mirror of https://github.com/go-gitea/gitea.git
Fix session key conflict with database keyword (#28613)
This is a regression from #28220 . `builder.Cond` will not add `` ` `` automatically but xorm method `Get/Find` adds `` ` ``. This PR also adds tests to prevent the method from being implemented incorrectly. The tests are added in `integrations` to test every database.
This commit is contained in:
parent
a1dfffd723
commit
4c29c75968
|
@ -41,12 +41,15 @@ func ReadSession(ctx context.Context, key string) (*Session, error) {
|
||||||
}
|
}
|
||||||
defer committer.Close()
|
defer committer.Close()
|
||||||
|
|
||||||
session, exist, err := db.Get[Session](ctx, builder.Eq{"key": key})
|
session, exist, err := db.Get[Session](ctx, builder.Eq{"`key`": key})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
} else if !exist {
|
} else if !exist {
|
||||||
session.Expiry = timeutil.TimeStampNow()
|
session = &Session{
|
||||||
if err := db.Insert(ctx, &session); err != nil {
|
Key: key,
|
||||||
|
Expiry: timeutil.TimeStampNow(),
|
||||||
|
}
|
||||||
|
if err := db.Insert(ctx, session); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -56,7 +59,7 @@ func ReadSession(ctx context.Context, key string) (*Session, error) {
|
||||||
|
|
||||||
// ExistSession checks if a session exists
|
// ExistSession checks if a session exists
|
||||||
func ExistSession(ctx context.Context, key string) (bool, error) {
|
func ExistSession(ctx context.Context, key string) (bool, error) {
|
||||||
return db.Exist[Session](ctx, builder.Eq{"key": key})
|
return db.Exist[Session](ctx, builder.Eq{"`key`": key})
|
||||||
}
|
}
|
||||||
|
|
||||||
// DestroySession destroys a session
|
// DestroySession destroys a session
|
||||||
|
@ -75,13 +78,13 @@ func RegenerateSession(ctx context.Context, oldKey, newKey string) (*Session, er
|
||||||
}
|
}
|
||||||
defer committer.Close()
|
defer committer.Close()
|
||||||
|
|
||||||
if has, err := db.Exist[Session](ctx, builder.Eq{"key": newKey}); err != nil {
|
if has, err := db.Exist[Session](ctx, builder.Eq{"`key`": newKey}); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
} else if has {
|
} else if has {
|
||||||
return nil, fmt.Errorf("session Key: %s already exists", newKey)
|
return nil, fmt.Errorf("session Key: %s already exists", newKey)
|
||||||
}
|
}
|
||||||
|
|
||||||
if has, err := db.Exist[Session](ctx, builder.Eq{"key": oldKey}); err != nil {
|
if has, err := db.Exist[Session](ctx, builder.Eq{"`key`": oldKey}); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
} else if !has {
|
} else if !has {
|
||||||
if err := db.Insert(ctx, &Session{
|
if err := db.Insert(ctx, &Session{
|
||||||
|
@ -96,7 +99,7 @@ func RegenerateSession(ctx context.Context, oldKey, newKey string) (*Session, er
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
s, _, err := db.Get[Session](ctx, builder.Eq{"key": newKey})
|
s, _, err := db.Get[Session](ctx, builder.Eq{"`key`": newKey})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
// is not exist, it should be impossible
|
// is not exist, it should be impossible
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
|
@ -0,0 +1,37 @@
|
||||||
|
// Copyright 2023 The Gitea Authors. All rights reserved.
|
||||||
|
// SPDX-License-Identifier: MIT
|
||||||
|
|
||||||
|
package integration
|
||||||
|
|
||||||
|
import (
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"code.gitea.io/gitea/models/auth"
|
||||||
|
"code.gitea.io/gitea/models/db"
|
||||||
|
"code.gitea.io/gitea/models/unittest"
|
||||||
|
"code.gitea.io/gitea/tests"
|
||||||
|
|
||||||
|
"github.com/stretchr/testify/assert"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Test_RegenerateSession(t *testing.T) {
|
||||||
|
defer tests.PrepareTestEnv(t)()
|
||||||
|
|
||||||
|
assert.NoError(t, unittest.PrepareTestDatabase())
|
||||||
|
|
||||||
|
key := "new_key890123456" // it must be 16 characters long
|
||||||
|
key2 := "new_key890123457" // it must be 16 characters
|
||||||
|
exist, err := auth.ExistSession(db.DefaultContext, key)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.False(t, exist)
|
||||||
|
|
||||||
|
sess, err := auth.RegenerateSession(db.DefaultContext, "", key)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.EqualValues(t, key, sess.Key)
|
||||||
|
assert.Len(t, sess.Data, 0)
|
||||||
|
|
||||||
|
sess, err = auth.ReadSession(db.DefaultContext, key2)
|
||||||
|
assert.NoError(t, err)
|
||||||
|
assert.EqualValues(t, key2, sess.Key)
|
||||||
|
assert.Len(t, sess.Data, 0)
|
||||||
|
}
|
Loading…
Reference in New Issue