diff options
| author | Daniel Baumann <daniel@debian.org> | 2024-10-18 20:33:49 +0200 |
|---|---|---|
| committer | Daniel Baumann <daniel@debian.org> | 2024-12-12 23:57:56 +0100 |
| commit | e68b9d00a6e05b3a941f63ffb696f91e554ac5ec (patch) | |
| tree | 97775d6c13b0f416af55314eb6a89ef792474615 /models/asymkey/gpg_key_commit_verification.go | |
| parent | Initial commit. (diff) | |
| download | forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.tar.xz forgejo-e68b9d00a6e05b3a941f63ffb696f91e554ac5ec.zip | |
Adding upstream version 9.0.3.
Signed-off-by: Daniel Baumann <daniel@debian.org>
Diffstat (limited to 'models/asymkey/gpg_key_commit_verification.go')
| -rw-r--r-- | models/asymkey/gpg_key_commit_verification.go | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/models/asymkey/gpg_key_commit_verification.go b/models/asymkey/gpg_key_commit_verification.go new file mode 100644 index 0000000..9aa6064 --- /dev/null +++ b/models/asymkey/gpg_key_commit_verification.go @@ -0,0 +1,63 @@ +// Copyright 2021 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package asymkey + +import ( + "context" + + repo_model "code.gitea.io/gitea/models/repo" + user_model "code.gitea.io/gitea/models/user" + "code.gitea.io/gitea/modules/git" +) + +// __________________ ________ ____ __. +// / _____/\______ \/ _____/ | |/ _|____ ___.__. +// / \ ___ | ___/ \ ___ | <_/ __ < | | +// \ \_\ \| | \ \_\ \ | | \ ___/\___ | +// \______ /|____| \______ / |____|__ \___ > ____| +// \/ \/ \/ \/\/ +// _________ .__ __ +// \_ ___ \ ____ _____ _____ |__|/ |_ +// / \ \/ / _ \ / \ / \| \ __\ +// \ \___( <_> ) Y Y \ Y Y \ || | +// \______ /\____/|__|_| /__|_| /__||__| +// \/ \/ \/ +// ____ ____ .__ _____.__ __ .__ +// \ \ / /___________|__|/ ____\__| ____ _____ _/ |_|__| ____ ____ +// \ Y // __ \_ __ \ \ __\| |/ ___\\__ \\ __\ |/ _ \ / \ +// \ /\ ___/| | \/ || | | \ \___ / __ \| | | ( <_> ) | \ +// \___/ \___ >__| |__||__| |__|\___ >____ /__| |__|\____/|___| / +// \/ \/ \/ \/ + +// This file provides functions relating commit verification + +// SignCommit represents a commit with validation of signature. +type SignCommit struct { + Verification *ObjectVerification + *user_model.UserCommit +} + +// ParseCommitsWithSignature checks if signaute of commits are corresponding to users gpg keys. +func ParseCommitsWithSignature(ctx context.Context, oldCommits []*user_model.UserCommit, repoTrustModel repo_model.TrustModelType, isOwnerMemberCollaborator func(*user_model.User) (bool, error)) []*SignCommit { + newCommits := make([]*SignCommit, 0, len(oldCommits)) + keyMap := map[string]bool{} + + for _, c := range oldCommits { + o := commitToGitObject(c.Commit) + signCommit := &SignCommit{ + UserCommit: c, + Verification: ParseObjectWithSignature(ctx, &o), + } + + _ = CalculateTrustStatus(signCommit.Verification, repoTrustModel, isOwnerMemberCollaborator, &keyMap) + + newCommits = append(newCommits, signCommit) + } + return newCommits +} + +func ParseCommitWithSignature(ctx context.Context, c *git.Commit) *ObjectVerification { + o := commitToGitObject(c) + return ParseObjectWithSignature(ctx, &o) +} |