Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitc504141

Browse files
committed
Add logs and comments
1 parent881dc82 commitc504141

File tree

1 file changed

+13
-4
lines changed

1 file changed

+13
-4
lines changed

‎pkg/lockdown/lockdown.go‎

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -113,13 +113,19 @@ type CacheStats struct {
113113
Evictionsint64
114114
}
115115

116+
// IsSafeContent determines if the specified user can safely access the requested repository content.
117+
// Safe access applies when any of the following is true:
118+
// - the content was created by a trusted bot;
119+
// - the author currently has push access to the repository;
120+
// - the repository is private;
121+
// - the content was created by the viewer.
116122
func (c*RepoAccessCache)IsSafeContent(ctx context.Context,username,owner,repostring) (bool,error) {
117123
repoInfo,err:=c.getRepoAccessInfo(ctx,username,owner,repo)
118124
iferr!=nil {
119125
returnfalse,err
120126
}
121127

122-
c.logDebug(ctx,fmt.Sprintf("evaluated repo accessfur user %s to %s/%s for content filtering, result: hasPushAccess=%t, isPrivate=%t",
128+
c.logDebug(ctx,fmt.Sprintf("evaluated repo accessfor user %s to %s/%s for content filtering, result: hasPushAccess=%t, isPrivate=%t",
123129
username,owner,repo,repoInfo.HasPushAccess,repoInfo.IsPrivate))
124130

125131
ifc.isTrustedBot(username)||repoInfo.IsPrivate||repoInfo.ViewerLogin==strings.ToLower(username) {
@@ -143,15 +149,15 @@ func (c *RepoAccessCache) getRepoAccessInfo(ctx context.Context, username, owner
143149
iferr==nil {
144150
entry:=cacheItem.Data().(*repoAccessCacheEntry)
145151
ifcachedHasPush,known:=entry.knownUsers[userKey];known {
146-
c.logDebug(ctx,"repo access cache hit")
152+
c.logDebug(ctx,fmt.Sprintf("repo access cache hit for user %s to %s/%s",username,owner,repo))
147153
returnRepoAccessInfo{
148154
IsPrivate:entry.isPrivate,
149155
HasPushAccess:cachedHasPush,
150156
ViewerLogin:entry.viewerLogin,
151157
},nil
152158
}
153159

154-
c.logDebug(ctx,"known users cache miss")
160+
c.logDebug(ctx,"known users cache miss, fetching from graphql API")
155161

156162
info,queryErr:=c.queryRepoAccessInfo(ctx,username,owner,repo)
157163
ifqueryErr!=nil {
@@ -170,7 +176,7 @@ func (c *RepoAccessCache) getRepoAccessInfo(ctx context.Context, username, owner
170176
},nil
171177
}
172178

173-
c.logDebug(ctx,"repo access cache miss")
179+
c.logDebug(ctx,fmt.Sprintf("repo access cache miss for user %s to %s/%s",username,owner,repo))
174180

175181
info,queryErr:=c.queryRepoAccessInfo(ctx,username,owner,repo)
176182
ifqueryErr!=nil {
@@ -234,6 +240,9 @@ func (c *RepoAccessCache) queryRepoAccessInfo(ctx context.Context, username, own
234240
}
235241
}
236242

243+
c.logDebug(ctx,fmt.Sprintf("queried repo access info for user %s to %s/%s: isPrivate=%t, hasPushAccess=%t, viewerLogin=%s",
244+
username,owner,repo,bool(query.Repository.IsPrivate),hasPush,query.Viewer.Login))
245+
237246
returnRepoAccessInfo{
238247
IsPrivate:bool(query.Repository.IsPrivate),
239248
HasPushAccess:hasPush,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp