From 71e1e17f8b7c182baa7aee6bcb64ad06964cde5e Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Sat, 15 Jan 2022 19:57:26 +0000 Subject: [PATCH 1/2] Return nicer error if trying to pull from non-existent user Gitea serv will currently return an 500 if we try to pull from a repository where the owner does not exist. This PR checks for the UserNotExist Error when checking for the user and will return a NotFound error instead. Fix #18225 Signed-off-by: Andrew Thornton --- routers/private/serv.go | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/routers/private/serv.go b/routers/private/serv.go index e5ebc5aa92b6..97593001b02b 100644 --- a/routers/private/serv.go +++ b/routers/private/serv.go @@ -111,8 +111,17 @@ func ServCommand(ctx *context.PrivateContext) { owner, err := user_model.GetUserByName(results.OwnerName) if err != nil { + if user_model.IsErrUserNotExist(err) { + // User is fetching/cloning a non-existent repository + log.Error("Failed authentication attempt (cannot find repository: %s/%s) from %s", results.OwnerName, results.RepoName, ctx.RemoteAddr()) + ctx.JSON(http.StatusNotFound, private.ErrServCommand{ + Results: results, + Err: fmt.Sprintf("Cannot find repository: %s/%s", results.OwnerName, results.RepoName), + }) + return + } log.Error("Unable to get repository owner: %s/%s Error: %v", results.OwnerName, results.RepoName, err) - ctx.JSON(http.StatusInternalServerError, private.ErrServCommand{ + ctx.JSON(http.StatusForbidden, private.ErrServCommand{ Results: results, Err: fmt.Sprintf("Unable to get repository owner: %s/%s %v", results.OwnerName, results.RepoName, err), }) From 50c0c1e3a50954dfcdff6da461042b8f7eb60cb1 Mon Sep 17 00:00:00 2001 From: Andrew Thornton Date: Sat, 15 Jan 2022 20:28:44 +0000 Subject: [PATCH 2/2] change log level Signed-off-by: Andrew Thornton --- routers/private/serv.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/routers/private/serv.go b/routers/private/serv.go index 97593001b02b..6bf0ceeca289 100644 --- a/routers/private/serv.go +++ b/routers/private/serv.go @@ -113,7 +113,7 @@ func ServCommand(ctx *context.PrivateContext) { if err != nil { if user_model.IsErrUserNotExist(err) { // User is fetching/cloning a non-existent repository - log.Error("Failed authentication attempt (cannot find repository: %s/%s) from %s", results.OwnerName, results.RepoName, ctx.RemoteAddr()) + log.Warn("Failed authentication attempt (cannot find repository: %s/%s) from %s", results.OwnerName, results.RepoName, ctx.RemoteAddr()) ctx.JSON(http.StatusNotFound, private.ErrServCommand{ Results: results, Err: fmt.Sprintf("Cannot find repository: %s/%s", results.OwnerName, results.RepoName), @@ -144,7 +144,7 @@ func ServCommand(ctx *context.PrivateContext) { for _, verb := range ctx.FormStrings("verb") { if "git-upload-pack" == verb { // User is fetching/cloning a non-existent repository - log.Error("Failed authentication attempt (cannot find repository: %s/%s) from %s", results.OwnerName, results.RepoName, ctx.RemoteAddr()) + log.Warn("Failed authentication attempt (cannot find repository: %s/%s) from %s", results.OwnerName, results.RepoName, ctx.RemoteAddr()) ctx.JSON(http.StatusNotFound, private.ErrServCommand{ Results: results, Err: fmt.Sprintf("Cannot find repository: %s/%s", results.OwnerName, results.RepoName), @@ -334,7 +334,7 @@ func ServCommand(ctx *context.PrivateContext) { userMode := perm.UnitAccessMode(unitType) if userMode < mode { - log.Error("Failed authentication attempt for %s with key %s (not authorized to %s %s/%s) from %s", user.Name, key.Name, modeString, ownerName, repoName, ctx.RemoteAddr()) + log.Warn("Failed authentication attempt for %s with key %s (not authorized to %s %s/%s) from %s", user.Name, key.Name, modeString, ownerName, repoName, ctx.RemoteAddr()) ctx.JSON(http.StatusUnauthorized, private.ErrServCommand{ Results: results, Err: fmt.Sprintf("User: %d:%s with Key: %d:%s is not authorized to %s %s/%s.", user.ID, user.Name, key.ID, key.Name, modeString, ownerName, repoName),