blob: 0314db79c1c279828c6eb2808d6a16e5b20ead48 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
import { Commit } from "../git/commit";
import { Repository } from "../git/repository";
type VerificationResultType = "SUCCESS" | "NOT_FOUND" | "INVALID" | "ACCESS_DENIED";
export class VerificationResult {
constructor(result: VerificationResultType, subject?: string) {
this.success = result === "SUCCESS";
if(result !== "SUCCESS") {
const verification_error_types = {
NOT_FOUND: { code: 404, message: `${String(subject?.substr(0, 1).toUpperCase()) + subject?.substr(1)} not found!` },
INVALID: { code: 403, message: `Invalid ${subject}` },
ACCESS_DENIED: { code: 403, message: "Access denied!" }
};
this.message = verification_error_types[result].message;
this.code = verification_error_types[result].code;
}
}
success: boolean;
code: number | null = null;
message: string | null = null;
}
export function verifyRepoName(repo_name: string): boolean {
return /^[a-zA-Z0-9.\-_]+$/u.test(repo_name);
}
export async function verifySHA(repository: Repository, sha: string): Promise<VerificationResult> {
if(!(/^[a-fA-F0-9]+$/u).test(sha)) {
return new VerificationResult("INVALID", "sha");
}
const object_exists = await Commit.lookupExists(repository, sha);
if(!object_exists) {
return new VerificationResult("NOT_FOUND", "object");
}
return new VerificationResult("SUCCESS");
}
export function verifyGitRequest(path_name: string, service: string): VerificationResult {
if((/\.\/|\.\./u).test(path_name)) {
return new VerificationResult("INVALID", "path");
}
if(service !== "git-upload-pack") {
return new VerificationResult("ACCESS_DENIED");
}
return new VerificationResult("SUCCESS");
}
|