USEFULL
/
gogs
mirror of https://github.com/gogs/gogs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

all: unwrap `database.PublicKeysStore` interface (#7702)

pull/7704/head
Joe Chen 2024-03-23 20:55:45 -04:00 committed by GitHub
parent 5cf0189df1
commit 895e553e68
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 25 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
internal/database/database.go
View File

@ -179,3 +179,7 @@ func (db *DB) Organizations() *OrganizationsStore {
func (db *DB) Permissions() *PermissionsStore { func (db *DB) Permissions() *PermissionsStore {
return newPermissionsStore(db.db) return newPermissionsStore(db.db)
} }
func (db *DB) PublicKey() *PublicKeysStore {
return newPublicKeysStore(db.db)
}

30
internal/database/public_keys.go
View File

@ -15,32 +15,22 @@ import (
"gogs.io/gogs/internal/osutil" "gogs.io/gogs/internal/osutil"
) )
// PublicKeysStore is the persistent interface for public keys. // PublicKeysStore is the storage layer for public keys.
type PublicKeysStore interface { type PublicKeysStore struct {
// RewriteAuthorizedKeys rewrites the "authorized_keys" file under the SSH root db *gorm.DB
// path with all public keys stored in the database.
RewriteAuthorizedKeys() error
} }
var PublicKeys PublicKeysStore func newPublicKeysStore(db *gorm.DB) *PublicKeysStore {
return &PublicKeysStore{db: db}
var _ PublicKeysStore = (*publicKeysStore)(nil)
type publicKeysStore struct {
*gorm.DB
}
// NewPublicKeysStore returns a persistent interface for public keys with given
// database connection.
func NewPublicKeysStore(db *gorm.DB) PublicKeysStore {
return &publicKeysStore{DB: db}
} }
func authorizedKeysPath() string { func authorizedKeysPath() string {
return filepath.Join(conf.SSH.RootPath, "authorized_keys") return filepath.Join(conf.SSH.RootPath, "authorized_keys")
} }
func (s *publicKeysStore) RewriteAuthorizedKeys() error { // RewriteAuthorizedKeys rewrites the "authorized_keys" file under the SSH root
// path with all public keys stored in the database.
func (s *PublicKeysStore) RewriteAuthorizedKeys() error {
sshOpLocker.Lock() sshOpLocker.Lock()
defer sshOpLocker.Unlock() defer sshOpLocker.Unlock()
@ -61,7 +51,7 @@ func (s *publicKeysStore) RewriteAuthorizedKeys() error {
// NOTE: More recently updated keys are more likely to be used more frequently, // NOTE: More recently updated keys are more likely to be used more frequently,
// putting them in the earlier lines could speed up the key lookup by SSHD. // putting them in the earlier lines could speed up the key lookup by SSHD.
rows, err := s.Model(&PublicKey{}).Order("updated_unix DESC").Rows() rows, err := s.db.Model(&PublicKey{}).Order("updated_unix DESC").Rows()
if err != nil { if err != nil {
return errors.Wrap(err, "iterate public keys") return errors.Wrap(err, "iterate public keys")
} }
@ -69,7 +59,7 @@ func (s *publicKeysStore) RewriteAuthorizedKeys() error {
for rows.Next() { for rows.Next() {
var key PublicKey var key PublicKey
err = s.ScanRows(rows, &key) err = s.db.ScanRows(rows, &key)
if err != nil { if err != nil {
return errors.Wrap(err, "scan rows") return errors.Wrap(err, "scan rows")
} }

16
internal/database/public_keys_test.go
View File

@ -24,22 +24,22 @@ func TestPublicKeys(t *testing.T) {
t.Parallel() t.Parallel()
ctx := context.Background() ctx := context.Background()
db := &publicKeysStore{ s := &PublicKeysStore{
DB: newTestDB(t, "publicKeysStore"), db: newTestDB(t, "PublicKeysStore"),
} }
for _, tc := range []struct { for _, tc := range []struct {
name string name string
test func(t *testing.T, ctx context.Context, db *publicKeysStore) test func(t *testing.T, ctx context.Context, s *PublicKeysStore)
}{ }{
{"RewriteAuthorizedKeys", publicKeysRewriteAuthorizedKeys}, {"RewriteAuthorizedKeys", publicKeysRewriteAuthorizedKeys},
} { } {
t.Run(tc.name, func(t *testing.T) { t.Run(tc.name, func(t *testing.T) {
t.Cleanup(func() { t.Cleanup(func() {
err := clearTables(t, db.DB) err := clearTables(t, s.db)
require.NoError(t, err) require.NoError(t, err)
}) })
tc.test(t, ctx, db) tc.test(t, ctx, s)
}) })
if t.Failed() { if t.Failed() {
break break
@ -47,7 +47,7 @@ func TestPublicKeys(t *testing.T) {
} }
} }
func publicKeysRewriteAuthorizedKeys(t *testing.T, ctx context.Context, db *publicKeysStore) { func publicKeysRewriteAuthorizedKeys(t *testing.T, ctx context.Context, s *PublicKeysStore) {
// TODO: Use PublicKeys.Add to replace SQL hack when the method is available. // TODO: Use PublicKeys.Add to replace SQL hack when the method is available.
publicKey := &PublicKey{ publicKey := &PublicKey{
OwnerID: 1, OwnerID: 1,
@ -55,11 +55,11 @@ func publicKeysRewriteAuthorizedKeys(t *testing.T, ctx context.Context, db *publ
Fingerprint: "12:f8:7e:78:61:b4:bf:e2:de:24:15:96:4e:d4:72:53", Fingerprint: "12:f8:7e:78:61:b4:bf:e2:de:24:15:96:4e:d4:72:53",
Content: "test-key-content", Content: "test-key-content",
} }
err := db.DB.Create(publicKey).Error err := s.db.Create(publicKey).Error
require.NoError(t, err) require.NoError(t, err)
tempSSHRootPath := filepath.Join(os.TempDir(), "publicKeysRewriteAuthorizedKeys-tempSSHRootPath") tempSSHRootPath := filepath.Join(os.TempDir(), "publicKeysRewriteAuthorizedKeys-tempSSHRootPath")
conf.SetMockSSH(t, conf.SSHOpts{RootPath: tempSSHRootPath}) conf.SetMockSSH(t, conf.SSHOpts{RootPath: tempSSHRootPath})
err = db.RewriteAuthorizedKeys() err = s.RewriteAuthorizedKeys()
require.NoError(t, err) require.NoError(t, err)
authorizedKeys, err := os.ReadFile(authorizedKeysPath()) authorizedKeys, err := os.ReadFile(authorizedKeysPath())

4
internal/database/users.go
View File

@ -645,7 +645,7 @@ func (s *usersStore) DeleteByID(ctx context.Context, userID int64, skipRewriteAu
_ = os.Remove(userutil.CustomAvatarPath(userID)) _ = os.Remove(userutil.CustomAvatarPath(userID))
if needsRewriteAuthorizedKeys { if needsRewriteAuthorizedKeys {
err = NewPublicKeysStore(s.DB).RewriteAuthorizedKeys() err = newPublicKeysStore(s.DB).RewriteAuthorizedKeys()
if err != nil { if err != nil {
return errors.Wrap(err, `rewrite "authorized_keys" file`) return errors.Wrap(err, `rewrite "authorized_keys" file`)
} }
@ -672,7 +672,7 @@ func (s *usersStore) DeleteInactivated() error {
return errors.Wrapf(err, "delete user with ID %d", userID) return errors.Wrapf(err, "delete user with ID %d", userID)
} }
} }
err = NewPublicKeysStore(s.DB).RewriteAuthorizedKeys() err = newPublicKeysStore(s.DB).RewriteAuthorizedKeys()
if err != nil { if err != nil {
return errors.Wrap(err, `rewrite "authorized_keys" file`) return errors.Wrap(err, `rewrite "authorized_keys" file`)
} }

2
internal/database/users_test.go
View File

@ -534,7 +534,7 @@ func usersDeleteByID(t *testing.T, ctx context.Context, db *usersStore) {
require.NoError(t, err) require.NoError(t, err)
tempSSHRootPath := filepath.Join(os.TempDir(), "usersDeleteByID-tempSSHRootPath") tempSSHRootPath := filepath.Join(os.TempDir(), "usersDeleteByID-tempSSHRootPath")
conf.SetMockSSH(t, conf.SSHOpts{RootPath: tempSSHRootPath}) conf.SetMockSSH(t, conf.SSHOpts{RootPath: tempSSHRootPath})
err = NewPublicKeysStore(db.DB).RewriteAuthorizedKeys() err = newPublicKeysStore(db.DB).RewriteAuthorizedKeys()
require.NoError(t, err) require.NoError(t, err)
// Mock issue assignee // Mock issue assignee