diff --git a/cmd/serv.go b/cmd/serv.go index 6d95b812c..06561f348 100644 --- a/cmd/serv.go +++ b/cmd/serv.go @@ -90,7 +90,7 @@ var ( "git-receive-pack": perm.AccessModeWrite, lfsAuthenticateVerb: perm.AccessModeNone, } - alphaDashDotPattern = regexp.MustCompile(`[^\w-\.@]`) + alphaDashDotPattern = regexp.MustCompile(`[^\w-\.]`) ) func fail(userMessage, logMessage string, args ...interface{}) error { diff --git a/go.mod b/go.mod index 3ac281f51..5d38ff048 100644 --- a/go.mod +++ b/go.mod @@ -32,7 +32,7 @@ require ( github.com/fsnotify/fsnotify v1.5.4 github.com/gliderlabs/ssh v0.3.5 github.com/go-ap/activitypub v0.0.0-20220917143152-e4e7018838c0 - github.com/go-ap/jsonld v0.0.0-20220917142617-76bf51585778 + github.com/go-ap/jsonld v0.0.0-20221030091449-f2a191312c73 github.com/go-chi/chi/v5 v5.0.7 github.com/go-chi/cors v1.2.1 github.com/go-enry/go-enry/v2 v2.8.3 @@ -169,7 +169,7 @@ require ( github.com/form3tech-oss/jwt-go v3.2.3+incompatible // indirect github.com/fullstorydev/grpcurl v1.8.1 // indirect github.com/fxamacker/cbor/v2 v2.4.0 // indirect - github.com/go-ap/errors v0.0.0-20220917143055-4283ea5dae18 // indirect + github.com/go-ap/errors v0.0.0-20221115052505-8aaa26f930b4 // indirect github.com/go-asn1-ber/asn1-ber v1.5.4 // indirect github.com/go-enry/go-oniguruma v1.2.1 // indirect github.com/go-git/gcfg v1.5.0 // indirect @@ -302,7 +302,7 @@ replace github.com/shurcooL/vfsgen => github.com/lunny/vfsgen v0.0.0-20220105142 replace github.com/satori/go.uuid v1.2.0 => github.com/gofrs/uuid v4.2.0+incompatible -replace github.com/go-ap/activitypub => gitea.com/xy/activitypub v0.0.0-20220915153216-ee7ec91cd818 +replace github.com/go-ap/activitypub => gitea.com/xy/activitypub v0.0.0-20221126171442-81405e14ea3b exclude github.com/gofrs/uuid v3.2.0+incompatible diff --git a/go.sum b/go.sum index 2e85720ae..56eb524a8 100644 --- a/go.sum +++ b/go.sum @@ -96,8 +96,8 @@ gitea.com/lunny/levelqueue v0.4.2-0.20220729054728-f020868cc2f7 h1:Zc3RQWC2xOVgl gitea.com/lunny/levelqueue v0.4.2-0.20220729054728-f020868cc2f7/go.mod h1:HBqmLbz56JWpfEGG0prskAV97ATNRoj5LDmPicD22hU= gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s= gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU= -gitea.com/xy/activitypub v0.0.0-20220915153216-ee7ec91cd818 h1:QesreciuRZ8G2YL485rboWwoFDKtiD8NaNV9Xj6pOQ8= -gitea.com/xy/activitypub v0.0.0-20220915153216-ee7ec91cd818/go.mod h1:IJ9Q4IVVOeFD13k7EhITroTANCtCxcbdkslVadSHZfY= +gitea.com/xy/activitypub v0.0.0-20221126171442-81405e14ea3b h1:z5zmwZVoKEu2c3+lGiLlTDxQZpcKlZoWz4wjCtcyfxU= +gitea.com/xy/activitypub v0.0.0-20221126171442-81405e14ea3b/go.mod h1:1jG7QyKCGx/FO63p/xWO0h9ytVSJmkjcQSYPj6zWpGs= gitee.com/travelliu/dm v1.8.11192/go.mod h1:DHTzyhCrM843x9VdKVbZ+GKXGRbKM2sJ4LxihRxShkE= github.com/42wim/sshsig v0.0.0-20211121163825-841cf5bbc121 h1:r3qt8PCHnfjOv9PN3H+XXKmDA1dfFMIN1AislhlA/ps= github.com/42wim/sshsig v0.0.0-20211121163825-841cf5bbc121/go.mod h1:Ock8XgA7pvULhIaHGAk/cDnRfNrF9Jey81nPcc403iU= @@ -473,10 +473,10 @@ github.com/gliderlabs/ssh v0.3.5 h1:OcaySEmAQJgyYcArR+gGGTHCyE7nvhEMTlYY+Dp8CpY= github.com/gliderlabs/ssh v0.3.5/go.mod h1:8XB4KraRrX39qHhT6yxPsHedjA08I/uBVwj4xC+/+z4= github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2/go.mod h1:/20jfyN9Y5QPEAprSgKAUr+glWDY39ZiUEAYOEv5dsE= github.com/glycerine/goconvey v0.0.0-20190410193231-58a59202ab31/go.mod h1:Ogl1Tioa0aV7gstGFO7KhffUsb9M4ydbEbbxpcEDc24= -github.com/go-ap/errors v0.0.0-20220917143055-4283ea5dae18 h1:A48SbkWKEciiJMbbcPzaRj9aizPUABzXFvCM3LtGGf8= -github.com/go-ap/errors v0.0.0-20220917143055-4283ea5dae18/go.mod h1:dd3ZgjjloBsKPDpqA2kf2VWhF0A1eKUItOBh0/QcDWI= -github.com/go-ap/jsonld v0.0.0-20220917142617-76bf51585778 h1:0tV3i8tE1NghMC4rXZXfD39KUbkKgIyLTsvOEmMOPCQ= -github.com/go-ap/jsonld v0.0.0-20220917142617-76bf51585778/go.mod h1:jyveZeGw5LaADntW+UEsMjl3IlIwk+DxlYNsbofQkGA= +github.com/go-ap/errors v0.0.0-20221115052505-8aaa26f930b4 h1:oySiT87Q2cd0o5O8er2zyjiRcTQA0KuOgw1N9+RQqG0= +github.com/go-ap/errors v0.0.0-20221115052505-8aaa26f930b4/go.mod h1:SaTNjEEkp0q+w3pUS1ccyEL/lUrHteORlDq/e21mCc8= +github.com/go-ap/jsonld v0.0.0-20221030091449-f2a191312c73 h1:GMKIYXyXPGIp+hYiWOhfqK4A023HdgisDT4YGgf99mw= +github.com/go-ap/jsonld v0.0.0-20221030091449-f2a191312c73/go.mod h1:jyveZeGw5LaADntW+UEsMjl3IlIwk+DxlYNsbofQkGA= github.com/go-asn1-ber/asn1-ber v1.5.4 h1:vXT6d/FNDiELJnLb6hGNa309LMsrCoYFvpwHDF0+Y1A= github.com/go-asn1-ber/asn1-ber v1.5.4/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0= github.com/go-chi/chi/v5 v5.0.1/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8= diff --git a/models/db/name.go b/models/db/name.go index 2693a5c2e..a05d1a789 100644 --- a/models/db/name.go +++ b/models/db/name.go @@ -18,7 +18,7 @@ var ( ErrNameEmpty = util.SilentWrap{Message: "name is empty", Err: util.ErrInvalidArgument} // AlphaDashDotPattern characters prohibited in a user name (anything except A-Za-z0-9_.-) - AlphaDashDotPattern = regexp.MustCompile(`[^\w-\.@]`) // Ugly hack to allow remote usernames to contain @ + AlphaDashDotPattern = regexp.MustCompile(`[^\w-\.]`) ) // ErrNameReserved represents a "reserved name" error. diff --git a/modules/forgefed/forgefed.go b/modules/forgefed/forgefed.go index c645b38bf..adafecc10 100644 --- a/modules/forgefed/forgefed.go +++ b/modules/forgefed/forgefed.go @@ -56,3 +56,41 @@ func JSONUnmarshalerFn(typ ap.ActivityVocabularyType, val *fastjson.Value, i ap. } return nil } + +// NotEmpty is the function that checks if an object is empty +func NotEmpty(i ap.Item) bool { + if ap.IsNil(i) { + return false + } + var notEmpty bool + switch i.GetType() { + case CommitType: + OnCommit(i, func(c *Commit) error { + notEmpty = ap.NotEmpty(c.Object) + return nil + }) + case BranchType: + OnBranch(i, func(b *Branch) error { + notEmpty = ap.NotEmpty(b.Object) + return nil + }) + case RepositoryType: + OnRepository(i, func(r *Repository) error { + notEmpty = ap.NotEmpty(r.Actor) + return nil + }) + case PushType: + OnPush(i, func(p *Push) error { + notEmpty = ap.NotEmpty(p.Object) + return nil + }) + case TicketType: + OnTicket(i, func(t *Ticket) error { + notEmpty = ap.NotEmpty(t.Object) + return nil + }) + default: + notEmpty = ap.NotEmpty(i) + } + return notEmpty +} diff --git a/modules/forgefed/repository.go b/modules/forgefed/repository.go index da1c3b7eb..662e0eaa3 100644 --- a/modules/forgefed/repository.go +++ b/modules/forgefed/repository.go @@ -30,7 +30,6 @@ type Repository struct { func RepositoryNew(id ap.ID) *Repository { a := ap.ActorNew(id, RepositoryType) o := Repository{Actor: *a} - o.Type = RepositoryType return &o } diff --git a/modules/validation/helpers.go b/modules/validation/helpers.go index 8e49c7855..e554a629c 100644 --- a/modules/validation/helpers.go +++ b/modules/validation/helpers.go @@ -93,7 +93,7 @@ func IsValidExternalTrackerURLFormat(uri string) bool { } var ( - validUsernamePattern = regexp.MustCompile(`^[\da-zA-Z][-.\w]*$`) + validUsernamePattern = regexp.MustCompile(`^[\da-zA-Z][-.\w@]*$`) invalidUsernamePattern = regexp.MustCompile(`[-._]{2,}|[-._]$`) // No consecutive or trailing non-alphanumeric chars ) diff --git a/routers/api/v1/activitypub/repo.go b/routers/api/v1/activitypub/repo.go index 4d9cacf29..7ae0b636a 100644 --- a/routers/api/v1/activitypub/repo.go +++ b/routers/api/v1/activitypub/repo.go @@ -97,6 +97,7 @@ func RepoInbox(ctx *context.APIContext) { ap.ItemTyperFunc = forgefed.GetItemByType ap.JSONItemUnmarshal = forgefed.JSONUnmarshalerFn + ap.NotEmptyChecker = forgefed.NotEmpty var activity ap.Activity err = activity.UnmarshalJSON(body) if err != nil { diff --git a/routers/web/authorize_interaction.go b/routers/web/authorize_interaction.go index e74ada504..471d4bf37 100644 --- a/routers/web/authorize_interaction.go +++ b/routers/web/authorize_interaction.go @@ -31,6 +31,7 @@ func AuthorizeInteraction(ctx *context.Context) { ap.ItemTyperFunc = forgefed.GetItemByType ap.JSONItemUnmarshal = forgefed.JSONUnmarshalerFn + ap.NotEmptyChecker = forgefed.NotEmpty object, err := ap.UnmarshalJSON(resp) if err != nil { ctx.ServerError("UnmarshalJSON", err) @@ -70,6 +71,7 @@ func AuthorizeInteraction(ctx *context.Context) { // Parse person object ap.ItemTyperFunc = forgefed.GetItemByType ap.JSONItemUnmarshal = forgefed.JSONUnmarshalerFn + ap.NotEmptyChecker = forgefed.NotEmpty object, err := ap.UnmarshalJSON(resp) if err != nil { return err @@ -108,6 +110,7 @@ func AuthorizeInteraction(ctx *context.Context) { // Parse repository object ap.ItemTyperFunc = forgefed.GetItemByType ap.JSONItemUnmarshal = forgefed.JSONUnmarshalerFn + ap.NotEmptyChecker = forgefed.NotEmpty object, err := ap.UnmarshalJSON(resp) if err != nil { return err