRequest)
case models.IsErrNamePatternNotAllowed(err): case models.IsErrNamePatternNotAllowed(err):
c.Data["Err_UserName"] = true c.Data["Err_UserName"] = true
c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SIGNUP, &f) c.RenderWithErr(c.Tr("user.form.name_pattern_not_allowed", err.(models.ErrNamePatternNotAllowed).Pattern), SIGNUP, &f, http.StatusBadRequest)
default: default:
c.Handle(500, "CreateUser", err) c.Handle(http.StatusInternalServerError, "CreateUser", err)
} }
return return
} }
@ -322,7 +326,7 @@ func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) {
u.IsAdmin = true u.IsAdmin = true
u.IsActive = true u.IsActive = true
if err := models.UpdateUser(u); err != nil { if err := models.UpdateUser(u); err != nil {
c.Handle(500, "UpdateUser", err) c.Handle(http.StatusInternalServerError, "UpdateUser", err)
return return
} }
} }
@ -333,7 +337,7 @@ func SignUpPost(c *context.Context, cpt *captcha.Captcha, f form.Register) {
c.Data["IsSendRegisterMail"] = true c.Data["IsSendRegisterMail"] = true
c.Data["Email"] = u.Email c.Data["Email"] = u.Email
c.Data["Hours"] = setting.Service.ActiveCodeLives / 60 c.Data["Hours"] = setting.Service.ActiveCodeLives / 60
c.HTML(200, ACTIVATE) c.HTML(http.StatusOK, ACTIVATE)
if err := c.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil { if err := c.Cache.Put("MailResendLimit_"+u.LowerName, u.LowerName, 180); err != nil {
log.Error(4, "Set cache(MailResendLimit) fail: %v", err) log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
@ -349,7 +353,7 @@ func Activate(c *context.Context) {
if len(code) == 0 { if len(code) == 0 {
c.Data["IsActivatePage"] = true c.Data["IsActivatePage"] = true
if c.User.IsActive { if c.User.IsActive {
c.Error(404) c.Error(http.StatusNotFound)
return return
} }
// Resend confirmation email. // Resend confirmation email.
@ -455,7 +459,7 @@ func ForgotPasswdPost(c *context.Context) {
if !u.IsLocal() { if !u.IsLocal() {
c.Data["Err_Email"] = true c.Data["Err_Email"] = true
c.RenderWithErr(c.Tr("auth.non_local_account"), FORGOT_PASSWORD, nil) c.RenderWithErr(c.Tr("auth.non_local_account"), FORGOT_PASSWORD, nil, http.StatusBadRequest)
return return
} }
@ -504,7 +508,7 @@ func ResetPasswdPost(c *context.Context) {
if len(passwd) < 6 { if len(passwd) < 6 {
c.Data["IsResetForm"] = true c.Data["IsResetForm"] = true
c.Data["Err_Password"] = true c.Data["Err_Password"] = true
c.RenderWithErr(c.Tr("auth.password_too_short"), RESET_PASSWORD, nil) c.RenderWithErr(c.Tr("auth.password_too_short"), RESET_PASSWORD, nil, http.StatusBadRequest)
return return
} }

11
routes/user/setting.go
Unescape View File

@ -8,6 +8,7 @@ import (
"bytes" "bytes"
"encoding/base64" "encoding/base64"
"fmt" "fmt"
"net/http"
"html/template" "html/template"
"image/png" "image/png"
"io/ioutil" "io/ioutil"
@ -86,7 +87,7 @@ func SettingsPost(c *context.Context, f form.UpdateProfile) {
return return
} }
c.RenderWithErr(msg, SETTINGS_PROFILE, &f) c.RenderWithErr(msg, SETTINGS_PROFILE, &f, http.StatusBadRequest)
return return
} }
@ -263,7 +264,7 @@ func SettingsEmailPost(c *context.Context, f form.AddEmail) {
} }
if err := models.AddEmailAddress(email); err != nil { if err := models.AddEmailAddress(email); err != nil {
if models.IsErrEmailAlreadyUsed(err) { if models.IsErrEmailAlreadyUsed(err) {
c.RenderWithErr(c.Tr("form.email_been_used"), SETTINGS_EMAILS, &f) c.RenderWithErr(c.Tr("form.email_been_used"), SETTINGS_EMAILS, &f, http.StatusBadRequest)
} else { } else {
c.ServerError("AddEmailAddress", err) c.ServerError("AddEmailAddress", err)
} }
@ -346,10 +347,10 @@ func SettingsSSHKeysPost(c *context.Context, f form.AddSSHKey) {
switch { switch {
case models.IsErrKeyAlreadyExist(err): case models.IsErrKeyAlreadyExist(err):
c.FormErr("Content") c.FormErr("Content")
c.RenderWithErr(c.Tr("settings.ssh_key_been_used"), SETTINGS_SSH_KEYS, &f) c.RenderWithErr(c.Tr("settings.ssh_key_been_used"), SETTINGS_SSH_KEYS, &f, http.StatusBadRequest)
case models.IsErrKeyNameAlreadyUsed(err): case models.IsErrKeyNameAlreadyUsed(err):
c.FormErr("Title") c.FormErr("Title")
c.RenderWithErr(c.Tr("settings.ssh_key_name_used"), SETTINGS_SSH_KEYS, &f) c.RenderWithErr(c.Tr("settings.ssh_key_name_used"), SETTINGS_SSH_KEYS, &f, http.StatusBadRequest)
default: default:
c.ServerError("AddPublicKey", err) c.ServerError("AddPublicKey", err)
} }
@ -635,7 +636,7 @@ func SettingsDelete(c *context.Context) {
if c.Req.Method == "POST" { if c.Req.Method == "POST" {
if _, err := models.UserSignIn(c.User.Name, c.Query("password")); err != nil { if _, err := models.UserSignIn(c.User.Name, c.Query("password")); err != nil {
if errors.IsUserNotExist(err) { if errors.IsUserNotExist(err) {
c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil) c.RenderWithErr(c.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil, http.StatusUnauthorized)
} else { } else {
c.ServerError("UserSignIn", err) c.ServerError("UserSignIn", err)
} }

Write Preview
Loading…
Cancel
Save