Compare commits
17 commits
d224514695
...
a689f330ce
Author | SHA1 | Date | |
---|---|---|---|
a689f330ce | |||
|
cc80e66153 | ||
|
b7cff17de1 | ||
|
82d1eeb47e | ||
|
5f64346931 | ||
|
4889a3a171 | ||
|
8dcc7d9e8c | ||
|
8f5d5d49bc | ||
|
e702e79625 | ||
|
c2f9eacd50 | ||
|
cb8ec2287f | ||
|
fd47240545 | ||
|
127d9f743a | ||
|
2ee30d2651 | ||
|
387aea4434 | ||
|
69007f1444 | ||
|
c369619805 |
20 changed files with 285 additions and 32 deletions
|
@ -57,7 +57,7 @@ jobs:
|
|||
uses: https://code.forgejo.org/actions/setup-go@v4
|
||||
if: secrets.ROLE == 'forgejo-experimental'
|
||||
with:
|
||||
go-version: "1.21.9"
|
||||
go-version: "1.21"
|
||||
check-latest: true
|
||||
- name: update the _release.experimental DNS record
|
||||
if: secrets.ROLE == 'forgejo-experimental'
|
||||
|
|
|
@ -16,7 +16,7 @@ jobs:
|
|||
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.21.9"
|
||||
go-version: "1.21"
|
||||
check-latest: true
|
||||
- run: make deps-backend deps-tools
|
||||
- run: make lint-backend
|
||||
|
@ -30,7 +30,7 @@ jobs:
|
|||
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.21.9"
|
||||
go-version: "1.21"
|
||||
check-latest: true
|
||||
- run: make deps-backend deps-tools
|
||||
- run: make --always-make checks-backend # ensure the "go-licenses" make target runs
|
||||
|
@ -49,7 +49,7 @@ jobs:
|
|||
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.21.9"
|
||||
go-version: "1.21"
|
||||
- run: |
|
||||
git config --add safe.directory '*'
|
||||
adduser --quiet --comment forgejo --disabled-password forgejo
|
||||
|
@ -85,7 +85,7 @@ jobs:
|
|||
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.21.9"
|
||||
go-version: "1.21"
|
||||
- name: install dependencies
|
||||
run: |
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
@ -128,7 +128,7 @@ jobs:
|
|||
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.21.9"
|
||||
go-version: "1.21"
|
||||
- name: install dependencies
|
||||
run: |
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
@ -162,7 +162,7 @@ jobs:
|
|||
- uses: https://code.forgejo.org/actions/checkout@v3
|
||||
- uses: https://code.forgejo.org/actions/setup-go@v4
|
||||
with:
|
||||
go-version: "1.21.9"
|
||||
go-version: "1.21"
|
||||
- name: install dependencies
|
||||
run: |
|
||||
export DEBIAN_FRONTEND=noninteractive
|
||||
|
|
|
@ -79,10 +79,10 @@ RUN addgroup \
|
|||
-s /bin/bash \
|
||||
-u 1000 \
|
||||
-G git \
|
||||
git && \
|
||||
echo "git:*" | chpasswd -e
|
||||
_gitea && \
|
||||
echo "_gitea:*" | chpasswd -e
|
||||
|
||||
ENV USER git
|
||||
ENV USER _gitea
|
||||
ENV GITEA_CUSTOM /data/gitea
|
||||
|
||||
VOLUME ["/data"]
|
||||
|
|
2
Makefile
2
Makefile
|
@ -89,7 +89,7 @@ endif
|
|||
VERSION = ${GITEA_VERSION}
|
||||
|
||||
# SemVer
|
||||
FORGEJO_VERSION := 6.0.10+0-gitea-1.21.10
|
||||
FORGEJO_VERSION := 6.0.11+0-gitea-1.21.11
|
||||
|
||||
LDFLAGS := $(LDFLAGS) -X "main.MakeVersion=$(MAKE_VERSION)" -X "main.Version=$(GITEA_VERSION)" -X "main.Tags=$(TAGS)" -X "code.gitea.io/gitea/routers/api/forgejo/v1.ForgejoVersion=$(FORGEJO_VERSION)" -X "main.ForgejoVersion=$(FORGEJO_VERSION)"
|
||||
|
||||
|
|
2
go.mod
2
go.mod
|
@ -72,7 +72,7 @@ require (
|
|||
github.com/lib/pq v1.10.9
|
||||
github.com/markbates/goth v1.78.0
|
||||
github.com/mattn/go-isatty v0.0.20
|
||||
github.com/mattn/go-sqlite3 v1.14.17
|
||||
github.com/mattn/go-sqlite3 v1.14.22
|
||||
github.com/meilisearch/meilisearch-go v0.25.1
|
||||
github.com/mholt/archiver/v3 v3.5.1
|
||||
github.com/microcosm-cc/bluemonday v1.0.26
|
||||
|
|
4
go.sum
4
go.sum
|
@ -714,8 +714,8 @@ github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m
|
|||
github.com/mattn/go-runewidth v0.0.15 h1:UNAjwbU9l54TA3KzvqLGxwWjHmMgBUVhBiTjelZgg3U=
|
||||
github.com/mattn/go-runewidth v0.0.15/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w=
|
||||
github.com/mattn/go-sqlite3 v1.11.0/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
|
||||
github.com/mattn/go-sqlite3 v1.14.17 h1:mCRHCLDUBXgpKAqIKsaAaAsrAlbkeomtRFKXh2L6YIM=
|
||||
github.com/mattn/go-sqlite3 v1.14.17/go.mod h1:2eHXhiwb8IkHr+BDWZGa96P6+rkvnG63S2DGjv9HUNg=
|
||||
github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
|
||||
github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
|
||||
github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
|
||||
github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
|
||||
github.com/meilisearch/meilisearch-go v0.25.1 h1:D5wY22sn5kkpRH3uYMGlwltdUEq5regIFmO7awHz3Vo=
|
||||
|
|
|
@ -17,3 +17,23 @@
|
|||
updated: 1683636626
|
||||
need_approval: 0
|
||||
approved_by: 0
|
||||
-
|
||||
id: 891
|
||||
title: "update actions"
|
||||
repo_id: 1
|
||||
owner_id: 1
|
||||
workflow_id: "artifact.yaml"
|
||||
index: 187
|
||||
trigger_user_id: 1
|
||||
ref: "refs/heads/branch2"
|
||||
commit_sha: "985f0301dba5e7b34be866819cd15ad3d8f508ee"
|
||||
event: "push"
|
||||
is_fork_pull_request: 0
|
||||
status: 1 # success
|
||||
started: 1683636528
|
||||
stopped: 1683636626
|
||||
created: 1683636108
|
||||
updated: 1683636626
|
||||
need_approval: 0
|
||||
approved_by: 0
|
||||
event_payload: '{"head_commit":{"id":"5f22f7d0d95d614d25a5b68592adb345a4b5c7fd"}}'
|
||||
|
|
|
@ -12,3 +12,17 @@
|
|||
status: 1
|
||||
started: 1683636528
|
||||
stopped: 1683636626
|
||||
-
|
||||
id: 292
|
||||
run_id: 891
|
||||
repo_id: 1
|
||||
owner_id: 1
|
||||
commit_sha: 985f0301dba5e7b34be866819cd15ad3d8f508ee
|
||||
is_fork_pull_request: 0
|
||||
name: job_2
|
||||
attempt: 1
|
||||
job_id: job_2
|
||||
task_id: 47
|
||||
status: 1
|
||||
started: 1683636528
|
||||
stopped: 1683636626
|
||||
|
|
|
@ -9,6 +9,7 @@ import (
|
|||
"fmt"
|
||||
"strings"
|
||||
|
||||
actions_model "code.gitea.io/gitea/models/actions"
|
||||
"code.gitea.io/gitea/models/db"
|
||||
"code.gitea.io/gitea/models/perm"
|
||||
repo_model "code.gitea.io/gitea/models/repo"
|
||||
|
@ -401,6 +402,8 @@ func DeleteOrganization(ctx context.Context, org *Organization) error {
|
|||
&TeamUnit{OrgID: org.ID},
|
||||
&TeamInvite{OrgID: org.ID},
|
||||
&secret_model.Secret{OwnerID: org.ID},
|
||||
&actions_model.ActionRunner{OwnerID: org.ID},
|
||||
&actions_model.ActionRunnerToken{OwnerID: org.ID},
|
||||
); err != nil {
|
||||
return fmt.Errorf("DeleteBeans: %w", err)
|
||||
}
|
||||
|
|
|
@ -44,7 +44,7 @@ func (c *FilesystemClient) Download(ctx context.Context, objects []Pointer, call
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
defer f.Close()
|
||||
if err := callback(p, f, nil); err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -75,7 +75,7 @@ func (c *FilesystemClient) Upload(ctx context.Context, objects []Pointer, callba
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
defer f.Close()
|
||||
_, err = io.Copy(f, content)
|
||||
|
||||
return err
|
||||
|
|
|
@ -9,6 +9,8 @@ import (
|
|||
"net/http"
|
||||
|
||||
actions_model "code.gitea.io/gitea/models/actions"
|
||||
repo_model "code.gitea.io/gitea/models/repo"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/actions"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/util"
|
||||
|
@ -54,6 +56,18 @@ func (s *Service) Register(
|
|||
return nil, errors.New("runner registration token has been invalidated, please use the latest one")
|
||||
}
|
||||
|
||||
if runnerToken.OwnerID > 0 {
|
||||
if _, err := user_model.GetUserByID(ctx, runnerToken.OwnerID); err != nil {
|
||||
return nil, errors.New("owner of the token not found")
|
||||
}
|
||||
}
|
||||
|
||||
if runnerToken.RepoID > 0 {
|
||||
if _, err := repo_model.GetRepositoryByID(ctx, runnerToken.RepoID); err != nil {
|
||||
return nil, errors.New("repository of the token not found")
|
||||
}
|
||||
}
|
||||
|
||||
labels := req.Msg.Labels
|
||||
// TODO: agent_labels should be removed from pb after Gitea 1.20 released.
|
||||
// Old version runner's agent_labels slice is not empty and labels slice is empty.
|
||||
|
|
|
@ -101,6 +101,57 @@ func (ctx *preReceiveContext) AssertCreatePullRequest() bool {
|
|||
return true
|
||||
}
|
||||
|
||||
func (ctx *preReceiveContext) canChangeSettings() bool {
|
||||
if !ctx.loadPusherAndPermission() {
|
||||
return false
|
||||
}
|
||||
|
||||
perm, err := access_model.GetUserRepoPermission(ctx, ctx.Repo.Repository, ctx.user)
|
||||
if err != nil {
|
||||
return false
|
||||
}
|
||||
if !perm.IsOwner() && !perm.IsAdmin() {
|
||||
return false
|
||||
}
|
||||
|
||||
if ctx.Repo.Repository.IsFork {
|
||||
return false
|
||||
}
|
||||
|
||||
return true
|
||||
}
|
||||
|
||||
func (ctx *preReceiveContext) assertChangeSettings() bool {
|
||||
opts := web.GetForm(ctx).(*private.HookOptions)
|
||||
|
||||
if len(opts.GitPushOptions) == 0 {
|
||||
return true
|
||||
}
|
||||
|
||||
_, hasPrivateOpt := opts.GitPushOptions[private.GitPushOptionRepoPrivate]
|
||||
_, hasTemplateOpt := opts.GitPushOptions[private.GitPushOptionRepoTemplate]
|
||||
|
||||
if !hasPrivateOpt && !hasTemplateOpt {
|
||||
// If neither `repo.private` nor `repo.template` is present in
|
||||
// the push options, we're good to go without further permission
|
||||
// checking.
|
||||
return true
|
||||
}
|
||||
|
||||
// Either `repo.private` or `repo.template` is among the push options,
|
||||
// do some permission checks.
|
||||
if !ctx.canChangeSettings() {
|
||||
if ctx.Written() {
|
||||
return false
|
||||
}
|
||||
ctx.JSON(http.StatusForbidden, private.Response{
|
||||
UserMsg: "Permission denied for changing repo settings.",
|
||||
})
|
||||
return false
|
||||
}
|
||||
return true
|
||||
}
|
||||
|
||||
// HookPreReceive checks whether a individual commit is acceptable
|
||||
func HookPreReceive(ctx *gitea_context.PrivateContext) {
|
||||
opts := web.GetForm(ctx).(*private.HookOptions)
|
||||
|
@ -111,6 +162,10 @@ func HookPreReceive(ctx *gitea_context.PrivateContext) {
|
|||
opts: opts,
|
||||
}
|
||||
|
||||
if !ourCtx.assertChangeSettings() {
|
||||
return
|
||||
}
|
||||
|
||||
// Iterate across the provided old commit IDs
|
||||
for i := range opts.OldCommitIDs {
|
||||
oldCommitID := opts.OldCommitIDs[i]
|
||||
|
|
|
@ -12,6 +12,7 @@ import (
|
|||
"code.gitea.io/gitea/modules/charset"
|
||||
"code.gitea.io/gitea/modules/context"
|
||||
"code.gitea.io/gitea/modules/git"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/markup"
|
||||
"code.gitea.io/gitea/modules/typesniffer"
|
||||
"code.gitea.io/gitea/modules/util"
|
||||
|
@ -44,20 +45,17 @@ func RenderFile(ctx *context.Context) {
|
|||
isTextFile := st.IsText()
|
||||
|
||||
rd := charset.ToUTF8WithFallbackReader(io.MultiReader(bytes.NewReader(buf), dataRc), charset.ConvertOpts{})
|
||||
ctx.Resp.Header().Add("Content-Security-Policy", "frame-src 'self'; sandbox allow-scripts")
|
||||
|
||||
if markupType := markup.Type(blob.Name()); markupType == "" {
|
||||
if isTextFile {
|
||||
_, err = io.Copy(ctx.Resp, rd)
|
||||
if err != nil {
|
||||
ctx.ServerError("Copy", err)
|
||||
_, _ = io.Copy(ctx.Resp, rd)
|
||||
} else {
|
||||
http.Error(ctx.Resp, "Unsupported file type render", http.StatusInternalServerError)
|
||||
}
|
||||
return
|
||||
}
|
||||
ctx.Error(http.StatusInternalServerError, "Unsupported file type render")
|
||||
return
|
||||
}
|
||||
|
||||
ctx.Resp.Header().Add("Content-Security-Policy", "frame-src 'self'; sandbox allow-scripts")
|
||||
err = markup.Render(&markup.RenderContext{
|
||||
Ctx: ctx,
|
||||
RelativePath: ctx.Repo.TreePath,
|
||||
|
@ -71,7 +69,8 @@ func RenderFile(ctx *context.Context) {
|
|||
InStandalonePage: true,
|
||||
}, rd, ctx.Resp)
|
||||
if err != nil {
|
||||
ctx.ServerError("Render", err)
|
||||
log.Error("Failed to render file %q: %v", ctx.Repo.TreePath, err)
|
||||
http.Error(ctx.Resp, "Failed to render file", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
|
|
@ -15,6 +15,7 @@ import (
|
|||
"code.gitea.io/gitea/modules/log"
|
||||
api "code.gitea.io/gitea/modules/structs"
|
||||
webhook_module "code.gitea.io/gitea/modules/webhook"
|
||||
files_service "code.gitea.io/gitea/services/repository/files"
|
||||
|
||||
"github.com/nektos/act/pkg/jobparser"
|
||||
)
|
||||
|
@ -114,18 +115,15 @@ func createCommitStatus(ctx context.Context, job *actions_model.ActionRunJob) er
|
|||
}
|
||||
|
||||
creator := user_model.NewActionsUser()
|
||||
if err := git_model.NewCommitStatus(ctx, git_model.NewCommitStatusOptions{
|
||||
Repo: repo,
|
||||
SHA: sha,
|
||||
Creator: creator,
|
||||
CommitStatus: &git_model.CommitStatus{
|
||||
if err := files_service.CreateCommitStatus(ctx, repo, creator,
|
||||
sha,
|
||||
&git_model.CommitStatus{
|
||||
SHA: sha,
|
||||
TargetURL: fmt.Sprintf("%s/jobs/%d", run.Link(), index),
|
||||
Description: description,
|
||||
Context: ctxname,
|
||||
CreatorID: creator.ID,
|
||||
State: state,
|
||||
},
|
||||
}); err != nil {
|
||||
return fmt.Errorf("NewCommitStatus: %w", err)
|
||||
}
|
||||
|
|
|
@ -452,7 +452,7 @@ func handleSchedules(
|
|||
RepoID: input.Repo.ID,
|
||||
OwnerID: input.Repo.OwnerID,
|
||||
WorkflowID: dwf.EntryName,
|
||||
TriggerUserID: input.Doer.ID,
|
||||
TriggerUserID: user_model.ActionsUserID,
|
||||
Ref: input.Repo.DefaultBranch,
|
||||
CommitSHA: commit.ID.String(),
|
||||
Event: webhook_module.HookEventType(api.HookScheduleCreated),
|
||||
|
|
|
@ -72,6 +72,11 @@ func (g *GitBucketDownloader) LogString() string {
|
|||
// NewGitBucketDownloader creates a GitBucket downloader
|
||||
func NewGitBucketDownloader(ctx context.Context, baseURL, userName, password, token, repoOwner, repoName string) *GitBucketDownloader {
|
||||
githubDownloader := NewGithubDownloaderV3(ctx, baseURL, userName, password, token, repoOwner, repoName)
|
||||
// Gitbucket 4.40 uses different internal hard-coded perPage values.
|
||||
// Issues, PRs, and other major parts use 25. Release page uses 10.
|
||||
// Some API doesn't support paging yet. Sounds difficult, but using
|
||||
// minimum number among them worked out very well.
|
||||
githubDownloader.maxPerPage = 10
|
||||
githubDownloader.SkipReactions = true
|
||||
githubDownloader.SkipReviews = true
|
||||
return &GitBucketDownloader{
|
||||
|
|
|
@ -164,6 +164,7 @@ func DeleteRepositoryDirectly(ctx context.Context, doer *user_model.User, uid, r
|
|||
&actions_model.ActionScheduleSpec{RepoID: repoID},
|
||||
&actions_model.ActionSchedule{RepoID: repoID},
|
||||
&actions_model.ActionArtifact{RepoID: repoID},
|
||||
&actions_model.ActionRunnerToken{RepoID: repoID},
|
||||
); err != nil {
|
||||
return fmt.Errorf("deleteBeans: %w", err)
|
||||
}
|
||||
|
|
|
@ -95,6 +95,7 @@ func deleteUser(ctx context.Context, u *user_model.User, purge bool) (err error)
|
|||
&actions_model.ActionRunner{OwnerID: u.ID},
|
||||
&user_model.BlockedUser{BlockID: u.ID},
|
||||
&user_model.BlockedUser{UserID: u.ID},
|
||||
&actions_model.ActionRunnerToken{OwnerID: u.ID},
|
||||
); err != nil {
|
||||
return fmt.Errorf("deleteBeans: %w", err)
|
||||
}
|
||||
|
|
48
tests/integration/actions_commit_status_test.go
Normal file
48
tests/integration/actions_commit_status_test.go
Normal file
|
@ -0,0 +1,48 @@
|
|||
// Copyright 20124 The Forgejo Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
package integration
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
"testing"
|
||||
|
||||
actions_model "code.gitea.io/gitea/models/actions"
|
||||
"code.gitea.io/gitea/models/db"
|
||||
issues_model "code.gitea.io/gitea/models/issues"
|
||||
repo_model "code.gitea.io/gitea/models/repo"
|
||||
"code.gitea.io/gitea/models/unittest"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
"code.gitea.io/gitea/services/actions"
|
||||
"code.gitea.io/gitea/services/automerge"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
)
|
||||
|
||||
func TestActionsAutomerge(t *testing.T) {
|
||||
onGiteaRun(t, func(t *testing.T, u *url.URL) {
|
||||
assert.True(t, setting.Actions.Enabled, "Actions should be enabled")
|
||||
|
||||
ctx := db.DefaultContext
|
||||
|
||||
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
|
||||
pr := unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
|
||||
job := unittest.AssertExistsAndLoadBean(t, &actions_model.ActionRunJob{ID: 292})
|
||||
|
||||
assert.False(t, pr.HasMerged, "PR should not be merged")
|
||||
assert.Equal(t, issues_model.PullRequestStatusMergeable, pr.Status, "PR should be mergable")
|
||||
|
||||
scheduled, err := automerge.ScheduleAutoMerge(ctx, user, pr, repo_model.MergeStyleMerge, "Dummy")
|
||||
|
||||
assert.NoError(t, err, "PR should be scheduled for automerge")
|
||||
assert.True(t, scheduled, "PR should be scheduled for automerge")
|
||||
|
||||
actions.CreateCommitStatus(ctx, job)
|
||||
|
||||
pr = unittest.AssertExistsAndLoadBean(t, &issues_model.PullRequest{ID: 2})
|
||||
|
||||
assert.True(t, pr.HasMerged, "PR should be merged")
|
||||
},
|
||||
)
|
||||
}
|
95
tests/integration/git_push_test.go
Normal file
95
tests/integration/git_push_test.go
Normal file
|
@ -0,0 +1,95 @@
|
|||
// Copyright 2024 The Gitea Authors. All rights reserved.
|
||||
// SPDX-License-Identifier: MIT
|
||||
|
||||
package integration
|
||||
|
||||
import (
|
||||
"net/url"
|
||||
"testing"
|
||||
|
||||
"code.gitea.io/gitea/models/db"
|
||||
repo_model "code.gitea.io/gitea/models/repo"
|
||||
"code.gitea.io/gitea/models/unittest"
|
||||
user_model "code.gitea.io/gitea/models/user"
|
||||
repo_module "code.gitea.io/gitea/modules/repository"
|
||||
repo_service "code.gitea.io/gitea/services/repository"
|
||||
|
||||
"github.com/stretchr/testify/require"
|
||||
)
|
||||
|
||||
func TestOptionsGitPush(t *testing.T) {
|
||||
onGiteaRun(t, testOptionsGitPush)
|
||||
}
|
||||
|
||||
func testOptionsGitPush(t *testing.T, u *url.URL) {
|
||||
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
|
||||
repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
|
||||
Name: "repo-to-push",
|
||||
Description: "test git push",
|
||||
AutoInit: false,
|
||||
DefaultBranch: "main",
|
||||
IsPrivate: false,
|
||||
})
|
||||
require.NoError(t, err)
|
||||
require.NotEmpty(t, repo)
|
||||
|
||||
gitPath := t.TempDir()
|
||||
|
||||
doGitInitTestRepository(gitPath)(t)
|
||||
|
||||
u.Path = repo.FullName() + ".git"
|
||||
u.User = url.UserPassword(user.LowerName, userPassword)
|
||||
doGitAddRemote(gitPath, "origin", u)(t)
|
||||
|
||||
{
|
||||
// owner sets private & template to true via push options
|
||||
branchName := "branch1"
|
||||
doGitCreateBranch(gitPath, branchName)(t)
|
||||
doGitPushTestRepository(gitPath, "origin", branchName, "-o", "repo.private=true", "-o", "repo.template=true")(t)
|
||||
repo, err := repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
|
||||
require.NoError(t, err)
|
||||
require.True(t, repo.IsPrivate)
|
||||
require.True(t, repo.IsTemplate)
|
||||
}
|
||||
|
||||
{
|
||||
// owner sets private & template to false via push options
|
||||
branchName := "branch2"
|
||||
doGitCreateBranch(gitPath, branchName)(t)
|
||||
doGitPushTestRepository(gitPath, "origin", branchName, "-o", "repo.private=false", "-o", "repo.template=false")(t)
|
||||
repo, err = repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
|
||||
require.NoError(t, err)
|
||||
require.False(t, repo.IsPrivate)
|
||||
require.False(t, repo.IsTemplate)
|
||||
}
|
||||
|
||||
{
|
||||
// create a collaborator with write access
|
||||
collaborator := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})
|
||||
u.User = url.UserPassword(collaborator.LowerName, userPassword)
|
||||
doGitAddRemote(gitPath, "collaborator", u)(t)
|
||||
repo, err := repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
|
||||
require.NoError(t, err)
|
||||
repo_module.AddCollaborator(db.DefaultContext, repo, collaborator)
|
||||
}
|
||||
|
||||
{
|
||||
// collaborator with write access is allowed to push
|
||||
branchName := "branch3"
|
||||
doGitCreateBranch(gitPath, branchName)(t)
|
||||
doGitPushTestRepository(gitPath, "collaborator", branchName)(t)
|
||||
}
|
||||
|
||||
{
|
||||
// collaborator with write access fails to change private & template via push options
|
||||
branchName := "branch4"
|
||||
doGitCreateBranch(gitPath, branchName)(t)
|
||||
doGitPushTestRepositoryFail(gitPath, "collaborator", branchName, "-o", "repo.private=true", "-o", "repo.template=true")(t)
|
||||
repo, err = repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
|
||||
require.NoError(t, err)
|
||||
require.False(t, repo.IsPrivate)
|
||||
require.False(t, repo.IsTemplate)
|
||||
}
|
||||
|
||||
require.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, user.ID, repo.ID))
|
||||
}
|
Loading…
Reference in a new issue