diff options
| author | Lanre Adelowo <adelowomailbox@gmail.com> | 2019-01-30 18:20:40 +0100 |
|---|---|---|
| committer | techknowlogick <matti@mdranta.net> | 2019-01-30 12:20:40 -0500 |
| commit | 57a69ef277546414893a38feb70412aa4c32330e (patch) | |
| tree | d20a4d5e787054600b0d21dee2a9e554b0007c32 /routers | |
| parent | 6dc2f401c9d4d07ca672d4f3a304799e70364f1b (diff) | |
| download | gitea-57a69ef277546414893a38feb70412aa4c32330e.tar.gz gitea-57a69ef277546414893a38feb70412aa4c32330e.zip | |
don't allow pull requests to be created on an archived repository (#5883)
* don't allow pull requests to be created on an archived repository
Also disable the "PR" button if the repo is archived
* Refuse creating an issue/PR via API calls too
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/api/v1/api.go | 19 | ||||
| -rw-r--r-- | routers/routes/routes.go | 2 |
2 files changed, 14 insertions, 7 deletions
diff --git a/routers/api/v1/api.go b/routers/api/v1/api.go index d8f78550c8..7e7bf6a50b 100644 --- a/routers/api/v1/api.go +++ b/routers/api/v1/api.go @@ -74,7 +74,7 @@ import ( api "code.gitea.io/sdk/gitea" "github.com/go-macaron/binding" - "gopkg.in/macaron.v1" + macaron "gopkg.in/macaron.v1" ) func sudo() macaron.Handler { @@ -371,6 +371,13 @@ func mustEnableUserHeatmap(ctx *context.Context) { } } +func mustNotBeArchived(ctx *context.Context) { + if ctx.Repo.Repository.IsArchived { + ctx.Status(404) + return + } +} + // RegisterRoutes registers all v1 APIs routes to web application. // FIXME: custom form error response func RegisterRoutes(m *macaron.Macaron) { @@ -518,11 +525,11 @@ func RegisterRoutes(m *macaron.Macaron) { }, mustEnableIssues) m.Group("/issues", func() { m.Combo("").Get(repo.ListIssues). - Post(reqToken(), bind(api.CreateIssueOption{}), repo.CreateIssue) + Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueOption{}), repo.CreateIssue) m.Group("/comments", func() { m.Get("", repo.ListRepoIssueComments) m.Combo("/:id", reqToken()). - Patch(bind(api.EditIssueCommentOption{}), repo.EditIssueComment). + Patch(mustNotBeArchived, bind(api.EditIssueCommentOption{}), repo.EditIssueComment). Delete(repo.DeleteIssueComment) }) m.Group("/:index", func() { @@ -531,7 +538,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/comments", func() { m.Combo("").Get(repo.ListIssueComments). - Post(reqToken(), bind(api.CreateIssueCommentOption{}), repo.CreateIssueComment) + Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueCommentOption{}), repo.CreateIssueComment) m.Combo("/:id", reqToken()).Patch(bind(api.EditIssueCommentOption{}), repo.EditIssueCommentDeprecated). Delete(repo.DeleteIssueCommentDeprecated) }) @@ -593,12 +600,12 @@ func RegisterRoutes(m *macaron.Macaron) { m.Get("/editorconfig/:filename", context.RepoRef(), reqRepoReader(models.UnitTypeCode), repo.GetEditorconfig) m.Group("/pulls", func() { m.Combo("").Get(bind(api.ListPullRequestsOptions{}), repo.ListPullRequests). - Post(reqToken(), bind(api.CreatePullRequestOption{}), repo.CreatePullRequest) + Post(reqToken(), mustNotBeArchived, bind(api.CreatePullRequestOption{}), repo.CreatePullRequest) m.Group("/:index", func() { m.Combo("").Get(repo.GetPullRequest). Patch(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(api.EditPullRequestOption{}), repo.EditPullRequest) m.Combo("/merge").Get(repo.IsPullRequestMerged). - Post(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(auth.MergePullRequestForm{}), repo.MergePullRequest) + Post(reqToken(), mustNotBeArchived, reqRepoWriter(models.UnitTypePullRequests), bind(auth.MergePullRequestForm{}), repo.MergePullRequest) }) }, mustAllowPulls, reqRepoReader(models.UnitTypeCode), context.ReferencesGitRepo()) m.Group("/statuses", func() { diff --git a/routers/routes/routes.go b/routers/routes/routes.go index 41f38801c8..c6b7a097ea 100644 --- a/routers/routes/routes.go +++ b/routers/routes/routes.go @@ -586,7 +586,7 @@ func RegisterRoutes(m *macaron.Macaron) { m.Group("/milestone", func() { m.Get("/:id", repo.MilestoneIssuesAndPulls) }, reqRepoIssuesOrPullsWriter, context.RepoRef()) - m.Combo("/compare/*", reqRepoCodeReader, reqRepoPullsReader, repo.MustAllowPulls, repo.SetEditorconfigIfExists). + m.Combo("/compare/*", context.RepoMustNotBeArchived(), reqRepoCodeReader, reqRepoPullsReader, repo.MustAllowPulls, repo.SetEditorconfigIfExists). Get(repo.SetDiffViewStyle, repo.CompareAndPullRequest). Post(bindIgnErr(auth.CreateIssueForm{}), repo.CompareAndPullRequestPost) |