Skip to content

Commit

Permalink
Pass down SignedUserName down to AccessLogger context (go-gitea#16605)
Browse files Browse the repository at this point in the history
Backport go-gitea#16605

Unfortunately when the AccessLogger was moved back before the contexters the
SignedUserName reporting was lost. This is due to Request.WithContext leading to a
shallow copy of the Request and the modules/context/Context being within that request.

This PR adds a new context variable of a string pointer which is set and handled
in the contexters.

Fix go-gitea#16600

Signed-off-by: Andrew Thornton <[email protected]>
  • Loading branch information
zeripath committed Aug 4, 2021
1 parent f912009 commit b40815d
Show file tree
Hide file tree
Showing 3 changed files with 28 additions and 4 deletions.
10 changes: 6 additions & 4 deletions modules/context/access_log.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ package context

import (
"bytes"
"context"
"html/template"
"net/http"
"time"
Expand All @@ -22,18 +23,19 @@ type routerLoggerOptions struct {
Ctx map[string]interface{}
}

var signedUserNameStringPointerKey interface{} = "signedUserNameStringPointerKey"

// AccessLogger returns a middleware to log access logger
func AccessLogger() func(http.Handler) http.Handler {
logger := log.GetLogger("access")
logTemplate, _ := template.New("log").Parse(setting.AccessLogTemplate)
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
start := time.Now()
next.ServeHTTP(w, req)
identity := "-"
if val := SignedUserName(req); val != "" {
identity = val
}
r := req.WithContext(context.WithValue(req.Context(), signedUserNameStringPointerKey, &identity))

next.ServeHTTP(w, r)
rw := w.(ResponseWriter)

buf := bytes.NewBuffer([]byte{})
Expand Down
11 changes: 11 additions & 0 deletions modules/context/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -275,6 +275,17 @@ func APIContexter() func(http.Handler) http.Handler {
ctx.Data["CsrfToken"] = html.EscapeString(ctx.csrf.GetToken())

next.ServeHTTP(ctx.Resp, ctx.Req)

// Handle adding signedUserName to the context for the AccessLogger
usernameInterface := ctx.Data["SignedUserName"]
identityPtrInterface := ctx.Req.Context().Value(signedUserNameStringPointerKey)
if usernameInterface != nil && identityPtrInterface != nil {
username := usernameInterface.(string)
identityPtr := identityPtrInterface.(*string)
if identityPtr != nil && username != "" {
*identityPtr = username
}
}
})
}
}
Expand Down
11 changes: 11 additions & 0 deletions modules/context/context.go
Original file line number Diff line number Diff line change
Expand Up @@ -774,6 +774,17 @@ func Contexter() func(next http.Handler) http.Handler {
}

next.ServeHTTP(ctx.Resp, ctx.Req)

// Handle adding signedUserName to the context for the AccessLogger
usernameInterface := ctx.Data["SignedUserName"]
identityPtrInterface := ctx.Req.Context().Value(signedUserNameStringPointerKey)
if usernameInterface != nil && identityPtrInterface != nil {
username := usernameInterface.(string)
identityPtr := identityPtrInterface.(*string)
if identityPtr != nil && username != "" {
*identityPtr = username
}
}
})
}
}

0 comments on commit b40815d

Please sign in to comment.