Rename ctx.User to ctx.Doer

integrations/repofiles_delete_test.go

@@ -77,7 +77,7 @@ func testDeleteRepoFile(t *testing.T, u *url.URL) {
 	test.LoadGitRepo(t, ctx)
 	defer ctx.Repo.GitRepo.Close()
 	repo := ctx.Repo.Repository
-	doer := ctx.User
+	doer := ctx.Doer
 	opts := getDeleteRepoFileOptions(repo)
 
 	t.Run("Delete README.md file", func(t *testing.T) {
@@ -117,7 +117,7 @@ func testDeleteRepoFileWithoutBranchNames(t *testing.T, u *url.URL) {
 	defer ctx.Repo.GitRepo.Close()
 
 	repo := ctx.Repo.Repository
-	doer := ctx.User
+	doer := ctx.Doer
 	opts := getDeleteRepoFileOptions(repo)
 	opts.OldBranch = ""
 	opts.NewBranch = ""
@@ -147,7 +147,7 @@ func TestDeleteRepoFileErrors(t *testing.T) {
 	defer ctx.Repo.GitRepo.Close()
 
 	repo := ctx.Repo.Repository
-	doer := ctx.User
+	doer := ctx.Doer
 
 	t.Run("Bad branch", func(t *testing.T) {
 		opts := getDeleteRepoFileOptions(repo)

integrations/repofiles_update_test.go

@@ -194,7 +194,7 @@ func TestCreateOrUpdateRepoFileForCreate(t *testing.T) {
 		defer ctx.Repo.GitRepo.Close()
 
 		repo := ctx.Repo.Repository
-		doer := ctx.User
+		doer := ctx.Doer
 		opts := getCreateRepoFileOptions(repo)
 
 		// test
@@ -230,7 +230,7 @@ func TestCreateOrUpdateRepoFileForUpdate(t *testing.T) {
 		defer ctx.Repo.GitRepo.Close()
 
 		repo := ctx.Repo.Repository
-		doer := ctx.User
+		doer := ctx.Doer
 		opts := getUpdateRepoFileOptions(repo)
 
 		// test
@@ -263,7 +263,7 @@ func TestCreateOrUpdateRepoFileForUpdateWithFileMove(t *testing.T) {
 		defer ctx.Repo.GitRepo.Close()
 
 		repo := ctx.Repo.Repository
-		doer := ctx.User
+		doer := ctx.Doer
 		opts := getUpdateRepoFileOptions(repo)
 		opts.FromTreePath = "README.md"
 		opts.TreePath = "README_new.md" // new file name, README_new.md
@@ -313,7 +313,7 @@ func TestCreateOrUpdateRepoFileWithoutBranchNames(t *testing.T) {
 		defer ctx.Repo.GitRepo.Close()
 
 		repo := ctx.Repo.Repository
-		doer := ctx.User
+		doer := ctx.Doer
 		opts := getUpdateRepoFileOptions(repo)
 		opts.OldBranch = ""
 		opts.NewBranch = ""
@@ -344,7 +344,7 @@ func TestCreateOrUpdateRepoFileErrors(t *testing.T) {
 		defer ctx.Repo.GitRepo.Close()
 
 		repo := ctx.Repo.Repository
-		doer := ctx.User
+		doer := ctx.Doer
 
 		t.Run("bad branch", func(t *testing.T) {
 			opts := getUpdateRepoFileOptions(repo)

modules/context/api.go

@@ -100,7 +100,7 @@ func (ctx *APIContext) Error(status int, title string, obj interface{}) {
 	if status == http.StatusInternalServerError {
 		log.ErrorWithSkip(1, "%s: %s", title, message)
 
-		if setting.IsProd && !(ctx.User != nil && ctx.User.IsAdmin) {
+		if setting.IsProd && !(ctx.Doer != nil && ctx.Doer.IsAdmin) {
 			message = ""
 		}
 	}
@@ -117,7 +117,7 @@ func (ctx *APIContext) InternalServerError(err error) {
 	log.ErrorWithSkip(1, "InternalServerError: %v", err)
 
 	var message string
-	if !setting.IsProd || (ctx.User != nil && ctx.User.IsAdmin) {
+	if !setting.IsProd || (ctx.Doer != nil && ctx.Doer.IsAdmin) {
 		message = err.Error()
 	}
 
@@ -225,7 +225,7 @@ func (ctx *APIContext) CheckForOTP() {
 	}
 
 	otpHeader := ctx.Req.Header.Get("X-Gitea-OTP")
-	twofa, err := auth.GetTwoFactorByUID(ctx.Context.User.ID)
+	twofa, err := auth.GetTwoFactorByUID(ctx.Context.Doer.ID)
 	if err != nil {
 		if auth.IsErrTwoFactorNotEnrolled(err) {
 			return // No 2FA enrollment for this user
@@ -248,18 +248,18 @@ func (ctx *APIContext) CheckForOTP() {
 func APIAuth(authMethod auth_service.Method) func(*APIContext) {
 	return func(ctx *APIContext) {
 		// Get user from session if logged in.
-		ctx.User = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session)
-		if ctx.User != nil {
-			if ctx.Locale.Language() != ctx.User.Language {
+		ctx.Doer = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session)
+		if ctx.Doer != nil {
+			if ctx.Locale.Language() != ctx.Doer.Language {
 				ctx.Locale = middleware.Locale(ctx.Resp, ctx.Req)
 			}
 			ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == auth_service.BasicMethodName
 			ctx.IsSigned = true
 			ctx.Data["IsSigned"] = ctx.IsSigned
-			ctx.Data["SignedUser"] = ctx.User
-			ctx.Data["SignedUserID"] = ctx.User.ID
-			ctx.Data["SignedUserName"] = ctx.User.Name
-			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
+			ctx.Data["SignedUser"] = ctx.Doer
+			ctx.Data["SignedUserID"] = ctx.Doer.ID
+			ctx.Data["SignedUserName"] = ctx.Doer.Name
+			ctx.Data["IsAdmin"] = ctx.Doer.IsAdmin
 		} else {
 			ctx.Data["SignedUserID"] = int64(0)
 			ctx.Data["SignedUserName"] = ""

modules/context/auth.go

@@ -27,19 +27,19 @@ func Toggle(options *ToggleOptions) func(ctx *Context) {
 	return func(ctx *Context) {
 		// Check prohibit login users.
 		if ctx.IsSigned {
-			if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
+			if !ctx.Doer.IsActive && setting.Service.RegisterEmailConfirm {
 				ctx.Data["Title"] = ctx.Tr("auth.active_your_account")
 				ctx.HTML(http.StatusOK, "user/auth/activate")
 				return
 			}
-			if !ctx.User.IsActive || ctx.User.ProhibitLogin {
-				log.Info("Failed authentication attempt for %s from %s", ctx.User.Name, ctx.RemoteAddr())
+			if !ctx.Doer.IsActive || ctx.Doer.ProhibitLogin {
+				log.Info("Failed authentication attempt for %s from %s", ctx.Doer.Name, ctx.RemoteAddr())
 				ctx.Data["Title"] = ctx.Tr("auth.prohibit_login")
 				ctx.HTML(http.StatusOK, "user/auth/prohibit_login")
 				return
 			}
 
-			if ctx.User.MustChangePassword {
+			if ctx.Doer.MustChangePassword {
 				if ctx.Req.URL.Path != "/user/settings/change_password" {
 					ctx.Data["Title"] = ctx.Tr("auth.must_change_password")
 					ctx.Data["ChangePasscodeLink"] = setting.AppSubURL + "/user/change_password"
@@ -76,7 +76,7 @@ func Toggle(options *ToggleOptions) func(ctx *Context) {
 				}
 				ctx.Redirect(setting.AppSubURL + "/user/login")
 				return
-			} else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
+			} else if !ctx.Doer.IsActive && setting.Service.RegisterEmailConfirm {
 				ctx.Data["Title"] = ctx.Tr("auth.active_your_account")
 				ctx.HTML(http.StatusOK, "user/auth/activate")
 				return
@@ -94,7 +94,7 @@ func Toggle(options *ToggleOptions) func(ctx *Context) {
 		}
 
 		if options.AdminRequired {
-			if !ctx.User.IsAdmin {
+			if !ctx.Doer.IsAdmin {
 				ctx.Error(http.StatusForbidden)
 				return
 			}
@@ -108,23 +108,23 @@ func ToggleAPI(options *ToggleOptions) func(ctx *APIContext) {
 	return func(ctx *APIContext) {
 		// Check prohibit login users.
 		if ctx.IsSigned {
-			if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
+			if !ctx.Doer.IsActive && setting.Service.RegisterEmailConfirm {
 				ctx.Data["Title"] = ctx.Tr("auth.active_your_account")
 				ctx.JSON(http.StatusForbidden, map[string]string{
 					"message": "This account is not activated.",
 				})
 				return
 			}
-			if !ctx.User.IsActive || ctx.User.ProhibitLogin {
-				log.Info("Failed authentication attempt for %s from %s", ctx.User.Name, ctx.RemoteAddr())
+			if !ctx.Doer.IsActive || ctx.Doer.ProhibitLogin {
+				log.Info("Failed authentication attempt for %s from %s", ctx.Doer.Name, ctx.RemoteAddr())
 				ctx.Data["Title"] = ctx.Tr("auth.prohibit_login")
 				ctx.JSON(http.StatusForbidden, map[string]string{
 					"message": "This account is prohibited from signing in, please contact your site administrator.",
 				})
 				return
 			}
 
-			if ctx.User.MustChangePassword {
+			if ctx.Doer.MustChangePassword {
 				ctx.JSON(http.StatusForbidden, map[string]string{
 					"message": "You must change your password. Change it at: " + setting.AppURL + "/user/change_password",
 				})
@@ -145,7 +145,7 @@ func ToggleAPI(options *ToggleOptions) func(ctx *APIContext) {
 					"message": "Only signed in user is allowed to call APIs.",
 				})
 				return
-			} else if !ctx.User.IsActive && setting.Service.RegisterEmailConfirm {
+			} else if !ctx.Doer.IsActive && setting.Service.RegisterEmailConfirm {
 				ctx.Data["Title"] = ctx.Tr("auth.active_your_account")
 				ctx.HTML(http.StatusOK, "user/auth/activate")
 				return
@@ -154,7 +154,7 @@ func ToggleAPI(options *ToggleOptions) func(ctx *APIContext) {
 				if skip, ok := ctx.Data["SkipLocalTwoFA"]; ok && skip.(bool) {
 					return // Skip 2FA
 				}
-				twofa, err := auth.GetTwoFactorByUID(ctx.User.ID)
+				twofa, err := auth.GetTwoFactorByUID(ctx.Doer.ID)
 				if err != nil {
 					if auth.IsErrTwoFactorNotEnrolled(err) {
 						return // No 2FA enrollment for this user
@@ -178,7 +178,7 @@ func ToggleAPI(options *ToggleOptions) func(ctx *APIContext) {
 		}
 
 		if options.AdminRequired {
-			if !ctx.User.IsAdmin {
+			if !ctx.Doer.IsAdmin {
 				ctx.JSON(http.StatusForbidden, map[string]string{
 					"message": "You have no permission to request for this.",
 				})

modules/context/context.go

@@ -63,7 +63,7 @@ type Context struct {
 
 	Link        string // current request URL
 	EscapedLink string
-	User        *user_model.User
+	Doer        *user_model.User
 	IsSigned    bool
 	IsBasicAuth bool
 
@@ -88,7 +88,7 @@ func (ctx *Context) GetData() map[string]interface{} {
 
 // IsUserSiteAdmin returns true if current user is a site admin
 func (ctx *Context) IsUserSiteAdmin() bool {
-	return ctx.IsSigned && ctx.User.IsAdmin
+	return ctx.IsSigned && ctx.Doer.IsAdmin
 }
 
 // IsUserRepoOwner returns true if current user owns current repo
@@ -574,10 +574,10 @@ func GetContext(req *http.Request) *Context {
 // GetContextUser returns context user
 func GetContextUser(req *http.Request) *user_model.User {
 	if apiContext, ok := req.Context().Value(apiContextKey).(*APIContext); ok {
-		return apiContext.User
+		return apiContext.Doer
 	}
 	if ctx, ok := req.Context().Value(contextKey).(*Context); ok {
-		return ctx.User
+		return ctx.Doer
 	}
 	return nil
 }
@@ -599,18 +599,18 @@ func getCsrfOpts() CsrfOptions {
 // Auth converts auth.Auth as a middleware
 func Auth(authMethod auth.Method) func(*Context) {
 	return func(ctx *Context) {
-		ctx.User = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session)
-		if ctx.User != nil {
-			if ctx.Locale.Language() != ctx.User.Language {
+		ctx.Doer = authMethod.Verify(ctx.Req, ctx.Resp, ctx, ctx.Session)
+		if ctx.Doer != nil {
+			if ctx.Locale.Language() != ctx.Doer.Language {
 				ctx.Locale = middleware.Locale(ctx.Resp, ctx.Req)
 			}
 			ctx.IsBasicAuth = ctx.Data["AuthedMethod"].(string) == auth.BasicMethodName
 			ctx.IsSigned = true
 			ctx.Data["IsSigned"] = ctx.IsSigned
-			ctx.Data["SignedUser"] = ctx.User
-			ctx.Data["SignedUserID"] = ctx.User.ID
-			ctx.Data["SignedUserName"] = ctx.User.Name
-			ctx.Data["IsAdmin"] = ctx.User.IsAdmin
+			ctx.Data["SignedUser"] = ctx.Doer
+			ctx.Data["SignedUserID"] = ctx.Doer.ID
+			ctx.Data["SignedUserName"] = ctx.Doer.Name
+			ctx.Data["IsAdmin"] = ctx.Doer.IsAdmin
 		} else {
 			ctx.Data["SignedUserID"] = int64(0)
 			ctx.Data["SignedUserName"] = ""

modules/context/org.go

@@ -77,14 +77,14 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 	ctx.Data["OrgTeams"] = teams
 
 	// Admin has super access.
-	if ctx.IsSigned && ctx.User.IsAdmin {
+	if ctx.IsSigned && ctx.Doer.IsAdmin {
 		ctx.Org.IsOwner = true
 		ctx.Org.IsMember = true
 		ctx.Org.IsTeamMember = true
 		ctx.Org.IsTeamAdmin = true
 		ctx.Org.CanCreateOrgRepo = true
 	} else if ctx.IsSigned {
-		ctx.Org.IsOwner, err = org.IsOwnedBy(ctx.User.ID)
+		ctx.Org.IsOwner, err = org.IsOwnedBy(ctx.Doer.ID)
 		if err != nil {
 			ctx.ServerError("IsOwnedBy", err)
 			return
@@ -96,12 +96,12 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 			ctx.Org.IsTeamAdmin = true
 			ctx.Org.CanCreateOrgRepo = true
 		} else {
-			ctx.Org.IsMember, err = org.IsOrgMember(ctx.User.ID)
+			ctx.Org.IsMember, err = org.IsOrgMember(ctx.Doer.ID)
 			if err != nil {
 				ctx.ServerError("IsOrgMember", err)
 				return
 			}
-			ctx.Org.CanCreateOrgRepo, err = org.CanCreateOrgRepo(ctx.User.ID)
+			ctx.Org.CanCreateOrgRepo, err = org.CanCreateOrgRepo(ctx.Doer.ID)
 			if err != nil {
 				ctx.ServerError("CanCreateOrgRepo", err)
 				return
@@ -133,7 +133,7 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 		if ctx.Org.IsOwner {
 			shouldSeeAllTeams = true
 		} else {
-			teams, err := org.GetUserTeams(ctx.User.ID)
+			teams, err := org.GetUserTeams(ctx.Doer.ID)
 			if err != nil {
 				ctx.ServerError("GetUserTeams", err)
 				return
@@ -152,7 +152,7 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 				return
 			}
 		} else {
-			ctx.Org.Teams, err = org.GetUserTeams(ctx.User.ID)
+			ctx.Org.Teams, err = org.GetUserTeams(ctx.Doer.ID)
 			if err != nil {
 				ctx.ServerError("GetUserTeams", err)
 				return

modules/context/permission.go

@@ -49,7 +49,7 @@ func RequireRepoReader(unitType unit.Type) func(ctx *Context) {
 				if ctx.IsSigned {
 					log.Trace("Permission Denied: User %-v cannot read %-v in Repo %-v\n"+
 						"User in Repo has Permissions: %-+v",
-						ctx.User,
+						ctx.Doer,
 						unitType,
 						ctx.Repo.Repository,
 						ctx.Repo.Permission)
@@ -80,7 +80,7 @@ func RequireRepoReaderOr(unitTypes ...unit.Type) func(ctx *Context) {
 			var args []interface{}
 			if ctx.IsSigned {
 				format = "Permission Denied: User %-v cannot read ["
-				args = append(args, ctx.User)
+				args = append(args, ctx.Doer)
 			} else {
 				format = "Permission Denied: Anonymous user cannot read ["
 			}