Fix adding branch as protected to not allow pushing to it (#2556)
* Fix adding branch as protected to not allow pushing to it * Fix can_push value to false in protected_branch (#2560) * Fix integration test
This commit is contained in:
parent
f014e42a06
commit
25e71ad41e
7 changed files with 34 additions and 16 deletions
|
@ -127,17 +127,15 @@ func runHookPreReceive(c *cli.Context) error {
|
||||||
}
|
}
|
||||||
|
|
||||||
if protectBranch != nil {
|
if protectBranch != nil {
|
||||||
if !protectBranch.CanPush {
|
|
||||||
// check and deletion
|
// check and deletion
|
||||||
if newCommitID == git.EmptySHA {
|
if newCommitID == git.EmptySHA {
|
||||||
fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
|
fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
|
||||||
} else {
|
} else if !protectBranch.CanPush {
|
||||||
fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "")
|
fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "")
|
||||||
//fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
|
//fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -46,7 +46,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) {
|
||||||
req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches?action=protected_branch", map[string]string{
|
req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches?action=protected_branch", map[string]string{
|
||||||
"_csrf": csrf,
|
"_csrf": csrf,
|
||||||
"branchName": "master",
|
"branchName": "master",
|
||||||
"canPush": "true",
|
"canPush": "false",
|
||||||
})
|
})
|
||||||
resp := session.MakeRequest(t, req, http.StatusOK)
|
resp := session.MakeRequest(t, req, http.StatusOK)
|
||||||
// Check if master branch has been locked successfully
|
// Check if master branch has been locked successfully
|
||||||
|
|
|
@ -20,7 +20,7 @@ type ProtectedBranch struct {
|
||||||
ID int64 `xorm:"pk autoincr"`
|
ID int64 `xorm:"pk autoincr"`
|
||||||
RepoID int64 `xorm:"UNIQUE(s)"`
|
RepoID int64 `xorm:"UNIQUE(s)"`
|
||||||
BranchName string `xorm:"UNIQUE(s)"`
|
BranchName string `xorm:"UNIQUE(s)"`
|
||||||
CanPush bool
|
CanPush bool `xorm:"NOT NULL DEFAULT false"`
|
||||||
Created time.Time `xorm:"-"`
|
Created time.Time `xorm:"-"`
|
||||||
CreatedUnix int64
|
CreatedUnix int64
|
||||||
Updated time.Time `xorm:"-"`
|
Updated time.Time `xorm:"-"`
|
||||||
|
|
|
@ -126,6 +126,8 @@ var migrations = []Migration{
|
||||||
NewMigration("unescape user full names", unescapeUserFullNames),
|
NewMigration("unescape user full names", unescapeUserFullNames),
|
||||||
// v38 -> v39
|
// v38 -> v39
|
||||||
NewMigration("remove commits and settings unit types", removeCommitsUnitType),
|
NewMigration("remove commits and settings unit types", removeCommitsUnitType),
|
||||||
|
// v43 -> v44
|
||||||
|
NewMigration("fix protected branch can push value to false", fixProtectedBranchCanPushValue),
|
||||||
}
|
}
|
||||||
|
|
||||||
// Migrate database to current version
|
// Migrate database to current version
|
||||||
|
|
18
models/migrations/v43.go
Normal file
18
models/migrations/v43.go
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
// Copyright 2017 The Gitea Authors. All rights reserved.
|
||||||
|
// Use of this source code is governed by a MIT-style
|
||||||
|
// license that can be found in the LICENSE file.
|
||||||
|
|
||||||
|
package migrations
|
||||||
|
|
||||||
|
import (
|
||||||
|
"code.gitea.io/gitea/models"
|
||||||
|
|
||||||
|
"github.com/go-xorm/xorm"
|
||||||
|
)
|
||||||
|
|
||||||
|
func fixProtectedBranchCanPushValue(x *xorm.Engine) error {
|
||||||
|
_, err := x.Cols("can_push").Update(&models.ProtectedBranch{
|
||||||
|
CanPush: false,
|
||||||
|
})
|
||||||
|
return err
|
||||||
|
}
|
|
@ -625,7 +625,7 @@ function initProtectedBranch() {
|
||||||
var $this = $(this);
|
var $this = $(this);
|
||||||
$.post($this.data('url'), {
|
$.post($this.data('url'), {
|
||||||
"_csrf": csrf,
|
"_csrf": csrf,
|
||||||
"canPush": true,
|
"canPush": false,
|
||||||
"branchName": $this.val(),
|
"branchName": $this.val(),
|
||||||
},
|
},
|
||||||
function (data) {
|
function (data) {
|
||||||
|
@ -642,7 +642,7 @@ function initProtectedBranch() {
|
||||||
var $this = $(this);
|
var $this = $(this);
|
||||||
$.post($this.data('url'), {
|
$.post($this.data('url'), {
|
||||||
"_csrf": csrf,
|
"_csrf": csrf,
|
||||||
"canPush": false,
|
"canPush": true,
|
||||||
"branchName": $this.data('val'),
|
"branchName": $this.data('val'),
|
||||||
},
|
},
|
||||||
function (data) {
|
function (data) {
|
||||||
|
|
|
@ -520,7 +520,7 @@ func ProtectedBranchPost(ctx *context.Context) {
|
||||||
|
|
||||||
canPush := ctx.QueryBool("canPush")
|
canPush := ctx.QueryBool("canPush")
|
||||||
|
|
||||||
if canPush {
|
if !canPush {
|
||||||
if err := ctx.Repo.Repository.AddProtectedBranch(branchName, canPush); err != nil {
|
if err := ctx.Repo.Repository.AddProtectedBranch(branchName, canPush); err != nil {
|
||||||
ctx.Flash.Error(ctx.Tr("repo.settings.add_protected_branch_failed", branchName))
|
ctx.Flash.Error(ctx.Tr("repo.settings.add_protected_branch_failed", branchName))
|
||||||
ctx.JSON(200, map[string]string{
|
ctx.JSON(200, map[string]string{
|
||||||
|
|
Reference in a new issue