Backupppert/Forgejo
0
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-06-29 02:23:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request 'fix: hook post-receive for sha256 repos' (#3652) from oliverpool/forgejo:hook_post_receive_error into forgejo

Browse source 
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3652
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
This commit is contained in:
Earl Warren 2024-05-15 21:06:24 +00:00
parent fe3473fc8b 5e73c67d67
commit cb551effb9
12 changed files with 202 additions and 158 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
cmd/hook.go
View file

@ -316,12 +316,12 @@ func runHookUpdate(c *cli.Context) error {
return nil return nil
} }
// Deletion of the ref means that the new commit ID is only composed of '0'. // Empty new commit ID means deletion.
if strings.ContainsFunc(newCommitID, func(e rune) bool { return e != '0' }) { if git.IsEmptyCommitID(newCommitID, nil) {
return nil return fail(ctx, fmt.Sprintf("The deletion of %s is skipped as it's an internal reference.", refFullName), "")
} }
return fail(ctx, fmt.Sprintf("The deletion of %s is skipped as it's an internal reference.", refFullName), "") return nil
} }
func runHookPostReceive(c *cli.Context) error { func runHookPostReceive(c *cli.Context) error {
@ -405,8 +405,7 @@ Forgejo or set your environment appropriately.`, "")
newCommitIDs[count] = string(fields[1]) newCommitIDs[count] = string(fields[1])
refFullNames[count] = git.RefName(fields[2]) refFullNames[count] = git.RefName(fields[2])
commitID, _ := git.NewIDFromString(newCommitIDs[count]) if refFullNames[count] == git.BranchPrefix+"master" && !git.IsEmptyCommitID(newCommitIDs[count], nil) && count == total {
if refFullNames[count] == git.BranchPrefix+"master" && !commitID.IsZero() && count == total {
masterPushed = true masterPushed = true
} }
count++ count++
@ -697,8 +696,7 @@ Forgejo or set your environment appropriately.`, "")
if err != nil { if err != nil {
return err return err
} }
commitID, _ := git.NewIDFromString(rs.OldOID) if !git.IsEmptyCommitID(rs.OldOID, nil) {
if !commitID.IsZero() {
err = writeDataPktLine(ctx, os.Stdout, []byte("option old-oid "+rs.OldOID)) err = writeDataPktLine(ctx, os.Stdout, []byte("option old-oid "+rs.OldOID))
if err != nil { if err != nil {
return err return err

2
models/repo/repo.go
View file

@ -329,7 +329,7 @@ func (repo *Repository) HTMLURL() string {
// CommitLink make link to by commit full ID // CommitLink make link to by commit full ID
// note: won't check whether it's an right id // note: won't check whether it's an right id
func (repo *Repository) CommitLink(commitID string) (result string) { func (repo *Repository) CommitLink(commitID string) (result string) {
if git.IsEmptyCommitID(commitID) { if git.IsEmptyCommitID(commitID, nil) {
result = "" result = ""
} else { } else {
result = repo.Link() + "/commit/" + url.PathEscape(commitID) result = repo.Link() + "/commit/" + url.PathEscape(commitID)

1
modules/git/object_format.go
View file

@ -122,6 +122,7 @@ func (h Sha256ObjectFormatImpl) ComputeHash(t ObjectType, content []byte) Object
var ( var (
Sha1ObjectFormat ObjectFormat = Sha1ObjectFormatImpl{} Sha1ObjectFormat ObjectFormat = Sha1ObjectFormatImpl{}
Sha256ObjectFormat ObjectFormat = Sha256ObjectFormatImpl{} Sha256ObjectFormat ObjectFormat = Sha256ObjectFormatImpl{}
// any addition must be reflected in IsEmptyCommitID
) )
var SupportedObjectFormats = []ObjectFormat{ var SupportedObjectFormats = []ObjectFormat{

20
modules/git/object_id.go
View file

@ -79,17 +79,25 @@ func NewIDFromString(hexHash string) (ObjectID, error) {
return theObjectFormat.MustID(b), nil return theObjectFormat.MustID(b), nil
} }
func IsEmptyCommitID(commitID string) bool { // IsEmptyCommitID checks if an hexadecimal string represents an empty commit according to git (only '0').
// If objectFormat is not nil, the length will be checked as well (otherwise the lenght must match the sha1 or sha256 length).
func IsEmptyCommitID(commitID string, objectFormat ObjectFormat) bool {
if commitID == "" { if commitID == "" {
return true return true
} }
if objectFormat == nil {
id, err := NewIDFromString(commitID) if Sha1ObjectFormat.FullLength() != len(commitID) && Sha256ObjectFormat.FullLength() != len(commitID) {
if err != nil { return false
}
} else if objectFormat.FullLength() != len(commitID) {
return false return false
} }
for _, c := range commitID {
return id.IsZero() if c != '0' {
return false
}
}
return true
} }
// ComputeBlobHash compute the hash for a given blob content // ComputeBlobHash compute the hash for a given blob content

24
modules/git/object_id_test.go
View file

@ -23,3 +23,27 @@ func TestIsValidSHAPattern(t *testing.T) {
assert.Equal(t, "d5c6407415d85df49592672aa421aed39b9db5e3", ComputeBlobHash(Sha1ObjectFormat, []byte("same length blob")).String()) assert.Equal(t, "d5c6407415d85df49592672aa421aed39b9db5e3", ComputeBlobHash(Sha1ObjectFormat, []byte("same length blob")).String())
assert.Equal(t, "df0b5174ed06ae65aea40d43316bcbc21d82c9e3158ce2661df2ad28d7931dd6", ComputeBlobHash(Sha256ObjectFormat, []byte("some random blob")).String()) assert.Equal(t, "df0b5174ed06ae65aea40d43316bcbc21d82c9e3158ce2661df2ad28d7931dd6", ComputeBlobHash(Sha256ObjectFormat, []byte("some random blob")).String())
} }
func TestIsEmptyCommitID(t *testing.T) {
assert.True(t, IsEmptyCommitID("", nil))
assert.True(t, IsEmptyCommitID("", Sha1ObjectFormat))
assert.True(t, IsEmptyCommitID("", Sha256ObjectFormat))
assert.False(t, IsEmptyCommitID("79ee38a6416c1ede423ec7ee0a8639ceea4aad20", Sha1ObjectFormat))
assert.True(t, IsEmptyCommitID("0000000000000000000000000000000000000000", nil))
assert.True(t, IsEmptyCommitID("0000000000000000000000000000000000000000", Sha1ObjectFormat))
assert.False(t, IsEmptyCommitID("0000000000000000000000000000000000000000", Sha256ObjectFormat))
assert.False(t, IsEmptyCommitID("00000000000000000000000000000000000000000", nil))
assert.False(t, IsEmptyCommitID("0f0b5174ed06ae65aea40d43316bcbc21d82c9e3158ce2661df2ad28d7931dd6", nil))
assert.True(t, IsEmptyCommitID("0000000000000000000000000000000000000000000000000000000000000000", nil))
assert.False(t, IsEmptyCommitID("0000000000000000000000000000000000000000000000000000000000000000", Sha1ObjectFormat))
assert.True(t, IsEmptyCommitID("0000000000000000000000000000000000000000000000000000000000000000", Sha256ObjectFormat))
assert.False(t, IsEmptyCommitID("1", nil))
assert.False(t, IsEmptyCommitID("0", nil))
assert.False(t, IsEmptyCommitID("010", nil))
assert.False(t, IsEmptyCommitID("0 0", nil))
}

6
modules/repository/push.go
View file

@ -21,14 +21,12 @@ type PushUpdateOptions struct {
// IsNewRef return true if it's a first-time push to a branch, tag or etc. // IsNewRef return true if it's a first-time push to a branch, tag or etc.
func (opts *PushUpdateOptions) IsNewRef() bool { func (opts *PushUpdateOptions) IsNewRef() bool {
commitID, err := git.NewIDFromString(opts.OldCommitID) return git.IsEmptyCommitID(opts.OldCommitID, nil)
return err == nil && commitID.IsZero()
} }
// IsDelRef return true if it's a deletion to a branch or tag // IsDelRef return true if it's a deletion to a branch or tag
func (opts *PushUpdateOptions) IsDelRef() bool { func (opts *PushUpdateOptions) IsDelRef() bool {
commitID, err := git.NewIDFromString(opts.NewCommitID) return git.IsEmptyCommitID(opts.NewCommitID, nil)
return err == nil && commitID.IsZero()
} }
// IsUpdateRef return true if it's an update operation // IsUpdateRef return true if it's an update operation

2
routers/private/hook_post_receive.go
View file

@ -239,7 +239,7 @@ func HookPostReceive(ctx *gitea_context.PrivateContext) {
} }
// If we've pushed a branch (and not deleted it) // If we've pushed a branch (and not deleted it)
if !git.IsEmptyCommitID(newCommitID) && refFullName.IsBranch() { if !git.IsEmptyCommitID(newCommitID, nil) && refFullName.IsBranch() {
// First ensure we have the repository loaded, we're allowed pulls requests and we can get the base repo // First ensure we have the repository loaded, we're allowed pulls requests and we can get the base repo
if repo == nil { if repo == nil {
repo = loadRepository(ctx, ownerName, repoName) repo = loadRepository(ctx, ownerName, repoName)

3
services/actions/notifier.go
View file

@ -515,8 +515,7 @@ func (*actionsNotifier) MergePullRequest(ctx context.Context, doer *user_model.U
} }
func (n *actionsNotifier) PushCommits(ctx context.Context, pusher *user_model.User, repo *repo_model.Repository, opts *repository.PushUpdateOptions, commits *repository.PushCommits) { func (n *actionsNotifier) PushCommits(ctx context.Context, pusher *user_model.User, repo *repo_model.Repository, opts *repository.PushUpdateOptions, commits *repository.PushCommits) {
commitID, _ := git.NewIDFromString(opts.NewCommitID) if git.IsEmptyCommitID(opts.NewCommitID, nil) {
if commitID.IsZero() {
log.Trace("new commitID is empty") log.Trace("new commitID is empty")
return return
} }

5
tests/integration/git_helper_for_declarative_test.go
View file

@ -117,10 +117,10 @@ func doGitCloneFail(u *url.URL) func(*testing.T) {
} }
} }
func doGitInitTestRepository(dstPath string) func(*testing.T) { func doGitInitTestRepository(dstPath string, objectFormat git.ObjectFormat) func(*testing.T) {
return func(t *testing.T) { return func(t *testing.T) {
// Init repository in dstPath // Init repository in dstPath
assert.NoError(t, git.InitRepository(git.DefaultContext, dstPath, false, git.Sha1ObjectFormat.Name())) assert.NoError(t, git.InitRepository(git.DefaultContext, dstPath, false, objectFormat.Name()))
// forcibly set default branch to master // forcibly set default branch to master
_, _, err := git.NewCommand(git.DefaultContext, "symbolic-ref", "HEAD", git.BranchPrefix+"master").RunStdString(&git.RunOpts{Dir: dstPath}) _, _, err := git.NewCommand(git.DefaultContext, "symbolic-ref", "HEAD", git.BranchPrefix+"master").RunStdString(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err) assert.NoError(t, err)
@ -148,6 +148,7 @@ func doGitAddRemote(dstPath, remoteName string, u *url.URL) func(*testing.T) {
func doGitPushTestRepository(dstPath string, args ...string) func(*testing.T) { func doGitPushTestRepository(dstPath string, args ...string) func(*testing.T) {
return func(t *testing.T) { return func(t *testing.T) {
t.Helper()
_, _, err := git.NewCommand(git.DefaultContext, "push", "-u").AddArguments(git.ToTrustedCmdArgs(args)...).RunStdString(&git.RunOpts{Dir: dstPath}) _, _, err := git.NewCommand(git.DefaultContext, "push", "-u").AddArguments(git.ToTrustedCmdArgs(args)...).RunStdString(&git.RunOpts{Dir: dstPath})
assert.NoError(t, err) assert.NoError(t, err)
} }

279
tests/integration/git_push_test.go
View file

@ -24,90 +24,101 @@ import (
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
) )
func forEachObjectFormat(t *testing.T, f func(t *testing.T, objectFormat git.ObjectFormat)) {
for _, objectFormat := range []git.ObjectFormat{git.Sha256ObjectFormat, git.Sha1ObjectFormat} {
t.Run(objectFormat.Name(), func(t *testing.T) {
f(t, objectFormat)
})
}
}
func TestGitPush(t *testing.T) { func TestGitPush(t *testing.T) {
onGiteaRun(t, testGitPush) onGiteaRun(t, testGitPush)
} }
func testGitPush(t *testing.T, u *url.URL) { func testGitPush(t *testing.T, u *url.URL) {
t.Run("Push branches at once", func(t *testing.T) { forEachObjectFormat(t, func(t *testing.T, objectFormat git.ObjectFormat) {
runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) { t.Run("Push branches at once", func(t *testing.T) {
for i := 0; i < 100; i++ { runTestGitPush(t, u, objectFormat, func(t *testing.T, gitPath string) (pushed, deleted []string) {
branchName := fmt.Sprintf("branch-%d", i) for i := 0; i < 100; i++ {
pushed = append(pushed, branchName) branchName := fmt.Sprintf("branch-%d", i)
doGitCreateBranch(gitPath, branchName)(t) pushed = append(pushed, branchName)
} doGitCreateBranch(gitPath, branchName)(t)
pushed = append(pushed, "master") }
doGitPushTestRepository(gitPath, "origin", "--all")(t) pushed = append(pushed, "master")
return pushed, deleted doGitPushTestRepository(gitPath, "origin", "--all")(t)
return pushed, deleted
})
}) })
})
t.Run("Push branches one by one", func(t *testing.T) { t.Run("Push branches one by one", func(t *testing.T) {
runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) { runTestGitPush(t, u, objectFormat, func(t *testing.T, gitPath string) (pushed, deleted []string) {
for i := 0; i < 100; i++ { for i := 0; i < 100; i++ {
branchName := fmt.Sprintf("branch-%d", i) branchName := fmt.Sprintf("branch-%d", i)
doGitCreateBranch(gitPath, branchName)(t) doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepository(gitPath, "origin", branchName)(t) doGitPushTestRepository(gitPath, "origin", branchName)(t)
pushed = append(pushed, branchName) pushed = append(pushed, branchName)
} }
return pushed, deleted return pushed, deleted
})
}) })
})
t.Run("Delete branches", func(t *testing.T) { t.Run("Delete branches", func(t *testing.T) {
runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) { runTestGitPush(t, u, objectFormat, func(t *testing.T, gitPath string) (pushed, deleted []string) {
doGitPushTestRepository(gitPath, "origin", "master")(t) // make sure master is the default branch instead of a branch we are going to delete doGitPushTestRepository(gitPath, "origin", "master")(t) // make sure master is the default branch instead of a branch we are going to delete
pushed = append(pushed, "master") pushed = append(pushed, "master")
for i := 0; i < 100; i++ { for i := 0; i < 100; i++ {
branchName := fmt.Sprintf("branch-%d", i) branchName := fmt.Sprintf("branch-%d", i)
pushed = append(pushed, branchName) pushed = append(pushed, branchName)
doGitCreateBranch(gitPath, branchName)(t) doGitCreateBranch(gitPath, branchName)(t)
} }
doGitPushTestRepository(gitPath, "origin", "--all")(t) doGitPushTestRepository(gitPath, "origin", "--all")(t)
for i := 0; i < 10; i++ { for i := 0; i < 10; i++ {
branchName := fmt.Sprintf("branch-%d", i) branchName := fmt.Sprintf("branch-%d", i)
doGitPushTestRepository(gitPath, "origin", "--delete", branchName)(t) doGitPushTestRepository(gitPath, "origin", "--delete", branchName)(t)
deleted = append(deleted, branchName) deleted = append(deleted, branchName)
} }
return pushed, deleted return pushed, deleted
})
}) })
})
t.Run("Push to deleted branch", func(t *testing.T) { t.Run("Push to deleted branch", func(t *testing.T) {
runTestGitPush(t, u, func(t *testing.T, gitPath string) (pushed, deleted []string) { runTestGitPush(t, u, objectFormat, func(t *testing.T, gitPath string) (pushed, deleted []string) {
doGitPushTestRepository(gitPath, "origin", "master")(t) // make sure master is the default branch instead of a branch we are going to delete doGitPushTestRepository(gitPath, "origin", "master")(t) // make sure master is the default branch instead of a branch we are going to delete
pushed = append(pushed, "master") pushed = append(pushed, "master")
doGitCreateBranch(gitPath, "branch-1")(t) doGitCreateBranch(gitPath, "branch-1")(t)
doGitPushTestRepository(gitPath, "origin", "branch-1")(t) doGitPushTestRepository(gitPath, "origin", "branch-1")(t)
pushed = append(pushed, "branch-1") pushed = append(pushed, "branch-1")
// delete and restore // delete and restore
doGitPushTestRepository(gitPath, "origin", "--delete", "branch-1")(t) doGitPushTestRepository(gitPath, "origin", "--delete", "branch-1")(t)
doGitPushTestRepository(gitPath, "origin", "branch-1")(t) doGitPushTestRepository(gitPath, "origin", "branch-1")(t)
return pushed, deleted return pushed, deleted
})
}) })
}) })
} }
func runTestGitPush(t *testing.T, u *url.URL, gitOperation func(t *testing.T, gitPath string) (pushed, deleted []string)) { func runTestGitPush(t *testing.T, u *url.URL, objectFormat git.ObjectFormat, gitOperation func(t *testing.T, gitPath string) (pushed, deleted []string)) {
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}) user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{ repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
Name: "repo-to-push", Name: "repo-to-push",
Description: "test git push", Description: "test git push",
AutoInit: false, AutoInit: false,
DefaultBranch: "main", DefaultBranch: "main",
IsPrivate: false, IsPrivate: false,
ObjectFormatName: objectFormat.Name(),
}) })
require.NoError(t, err) require.NoError(t, err)
require.NotEmpty(t, repo) require.NotEmpty(t, repo)
gitPath := t.TempDir() gitPath := t.TempDir()
doGitInitTestRepository(gitPath)(t) doGitInitTestRepository(gitPath, objectFormat)(t)
oldPath := u.Path oldPath := u.Path
oldUser := u.User oldUser := u.User
@ -158,83 +169,87 @@ func TestOptionsGitPush(t *testing.T) {
func testOptionsGitPush(t *testing.T, u *url.URL) { func testOptionsGitPush(t *testing.T, u *url.URL) {
user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}) user := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2})
repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
Name: "repo-to-push",
Description: "test git push",
AutoInit: false,
DefaultBranch: "main",
IsPrivate: false,
})
require.NoError(t, err)
require.NotEmpty(t, repo)
gitPath := t.TempDir() forEachObjectFormat(t, func(t *testing.T, objectFormat git.ObjectFormat) {
repo, err := repo_service.CreateRepository(db.DefaultContext, user, user, repo_service.CreateRepoOptions{
doGitInitTestRepository(gitPath)(t) Name: "repo-to-push",
Description: "test git push",
u.Path = repo.FullName() + ".git" AutoInit: false,
u.User = url.UserPassword(user.LowerName, userPassword) DefaultBranch: "main",
doGitAddRemote(gitPath, "origin", u)(t) IsPrivate: false,
ObjectFormatName: objectFormat.Name(),
t.Run("Unknown push options are rejected", func(t *testing.T) { })
logChecker, cleanup := test.NewLogChecker(log.DEFAULT, log.TRACE)
logChecker.Filter("unknown option").StopMark("Git push options validation")
defer cleanup()
branchName := "branch0"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepositoryFail(gitPath, "origin", branchName, "-o", "repo.template=false", "-o", "uknownoption=randomvalue")(t)
logFiltered, logStopped := logChecker.Check(5 * time.Second)
assert.True(t, logStopped)
assert.True(t, logFiltered[0])
})
t.Run("Owner sets private & template to true via push options", func(t *testing.T) {
branchName := "branch1"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepository(gitPath, "origin", branchName, "-o", "repo.private=true", "-o", "repo.template=true")(t)
repo, err := repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
require.NoError(t, err) require.NoError(t, err)
require.True(t, repo.IsPrivate) require.NotEmpty(t, repo)
require.True(t, repo.IsTemplate)
gitPath := t.TempDir()
doGitInitTestRepository(gitPath, objectFormat)(t)
u.Path = repo.FullName() + ".git"
u.User = url.UserPassword(user.LowerName, userPassword)
doGitAddRemote(gitPath, "origin", u)(t)
t.Run("Unknown push options are rejected", func(t *testing.T) {
logChecker, cleanup := test.NewLogChecker(log.DEFAULT, log.TRACE)
logChecker.Filter("unknown option").StopMark("Git push options validation")
defer cleanup()
branchName := "branch0"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepositoryFail(gitPath, "origin", branchName, "-o", "repo.template=false", "-o", "uknownoption=randomvalue")(t)
logFiltered, logStopped := logChecker.Check(5 * time.Second)
assert.True(t, logStopped)
assert.True(t, logFiltered[0])
})
t.Run("Owner sets private & template to true via push options", func(t *testing.T) {
branchName := "branch1"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepository(gitPath, "origin", branchName, "-o", "repo.private=true", "-o", "repo.template=true")(t)
repo, err := repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
require.NoError(t, err)
require.True(t, repo.IsPrivate)
require.True(t, repo.IsTemplate)
})
t.Run("Owner sets private & template to false via push options", func(t *testing.T) {
branchName := "branch2"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepository(gitPath, "origin", branchName, "-o", "repo.private=false", "-o", "repo.template=false")(t)
repo, err = repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
require.NoError(t, err)
require.False(t, repo.IsPrivate)
require.False(t, repo.IsTemplate)
})
// create a collaborator with write access
collaborator := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})
u.User = url.UserPassword(collaborator.LowerName, userPassword)
doGitAddRemote(gitPath, "collaborator", u)(t)
repo_module.AddCollaborator(db.DefaultContext, repo, collaborator)
t.Run("Collaborator with write access is allowed to push", func(t *testing.T) {
branchName := "branch3"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepository(gitPath, "collaborator", branchName)(t)
})
t.Run("Collaborator with write access fails to change private & template via push options", func(t *testing.T) {
logChecker, cleanup := test.NewLogChecker(log.DEFAULT, log.TRACE)
logChecker.Filter("permission denied for changing repo settings").StopMark("Git push options validation")
defer cleanup()
branchName := "branch4"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepositoryFail(gitPath, "collaborator", branchName, "-o", "repo.private=true", "-o", "repo.template=true")(t)
repo, err = repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
require.NoError(t, err)
require.False(t, repo.IsPrivate)
require.False(t, repo.IsTemplate)
logFiltered, logStopped := logChecker.Check(5 * time.Second)
assert.True(t, logStopped)
assert.True(t, logFiltered[0])
})
require.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, repo.ID))
}) })
t.Run("Owner sets private & template to false via push options", func(t *testing.T) {
branchName := "branch2"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepository(gitPath, "origin", branchName, "-o", "repo.private=false", "-o", "repo.template=false")(t)
repo, err = repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
require.NoError(t, err)
require.False(t, repo.IsPrivate)
require.False(t, repo.IsTemplate)
})
// create a collaborator with write access
collaborator := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 5})
u.User = url.UserPassword(collaborator.LowerName, userPassword)
doGitAddRemote(gitPath, "collaborator", u)(t)
repo_module.AddCollaborator(db.DefaultContext, repo, collaborator)
t.Run("Collaborator with write access is allowed to push", func(t *testing.T) {
branchName := "branch3"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepository(gitPath, "collaborator", branchName)(t)
})
t.Run("Collaborator with write access fails to change private & template via push options", func(t *testing.T) {
logChecker, cleanup := test.NewLogChecker(log.DEFAULT, log.TRACE)
logChecker.Filter("permission denied for changing repo settings").StopMark("Git push options validation")
defer cleanup()
branchName := "branch4"
doGitCreateBranch(gitPath, branchName)(t)
doGitPushTestRepositoryFail(gitPath, "collaborator", branchName, "-o", "repo.private=true", "-o", "repo.template=true")(t)
repo, err = repo_model.GetRepositoryByOwnerAndName(db.DefaultContext, user.Name, "repo-to-push")
require.NoError(t, err)
require.False(t, repo.IsPrivate)
require.False(t, repo.IsTemplate)
logFiltered, logStopped := logChecker.Check(5 * time.Second)
assert.True(t, logStopped)
assert.True(t, logFiltered[0])
})
require.NoError(t, repo_service.DeleteRepositoryDirectly(db.DefaultContext, user, repo.ID))
} }

2
tests/integration/git_test.go
View file

@ -598,7 +598,7 @@ func doPushCreate(ctx APITestContext, u *url.URL) func(t *testing.T) {
tmpDir := t.TempDir() tmpDir := t.TempDir()
// Now create local repository to push as our test and set its origin // Now create local repository to push as our test and set its origin
t.Run("InitTestRepository", doGitInitTestRepository(tmpDir)) t.Run("InitTestRepository", doGitInitTestRepository(tmpDir, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
t.Run("AddRemote", doGitAddRemote(tmpDir, "origin", u)) t.Run("AddRemote", doGitAddRemote(tmpDir, "origin", u))
// Disable "Push To Create" and attempt to push // Disable "Push To Create" and attempt to push

2
tests/integration/ssh_key_test.go
View file

@ -64,7 +64,7 @@ func testPushDeployKeyOnEmptyRepo(t *testing.T, u *url.URL) {
// Setup the testing repository // Setup the testing repository
dstPath := t.TempDir() dstPath := t.TempDir()
t.Run("InitTestRepository", doGitInitTestRepository(dstPath)) t.Run("InitTestRepository", doGitInitTestRepository(dstPath, git.Sha1ObjectFormat)) // FIXME: use forEachObjectFormat
// Setup remote link // Setup remote link
sshURL := createSSHUrl(ctx.GitPath(), u) sshURL := createSSHUrl(ctx.GitPath(), u)