summaryrefslogtreecommitdiffstats
path: root/routers/private
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2019-10-21 09:21:45 +0100
committerGitHub <noreply@github.com>2019-10-21 09:21:45 +0100
commit0bfe5eb10b1953cb1f85f7a7b6eb5f24724b8021 (patch)
tree8844040cf40b0f37c9457eade166a8bff1a91152 /routers/private
parentb1c1e1549b50bbd5929e2c4dd72a1dbf4b511b50 (diff)
downloadgitea-0bfe5eb10b1953cb1f85f7a7b6eb5f24724b8021.tar.gz
gitea-0bfe5eb10b1953cb1f85f7a7b6eb5f24724b8021.zip
Allow Protected Branches to Whitelist Deploy Keys (#8483)
Add an option to protected branches to add writing deploy keys to the whitelist for pushing. Please note this is technically a breaking change: previously if the owner of a repository was on the whitelist then any writing deploy key was effectively on the whitelist. This option will now need to be set if that is desired. Closes #8472 Details: * Allow Protected Branches to Whitelist Deploy Keys * Add migration * Ensure that IsDeployKey is set to false on the http pushes * add not null default false
Diffstat (limited to 'routers/private')
-rw-r--r--routers/private/hook.go8
1 files changed, 7 insertions, 1 deletions
diff --git a/routers/private/hook.go b/routers/private/hook.go
index 1f6ab2f673..074e3aef19 100644
--- a/routers/private/hook.go
+++ b/routers/private/hook.go
@@ -33,6 +33,7 @@ func HookPreReceive(ctx *macaron.Context) {
gitAlternativeObjectDirectories := ctx.QueryTrim("gitAlternativeObjectDirectories")
gitQuarantinePath := ctx.QueryTrim("gitQuarantinePath")
prID := ctx.QueryInt64("prID")
+ isDeployKey := ctx.QueryBool("isDeployKey")
branchName := strings.TrimPrefix(refFullName, git.BranchPrefix)
repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName)
@@ -95,7 +96,12 @@ func HookPreReceive(ctx *macaron.Context) {
}
}
- canPush := protectBranch.CanUserPush(userID)
+ canPush := false
+ if isDeployKey {
+ canPush = protectBranch.WhitelistDeployKeys
+ } else {
+ canPush = protectBranch.CanUserPush(userID)
+ }
if !canPush && prID > 0 {
pr, err := models.GetPullRequestByID(prID)
if err != nil {