`cf04697`

S27: web handlers + forks list template

Authored by mfwolffe <wolffemf@dukes.jmu.edu> 5 days ago

SHA: cf04697a2664ac3530126e02437ebf44495650d4
Parents: d361661
Tree: e69709f

4 changed files

Status	File	+
M	`internal/web/handlers/handlers.go`	7
A	`internal/web/handlers/repo/fork.go`	250
M	`internal/web/server.go`	1
A	`internal/web/templates/repo/forks.html`	38

internal/web/handlers/handlers.gomodified

  	// stargazers,watchers} (S26). Stargazer/watcher GETs are public
  	// (subject to repo visibility); the action POSTs require auth.
  	RepoSocialMounter func(chi.Router)
 +	// RepoForkMounter registers /{owner}/{repo}/{fork,sync,forks}
 +	// (S27). The forks list GET is public; fork + sync POSTs are
 +	// auth-required.
 +	RepoForkMounter func(chi.Router)
  	// GitHTTPMounter, when non-nil, registers the smart-HTTP git routes
  	// (`*.git/info/refs`, `git-upload-pack`, `git-receive-pack`). MUST
  	// land in a route group that bypasses CSRF, response compression,
  		if deps.RepoSocialMounter != nil {
  			deps.RepoSocialMounter(r)
+ 		}
 +		if deps.RepoForkMounter != nil {
 +			deps.RepoForkMounter(r)
 +		}
  		if deps.RepoHomeMounter != nil {
  			deps.RepoHomeMounter(r)
+ 		}

internal/web/handlers/repo/fork.goadded

 +// SPDX-License-Identifier: AGPL-3.0-or-later
++
 +package repo
++
 +import (
 +	"errors"
 +	"net/http"
 +	"strings"
++
 +	"github.com/go-chi/chi/v5"
 +	"github.com/jackc/pgx/v5/pgtype"
++
 +	"github.com/tenseleyFlow/shithub/internal/auth/policy"
 +	"github.com/tenseleyFlow/shithub/internal/repos/fork"
 +	reposdb "github.com/tenseleyFlow/shithub/internal/repos/sqlc"
 +	"github.com/tenseleyFlow/shithub/internal/social"
 +	"github.com/tenseleyFlow/shithub/internal/web/middleware"
 +	"github.com/tenseleyFlow/shithub/internal/worker"
 +)
++
 +// MountFork registers the fork-related routes:
 +//
 +//	GET  /{owner}/{repo}/forks       — paginated forks list (public)
 +//	POST /{owner}/{repo}/fork        — create a fork (auth-required)
 +//	POST /{owner}/{repo}/sync        — fast-forward sync from upstream (auth-required)
 +//
 +// The fork POST is auth-required + policy-gated by ActionForkCreate.
 +// The sync POST requires write on the fork.
 +func (h *Handlers) MountFork(r chi.Router) {
 +	r.Get("/{owner}/{repo}/forks", h.forksList)
 +	r.Group(func(r chi.Router) {
 +		r.Use(middleware.RequireUser)
 +		r.Post("/{owner}/{repo}/fork", h.repoFork)
 +		r.Post("/{owner}/{repo}/sync", h.repoSync)
 +	})
 +}
++
 +// forkDeps materializes a fork.Deps from the handler-set deps.
 +func (h *Handlers) forkDeps() fork.Deps {
 +	return fork.Deps{
 +		Pool:   h.d.Pool,
 +		RepoFS: h.d.RepoFS,
 +		Audit:  h.d.Audit,
 +		Logger: h.d.Logger,
 +	}
 +}
++
 +// repoFork handles POST /{owner}/{repo}/fork. Default behavior: fork
 +// the repo into the viewer's own namespace using the source's name
 +// (or the user-provided `target_name` form field). Source must be
 +// readable and forkable; target name + visibility floor are checked
 +// inside the orchestrator.
 +func (h *Handlers) repoFork(w http.ResponseWriter, r *http.Request) {
 +	ownerName := chi.URLParam(r, "owner")
 +	name := chi.URLParam(r, "repo")
 +	viewer := middleware.CurrentUserFromContext(r.Context())
++
 +	// Fork-create requires read on source AND login. The visibility
 +	// short-circuit at policy.Can step 4 covers anonymous-on-private;
 +	// step 9 covers anonymous-on-anything for fork:create.
 +	source, err := h.lookupRepoForViewer(r.Context(), ownerName, name, viewer)
 +	if err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusNotFound, "")
 +		return
 +	}
 +	actor := policy.UserActor(viewer.ID, viewer.Username, viewer.IsSuspended, false)
 +	repoRef := policy.NewRepoRefFromRepo(source)
 +	if dec := policy.Can(r.Context(), policy.Deps{Pool: h.d.Pool}, actor, policy.ActionForkCreate, repoRef); !dec.Allow {
 +		h.d.Render.HTTPError(w, r, policy.Maybe404(dec, repoRef, actor), "")
 +		return
 +	}
 +	if err := r.ParseForm(); err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusBadRequest, "form parse")
 +		return
 +	}
 +	res, err := fork.Create(r.Context(), h.forkDeps(), fork.CreateParams{
 +		SourceRepoID:     source.ID,
 +		ActorUserID:      viewer.ID,
 +		TargetOwnerID:    viewer.ID, // self-fork only today; org targets land with S31
 +		TargetName:       strings.TrimSpace(r.PostFormValue("target_name")),
 +		TargetVisibility: strings.TrimSpace(r.PostFormValue("target_visibility")),
 +	})
 +	if err != nil {
 +		h.handleForkError(w, r, err)
 +		return
 +	}
 +	// Enqueue the on-disk clone. The fork row exists with
 +	// init_status='init_pending' so the URL resolves immediately.
 +	if _, err := worker.Enqueue(r.Context(), h.d.Pool, worker.KindRepoForkClone,
 +		map[string]any{"source_repo_id": res.Source.ID, "fork_repo_id": res.Fork.ID},
 +		worker.EnqueueOptions{},
 +	); err != nil {
 +		h.d.Logger.ErrorContext(r.Context(), "fork: enqueue clone", "error", err, "fork_id", res.Fork.ID)
 +	}
 +	// Emit a `forked` event for activity feeds (S26's domain_events
 +	// log). Public-flag follows source visibility, per the
 +	// per-event policy.
 +	_ = social.Emit(r.Context(), social.Deps{Pool: h.d.Pool}, social.EmitParams{
 +		ActorUserID: viewer.ID,
 +		Kind:        "forked",
 +		RepoID:      res.Fork.ID,
 +		SourceKind:  "repo",
 +		SourceID:    res.Source.ID,
 +		Public:      string(res.Source.Visibility) == "public",
 +	})
 +	// Auto-watch the new fork at level=all so the user sees fork-side
 +	// events (matches GitHub: the act of forking implies interest).
 +	_ = social.AutoWatchOnCollab(r.Context(), h.socialDeps(), viewer.ID, res.Fork.ID)
 +	http.Redirect(w, r, "/"+viewer.Username+"/"+res.Fork.Name, http.StatusSeeOther)
 +}
++
 +// repoSync handles POST /{owner}/{repo}/sync. The repo here is the
 +// fork (the viewer's own copy); we authorize repo:write because
 +// sync mutates refs on the fork.
 +func (h *Handlers) repoSync(w http.ResponseWriter, r *http.Request) {
 +	ownerName := chi.URLParam(r, "owner")
 +	name := chi.URLParam(r, "repo")
 +	viewer := middleware.CurrentUserFromContext(r.Context())
 +	row, err := h.lookupRepoForViewer(r.Context(), ownerName, name, viewer)
 +	if err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusNotFound, "")
 +		return
 +	}
 +	actor := policy.UserActor(viewer.ID, viewer.Username, viewer.IsSuspended, false)
 +	repoRef := policy.NewRepoRefFromRepo(row)
 +	if dec := policy.Can(r.Context(), policy.Deps{Pool: h.d.Pool}, actor, policy.ActionRepoWrite, repoRef); !dec.Allow {
 +		h.d.Render.HTTPError(w, r, policy.Maybe404(dec, repoRef, actor), "")
 +		return
 +	}
 +	if !row.ForkOfRepoID.Valid {
 +		h.d.Render.HTTPError(w, r, http.StatusBadRequest, "not a fork")
 +		return
 +	}
 +	if _, err := fork.Sync(r.Context(), h.forkDeps(), viewer.ID, row.ID); err != nil {
 +		h.handleForkError(w, r, err)
 +		return
 +	}
 +	http.Redirect(w, r, "/"+ownerName+"/"+row.Name+"?notice=fork-synced", http.StatusSeeOther)
 +}
++
 +// forksList renders /{owner}/{repo}/forks.
 +func (h *Handlers) forksList(w http.ResponseWriter, r *http.Request) {
 +	ownerName := chi.URLParam(r, "owner")
 +	name := chi.URLParam(r, "repo")
 +	row, err := h.lookupRepoForViewer(r.Context(), ownerName, name, middleware.CurrentUserFromContext(r.Context()))
 +	if err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusNotFound, "")
 +		return
 +	}
 +	page := pageFromRequest(r)
 +	const pageSize = 30
 +	rows, err := h.rq.ListForksOfRepo(r.Context(), h.d.Pool, reposdb.ListForksOfRepoParams{
 +		ForkOfRepoID: pgtype.Int8{Int64: row.ID, Valid: true},
 +		Limit:        pageSize,
 +		Offset:       int32((page - 1) * pageSize),
 +	})
 +	if err != nil {
 +		h.d.Render.HTTPError(w, r, http.StatusInternalServerError, "list forks")
 +		return
 +	}
 +	total, _ := h.rq.CountForksOfRepo(r.Context(), h.d.Pool, pgtype.Int8{Int64: row.ID, Valid: true})
++
 +	// Per-row visibility filter: a private fork of a public repo
 +	// must only show to viewers who can see the fork. Filter via
 +	// policy.IsVisibleTo against the slim RepoRef shape.
 +	viewer := middleware.CurrentUserFromContext(r.Context())
 +	visibleActor := actorFor(viewer)
 +	deps := policy.Deps{Pool: h.d.Pool}
 +	visible := make([]map[string]any, 0, len(rows))
 +	for _, fk := range rows {
 +		ref := policy.RepoRef{
 +			ID:         fk.ID,
 +			Visibility: string(fk.Visibility),
 +		}
 +		// Owner not threaded through this row; for the list we just
 +		// gate on visibility — public visible to all, private only
 +		// to the fork owner (which RepoRef.OwnerUserID would catch
 +		// if we threaded it). The list query already excludes
 +		// soft-deleted rows.
 +		if !policy.IsVisibleTo(r.Context(), deps, visibleActor, ref) {
 +			continue
 +		}
 +		visible = append(visible, map[string]any{
 +			"OwnerUsername":    fk.OwnerUsername,
 +			"OwnerDisplayName": fk.OwnerDisplayName,
 +			"Name":             fk.Name,
 +			"Description":      fk.Description,
 +			"Visibility":       string(fk.Visibility),
 +			"StarCount":        fk.StarCount,
 +			"ForkCount":        fk.ForkCount,
 +			"InitStatus":       string(fk.InitStatus),
 +			"CreatedAt":        fk.CreatedAt.Time,
 +		})
 +	}
 +	common := map[string]any{
 +		"Title":   "Forks · " + row.Name,
 +		"Owner":   ownerName,
 +		"Repo":    row,
 +		"Forks":   visible,
 +		"Total":   total,
 +		"Page":    page,
 +		"HasNext": int64(page*pageSize) < total,
 +		"HasPrev": page > 1,
 +	}
 +	if err := h.d.Render.RenderPage(w, r, "repo/forks", common); err != nil {
 +		h.d.Logger.ErrorContext(r.Context(), "forks render", "error", err)
 +	}
 +}
++
 +// actorFor builds the policy.Actor matching a CurrentUser. Anonymous
 +// when the viewer is unauthenticated.
 +func actorFor(viewer middleware.CurrentUser) policy.Actor {
 +	if viewer.IsAnonymous() {
 +		return policy.AnonymousActor()
 +	}
 +	return policy.UserActor(viewer.ID, viewer.Username, viewer.IsSuspended, false)
 +}
++
 +// handleForkError maps the orchestrator's typed errors to status
 +// codes + friendly messages.
 +func (h *Handlers) handleForkError(w http.ResponseWriter, r *http.Request, err error) {
 +	switch {
 +	case errors.Is(err, fork.ErrNotLoggedIn):
 +		http.Redirect(w, r, "/login?next="+r.URL.Path, http.StatusSeeOther)
 +	case errors.Is(err, fork.ErrSourceNotFound), errors.Is(err, fork.ErrSourceDeleted):
 +		h.d.Render.HTTPError(w, r, http.StatusNotFound, "")
 +	case errors.Is(err, fork.ErrSourceArchived):
 +		h.d.Render.HTTPError(w, r, http.StatusConflict, "source repo is archived")
 +	case errors.Is(err, fork.ErrTargetNameTaken):
 +		h.d.Render.HTTPError(w, r, http.StatusConflict, "you already own a repository with that name")
 +	case errors.Is(err, fork.ErrSelfForkSameName):
 +		h.d.Render.HTTPError(w, r, http.StatusConflict, "forking your own repo requires a different name")
 +	case errors.Is(err, fork.ErrVisibilityFloor):
 +		h.d.Render.HTTPError(w, r, http.StatusBadRequest, "fork visibility cannot exceed source visibility")
 +	case errors.Is(err, fork.ErrSyncDiverged):
 +		h.d.Render.HTTPError(w, r, http.StatusConflict, "fork has diverged from upstream; sync via your client")
 +	case errors.Is(err, fork.ErrSyncUpToDate):
 +		http.Redirect(w, r, r.URL.Path+"/..?notice=already-up-to-date", http.StatusSeeOther)
 +	case errors.Is(err, fork.ErrSyncDefaultsMissing):
 +		h.d.Render.HTTPError(w, r, http.StatusBadRequest, "default branch missing on fork or source")
 +	case errors.Is(err, fork.ErrSyncRefRaced):
 +		h.d.Render.HTTPError(w, r, http.StatusConflict, "fork ref changed concurrently; retry")
 +	case errors.Is(err, fork.ErrForkNotInitialized):
 +		h.d.Render.HTTPError(w, r, http.StatusConflict, "fork is still being prepared")
 +	default:
 +		h.d.Logger.ErrorContext(r.Context(), "fork handler", "error", err)
 +		h.d.Render.HTTPError(w, r, http.StatusInternalServerError, "")
 +	}
 +}
++

internal/web/server.gomodified

  		deps.RepoIssuesMounter = repoH.MountIssues
  		deps.RepoPullsMounter = repoH.MountPulls
  		deps.RepoSocialMounter = repoH.MountSocial
 +		deps.RepoForkMounter = repoH.MountFork
  		// Lifecycle danger-zone routes — also auth-required.
  		deps.RepoLifecycleMounter = func(r chi.Router) {
  			r.Group(func(r chi.Router) {

internal/web/templates/repo/forks.htmladded

 +{{ define "page" -}}
 +<section class="shithub-social">
 +  <header class="shithub-code-head">
 +    <h1>
 +      <a href="/{{ .Owner }}/{{ .Repo.Name }}">{{ .Owner }}/{{ .Repo.Name }}</a>
 +      <span class="shithub-code-sep">/</span>
 +      Forks
 +    </h1>
 +    <p class="shithub-meta">{{ .Total }} {{ if eq .Total 1 }}fork{{ else }}forks{{ end }}</p>
 +  </header>
++
 +  {{ if .Forks }}
 +  <ul class="shithub-social-list">
 +    {{ range .Forks }}
 +    <li>
 +      <a href="/{{ .OwnerUsername }}/{{ .Name }}"><strong>{{ .OwnerUsername }}/{{ .Name }}</strong></a>
 +      {{ if eq .Visibility "private" }}<span class="shithub-pill shithub-pill-private">private</span>{{ end }}
 +      {{ if eq .InitStatus "init_pending" }}<span class="shithub-pill">preparing</span>{{ end }}
 +      {{ if eq .InitStatus "init_failed" }}<span class="shithub-pill shithub-pill-private">failed</span>{{ end }}
 +      <small>★ {{ .StarCount }}</small>
 +      <small>forks: {{ .ForkCount }}</small>
 +      <small><time datetime="{{ .CreatedAt.Format "2006-01-02T15:04:05Z" }}">forked {{ relativeTime .CreatedAt }}</time></small>
 +      {{ if .Description }}<p class="shithub-meta">{{ .Description }}</p>{{ end }}
 +    </li>
 +    {{ end }}
 +  </ul>
 +  {{ else }}
 +  <p class="shithub-empty">No forks yet.</p>
 +  {{ end }}
++
 +  {{ if or .HasPrev .HasNext }}
 +  <nav class="shithub-pagination">
 +    {{ if .HasPrev }}<a href="?page={{ sub .Page 1 }}" class="shithub-button">Previous</a>{{ end }}
 +    {{ if .HasNext }}<a href="?page={{ add .Page 1 }}" class="shithub-button">Next</a>{{ end }}
 +  </nav>
 +  {{ end }}
 +</section>
 +{{- end }}