diff options
| author | Lauris BH <lauris@nix.lv> | 2020-03-27 00:26:34 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-03-27 00:26:34 +0200 |
| commit | bbd910ed1b4f52ee66a5cdd8d11f856598161bef (patch) | |
| tree | 8392e0f8208b5b7d8e6df8335677518aa07f194f /modules/repofiles | |
| parent | 52cfd2743c0e85b36081cf80a850e6a5901f1865 (diff) | |
| download | gitea-bbd910ed1b4f52ee66a5cdd8d11f856598161bef.tar.gz gitea-bbd910ed1b4f52ee66a5cdd8d11f856598161bef.zip | |
Allow to set protected file patterns that can not be changed under no conditions (#10806)
Co-Authored-By: zeripath <art27@cantab.net>
Diffstat (limited to 'modules/repofiles')
| -rw-r--r-- | modules/repofiles/delete.go | 32 | ||||
| -rw-r--r-- | modules/repofiles/update.go | 32 |
2 files changed, 42 insertions, 22 deletions
diff --git a/modules/repofiles/delete.go b/modules/repofiles/delete.go index c1689b0be0..2ffc75e7c8 100644 --- a/modules/repofiles/delete.go +++ b/modules/repofiles/delete.go @@ -60,21 +60,31 @@ func DeleteRepoFile(repo *models.Repository, doer *models.User, opts *DeleteRepo if err != nil { return nil, err } - if protectedBranch != nil && !protectedBranch.CanUserPush(doer.ID) { - return nil, models.ErrUserCannotCommit{ - UserName: doer.LowerName, - } - } - if protectedBranch != nil && protectedBranch.RequireSignedCommits { - _, _, err := repo.SignCRUDAction(doer, repo.RepoPath(), opts.OldBranch) - if err != nil { - if !models.IsErrWontSign(err) { - return nil, err - } + if protectedBranch != nil { + if !protectedBranch.CanUserPush(doer.ID) { return nil, models.ErrUserCannotCommit{ UserName: doer.LowerName, } } + if protectedBranch.RequireSignedCommits { + _, _, err := repo.SignCRUDAction(doer, repo.RepoPath(), opts.OldBranch) + if err != nil { + if !models.IsErrWontSign(err) { + return nil, err + } + return nil, models.ErrUserCannotCommit{ + UserName: doer.LowerName, + } + } + } + patterns := protectedBranch.GetProtectedFilePatterns() + for _, pat := range patterns { + if pat.Match(strings.ToLower(opts.TreePath)) { + return nil, models.ErrFilePathProtected{ + Path: opts.TreePath, + } + } + } } } diff --git a/modules/repofiles/update.go b/modules/repofiles/update.go index e2aafb567d..86f53d4a1c 100644 --- a/modules/repofiles/update.go +++ b/modules/repofiles/update.go @@ -156,21 +156,31 @@ func CreateOrUpdateRepoFile(repo *models.Repository, doer *models.User, opts *Up if err != nil { return nil, err } - if protectedBranch != nil && !protectedBranch.CanUserPush(doer.ID) { - return nil, models.ErrUserCannotCommit{ - UserName: doer.LowerName, - } - } - if protectedBranch != nil && protectedBranch.RequireSignedCommits { - _, _, err := repo.SignCRUDAction(doer, repo.RepoPath(), opts.OldBranch) - if err != nil { - if !models.IsErrWontSign(err) { - return nil, err - } + if protectedBranch != nil { + if !protectedBranch.CanUserPush(doer.ID) { return nil, models.ErrUserCannotCommit{ UserName: doer.LowerName, } } + if protectedBranch.RequireSignedCommits { + _, _, err := repo.SignCRUDAction(doer, repo.RepoPath(), opts.OldBranch) + if err != nil { + if !models.IsErrWontSign(err) { + return nil, err + } + return nil, models.ErrUserCannotCommit{ + UserName: doer.LowerName, + } + } + } + patterns := protectedBranch.GetProtectedFilePatterns() + for _, pat := range patterns { + if pat.Match(strings.ToLower(opts.TreePath)) { + return nil, models.ErrFilePathProtected{ + Path: opts.TreePath, + } + } + } } } |