package handlers import ( "encoding/json" "io" "net/http" "net/url" "os" "path/filepath" "strconv" "strings" "github.com/go-chi/chi/v5" "xorm.io/xorm" "github.com/forgeo/forgebucket/internal/api/middleware" "github.com/forgeo/forgebucket/internal/config" gitdomain "github.com/forgeo/forgebucket/internal/domain/git" "github.com/forgeo/forgebucket/internal/models" ) // repoResponse enriches a Repository with derived fields the frontend needs. type repoResponse struct { models.Repository OwnerName string `json:"ownerName"` IsEmpty bool `json:"isEmpty"` AvatarURL string `json:"avatarUrl"` Size int64 `json:"size"` } func avatarPath(repoRoot string, repoID int64) string { return filepath.Join(repoRoot, ".avatars", strconv.FormatInt(repoID, 10)) } func isValidRepoName(name string) bool { if len(name) == 0 || len(name) > 100 { return false } for _, c := range name { if !((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9') || c == '.' || c == '_' || c == '-') { return false } } return true } func (h *RepoHandler) withOwnerName(repo *models.Repository) repoResponse { var owner models.User h.db.ID(repo.OwnerID).Get(&owner) gitdomain.SetRepoRoot(h.cfg.RepoRoot) avURL := "" if _, err := os.Stat(avatarPath(h.cfg.RepoRoot, repo.ID)); err == nil { avURL = "/api/v1/repos/" + owner.Username + "/" + repo.Name + "/avatar" } return repoResponse{ Repository: *repo, AvatarURL: avURL, OwnerName: owner.Username, IsEmpty: gitdomain.IsEmpty(repo.DiskPath), } } type RepoHandler struct { db *xorm.Engine cfg *config.Config } func NewRepoHandler(db *xorm.Engine, cfg *config.Config) *RepoHandler { return &RepoHandler{db: db, cfg: cfg} } func (h *RepoHandler) List(w http.ResponseWriter, r *http.Request) { userID, _ := middleware.UserIDFromContext(r.Context()) var repos []models.Repository if err := h.db.Where("owner_id = ?", userID).Find(&repos); err != nil { jsonError(w, "could not list repositories", http.StatusInternalServerError) return } result := make([]repoResponse, len(repos)) for i := range repos { result[i] = h.withOwnerName(&repos[i]) } jsonOK(w, result) } func (h *RepoHandler) Create(w http.ResponseWriter, r *http.Request) { userID, _ := middleware.UserIDFromContext(r.Context()) var body struct { Name string `json:"name"` Description string `json:"description"` IsPrivate bool `json:"isPrivate"` DefaultBranch string `json:"defaultBranch"` InitReadme string `json:"initReadme"` // "none" | "blank" | "tutorial" InitGitignore bool `json:"initGitignore"` // true → add .gitignore } if err := json.NewDecoder(r.Body).Decode(&body); err != nil { jsonError(w, "invalid request body", http.StatusBadRequest) return } if body.Name == "" { jsonError(w, "name is required", http.StatusBadRequest) return } branch := body.DefaultBranch if branch == "" { branch = "main" } diskPath := filepath.Join(h.cfg.RepoRoot, strconv.FormatInt(userID, 10), body.Name+".git") repo := &models.Repository{ OwnerID: userID, Name: body.Name, Description: body.Description, IsPrivate: body.IsPrivate, DefaultBranch: branch, DiskPath: diskPath, } gitdomain.SetRepoRoot(h.cfg.RepoRoot) if err := gitdomain.Init(diskPath); err != nil { jsonError(w, "could not initialise git repository", http.StatusInternalServerError) return } // Update bare repo HEAD if branch differs from the Init default (main). if branch != "main" { gitdomain.SetDefaultBranch(diskPath, branch) } if _, err := h.db.Insert(repo); err != nil { jsonError(w, "repository name already taken", http.StatusConflict) return } // Create initial commit when README or .gitignore was requested. wantsReadme := body.InitReadme == "blank" || body.InitReadme == "tutorial" if wantsReadme || body.InitGitignore { var u models.User h.db.ID(userID).Get(&u) authorEmail := u.Email if authorEmail == "" { authorEmail = u.Username + "@forgebucket.local" } if err := gitdomain.InitWithFiles(diskPath, branch, body.Name, u.Username, authorEmail, wantsReadme, body.InitGitignore); err != nil { // Non-fatal: repo is created, just without initial files. _ = err } } w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusCreated) json.NewEncoder(w).Encode(h.withOwnerName(repo)) } func (h *RepoHandler) Import(w http.ResponseWriter, r *http.Request) { userID, ok := middleware.UserIDFromContext(r.Context()) if !ok { jsonError(w, "unauthorized", http.StatusUnauthorized) return } var body struct { URL string `json:"url"` Name string `json:"name"` Description string `json:"description"` IsPrivate bool `json:"isPrivate"` AuthUser string `json:"authUser"` AuthPass string `json:"authPass"` } if err := json.NewDecoder(r.Body).Decode(&body); err != nil { jsonError(w, "invalid request body", http.StatusBadRequest) return } if body.URL == "" || body.Name == "" { jsonError(w, "url and name are required", http.StatusBadRequest) return } // Inject credentials into the URL if provided. srcURL := body.URL if body.AuthUser != "" { u, err := url.Parse(body.URL) if err != nil { jsonError(w, "invalid URL", http.StatusBadRequest) return } u.User = url.UserPassword(body.AuthUser, body.AuthPass) srcURL = u.String() } diskPath := filepath.Join(h.cfg.RepoRoot, strconv.FormatInt(userID, 10), body.Name+".git") repo := &models.Repository{ OwnerID: userID, Name: body.Name, Description: body.Description, IsPrivate: body.IsPrivate, DefaultBranch: "main", DiskPath: diskPath, } if _, err := h.db.Insert(repo); err != nil { jsonError(w, "repository name already taken", http.StatusConflict) return } gitdomain.SetRepoRoot(h.cfg.RepoRoot) if err := gitdomain.CloneRepo(srcURL, diskPath); err != nil { h.db.ID(repo.ID).Delete(&models.Repository{}) jsonError(w, "import failed: "+err.Error(), http.StatusBadRequest) return } w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusCreated) json.NewEncoder(w).Encode(h.withOwnerName(repo)) } func (h *RepoHandler) Get(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } resp := h.withOwnerName(repo) gitdomain.SetRepoRoot(h.cfg.RepoRoot) resp.Size = gitdomain.RepoSize(repo.DiskPath) jsonOK(w, resp) } func (h *RepoHandler) Tree(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } ref := r.URL.Query().Get("ref") if ref == "" { ref = repo.DefaultBranch } subPath := r.URL.Query().Get("path") gitdomain.SetRepoRoot(h.cfg.RepoRoot) entries, err := gitdomain.TreeLS(repo.DiskPath, ref, subPath) if err != nil { jsonError(w, "could not read tree", http.StatusInternalServerError) return } if entries == nil { entries = []gitdomain.TreeEntry{} } jsonOK(w, entries) } func (h *RepoHandler) Blob(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } ref := r.URL.Query().Get("ref") if ref == "" { ref = repo.DefaultBranch } path := r.URL.Query().Get("path") if path == "" { jsonError(w, "path is required", http.StatusBadRequest) return } gitdomain.SetRepoRoot(h.cfg.RepoRoot) content, err := gitdomain.BlobCat(repo.DiskPath, ref, path) if err != nil { jsonError(w, "file not found", http.StatusNotFound) return } jsonOK(w, map[string]string{"content": string(content), "path": path, "ref": ref}) } func (h *RepoHandler) UpdateBlob(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } userID, ok := middleware.UserIDFromContext(r.Context()) if !ok { jsonError(w, "unauthorized", http.StatusUnauthorized) return } var u models.User if has, _ := h.db.ID(userID).Get(&u); !has { jsonError(w, "user not found", http.StatusUnauthorized) return } var req struct { Path string `json:"path"` Content string `json:"content"` Message string `json:"message"` Branch string `json:"branch"` } if err := json.NewDecoder(r.Body).Decode(&req); err != nil { jsonError(w, "invalid body", http.StatusBadRequest) return } if req.Path == "" || req.Message == "" { jsonError(w, "path and message are required", http.StatusBadRequest) return } if req.Branch == "" { req.Branch = repo.DefaultBranch } authorEmail := u.Email if authorEmail == "" { authorEmail = u.Username + "@forgebucket.local" } gitdomain.SetRepoRoot(h.cfg.RepoRoot) if err := gitdomain.WriteFile(repo.DiskPath, req.Branch, req.Path, req.Content, u.Username, authorEmail, req.Message); err != nil { jsonError(w, "could not save file: "+err.Error(), http.StatusInternalServerError) return } jsonOK(w, map[string]string{"status": "ok"}) } func (h *RepoHandler) Branches(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } gitdomain.SetRepoRoot(h.cfg.RepoRoot) branches, err := gitdomain.Branches(repo.DiskPath) if err != nil { jsonError(w, "could not list branches", http.StatusInternalServerError) return } if branches == nil { branches = []gitdomain.Branch{} } jsonOK(w, branches) } func (h *RepoHandler) Commits(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } ref := r.URL.Query().Get("ref") if ref == "" { ref = repo.DefaultBranch } limit := 30 if l := r.URL.Query().Get("limit"); l != "" { if n, err := strconv.Atoi(l); err == nil && n > 0 && n <= 100 { limit = n } } gitdomain.SetRepoRoot(h.cfg.RepoRoot) commits, err := gitdomain.Log(repo.DiskPath, ref, limit) if err != nil { jsonError(w, "could not read commits", http.StatusInternalServerError) return } if commits == nil { commits = []gitdomain.Commit{} } jsonOK(w, commits) } func (h *RepoHandler) Update(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } callerID, _ := middleware.UserIDFromContext(r.Context()) if callerID != repo.OwnerID { jsonError(w, "only the owner can update a repository", http.StatusForbidden) return } var body struct { Name *string `json:"name"` Description *string `json:"description"` IsPrivate *bool `json:"isPrivate"` DefaultBranch *string `json:"defaultBranch"` } if err := json.NewDecoder(r.Body).Decode(&body); err != nil { jsonError(w, "invalid request body", http.StatusBadRequest) return } cols := []string{} // Rename: update disk path and DB name atomically. if body.Name != nil && *body.Name != "" && *body.Name != repo.Name { newName := strings.TrimSpace(*body.Name) if !isValidRepoName(newName) { jsonError(w, "invalid repository name: use letters, numbers, hyphens, underscores, and dots only", http.StatusBadRequest) return } newDiskPath := filepath.Join(filepath.Dir(repo.DiskPath), newName+".git") if _, err := os.Stat(newDiskPath); !os.IsNotExist(err) { jsonError(w, "a repository with that name already exists", http.StatusConflict) return } if err := os.Rename(repo.DiskPath, newDiskPath); err != nil { jsonError(w, "could not rename repository on disk", http.StatusInternalServerError) return } repo.DiskPath = newDiskPath repo.Name = newName cols = append(cols, "name", "disk_path") } if body.Description != nil { repo.Description = *body.Description cols = append(cols, "description") } if body.IsPrivate != nil { repo.IsPrivate = *body.IsPrivate cols = append(cols, "is_private") } if body.DefaultBranch != nil { repo.DefaultBranch = *body.DefaultBranch cols = append(cols, "default_branch") } if len(cols) > 0 { if _, err := h.db.ID(repo.ID).Cols(cols...).Update(repo); err != nil { jsonError(w, "could not update repository", http.StatusInternalServerError) return } } jsonOK(w, h.withOwnerName(repo)) } // GetAvatar serves the repository avatar image stored on disk. func (h *RepoHandler) GetAvatar(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } data, err := os.ReadFile(avatarPath(h.cfg.RepoRoot, repo.ID)) if err != nil { http.NotFound(w, r) return } w.Header().Set("Content-Type", http.DetectContentType(data)) w.Header().Set("Cache-Control", "public, max-age=86400") w.Write(data) } // UploadAvatar accepts a multipart image upload and stores it as the repo avatar. func (h *RepoHandler) UploadAvatar(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } callerID, _ := middleware.UserIDFromContext(r.Context()) if callerID != repo.OwnerID { jsonError(w, "only the owner can change the avatar", http.StatusForbidden) return } r.Body = http.MaxBytesReader(w, r.Body, 5<<20) if err := r.ParseMultipartForm(5 << 20); err != nil { jsonError(w, "file too large (max 5 MB)", http.StatusBadRequest) return } file, _, err := r.FormFile("avatar") if err != nil { jsonError(w, "avatar file is required", http.StatusBadRequest) return } defer file.Close() // Sniff content type from first 512 bytes, then read the rest. sniff := make([]byte, 512) n, _ := file.Read(sniff) ct := http.DetectContentType(sniff[:n]) if ct != "image/jpeg" && ct != "image/png" && ct != "image/gif" && ct != "image/webp" { jsonError(w, "unsupported image type; use JPEG, PNG, GIF, or WebP", http.StatusBadRequest) return } rest, err := io.ReadAll(file) if err != nil { jsonError(w, "could not read file", http.StatusInternalServerError) return } data := append(sniff[:n], rest...) avatarDir := filepath.Join(h.cfg.RepoRoot, ".avatars") if err := os.MkdirAll(avatarDir, 0755); err != nil { jsonError(w, "could not create avatar directory", http.StatusInternalServerError) return } if err := os.WriteFile(avatarPath(h.cfg.RepoRoot, repo.ID), data, 0644); err != nil { jsonError(w, "could not save avatar", http.StatusInternalServerError) return } var ownerUser models.User h.db.ID(repo.OwnerID).Get(&ownerUser) jsonOK(w, map[string]string{ "avatarUrl": "/api/v1/repos/" + ownerUser.Username + "/" + repo.Name + "/avatar", }) } func (h *RepoHandler) Delete(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } callerID, _ := middleware.UserIDFromContext(r.Context()) if callerID != repo.OwnerID { jsonError(w, "only the owner can delete a repository", http.StatusForbidden) return } if _, err := h.db.ID(repo.ID).Delete(&models.Repository{}); err != nil { jsonError(w, "could not delete repository", http.StatusInternalServerError) return } w.WriteHeader(http.StatusNoContent) } func (h *RepoHandler) Diff(w http.ResponseWriter, r *http.Request) { repo, ok := h.lookupRepo(w, r) if !ok { return } base := r.URL.Query().Get("base") head := r.URL.Query().Get("head") if base == "" || head == "" { jsonError(w, "base and head query params are required", http.StatusBadRequest) return } gitdomain.SetRepoRoot(h.cfg.RepoRoot) diffs, err := gitdomain.Diff(repo.DiskPath, base, head) if err != nil { jsonError(w, "could not compute diff", http.StatusInternalServerError) return } if diffs == nil { diffs = []gitdomain.FileDiff{} } jsonOK(w, diffs) } // lookupRepo resolves {owner}/{repo} URL params to a DB row, enforcing access. func (h *RepoHandler) lookupRepo(w http.ResponseWriter, r *http.Request) (*models.Repository, bool) { ownerName := chi.URLParam(r, "owner") repoName := chi.URLParam(r, "repo") var owner models.User found, err := h.db.Where("username = ?", ownerName).Get(&owner) if err != nil || !found { jsonError(w, "repository not found", http.StatusNotFound) return nil, false } var repo models.Repository found, err = h.db.Where("owner_id = ? AND name = ?", owner.ID, repoName).Get(&repo) if err != nil || !found { jsonError(w, "repository not found", http.StatusNotFound) return nil, false } // Private repo: only the owner may access (RBAC will be expanded in Phase 3) if repo.IsPrivate { callerID, _ := middleware.UserIDFromContext(r.Context()) if callerID != repo.OwnerID { jsonError(w, "repository not found", http.StatusNotFound) return nil, false } } return &repo, true }