diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go index cbea5a95dd5f3..923b5f5759c10 100644 --- a/models/migrations/migrations.go +++ b/models/migrations/migrations.go @@ -282,6 +282,8 @@ var migrations = []Migration{ NewMigration("remove release attachments which repository deleted", removeAttachmentMissedRepo), // v113 -> v114 NewMigration("new feature: change target branch of pull requests", featureChangeTargetBranch), + // v114 -> v115 + NewMigration("Remove authentication credentials from stored URL", sanitizeOriginalURL), } // Migrate database to current version diff --git a/models/migrations/v114.go b/models/migrations/v114.go new file mode 100644 index 0000000000000..25a187f6e8ab1 --- /dev/null +++ b/models/migrations/v114.go @@ -0,0 +1,52 @@ +// Copyright 2019 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package migrations + +import ( + "net/url" + + "xorm.io/xorm" +) + +func sanitizeOriginalURL(x *xorm.Engine) error { + + type Repository struct { + ID int64 + OriginalURL string `xorm:"VARCHAR(2048)"` + } + + var last int + const batchSize = 50 + for { + var results = make([]Repository, 0, batchSize) + err := x.Where("original_url <> '' AND original_url IS NOT NULL"). + And("original_service_type = 0 OR original_service_type IS NULL"). + OrderBy("id"). + Limit(batchSize, last). + Find(&results) + if err != nil { + return err + } + if len(results) == 0 { + break + } + last += len(results) + + for _, res := range results { + u, err := url.Parse(res.OriginalURL) + if err != nil { + // it is ok to continue here, we only care about fixing URLs that we can read + continue + } + u.User = nil + originalURL := u.String() + _, err = x.Exec("UPDATE repository SET original_url = ? WHERE id = ?", originalURL, res.ID) + if err != nil { + return err + } + } + } + return nil +}