From dd136858f1ea40ad3c94191d647487fa4f31926c Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Fri, 18 Oct 2024 20:33:49 +0200 Subject: Adding upstream version 9.0.0. Signed-off-by: Daniel Baumann --- modules/base/base.go | 9 ++ modules/base/natural_sort.go | 90 +++++++++++++++ modules/base/natural_sort_test.go | 29 +++++ modules/base/tool.go | 234 ++++++++++++++++++++++++++++++++++++++ modules/base/tool_test.go | 186 ++++++++++++++++++++++++++++++ 5 files changed, 548 insertions(+) create mode 100644 modules/base/base.go create mode 100644 modules/base/natural_sort.go create mode 100644 modules/base/natural_sort_test.go create mode 100644 modules/base/tool.go create mode 100644 modules/base/tool_test.go (limited to 'modules/base') diff --git a/modules/base/base.go b/modules/base/base.go new file mode 100644 index 0000000..dddce20 --- /dev/null +++ b/modules/base/base.go @@ -0,0 +1,9 @@ +// Copyright 2014 The Gogs Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package base + +type ( + // TplName template relative path type + TplName string +) diff --git a/modules/base/natural_sort.go b/modules/base/natural_sort.go new file mode 100644 index 0000000..5b5febb --- /dev/null +++ b/modules/base/natural_sort.go @@ -0,0 +1,90 @@ +// Copyright 2017 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package base + +import ( + "math/big" + "strings" + "unicode/utf8" +) + +// NaturalSortLess compares two strings so that they could be sorted in natural order +func NaturalSortLess(s1, s2 string) bool { + s1, s2 = strings.ToLower(s1), strings.ToLower(s2) + var i1, i2 int + for { + rune1, j1, end1 := getNextRune(s1, i1) + rune2, j2, end2 := getNextRune(s2, i2) + if end1 || end2 { + return end1 != end2 && end1 + } + dec1 := isDecimal(rune1) + dec2 := isDecimal(rune2) + var less, equal bool + if dec1 && dec2 { + i1, i2, less, equal = compareByNumbers(s1, i1, s2, i2) + } else if !dec1 && !dec2 { + equal = rune1 == rune2 + less = rune1 < rune2 + i1 = j1 + i2 = j2 + } else { + return rune1 < rune2 + } + if !equal { + return less + } + } +} + +func getNextRune(str string, pos int) (rune, int, bool) { + if pos < len(str) { + r, w := utf8.DecodeRuneInString(str[pos:]) + // Fallback to ascii + if r == utf8.RuneError { + r = rune(str[pos]) + w = 1 + } + return r, pos + w, false + } + return 0, pos, true +} + +func isDecimal(r rune) bool { + return '0' <= r && r <= '9' +} + +func compareByNumbers(str1 string, pos1 int, str2 string, pos2 int) (i1, i2 int, less, equal bool) { + d1, d2 := true, true + var dec1, dec2 string + for d1 || d2 { + if d1 { + r, j, end := getNextRune(str1, pos1) + if !end && isDecimal(r) { + dec1 += string(r) + pos1 = j + } else { + d1 = false + } + } + if d2 { + r, j, end := getNextRune(str2, pos2) + if !end && isDecimal(r) { + dec2 += string(r) + pos2 = j + } else { + d2 = false + } + } + } + less, equal = compareBigNumbers(dec1, dec2) + return pos1, pos2, less, equal +} + +func compareBigNumbers(dec1, dec2 string) (less, equal bool) { + d1, _ := big.NewInt(0).SetString(dec1, 10) + d2, _ := big.NewInt(0).SetString(dec2, 10) + cmp := d1.Cmp(d2) + return cmp < 0, cmp == 0 +} diff --git a/modules/base/natural_sort_test.go b/modules/base/natural_sort_test.go new file mode 100644 index 0000000..7378d9a --- /dev/null +++ b/modules/base/natural_sort_test.go @@ -0,0 +1,29 @@ +// Copyright 2017 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package base + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestNaturalSortLess(t *testing.T) { + test := func(s1, s2 string, less bool) { + assert.Equal(t, less, NaturalSortLess(s1, s2)) + } + test("v1.20.0", "v1.2.0", false) + test("v1.20.0", "v1.29.0", true) + test("v1.20.0", "v1.20.0", false) + test("abc", "bcd", true) + test("a-1-a", "a-1-b", true) + test("2", "12", true) + test("a", "ab", true) + + // Test for case insensitive. + test("A", "ab", true) + test("B", "ab", false) + test("a", "AB", true) + test("b", "AB", false) +} diff --git a/modules/base/tool.go b/modules/base/tool.go new file mode 100644 index 0000000..7612fff --- /dev/null +++ b/modules/base/tool.go @@ -0,0 +1,234 @@ +// Copyright 2014 The Gogs Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package base + +import ( + "crypto/hmac" + "crypto/sha1" + "crypto/sha256" + "crypto/subtle" + "encoding/base64" + "encoding/hex" + "errors" + "fmt" + "hash" + "os" + "path/filepath" + "runtime" + "strconv" + "strings" + "time" + "unicode/utf8" + + "code.gitea.io/gitea/modules/git" + "code.gitea.io/gitea/modules/log" + "code.gitea.io/gitea/modules/setting" + + "github.com/dustin/go-humanize" +) + +// EncodeSha256 string to sha256 hex value. +func EncodeSha256(str string) string { + h := sha256.New() + _, _ = h.Write([]byte(str)) + return hex.EncodeToString(h.Sum(nil)) +} + +// ShortSha is basically just truncating. +// It is DEPRECATED and will be removed in the future. +func ShortSha(sha1 string) string { + return TruncateString(sha1, 10) +} + +// BasicAuthDecode decode basic auth string +func BasicAuthDecode(encoded string) (string, string, error) { + s, err := base64.StdEncoding.DecodeString(encoded) + if err != nil { + return "", "", err + } + + if username, password, ok := strings.Cut(string(s), ":"); ok { + return username, password, nil + } + return "", "", errors.New("invalid basic authentication") +} + +// VerifyTimeLimitCode verify time limit code +func VerifyTimeLimitCode(now time.Time, data string, minutes int, code string) bool { + if len(code) <= 18 { + return false + } + + startTimeStr := code[:12] + aliveTimeStr := code[12:18] + aliveTime, _ := strconv.Atoi(aliveTimeStr) // no need to check err, if anything wrong, the following code check will fail soon + + // check code + retCode := CreateTimeLimitCode(data, aliveTime, startTimeStr, nil) + if subtle.ConstantTimeCompare([]byte(retCode), []byte(code)) != 1 { + retCode = CreateTimeLimitCode(data, aliveTime, startTimeStr, sha1.New()) // TODO: this is only for the support of legacy codes, remove this in/after 1.23 + if subtle.ConstantTimeCompare([]byte(retCode), []byte(code)) != 1 { + return false + } + } + + // check time is expired or not: startTime <= now && now < startTime + minutes + startTime, _ := time.ParseInLocation("200601021504", startTimeStr, time.Local) + return (startTime.Before(now) || startTime.Equal(now)) && now.Before(startTime.Add(time.Minute*time.Duration(minutes))) +} + +// TimeLimitCodeLength default value for time limit code +const TimeLimitCodeLength = 12 + 6 + 40 + +// CreateTimeLimitCode create a time-limited code. +// Format: 12 length date time string + 6 minutes string (not used) + 40 hash string, some other code depends on this fixed length +// If h is nil, then use the default hmac hash. +func CreateTimeLimitCode[T time.Time | string](data string, minutes int, startTimeGeneric T, h hash.Hash) string { + const format = "200601021504" + + var start time.Time + var startTimeAny any = startTimeGeneric + if t, ok := startTimeAny.(time.Time); ok { + start = t + } else { + var err error + start, err = time.ParseInLocation(format, startTimeAny.(string), time.Local) + if err != nil { + return "" // return an invalid code because the "parse" failed + } + } + startStr := start.Format(format) + end := start.Add(time.Minute * time.Duration(minutes)) + + if h == nil { + h = hmac.New(sha1.New, setting.GetGeneralTokenSigningSecret()) + } + _, _ = fmt.Fprintf(h, "%s%s%s%s%d", data, hex.EncodeToString(setting.GetGeneralTokenSigningSecret()), startStr, end.Format(format), minutes) + encoded := hex.EncodeToString(h.Sum(nil)) + + code := fmt.Sprintf("%s%06d%s", startStr, minutes, encoded) + if len(code) != TimeLimitCodeLength { + panic("there is a hard requirement for the length of time-limited code") // it shouldn't happen + } + return code +} + +// FileSize calculates the file size and generate user-friendly string. +func FileSize(s int64) string { + return humanize.IBytes(uint64(s)) +} + +// EllipsisString returns a truncated short string, +// it appends '...' in the end of the length of string is too large. +func EllipsisString(str string, length int) string { + if length <= 3 { + return "..." + } + if utf8.RuneCountInString(str) <= length { + return str + } + return string([]rune(str)[:length-3]) + "..." +} + +// TruncateString returns a truncated string with given limit, +// it returns input string if length is not reached limit. +func TruncateString(str string, limit int) string { + if utf8.RuneCountInString(str) < limit { + return str + } + return string([]rune(str)[:limit]) +} + +// StringsToInt64s converts a slice of string to a slice of int64. +func StringsToInt64s(strs []string) ([]int64, error) { + if strs == nil { + return nil, nil + } + ints := make([]int64, 0, len(strs)) + for _, s := range strs { + n, err := strconv.ParseInt(s, 10, 64) + if err != nil { + return nil, err + } + ints = append(ints, n) + } + return ints, nil +} + +// Int64sToStrings converts a slice of int64 to a slice of string. +func Int64sToStrings(ints []int64) []string { + strs := make([]string, len(ints)) + for i := range ints { + strs[i] = strconv.FormatInt(ints[i], 10) + } + return strs +} + +// EntryIcon returns the octicon class for displaying files/directories +func EntryIcon(entry *git.TreeEntry) string { + switch { + case entry.IsLink(): + te, _, err := entry.FollowLink() + if err != nil { + log.Debug(err.Error()) + return "file-symlink-file" + } + if te.IsDir() { + return "file-directory-symlink" + } + return "file-symlink-file" + case entry.IsDir(): + return "file-directory-fill" + case entry.IsSubModule(): + return "file-submodule" + } + + return "file" +} + +// SetupGiteaRoot Sets GITEA_ROOT if it is not already set and returns the value +func SetupGiteaRoot() string { + giteaRoot := os.Getenv("GITEA_ROOT") + if giteaRoot == "" { + _, filename, _, _ := runtime.Caller(0) + giteaRoot = strings.TrimSuffix(filename, "modules/base/tool.go") + wd, err := os.Getwd() + if err != nil { + rel, err := filepath.Rel(giteaRoot, wd) + if err != nil && strings.HasPrefix(filepath.ToSlash(rel), "../") { + giteaRoot = wd + } + } + if _, err := os.Stat(filepath.Join(giteaRoot, "gitea")); os.IsNotExist(err) { + giteaRoot = "" + } else if err := os.Setenv("GITEA_ROOT", giteaRoot); err != nil { + giteaRoot = "" + } + } + return giteaRoot +} + +// FormatNumberSI format a number +func FormatNumberSI(data any) string { + var num int64 + if num1, ok := data.(int64); ok { + num = num1 + } else if num1, ok := data.(int); ok { + num = int64(num1) + } else { + return "" + } + + if num < 1000 { + return fmt.Sprintf("%d", num) + } else if num < 1000000 { + num2 := float32(num) / float32(1000.0) + return fmt.Sprintf("%.1fk", num2) + } else if num < 1000000000 { + num2 := float32(num) / float32(1000000.0) + return fmt.Sprintf("%.1fM", num2) + } + num2 := float32(num) / float32(1000000000.0) + return fmt.Sprintf("%.1fG", num2) +} diff --git a/modules/base/tool_test.go b/modules/base/tool_test.go new file mode 100644 index 0000000..81fd4b6 --- /dev/null +++ b/modules/base/tool_test.go @@ -0,0 +1,186 @@ +// Copyright 2020 The Gitea Authors. All rights reserved. +// SPDX-License-Identifier: MIT + +package base + +import ( + "crypto/sha1" + "fmt" + "testing" + "time" + + "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/test" + + "github.com/stretchr/testify/assert" + "github.com/stretchr/testify/require" +) + +func TestEncodeSha256(t *testing.T) { + assert.Equal(t, + "c3ab8ff13720e8ad9047dd39466b3c8974e592c2fa383d4a3960714caef0c4f2", + EncodeSha256("foobar"), + ) +} + +func TestShortSha(t *testing.T) { + assert.Equal(t, "veryverylo", ShortSha("veryverylong")) +} + +func TestBasicAuthDecode(t *testing.T) { + _, _, err := BasicAuthDecode("?") + assert.Equal(t, "illegal base64 data at input byte 0", err.Error()) + + user, pass, err := BasicAuthDecode("Zm9vOmJhcg==") + require.NoError(t, err) + assert.Equal(t, "foo", user) + assert.Equal(t, "bar", pass) + + _, _, err = BasicAuthDecode("aW52YWxpZA==") + require.Error(t, err) + + _, _, err = BasicAuthDecode("invalid") + require.Error(t, err) + + _, _, err = BasicAuthDecode("YWxpY2U=") // "alice", no colon + require.Error(t, err) +} + +func TestVerifyTimeLimitCode(t *testing.T) { + defer test.MockVariableValue(&setting.InstallLock, true)() + initGeneralSecret := func(secret string) { + setting.InstallLock = true + setting.CfgProvider, _ = setting.NewConfigProviderFromData(fmt.Sprintf(` +[oauth2] +JWT_SECRET = %s +`, secret)) + setting.LoadCommonSettings() + } + + initGeneralSecret("KZb_QLUd4fYVyxetjxC4eZkrBgWM2SndOOWDNtgUUko") + now := time.Now() + + t.Run("TestGenericParameter", func(t *testing.T) { + time2000 := time.Date(2000, 1, 2, 3, 4, 5, 0, time.Local) + assert.Equal(t, "2000010203040000026fa5221b2731b7cf80b1b506f5e39e38c115fee5", CreateTimeLimitCode("test-sha1", 2, time2000, sha1.New())) + assert.Equal(t, "2000010203040000026fa5221b2731b7cf80b1b506f5e39e38c115fee5", CreateTimeLimitCode("test-sha1", 2, "200001020304", sha1.New())) + assert.Equal(t, "2000010203040000024842227a2f87041ff82025199c0187410a9297bf", CreateTimeLimitCode("test-hmac", 2, time2000, nil)) + assert.Equal(t, "2000010203040000024842227a2f87041ff82025199c0187410a9297bf", CreateTimeLimitCode("test-hmac", 2, "200001020304", nil)) + }) + + t.Run("TestInvalidCode", func(t *testing.T) { + assert.False(t, VerifyTimeLimitCode(now, "data", 2, "")) + assert.False(t, VerifyTimeLimitCode(now, "data", 2, "invalid code")) + }) + + t.Run("TestCreateAndVerify", func(t *testing.T) { + code := CreateTimeLimitCode("data", 2, now, nil) + assert.False(t, VerifyTimeLimitCode(now.Add(-time.Minute), "data", 2, code)) // not started yet + assert.True(t, VerifyTimeLimitCode(now, "data", 2, code)) + assert.True(t, VerifyTimeLimitCode(now.Add(time.Minute), "data", 2, code)) + assert.False(t, VerifyTimeLimitCode(now.Add(time.Minute), "DATA", 2, code)) // invalid data + assert.False(t, VerifyTimeLimitCode(now.Add(2*time.Minute), "data", 2, code)) // expired + }) + + t.Run("TestDifferentSecret", func(t *testing.T) { + // use another secret to ensure the code is invalid for different secret + verifyDataCode := func(c string) bool { + return VerifyTimeLimitCode(now, "data", 2, c) + } + code1 := CreateTimeLimitCode("data", 2, now, sha1.New()) + code2 := CreateTimeLimitCode("data", 2, now, nil) + assert.True(t, verifyDataCode(code1)) + assert.True(t, verifyDataCode(code2)) + initGeneralSecret("000_QLUd4fYVyxetjxC4eZkrBgWM2SndOOWDNtgUUko") + assert.False(t, verifyDataCode(code1)) + assert.False(t, verifyDataCode(code2)) + }) +} + +func TestFileSize(t *testing.T) { + var size int64 = 512 + assert.Equal(t, "512 B", FileSize(size)) + size *= 1024 + assert.Equal(t, "512 KiB", FileSize(size)) + size *= 1024 + assert.Equal(t, "512 MiB", FileSize(size)) + size *= 1024 + assert.Equal(t, "512 GiB", FileSize(size)) + size *= 1024 + assert.Equal(t, "512 TiB", FileSize(size)) + size *= 1024 + assert.Equal(t, "512 PiB", FileSize(size)) + size *= 4 + assert.Equal(t, "2.0 EiB", FileSize(size)) +} + +func TestEllipsisString(t *testing.T) { + assert.Equal(t, "...", EllipsisString("foobar", 0)) + assert.Equal(t, "...", EllipsisString("foobar", 1)) + assert.Equal(t, "...", EllipsisString("foobar", 2)) + assert.Equal(t, "...", EllipsisString("foobar", 3)) + assert.Equal(t, "f...", EllipsisString("foobar", 4)) + assert.Equal(t, "fo...", EllipsisString("foobar", 5)) + assert.Equal(t, "foobar", EllipsisString("foobar", 6)) + assert.Equal(t, "foobar", EllipsisString("foobar", 10)) + assert.Equal(t, "测...", EllipsisString("测试文本一二三四", 4)) + assert.Equal(t, "测试...", EllipsisString("测试文本一二三四", 5)) + assert.Equal(t, "测试文...", EllipsisString("测试文本一二三四", 6)) + assert.Equal(t, "测试文本一二三四", EllipsisString("测试文本一二三四", 10)) +} + +func TestTruncateString(t *testing.T) { + assert.Equal(t, "", TruncateString("foobar", 0)) + assert.Equal(t, "f", TruncateString("foobar", 1)) + assert.Equal(t, "fo", TruncateString("foobar", 2)) + assert.Equal(t, "foo", TruncateString("foobar", 3)) + assert.Equal(t, "foob", TruncateString("foobar", 4)) + assert.Equal(t, "fooba", TruncateString("foobar", 5)) + assert.Equal(t, "foobar", TruncateString("foobar", 6)) + assert.Equal(t, "foobar", TruncateString("foobar", 7)) + assert.Equal(t, "测试文本", TruncateString("测试文本一二三四", 4)) + assert.Equal(t, "测试文本一", TruncateString("测试文本一二三四", 5)) + assert.Equal(t, "测试文本一二", TruncateString("测试文本一二三四", 6)) + assert.Equal(t, "测试文本一二三", TruncateString("测试文本一二三四", 7)) +} + +func TestStringsToInt64s(t *testing.T) { + testSuccess := func(input []string, expected []int64) { + result, err := StringsToInt64s(input) + require.NoError(t, err) + assert.Equal(t, expected, result) + } + testSuccess(nil, nil) + testSuccess([]string{}, []int64{}) + testSuccess([]string{"-1234"}, []int64{-1234}) + testSuccess([]string{"1", "4", "16", "64", "256"}, []int64{1, 4, 16, 64, 256}) + + ints, err := StringsToInt64s([]string{"-1", "a"}) + assert.Empty(t, ints) + require.Error(t, err) +} + +func TestInt64sToStrings(t *testing.T) { + assert.Equal(t, []string{}, Int64sToStrings([]int64{})) + assert.Equal(t, + []string{"1", "4", "16", "64", "256"}, + Int64sToStrings([]int64{1, 4, 16, 64, 256}), + ) +} + +// TODO: Test EntryIcon + +func TestSetupGiteaRoot(t *testing.T) { + t.Setenv("GITEA_ROOT", "test") + assert.Equal(t, "test", SetupGiteaRoot()) + t.Setenv("GITEA_ROOT", "") + assert.NotEqual(t, "test", SetupGiteaRoot()) +} + +func TestFormatNumberSI(t *testing.T) { + assert.Equal(t, "125", FormatNumberSI(int(125))) + assert.Equal(t, "1.3k", FormatNumberSI(int64(1317))) + assert.Equal(t, "21.3M", FormatNumberSI(21317675)) + assert.Equal(t, "45.7G", FormatNumberSI(45721317675)) + assert.Equal(t, "", FormatNumberSI("test")) +} -- cgit v1.2.3