diff options
| author | zeripath <art27@cantab.net> | 2019-07-01 02:18:13 +0100 |
|---|---|---|
| committer | Lunny Xiao <xiaolunwen@gmail.com> | 2019-07-01 09:18:13 +0800 |
| commit | 3563650bdb273045c55400ee9520a0f78fc90e76 (patch) | |
| tree | 29fa8994dd254361d42c7055db17ddef5143bb16 /routers | |
| parent | e5a4d784e8dda105832a28ccee0d593bf9dd6348 (diff) | |
| download | gitea-3563650bdb273045c55400ee9520a0f78fc90e76.tar.gz gitea-3563650bdb273045c55400ee9520a0f78fc90e76.zip | |
#6946 Run hooks on merge/edit and cope with protected branches (#6961)
* Fix #6946 by checking PullRequest ID on pushing
* Ensure we have the owner name, the pr attributes and the the issue
* Fix TestSearchRepo by waiting till indexing is done
* Update integrations/repo_search_test.go
* changes as per @mrsdizzie
* missing comma
* Spelling mistake
* Fix full pushing environment
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/private/hook.go | 20 |
1 files changed, 19 insertions, 1 deletions
diff --git a/routers/private/hook.go b/routers/private/hook.go index 3da5e38edb..1071c57bc0 100644 --- a/routers/private/hook.go +++ b/routers/private/hook.go @@ -31,6 +31,7 @@ func HookPreReceive(ctx *macaron.Context) { userID := ctx.QueryInt64("userID") gitObjectDirectory := ctx.QueryTrim("gitObjectDirectory") gitAlternativeObjectDirectories := ctx.QueryTrim("gitAlternativeObjectDirectories") + prID := ctx.QueryInt64("prID") branchName := strings.TrimPrefix(refFullName, git.BranchPrefix) repo, err := models.GetRepositoryByOwnerAndName(ownerName, repoName) @@ -85,7 +86,24 @@ func HookPreReceive(ctx *macaron.Context) { } } - if !protectBranch.CanUserPush(userID) { + canPush := protectBranch.CanUserPush(userID) + if !canPush && prID > 0 { + pr, err := models.GetPullRequestByID(prID) + if err != nil { + log.Error("Unable to get PullRequest %d Error: %v", prID, err) + ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ + "err": fmt.Sprintf("Unable to get PullRequest %d Error: %v", prID, err), + }) + return + } + if !protectBranch.HasEnoughApprovals(pr) { + log.Warn("Forbidden: User %d cannot push to protected branch: %s in %-v and pr #%d does not have enough approvals", userID, branchName, repo, pr.Index) + ctx.JSON(http.StatusForbidden, map[string]interface{}{ + "err": fmt.Sprintf("protected branch %s can not be pushed to and pr #%d does not have enough approvals", branchName, prID), + }) + return + } + } else if !canPush { log.Warn("Forbidden: User %d cannot push to protected branch: %s in %-v", userID, branchName, repo) ctx.JSON(http.StatusForbidden, map[string]interface{}{ "err": fmt.Sprintf("protected branch %s can not be pushed to", branchName), |