Fix maven pom inheritance (#32943)

Fix  #30568
This commit is contained in:
wxiaoguang 2024-12-25 12:28:37 +08:00 committed by GitHub
parent ca31d478ee
commit 973363fec3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 63 additions and 9 deletions

View File

@ -7,6 +7,7 @@ import (
"encoding/xml" "encoding/xml"
"io" "io"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/modules/validation" "code.gitea.io/gitea/modules/validation"
"golang.org/x/net/html/charset" "golang.org/x/net/html/charset"
@ -32,17 +33,26 @@ type Dependency struct {
type pomStruct struct { type pomStruct struct {
XMLName xml.Name `xml:"project"` XMLName xml.Name `xml:"project"`
Parent struct {
GroupID string `xml:"groupId"`
ArtifactID string `xml:"artifactId"`
Version string `xml:"version"`
} `xml:"parent"`
GroupID string `xml:"groupId"` GroupID string `xml:"groupId"`
ArtifactID string `xml:"artifactId"` ArtifactID string `xml:"artifactId"`
Version string `xml:"version"` Version string `xml:"version"`
Name string `xml:"name"` Name string `xml:"name"`
Description string `xml:"description"` Description string `xml:"description"`
URL string `xml:"url"` URL string `xml:"url"`
Licenses []struct { Licenses []struct {
Name string `xml:"name"` Name string `xml:"name"`
URL string `xml:"url"` URL string `xml:"url"`
Distribution string `xml:"distribution"` Distribution string `xml:"distribution"`
} `xml:"licenses>license"` } `xml:"licenses>license"`
Dependencies []struct { Dependencies []struct {
GroupID string `xml:"groupId"` GroupID string `xml:"groupId"`
ArtifactID string `xml:"artifactId"` ArtifactID string `xml:"artifactId"`
@ -81,8 +91,16 @@ func ParsePackageMetaData(r io.Reader) (*Metadata, error) {
}) })
} }
pomGroupID := pom.GroupID
if pomGroupID == "" {
// the current module could inherit parent: https://maven.apache.org/pom.html#Inheritance
pomGroupID = pom.Parent.GroupID
}
if pomGroupID == "" {
return nil, util.ErrInvalidArgument
}
return &Metadata{ return &Metadata{
GroupID: pom.GroupID, GroupID: pomGroupID,
ArtifactID: pom.ArtifactID, ArtifactID: pom.ArtifactID,
Name: pom.Name, Name: pom.Name,
Description: pom.Description, Description: pom.Description,

View File

@ -7,7 +7,10 @@ import (
"strings" "strings"
"testing" "testing"
"code.gitea.io/gitea/modules/util"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"golang.org/x/text/encoding/charmap" "golang.org/x/text/encoding/charmap"
) )
@ -86,4 +89,35 @@ func TestParsePackageMetaData(t *testing.T) {
assert.NoError(t, err) assert.NoError(t, err)
assert.NotNil(t, m) assert.NotNil(t, m)
}) })
t.Run("ParentInherit", func(t *testing.T) {
pom := `<?xml version="1.0"?>
<project>
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>com.mycompany.app</groupId>
<artifactId>my-app</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>submodule1</artifactId>
</project>
`
m, err := ParsePackageMetaData(strings.NewReader(pom))
require.NoError(t, err)
require.NotNil(t, m)
assert.Equal(t, "com.mycompany.app", m.GroupID)
assert.Equal(t, "submodule1", m.ArtifactID)
})
t.Run("ParentInherit", func(t *testing.T) {
pom := `<?xml version="1.0"?>
<project>
<modelVersion>4.0.0</modelVersion>
<artifactId></artifactId>
</project>
`
_, err := ParsePackageMetaData(strings.NewReader(pom))
require.ErrorIs(t, err, util.ErrInvalidArgument)
})
} }

View File

@ -461,6 +461,8 @@ func CommonRoutes() *web.Router {
r.Post("/api/charts", reqPackageAccess(perm.AccessModeWrite), helm.UploadPackage) r.Post("/api/charts", reqPackageAccess(perm.AccessModeWrite), helm.UploadPackage)
}, reqPackageAccess(perm.AccessModeRead)) }, reqPackageAccess(perm.AccessModeRead))
r.Group("/maven", func() { r.Group("/maven", func() {
// FIXME: this path design is not right.
// It should be `/.../{groupId}/{artifactId}/{version}`, but not `/.../{groupId}-{artifactId}/{version}`
r.Put("/*", reqPackageAccess(perm.AccessModeWrite), maven.UploadPackageFile) r.Put("/*", reqPackageAccess(perm.AccessModeWrite), maven.UploadPackageFile)
r.Get("/*", maven.DownloadPackageFile) r.Get("/*", maven.DownloadPackageFile)
r.Head("/*", maven.ProvidePackageFileHeader) r.Head("/*", maven.ProvidePackageFileHeader)