mirror of
https://github.com/go-gitea/gitea.git
synced 2025-11-28 13:56:02 +01:00
62d750eadb
Permission & protection check:
- Fix Delete Release permission check
- Fix Update Pull Request with rebase branch protection check
- Fix Issue Dependency permission check
- Fix Delete Comment History ID check
Information leaking:
- Show unified message for non-existing user and invalid password
- Fix #35984
- Don't expose release draft to non-writer users.
- Make API returns signature's email address instead of the user
profile's.
Auth & Login:
- Avoid GCM OAuth2 attempt when OAuth2 is disabled
- Fix #35510
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
187 lines
6.5 KiB
Go
187 lines
6.5 KiB
Go
// Copyright 2020 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package pull
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
|
|
git_model "code.gitea.io/gitea/models/git"
|
|
issues_model "code.gitea.io/gitea/models/issues"
|
|
access_model "code.gitea.io/gitea/models/perm/access"
|
|
repo_model "code.gitea.io/gitea/models/repo"
|
|
"code.gitea.io/gitea/models/unit"
|
|
user_model "code.gitea.io/gitea/models/user"
|
|
"code.gitea.io/gitea/modules/gitrepo"
|
|
"code.gitea.io/gitea/modules/globallock"
|
|
"code.gitea.io/gitea/modules/log"
|
|
"code.gitea.io/gitea/modules/repository"
|
|
)
|
|
|
|
// Update updates pull request with base branch.
|
|
func Update(ctx context.Context, pr *issues_model.PullRequest, doer *user_model.User, message string, rebase bool) error {
|
|
if pr.Flow == issues_model.PullRequestFlowAGit {
|
|
// TODO: update of agit flow pull request's head branch is unsupported
|
|
return errors.New("update of agit flow pull request's head branch is unsupported")
|
|
}
|
|
|
|
releaser, err := globallock.Lock(ctx, getPullWorkingLockKey(pr.ID))
|
|
if err != nil {
|
|
log.Error("lock.Lock(): %v", err)
|
|
return fmt.Errorf("lock.Lock: %w", err)
|
|
}
|
|
defer releaser()
|
|
|
|
if err := pr.LoadBaseRepo(ctx); err != nil {
|
|
log.Error("unable to load BaseRepo for %-v during update-by-merge: %v", pr, err)
|
|
return fmt.Errorf("unable to load BaseRepo for PR[%d] during update-by-merge: %w", pr.ID, err)
|
|
}
|
|
|
|
// TODO: FakePR: if the PR is a fake PR (for example: from Merge Upstream), then no need to check diverging
|
|
if pr.ID > 0 {
|
|
diffCount, err := gitrepo.GetDivergingCommits(ctx, pr.BaseRepo, pr.BaseBranch, pr.GetGitHeadRefName())
|
|
if err != nil {
|
|
return err
|
|
} else if diffCount.Behind == 0 {
|
|
return fmt.Errorf("HeadBranch of PR %d is up to date", pr.Index)
|
|
}
|
|
}
|
|
|
|
if err := pr.LoadHeadRepo(ctx); err != nil {
|
|
log.Error("unable to load HeadRepo for PR %-v during update-by-merge: %v", pr, err)
|
|
return fmt.Errorf("unable to load HeadRepo for PR[%d] during update-by-merge: %w", pr.ID, err)
|
|
}
|
|
if pr.HeadRepo == nil {
|
|
// LoadHeadRepo will swallow ErrRepoNotExist so if pr.HeadRepo is still nil recreate the error
|
|
err := repo_model.ErrRepoNotExist{
|
|
ID: pr.HeadRepoID,
|
|
}
|
|
log.Error("unable to load HeadRepo for PR %-v during update-by-merge: %v", pr, err)
|
|
return fmt.Errorf("unable to load HeadRepo for PR[%d] during update-by-merge: %w", pr.ID, err)
|
|
}
|
|
|
|
defer func() {
|
|
// The code is from https://github.com/go-gitea/gitea/pull/9784,
|
|
// it seems a simple copy-paste from https://github.com/go-gitea/gitea/pull/7082 without a real reason.
|
|
// TODO: DUPLICATE-PR-TASK: search and see another TODO comment for more details
|
|
go AddTestPullRequestTask(TestPullRequestOptions{
|
|
RepoID: pr.BaseRepo.ID,
|
|
Doer: doer,
|
|
Branch: pr.BaseBranch,
|
|
IsSync: false,
|
|
IsForcePush: false,
|
|
OldCommitID: "",
|
|
NewCommitID: "",
|
|
})
|
|
}()
|
|
|
|
if rebase {
|
|
return updateHeadByRebaseOnToBase(ctx, pr, doer)
|
|
}
|
|
|
|
// TODO: FakePR: it is somewhat hacky, but it is the only way to "merge" at the moment
|
|
// ideally in the future the "merge" functions should be refactored to decouple from the PullRequest
|
|
// now use a fake reverse PR to switch head&base repos/branches
|
|
reversePR := &issues_model.PullRequest{
|
|
ID: pr.ID,
|
|
|
|
HeadRepoID: pr.BaseRepoID,
|
|
HeadRepo: pr.BaseRepo,
|
|
HeadBranch: pr.BaseBranch,
|
|
|
|
BaseRepoID: pr.HeadRepoID,
|
|
BaseRepo: pr.HeadRepo,
|
|
BaseBranch: pr.HeadBranch,
|
|
}
|
|
|
|
_, err = doMergeAndPush(ctx, reversePR, doer, repo_model.MergeStyleMerge, "", message, repository.PushTriggerPRUpdateWithBase)
|
|
return err
|
|
}
|
|
|
|
// IsUserAllowedToUpdate check if user is allowed to update PR with given permissions and branch protections
|
|
// update PR means send new commits to PR head branch from base branch
|
|
func IsUserAllowedToUpdate(ctx context.Context, pull *issues_model.PullRequest, user *user_model.User) (mergeAllowed, rebaseAllowed bool, err error) {
|
|
if pull.Flow == issues_model.PullRequestFlowAGit {
|
|
return false, false, nil
|
|
}
|
|
if user == nil {
|
|
return false, false, nil
|
|
}
|
|
headRepoPerm, err := access_model.GetUserRepoPermission(ctx, pull.HeadRepo, user)
|
|
if err != nil {
|
|
if repo_model.IsErrUnitTypeNotExist(err) {
|
|
return false, false, nil
|
|
}
|
|
return false, false, err
|
|
}
|
|
|
|
if err := pull.LoadBaseRepo(ctx); err != nil {
|
|
return false, false, err
|
|
}
|
|
|
|
// 1. check base repository's AllowRebaseUpdate configuration
|
|
// it is a config in base repo but controls the head (fork) repo's "Update" behavior
|
|
{
|
|
prBaseUnit, err := pull.BaseRepo.GetUnit(ctx, unit.TypePullRequests)
|
|
if repo_model.IsErrUnitTypeNotExist(err) {
|
|
return false, false, nil // the PR unit is disabled in base repo
|
|
} else if err != nil {
|
|
return false, false, fmt.Errorf("get base repo unit: %v", err)
|
|
}
|
|
rebaseAllowed = prBaseUnit.PullRequestsConfig().AllowRebaseUpdate
|
|
}
|
|
|
|
// 2. check head branch protection whether rebase is allowed, if pb not found then rebase depends on the above setting
|
|
{
|
|
pb, err := git_model.GetFirstMatchProtectedBranchRule(ctx, pull.HeadRepoID, pull.HeadBranch)
|
|
if err != nil {
|
|
return false, false, err
|
|
}
|
|
// If branch protected, disable rebase unless user is whitelisted to force push (which extends regular push)
|
|
if pb != nil {
|
|
pb.Repo = pull.HeadRepo
|
|
rebaseAllowed = rebaseAllowed && pb.CanUserForcePush(ctx, user)
|
|
}
|
|
}
|
|
|
|
// 3. check whether user has write access to head branch
|
|
baseRepoPerm, err := access_model.GetUserRepoPermission(ctx, pull.BaseRepo, user)
|
|
if err != nil {
|
|
return false, false, err
|
|
}
|
|
|
|
mergeAllowed, err = isUserAllowedToMergeInRepoBranch(ctx, pull.HeadRepoID, pull.HeadBranch, headRepoPerm, user)
|
|
if err != nil {
|
|
return false, false, err
|
|
}
|
|
|
|
// 4. if the pull creator allows maintainer to edit, it means the write permissions of the head branch has been
|
|
// granted to the user with write permission of the base repository
|
|
if pull.AllowMaintainerEdit {
|
|
mergeAllowedMaintainer, err := isUserAllowedToMergeInRepoBranch(ctx, pull.BaseRepoID, pull.BaseBranch, baseRepoPerm, user)
|
|
if err != nil {
|
|
return false, false, err
|
|
}
|
|
|
|
mergeAllowed = mergeAllowed || mergeAllowedMaintainer
|
|
}
|
|
|
|
// if merge is not allowed, rebase is also not allowed
|
|
rebaseAllowed = rebaseAllowed && mergeAllowed
|
|
|
|
return mergeAllowed, rebaseAllowed, nil
|
|
}
|
|
|
|
func syncCommitDivergence(ctx context.Context, pr *issues_model.PullRequest) error {
|
|
if err := pr.LoadBaseRepo(ctx); err != nil {
|
|
return err
|
|
}
|
|
divergence, err := gitrepo.GetDivergingCommits(ctx, pr.BaseRepo, pr.BaseBranch, pr.GetGitHeadRefName())
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return pr.UpdateCommitDivergence(ctx, divergence.Ahead, divergence.Behind)
|
|
}
|