19760043458

Committed 28 Nov 2025 09:44AM UTC coverage: 82.48% (-1.0%) from 83.465%

Build # 19760043458

Build Type

Pull #17

github

Committed by

umputun

Commit Message

test: add coverage tests for git and web handlers

add tests for checkout by branch/tag, parseFormatFromCommit,
handleLogin error paths (session creation, HTTPS cookie),
and handleKeyEdit error paths (permission denied, store error).
improves web coverage to 83% and git coverage to 78%.

Pull Request Pull Request #17: refactor(server): split into api/web subpackages with improved coverage

Run Details

400 of 468 new or added lines in 11 files covered. (85.47%)

5 existing lines in 2 files now uncovered.

2142 of 2597 relevant lines covered (82.48%)

11.35 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

88.0

/app/server/api/handler.go

// Package api provides HTTP handlers for the KV API.
package api

import (
        "errors"
        "io"
        "net/http"
        "strings"

        log "github.com/go-pkgz/lgr"
        "github.com/go-pkgz/rest"
        "github.com/go-pkgz/routegroup"

        "github.com/umputun/stash/app/git"
        "github.com/umputun/stash/app/store"
)

// sessionCookieNames defines cookie names for session authentication.
// __Host- prefix requires HTTPS, secure, path=/ (preferred for production).
// fallback cookie name works on HTTP for development.
var sessionCookieNames = []string{"__Host-stash-auth", "stash-auth"}

// GitService defines the interface for git operations.
type GitService interface {
        Commit(req git.CommitRequest) error
        Delete(key string, author git.Author) error
}

//go:generate moq -out mocks/kvstore.go -pkg mocks -skip-ensure -fmt goimports . KVStore
//go:generate moq -out mocks/authprovider.go -pkg mocks -skip-ensure -fmt goimports . AuthProvider
//go:generate moq -out mocks/formatvalidator.go -pkg mocks -skip-ensure -fmt goimports . FormatValidator
//go:generate moq -out mocks/gitservice.go -pkg mocks -skip-ensure -fmt goimports . GitService

// KVStore defines the interface for key-value storage operations.
type KVStore interface {
        Get(key string) ([]byte, error)
        GetWithFormat(key string) ([]byte, string, error)
        Set(key string, value []byte, format string) error
        Delete(key string) error
        List() ([]store.KeyInfo, error)
}

// AuthProvider defines the interface for authentication operations.
type AuthProvider interface {
        Enabled() bool
        GetSessionUser(token string) (string, bool)
        FilterUserKeys(username string, keys []string) []string
        FilterTokenKeys(token string, keys []string) []string
        FilterPublicKeys(keys []string) []string
        HasTokenACL(token string) bool
}

// FormatValidator defines the interface for format validation.
type FormatValidator interface {
        IsValidFormat(format string) bool
}

// Handler handles API requests for /kv/* endpoints.
type Handler struct {
        store           KVStore
        auth            AuthProvider
        formatValidator FormatValidator
        git             GitService
}

// New creates a new API handler.
func New(st KVStore, auth AuthProvider, fv FormatValidator, gs GitService) *Handler {
        return &Handler{
                store:           st,
                auth:            auth,
                formatValidator: fv,
                git:             gs,
        }
}

// Register registers API routes on the given router.
func (h *Handler) Register(r *routegroup.Bundle) {
        r.HandleFunc("GET /{$}", h.handleList)     // list keys (must be before {key...})
        r.HandleFunc("GET /{key...}", h.handleGet) // get specific key
        r.HandleFunc("PUT /{key...}", h.handleSet) // set key
        r.HandleFunc("DELETE /{key...}", h.handleDelete)
}

// handleList returns all keys the caller has read access to.
// GET /kv
// Optional query params: ?prefix=app/config (filter by prefix)
func (h *Handler) handleList(w http.ResponseWriter, r *http.Request) {
        keys, err := h.store.List()
        if err != nil {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusInternalServerError, err, "failed to list keys")
                return
        }

        // extract key names for filtering
        keyNames := make([]string, len(keys))
        for i, k := range keys {
                keyNames[i] = k.Key
        }

        // filter by auth permissions
        filteredNames := h.filterKeysByAuth(r, keyNames)
        if filteredNames == nil {
                // no valid auth, but this shouldn't happen since tokenAuth middleware already checked
                rest.SendErrorJSON(w, r, log.Default(), http.StatusUnauthorized, nil, "unauthorized")
                return
        }

        // convert filtered names back to KeyInfo slice
        nameSet := make(map[string]bool, len(filteredNames))
        for _, name := range filteredNames {
                nameSet[name] = true
        }
        filtered := make([]store.KeyInfo, 0, len(filteredNames))
        for _, k := range keys {
                if nameSet[k.Key] {
                        filtered = append(filtered, k)
                }
        }

        // filter by prefix if specified
        prefix := r.URL.Query().Get("prefix")
        if prefix != "" {
                var prefixed []store.KeyInfo
                for _, k := range filtered {
                        if strings.HasPrefix(k.Key, prefix) {
                                prefixed = append(prefixed, k)
                        }
                }
                filtered = prefixed
        }

        log.Printf("[DEBUG] list keys: %d found, %d after auth filter", len(keys), len(filtered))
        rest.RenderJSON(w, filtered)
}

// filterKeysByAuth filters keys based on the caller's auth credentials.
// returns nil if auth is required but caller has no valid credentials.
// priority: session cookie > Bearer token > public ACL
func (h *Handler) filterKeysByAuth(r *http.Request, keys []string) []string {
        // no auth = return all keys
        if h.auth == nil || !h.auth.Enabled() {
                return keys
        }

        // check session cookie first (authenticated user has priority over public)
        for _, cookieName := range sessionCookieNames {
                cookie, err := r.Cookie(cookieName)
                if err != nil {
                        continue
                }
                username, valid := h.auth.GetSessionUser(cookie.Value)
                if valid {
                        return h.auth.FilterUserKeys(username, keys)
                }
        }

        // check Bearer token (authenticated token has priority over public)
        authHeader := r.Header.Get("Authorization")
        if strings.HasPrefix(authHeader, "Bearer ") {
                token := strings.TrimPrefix(authHeader, "Bearer ")
                if filtered := h.auth.FilterTokenKeys(token, keys); filtered != nil {
                        return filtered
                }
        }

        // fall back to public access for unauthenticated requests
        if filtered := h.auth.FilterPublicKeys(keys); filtered != nil {
                return filtered
        }

        return nil // no valid auth
}

// handleGet retrieves the value for a key.
// GET /kv/{key...}
func (h *Handler) handleGet(w http.ResponseWriter, r *http.Request) {
        key := store.NormalizeKey(r.PathValue("key"))
        if key == "" {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusBadRequest, nil, "key is required")
                return
        }

        value, format, err := h.store.GetWithFormat(key)
        if errors.Is(err, store.ErrNotFound) {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusNotFound, err, "key not found")
                return
        }
        if err != nil {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusInternalServerError, err, "failed to get key")
                return
        }

        log.Printf("[DEBUG] get %s (%d bytes, format=%s)", key, len(value), format)

        w.Header().Set("Content-Type", h.formatToContentType(format))
        w.WriteHeader(http.StatusOK)
        if _, err := w.Write(value); err != nil {
                log.Printf("[WARN] failed to write response: %v", err)
        }
}

// formatToContentType maps storage format to HTTP Content-Type.
func (h *Handler) formatToContentType(format string) string {
        switch format {
        case "json":
                return "application/json"
        case "yaml":
                return "application/yaml"
        case "xml":
                return "application/xml"
        case "toml":
                return "application/toml"
        case "hcl", "ini", "text":
                return "text/plain"
        case "shell":
                return "text/x-shellscript"
        default:
                return "application/octet-stream"
        }
}

// handleSet stores a value for a key.
// PUT /kv/{key...}
// Accepts format via X-Stash-Format header or ?format= query param (defaults to "text").
func (h *Handler) handleSet(w http.ResponseWriter, r *http.Request) {
        key := store.NormalizeKey(r.PathValue("key"))
        if key == "" {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusBadRequest, nil, "key is required")
                return
        }

        value, err := io.ReadAll(r.Body)
        if err != nil {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusBadRequest, err, "failed to read body")
                return
        }

        // get format from header or query param, default to "text"
        format := r.Header.Get("X-Stash-Format")
        if format == "" {
                format = r.URL.Query().Get("format")
        }
        if !h.formatValidator.IsValidFormat(format) {
                format = "text"
        }

        if err := h.store.Set(key, value, format); err != nil {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusInternalServerError, err, "failed to set key")
                return
        }

        log.Printf("[INFO] set %q (%d bytes, format=%s) by %s", key, len(value), format, h.getIdentityForLog(r))

        // commit to git if enabled
        if h.git != nil {
                req := git.CommitRequest{Key: key, Value: value, Operation: "set", Format: format, Author: h.getAuthorFromRequest(r)}
                if err := h.git.Commit(req); err != nil {
                        log.Printf("[WARN] git commit failed for %s: %v", key, err)
                }
        }

        w.WriteHeader(http.StatusOK)
}

// handleDelete removes a key from the store.
// DELETE /kv/{key...}
func (h *Handler) handleDelete(w http.ResponseWriter, r *http.Request) {
        key := store.NormalizeKey(r.PathValue("key"))
        if key == "" {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusBadRequest, nil, "key is required")
                return
        }

        err := h.store.Delete(key)
        if errors.Is(err, store.ErrNotFound) {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusNotFound, err, "key not found")
                return
        }
        if err != nil {
                rest.SendErrorJSON(w, r, log.Default(), http.StatusInternalServerError, err, "failed to delete key")
                return
        }

        log.Printf("[INFO] delete %q by %s", key, h.getIdentityForLog(r))

        // delete from git if enabled
        if h.git != nil {
                if err := h.git.Delete(key, h.getAuthorFromRequest(r)); err != nil {
                        log.Printf("[WARN] git delete failed for %s: %v", key, err)
                }
        }

        w.WriteHeader(http.StatusNoContent)
}

// identityType represents the type of identity detected from a request.
type identityType int

const (
        identityAnonymous identityType = iota
        identityUser
        identityToken
)

// identity holds information about who made a request.
type identity struct {
        typ  identityType
        name string // username or token prefix
}

// getIdentity extracts identity from request context.
// returns user identity from session cookie, token identity from Authorization header, or anonymous.
func (h *Handler) getIdentity(r *http.Request) identity {
        if h.auth == nil {
                return identity{typ: identityAnonymous}
        }

        // check session cookie for web UI users
        for _, cookieName := range sessionCookieNames {
                cookie, err := r.Cookie(cookieName)
                if err != nil {
                        continue
                }
                if username, valid := h.auth.GetSessionUser(cookie.Value); valid && username != "" {
                        return identity{typ: identityUser, name: username}
                }
        }

        // check API token from Authorization header
        if authHeader := r.Header.Get("Authorization"); strings.HasPrefix(authHeader, "Bearer ") {
                token := strings.TrimPrefix(authHeader, "Bearer ")
                if h.auth.HasTokenACL(token) {
                        prefix := token
                        if len(prefix) > 8 {
                                prefix = prefix[:8]
                        }
                        return identity{typ: identityToken, name: "token:" + prefix}
                }
        }

        return identity{typ: identityAnonymous}
}

// getAuthorFromRequest extracts the git author from request context.
// returns username from session cookie for web UI users, token prefix for API tokens, default author otherwise.
func (h *Handler) getAuthorFromRequest(r *http.Request) git.Author {
        id := h.getIdentity(r)
        switch id.typ {
        case identityUser, identityToken:
                return git.Author{Name: id.name, Email: id.name + "@stash"}
        default:
                return git.DefaultAuthor()
        }
}

// getIdentityForLog returns identity string for audit logging.
// returns "user:xxx" for web UI users, "token:xxx" for API tokens, "anonymous" otherwise.
func (h *Handler) getIdentityForLog(r *http.Request) string {
        id := h.getIdentity(r)
        switch id.typ {
        case identityUser:
                return "user:" + id.name
        case identityToken:
                return id.name // already has "token:" prefix
        default:
                return "anonymous"
        }
}

1	// Package api provides HTTP handlers for the KV API.
2	package api
3
4	import (
5	"errors"
6	"io"
7	"net/http"
8	"strings"
9
10	log "github.com/go-pkgz/lgr"
11	"github.com/go-pkgz/rest"
12	"github.com/go-pkgz/routegroup"
13
14	"github.com/umputun/stash/app/git"
15	"github.com/umputun/stash/app/store"
16	)
17
18	// sessionCookieNames defines cookie names for session authentication.
19	// __Host- prefix requires HTTPS, secure, path=/ (preferred for production).
20	// fallback cookie name works on HTTP for development.
21	var sessionCookieNames = []string{"__Host-stash-auth", "stash-auth"}
22
23	// GitService defines the interface for git operations.
24	type GitService interface {
25	Commit(req git.CommitRequest) error
26	Delete(key string, author git.Author) error
27	}
28
29	//go:generate moq -out mocks/kvstore.go -pkg mocks -skip-ensure -fmt goimports . KVStore
30	//go:generate moq -out mocks/authprovider.go -pkg mocks -skip-ensure -fmt goimports . AuthProvider
31	//go:generate moq -out mocks/formatvalidator.go -pkg mocks -skip-ensure -fmt goimports . FormatValidator
32	//go:generate moq -out mocks/gitservice.go -pkg mocks -skip-ensure -fmt goimports . GitService
33
34	// KVStore defines the interface for key-value storage operations.
35	type KVStore interface {
36	Get(key string) ([]byte, error)
37	GetWithFormat(key string) ([]byte, string, error)
38	Set(key string, value []byte, format string) error
39	Delete(key string) error
40	List() ([]store.KeyInfo, error)
41	}
42
43	// AuthProvider defines the interface for authentication operations.
44	type AuthProvider interface {
45	Enabled() bool
46	GetSessionUser(token string) (string, bool)
47	FilterUserKeys(username string, keys []string) []string
48	FilterTokenKeys(token string, keys []string) []string
49	FilterPublicKeys(keys []string) []string
50	HasTokenACL(token string) bool
51	}
52
53	// FormatValidator defines the interface for format validation.
54	type FormatValidator interface {
55	IsValidFormat(format string) bool
56	}
57
58	// Handler handles API requests for /kv/* endpoints.
59	type Handler struct {
60	store KVStore
61	auth AuthProvider
62	formatValidator FormatValidator
63	git GitService
64	}
65
66	// New creates a new API handler.
67	func New(st KVStore, auth AuthProvider, fv FormatValidator, gs GitService) *Handler {	28✔
68	return &Handler{	28✔
69	store: st,	28✔
70	auth: auth,	28✔
71	formatValidator: fv,	28✔
72	git: gs,	28✔
73	}	28✔
74	}	28✔
75
76	// Register registers API routes on the given router.
NEW 77	func (h Handler) Register(r routegroup.Bundle) {	×
NEW 78	r.HandleFunc("GET /{$}", h.handleList) // list keys (must be before {key...})	×
NEW 79	r.HandleFunc("GET /{key...}", h.handleGet) // get specific key	×
NEW 80	r.HandleFunc("PUT /{key...}", h.handleSet) // set key	×
NEW 81	r.HandleFunc("DELETE /{key...}", h.handleDelete)	×
NEW 82	}	×
83
84	// handleList returns all keys the caller has read access to.
85	// GET /kv
86	// Optional query params: ?prefix=app/config (filter by prefix)
87	func (h Handler) handleList(w http.ResponseWriter, r http.Request) {	3✔
88	keys, err := h.store.List()	3✔
89	if err != nil {	4✔
90	rest.SendErrorJSON(w, r, log.Default(), http.StatusInternalServerError, err, "failed to list keys")	1✔
91	return	1✔
92	}	1✔
93
94	// extract key names for filtering
95	keyNames := make([]string, len(keys))	2✔
96	for i, k := range keys {	7✔
97	keyNames[i] = k.Key	5✔
98	}	5✔
99
100	// filter by auth permissions
101	filteredNames := h.filterKeysByAuth(r, keyNames)	2✔
102	if filteredNames == nil {	2✔
103	// no valid auth, but this shouldn't happen since tokenAuth middleware already checked	×
104	rest.SendErrorJSON(w, r, log.Default(), http.StatusUnauthorized, nil, "unauthorized")	×
105	return	×
106	}	×
107
108	// convert filtered names back to KeyInfo slice
109	nameSet := make(map[string]bool, len(filteredNames))	2✔
110	for _, name := range filteredNames {	7✔
111	nameSet[name] = true	5✔
112	}	5✔
113	filtered := make([]store.KeyInfo, 0, len(filteredNames))	2✔
114	for _, k := range keys {	7✔
115	if nameSet[k.Key] {	10✔
116	filtered = append(filtered, k)	5✔
117	}	5✔
118	}
119
120	// filter by prefix if specified
121	prefix := r.URL.Query().Get("prefix")	2✔
122	if prefix != "" {	3✔
123	var prefixed []store.KeyInfo	1✔
124	for _, k := range filtered {	4✔
125	if strings.HasPrefix(k.Key, prefix) {	5✔
126	prefixed = append(prefixed, k)	2✔
127	}	2✔
128	}
129	filtered = prefixed	1✔
130	}
131
132	log.Printf("[DEBUG] list keys: %d found, %d after auth filter", len(keys), len(filtered))	2✔
133	rest.RenderJSON(w, filtered)	2✔
134	}
135
136	// filterKeysByAuth filters keys based on the caller's auth credentials.
137	// returns nil if auth is required but caller has no valid credentials.
138	// priority: session cookie > Bearer token > public ACL
139	func (h Handler) filterKeysByAuth(r http.Request, keys []string) []string {	7✔
140	// no auth = return all keys	7✔
141	if h.auth == nil \|\| !h.auth.Enabled() {	10✔
142	return keys	3✔
143	}	3✔
144
145	// check session cookie first (authenticated user has priority over public)
146	for _, cookieName := range sessionCookieNames {	12✔
147	cookie, err := r.Cookie(cookieName)	8✔
148	if err != nil {	15✔
149	continue	7✔
150	}
151	username, valid := h.auth.GetSessionUser(cookie.Value)	1✔
152	if valid {	2✔
153	return h.auth.FilterUserKeys(username, keys)	1✔
154	}	1✔
155	}
156
157	// check Bearer token (authenticated token has priority over public)
158	authHeader := r.Header.Get("Authorization")	3✔
159	if strings.HasPrefix(authHeader, "Bearer ") {	4✔
160	token := strings.TrimPrefix(authHeader, "Bearer ")	1✔
161	if filtered := h.auth.FilterTokenKeys(token, keys); filtered != nil {	2✔
162	return filtered	1✔
163	}	1✔
164	}
165
166	// fall back to public access for unauthenticated requests
167	if filtered := h.auth.FilterPublicKeys(keys); filtered != nil {	3✔
168	return filtered	1✔
169	}	1✔
170
171	return nil // no valid auth	1✔
172	}
173
174	// handleGet retrieves the value for a key.
175	// GET /kv/{key...}
176	func (h Handler) handleGet(w http.ResponseWriter, r http.Request) {	4✔
177	key := store.NormalizeKey(r.PathValue("key"))	4✔
178	if key == "" {	5✔
179	rest.SendErrorJSON(w, r, log.Default(), http.StatusBadRequest, nil, "key is required")	1✔
180	return	1✔
181	}	1✔
182
183	value, format, err := h.store.GetWithFormat(key)	3✔
184	if errors.Is(err, store.ErrNotFound) {	4✔
185	rest.SendErrorJSON(w, r, log.Default(), http.StatusNotFound, err, "key not found")	1✔
186	return	1✔
187	}	1✔
188	if err != nil {	2✔
189	rest.SendErrorJSON(w, r, log.Default(), http.StatusInternalServerError, err, "failed to get key")	×
190	return	×
191	}	×
192
193	log.Printf("[DEBUG] get %s (%d bytes, format=%s)", key, len(value), format)	2✔
194		2✔
195	w.Header().Set("Content-Type", h.formatToContentType(format))	2✔
196	w.WriteHeader(http.StatusOK)	2✔
197	if _, err := w.Write(value); err != nil {	2✔
198	log.Printf("[WARN] failed to write response: %v", err)	×
199	}	×
200	}
201
202	// formatToContentType maps storage format to HTTP Content-Type.
203	func (h *Handler) formatToContentType(format string) string {	11✔
204	switch format {	11✔
205	case "json":	2✔
206	return "application/json"	2✔
207	case "yaml":	1✔
208	return "application/yaml"	1✔
209	case "xml":	1✔
210	return "application/xml"	1✔
211	case "toml":	1✔
212	return "application/toml"	1✔
213	case "hcl", "ini", "text":	4✔
214	return "text/plain"	4✔
215	case "shell":	1✔
216	return "text/x-shellscript"	1✔
217	default:	1✔
218	return "application/octet-stream"	1✔
219	}
220	}
221
222	// handleSet stores a value for a key.
223	// PUT /kv/{key...}
224	// Accepts format via X-Stash-Format header or ?format= query param (defaults to "text").
225	func (h Handler) handleSet(w http.ResponseWriter, r http.Request) {	7✔
226	key := store.NormalizeKey(r.PathValue("key"))	7✔
227	if key == "" {	8✔
228	rest.SendErrorJSON(w, r, log.Default(), http.StatusBadRequest, nil, "key is required")	1✔
229	return	1✔
230	}	1✔
231
232	value, err := io.ReadAll(r.Body)	6✔
233	if err != nil {	6✔
234	rest.SendErrorJSON(w, r, log.Default(), http.StatusBadRequest, err, "failed to read body")	×
235	return	×
236	}	×
237
238	// get format from header or query param, default to "text"
239	format := r.Header.Get("X-Stash-Format")	6✔
240	if format == "" {	10✔
241	format = r.URL.Query().Get("format")	4✔
242	}	4✔
243	if !h.formatValidator.IsValidFormat(format) {	10✔
244	format = "text"	4✔
245	}	4✔
246
247	if err := h.store.Set(key, value, format); err != nil {	7✔
248	rest.SendErrorJSON(w, r, log.Default(), http.StatusInternalServerError, err, "failed to set key")	1✔
249	return	1✔
250	}	1✔
251
252	log.Printf("[INFO] set %q (%d bytes, format=%s) by %s", key, len(value), format, h.getIdentityForLog(r))	5✔
253		5✔
254	// commit to git if enabled	5✔
255	if h.git != nil {	6✔
256	req := git.CommitRequest{Key: key, Value: value, Operation: "set", Format: format, Author: h.getAuthorFromRequest(r)}	1✔
257	if err := h.git.Commit(req); err != nil {	1✔
NEW 258	log.Printf("[WARN] git commit failed for %s: %v", key, err)	×
NEW 259	}	×
260	}
261
262	w.WriteHeader(http.StatusOK)	5✔
263	}
264
265	// handleDelete removes a key from the store.
266	// DELETE /kv/{key...}
267	func (h Handler) handleDelete(w http.ResponseWriter, r http.Request) {	5✔
268	key := store.NormalizeKey(r.PathValue("key"))	5✔
269	if key == "" {	6✔
270	rest.SendErrorJSON(w, r, log.Default(), http.StatusBadRequest, nil, "key is required")	1✔
271	return	1✔
272	}	1✔
273
274	err := h.store.Delete(key)	4✔
275	if errors.Is(err, store.ErrNotFound) {	5✔
276	rest.SendErrorJSON(w, r, log.Default(), http.StatusNotFound, err, "key not found")	1✔
277	return	1✔
278	}	1✔
279	if err != nil {	4✔
280	rest.SendErrorJSON(w, r, log.Default(), http.StatusInternalServerError, err, "failed to delete key")	1✔
281	return	1✔
282	}	1✔
283
284	log.Printf("[INFO] delete %q by %s", key, h.getIdentityForLog(r))	2✔
285		2✔
286	// delete from git if enabled	2✔
287	if h.git != nil {	3✔
288	if err := h.git.Delete(key, h.getAuthorFromRequest(r)); err != nil {	1✔
NEW 289	log.Printf("[WARN] git delete failed for %s: %v", key, err)	×
NEW 290	}	×
291	}
292
293	w.WriteHeader(http.StatusNoContent)	2✔
294	}
295
296	// identityType represents the type of identity detected from a request.
297	type identityType int
298
299	const (
300	identityAnonymous identityType = iota
301	identityUser
302	identityToken
303	)
304
305	// identity holds information about who made a request.
306	type identity struct {
307	typ identityType
308	name string // username or token prefix
309	}
310
311	// getIdentity extracts identity from request context.
312	// returns user identity from session cookie, token identity from Authorization header, or anonymous.
313	func (h Handler) getIdentity(r http.Request) identity {	17✔
314	if h.auth == nil {	19✔
315	return identity{typ: identityAnonymous}	2✔
316	}	2✔
317
318	// check session cookie for web UI users
319	for _, cookieName := range sessionCookieNames {	45✔
320	cookie, err := r.Cookie(cookieName)	30✔
321	if err != nil {	57✔
322	continue	27✔
323	}
324	if username, valid := h.auth.GetSessionUser(cookie.Value); valid && username != "" {	6✔
325	return identity{typ: identityUser, name: username}	3✔
326	}	3✔
327	}
328
329	// check API token from Authorization header
330	if authHeader := r.Header.Get("Authorization"); strings.HasPrefix(authHeader, "Bearer ") {	14✔
331	token := strings.TrimPrefix(authHeader, "Bearer ")	2✔
332	if h.auth.HasTokenACL(token) {	4✔
333	prefix := token	2✔
334	if len(prefix) > 8 {	4✔
335	prefix = prefix[:8]	2✔
336	}	2✔
337	return identity{typ: identityToken, name: "token:" + prefix}	2✔
338	}
339	}
340
341	return identity{typ: identityAnonymous}	10✔
342	}
343
344	// getAuthorFromRequest extracts the git author from request context.
345	// returns username from session cookie for web UI users, token prefix for API tokens, default author otherwise.
346	func (h Handler) getAuthorFromRequest(r http.Request) git.Author {	5✔
347	id := h.getIdentity(r)	5✔
348	switch id.typ {	5✔
349	case identityUser, identityToken:	2✔
350	return git.Author{Name: id.name, Email: id.name + "@stash"}	2✔
351	default:	3✔
352	return git.DefaultAuthor()	3✔
353	}
354	}
355
356	// getIdentityForLog returns identity string for audit logging.
357	// returns "user:xxx" for web UI users, "token:xxx" for API tokens, "anonymous" otherwise.
358	func (h Handler) getIdentityForLog(r http.Request) string {	9✔
359	id := h.getIdentity(r)	9✔
360	switch id.typ {	9✔
361	case identityUser:	1✔
362	return "user:" + id.name	1✔
363	case identityToken:	×
364	return id.name // already has "token:" prefix	×
365	default:	8✔
366	return "anonymous"	8✔
367	}
368	}

umputun / stash / 19760043458

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous