From 25e71ad41e650179c512ae55085b72141cb9a9da Mon Sep 17 00:00:00 2001 From: Lauris BH Date: Wed, 20 Sep 2017 20:14:09 +0300 Subject: [PATCH] Fix adding branch as protected to not allow pushing to it (#2556) * Fix adding branch as protected to not allow pushing to it * Fix can_push value to false in protected_branch (#2560) * Fix integration test --- cmd/hook.go | 14 ++++++-------- integrations/editor_test.go | 2 +- models/branches.go | 8 ++++---- models/migrations/migrations.go | 2 ++ models/migrations/v43.go | 18 ++++++++++++++++++ public/js/index.js | 4 ++-- routers/repo/setting.go | 2 +- 7 files changed, 34 insertions(+), 16 deletions(-) create mode 100644 models/migrations/v43.go diff --git a/cmd/hook.go b/cmd/hook.go index 06250181d..6adf353ec 100644 --- a/cmd/hook.go +++ b/cmd/hook.go @@ -127,14 +127,12 @@ func runHookPreReceive(c *cli.Context) error { } if protectBranch != nil { - if !protectBranch.CanPush { - // check and deletion - if newCommitID == git.EmptySHA { - fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "") - } else { - fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "") - //fail(fmt.Sprintf("branch %s is protected from force push", branchName), "") - } + // check and deletion + if newCommitID == git.EmptySHA { + fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "") + } else if !protectBranch.CanPush { + fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "") + //fail(fmt.Sprintf("branch %s is protected from force push", branchName), "") } } } diff --git a/integrations/editor_test.go b/integrations/editor_test.go index 79b6bb790..2b5db2e25 100644 --- a/integrations/editor_test.go +++ b/integrations/editor_test.go @@ -46,7 +46,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) { req := NewRequestWithValues(t, "POST", "/user2/repo1/settings/branches?action=protected_branch", map[string]string{ "_csrf": csrf, "branchName": "master", - "canPush": "true", + "canPush": "false", }) resp := session.MakeRequest(t, req, http.StatusOK) // Check if master branch has been locked successfully diff --git a/models/branches.go b/models/branches.go index 6115f9c68..4e8ed0522 100644 --- a/models/branches.go +++ b/models/branches.go @@ -17,10 +17,10 @@ const ( // ProtectedBranch struct type ProtectedBranch struct { - ID int64 `xorm:"pk autoincr"` - RepoID int64 `xorm:"UNIQUE(s)"` - BranchName string `xorm:"UNIQUE(s)"` - CanPush bool + ID int64 `xorm:"pk autoincr"` + RepoID int64 `xorm:"UNIQUE(s)"` + BranchName string `xorm:"UNIQUE(s)"` + CanPush bool `xorm:"NOT NULL DEFAULT false"` Created time.Time `xorm:"-"` CreatedUnix int64 Updated time.Time `xorm:"-"` diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go index 75ef8f6c5..3528c16c8 100644 --- a/models/migrations/migrations.go +++ b/models/migrations/migrations.go @@ -126,6 +126,8 @@ var migrations = []Migration{ NewMigration("unescape user full names", unescapeUserFullNames), // v38 -> v39 NewMigration("remove commits and settings unit types", removeCommitsUnitType), + // v43 -> v44 + NewMigration("fix protected branch can push value to false", fixProtectedBranchCanPushValue), } // Migrate database to current version diff --git a/models/migrations/v43.go b/models/migrations/v43.go new file mode 100644 index 000000000..b6351fa83 --- /dev/null +++ b/models/migrations/v43.go @@ -0,0 +1,18 @@ +// Copyright 2017 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package migrations + +import ( + "code.gitea.io/gitea/models" + + "github.com/go-xorm/xorm" +) + +func fixProtectedBranchCanPushValue(x *xorm.Engine) error { + _, err := x.Cols("can_push").Update(&models.ProtectedBranch{ + CanPush: false, + }) + return err +} diff --git a/public/js/index.js b/public/js/index.js index 90a61d752..ee8d57365 100644 --- a/public/js/index.js +++ b/public/js/index.js @@ -625,7 +625,7 @@ function initProtectedBranch() { var $this = $(this); $.post($this.data('url'), { "_csrf": csrf, - "canPush": true, + "canPush": false, "branchName": $this.val(), }, function (data) { @@ -642,7 +642,7 @@ function initProtectedBranch() { var $this = $(this); $.post($this.data('url'), { "_csrf": csrf, - "canPush": false, + "canPush": true, "branchName": $this.data('val'), }, function (data) { diff --git a/routers/repo/setting.go b/routers/repo/setting.go index a50c6a6e2..924d25fa3 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -520,7 +520,7 @@ func ProtectedBranchPost(ctx *context.Context) { canPush := ctx.QueryBool("canPush") - if canPush { + if !canPush { if err := ctx.Repo.Repository.AddProtectedBranch(branchName, canPush); err != nil { ctx.Flash.Error(ctx.Tr("repo.settings.add_protected_branch_failed", branchName)) ctx.JSON(200, map[string]string{