code.gitea.io/gitea@v1.19.3/modules/setting/service.go (about) 1 // Copyright 2019 The Gitea Authors. All rights reserved. 2 // SPDX-License-Identifier: MIT 3 4 package setting 5 6 import ( 7 "regexp" 8 "strings" 9 "time" 10 11 "code.gitea.io/gitea/modules/log" 12 "code.gitea.io/gitea/modules/structs" 13 ) 14 15 // enumerates all the types of captchas 16 const ( 17 ImageCaptcha = "image" 18 ReCaptcha = "recaptcha" 19 HCaptcha = "hcaptcha" 20 MCaptcha = "mcaptcha" 21 CfTurnstile = "cfturnstile" 22 ) 23 24 // Service settings 25 var Service = struct { 26 DefaultUserVisibility string 27 DefaultUserVisibilityMode structs.VisibleType 28 AllowedUserVisibilityModes []string 29 AllowedUserVisibilityModesSlice AllowedVisibility `ini:"-"` 30 DefaultOrgVisibility string 31 DefaultOrgVisibilityMode structs.VisibleType 32 ActiveCodeLives int 33 ResetPwdCodeLives int 34 RegisterEmailConfirm bool 35 RegisterManualConfirm bool 36 EmailDomainWhitelist []string 37 EmailDomainBlocklist []string 38 DisableRegistration bool 39 AllowOnlyInternalRegistration bool 40 AllowOnlyExternalRegistration bool 41 ShowRegistrationButton bool 42 ShowMilestonesDashboardPage bool 43 RequireSignInView bool 44 EnableNotifyMail bool 45 EnableBasicAuth bool 46 EnableReverseProxyAuth bool 47 EnableReverseProxyAutoRegister bool 48 EnableReverseProxyEmail bool 49 EnableReverseProxyFullName bool 50 EnableCaptcha bool 51 RequireCaptchaForLogin bool 52 RequireExternalRegistrationCaptcha bool 53 RequireExternalRegistrationPassword bool 54 CaptchaType string 55 RecaptchaSecret string 56 RecaptchaSitekey string 57 RecaptchaURL string 58 CfTurnstileSecret string 59 CfTurnstileSitekey string 60 HcaptchaSecret string 61 HcaptchaSitekey string 62 McaptchaSecret string 63 McaptchaSitekey string 64 McaptchaURL string 65 DefaultKeepEmailPrivate bool 66 DefaultAllowCreateOrganization bool 67 DefaultUserIsRestricted bool 68 EnableTimetracking bool 69 DefaultEnableTimetracking bool 70 DefaultEnableDependencies bool 71 AllowCrossRepositoryDependencies bool 72 DefaultAllowOnlyContributorsToTrackTime bool 73 NoReplyAddress string 74 EnableUserHeatmap bool 75 AutoWatchNewRepos bool 76 AutoWatchOnChanges bool 77 DefaultOrgMemberVisible bool 78 UserDeleteWithCommentsMaxTime time.Duration 79 ValidSiteURLSchemes []string 80 81 // OpenID settings 82 EnableOpenIDSignIn bool 83 EnableOpenIDSignUp bool 84 OpenIDWhitelist []*regexp.Regexp 85 OpenIDBlacklist []*regexp.Regexp 86 87 // Explore page settings 88 Explore struct { 89 RequireSigninView bool `ini:"REQUIRE_SIGNIN_VIEW"` 90 DisableUsersPage bool `ini:"DISABLE_USERS_PAGE"` 91 } `ini:"service.explore"` 92 }{ 93 AllowedUserVisibilityModesSlice: []bool{true, true, true}, 94 } 95 96 // AllowedVisibility store in a 3 item bool array what is allowed 97 type AllowedVisibility []bool 98 99 // IsAllowedVisibility check if a AllowedVisibility allow a specific VisibleType 100 func (a AllowedVisibility) IsAllowedVisibility(t structs.VisibleType) bool { 101 if int(t) >= len(a) { 102 return false 103 } 104 return a[t] 105 } 106 107 // ToVisibleTypeSlice convert a AllowedVisibility into a VisibleType slice 108 func (a AllowedVisibility) ToVisibleTypeSlice() (result []structs.VisibleType) { 109 for i, v := range a { 110 if v { 111 result = append(result, structs.VisibleType(i)) 112 } 113 } 114 return result 115 } 116 117 func loadServiceFrom(rootCfg ConfigProvider) { 118 sec := rootCfg.Section("service") 119 Service.ActiveCodeLives = sec.Key("ACTIVE_CODE_LIVE_MINUTES").MustInt(180) 120 Service.ResetPwdCodeLives = sec.Key("RESET_PASSWD_CODE_LIVE_MINUTES").MustInt(180) 121 Service.DisableRegistration = sec.Key("DISABLE_REGISTRATION").MustBool() 122 Service.AllowOnlyInternalRegistration = sec.Key("ALLOW_ONLY_INTERNAL_REGISTRATION").MustBool() 123 Service.AllowOnlyExternalRegistration = sec.Key("ALLOW_ONLY_EXTERNAL_REGISTRATION").MustBool() 124 if Service.AllowOnlyExternalRegistration && Service.AllowOnlyInternalRegistration { 125 log.Warn("ALLOW_ONLY_INTERNAL_REGISTRATION and ALLOW_ONLY_EXTERNAL_REGISTRATION are true - disabling registration") 126 Service.DisableRegistration = true 127 } 128 if !sec.Key("REGISTER_EMAIL_CONFIRM").MustBool() { 129 Service.RegisterManualConfirm = sec.Key("REGISTER_MANUAL_CONFIRM").MustBool(false) 130 } else { 131 Service.RegisterManualConfirm = false 132 } 133 Service.EmailDomainWhitelist = sec.Key("EMAIL_DOMAIN_WHITELIST").Strings(",") 134 Service.EmailDomainBlocklist = sec.Key("EMAIL_DOMAIN_BLOCKLIST").Strings(",") 135 Service.ShowRegistrationButton = sec.Key("SHOW_REGISTRATION_BUTTON").MustBool(!(Service.DisableRegistration || Service.AllowOnlyExternalRegistration)) 136 Service.ShowMilestonesDashboardPage = sec.Key("SHOW_MILESTONES_DASHBOARD_PAGE").MustBool(true) 137 Service.RequireSignInView = sec.Key("REQUIRE_SIGNIN_VIEW").MustBool() 138 Service.EnableBasicAuth = sec.Key("ENABLE_BASIC_AUTHENTICATION").MustBool(true) 139 Service.EnableReverseProxyAuth = sec.Key("ENABLE_REVERSE_PROXY_AUTHENTICATION").MustBool() 140 Service.EnableReverseProxyAutoRegister = sec.Key("ENABLE_REVERSE_PROXY_AUTO_REGISTRATION").MustBool() 141 Service.EnableReverseProxyEmail = sec.Key("ENABLE_REVERSE_PROXY_EMAIL").MustBool() 142 Service.EnableReverseProxyFullName = sec.Key("ENABLE_REVERSE_PROXY_FULL_NAME").MustBool() 143 Service.EnableCaptcha = sec.Key("ENABLE_CAPTCHA").MustBool(false) 144 Service.RequireCaptchaForLogin = sec.Key("REQUIRE_CAPTCHA_FOR_LOGIN").MustBool(false) 145 Service.RequireExternalRegistrationCaptcha = sec.Key("REQUIRE_EXTERNAL_REGISTRATION_CAPTCHA").MustBool(Service.EnableCaptcha) 146 Service.RequireExternalRegistrationPassword = sec.Key("REQUIRE_EXTERNAL_REGISTRATION_PASSWORD").MustBool() 147 Service.CaptchaType = sec.Key("CAPTCHA_TYPE").MustString(ImageCaptcha) 148 Service.RecaptchaSecret = sec.Key("RECAPTCHA_SECRET").MustString("") 149 Service.RecaptchaSitekey = sec.Key("RECAPTCHA_SITEKEY").MustString("") 150 Service.RecaptchaURL = sec.Key("RECAPTCHA_URL").MustString("https://www.google.com/recaptcha/") 151 Service.CfTurnstileSecret = sec.Key("CF_TURNSTILE_SECRET").MustString("") 152 Service.CfTurnstileSitekey = sec.Key("CF_TURNSTILE_SITEKEY").MustString("") 153 Service.HcaptchaSecret = sec.Key("HCAPTCHA_SECRET").MustString("") 154 Service.HcaptchaSitekey = sec.Key("HCAPTCHA_SITEKEY").MustString("") 155 Service.McaptchaURL = sec.Key("MCAPTCHA_URL").MustString("https://demo.mcaptcha.org/") 156 Service.McaptchaSecret = sec.Key("MCAPTCHA_SECRET").MustString("") 157 Service.McaptchaSitekey = sec.Key("MCAPTCHA_SITEKEY").MustString("") 158 Service.DefaultKeepEmailPrivate = sec.Key("DEFAULT_KEEP_EMAIL_PRIVATE").MustBool() 159 Service.DefaultAllowCreateOrganization = sec.Key("DEFAULT_ALLOW_CREATE_ORGANIZATION").MustBool(true) 160 Service.DefaultUserIsRestricted = sec.Key("DEFAULT_USER_IS_RESTRICTED").MustBool(false) 161 Service.EnableTimetracking = sec.Key("ENABLE_TIMETRACKING").MustBool(true) 162 if Service.EnableTimetracking { 163 Service.DefaultEnableTimetracking = sec.Key("DEFAULT_ENABLE_TIMETRACKING").MustBool(true) 164 } 165 Service.DefaultEnableDependencies = sec.Key("DEFAULT_ENABLE_DEPENDENCIES").MustBool(true) 166 Service.AllowCrossRepositoryDependencies = sec.Key("ALLOW_CROSS_REPOSITORY_DEPENDENCIES").MustBool(true) 167 Service.DefaultAllowOnlyContributorsToTrackTime = sec.Key("DEFAULT_ALLOW_ONLY_CONTRIBUTORS_TO_TRACK_TIME").MustBool(true) 168 Service.NoReplyAddress = sec.Key("NO_REPLY_ADDRESS").MustString("noreply." + Domain) 169 Service.EnableUserHeatmap = sec.Key("ENABLE_USER_HEATMAP").MustBool(true) 170 Service.AutoWatchNewRepos = sec.Key("AUTO_WATCH_NEW_REPOS").MustBool(true) 171 Service.AutoWatchOnChanges = sec.Key("AUTO_WATCH_ON_CHANGES").MustBool(false) 172 Service.DefaultUserVisibility = sec.Key("DEFAULT_USER_VISIBILITY").In("public", structs.ExtractKeysFromMapString(structs.VisibilityModes)) 173 Service.DefaultUserVisibilityMode = structs.VisibilityModes[Service.DefaultUserVisibility] 174 Service.AllowedUserVisibilityModes = sec.Key("ALLOWED_USER_VISIBILITY_MODES").Strings(",") 175 if len(Service.AllowedUserVisibilityModes) != 0 { 176 Service.AllowedUserVisibilityModesSlice = []bool{false, false, false} 177 for _, sMode := range Service.AllowedUserVisibilityModes { 178 Service.AllowedUserVisibilityModesSlice[structs.VisibilityModes[sMode]] = true 179 } 180 } 181 Service.DefaultOrgVisibility = sec.Key("DEFAULT_ORG_VISIBILITY").In("public", structs.ExtractKeysFromMapString(structs.VisibilityModes)) 182 Service.DefaultOrgVisibilityMode = structs.VisibilityModes[Service.DefaultOrgVisibility] 183 Service.DefaultOrgMemberVisible = sec.Key("DEFAULT_ORG_MEMBER_VISIBLE").MustBool() 184 Service.UserDeleteWithCommentsMaxTime = sec.Key("USER_DELETE_WITH_COMMENTS_MAX_TIME").MustDuration(0) 185 sec.Key("VALID_SITE_URL_SCHEMES").MustString("http,https") 186 Service.ValidSiteURLSchemes = sec.Key("VALID_SITE_URL_SCHEMES").Strings(",") 187 schemes := make([]string, len(Service.ValidSiteURLSchemes)) 188 for _, scheme := range Service.ValidSiteURLSchemes { 189 scheme = strings.ToLower(strings.TrimSpace(scheme)) 190 if scheme != "" { 191 schemes = append(schemes, scheme) 192 } 193 } 194 Service.ValidSiteURLSchemes = schemes 195 196 mustMapSetting(rootCfg, "service.explore", &Service.Explore) 197 198 loadOpenIDSetting(rootCfg) 199 } 200 201 func loadOpenIDSetting(rootCfg ConfigProvider) { 202 sec := rootCfg.Section("openid") 203 Service.EnableOpenIDSignIn = sec.Key("ENABLE_OPENID_SIGNIN").MustBool(!InstallLock) 204 Service.EnableOpenIDSignUp = sec.Key("ENABLE_OPENID_SIGNUP").MustBool(!Service.DisableRegistration && Service.EnableOpenIDSignIn) 205 pats := sec.Key("WHITELISTED_URIS").Strings(" ") 206 if len(pats) != 0 { 207 Service.OpenIDWhitelist = make([]*regexp.Regexp, len(pats)) 208 for i, p := range pats { 209 Service.OpenIDWhitelist[i] = regexp.MustCompilePOSIX(p) 210 } 211 } 212 pats = sec.Key("BLACKLISTED_URIS").Strings(" ") 213 if len(pats) != 0 { 214 Service.OpenIDBlacklist = make([]*regexp.Regexp, len(pats)) 215 for i, p := range pats { 216 Service.OpenIDBlacklist[i] = regexp.MustCompilePOSIX(p) 217 } 218 } 219 }