Refactor web route handler (#33488)

routers/web/org/home.go

@@ -34,7 +34,7 @@ func Home(ctx *context.Context) {
 	}
 
 	ctx.SetPathParam("org", uname)
-	context.HandleOrgAssignment(ctx)
+	context.OrgAssignment(context.OrgAssignmentOptions{})(ctx)
 	if ctx.Written() {
 		return
 	}

routers/web/repo/repo.go

@@ -304,31 +304,6 @@ func CreatePost(ctx *context.Context) {
 	handleCreateError(ctx, ctxUser, err, "CreatePost", tplCreate, &form)
 }
 
-const (
-	tplWatchUnwatch templates.TplName = "repo/watch_unwatch"
-	tplStarUnstar   templates.TplName = "repo/star_unstar"
-)
-
-func acceptTransfer(ctx *context.Context) {
-	err := repo_service.AcceptTransferOwnership(ctx, ctx.Repo.Repository, ctx.Doer)
-	if err == nil {
-		ctx.Flash.Success(ctx.Tr("repo.settings.transfer.success"))
-		ctx.Redirect(ctx.Repo.Repository.Link())
-		return
-	}
-	handleActionError(ctx, err)
-}
-
-func rejectTransfer(ctx *context.Context) {
-	err := repo_service.RejectRepositoryTransfer(ctx, ctx.Repo.Repository, ctx.Doer)
-	if err == nil {
-		ctx.Flash.Success(ctx.Tr("repo.settings.transfer.rejected"))
-		ctx.Redirect(ctx.Repo.Repository.Link())
-		return
-	}
-	handleActionError(ctx, err)
-}
-
 func handleActionError(ctx *context.Context, err error) {
 	if errors.Is(err, user_model.ErrBlockedUser) {
 		ctx.Flash.Error(ctx.Tr("repo.action.blocked_user"))
@@ -339,72 +314,6 @@ func handleActionError(ctx *context.Context, err error) {
 	}
 }
 
-// Action response for actions to a repository
-func Action(ctx *context.Context) {
-	var err error
-	switch ctx.PathParam("action") {
-	case "watch":
-		err = repo_model.WatchRepo(ctx, ctx.Doer, ctx.Repo.Repository, true)
-	case "unwatch":
-		err = repo_model.WatchRepo(ctx, ctx.Doer, ctx.Repo.Repository, false)
-	case "star":
-		err = repo_model.StarRepo(ctx, ctx.Doer, ctx.Repo.Repository, true)
-	case "unstar":
-		err = repo_model.StarRepo(ctx, ctx.Doer, ctx.Repo.Repository, false)
-	case "accept_transfer":
-		acceptTransfer(ctx)
-		return
-	case "reject_transfer":
-		rejectTransfer(ctx)
-		return
-	case "desc": // FIXME: this is not used
-		if !ctx.Repo.IsOwner() {
-			ctx.Error(http.StatusNotFound)
-			return
-		}
-
-		ctx.Repo.Repository.Description = ctx.FormString("desc")
-		ctx.Repo.Repository.Website = ctx.FormString("site")
-		err = repo_service.UpdateRepository(ctx, ctx.Repo.Repository, false)
-	}
-
-	if err != nil {
-		handleActionError(ctx, err)
-		return
-	}
-
-	switch ctx.PathParam("action") {
-	case "watch", "unwatch":
-		ctx.Data["IsWatchingRepo"] = repo_model.IsWatching(ctx, ctx.Doer.ID, ctx.Repo.Repository.ID)
-	case "star", "unstar":
-		ctx.Data["IsStaringRepo"] = repo_model.IsStaring(ctx, ctx.Doer.ID, ctx.Repo.Repository.ID)
-	}
-
-	// see the `hx-trigger="refreshUserCards ..."` comments in tmpl
-	ctx.RespHeader().Add("hx-trigger", "refreshUserCards")
-
-	switch ctx.PathParam("action") {
-	case "watch", "unwatch", "star", "unstar":
-		// we have to reload the repository because NumStars or NumWatching (used in the templates) has just changed
-		ctx.Data["Repository"], err = repo_model.GetRepositoryByName(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.Name)
-		if err != nil {
-			ctx.ServerError(fmt.Sprintf("Action (%s)", ctx.PathParam("action")), err)
-			return
-		}
-	}
-
-	switch ctx.PathParam("action") {
-	case "watch", "unwatch":
-		ctx.HTML(http.StatusOK, tplWatchUnwatch)
-		return
-	case "star", "unstar":
-		ctx.HTML(http.StatusOK, tplStarUnstar)
-		return
-	}
-
-	ctx.RedirectToCurrentSite(ctx.FormString("redirect_to"), ctx.Repo.RepoLink)
-}
-
 // RedirectDownload return a file based on the following infos:
 func RedirectDownload(ctx *context.Context) {
 	var (

routers/web/repo/star.go

@@ -0,0 +1,31 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"net/http"
+
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/services/context"
+)
+
+const tplStarUnstar templates.TplName = "repo/star_unstar"
+
+func ActionStar(ctx *context.Context) {
+	err := repo_model.StarRepo(ctx, ctx.Doer, ctx.Repo.Repository, ctx.PathParam("action") == "star")
+	if err != nil {
+		handleActionError(ctx, err)
+		return
+	}
+
+	ctx.Data["IsStaringRepo"] = repo_model.IsStaring(ctx, ctx.Doer.ID, ctx.Repo.Repository.ID)
+	ctx.Data["Repository"], err = repo_model.GetRepositoryByName(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.Name)
+	if err != nil {
+		ctx.ServerError("GetRepositoryByName", err)
+		return
+	}
+	ctx.RespHeader().Add("hx-trigger", "refreshUserCards") // see the `hx-trigger="refreshUserCards ..."` comments in tmpl
+	ctx.HTML(http.StatusOK, tplStarUnstar)
+}

routers/web/repo/transfer.go

@@ -0,0 +1,38 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"code.gitea.io/gitea/services/context"
+	repo_service "code.gitea.io/gitea/services/repository"
+)
+
+func acceptTransfer(ctx *context.Context) {
+	err := repo_service.AcceptTransferOwnership(ctx, ctx.Repo.Repository, ctx.Doer)
+	if err == nil {
+		ctx.Flash.Success(ctx.Tr("repo.settings.transfer.success"))
+		ctx.Redirect(ctx.Repo.Repository.Link())
+		return
+	}
+	handleActionError(ctx, err)
+}
+
+func rejectTransfer(ctx *context.Context) {
+	err := repo_service.RejectRepositoryTransfer(ctx, ctx.Repo.Repository, ctx.Doer)
+	if err == nil {
+		ctx.Flash.Success(ctx.Tr("repo.settings.transfer.rejected"))
+		ctx.Redirect(ctx.Repo.Repository.Link())
+		return
+	}
+	handleActionError(ctx, err)
+}
+
+func ActionTransfer(ctx *context.Context) {
+	switch ctx.PathParam("action") {
+	case "accept_transfer":
+		acceptTransfer(ctx)
+	case "reject_transfer":
+		rejectTransfer(ctx)
+	}
+}

routers/web/repo/watch.go

@@ -0,0 +1,31 @@
+// Copyright 2025 The Gitea Authors. All rights reserved.
+// SPDX-License-Identifier: MIT
+
+package repo
+
+import (
+	"net/http"
+
+	repo_model "code.gitea.io/gitea/models/repo"
+	"code.gitea.io/gitea/modules/templates"
+	"code.gitea.io/gitea/services/context"
+)
+
+const tplWatchUnwatch templates.TplName = "repo/watch_unwatch"
+
+func ActionWatch(ctx *context.Context) {
+	err := repo_model.WatchRepo(ctx, ctx.Doer, ctx.Repo.Repository, ctx.PathParam("action") == "watch")
+	if err != nil {
+		handleActionError(ctx, err)
+		return
+	}
+
+	ctx.Data["IsWatchingRepo"] = repo_model.IsWatching(ctx, ctx.Doer.ID, ctx.Repo.Repository.ID)
+	ctx.Data["Repository"], err = repo_model.GetRepositoryByName(ctx, ctx.Repo.Repository.OwnerID, ctx.Repo.Repository.Name)
+	if err != nil {
+		ctx.ServerError("GetRepositoryByName", err)
+		return
+	}
+	ctx.RespHeader().Add("hx-trigger", "refreshUserCards") // see the `hx-trigger="refreshUserCards ..."` comments in tmpl
+	ctx.HTML(http.StatusOK, tplWatchUnwatch)
+}

routers/web/user/profile.go

@@ -313,8 +313,8 @@ func prepareUserProfileTabData(ctx *context.Context, showPrivate bool, profileDb
 	ctx.Data["Page"] = pager
 }
 
-// Action response for follow/unfollow user request
+// ActionUserFollow is for follow/unfollow user request
-func Action(ctx *context.Context) {
+func ActionUserFollow(ctx *context.Context) {
 	var err error
 	switch ctx.FormString("action") {
 	case "follow":
@@ -339,6 +339,6 @@ func Action(ctx *context.Context) {
 		ctx.HTML(http.StatusOK, tplFollowUnfollow)
 		return
 	}
-	log.Error("Failed to apply action %q: unsupport context user type: %s", ctx.FormString("action"), ctx.ContextUser.Type)
+	log.Error("Failed to apply action %q: unsupported context user type: %s", ctx.FormString("action"), ctx.ContextUser.Type)
 	ctx.Error(http.StatusBadRequest, fmt.Sprintf("Action %q failed", ctx.FormString("action")))
 }

routers/web/web.go

@@ -822,7 +822,7 @@ func registerRoutes(m *web.Router) {
 		m.Methods("GET, OPTIONS", "/attachments/{uuid}", optionsCorsHandler(), repo.GetAttachment)
 	}, optSignIn)
 
-	m.Post("/{username}", reqSignIn, context.UserAssignmentWeb(), user.Action)
+	m.Post("/{username}", reqSignIn, context.UserAssignmentWeb(), user.ActionUserFollow)
 
 	reqRepoAdmin := context.RequireRepoAdmin()
 	reqRepoCodeWriter := context.RequireUnitWriter(unit.TypeCode)
@@ -872,7 +872,7 @@ func registerRoutes(m *web.Router) {
 	m.Group("/org", func() {
 		m.Group("/{org}", func() {
 			m.Get("/members", org.Members)
-		}, context.OrgAssignment())
+		}, context.OrgAssignment(context.OrgAssignmentOptions{}))
 	}, optSignIn)
 	// end "/org": members
 
@@ -898,19 +898,20 @@ func registerRoutes(m *web.Router) {
 			m.Get("/milestones/{team}", reqMilestonesDashboardPageEnabled, user.Milestones)
 			m.Post("/members/action/{action}", org.MembersAction)
 			m.Get("/teams", org.Teams)
-		}, context.OrgAssignment(true, false, true))
+		}, context.OrgAssignment(context.OrgAssignmentOptions{RequireMember: true, RequireTeamMember: true}))
 
 		m.Group("/{org}", func() {
 			m.Get("/teams/{team}", org.TeamMembers)
 			m.Get("/teams/{team}/repositories", org.TeamRepositories)
 			m.Post("/teams/{team}/action/{action}", org.TeamsAction)
 			m.Post("/teams/{team}/action/repo/{action}", org.TeamsRepoAction)
-		}, context.OrgAssignment(true, false, true))
+		}, context.OrgAssignment(context.OrgAssignmentOptions{RequireMember: true, RequireTeamMember: true}))
 
-		// require admin permission
+		// require member/team-admin permission (old logic is: requireMember=true, requireTeamAdmin=true)
+		// but it doesn't seem right: requireTeamAdmin does nothing
 		m.Group("/{org}", func() {
 			m.Get("/teams/-/search", org.SearchTeam)
-		}, context.OrgAssignment(true, false, false, true))
+		}, context.OrgAssignment(context.OrgAssignmentOptions{RequireMember: true, RequireTeamAdmin: true}))
 
 		// require owner permission
 		m.Group("/{org}", func() {
@@ -920,7 +921,7 @@ func registerRoutes(m *web.Router) {
 			m.Post("/teams/{team}/edit", web.Bind(forms.CreateTeamForm{}), org.EditTeamPost)
 			m.Post("/teams/{team}/delete", org.DeleteTeam)
 
-			m.Get("/worktime", context.OrgAssignment(false, true), org.Worktime)
+			m.Get("/worktime", context.OrgAssignment(context.OrgAssignmentOptions{RequireOwner: true}), org.Worktime)
 
 			m.Group("/settings", func() {
 				m.Combo("").Get(org.Settings).
@@ -989,7 +990,7 @@ func registerRoutes(m *web.Router) {
 					m.Post("", web.Bind(forms.BlockUserForm{}), org.BlockedUsersPost)
 				})
 			}, ctxDataSet("EnableOAuth2", setting.OAuth2.Enabled, "EnablePackages", setting.Packages.Enabled, "PageIsOrgSettings", true))
-		}, context.OrgAssignment(true, true))
+		}, context.OrgAssignment(context.OrgAssignmentOptions{RequireOwner: true}))
 	}, reqSignIn)
 	// end "/org": most org routes
 
@@ -1059,7 +1060,7 @@ func registerRoutes(m *web.Router) {
 		m.Group("", func() {
 			m.Get("/code", user.CodeSearch)
 		}, reqUnitAccess(unit.TypeCode, perm.AccessModeRead, false), individualPermsChecker)
-	}, optSignIn, context.UserAssignmentWeb(), context.OrgAssignment())
+	}, optSignIn, context.UserAssignmentWeb(), context.OrgAssignment(context.OrgAssignmentOptions{}))
 	// end "/{username}/-": packages, projects, code
 
 	m.Group("/{username}/{reponame}/-", func() {
@@ -1603,9 +1604,9 @@ func registerRoutes(m *web.Router) {
 		m.Get("/stars", starsEnabled, repo.Stars)
 		m.Get("/watchers", repo.Watchers)
 		m.Get("/search", reqUnitCodeReader, repo.Search)
-		m.Post("/action/{action:star|unstar}", reqSignIn, starsEnabled, repo.Action)
+		m.Post("/action/{action:star|unstar}", reqSignIn, starsEnabled, repo.ActionStar)
-		m.Post("/action/{action:watch|unwatch}", reqSignIn, repo.Action)
+		m.Post("/action/{action:watch|unwatch}", reqSignIn, repo.ActionWatch)
-		m.Post("/action/{action:accept_transfer|reject_transfer}", reqSignIn, repo.Action)
+		m.Post("/action/{action:accept_transfer|reject_transfer}", reqSignIn, repo.ActionTransfer)
 	}, optSignIn, context.RepoAssignment)
 
 	common.AddOwnerRepoGitLFSRoutes(m, optSignInIgnoreCsrf, lfsServerEnabled) // "/{username}/{reponame}/{lfs-paths}": git-lfs support

services/context/org.go

@@ -62,30 +62,17 @@ func GetOrganizationByParams(ctx *Context) {
 	}
 }
 
-// HandleOrgAssignment handles organization assignment
+type OrgAssignmentOptions struct {
-// args: requireMember, requireOwner, requireTeamMember, requireTeamAdmin
+	RequireMember     bool
-func HandleOrgAssignment(ctx *Context, args ...bool) {
+	RequireOwner      bool
-	var (
+	RequireTeamMember bool
-		requireMember     bool
+	RequireTeamAdmin  bool
-		requireOwner      bool
+}
-		requireTeamMember bool
-		requireTeamAdmin  bool
-	)
-	if len(args) >= 1 {
-		requireMember = args[0]
-	}
-	if len(args) >= 2 {
-		requireOwner = args[1]
-	}
-	if len(args) >= 3 {
-		requireTeamMember = args[2]
-	}
-	if len(args) >= 4 {
-		requireTeamAdmin = args[3]
-	}
 
+// OrgAssignment returns a middleware to handle organization assignment
+func OrgAssignment(opts OrgAssignmentOptions) func(ctx *Context) {
+	return func(ctx *Context) {
 		var err error
-
 		if ctx.ContextUser == nil {
 			// if Organization is not defined, get it from params
 			if ctx.Org.Organization == nil {
@@ -95,9 +82,6 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 				}
 			}
 		} else if ctx.ContextUser.IsOrganization() {
-		if ctx.Org == nil {
-			ctx.Org = &Organization{}
-		}
 			ctx.Org.Organization = (*organization.Organization)(ctx.ContextUser)
 		} else {
 			// ContextUser is an individual User
@@ -114,9 +98,9 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 		}
 
 		if org.Visibility == structs.VisibleTypePrivate {
-		requireMember = true
+			opts.RequireMember = true
 		} else if ctx.IsSigned && ctx.Doer.IsRestricted {
-		requireMember = true
+			opts.RequireMember = true
 		}
 
 		ctx.ContextUser = org.AsUser()
@@ -157,8 +141,7 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 			// Fake data.
 			ctx.Data["SignedUser"] = &user_model.User{}
 		}
-	if (requireMember && !ctx.Org.IsMember) ||
+		if (opts.RequireMember && !ctx.Org.IsMember) || (opts.RequireOwner && !ctx.Org.IsOwner) {
-		(requireOwner && !ctx.Org.IsOwner) {
 			ctx.NotFound("OrgAssignment", err)
 			return
 		}
@@ -176,12 +159,12 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 		ctx.Data["OrgLink"] = ctx.Org.OrgLink
 
 		// Member
-	opts := &organization.FindOrgMembersOpts{
+		findMembersOpts := &organization.FindOrgMembersOpts{
 			Doer:         ctx.Doer,
 			OrgID:        org.ID,
 			IsDoerMember: ctx.Org.IsMember,
 		}
-	ctx.Data["NumMembers"], err = organization.CountOrgMembers(ctx, opts)
+		ctx.Data["NumMembers"], err = organization.CountOrgMembers(ctx, findMembersOpts)
 		if err != nil {
 			ctx.ServerError("CountOrgMembers", err)
 			return
@@ -240,14 +223,14 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 			}
 
 			ctx.Data["IsTeamMember"] = ctx.Org.IsTeamMember
-		if requireTeamMember && !ctx.Org.IsTeamMember {
+			if opts.RequireTeamMember && !ctx.Org.IsTeamMember {
 				ctx.NotFound("OrgAssignment", err)
 				return
 			}
 
 			ctx.Org.IsTeamAdmin = ctx.Org.Team.IsOwnerTeam() || ctx.Org.Team.AccessMode >= perm.AccessModeAdmin
 			ctx.Data["IsTeamAdmin"] = ctx.Org.IsTeamAdmin
-		if requireTeamAdmin && !ctx.Org.IsTeamAdmin {
+			if opts.RequireTeamAdmin && !ctx.Org.IsTeamAdmin {
 				ctx.NotFound("OrgAssignment", err)
 				return
 			}
@@ -267,12 +250,5 @@ func HandleOrgAssignment(ctx *Context, args ...bool) {
 			}
 			ctx.Data["RenderedDescription"] = content
 		}
-}
-
-// OrgAssignment returns a middleware to handle organization assignment
-// args: requireMember, requireOwner, requireTeamMember, requireTeamAdmin
-func OrgAssignment(args ...bool) func(ctx *Context) {
-	return func(ctx *Context) {
-		HandleOrgAssignment(ctx, args...)
 	}
 }