diff options
author | 6543 <6543@obermui.de> | 2020-05-06 13:08:45 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-05-06 12:08:45 +0100 |
commit | 505e456f26e11d4ee2f7a807a037b11b59defb1f (patch) | |
tree | f9cbf4daaa54d8ff29e4e2c0e2ab4a21e61e83c5 /routers | |
parent | a1f11a05e900f3d1130729b2095dbf1b3037658e (diff) | |
download | gitea-505e456f26e11d4ee2f7a807a037b11b59defb1f.tar.gz gitea-505e456f26e11d4ee2f7a807a037b11b59defb1f.zip |
Protect default branch against deletion (#11115)
Although default branch is not offered for deletion in the templates, we need to prevent it both at the router level and in the pre-receive hook.
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Diffstat (limited to 'routers')
-rw-r--r-- | routers/private/hook.go | 8 | ||||
-rw-r--r-- | routers/repo/branch.go | 6 |
2 files changed, 13 insertions, 1 deletions
diff --git a/routers/private/hook.go b/routers/private/hook.go index de2b03e0b2..4b57aff588 100644 --- a/routers/private/hook.go +++ b/routers/private/hook.go @@ -206,6 +206,14 @@ func HookPreReceive(ctx *macaron.Context, opts private.HookOptions) { refFullName := opts.RefFullNames[i] branchName := strings.TrimPrefix(refFullName, git.BranchPrefix) + if branchName == repo.DefaultBranch && newCommitID == git.EmptySHA { + log.Warn("Forbidden: Branch: %s is the default branch in %-v and cannot be deleted", branchName, repo) + ctx.JSON(http.StatusForbidden, map[string]interface{}{ + "err": fmt.Sprintf("branch %s is the default branch and cannot be deleted", branchName), + }) + return + } + protectBranch, err := models.GetProtectedBranchBy(repo.ID, branchName) if err != nil { log.Error("Unable to get protected branch: %s in %-v Error: %v", branchName, repo, err) diff --git a/routers/repo/branch.go b/routers/repo/branch.go index 1664f68ec1..e7eac04bce 100644 --- a/routers/repo/branch.go +++ b/routers/repo/branch.go @@ -57,8 +57,12 @@ func Branches(ctx *context.Context) { // DeleteBranchPost responses for delete merged branch func DeleteBranchPost(ctx *context.Context) { defer redirect(ctx) - branchName := ctx.Query("name") + if branchName == ctx.Repo.Repository.DefaultBranch { + ctx.Flash.Error(ctx.Tr("repo.branch.default_deletion_failed", branchName)) + return + } + isProtected, err := ctx.Repo.Repository.IsProtectedBranch(branchName, ctx.User) if err != nil { log.Error("DeleteBranch: %v", err) |