diff --git a/models/bots/teabot.go b/models/bots/teabot.go new file mode 100644 index 0000000000..8921b2d224 --- /dev/null +++ b/models/bots/teabot.go @@ -0,0 +1,16 @@ +// Copyright 2022 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package bots + +import user_model "code.gitea.io/gitea/models/user" + +// NewBotUser creates and returns a fake user for running the build. +func NewBotUser() *user_model.User { + return &user_model.User{ + ID: -2, + Name: "gitea-bots", + LowerName: "gitea-bots", + } +} diff --git a/models/user/user.go b/models/user/user.go index 1a71acb0b7..09d1048eb3 100644 --- a/models/user/user.go +++ b/models/user/user.go @@ -577,6 +577,13 @@ func (u *User) IsGhost() bool { return u.ID == -1 && u.Name == "Ghost" } +func (u *User) IsBots() bool { + if u == nil { + return false + } + return u.ID == -2 && u.Name == "gitea-bots" +} + var ( reservedUsernames = []string{ ".", diff --git a/services/auth/basic.go b/services/auth/basic.go index a339be2ae7..3225575a6a 100644 --- a/services/auth/basic.go +++ b/services/auth/basic.go @@ -109,26 +109,12 @@ func (b *Basic) Verify(req *http.Request, w http.ResponseWriter, store DataStore } // check runner token + // FIXME: the token should be a task token and return a task runner, err := bots_model.GetRunnerByToken(authToken) - if err == nil { + if err == nil && runner != nil { log.Trace("Basic Authorization: Valid AccessToken for runner[%d]", runner.ID) - if runner.OwnerID > 0 { - u, err := user_model.GetUserByID(runner.OwnerID) - if err != nil { - log.Error("GetUserByID: %v", err) - return nil - } - return u - } - - // FIXME: for a system wide runner, runner act as admin?? Or we should have a bot account - u, err := user_model.GetAdminUser() - if err != nil { - log.Error("GetUserByID: %v", err) - return nil - } - return u + return bots_model.NewBotUser() } else { log.Error("GetRunnerByToken: %v", err) }