2018-09-29 10:33:54 +02:00
|
|
|
// Copyright 2018 The Gitea Authors. All rights reserved.
|
2014-04-10 20:20:58 +02:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
2022-11-27 19:20:29 +01:00
|
|
|
// SPDX-License-Identifier: MIT
|
2014-04-10 20:20:58 +02:00
|
|
|
|
2016-12-06 18:58:31 +01:00
|
|
|
package templates
|
2014-04-10 20:20:58 +02:00
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2018-02-27 08:09:18 +01:00
|
|
|
"html"
|
2014-04-10 20:20:58 +02:00
|
|
|
"html/template"
|
2017-11-28 10:43:51 +01:00
|
|
|
"net/url"
|
2024-02-25 11:45:56 +01:00
|
|
|
"slices"
|
2014-04-10 20:20:58 +02:00
|
|
|
"strings"
|
|
|
|
"time"
|
2014-05-26 02:11:25 +02:00
|
|
|
|
2023-10-06 09:46:36 +02:00
|
|
|
user_model "code.gitea.io/gitea/models/user"
|
2016-11-10 17:24:48 +01:00
|
|
|
"code.gitea.io/gitea/modules/base"
|
2017-09-16 19:17:57 +02:00
|
|
|
"code.gitea.io/gitea/modules/markup"
|
2016-11-10 17:24:48 +01:00
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2020-07-12 11:10:56 +02:00
|
|
|
"code.gitea.io/gitea/modules/svg"
|
Use a general Eval function for expressions in templates. (#23927)
One of the proposals in #23328
This PR introduces a simple expression calculator
(templates/eval/eval.go), it can do basic expression calculations.
Many untested template helper functions like `Mul` `Add` can be replaced
by this new approach.
Then these `Add` / `Mul` / `percentage` / `Subtract` / `DiffStatsWidth`
could all use this `Eval`.
And it provides enhancements for Golang templates, and improves
readability.
Some examples:
----
* Before: `{{Add (Mul $glyph.Row 12) 12}}`
* After: `{{Eval $glyph.Row "*" 12 "+" 12}}`
----
* Before: `{{if lt (Add $i 1) (len $.Topics)}}`
* After: `{{if Eval $i "+" 1 "<" (len $.Topics)}}`
## FAQ
### Why not use an existing expression package?
We need a highly customized expression engine:
* do the calculation on the fly, without pre-compiling
* deal with int/int64/float64 types, to make the result could be used in
Golang template.
* make the syntax could be used in the Golang template directly
* do not introduce too much complex or strange syntax, we just need a
simple calculator.
* it needs to strictly follow Golang template's behavior, for example,
Golang template treats all non-zero values as truth, but many 3rd
packages don't do so.
### What's the benefit?
* Developers don't need to add more `Add`/`Mul`/`Sub`-like functions,
they were getting more and more.
Now, only one `Eval` is enough for all cases.
* The new code reads better than old `{{Add (Mul $glyph.Row 12) 12}}`,
the old one isn't familiar to most procedural programming developers
(eg, the Golang expression syntax).
* The `Eval` is fully covered by tests, many old `Add`/`Mul`-like
functions were never tested.
### The performance?
It doesn't use `reflect`, it doesn't need to parse or compile when used
in Golang template, the performance is as fast as native Go template.
### Is it too complex? Could it be unstable?
The expression calculator program is a common homework for computer
science students, and it's widely used as a teaching and practicing
purpose for developers. The algorithm is pretty well-known.
The behavior can be clearly defined, it is stable.
2023-04-07 15:25:49 +02:00
|
|
|
"code.gitea.io/gitea/modules/templates/eval"
|
2019-08-15 16:46:21 +02:00
|
|
|
"code.gitea.io/gitea/modules/timeutil"
|
|
|
|
"code.gitea.io/gitea/modules/util"
|
2019-09-06 04:20:09 +02:00
|
|
|
"code.gitea.io/gitea/services/gitdiff"
|
2014-04-10 20:20:58 +02:00
|
|
|
)
|
|
|
|
|
2016-11-25 07:23:48 +01:00
|
|
|
// NewFuncMap returns functions for injecting to templates
|
2023-04-30 14:22:23 +02:00
|
|
|
func NewFuncMap() template.FuncMap {
|
2023-07-04 20:36:08 +02:00
|
|
|
return map[string]any{
|
2023-08-08 03:22:47 +02:00
|
|
|
"ctx": func() any { return nil }, // template context function
|
|
|
|
|
2023-04-29 14:02:29 +02:00
|
|
|
"DumpVar": dumpVar,
|
|
|
|
|
2023-04-08 15:15:22 +02:00
|
|
|
// -----------------------------------------------------------------
|
|
|
|
// html/template related functions
|
2024-03-01 11:16:19 +01:00
|
|
|
"dict": dict, // it's lowercase because this name has been widely used. Our other functions should have uppercase names.
|
|
|
|
"Eval": Eval,
|
|
|
|
"SafeHTML": SafeHTML,
|
|
|
|
"HTMLFormat": HTMLFormat,
|
|
|
|
"HTMLEscape": HTMLEscape,
|
|
|
|
"QueryEscape": url.QueryEscape,
|
|
|
|
"JSEscape": JSEscapeSafe,
|
|
|
|
"SanitizeHTML": SanitizeHTML,
|
|
|
|
"URLJoin": util.URLJoin,
|
|
|
|
"DotEscape": DotEscape,
|
2023-04-08 15:15:22 +02:00
|
|
|
|
|
|
|
"PathEscape": url.PathEscape,
|
|
|
|
"PathEscapeSegments": util.PathEscapeSegments,
|
|
|
|
|
2023-04-22 20:16:22 +02:00
|
|
|
// utils
|
|
|
|
"StringUtils": NewStringUtils,
|
|
|
|
"SliceUtils": NewSliceUtils,
|
2023-04-29 14:02:29 +02:00
|
|
|
"JsonUtils": NewJsonUtils,
|
2023-04-08 15:15:22 +02:00
|
|
|
|
|
|
|
// -----------------------------------------------------------------
|
|
|
|
// svg / avatar / icon
|
2023-08-10 05:19:39 +02:00
|
|
|
"svg": svg.RenderHTML,
|
|
|
|
"EntryIcon": base.EntryIcon,
|
|
|
|
"MigrationIcon": MigrationIcon,
|
|
|
|
"ActionIcon": ActionIcon,
|
2023-04-08 15:15:22 +02:00
|
|
|
|
2023-04-29 14:02:29 +02:00
|
|
|
"SortArrow": SortArrow,
|
2023-04-08 15:15:22 +02:00
|
|
|
|
|
|
|
// -----------------------------------------------------------------
|
|
|
|
// time / number / format
|
|
|
|
"FileSize": base.FileSize,
|
|
|
|
"CountFmt": base.FormatNumberSI,
|
|
|
|
"TimeSince": timeutil.TimeSince,
|
|
|
|
"TimeSinceUnix": timeutil.TimeSinceUnix,
|
2023-04-23 21:12:33 +02:00
|
|
|
"DateTime": timeutil.DateTime,
|
2023-04-08 15:15:22 +02:00
|
|
|
"Sec2Time": util.SecToTime,
|
|
|
|
"LoadTimes": func(startTime time.Time) string {
|
|
|
|
return fmt.Sprint(time.Since(startTime).Nanoseconds()/1e6) + "ms"
|
|
|
|
},
|
|
|
|
|
|
|
|
// -----------------------------------------------------------------
|
|
|
|
// setting
|
2016-03-06 22:40:04 +01:00
|
|
|
"AppName": func() string {
|
|
|
|
return setting.AppName
|
|
|
|
},
|
|
|
|
"AppSubUrl": func() string {
|
2016-11-27 11:14:25 +01:00
|
|
|
return setting.AppSubURL
|
2016-03-06 22:40:04 +01:00
|
|
|
},
|
2021-05-08 16:27:25 +02:00
|
|
|
"AssetUrlPrefix": func() string {
|
2021-04-28 14:35:06 +02:00
|
|
|
return setting.StaticURLPrefix + "/assets"
|
2019-10-22 14:11:01 +02:00
|
|
|
},
|
2016-03-06 22:40:04 +01:00
|
|
|
"AppUrl": func() string {
|
2023-02-09 17:31:30 +01:00
|
|
|
// The usage of AppUrl should be avoided as much as possible,
|
|
|
|
// because the AppURL(ROOT_URL) may not match user's visiting site and the ROOT_URL in app.ini may be incorrect.
|
|
|
|
// And it's difficult for Gitea to guess absolute URL correctly with zero configuration,
|
|
|
|
// because Gitea doesn't know whether the scheme is HTTP or HTTPS unless the reverse proxy could tell Gitea.
|
2016-11-27 11:14:25 +01:00
|
|
|
return setting.AppURL
|
2016-03-06 22:40:04 +01:00
|
|
|
},
|
|
|
|
"AppVer": func() string {
|
|
|
|
return setting.AppVer
|
|
|
|
},
|
2023-04-07 09:31:41 +02:00
|
|
|
"AppDomain": func() string { // documented in mail-templates.md
|
2016-03-06 22:40:04 +01:00
|
|
|
return setting.Domain
|
|
|
|
},
|
[FEAT] Repository flags
This implements "repository flags", a way for instance administrators to
assign custom flags to repositories. The idea is that custom templates
can look at these flags, and display banners based on them, Forgejo does
not provide anything built on top of it, just the foundation. The
feature is optional, and disabled by default. To enable it, set
`[repository].ENABLE_FLAGS = true`.
On the UI side, instance administrators will see a new "Manage flags"
tab on repositories, and a list of enabled tags (if any) on the
repository home page. The "Manage flags" page allows them to remove
existing flags, or add any new ones that are listed in
`[repository].SETTABLE_FLAGS`.
The model does not enforce that only the `SETTABLE_FLAGS` are present.
If the setting is changed, old flags may remain present in the database,
and anything that uses them, will still work. The repository flag
management page will allow an instance administrator to remove them, but
not set them, once removed.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit ba735ce2228f8dd7ca105e94b9baa1be058ebe37)
(cherry picked from commit f09f6e029b4fb2714b86cd32dc19255078ecc0ee)
(cherry picked from commit 2f8b0414892f6099f519bda63a9e0fbc8ba6cfc7)
(cherry picked from commit d3186ee5f41fac896c7d2341402fcd39dd250bf1)
2024-01-04 14:28:19 +01:00
|
|
|
"RepoFlagsEnabled": func() bool {
|
|
|
|
return setting.Repository.EnableFlags
|
|
|
|
},
|
2022-08-23 14:58:04 +02:00
|
|
|
"AssetVersion": func() string {
|
|
|
|
return setting.AssetVersion
|
|
|
|
},
|
2019-05-08 10:41:35 +02:00
|
|
|
"DefaultShowFullName": func() bool {
|
|
|
|
return setting.UI.DefaultShowFullName
|
|
|
|
},
|
2016-09-01 07:01:32 +02:00
|
|
|
"ShowFooterTemplateLoadTime": func() bool {
|
2023-04-23 01:38:25 +02:00
|
|
|
return setting.Other.ShowFooterTemplateLoadTime
|
2016-09-01 07:01:32 +02:00
|
|
|
},
|
2019-12-28 00:43:56 +01:00
|
|
|
"AllowedReactions": func() []string {
|
|
|
|
return setting.UI.Reactions
|
|
|
|
},
|
2021-06-29 16:28:38 +02:00
|
|
|
"CustomEmojis": func() map[string]string {
|
|
|
|
return setting.UI.CustomEmojisMap
|
|
|
|
},
|
2017-04-01 03:03:01 +02:00
|
|
|
"MetaAuthor": func() string {
|
|
|
|
return setting.UI.Meta.Author
|
|
|
|
},
|
|
|
|
"MetaDescription": func() string {
|
|
|
|
return setting.UI.Meta.Description
|
|
|
|
},
|
|
|
|
"MetaKeywords": func() string {
|
|
|
|
return setting.UI.Meta.Keywords
|
|
|
|
},
|
2021-02-20 00:06:56 +01:00
|
|
|
"EnableTimetracking": func() bool {
|
|
|
|
return setting.Service.EnableTimetracking
|
|
|
|
},
|
2017-09-12 11:25:42 +02:00
|
|
|
"DisableGitHooks": func() bool {
|
|
|
|
return setting.DisableGitHooks
|
|
|
|
},
|
2021-02-11 18:34:34 +01:00
|
|
|
"DisableWebhooks": func() bool {
|
|
|
|
return setting.DisableWebhooks
|
|
|
|
},
|
2018-08-24 07:00:22 +02:00
|
|
|
"DisableImportLocal": func() bool {
|
|
|
|
return !setting.ImportLocalPaths
|
|
|
|
},
|
2023-10-06 09:46:36 +02:00
|
|
|
"ThemeName": func(user *user_model.User) string {
|
|
|
|
if user == nil || user.Theme == "" {
|
|
|
|
return setting.UI.DefaultTheme
|
|
|
|
}
|
|
|
|
return user.Theme
|
2018-07-05 23:25:04 +02:00
|
|
|
},
|
2023-07-04 20:36:08 +02:00
|
|
|
"NotificationSettings": func() map[string]any {
|
|
|
|
return map[string]any{
|
2020-05-07 23:49:00 +02:00
|
|
|
"MinTimeout": int(setting.UI.Notification.MinTimeout / time.Millisecond),
|
|
|
|
"TimeoutStep": int(setting.UI.Notification.TimeoutStep / time.Millisecond),
|
|
|
|
"MaxTimeout": int(setting.UI.Notification.MaxTimeout / time.Millisecond),
|
|
|
|
"EventSourceUpdateTime": int(setting.UI.Notification.EventSourceUpdateTime / time.Millisecond),
|
2020-04-24 05:57:38 +02:00
|
|
|
}
|
|
|
|
},
|
2023-04-08 15:15:22 +02:00
|
|
|
"MermaidMaxSourceCharacters": func() int {
|
|
|
|
return setting.MermaidMaxSourceCharacters
|
|
|
|
},
|
2020-11-08 18:21:54 +01:00
|
|
|
|
2023-04-08 15:15:22 +02:00
|
|
|
// -----------------------------------------------------------------
|
|
|
|
// render
|
|
|
|
"RenderCommitMessage": RenderCommitMessage,
|
|
|
|
"RenderCommitMessageLinkSubject": RenderCommitMessageLinkSubject,
|
2020-11-08 18:21:54 +01:00
|
|
|
|
2023-04-08 15:15:22 +02:00
|
|
|
"RenderCommitBody": RenderCommitBody,
|
|
|
|
"RenderCodeBlock": RenderCodeBlock,
|
|
|
|
"RenderIssueTitle": RenderIssueTitle,
|
|
|
|
"RenderEmoji": RenderEmoji,
|
|
|
|
"ReactionToEmoji": ReactionToEmoji,
|
2020-06-25 00:23:05 +02:00
|
|
|
|
2023-04-29 14:02:29 +02:00
|
|
|
"RenderMarkdownToHtml": RenderMarkdownToHtml,
|
|
|
|
"RenderLabel": RenderLabel,
|
|
|
|
"RenderLabels": RenderLabels,
|
2023-04-08 15:15:22 +02:00
|
|
|
|
|
|
|
// -----------------------------------------------------------------
|
|
|
|
// misc
|
|
|
|
"ShortSha": base.ShortSha,
|
|
|
|
"ActionContent2Commits": ActionContent2Commits,
|
|
|
|
"IsMultilineCommitMessage": IsMultilineCommitMessage,
|
|
|
|
"CommentMustAsDiff": gitdiff.CommentMustAsDiff,
|
|
|
|
"MirrorRemoteAddress": mirrorRemoteAddress,
|
|
|
|
|
2023-04-29 14:02:29 +02:00
|
|
|
"FilenameIsImage": FilenameIsImage,
|
|
|
|
"TabSizeClass": TabSizeClass,
|
2023-04-30 14:22:23 +02:00
|
|
|
}
|
2019-11-07 14:34:28 +01:00
|
|
|
}
|
|
|
|
|
2024-02-25 11:45:56 +01:00
|
|
|
func HTMLFormat(s string, rawArgs ...any) template.HTML {
|
|
|
|
args := slices.Clone(rawArgs)
|
|
|
|
for i, v := range args {
|
|
|
|
switch v := v.(type) {
|
|
|
|
case nil, bool, int, int8, int16, int32, int64, uint, uint8, uint16, uint32, uint64, float32, float64, template.HTML:
|
|
|
|
// for most basic types (including template.HTML which is safe), just do nothing and use it
|
|
|
|
case string:
|
|
|
|
args[i] = template.HTMLEscapeString(v)
|
|
|
|
case fmt.Stringer:
|
|
|
|
args[i] = template.HTMLEscapeString(v.String())
|
|
|
|
default:
|
|
|
|
args[i] = template.HTMLEscapeString(fmt.Sprint(v))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return template.HTML(fmt.Sprintf(s, args...))
|
|
|
|
}
|
|
|
|
|
|
|
|
// SafeHTML render raw as HTML
|
|
|
|
func SafeHTML(s any) template.HTML {
|
2024-02-14 22:48:45 +01:00
|
|
|
switch v := s.(type) {
|
|
|
|
case string:
|
|
|
|
return template.HTML(v)
|
|
|
|
case template.HTML:
|
|
|
|
return v
|
|
|
|
}
|
|
|
|
panic(fmt.Sprintf("unexpected type %T", s))
|
|
|
|
}
|
|
|
|
|
2024-03-01 11:16:19 +01:00
|
|
|
// SanitizeHTML sanitizes the input by pre-defined markdown rules
|
|
|
|
func SanitizeHTML(s any) template.HTML {
|
2024-02-14 22:48:45 +01:00
|
|
|
switch v := s.(type) {
|
|
|
|
case string:
|
|
|
|
return template.HTML(markup.Sanitize(v))
|
|
|
|
case template.HTML:
|
|
|
|
return template.HTML(markup.Sanitize(string(v)))
|
|
|
|
}
|
|
|
|
panic(fmt.Sprintf("unexpected type %T", s))
|
2015-08-08 11:10:34 +02:00
|
|
|
}
|
|
|
|
|
2024-02-25 15:02:20 +01:00
|
|
|
func HTMLEscape(s any) template.HTML {
|
2024-02-14 22:48:45 +01:00
|
|
|
switch v := s.(type) {
|
|
|
|
case string:
|
|
|
|
return template.HTML(html.EscapeString(v))
|
|
|
|
case template.HTML:
|
|
|
|
return v
|
|
|
|
}
|
|
|
|
panic(fmt.Sprintf("unexpected type %T", s))
|
|
|
|
}
|
|
|
|
|
2024-02-18 10:52:02 +01:00
|
|
|
func JSEscapeSafe(s string) template.HTML {
|
|
|
|
return template.HTML(template.JSEscapeString(s))
|
|
|
|
}
|
|
|
|
|
2022-03-23 13:34:20 +01:00
|
|
|
// DotEscape wraps a dots in names with ZWJ [U+200D] in order to prevent autolinkers from detecting these as urls
|
|
|
|
func DotEscape(raw string) string {
|
|
|
|
return strings.ReplaceAll(raw, ".", "\u200d.\u200d")
|
|
|
|
}
|
|
|
|
|
Use a general Eval function for expressions in templates. (#23927)
One of the proposals in #23328
This PR introduces a simple expression calculator
(templates/eval/eval.go), it can do basic expression calculations.
Many untested template helper functions like `Mul` `Add` can be replaced
by this new approach.
Then these `Add` / `Mul` / `percentage` / `Subtract` / `DiffStatsWidth`
could all use this `Eval`.
And it provides enhancements for Golang templates, and improves
readability.
Some examples:
----
* Before: `{{Add (Mul $glyph.Row 12) 12}}`
* After: `{{Eval $glyph.Row "*" 12 "+" 12}}`
----
* Before: `{{if lt (Add $i 1) (len $.Topics)}}`
* After: `{{if Eval $i "+" 1 "<" (len $.Topics)}}`
## FAQ
### Why not use an existing expression package?
We need a highly customized expression engine:
* do the calculation on the fly, without pre-compiling
* deal with int/int64/float64 types, to make the result could be used in
Golang template.
* make the syntax could be used in the Golang template directly
* do not introduce too much complex or strange syntax, we just need a
simple calculator.
* it needs to strictly follow Golang template's behavior, for example,
Golang template treats all non-zero values as truth, but many 3rd
packages don't do so.
### What's the benefit?
* Developers don't need to add more `Add`/`Mul`/`Sub`-like functions,
they were getting more and more.
Now, only one `Eval` is enough for all cases.
* The new code reads better than old `{{Add (Mul $glyph.Row 12) 12}}`,
the old one isn't familiar to most procedural programming developers
(eg, the Golang expression syntax).
* The `Eval` is fully covered by tests, many old `Add`/`Mul`-like
functions were never tested.
### The performance?
It doesn't use `reflect`, it doesn't need to parse or compile when used
in Golang template, the performance is as fast as native Go template.
### Is it too complex? Could it be unstable?
The expression calculator program is a common homework for computer
science students, and it's widely used as a teaching and practicing
purpose for developers. The algorithm is pretty well-known.
The behavior can be clearly defined, it is stable.
2023-04-07 15:25:49 +02:00
|
|
|
// Eval the expression and return the result, see the comment of eval.Expr for details.
|
|
|
|
// To use this helper function in templates, pass each token as a separate parameter.
|
|
|
|
//
|
|
|
|
// {{ $int64 := Eval $var "+" 1 }}
|
|
|
|
// {{ $float64 := Eval $var "+" 1.0 }}
|
|
|
|
//
|
|
|
|
// Golang's template supports comparable int types, so the int64 result can be used in later statements like {{if lt $int64 10}}
|
|
|
|
func Eval(tokens ...any) (any, error) {
|
|
|
|
n, err := eval.Expr(tokens...)
|
|
|
|
return n.Value, err
|
|
|
|
}
|