improve protected branch to add whitelist support (#2451)

* improve protected branch to add whitelist support

* fix lint

* fix style check

* fix tests

* fix description on UI and import

* fix test

* bug fixed

* fix tests and languages

* move isSliceInt64Eq to util pkg; improve function names & typo

5 files changed, 87 insertions, 2 deletions

diff --git a/modules/auth/repo_form.go b/modules/auth/repo_form.go
index 4e9d2bff61..a6454655f7 100644
--- a/modules/auth/repo_form.go
+++ b/modules/auth/repo_form.go
@@ -113,6 +113,26 @@ func (f *RepoSettingForm) Validate(ctx *macaron.Context, errs binding.Errors) bi
 	return validate(errs, ctx.Data, f, ctx.Locale)
 }
 
+// __________                             .__
+// \______   \____________    ____   ____ |  |__
+//  |    |  _/\_  __ \__  \  /    \_/ ___\|  |  \
+//  |    |   \ |  | \// __ \|   |  \  \___|   Y  \
+//  |______  / |__|  (____  /___|  /\___  >___|  /
+//         \/             \/     \/     \/     \/
+
+// ProtectBranchForm form for changing protected branch settings
+type ProtectBranchForm struct {
+	Protected       bool
+	EnableWhitelist bool
+	WhitelistUsers  string
+	WhitelistTeams  string
+}
+
+// Validate validates the fields
+func (f *ProtectBranchForm) Validate(ctx *macaron.Context, errs binding.Errors) binding.Errors {
+	return validate(errs, ctx.Data, f, ctx.Locale)
+}
+
 //  __      __      ___.   .__    .__            __
 // /  \    /  \ ____\_ |__ |  |__ |  |__   ____ |  | __
 // \   \/\/   // __ \| __ \|  |  \|  |  \ /  _ \|  |/ /
diff --git a/modules/base/tool.go b/modules/base/tool.go
index 543775e0df..26ced075da 100644
--- a/modules/base/tool.go
+++ b/modules/base/tool.go
@@ -497,6 +497,16 @@ func Int64sToMap(ints []int64) map[int64]bool {
 	return m
 }
 
+// Int64sContains returns if a int64 in a slice of int64
+func Int64sContains(intsSlice []int64, a int64) bool {
+	for _, c := range intsSlice {
+		if c == a {
+			return true
+		}
+	}
+	return false
+}
+
 // IsLetter reports whether the rune is a letter (category L).
 // https://github.com/golang/go/blob/master/src/go/scanner/scanner.go#L257
 func IsLetter(ch rune) bool {
diff --git a/modules/context/repo.go b/modules/context/repo.go
index e335eafde3..a82535a6d4 100644
--- a/modules/context/repo.go
+++ b/modules/context/repo.go
@@ -78,8 +78,8 @@ func (r *Repository) CanEnableEditor() bool {
 
 // CanCommitToBranch returns true if repository is editable and user has proper access level
 //   and branch is not protected
-func (r *Repository) CanCommitToBranch() (bool, error) {
-	protectedBranch, err := r.Repository.IsProtectedBranch(r.BranchName)
+func (r *Repository) CanCommitToBranch(doer *models.User) (bool, error) {
+	protectedBranch, err := r.Repository.IsProtectedBranch(r.BranchName, doer)
 	if err != nil {
 		return false, err
 	}
diff --git a/modules/private/branch.go b/modules/private/branch.go
index 6b3b9170bb..fed66d29ff 100644
--- a/modules/private/branch.go
+++ b/modules/private/branch.go
@@ -38,3 +38,29 @@ func GetProtectedBranchBy(repoID int64, branchName string) (*models.ProtectedBra
 
 	return &branch, nil
 }
+
+// CanUserPush returns if user can push
+func CanUserPush(protectedBranchID, userID int64) (bool, error) {
+	// Ask for running deliver hook and test pull request tasks.
+	reqURL := setting.LocalURL + fmt.Sprintf("api/internal/protectedbranch/%d/%d", protectedBranchID, userID)
+	log.GitLogger.Trace("CanUserPush: %s", reqURL)
+
+	resp, err := newInternalRequest(reqURL, "GET").Response()
+	if err != nil {
+		return false, err
+	}
+
+	var canPush = make(map[string]interface{})
+	if err := json.NewDecoder(resp.Body).Decode(&canPush); err != nil {
+		return false, err
+	}
+
+	defer resp.Body.Close()
+
+	// All 2XX status codes are accepted and others will return an error
+	if resp.StatusCode/100 != 2 {
+		return false, fmt.Errorf("Failed to retrieve push user: %s", decodeJSONError(resp).Err)
+	}
+
+	return canPush["can_push"].(bool), nil
+}
diff --git a/modules/util/compare.go b/modules/util/compare.go
new file mode 100644
index 0000000000..c03a823d85
--- /dev/null
+++ b/modules/util/compare.go
@@ -0,0 +1,29 @@
+// Copyright 2017 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package util
+
+import "sort"
+
+// Int64Slice attaches the methods of Interface to []int64, sorting in increasing order.
+type Int64Slice []int64
+
+func (p Int64Slice) Len() int           { return len(p) }
+func (p Int64Slice) Less(i, j int) bool { return p[i] < p[j] }
+func (p Int64Slice) Swap(i, j int)      { p[i], p[j] = p[j], p[i] }
+
+// IsSliceInt64Eq returns if the two slice has the same elements but different sequences.
+func IsSliceInt64Eq(a, b []int64) bool {
+	if len(a) != len(b) {
+		return false
+	}
+	sort.Sort(Int64Slice(a))
+	sort.Sort(Int64Slice(b))
+	for i := 0; i < len(a); i++ {
+		if a[i] != b[i] {
+			return false
+		}
+	}
+	return true
+}