From 357d5a5a3d3b95ccbf01c8b7118d5f350509cf8f Mon Sep 17 00:00:00 2001 From: Antoine GIRARD Date: Fri, 27 Oct 2017 06:36:14 +0200 Subject: [PATCH] Backport to v1.2 of PR 2266 2467 2663 (#2788) * Only check at least one email gpg key (#2266) * Only require one email (possibly not yet validated) * Update message error and check validation of commit * Add integrations tests * Complete integration for import * Add pre-check/optimization * Add some test (not finished) * Finish * Fix fixtures * Fix typo * Don't guess key ID * Make repo private to no interfere with other tests (#2467) * GPG key email verification no longer case sensitive (#2661) (#2663) * GPG key email verification no longer case sensitive (#2661) * case insensitive GPG key email verification now cached (#2661) Signed-off-by: Julian Scholle --- integrations/api_gpg_keys_test.go | 260 ++++++++++++++++++ .../gitea-repositories/user2/repo16.git/HEAD | 1 + .../user2/repo16.git/config | 4 + .../user2/repo16.git/description | 1 + .../repo16.git/hooks/applypatch-msg.sample | 15 + .../user2/repo16.git/hooks/commit-msg.sample | 24 ++ .../user2/repo16.git/hooks/post-update.sample | 8 + .../repo16.git/hooks/pre-applypatch.sample | 14 + .../user2/repo16.git/hooks/pre-commit.sample | 49 ++++ .../user2/repo16.git/hooks/pre-push.sample | 53 ++++ .../user2/repo16.git/hooks/pre-rebase.sample | 169 ++++++++++++ .../user2/repo16.git/hooks/pre-receive.sample | 24 ++ .../hooks/prepare-commit-msg.sample | 36 +++ .../user2/repo16.git/hooks/update.sample | 128 +++++++++ .../user2/repo16.git/info/exclude | 6 + .../0c/3d59dea27b97aa3cb66072745d7a2c51a7a8b1 | Bin 0 -> 54 bytes .../24/f83a471f77579fea57bac7255d6e64e70fce1c | Bin 0 -> 54 bytes .../27/566bd5738fc8b4e3fef3c5e72cce608537bd95 | Bin 0 -> 575 bytes .../3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f | 1 + .../45/8121ce9a6b855c9733bae62093caf3f39685de | Bin 0 -> 26 bytes .../50/99b81332712fe655e34e8dd63574f503f61811 | 2 + .../69/554a64c1e6030f051e5c3f94bfbd773cd6a324 | Bin 0 -> 158 bytes .../a4/3476a501516e065c5a82f05fd58fd319598bc1 | Bin 0 -> 57 bytes .../e9/4083fcdf1f10c545e9253a23c5e44a2ff68aac | Bin 0 -> 524 bytes .../f2/7c2b2b03dcab38beaf89b0ab4ff61f6de63441 | Bin 0 -> 522 bytes .../f9/0451c72ef61a7645293d17b47be7a8e983da57 | Bin 0 -> 27 bytes .../user2/repo16.git/refs/heads/good-sign | 1 + .../refs/heads/good-sign-not-yet-validated | 1 + .../user2/repo16.git/refs/heads/master | 1 + .../user2/repo16.git/refs/heads/not-signed | 1 + models/error.go | 20 +- models/fixtures/repository.yml | 12 + models/fixtures/user.yml | 2 +- models/gpg_key.go | 39 ++- options/locale/locale_en-US.ini | 2 +- routers/user/setting.go | 4 +- 36 files changed, 853 insertions(+), 25 deletions(-) create mode 100644 integrations/api_gpg_keys_test.go create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/HEAD create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/config create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/description create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/applypatch-msg.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/commit-msg.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/post-update.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-applypatch.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-commit.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-push.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-rebase.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-receive.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/prepare-commit-msg.sample create mode 100755 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/update.sample create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/info/exclude create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/0c/3d59dea27b97aa3cb66072745d7a2c51a7a8b1 create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/24/f83a471f77579fea57bac7255d6e64e70fce1c create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/27/566bd5738fc8b4e3fef3c5e72cce608537bd95 create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/45/8121ce9a6b855c9733bae62093caf3f39685de create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/50/99b81332712fe655e34e8dd63574f503f61811 create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/69/554a64c1e6030f051e5c3f94bfbd773cd6a324 create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/a4/3476a501516e065c5a82f05fd58fd319598bc1 create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/e9/4083fcdf1f10c545e9253a23c5e44a2ff68aac create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/f2/7c2b2b03dcab38beaf89b0ab4ff61f6de63441 create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/f9/0451c72ef61a7645293d17b47be7a8e983da57 create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign-not-yet-validated create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/master create mode 100644 integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/not-signed diff --git a/integrations/api_gpg_keys_test.go b/integrations/api_gpg_keys_test.go new file mode 100644 index 000000000..51dc7843c --- /dev/null +++ b/integrations/api_gpg_keys_test.go @@ -0,0 +1,260 @@ +// Copyright 2017 The Gogs Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package integrations + +import ( + "net/http" + "strconv" + "testing" + + "github.com/stretchr/testify/assert" + + api "code.gitea.io/sdk/gitea" +) + +func TestGPGKeys(t *testing.T) { + prepareTestEnv(t) + session := loginUser(t, "user2") + + tt := []struct { + name string + reqBuilder func(testing.TB, *http.Request, int) *TestResponse + results []int + }{ + {name: "NoLogin", reqBuilder: MakeRequest, + results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized}, + }, + {name: "LoggedAsUser2", reqBuilder: session.MakeRequest, + results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusInternalServerError, http.StatusInternalServerError, http.StatusCreated, http.StatusCreated}}, + } + + for _, tc := range tt { + + //Basic test on result code + t.Run(tc.name, func(t *testing.T) { + t.Run("ViewOwnGPGKeys", func(t *testing.T) { + testViewOwnGPGKeys(t, tc.reqBuilder, tc.results[0]) + }) + t.Run("ViewGPGKeys", func(t *testing.T) { + testViewGPGKeys(t, tc.reqBuilder, tc.results[1]) + }) + t.Run("GetGPGKey", func(t *testing.T) { + testGetGPGKey(t, tc.reqBuilder, tc.results[2]) + }) + t.Run("DeleteGPGKey", func(t *testing.T) { + testDeleteGPGKey(t, tc.reqBuilder, tc.results[3]) + }) + + t.Run("CreateInvalidGPGKey", func(t *testing.T) { + testCreateInvalidGPGKey(t, tc.reqBuilder, tc.results[4]) + }) + t.Run("CreateNoneRegistredEmailGPGKey", func(t *testing.T) { + testCreateNoneRegistredEmailGPGKey(t, tc.reqBuilder, tc.results[5]) + }) + t.Run("CreateValidGPGKey", func(t *testing.T) { + testCreateValidGPGKey(t, tc.reqBuilder, tc.results[6]) + }) + t.Run("CreateValidSecondaryEmailGPGKey", func(t *testing.T) { + testCreateValidSecondaryEmailGPGKey(t, tc.reqBuilder, tc.results[7]) + }) + }) + } + + //Check state after basic add + t.Run("CheckState", func(t *testing.T) { + + var keys []*api.GPGKey + + req := NewRequest(t, "GET", "/api/v1/user/gpg_keys") //GET all keys + resp := session.MakeRequest(t, req, http.StatusOK) + DecodeJSON(t, resp, &keys) + + primaryKey1 := keys[0] //Primary key 1 + assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID) + assert.EqualValues(t, 1, len(primaryKey1.Emails)) + assert.EqualValues(t, "user2@example.com", primaryKey1.Emails[0].Email) + assert.EqualValues(t, true, primaryKey1.Emails[0].Verified) + + subKey := primaryKey1.SubsKey[0] //Subkey of 38EA3BCED732982C + assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID) + assert.EqualValues(t, 0, len(subKey.Emails)) + + primaryKey2 := keys[1] //Primary key 2 + assert.EqualValues(t, "FABF39739FE1E927", primaryKey2.KeyID) + assert.EqualValues(t, 1, len(primaryKey2.Emails)) + assert.EqualValues(t, "user21@example.com", primaryKey2.Emails[0].Email) + assert.EqualValues(t, false, primaryKey2.Emails[0].Verified) + + var key api.GPGKey + req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)) //Primary key 1 + resp = session.MakeRequest(t, req, http.StatusOK) + DecodeJSON(t, resp, &key) + assert.EqualValues(t, "38EA3BCED732982C", key.KeyID) + assert.EqualValues(t, 1, len(key.Emails)) + assert.EqualValues(t, "user2@example.com", key.Emails[0].Email) + assert.EqualValues(t, true, key.Emails[0].Verified) + + req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(subKey.ID, 10)) //Subkey of 38EA3BCED732982C + resp = session.MakeRequest(t, req, http.StatusOK) + DecodeJSON(t, resp, &key) + assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID) + assert.EqualValues(t, 0, len(key.Emails)) + + req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)) //Primary key 2 + resp = session.MakeRequest(t, req, http.StatusOK) + DecodeJSON(t, resp, &key) + assert.EqualValues(t, "FABF39739FE1E927", key.KeyID) + assert.EqualValues(t, 1, len(key.Emails)) + assert.EqualValues(t, "user21@example.com", key.Emails[0].Email) + assert.EqualValues(t, false, key.Emails[0].Verified) + + }) + + //Check state after basic add + t.Run("CheckCommits", func(t *testing.T) { + t.Run("NotSigned", func(t *testing.T) { + var branch api.Branch + req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/not-signed") + resp := session.MakeRequest(t, req, http.StatusOK) + DecodeJSON(t, resp, &branch) + assert.EqualValues(t, false, branch.Commit.Verification.Verified) + }) + + t.Run("SignedWithNotValidatedEmail", func(t *testing.T) { + var branch api.Branch + req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign-not-yet-validated") + resp := session.MakeRequest(t, req, http.StatusOK) + DecodeJSON(t, resp, &branch) + assert.EqualValues(t, false, branch.Commit.Verification.Verified) + }) + + t.Run("SignedWithValidEmail", func(t *testing.T) { + var branch api.Branch + req := NewRequest(t, "GET", "/api/v1/repos/user2/repo16/branches/good-sign") + resp := session.MakeRequest(t, req, http.StatusOK) + DecodeJSON(t, resp, &branch) + assert.EqualValues(t, true, branch.Commit.Verification.Verified) + }) + }) +} + +func testViewOwnGPGKeys(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) { + req := NewRequest(t, "GET", "/api/v1/user/gpg_keys") + reqBuilder(t, req, expected) +} + +func testViewGPGKeys(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) { + req := NewRequest(t, "GET", "/api/v1/users/user2/gpg_keys") + reqBuilder(t, req, expected) +} + +func testGetGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) { + req := NewRequest(t, "GET", "/api/v1/user/gpg_keys/1") + reqBuilder(t, req, expected) +} + +func testDeleteGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) { + req := NewRequest(t, "DELETE", "/api/v1/user/gpg_keys/1") + reqBuilder(t, req, expected) +} + +func testCreateGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int, publicKey string) { + req := NewRequestWithJSON(t, "POST", "/api/v1/user/gpg_keys", api.CreateGPGKeyOption{ + ArmoredKey: publicKey, + }) + reqBuilder(t, req, expected) +} + +func testCreateInvalidGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) { + testCreateGPGKey(t, reqBuilder, expected, "invalid_key") +} + +func testCreateNoneRegistredEmailGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) { + testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFmGUygBCACjCNbKvMGgp0fd5vyFW9olE1CLCSyyF9gQN2hSuzmZLuAZF2Kh +dCMCG2T1UwzUB/yWUFWJ2BtCwSjuaRv+cGohqEy6bhEBV90peGA33lHfjx7wP25O +7moAphDOTZtDj1AZfCh/PTcJut8Lc0eRDMhNyp/bYtO7SHNT1Hr6rrCV/xEtSAvR +3b148/tmIBiSadaLwc558KU3ucjnW5RVGins3AjBZ+TuT4XXVH/oeLSeXPSJ5rt1 +rHwaseslMqZ4AbvwFLx5qn1OC9rEQv/F548QsA8m0IntLjoPon+6wcubA9Gra21c +Fp6aRYl9x7fiqXDLg8i3s2nKdV7+e6as6Tp9ABEBAAG0FG5vdGtub3duQGV4YW1w +bGUuY29tiQEcBBABAgAGBQJZhlMoAAoJEC8+pvYULDtte/wH/2JNrhmHwDY+hMj0 +batIK4HICnkKxjIgbha80P2Ao08NkzSge58fsxiKDFYAQjHui+ZAw4dq79Ax9AOO +Iv2GS9+DUfWhrb6RF+vNuJldFzcI0rTW/z2q+XGKrUCwN3khJY5XngHfQQrdBtMK +qsoUXz/5B8g422RTbo/SdPsyYAV6HeLLeV3rdgjI1fpaW0seZKHeTXQb/HvNeuPg +qz+XV1g6Gdqa1RjDOaX7A8elVKxrYq3LBtc93FW+grBde8n7JL0zPM3DY+vJ0IJZ +INx/MmBfmtCq05FqNclvU+sj2R3N1JJOtBOjZrJHQbJhzoILou8AkxeX1A+q9OAz +1geiY5E= +=TkP3 +-----END PGP PUBLIC KEY BLOCK-----`) +} + +func testCreateValidGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) { + //User2 //primary & activated + testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFmGVsMBCACuxgZ7W7rI9xN08Y4M7B8yx/6/I4Slm94+wXf8YNRvAyqj30dW +VJhyBcnfNRDLKSQp5o/hhfDkCgdqBjLa1PnHlGS3PXJc0hP/FyYPD2BFvNMPpCYS +eu3T1qKSNXm6X0XOWD2LIrdiDC8HaI9FqZVMI/srMK2CF8XCL2m67W1FuoPlWzod +5ORy0IZB7spoF0xihmcgnEGElRmdo5w/vkGH8U7Zyn9Eb57UVFeafgeskf4wqB23 +BjbMdW2YaB+yzMRwYgOnD5lnBD4uqSmvjaV9C0kxn7x+oJkkiRV8/z1cNcO+BaeQ +Akh/yTTeTzYGSc/ZOqCX1O+NOPgSeixVlqenABEBAAG0GVVzZXIyIDx1c2VyMkBl +eGFtcGxlLmNvbT6JAVQEEwEIAD4WIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZW +wwIbAwUJA8JnAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRA46jvO1zKYLF/e +B/91wm2KLMIQBZBA9WA2/+9rQWTo9EqgYrXN60rEzX3cYJWXZiE4DrKR1oWDGNLi +KXOCW62snvJldolBqq0ZqaKvPKzl0Y5TRqbYEc9AjUSqgRin1b+G2DevLGT4ibq+ +7ocQvz0XkASEUAgHahp0Ubiiib1521WwT/duL+AG8Gg0+DK09RfV3eX5/EOkQCKv +8cutqgsd2Smz40A8wXuJkRcipZBtrB/GkUaZ/eJdwEeSYZjEA9GWF61LJT2stvRN +HCk7C3z3pVEek1PluiFs/4VN8BG8yDzW4c0tLty4Fj3VwPqwIbB5AJbquVfhQCb4 +Eep2lm3Lc9b1OwO5N3coPJkouQENBFmGVsMBCADAGba2L6NCOE1i3WIP6CPzbdOo +N3gdTfTgccAx9fNeon9jor+3tgEjlo9/6cXiRoksOV6W4wFab/ZwWgwN6JO4CGvZ +Wi7EQwMMMp1E36YTojKQJrcA9UvMnTHulqQQ88F5E845DhzFQM3erv42QZZMBAX3 +kXCgy1GNFocl6tLUvJdEqs+VcJGGANMpmzE4WLa8KhSYnxipwuQ62JBy9R+cHyKT +OARk8znRqSu5bT3LtlrZ/HXu+6Oy4+2uCdNzZIh5J5tPS7CPA6ptl88iGVBte/CJ +7cjgJWSQqeYp2Y5QvsWAivkQ4Ww9plHbbwV0A2eaHsjjWzlUl3HoJ/snMOhBABEB +AAGJATwEGAEIACYWIQRXgbSh0TtGbgRd7XI46jvO1zKYLAUCWYZWwwIbDAUJA8Jn +AAAKCRA46jvO1zKYLBwLCACQOpeRVrwIKVaWcPMYjVHHJsGscaLKpgpARAUgbiG6 +Cbc2WI8Sm3fRwrY0VAfN+u9QwrtvxANcyB3vTgTzw7FimfhOimxiTSO8HQCfjDZF +Xly8rq+Fua7+ClWUpy21IekW41VvZYjH2sL6EVP+UcEOaGAyN53XfhaRVZPhNtZN +NKAE9N5EG3rbsZ33LzJj40rEKlzFSseAAPft8qA3IXjzFBx+PQXHMpNCagL79he6 +lqockTJ+oPmta4CF/J0U5LUr1tOZXheL3TP6m8d08gDrtn0YuGOPk87i9sJz+jR9 +uy6MA3VSB99SK9ducGmE1Jv8mcziREroz2TEGr0zPs6h +=J59D +-----END PGP PUBLIC KEY BLOCK-----`) +} + +func testCreateValidSecondaryEmailGPGKey(t *testing.T, reqBuilder func(testing.TB, *http.Request, int) *TestResponse, expected int) { + //User2 //secondary and not activated + testCreateGPGKey(t, reqBuilder, expected, `-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQENBFmGWN4BCAC18V4tVGO65VLCV7p14FuXJlUtZ5CuYMvgEkcOqrvRaBSW9ao4 +PGESOhJpfWpnW3QgJniYndLzPpsmdHEclEER6aZjiNgReWPOjHD5tykWocZAJqXD +eY1ym59gvVMLcfbV2yQsyR2hbJlc+dJsl16tigSEe3nwxZSw2IsW92pgEzT9JNUr +Q+mC8dw4dqY0tYmFazYUGNxufUc/twgQT/Or1aNs0az5Q6Jft4rrTRsh/S7We0VB +COKGkdcQyYgAls7HJBuPjQRi6DM9VhgBSHLAgSLyaUcZvhZBJr8Qe/q4PP3/kYDJ +wm4RMnjOLz2pFZPgtRqgcAwpmFtLrACbEB3JABEBAAG0GlVzZXIyIDx1c2VyMjFA +ZXhhbXBsZS5jb20+iQFUBBMBCAA+FiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmG +WN4CGwMFCQPCZwAFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQ+r85c5/h6Sfx +Lgf/dq64NBV8+X9an3seaLxePRviva48e4K67/wV/JxtXNO5Z/DhMGz5kHXCsG9D +CXuWYO8ehlTjEnMZ6qqdDnY+H6bQsb2OS5oPn4RwpPXslAjEKtojPAr0dDsMS2DB +dUuIm1AoOnewOVO0OFRf1EqX1bivxnN0FVMcO0m8AczfnKDaGb0y/qg/Y9JAsKqp +j5pZNMWUkntRtGySeJ4CVJMmkVKJAHsa1Qj6MKdFeid4h4y94cBJ4ZdyBxNdpQOx +ydf0doicovfeqGNO4oWzsGP4RBK2CqGPCUT+EFl20jPvMkKwOjxgqc8p0z3b2UT9 ++9bnmCGHgF/fW1HJ3iKmfFPqnLkBDQRZhljeAQgA5AirU/NJGgm19ZJYFOiHftjS +azbrPxGeD3cSqmvDPIMc1DNZGfQV5D4EVumnVbQBtL6xHFoGKz9KisUMbe4a/X2J +S8JmIphQWG0vMJX1DaZIzr2gT71MnPD7JMGsSUCh5dIKpTNTZX4w+oGPGOu0/UlL +x0448AryKwp30J2p6D4GeI0nb03n35S2lTOpnHDn1wj7Jl/8LS2fdFOdNaNHXSZe +twdSwJKhyBEiScgeHBDyKqo8zWkYoSb9eA2HiYlbVaiNtp24KP1mIEpiUdrRjWno +zauYSZGHZlOFMgF4dKWuetPiuH9m7UYZGKyMLfQ9vYFb+xcPh2bLCQHJ1OEmMQAR +AQABiQE8BBgBCAAmFiEEPOLHOjPSO42DWM57+r85c5/h6ScFAlmGWN4CGwwFCQPC +ZwAACgkQ+r85c5/h6Sfjfwf+O4WEjRdvPJLxNy7mfAGoAqDMHIwyH/tVzYgyVhnG +h/+cfRxJbGc3rpjYdr8dmvghzjEAout8uibPWaIqs63RCAPGPqgWLfxNO5c8+y8V +LZMVOTV26l2olkkdBWAuhLqKTNh6TiQva03yhOgHWj4XDvFfxICWPFXVd6t5ELpD +iApGu1OAj8JfhmzbG03Yzx+Ku7bWDxMonx3V/IDEu5LS5zrboHYDKCA53bXXghoi +Aceqql+PKrDwEjoY4bptwMHLmcjGjdCQ//Qx1neho7nZcS7xjTucY8gQuulwCyXF +y6wM+wMz8dunIG9gw4+Re6c4Rz9tX1kzxLrU7Pl21tMqfg== +=0N/9 +-----END PGP PUBLIC KEY BLOCK-----`) +} diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/HEAD b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/HEAD new file mode 100644 index 000000000..cb089cd89 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/HEAD @@ -0,0 +1 @@ +ref: refs/heads/master diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/config b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/config new file mode 100644 index 000000000..07d359d07 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/config @@ -0,0 +1,4 @@ +[core] + repositoryformatversion = 0 + filemode = true + bare = true diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/description b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/description new file mode 100644 index 000000000..498b267a8 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/description @@ -0,0 +1 @@ +Unnamed repository; edit this file 'description' to name the repository. diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/applypatch-msg.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/applypatch-msg.sample new file mode 100755 index 000000000..a5d7b84a6 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/applypatch-msg.sample @@ -0,0 +1,15 @@ +#!/bin/sh +# +# An example hook script to check the commit log message taken by +# applypatch from an e-mail message. +# +# The hook should exit with non-zero status after issuing an +# appropriate message if it wants to stop the commit. The hook is +# allowed to edit the commit message file. +# +# To enable this hook, rename this file to "applypatch-msg". + +. git-sh-setup +commitmsg="$(git rev-parse --git-path hooks/commit-msg)" +test -x "$commitmsg" && exec "$commitmsg" ${1+"$@"} +: diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/commit-msg.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/commit-msg.sample new file mode 100755 index 000000000..b58d1184a --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/commit-msg.sample @@ -0,0 +1,24 @@ +#!/bin/sh +# +# An example hook script to check the commit log message. +# Called by "git commit" with one argument, the name of the file +# that has the commit message. The hook should exit with non-zero +# status after issuing an appropriate message if it wants to stop the +# commit. The hook is allowed to edit the commit message file. +# +# To enable this hook, rename this file to "commit-msg". + +# Uncomment the below to add a Signed-off-by line to the message. +# Doing this in a hook is a bad idea in general, but the prepare-commit-msg +# hook is more suited to it. +# +# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p') +# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1" + +# This example catches duplicate Signed-off-by lines. + +test "" = "$(grep '^Signed-off-by: ' "$1" | + sort | uniq -c | sed -e '/^[ ]*1[ ]/d')" || { + echo >&2 Duplicate Signed-off-by lines. + exit 1 +} diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/post-update.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/post-update.sample new file mode 100755 index 000000000..ec17ec193 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/post-update.sample @@ -0,0 +1,8 @@ +#!/bin/sh +# +# An example hook script to prepare a packed repository for use over +# dumb transports. +# +# To enable this hook, rename this file to "post-update". + +exec git update-server-info diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-applypatch.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-applypatch.sample new file mode 100755 index 000000000..4142082bc --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-applypatch.sample @@ -0,0 +1,14 @@ +#!/bin/sh +# +# An example hook script to verify what is about to be committed +# by applypatch from an e-mail message. +# +# The hook should exit with non-zero status after issuing an +# appropriate message if it wants to stop the commit. +# +# To enable this hook, rename this file to "pre-applypatch". + +. git-sh-setup +precommit="$(git rev-parse --git-path hooks/pre-commit)" +test -x "$precommit" && exec "$precommit" ${1+"$@"} +: diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-commit.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-commit.sample new file mode 100755 index 000000000..68d62d544 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-commit.sample @@ -0,0 +1,49 @@ +#!/bin/sh +# +# An example hook script to verify what is about to be committed. +# Called by "git commit" with no arguments. The hook should +# exit with non-zero status after issuing an appropriate message if +# it wants to stop the commit. +# +# To enable this hook, rename this file to "pre-commit". + +if git rev-parse --verify HEAD >/dev/null 2>&1 +then + against=HEAD +else + # Initial commit: diff against an empty tree object + against=4b825dc642cb6eb9a060e54bf8d69288fbee4904 +fi + +# If you want to allow non-ASCII filenames set this variable to true. +allownonascii=$(git config --bool hooks.allownonascii) + +# Redirect output to stderr. +exec 1>&2 + +# Cross platform projects tend to avoid non-ASCII filenames; prevent +# them from being added to the repository. We exploit the fact that the +# printable range starts at the space character and ends with tilde. +if [ "$allownonascii" != "true" ] && + # Note that the use of brackets around a tr range is ok here, (it's + # even required, for portability to Solaris 10's /usr/bin/tr), since + # the square bracket bytes happen to fall in the designated range. + test $(git diff --cached --name-only --diff-filter=A -z $against | + LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0 +then + cat <<\EOF +Error: Attempt to add a non-ASCII file name. + +This can cause problems if you want to work with people on other platforms. + +To be portable it is advisable to rename the file. + +If you know what you are doing you can disable this check using: + + git config hooks.allownonascii true +EOF + exit 1 +fi + +# If there are whitespace errors, print the offending file names and fail. +exec git diff-index --check --cached $against -- diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-push.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-push.sample new file mode 100755 index 000000000..6187dbf43 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-push.sample @@ -0,0 +1,53 @@ +#!/bin/sh + +# An example hook script to verify what is about to be pushed. Called by "git +# push" after it has checked the remote status, but before anything has been +# pushed. If this script exits with a non-zero status nothing will be pushed. +# +# This hook is called with the following parameters: +# +# $1 -- Name of the remote to which the push is being done +# $2 -- URL to which the push is being done +# +# If pushing without using a named remote those arguments will be equal. +# +# Information about the commits which are being pushed is supplied as lines to +# the standard input in the form: +# +# +# +# This sample shows how to prevent push of commits where the log message starts +# with "WIP" (work in progress). + +remote="$1" +url="$2" + +z40=0000000000000000000000000000000000000000 + +while read local_ref local_sha remote_ref remote_sha +do + if [ "$local_sha" = $z40 ] + then + # Handle delete + : + else + if [ "$remote_sha" = $z40 ] + then + # New branch, examine all commits + range="$local_sha" + else + # Update to existing branch, examine new commits + range="$remote_sha..$local_sha" + fi + + # Check for WIP commit + commit=`git rev-list -n 1 --grep '^WIP' "$range"` + if [ -n "$commit" ] + then + echo >&2 "Found WIP commit in $local_ref, not pushing" + exit 1 + fi + fi +done + +exit 0 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-rebase.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-rebase.sample new file mode 100755 index 000000000..9773ed4cb --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-rebase.sample @@ -0,0 +1,169 @@ +#!/bin/sh +# +# Copyright (c) 2006, 2008 Junio C Hamano +# +# The "pre-rebase" hook is run just before "git rebase" starts doing +# its job, and can prevent the command from running by exiting with +# non-zero status. +# +# The hook is called with the following parameters: +# +# $1 -- the upstream the series was forked from. +# $2 -- the branch being rebased (or empty when rebasing the current branch). +# +# This sample shows how to prevent topic branches that are already +# merged to 'next' branch from getting rebased, because allowing it +# would result in rebasing already published history. + +publish=next +basebranch="$1" +if test "$#" = 2 +then + topic="refs/heads/$2" +else + topic=`git symbolic-ref HEAD` || + exit 0 ;# we do not interrupt rebasing detached HEAD +fi + +case "$topic" in +refs/heads/??/*) + ;; +*) + exit 0 ;# we do not interrupt others. + ;; +esac + +# Now we are dealing with a topic branch being rebased +# on top of master. Is it OK to rebase it? + +# Does the topic really exist? +git show-ref -q "$topic" || { + echo >&2 "No such branch $topic" + exit 1 +} + +# Is topic fully merged to master? +not_in_master=`git rev-list --pretty=oneline ^master "$topic"` +if test -z "$not_in_master" +then + echo >&2 "$topic is fully merged to master; better remove it." + exit 1 ;# we could allow it, but there is no point. +fi + +# Is topic ever merged to next? If so you should not be rebasing it. +only_next_1=`git rev-list ^master "^$topic" ${publish} | sort` +only_next_2=`git rev-list ^master ${publish} | sort` +if test "$only_next_1" = "$only_next_2" +then + not_in_topic=`git rev-list "^$topic" master` + if test -z "$not_in_topic" + then + echo >&2 "$topic is already up-to-date with master" + exit 1 ;# we could allow it, but there is no point. + else + exit 0 + fi +else + not_in_next=`git rev-list --pretty=oneline ^${publish} "$topic"` + /usr/bin/perl -e ' + my $topic = $ARGV[0]; + my $msg = "* $topic has commits already merged to public branch:\n"; + my (%not_in_next) = map { + /^([0-9a-f]+) /; + ($1 => 1); + } split(/\n/, $ARGV[1]); + for my $elem (map { + /^([0-9a-f]+) (.*)$/; + [$1 => $2]; + } split(/\n/, $ARGV[2])) { + if (!exists $not_in_next{$elem->[0]}) { + if ($msg) { + print STDERR $msg; + undef $msg; + } + print STDERR " $elem->[1]\n"; + } + } + ' "$topic" "$not_in_next" "$not_in_master" + exit 1 +fi + +exit 0 + +################################################################ + +This sample hook safeguards topic branches that have been +published from being rewound. + +The workflow assumed here is: + + * Once a topic branch forks from "master", "master" is never + merged into it again (either directly or indirectly). + + * Once a topic branch is fully cooked and merged into "master", + it is deleted. If you need to build on top of it to correct + earlier mistakes, a new topic branch is created by forking at + the tip of the "master". This is not strictly necessary, but + it makes it easier to keep your history simple. + + * Whenever you need to test or publish your changes to topic + branches, merge them into "next" branch. + +The script, being an example, hardcodes the publish branch name +to be "next", but it is trivial to make it configurable via +$GIT_DIR/config mechanism. + +With this workflow, you would want to know: + +(1) ... if a topic branch has ever been merged to "next". Young + topic branches can have stupid mistakes you would rather + clean up before publishing, and things that have not been + merged into other branches can be easily rebased without + affecting other people. But once it is published, you would + not want to rewind it. + +(2) ... if a topic branch has been fully merged to "master". + Then you can delete it. More importantly, you should not + build on top of it -- other people may already want to + change things related to the topic as patches against your + "master", so if you need further changes, it is better to + fork the topic (perhaps with the same name) afresh from the + tip of "master". + +Let's look at this example: + + o---o---o---o---o---o---o---o---o---o "next" + / / / / + / a---a---b A / / + / / / / + / / c---c---c---c B / + / / / \ / + / / / b---b C \ / + / / / / \ / + ---o---o---o---o---o---o---o---o---o---o---o "master" + + +A, B and C are topic branches. + + * A has one fix since it was merged up to "next". + + * B has finished. It has been fully merged up to "master" and "next", + and is ready to be deleted. + + * C has not merged to "next" at all. + +We would want to allow C to be rebased, refuse A, and encourage +B to be deleted. + +To compute (1): + + git rev-list ^master ^topic next + git rev-list ^master next + + if these match, topic has not merged in next at all. + +To compute (2): + + git rev-list master..topic + + if this is empty, it is fully merged to "master". diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-receive.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-receive.sample new file mode 100755 index 000000000..a1fd29ec1 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/pre-receive.sample @@ -0,0 +1,24 @@ +#!/bin/sh +# +# An example hook script to make use of push options. +# The example simply echoes all push options that start with 'echoback=' +# and rejects all pushes when the "reject" push option is used. +# +# To enable this hook, rename this file to "pre-receive". + +if test -n "$GIT_PUSH_OPTION_COUNT" +then + i=0 + while test "$i" -lt "$GIT_PUSH_OPTION_COUNT" + do + eval "value=\$GIT_PUSH_OPTION_$i" + case "$value" in + echoback=*) + echo "echo from the pre-receive-hook: ${value#*=}" >&2 + ;; + reject) + exit 1 + esac + i=$((i + 1)) + done +fi diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/prepare-commit-msg.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/prepare-commit-msg.sample new file mode 100755 index 000000000..f093a02ec --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/prepare-commit-msg.sample @@ -0,0 +1,36 @@ +#!/bin/sh +# +# An example hook script to prepare the commit log message. +# Called by "git commit" with the name of the file that has the +# commit message, followed by the description of the commit +# message's source. The hook's purpose is to edit the commit +# message file. If the hook fails with a non-zero status, +# the commit is aborted. +# +# To enable this hook, rename this file to "prepare-commit-msg". + +# This hook includes three examples. The first comments out the +# "Conflicts:" part of a merge commit. +# +# The second includes the output of "git diff --name-status -r" +# into the message, just before the "git status" output. It is +# commented because it doesn't cope with --amend or with squashed +# commits. +# +# The third example adds a Signed-off-by line to the message, that can +# still be edited. This is rarely a good idea. + +case "$2,$3" in + merge,) + /usr/bin/perl -i.bak -ne 's/^/# /, s/^# #/#/ if /^Conflicts/ .. /#/; print' "$1" ;; + +# ,|template,) +# /usr/bin/perl -i.bak -pe ' +# print "\n" . `git diff --cached --name-status -r` +# if /^#/ && $first++ == 0' "$1" ;; + + *) ;; +esac + +# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p') +# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1" diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/update.sample b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/update.sample new file mode 100755 index 000000000..80ba94135 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/hooks/update.sample @@ -0,0 +1,128 @@ +#!/bin/sh +# +# An example hook script to block unannotated tags from entering. +# Called by "git receive-pack" with arguments: refname sha1-old sha1-new +# +# To enable this hook, rename this file to "update". +# +# Config +# ------ +# hooks.allowunannotated +# This boolean sets whether unannotated tags will be allowed into the +# repository. By default they won't be. +# hooks.allowdeletetag +# This boolean sets whether deleting tags will be allowed in the +# repository. By default they won't be. +# hooks.allowmodifytag +# This boolean sets whether a tag may be modified after creation. By default +# it won't be. +# hooks.allowdeletebranch +# This boolean sets whether deleting branches will be allowed in the +# repository. By default they won't be. +# hooks.denycreatebranch +# This boolean sets whether remotely creating branches will be denied +# in the repository. By default this is allowed. +# + +# --- Command line +refname="$1" +oldrev="$2" +newrev="$3" + +# --- Safety check +if [ -z "$GIT_DIR" ]; then + echo "Don't run this script from the command line." >&2 + echo " (if you want, you could supply GIT_DIR then run" >&2 + echo " $0 )" >&2 + exit 1 +fi + +if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then + echo "usage: $0 " >&2 + exit 1 +fi + +# --- Config +allowunannotated=$(git config --bool hooks.allowunannotated) +allowdeletebranch=$(git config --bool hooks.allowdeletebranch) +denycreatebranch=$(git config --bool hooks.denycreatebranch) +allowdeletetag=$(git config --bool hooks.allowdeletetag) +allowmodifytag=$(git config --bool hooks.allowmodifytag) + +# check for no description +projectdesc=$(sed -e '1q' "$GIT_DIR/description") +case "$projectdesc" in +"Unnamed repository"* | "") + echo "*** Project description file hasn't been set" >&2 + exit 1 + ;; +esac + +# --- Check types +# if $newrev is 0000...0000, it's a commit to delete a ref. +zero="0000000000000000000000000000000000000000" +if [ "$newrev" = "$zero" ]; then + newrev_type=delete +else + newrev_type=$(git cat-file -t $newrev) +fi + +case "$refname","$newrev_type" in + refs/tags/*,commit) + # un-annotated tag + short_refname=${refname##refs/tags/} + if [ "$allowunannotated" != "true" ]; then + echo "*** The un-annotated tag, $short_refname, is not allowed in this repository" >&2 + echo "*** Use 'git tag [ -a | -s ]' for tags you want to propagate." >&2 + exit 1 + fi + ;; + refs/tags/*,delete) + # delete tag + if [ "$allowdeletetag" != "true" ]; then + echo "*** Deleting a tag is not allowed in this repository" >&2 + exit 1 + fi + ;; + refs/tags/*,tag) + # annotated tag + if [ "$allowmodifytag" != "true" ] && git rev-parse $refname > /dev/null 2>&1 + then + echo "*** Tag '$refname' already exists." >&2 + echo "*** Modifying a tag is not allowed in this repository." >&2 + exit 1 + fi + ;; + refs/heads/*,commit) + # branch + if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then + echo "*** Creating a branch is not allowed in this repository" >&2 + exit 1 + fi + ;; + refs/heads/*,delete) + # delete branch + if [ "$allowdeletebranch" != "true" ]; then + echo "*** Deleting a branch is not allowed in this repository" >&2 + exit 1 + fi + ;; + refs/remotes/*,commit) + # tracking branch + ;; + refs/remotes/*,delete) + # delete tracking branch + if [ "$allowdeletebranch" != "true" ]; then + echo "*** Deleting a tracking branch is not allowed in this repository" >&2 + exit 1 + fi + ;; + *) + # Anything else (is there anything else?) + echo "*** Update hook: unknown type of update to ref $refname of type $newrev_type" >&2 + exit 1 + ;; +esac + +# --- Finished +exit 0 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/info/exclude b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/info/exclude new file mode 100644 index 000000000..a5196d1be --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/info/exclude @@ -0,0 +1,6 @@ +# git ls-files --others --exclude-from=.git/info/exclude +# Lines that start with '#' are comments. +# For a project mostly in C, the following would be a good set of +# exclude patterns (uncomment them if you want to use them): +# *.[oa] +# *~ diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/0c/3d59dea27b97aa3cb66072745d7a2c51a7a8b1 b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/0c/3d59dea27b97aa3cb66072745d7a2c51a7a8b1 new file mode 100644 index 0000000000000000000000000000000000000000..e62f09ac5f190dd6f4768eca2a5bab42b1b4fb79 GIT binary patch literal 54 zcmb3j9GZ(>1ih>f}SZqu|~AJ?UGP4=(-XS4RJ K9E0CYp$Gu#L=;E> literal 0 HcmV?d00001 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/24/f83a471f77579fea57bac7255d6e64e70fce1c b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/24/f83a471f77579fea57bac7255d6e64e70fce1c new file mode 100644 index 0000000000000000000000000000000000000000..2558be67ee7ff2c944e868565d1ece9378276f16 GIT binary patch literal 54 zcmV-60LlM&0V^p=O;s>9XD~D{Ff%bxC`wIC$xYSEO=0-S5_nwin^c*rrmgsv>gOw7 MHs1;d07dE$-5<9WwEzGB literal 0 HcmV?d00001 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/27/566bd5738fc8b4e3fef3c5e72cce608537bd95 b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/27/566bd5738fc8b4e3fef3c5e72cce608537bd95 new file mode 100644 index 0000000000000000000000000000000000000000..6042481f4e9127be6666f4d97ab78a5b7df04c6e GIT binary patch literal 575 zcmV-F0>J%v0hN+VlbS#ffOF7K=AvW)KB=IDq);!)7bD zT+)~B`ntNStG-UkqR2QfH0=v-CtK_*mD zLvI{t(sV?!qCi82jOv<36_uKV=!#~jOp_F*%cd*~QOnO|1CDpvK=7meNb)cGh>9ww zFG*Sa1hOVUNrg~RfjCx@Fw*fhPXBKzt6~nuDn{rSdL8b!7dlKDX}IUXLmAgn7}#qiu>1UG=F?6UK*Xg5CcblYBa2y2 zdx3(zdq-Jq)K0vpVipdiB7kRGA-Wb&ggN(~g_8L+g481yCtVSKMszbLX!PRXEWX z)*8PzyN;6>Ir}!;;DVGfcGt6=&B`?F^9x6P&)xQ!;m2`waZPB@5;uR3FUz1SO(eyc z7^YKpslER7RRFKI2V4lBR`JIAms24vO9DpsH%h?g?|`p;#?RnZaxhR1x+u>`#K$%* NqAdR={042l?Z;9^8wdaZ literal 0 HcmV?d00001 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f new file mode 100644 index 000000000..13de5951f --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/3b/2b54fe3d9a8279d5b926124dccdf279b8eff2f @@ -0,0 +1 @@ +x+)JMU06g040031Q(JMLMMaXbR10-&C˒=, \ No newline at end of file diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/45/8121ce9a6b855c9733bae62093caf3f39685de b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/45/8121ce9a6b855c9733bae62093caf3f39685de new file mode 100644 index 0000000000000000000000000000000000000000..7db2d33de16b23de695e12f201aee6c49e1c7983 GIT binary patch literal 26 icmb8M~P!%PM|z7bF0svZTeC~CDn zyENJ#`pPVgE5SyGx*!5hg(F~!ga#mc_Kr~%VohR+E6+nj@IGZg8w!Qw*cL99fYA`K zR{<=hJb{RNf3#KJHeQW9@87ucJJ#jJCu;Q~H7KK;v1*dXK}w8vT3WJu4?Pf;k&OwUu$D9640T>cX(uEkgt z@axBzw)+~u$c-R=bpvCYZ0z40Kme=Qewc<~E)9b^m2F4i+6&JS4i#kWeN~?gb2V3m zQp34p)Qxxb3S(JZ;=dd~4W9<<{WJ@gcwErQJ!wJDq*ZqICtYm&dZgCfO?Un@`S|T%r2Ct5 zz87v{3$=dOd#SQE0X#f%Dyl2?)|VU$=}>#KdMC?@5S^scYm0?KOE1@^wVh)+dcx_Q zsG1h-iv4hi_n906XcLA9vK}*y)coNqT9EX@ilAbHdh2mRRc3SE?q=0-y=g1|ARiMJ zNQr_1=h|-&1~ACngf9%%tmLw*u)K}inLIZm!45qgdy+ZUi%_tw<+TkBUOL6j91x=3 zjmOsIoooQSiM61I_G%0uvJ)efwGIR!=6QTTM< OG73Md1AYOeztJY^#s$Ct literal 0 HcmV?d00001 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/f2/7c2b2b03dcab38beaf89b0ab4ff61f6de63441 b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/objects/f2/7c2b2b03dcab38beaf89b0ab4ff61f6de63441 new file mode 100644 index 0000000000000000000000000000000000000000..7cb8b91898e9baed0332b8736fcb96c57faeecc2 GIT binary patch literal 522 zcmV+l0`>iP0fmyylA1siMzijx=)ILl15ImHCY2Ui21FDUVcY?Y4F6+`1NiiDGRZDg zxtn|IRDE?9=S$kU&O4|P^-Cwx6iSK0@tmiTOyW6-A|;76O(HT;F(;9nU=)#P79$Yd zy4O}f|C$OJe!qRJpXm_QZ&ms&Y3m;lVM&%$8A%9E9+w0j^zo`o{~OX&Ow>Q2>@BXvrFvF+e>s4)KE4T>(U#n-`OY2>TAmWkb&j!DD3tVN^1L0^Vv`Q8U)sei zn_Q~?-8i3{Lg_Ny1<;r##TYF+r7hMN-0vuw$-pUpVtbU(_Kt6w-G+Da+9E?l}Y za(WboS$atDO{xG4PURrN>(ts?ZBERWPIkq?47ji>cBO&GBMbEV-p7eoVyCI literal 0 HcmV?d00001 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign new file mode 100644 index 000000000..4750a7643 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign @@ -0,0 +1 @@ +f27c2b2b03dcab38beaf89b0ab4ff61f6de63441 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign-not-yet-validated b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign-not-yet-validated new file mode 100644 index 000000000..f68025f5b --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/good-sign-not-yet-validated @@ -0,0 +1 @@ +27566bd5738fc8b4e3fef3c5e72cce608537bd95 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/master b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/master new file mode 100644 index 000000000..65f9a9f71 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/master @@ -0,0 +1 @@ +69554a64c1e6030f051e5c3f94bfbd773cd6a324 diff --git a/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/not-signed b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/not-signed new file mode 100644 index 000000000..65f9a9f71 --- /dev/null +++ b/integrations/gitea-integration-meta/gitea-repositories/user2/repo16.git/refs/heads/not-signed @@ -0,0 +1 @@ +69554a64c1e6030f051e5c3f94bfbd773cd6a324 diff --git a/models/error.go b/models/error.go index 74551ad8f..2adb4b45e 100644 --- a/models/error.go +++ b/models/error.go @@ -4,9 +4,7 @@ package models -import ( - "fmt" -) +import "fmt" // ErrNameReserved represents a "reserved name" error. type ErrNameReserved struct { @@ -260,19 +258,19 @@ func (err ErrKeyNameAlreadyUsed) Error() string { return fmt.Sprintf("public key already exists [owner_id: %d, name: %s]", err.OwnerID, err.Name) } -// ErrGPGEmailNotFound represents a "ErrGPGEmailNotFound" kind of error. -type ErrGPGEmailNotFound struct { - Email string +// ErrGPGNoEmailFound represents a "ErrGPGNoEmailFound" kind of error. +type ErrGPGNoEmailFound struct { + FailedEmails []string } -// IsErrGPGEmailNotFound checks if an error is a ErrGPGEmailNotFound. -func IsErrGPGEmailNotFound(err error) bool { - _, ok := err.(ErrGPGEmailNotFound) +// IsErrGPGNoEmailFound checks if an error is a ErrGPGNoEmailFound. +func IsErrGPGNoEmailFound(err error) bool { + _, ok := err.(ErrGPGNoEmailFound) return ok } -func (err ErrGPGEmailNotFound) Error() string { - return fmt.Sprintf("failed to found email or is not confirmed : %s", err.Email) +func (err ErrGPGNoEmailFound) Error() string { + return fmt.Sprintf("none of the emails attached to the GPG key could be found: %v", err.FailedEmails) } // ErrGPGKeyParsing represents a "ErrGPGKeyParsing" kind of error. diff --git a/models/fixtures/repository.yml b/models/fixtures/repository.yml index b10b85cf2..b8f607b2a 100644 --- a/models/fixtures/repository.yml +++ b/models/fixtures/repository.yml @@ -176,3 +176,15 @@ lower_name: repo15 name: repo15 is_bare: true + +- + id: 16 + owner_id: 2 + lower_name: repo16 + name: repo16 + is_private: true + num_issues: 0 + num_closed_issues: 0 + num_pulls: 0 + num_closed_pulls: 0 + num_watches: 0 diff --git a/models/fixtures/user.yml b/models/fixtures/user.yml index b3e7864a6..abd72b116 100644 --- a/models/fixtures/user.yml +++ b/models/fixtures/user.yml @@ -26,7 +26,7 @@ is_admin: false avatar: avatar2 avatar_email: user2@example.com - num_repos: 3 + num_repos: 4 num_stars: 2 num_followers: 2 num_following: 1 diff --git a/models/gpg_key.go b/models/gpg_key.go index 08573c1c7..0e9d80bb9 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -208,21 +208,27 @@ func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) { if err != nil { return nil, err } - emails := make([]*EmailAddress, len(e.Identities)) - n := 0 + + emails := make([]*EmailAddress, 0, len(e.Identities)) for _, ident := range e.Identities { email := strings.ToLower(strings.TrimSpace(ident.UserId.Email)) for _, e := range userEmails { - if e.Email == email && e.IsActivated { - emails[n] = e + if e.Email == email { + emails = append(emails, e) break } } - if emails[n] == nil { - return nil, ErrGPGEmailNotFound{ident.UserId.Email} - } - n++ } + + //In the case no email as been found + if len(emails) == 0 { + failedEmails := make([]string, 0, len(e.Identities)) + for _, ident := range e.Identities { + failedEmails = append(failedEmails, ident.UserId.Email) + } + return nil, ErrGPGNoEmailFound{failedEmails} + } + content, err := base64EncPubKey(pubkey) if err != nil { return nil, err @@ -376,8 +382,8 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification { } //Find Committer account - committer, err := GetUserByEmail(c.Committer.Email) - if err != nil { //Skipping not user for commiter + committer, err := GetUserByEmail(c.Committer.Email) //This find the user by primary email or activated email so commit will not be valid if email is not + if err != nil { //Skipping not user for commiter log.Error(3, "NoCommitterAccount: %v", err) return &CommitVerification{ Verified: false, @@ -395,6 +401,19 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification { } for _, k := range keys { + //Pre-check (& optimization) that emails attached to key can be attached to the commiter email and can validate + canValidate := false + lowerCommiterEmail := strings.ToLower(c.Committer.Email) + for _, e := range k.Emails { + if e.IsActivated && strings.ToLower(e.Email) == lowerCommiterEmail { + canValidate = true + break + } + } + if !canValidate { + continue //Skip this key + } + //Generating hash of commit hash, err := populateHash(sig.Hash, []byte(c.Signature.Payload)) if err != nil { //Skipping ailed to generate hash diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 9931d9152..67d86f764 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -378,7 +378,7 @@ add_new_gpg_key = Add GPG Key ssh_key_been_used = This public key has already been used. ssh_key_name_used = A public key with same name already exists. gpg_key_id_used = A public GPG key with same id already exists. -gpg_key_email_not_found = The email attached to the GPG key couldn't be found or is not confirmed yet: %s +gpg_no_key_email_found = None of the emails attached to the GPG key could be found. subkeys = Subkeys key_id = Key ID key_name = Key Name diff --git a/routers/user/setting.go b/routers/user/setting.go index b94f7dfb7..2c951eaf5 100644 --- a/routers/user/setting.go +++ b/routers/user/setting.go @@ -378,9 +378,9 @@ func SettingsKeysPost(ctx *context.Context, form auth.AddKeyForm) { case models.IsErrGPGKeyIDAlreadyUsed(err): ctx.Data["Err_Content"] = true ctx.RenderWithErr(ctx.Tr("settings.gpg_key_id_used"), tplSettingsKeys, &form) - case models.IsErrGPGEmailNotFound(err): + case models.IsErrGPGNoEmailFound(err): ctx.Data["Err_Content"] = true - ctx.RenderWithErr(ctx.Tr("settings.gpg_key_email_not_found", err.(models.ErrGPGEmailNotFound).Email), tplSettingsKeys, &form) + ctx.RenderWithErr(ctx.Tr("settings.gpg_no_key_email_found"), tplSettingsKeys, &form) default: ctx.Handle(500, "AddPublicKey", err) }