Skip to content

Commit 838b984

Browse files
committed
refactor
1 parent 6686626 commit 838b984

File tree

6 files changed

+36
-67
lines changed

6 files changed

+36
-67
lines changed

models/asymkey/gpg_key_commit_verification.go

Lines changed: 2 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -15,34 +15,15 @@ import (
1515
"github.com/ProtonMail/go-crypto/openpgp/packet"
1616
)
1717

18-
// __________________ ________ ____ __.
19-
// / _____/\______ \/ _____/ | |/ _|____ ___.__.
20-
// / \ ___ | ___/ \ ___ | <_/ __ < | |
21-
// \ \_\ \| | \ \_\ \ | | \ ___/\___ |
22-
// \______ /|____| \______ / |____|__ \___ > ____|
23-
// \/ \/ \/ \/\/
24-
// _________ .__ __
25-
// \_ ___ \ ____ _____ _____ |__|/ |_
26-
// / \ \/ / _ \ / \ / \| \ __\
27-
// \ \___( <_> ) Y Y \ Y Y \ || |
28-
// \______ /\____/|__|_| /__|_| /__||__|
29-
// \/ \/ \/
30-
// ____ ____ .__ _____.__ __ .__
31-
// \ \ / /___________|__|/ ____\__| ____ _____ _/ |_|__| ____ ____
32-
// \ Y // __ \_ __ \ \ __\| |/ ___\\__ \\ __\ |/ _ \ / \
33-
// \ /\ ___/| | \/ || | | \ \___ / __ \| | | ( <_> ) | \
34-
// \___/ \___ >__| |__||__| |__|\___ >____ /__| |__|\____/|___| /
35-
// \/ \/ \/ \/
36-
3718
// This file provides functions relating commit verification
3819

3920
// CommitVerification represents a commit validation of signature
4021
type CommitVerification struct {
4122
Verified bool
4223
Warning bool
4324
Reason string
44-
SigningUser *user_model.User
45-
CommittingUser *user_model.User
25+
SigningUser *user_model.User // if Verified, then SigningUser is non-nil
26+
CommittingUser *user_model.User // if Verified, then CommittingUser is non-nil
4627
SigningEmail string
4728
SigningKey *GPGKey
4829
SigningSSHKey *PublicKey

modules/git/commit.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -22,9 +22,9 @@ import (
2222
type Commit struct {
2323
Tree // FIXME: bad design, this field can be nil if the commit is from "last commit cache"
2424

25-
ID ObjectID // The ID of this commit object
26-
Author *Signature
27-
Committer *Signature
25+
ID ObjectID // The ID of this commit object
26+
Author *Signature // never nil
27+
Committer *Signature // never nil
2828
CommitMessage string
2929
Signature *CommitSignature
3030

services/asymkey/commit.go

Lines changed: 29 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -24,47 +24,42 @@ import (
2424

2525
// ParseCommitWithSignature check if signature is good against keystore.
2626
func ParseCommitWithSignature(ctx context.Context, c *git.Commit) *asymkey_model.CommitVerification {
27-
var committer *user_model.User
28-
if c.Committer != nil {
29-
var err error
30-
// Find Committer account
31-
committer, err = user_model.GetUserByEmail(ctx, c.Committer.Email) // This finds the user by primary email or activated email so commit will not be valid if email is not
32-
if err != nil { // Skipping not user for committer
33-
committer = &user_model.User{
34-
Name: c.Committer.Name,
35-
Email: c.Committer.Email,
36-
}
37-
// We can expect this to often be an ErrUserNotExist. in the case
38-
// it is not, however, it is important to log it.
39-
if !user_model.IsErrUserNotExist(err) {
40-
log.Error("GetUserByEmail: %v", err)
41-
return &asymkey_model.CommitVerification{
42-
CommittingUser: committer,
43-
Verified: false,
44-
Reason: "gpg.error.no_committer_account",
45-
}
46-
}
27+
committer, err := user_model.GetUserByEmail(ctx, c.Committer.Email)
28+
if err != nil && !user_model.IsErrUserNotExist(err) {
29+
log.Error("GetUserByEmail: %v", err)
30+
return &asymkey_model.CommitVerification{
31+
Verified: false,
32+
Reason: "gpg.error.no_committer_account", // this error is not right, but such error should seldom happen
4733
}
4834
}
49-
5035
return ParseCommitWithSignatureCommitter(ctx, c, committer)
5136
}
5237

38+
// ParseCommitWithSignatureCommitter parses a commit's GPG or SSH signature.
39+
// If the commit is singed by an instance key, then committer is nil.
5340
func ParseCommitWithSignatureCommitter(ctx context.Context, c *git.Commit, committer *user_model.User) *asymkey_model.CommitVerification {
54-
// If no signature just report the committer
41+
// If no signature, just report the committer
5542
if c.Signature == nil {
5643
return &asymkey_model.CommitVerification{
5744
CommittingUser: committer,
58-
Verified: false, // Default value
59-
Reason: "gpg.error.not_signed_commit", // Default value
45+
Verified: false,
46+
Reason: "gpg.error.not_signed_commit",
47+
}
48+
}
49+
// to support instance key, we need a fake committer user (not really needed, but legacy code accesses the committer without nil-check)
50+
if committer == nil {
51+
committer = &user_model.User{
52+
Name: c.Committer.Name,
53+
Email: c.Committer.Email,
6054
}
6155
}
62-
63-
// If this a SSH signature handle it differently
6456
if strings.HasPrefix(c.Signature.Signature, "-----BEGIN SSH SIGNATURE-----") {
65-
return ParseCommitWithSSHSignature(ctx, c, committer)
57+
return parseCommitWithSSHSignature(ctx, c, committer)
6658
}
59+
return parseCommitWithGPGSignature(ctx, c, committer)
60+
}
6761

62+
func parseCommitWithGPGSignature(ctx context.Context, c *git.Commit, committer *user_model.User) *asymkey_model.CommitVerification {
6863
// Parsing signature
6964
sig, err := asymkey_model.ExtractSignature(c.Signature.Signature)
7065
if err != nil { // Skipping failed to extract sign
@@ -96,7 +91,7 @@ func ParseCommitWithSignatureCommitter(ctx context.Context, c *git.Commit, commi
9691
}
9792

9893
// Now try to associate the signature with the committer, if present
99-
if committer.ID != 0 {
94+
if committer != nil && committer.ID != 0 {
10095
keys, err := db.Find[asymkey_model.GPGKey](ctx, asymkey_model.FindGPGKeyOptions{
10196
OwnerID: committer.ID,
10297
})
@@ -165,7 +160,7 @@ func ParseCommitWithSignatureCommitter(ctx context.Context, c *git.Commit, commi
165160
}
166161
if err := gpgSettings.LoadPublicKeyContent(); err != nil {
167162
log.Error("Error getting default signing key: %s %v", gpgSettings.KeyID, err)
168-
} else if commitVerification := VerifyWithGPGSettings(ctx, &gpgSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
163+
} else if commitVerification := verifyWithGPGSettings(ctx, &gpgSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
169164
if commitVerification.Reason == asymkey_model.BadSignature {
170165
defaultReason = asymkey_model.BadSignature
171166
} else {
@@ -180,7 +175,7 @@ func ParseCommitWithSignatureCommitter(ctx context.Context, c *git.Commit, commi
180175
} else if defaultGPGSettings == nil {
181176
log.Warn("Unable to get defaultGPGSettings for unattached commit: %s", c.ID.String())
182177
} else if defaultGPGSettings.Sign {
183-
if commitVerification := VerifyWithGPGSettings(ctx, defaultGPGSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
178+
if commitVerification := verifyWithGPGSettings(ctx, defaultGPGSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
184179
if commitVerification.Reason == asymkey_model.BadSignature {
185180
defaultReason = asymkey_model.BadSignature
186181
} else {
@@ -295,7 +290,7 @@ func HashAndVerifyForKeyID(ctx context.Context, sig *packet.Signature, payload s
295290
}
296291
}
297292

298-
func VerifyWithGPGSettings(ctx context.Context, gpgSettings *git.GPGSettings, sig *packet.Signature, payload string, committer *user_model.User, keyID string) *asymkey_model.CommitVerification {
293+
func verifyWithGPGSettings(ctx context.Context, gpgSettings *git.GPGSettings, sig *packet.Signature, payload string, committer *user_model.User, keyID string) *asymkey_model.CommitVerification {
299294
// First try to find the key in the db
300295
if commitVerification := HashAndVerifyForKeyID(ctx, sig, payload, committer, gpgSettings.KeyID, gpgSettings.Name, gpgSettings.Email); commitVerification != nil {
301296
return commitVerification
@@ -375,10 +370,10 @@ func verifySSHCommitVerificationByInstanceKey(c *git.Commit, committerUser, sign
375370
return verifySSHCommitVerification(c.Signature.Signature, c.Signature.Payload, sshPubKey, committerUser, signerUser, committerGitEmail)
376371
}
377372

378-
// ParseCommitWithSSHSignature check if signature is good against keystore.
379-
func ParseCommitWithSSHSignature(ctx context.Context, c *git.Commit, committerUser *user_model.User) *asymkey_model.CommitVerification {
373+
// parseCommitWithSSHSignature check if signature is good against keystore.
374+
func parseCommitWithSSHSignature(ctx context.Context, c *git.Commit, committerUser *user_model.User) *asymkey_model.CommitVerification {
380375
// Now try to associate the signature with the committer, if present
381-
if committerUser.ID != 0 {
376+
if committerUser != nil && committerUser.ID != 0 {
382377
keys, err := db.Find[asymkey_model.PublicKey](ctx, asymkey_model.FindPublicKeyOptions{
383378
OwnerID: committerUser.ID,
384379
NotKeytype: asymkey_model.KeyTypePrincipal,

services/asymkey/commit_test.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ Initial commit with signed file
4141
Name: "User Two",
4242
4343
}
44-
ret := ParseCommitWithSSHSignature(t.Context(), commit, committingUser)
44+
ret := parseCommitWithSSHSignature(t.Context(), commit, committingUser)
4545
require.NotNil(t, ret)
4646
assert.True(t, ret.Verified)
4747
assert.False(t, ret.Warning)

services/git/commit.go

Lines changed: 0 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -35,13 +35,6 @@ func ParseCommitsWithSignature(ctx context.Context, repo *repo_model.Repository,
3535

3636
for _, c := range oldCommits {
3737
committerUser := emailUsers.GetByEmail(c.Committer.Email) // FIXME: why ValidateCommitsWithEmails uses "Author", but ParseCommitsWithSignature uses "Committer"?
38-
if committerUser == nil {
39-
committerUser = &user_model.User{
40-
Name: c.Committer.Name,
41-
Email: c.Committer.Email,
42-
}
43-
}
44-
4538
signCommit := &asymkey_model.SignCommit{
4639
UserCommit: c,
4740
Verification: asymkey_service.ParseCommitWithSignatureCommitter(ctx, c.Commit, committerUser),

templates/repo/commit_page.tmpl

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -147,7 +147,7 @@
147147
<div class="flex-text-inline">
148148
{{if or (ne .Commit.Committer.Name .Commit.Author.Name) (ne .Commit.Committer.Email .Commit.Author.Email)}}
149149
<span class="text grey">{{ctx.Locale.Tr "repo.diff.committed_by"}}</span>
150-
{{if ne .Verification.CommittingUser.ID 0}}
150+
{{if and .Verification.CommittingUser .Verification.CommittingUser.ID}}
151151
{{ctx.AvatarUtils.Avatar .Verification.CommittingUser 20}}
152152
<a href="{{.Verification.CommittingUser.HomeLink}}"><strong>{{.Commit.Committer.Name}}</strong></a>
153153
{{else}}

0 commit comments

Comments
 (0)