From 0912cbb31ec5674c21112ea2d9b28c1ea44a7ab2 Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Fri, 2 Dec 2016 12:40:15 +0200 Subject: [PATCH 1/6] Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions --- cmd/serve.go | 5 + cmd/update.go | 14 +++ cmd/web.go | 5 + models/branches.go | 153 ++++++++++++++++++++++++++ models/migrations/migrations.go | 2 + models/migrations/v17.go | 29 +++++ modules/auth/repo_form.go | 1 - options/locale/TRANSLATORS | 5 +- options/locale/locale_en-US.ini | 11 ++ options/locale/locale_ru-RU.ini | 11 ++ routers/repo/http.go | 70 +++++++++++- routers/repo/setting.go | 108 ++++++++++++++++-- templates/repo/settings/branches.tmpl | 75 +++++++++++++ templates/repo/settings/nav.tmpl | 1 + templates/repo/settings/navbar.tmpl | 3 + templates/repo/settings/options.tmpl | 32 ++---- 16 files changed, 483 insertions(+), 42 deletions(-) create mode 100644 models/branches.go create mode 100644 models/migrations/v17.go create mode 100644 templates/repo/settings/branches.tmpl diff --git a/cmd/serve.go b/cmd/serve.go index 73b9dddd6312b..bec7d5e506237 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -340,6 +340,8 @@ func runServ(c *cli.Context) error { } else { gitcmd = exec.Command(verb, repoPath) } + os.Setenv(models.ProtectedBranchAccessMode, requestedMode.String()) + os.Setenv(models.ProtectedBranchRepoID, fmt.Sprintf("%d", repo.ID)) gitcmd.Dir = setting.RepoRootPath gitcmd.Stdout = os.Stdout gitcmd.Stdin = os.Stdin @@ -348,6 +350,9 @@ func runServ(c *cli.Context) error { fail("Internal error", "Failed to execute git command: %v", err) } + // TODO: fix this + // log.GitLogger.Trace("User:%s access:%v repository:%s reponame:%s ip:%s", user.Name, requestedMode, repoPath, reponame, os.Getenv("REMOTE_ADDR")) + if requestedMode == models.AccessModeWrite { handleUpdateTask(uuid, user, repoUser, reponame, isWiki) } diff --git a/cmd/update.go b/cmd/update.go index 4bbab9a3aff48..cbbdcf834d300 100644 --- a/cmd/update.go +++ b/cmd/update.go @@ -6,9 +6,12 @@ package cmd import ( "os" + "strconv" + "strings" "github.com/urfave/cli" + "code.gitea.io/git" "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/setting" @@ -48,6 +51,17 @@ func runUpdate(c *cli.Context) error { log.GitLogger.Fatal(2, "First argument 'refName' is empty, shouldn't use") } + branchName := strings.TrimPrefix(args[0], git.BranchPrefix) + repoID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchRepoID), 10, 64) + accessMode := models.ParseAccessMode(os.Getenv(models.ProtectedBranchAccessMode)) + // skip admin or owner AccessMode + if accessMode == models.AccessModeWrite { + if protectBranch, err := models.GetProtectedBranchBy(repoID, branchName); err == nil { + if protectBranch != nil && !protectBranch.CanPush { + log.GitLogger.Fatal(2, "protected branches can not be pushed to") + } + } + } task := models.UpdateTask{ UUID: os.Getenv("GITEA_UUID"), RefName: args[0], diff --git a/cmd/web.go b/cmd/web.go index 4fa93ba4d84c0..973de0bbecbfd 100644 --- a/cmd/web.go +++ b/cmd/web.go @@ -415,6 +415,11 @@ func runWeb(ctx *cli.Context) error { m.Post("/access_mode", repo.ChangeCollaborationAccessMode) m.Post("/delete", repo.DeleteCollaboration) }) + m.Group("/branches", func() { + m.Combo("").Get(repo.ProtectedBranch).Post(repo.ProtectedBranchPost) + m.Post("/can_push", repo.ChangeProtectedBranch) + m.Post("/delete", repo.DeleteProtectedBranch) + }) m.Group("/hooks", func() { m.Get("", repo.Webhooks) diff --git a/models/branches.go b/models/branches.go new file mode 100644 index 0000000000000..41e8c8b68c0c7 --- /dev/null +++ b/models/branches.go @@ -0,0 +1,153 @@ +// Copyright 2016 The Gitea Authors. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package models + +import ( + "fmt" + "strings" + "time" +) + +// Protected metadata +const ( + // Protected User ID + ProtectedBranchUserID = "GITEA_USER_ID" + // Protected Repo ID + ProtectedBranchRepoID = "GITEA_REPO_ID" + // Protected access mode + ProtectedBranchAccessMode = "GITEA_ACCESS_MODE" +) + +// ProtectedBranch struct +type ProtectedBranch struct { + ID int64 `xorm:"pk autoincr"` + RepoID int64 `xorm:"UNIQUE(s)"` + BranchName string `xorm:"UNIQUE(s)"` + CanPush bool + Created time.Time `xorm:"-"` + CreatedUnix int64 + Updated time.Time `xorm:"-"` + UpdatedUnix int64 +} + +// BeforeInsert before protected branch insert create and update time +func (protectBranch *ProtectedBranch) BeforeInsert() { + protectBranch.CreatedUnix = time.Now().Unix() + protectBranch.UpdatedUnix = protectBranch.CreatedUnix +} + +// BeforeUpdate before protected branch update time +func (protectBranch *ProtectedBranch) BeforeUpdate() { + protectBranch.UpdatedUnix = time.Now().Unix() +} + +// GetProtectedBranchByRepoID getting protected branch by repo ID +func GetProtectedBranchByRepoID(RepoID int64) ([]*ProtectedBranch, error) { + protectedBranches := make([]*ProtectedBranch, 0) + return protectedBranches, x.Where("repo_id = ?", RepoID).Desc("updated_unix").Find(&protectedBranches) +} + +// GetProtectedBranchBy getting protected branch by ID/Name +func GetProtectedBranchBy(repoID int64, BranchName string) (*ProtectedBranch, error) { + rel := &ProtectedBranch{RepoID: repoID, BranchName: strings.ToLower(BranchName)} + _, err := x.Get(rel) + return rel, err +} + +// GetProtectedBranches get all protected btanches +func (repo *Repository) GetProtectedBranches() ([]*ProtectedBranch, error) { + protectedBranches := make([]*ProtectedBranch, 0) + return protectedBranches, x.Find(&protectedBranches, &ProtectedBranch{RepoID: repo.ID}) +} + +// AddProtectedBranch add protection to branch +func (repo *Repository) AddProtectedBranch(branchName string, canPush bool) error { + protectedBranch := &ProtectedBranch{ + RepoID: repo.ID, + BranchName: branchName, + } + + has, err := x.Get(protectedBranch) + if err != nil { + return err + } else if has { + return nil + } + + sess := x.NewSession() + defer sessionRelease(sess) + if err = sess.Begin(); err != nil { + return err + } + protectedBranch.CanPush = canPush + if _, err = sess.InsertOne(protectedBranch); err != nil { + return err + } + + return sess.Commit() +} + +// ChangeProtectedBranch access mode sets new access mode for the ProtectedBranch. +func (repo *Repository) ChangeProtectedBranch(id int64, canPush bool) error { + ProtectedBranch := &ProtectedBranch{ + RepoID: repo.ID, + ID: id, + } + has, err := x.Get(ProtectedBranch) + if err != nil { + return fmt.Errorf("get ProtectedBranch: %v", err) + } else if !has { + return nil + } + + if ProtectedBranch.CanPush == canPush { + return nil + } + ProtectedBranch.CanPush = canPush + + sess := x.NewSession() + defer sessionRelease(sess) + if err = sess.Begin(); err != nil { + return err + } + + if _, err = sess.Id(ProtectedBranch.ID).AllCols().Update(ProtectedBranch); err != nil { + return fmt.Errorf("update ProtectedBranch: %v", err) + } + + return sess.Commit() +} + +// DeleteProtectedBranch removes ProtectedBranch relation between the user and repository. +func (repo *Repository) DeleteProtectedBranch(id int64) (err error) { + ProtectedBranch := &ProtectedBranch{ + RepoID: repo.ID, + ID: id, + } + + sess := x.NewSession() + defer sessionRelease(sess) + if err = sess.Begin(); err != nil { + return err + } + + if has, err := sess.Delete(ProtectedBranch); err != nil || has == 0 { + return err + } + + return sess.Commit() +} + +// newProtectedBranch insert one queue +func newProtectedBranch(protectedBranch *ProtectedBranch) error { + _, err := x.InsertOne(protectedBranch) + return err +} + +// UpdateProtectedBranch update queue +func UpdateProtectedBranch(protectedBranch *ProtectedBranch) error { + _, err := x.Update(protectedBranch) + return err +} diff --git a/models/migrations/migrations.go b/models/migrations/migrations.go index 9832cdca92017..e54d502b7d19e 100644 --- a/models/migrations/migrations.go +++ b/models/migrations/migrations.go @@ -82,6 +82,8 @@ var migrations = []Migration{ NewMigration("create user column allow create organization", createAllowCreateOrganizationColumn), // V16 -> v17 NewMigration("create repo unit table and add units for all repos", addUnitsToTables), + // v17 -> v18 + NewMigration("set protect branches updated with created", setProtectedBranchUpdatedWithCreated), } // Migrate database to current version diff --git a/models/migrations/v17.go b/models/migrations/v17.go new file mode 100644 index 0000000000000..2986badc97943 --- /dev/null +++ b/models/migrations/v17.go @@ -0,0 +1,29 @@ +// Copyright 2016 Gitea. All rights reserved. +// Use of this source code is governed by a MIT-style +// license that can be found in the LICENSE file. + +package migrations + +import ( + "fmt" + "time" + + "github.com/go-xorm/xorm" +) + +func setProtectedBranchUpdatedWithCreated(x *xorm.Engine) (err error) { + type ProtectedBranch struct { + ID int64 `xorm:"pk autoincr"` + RepoID int64 `xorm:"UNIQUE(s)"` + BranchName string `xorm:"UNIQUE(s)"` + CanPush bool + Created time.Time `xorm:"-"` + CreatedUnix int64 + Updated time.Time `xorm:"-"` + UpdatedUnix int64 + } + if err = x.Sync2(new(ProtectedBranch)); err != nil { + return fmt.Errorf("Sync2: %v", err) + } + return nil +} diff --git a/modules/auth/repo_form.go b/modules/auth/repo_form.go index 82018ea0ff26a..2b118ce48d891 100644 --- a/modules/auth/repo_form.go +++ b/modules/auth/repo_form.go @@ -88,7 +88,6 @@ type RepoSettingForm struct { RepoName string `binding:"Required;AlphaDashDot;MaxSize(100)"` Description string `binding:"MaxSize(255)"` Website string `binding:"Url;MaxSize(255)"` - Branch string Interval int MirrorAddress string Private bool diff --git a/options/locale/TRANSLATORS b/options/locale/TRANSLATORS index 651c830997c94..6dfda9ce9f7d9 100644 --- a/options/locale/TRANSLATORS +++ b/options/locale/TRANSLATORS @@ -20,6 +20,7 @@ Cysioland Damaris Padieu Daniel Speichert David Yzaguirre +Denis Denisov Dmitriy Nogay Enrico Testori hypertesto AT gmail DOT com Ezequiel Gonzalez Rial @@ -49,10 +50,12 @@ Muhammad Fawwaz Orabi Nakao Takamasa Natan Albuquerque Odilon Junior +Pablo Saavedra Richard Bukovansky Robert Nuske Robin Hübner SeongJae Park +Thiago Avelino Thomas Fanninger Tilmann Bach Toni Villena Jiménez @@ -60,5 +63,3 @@ Vladimir Jigulin mogaika AT yandex DOT ru Vladimir Vissoultchev YJSoft Łukasz Jan Niemier -Pablo Saavedra -Thiago Avelino diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index 3d1fd9da58f24..e09e4128a611c 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -813,6 +813,17 @@ settings.add_key_success = New deploy key '%s' has been added successfully! settings.deploy_key_deletion = Delete Deploy Key settings.deploy_key_deletion_desc = Deleting this deploy key will remove all related accesses for this repository. Do you want to continue? settings.deploy_key_deletion_success = Deploy key has been deleted successfully! +settings.branches=Branches +settings.protected_branch=Branch Protection +settings.protected_branch_can_push=Allow push? +settings.protected_branch_can_push_yes=You can push +settings.protected_branch_can_push_no=You can not push +settings.add_protected_branch=Enable protection +settings.delete_protected_branch=Disable protection +settings.add_protected_branch_success=Locked successfully +settings.remove_protected_branch_success=Unlocked successfully +settings.protected_branch_deletion=To delete a protected branch +settings.protected_branch_deletion_desc=Anyone with write permissions will be able to push directly to this branch. Are you sure? diff.browse_source = Browse Source diff.parent = parent diff --git a/options/locale/locale_ru-RU.ini b/options/locale/locale_ru-RU.ini index 8f9c844213cf2..17782242273fc 100644 --- a/options/locale/locale_ru-RU.ini +++ b/options/locale/locale_ru-RU.ini @@ -754,6 +754,17 @@ settings.add_key_success=Новый ключ развертывания '%s' у settings.deploy_key_deletion=Удалить ключ развертывания settings.deploy_key_deletion_desc=Удаление ключа развертывания приведет к удалению всех связанных прав доступа к репозиторию. Вы хотите продолжить? settings.deploy_key_deletion_success=Ключ развертывания успешно удален! +settings.branches=Ветки +settings.protected_branch=Ограничение Веток +settings.protected_branch_can_push=Разрешить пуш? +settings.protected_branch_can_push_yes=Можно пушить +settings.protected_branch_can_push_no=Нельзя пушить +settings.add_protected_branch=Включить защиту +settings.delete_protected_branch=Отключить защиту +settings.add_protected_branch_success=Заблокировано успешно +settings.remove_protected_branch_success=Разблокирован успешно +settings.protected_branch_deletion=Удалить защищенную ветку +settings.protected_branch_deletion_desc=Пользователь с разрешениями на запись может напрямую пушить в этой ветке. Вы уверены? diff.browse_source=Просмотр исходного кода diff.parent=Родитель diff --git a/routers/repo/http.go b/routers/repo/http.go index 695e758cdbc6e..f46545ff27466 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -232,9 +232,18 @@ func HTTP(ctx *context.Context) { } } + accessMode, err := models.AccessLevel(authUser, repo) + params := make(map[string]string) + params[models.ProtectedBranchUserID] = fmt.Sprintf("%d", authUser.ID) + if err == nil { + params[models.ProtectedBranchAccessMode] = accessMode.String() + } + params[models.ProtectedBranchRepoID] = fmt.Sprintf("%d", repo.ID) + HTTPBackend(ctx, &serviceConfig{ UploadPack: true, ReceivePack: true, + Params: params, OnSucceed: callback, })(ctx.Resp, ctx.Req.Request) @@ -244,6 +253,7 @@ func HTTP(ctx *context.Context) { type serviceConfig struct { UploadPack bool ReceivePack bool + Params map[string]string OnSucceed func(rpc string, input []byte) } @@ -261,6 +271,42 @@ func (h *serviceHandler) setHeaderNoCache() { h.w.Header().Set("Cache-Control", "no-cache, max-age=0, must-revalidate") } +func (h *serviceHandler) getBranch(input []byte) string { + var lastLine int64 + var branchName string + for { + head := input[lastLine : lastLine+2] + if head[0] == '0' && head[1] == '0' { + size, err := strconv.ParseInt(string(input[lastLine+2:lastLine+4]), 16, 32) + if err != nil { + log.Error(4, "%v", err) + return branchName + } + + if size == 0 { + //fmt.Println(string(input[lastLine:])) + break + } + + line := input[lastLine : lastLine+size] + idx := bytes.IndexRune(line, '\000') + if idx > -1 { + line = line[:idx] + } + + fields := strings.Fields(string(line)) + if len(fields) >= 3 { + refFullName := fields[2] + branchName = strings.TrimPrefix(refFullName, git.BranchPrefix) + } + lastLine = lastLine + size + } else { + break + } + } + return branchName +} + func (h *serviceHandler) setHeaderCacheForever() { now := time.Now().Unix() expires := now + 31536000 @@ -361,10 +407,11 @@ func serviceRPC(h serviceHandler, service string) { h.w.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-result", service)) var ( - reqBody = h.r.Body - input []byte - br io.Reader - err error + reqBody = h.r.Body + input []byte + br io.Reader + err error + branchName string ) // Handle GZIP. @@ -385,11 +432,26 @@ func serviceRPC(h serviceHandler, service string) { return } + branchName = h.getBranch(input) br = bytes.NewReader(input) } else { br = reqBody } + repoID, _ := strconv.ParseInt(h.cfg.Params[models.ProtectedBranchRepoID], 10, 64) + accessMode := models.ParseAccessMode(h.cfg.Params[models.ProtectedBranchAccessMode]) + // skip admin or owner AccessMode + if accessMode == models.AccessModeWrite { + if protectBranch, err := models.GetProtectedBranchBy(repoID, branchName); err == nil { + log.Trace("%v", protectBranch) + if protectBranch != nil && !protectBranch.CanPush { + log.GitLogger.Error(2, "protected branches can not be pushed to") + h.w.WriteHeader(http.StatusForbidden) + return + } + } + } + cmd := exec.Command("git", service, "--stateless-rpc", h.dir) cmd.Dir = h.dir cmd.Stdout = h.w diff --git a/routers/repo/setting.go b/routers/repo/setting.go index 17a5b4aa02314..914f20511408c 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -21,6 +21,7 @@ import ( const ( tplSettingsOptions base.TplName = "repo/settings/options" tplCollaboration base.TplName = "repo/settings/collaboration" + tplBranches base.TplName = "repo/settings/branches" tplGithooks base.TplName = "repo/settings/githooks" tplGithookEdit base.TplName = "repo/settings/githook_edit" tplDeployKeys base.TplName = "repo/settings/deploy_keys" @@ -78,17 +79,6 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) { // In case it's just a case change. repo.Name = newRepoName repo.LowerName = strings.ToLower(newRepoName) - - if ctx.Repo.GitRepo.IsBranchExist(form.Branch) && - repo.DefaultBranch != form.Branch { - repo.DefaultBranch = form.Branch - if err := ctx.Repo.GitRepo.SetDefaultBranch(form.Branch); err != nil { - if !git.IsErrUnsupportedVersion(err) { - ctx.Handle(500, "SetDefaultBranch", err) - return - } - } - } repo.Description = form.Description repo.Website = form.Website @@ -429,6 +419,102 @@ func DeleteCollaboration(ctx *context.Context) { }) } +// ProtectedBranch render the page to protect the repository +func ProtectedBranch(ctx *context.Context) { + ctx.Data["Title"] = ctx.Tr("repo.settings") + ctx.Data["PageIsSettingsBranches"] = true + + protectedBranches, err := ctx.Repo.Repository.GetProtectedBranches() + if err != nil { + ctx.Handle(500, "GetProtectedBranches", err) + return + } + ctx.Data["ProtectedBranches"] = protectedBranches + + ctx.HTML(200, tplBranches) +} + +// ProtectedBranchPost response for protect for a branch of a repository +func ProtectedBranchPost(ctx *context.Context) { + ctx.Data["Title"] = ctx.Tr("repo.settings") + ctx.Data["PageIsSettingsBranches"] = true + + repo := ctx.Repo.Repository + + switch ctx.Query("action") { + case "default_branch": + if ctx.HasError() { + ctx.HTML(200, tplBranches) + return + } + + branch := strings.ToLower(ctx.Query("branch")) + if ctx.Repo.GitRepo.IsBranchExist(branch) && + repo.DefaultBranch != branch { + repo.DefaultBranch = branch + if err := ctx.Repo.GitRepo.SetDefaultBranch(branch); err != nil { + if !git.IsErrUnsupportedVersion(err) { + ctx.Handle(500, "SetDefaultBranch", err) + return + } + } + } + + log.Trace("Repository basic settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name) + + ctx.Flash.Success(ctx.Tr("repo.settings.update_settings_success")) + ctx.Redirect(setting.AppSubURL + ctx.Req.URL.Path) + case "protected_branch": + if ctx.HasError() { + ctx.HTML(200, tplBranches) + return + } + + branchName := strings.ToLower(ctx.Query("branchName")) + canPush := ctx.QueryBool("canPush") + if len(branchName) == 0 || ctx.Repo.Owner.LowerName == branchName { + ctx.Redirect(setting.AppSubURL + ctx.Req.URL.Path) + return + } + + if err := ctx.Repo.Repository.AddProtectedBranch(branchName, canPush); err != nil { + ctx.Handle(500, "AddProtectedBranch", err) + return + } + + // TODO: fix this + // log.Trace("User:%s access:%v repository:%s reponame:%s ip:%s", ctx.Repo.Owner.Name, requestedMode, repo.Path, repo.Name, os.Getenv("REMOTE_ADDR")) + + ctx.Flash.Success(ctx.Tr("repo.settings.add_protected_branch_success")) + ctx.Redirect(setting.AppSubURL + ctx.Req.URL.Path) + default: + ctx.Handle(404, "", nil) + } +} + +// ChangeProtectedBranch response for changing access of a protect branch +func ChangeProtectedBranch(ctx *context.Context) { + if err := ctx.Repo.Repository.ChangeProtectedBranch( + ctx.QueryInt64("id"), + ctx.QueryBool("canPush")); err != nil { + log.Error(4, "ChangeProtectedBranch: %v", err) + } +} + +// DeleteProtectedBranch delete a protection for a branch of a repository +func DeleteProtectedBranch(ctx *context.Context) { + if err := ctx.Repo.Repository.DeleteProtectedBranch(ctx.QueryInt64("id")); err != nil { + ctx.Flash.Error("DeleteProtectedBranch: " + err.Error()) + } else { + ctx.Flash.Success(ctx.Tr("repo.settings.remove_protected_branch_success")) + } + + ctx.JSON(200, map[string]interface{}{ + "redirect": ctx.Repo.RepoLink + "/settings/branches", + }) +} + +// parseOwnerAndRepo get repos by owner func parseOwnerAndRepo(ctx *context.Context) (*models.User, *models.Repository) { owner, err := models.GetUserByName(ctx.Params(":username")) if err != nil { diff --git a/templates/repo/settings/branches.tmpl b/templates/repo/settings/branches.tmpl new file mode 100644 index 0000000000000..574822e86ba7d --- /dev/null +++ b/templates/repo/settings/branches.tmpl @@ -0,0 +1,75 @@ +{{template "base/head" .}} +
+ {{template "repo/header" .}} +
+
+ {{template "repo/settings/navbar" .}} +
+ {{template "base/alert" .}} + +

+ {{.i18n.Tr "repo.default_branch"}} +

+
+
+ {{.CsrfTokenHtml}} + +
+ The default branch is considered the "base" branch in your repository, + against which all pull requests and code commits are automatically made, + unless you specify a different branch. +
+ {{if not .Repository.IsBare}} +
+
+ +
{{.Repository.DefaultBranch}}
+ +
+ {{range .Branches}} +
{{.}}
+ {{end}} +
+
+
+ {{end}} + +
+ +
+
+
+ +

+ {{.i18n.Tr "repo.settings.protected_branch"}} +

+
+
+ {{.CsrfTokenHtml}} + +
+ +
+ +
+ +
+
+
+ +
+
+
+
+{{template "base/footer" .}} diff --git a/templates/repo/settings/nav.tmpl b/templates/repo/settings/nav.tmpl index 97df429f2c1d3..5cc77e1dc91ca 100644 --- a/templates/repo/settings/nav.tmpl +++ b/templates/repo/settings/nav.tmpl @@ -4,6 +4,7 @@
  • {{.i18n.Tr "repo.settings.options"}}
  • {{.i18n.Tr "repo.settings.collaboration"}}
    • +
  • {{.i18n.Tr "repo.settings.branches"}}
  • {{.i18n.Tr "repo.settings.hooks"}}
    • {{if or .SignedUser.AllowGitHook .SignedUser.IsAdmin}}
  • {{.i18n.Tr "repo.settings.githooks"}}
    • diff --git a/templates/repo/settings/navbar.tmpl b/templates/repo/settings/navbar.tmpl index 7ebf2886c981a..5da0a85667182 100644 --- a/templates/repo/settings/navbar.tmpl +++ b/templates/repo/settings/navbar.tmpl @@ -7,6 +7,9 @@ {{.i18n.Tr "repo.settings.collaboration"}} + + {{.i18n.Tr "repo.settings.branches"}} + {{.i18n.Tr "repo.settings.hooks"}} diff --git a/templates/repo/settings/options.tmpl b/templates/repo/settings/options.tmpl index 363fb0527a05f..091828bc009c6 100644 --- a/templates/repo/settings/options.tmpl +++ b/templates/repo/settings/options.tmpl @@ -17,30 +17,6 @@ -
    - - -
    -
    - - -
    - - {{if not .Repository.IsBare}} -
    - -
    - -
    {{.Repository.DefaultBranch}}
    - -
    - {{range .Branches}} -
    {{.}}
    - {{end}} -
    -
    -
    - {{end}} {{if not .Repository.IsFork}}
    @@ -50,6 +26,14 @@
    {{end}} +
    + + +
    +
    + + +
    From 47f9f545cd8ecf968f31ce4324d98a58f25e99b2 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Thu, 9 Feb 2017 11:51:36 +0800 Subject: [PATCH 2/6] finished the UI and add/delete protected branch response --- cmd/update.go | 15 ++++-- models/repo.go | 6 +++ options/locale/locale_en-US.ini | 5 +- public/js/index.js | 37 ++++++++++++++ routers/repo/http.go | 51 ++++++++++++------- routers/repo/setting.go | 61 +++++++++++++++++++---- templates/repo/settings/branches.tmpl | 72 +++++++++++++++++++++------ templates/repo/settings/navbar.tmpl | 2 + 8 files changed, 197 insertions(+), 52 deletions(-) diff --git a/cmd/update.go b/cmd/update.go index cbbdcf834d300..a8df02de4eed2 100644 --- a/cmd/update.go +++ b/cmd/update.go @@ -51,17 +51,24 @@ func runUpdate(c *cli.Context) error { log.GitLogger.Fatal(2, "First argument 'refName' is empty, shouldn't use") } + // protected branch check branchName := strings.TrimPrefix(args[0], git.BranchPrefix) repoID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchRepoID), 10, 64) + log.GitLogger.Trace("pushing to", repoID, branchName) accessMode := models.ParseAccessMode(os.Getenv(models.ProtectedBranchAccessMode)) // skip admin or owner AccessMode if accessMode == models.AccessModeWrite { - if protectBranch, err := models.GetProtectedBranchBy(repoID, branchName); err == nil { - if protectBranch != nil && !protectBranch.CanPush { - log.GitLogger.Fatal(2, "protected branches can not be pushed to") - } + protectBranch, err := models.GetProtectedBranchBy(repoID, branchName) + if err != nil { + log.GitLogger.Fatal(2, "retrieve protected branches information failed") + } + + if protectBranch != nil { + log.GitLogger.Fatal(2, "protected branches can not be pushed to") + fail("protected branches can not be pushed to", "protected branches can not be pushed to") } } + task := models.UpdateTask{ UUID: os.Getenv("GITEA_UUID"), RefName: args[0], diff --git a/models/repo.go b/models/repo.go index 9b1b868778bfa..b64c0ae88c8c7 100644 --- a/models/repo.go +++ b/models/repo.go @@ -523,6 +523,12 @@ func (repo *Repository) HasAccess(u *User) bool { return has } +// UpdateDefaultBranch updates the default branch +func (repo *Repository) UpdateDefaultBranch() error { + _, err := x.ID(repo.ID).Cols("default_branch").Update(repo) + return err +} + // IsOwnedBy returns true when user owns this repository func (repo *Repository) IsOwnedBy(userID int64) bool { return repo.OwnerID == userID diff --git a/options/locale/locale_en-US.ini b/options/locale/locale_en-US.ini index e09e4128a611c..455ee4c4e8b75 100644 --- a/options/locale/locale_en-US.ini +++ b/options/locale/locale_en-US.ini @@ -820,8 +820,9 @@ settings.protected_branch_can_push_yes=You can push settings.protected_branch_can_push_no=You can not push settings.add_protected_branch=Enable protection settings.delete_protected_branch=Disable protection -settings.add_protected_branch_success=Locked successfully -settings.remove_protected_branch_success=Unlocked successfully +settings.add_protected_branch_success=%s Locked successfully +settings.add_protected_branch_failed= %s Locked failed +settings.remove_protected_branch_success=%s Unlocked successfully settings.protected_branch_deletion=To delete a protected branch settings.protected_branch_deletion_desc=Anyone with write permissions will be able to push directly to this branch. Are you sure? diff --git a/public/js/index.js b/public/js/index.js index 487f812d1d461..d3634fcd48fb4 100644 --- a/public/js/index.js +++ b/public/js/index.js @@ -580,6 +580,42 @@ function initRepository() { } } +function initProtectedBranch() { + $('#protectedBranch').change(function () { + var $this = $(this); + $.post($this.data('url'), { + "_csrf": csrf, + "canPush": true, + "branchName": $this.val(), + }, + function (data) { + if (data.redirect) { + window.location.href = data.redirect; + } else { + location.reload(); + } + } + ); + }); + + $('.rm').click(function () { + var $this = $(this); + $.post($this.data('url'), { + "_csrf": csrf, + "canPush": false, + "branchName": $this.val(), + }, + function (data) { + if (data.redirect) { + window.location.href = data.redirect; + } else { + location.reload(); + } + } + ); + }); +} + function initRepositoryCollaboration() { console.log('initRepositoryCollaboration'); @@ -1400,6 +1436,7 @@ $(document).ready(function () { initEditForm(); initEditor(); initOrganization(); + initProtectedBranch(); initWebhook(); initAdmin(); initCodeView(); diff --git a/routers/repo/http.go b/routers/repo/http.go index f46545ff27466..780babd40de57 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -42,10 +42,20 @@ func HTTP(ctx *context.Context) { } else if service == "git-upload-pack" || strings.HasSuffix(ctx.Req.URL.Path, "git-upload-pack") { isPull = true + } else if service == "git-upload-archive" || + strings.HasSuffix(ctx.Req.URL.Path, "git-upload-archive") { + isPull = true } else { isPull = (ctx.Req.Method == "GET") } + var accessMode models.AccessMode + if isPull { + accessMode = models.AccessModeRead + } else { + accessMode = models.AccessModeWrite + } + isWiki := false if strings.HasSuffix(reponame, ".wiki") { isWiki = true @@ -146,17 +156,12 @@ func HTTP(ctx *context.Context) { } if !isPublicPull { - var tp = models.AccessModeWrite - if isPull { - tp = models.AccessModeRead - } - - has, err := models.HasAccess(authUser, repo, tp) + has, err := models.HasAccess(authUser, repo, accessMode) if err != nil { ctx.Handle(http.StatusInternalServerError, "HasAccess", err) return } else if !has { - if tp == models.AccessModeRead { + if accessMode == models.AccessModeRead { has, err = models.HasAccess(authUser, repo, models.AccessModeWrite) if err != nil { ctx.Handle(http.StatusInternalServerError, "HasAccess2", err) @@ -232,13 +237,15 @@ func HTTP(ctx *context.Context) { } } - accessMode, err := models.AccessLevel(authUser, repo) params := make(map[string]string) - params[models.ProtectedBranchUserID] = fmt.Sprintf("%d", authUser.ID) - if err == nil { - params[models.ProtectedBranchAccessMode] = accessMode.String() + + if askAuth { + params[models.ProtectedBranchUserID] = fmt.Sprintf("%d", authUser.ID) + if err == nil { + params[models.ProtectedBranchAccessMode] = accessMode.String() + } + params[models.ProtectedBranchRepoID] = fmt.Sprintf("%d", repo.ID) } - params[models.ProtectedBranchRepoID] = fmt.Sprintf("%d", repo.ID) HTTPBackend(ctx, &serviceConfig{ UploadPack: true, @@ -404,6 +411,7 @@ func serviceRPC(h serviceHandler, service string) { h.w.WriteHeader(http.StatusUnauthorized) return } + h.w.Header().Set("Content-Type", fmt.Sprintf("application/x-git-%s-result", service)) var ( @@ -438,17 +446,22 @@ func serviceRPC(h serviceHandler, service string) { br = reqBody } + // check protected branch repoID, _ := strconv.ParseInt(h.cfg.Params[models.ProtectedBranchRepoID], 10, 64) accessMode := models.ParseAccessMode(h.cfg.Params[models.ProtectedBranchAccessMode]) // skip admin or owner AccessMode if accessMode == models.AccessModeWrite { - if protectBranch, err := models.GetProtectedBranchBy(repoID, branchName); err == nil { - log.Trace("%v", protectBranch) - if protectBranch != nil && !protectBranch.CanPush { - log.GitLogger.Error(2, "protected branches can not be pushed to") - h.w.WriteHeader(http.StatusForbidden) - return - } + protectBranch, err := models.GetProtectedBranchBy(repoID, branchName) + if err != nil { + log.GitLogger.Error(2, "fail to get protected branch information: %v", err) + h.w.WriteHeader(http.StatusInternalServerError) + return + } + + if protectBranch != nil { + log.GitLogger.Error(2, "protected branches can not be pushed to") + h.w.WriteHeader(http.StatusForbidden) + return } } diff --git a/routers/repo/setting.go b/routers/repo/setting.go index 914f20511408c..bef2ee7306ea8 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -431,6 +431,23 @@ func ProtectedBranch(ctx *context.Context) { } ctx.Data["ProtectedBranches"] = protectedBranches + branches := ctx.Data["Branches"].([]string) + leftBranches := make([]string, 0, len(branches)-len(protectedBranches)) + for _, b := range branches { + var protected bool + for _, pb := range protectedBranches { + if b == pb.BranchName { + protected = true + break + } + } + if !protected { + leftBranches = append(leftBranches, b) + } + } + + ctx.Data["LeftBranches"] = leftBranches + ctx.HTML(200, tplBranches) } @@ -458,6 +475,10 @@ func ProtectedBranchPost(ctx *context.Context) { return } } + if err := repo.UpdateDefaultBranch(); err != nil { + ctx.Handle(500, "SetDefaultBranch", err) + return + } } log.Trace("Repository basic settings updated: %s/%s", ctx.Repo.Owner.Name, repo.Name) @@ -466,27 +487,45 @@ func ProtectedBranchPost(ctx *context.Context) { ctx.Redirect(setting.AppSubURL + ctx.Req.URL.Path) case "protected_branch": if ctx.HasError() { - ctx.HTML(200, tplBranches) + ctx.JSON(200, map[string]string{ + "redirect": setting.AppSubURL + ctx.Req.URL.Path, + }) return } - branchName := strings.ToLower(ctx.Query("branchName")) canPush := ctx.QueryBool("canPush") + branchName := strings.ToLower(ctx.Query("branchName")) if len(branchName) == 0 || ctx.Repo.Owner.LowerName == branchName { - ctx.Redirect(setting.AppSubURL + ctx.Req.URL.Path) + ctx.JSON(200, map[string]string{ + "redirect": setting.AppSubURL + ctx.Req.URL.Path, + }) return } - if err := ctx.Repo.Repository.AddProtectedBranch(branchName, canPush); err != nil { - ctx.Handle(500, "AddProtectedBranch", err) - return - } + if canPush { + if err := ctx.Repo.Repository.AddProtectedBranch(branchName, canPush); err != nil { + ctx.Flash.Error(ctx.Tr("repo.settings.add_protected_branch_failed", branchName)) + ctx.JSON(200, map[string]string{ + "status": "ok", + }) + return + } - // TODO: fix this - // log.Trace("User:%s access:%v repository:%s reponame:%s ip:%s", ctx.Repo.Owner.Name, requestedMode, repo.Path, repo.Name, os.Getenv("REMOTE_ADDR")) + ctx.Flash.Success(ctx.Tr("repo.settings.add_protected_branch_success", branchName)) + ctx.JSON(200, map[string]string{ + "redirect": setting.AppSubURL + ctx.Req.URL.Path, + }) + } else { + if err := ctx.Repo.Repository.DeleteProtectedBranch(ctx.QueryInt64("id")); err != nil { + ctx.Flash.Error("DeleteProtectedBranch: " + err.Error()) + } else { + ctx.Flash.Success(ctx.Tr("repo.settings.remove_protected_branch_success", branchName)) + } - ctx.Flash.Success(ctx.Tr("repo.settings.add_protected_branch_success")) - ctx.Redirect(setting.AppSubURL + ctx.Req.URL.Path) + ctx.JSON(200, map[string]interface{}{ + "status": "ok", + }) + } default: ctx.Handle(404, "", nil) } diff --git a/templates/repo/settings/branches.tmpl b/templates/repo/settings/branches.tmpl index 574822e86ba7d..edd0c6a9f24c1 100644 --- a/templates/repo/settings/branches.tmpl +++ b/templates/repo/settings/branches.tmpl @@ -20,18 +20,23 @@ unless you specify a different branch.
    {{if not .Repository.IsBare}} -
    -
    - -
    {{.Repository.DefaultBranch}}
    - -
    - {{range .Branches}} -
    {{.}}
    - {{end}} -
    -
    -
    +
    +
    +
    + +
    {{.Repository.DefaultBranch}}
    +
    +
    +
    {{end}}
    @@ -46,6 +51,7 @@
    {{.CsrfTokenHtml}} +
    - -
    - +
    +
    +
    + + +
    Choose a branch...
    +
    - +
    + +
    +
    + + + {{range .ProtectedBranches}} + + + + + {{else}} + + + + {{end}} + +
    {{.BranchName}}
    There is no protected branch
    +
    +
    + +
    diff --git a/templates/repo/settings/navbar.tmpl b/templates/repo/settings/navbar.tmpl index 5da0a85667182..13cdc7d34eede 100644 --- a/templates/repo/settings/navbar.tmpl +++ b/templates/repo/settings/navbar.tmpl @@ -7,9 +7,11 @@ {{.i18n.Tr "repo.settings.collaboration"}} + {{if not .Repository.IsBare}} {{.i18n.Tr "repo.settings.branches"}} + {{end}} {{.i18n.Tr "repo.settings.hooks"}} From 4fc35639edfe795328b581671af9be4709b9b909 Mon Sep 17 00:00:00 2001 From: Denis Denisov Date: Thu, 9 Feb 2017 07:47:35 +0200 Subject: [PATCH 3/6] reformat tmpl --- options/locale/locale_ru-RU.ini | 5 ++- templates/repo/settings/branches.tmpl | 56 ++++++++++----------------- 2 files changed, 23 insertions(+), 38 deletions(-) diff --git a/options/locale/locale_ru-RU.ini b/options/locale/locale_ru-RU.ini index 17782242273fc..62ad3a6c3d566 100644 --- a/options/locale/locale_ru-RU.ini +++ b/options/locale/locale_ru-RU.ini @@ -761,8 +761,9 @@ settings.protected_branch_can_push_yes=Можно пушить settings.protected_branch_can_push_no=Нельзя пушить settings.add_protected_branch=Включить защиту settings.delete_protected_branch=Отключить защиту -settings.add_protected_branch_success=Заблокировано успешно -settings.remove_protected_branch_success=Разблокирован успешно +settings.add_protected_branch_success=%s Заблокировано успешно +settings.add_protected_branch_failed= %s Заблокировано неуспешно +settings.remove_protected_branch_success=%s Разблокирован успешно settings.protected_branch_deletion=Удалить защищенную ветку settings.protected_branch_deletion_desc=Пользователь с разрешениями на запись может напрямую пушить в этой ветке. Вы уверены? diff --git a/templates/repo/settings/branches.tmpl b/templates/repo/settings/branches.tmpl index edd0c6a9f24c1..40e51060e678c 100644 --- a/templates/repo/settings/branches.tmpl +++ b/templates/repo/settings/branches.tmpl @@ -28,7 +28,7 @@ {{end}} - +
    {{.Repository.DefaultBranch}}
    -
    +
    - - {{range .ProtectedBranches}} - - - - - {{else}} - - - - {{end}} - -
    {{.BranchName}}
    There is no protected branch
    -
    -
    - - + + {{range .ProtectedBranches}} + +
    {{.BranchName}}
    + + + {{else}} + There is no protected branch + {{end}} + + +
    + - From 92e5ae3907ca6114cdd5bb161775f69a2bbdd9e2 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Thu, 9 Feb 2017 14:09:10 +0800 Subject: [PATCH 4/6] remove unused comment --- cmd/serve.go | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/cmd/serve.go b/cmd/serve.go index bec7d5e506237..5a425780aed21 100644 --- a/cmd/serve.go +++ b/cmd/serve.go @@ -340,8 +340,10 @@ func runServ(c *cli.Context) error { } else { gitcmd = exec.Command(verb, repoPath) } + os.Setenv(models.ProtectedBranchAccessMode, requestedMode.String()) os.Setenv(models.ProtectedBranchRepoID, fmt.Sprintf("%d", repo.ID)) + gitcmd.Dir = setting.RepoRootPath gitcmd.Stdout = os.Stdout gitcmd.Stdin = os.Stdin @@ -350,9 +352,6 @@ func runServ(c *cli.Context) error { fail("Internal error", "Failed to execute git command: %v", err) } - // TODO: fix this - // log.GitLogger.Trace("User:%s access:%v repository:%s reponame:%s ip:%s", user.Name, requestedMode, repoPath, reponame, os.Getenv("REMOTE_ADDR")) - if requestedMode == models.AccessModeWrite { handleUpdateTask(uuid, user, repoUser, reponame, isWiki) } From ab012193b6bb7b99eb00bd203fef75b321542772 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Mon, 20 Feb 2017 22:04:34 +0800 Subject: [PATCH 5/6] indent all the template files and remove ru translations since we use crowdin --- models/branches.go | 6 +- options/locale/TRANSLATORS | 1 - options/locale/locale_ru-RU.ini | 12 ---- public/js/index.js | 2 +- routers/repo/setting.go | 5 +- templates/repo/settings/branches.tmpl | 100 +++++++++++++------------- templates/repo/settings/navbar.tmpl | 6 +- 7 files changed, 59 insertions(+), 73 deletions(-) diff --git a/models/branches.go b/models/branches.go index 41e8c8b68c0c7..478f0b96764e7 100644 --- a/models/branches.go +++ b/models/branches.go @@ -122,7 +122,7 @@ func (repo *Repository) ChangeProtectedBranch(id int64, canPush bool) error { // DeleteProtectedBranch removes ProtectedBranch relation between the user and repository. func (repo *Repository) DeleteProtectedBranch(id int64) (err error) { - ProtectedBranch := &ProtectedBranch{ + protectedBranch := &ProtectedBranch{ RepoID: repo.ID, ID: id, } @@ -133,8 +133,10 @@ func (repo *Repository) DeleteProtectedBranch(id int64) (err error) { return err } - if has, err := sess.Delete(ProtectedBranch); err != nil || has == 0 { + if affected, err := sess.Delete(protectedBranch); err != nil { return err + } else if affected != 1 { + return fmt.Errorf("delete protected branch ID(%v) failed", id) } return sess.Commit() diff --git a/options/locale/TRANSLATORS b/options/locale/TRANSLATORS index 6dfda9ce9f7d9..b8354d0a5576c 100644 --- a/options/locale/TRANSLATORS +++ b/options/locale/TRANSLATORS @@ -20,7 +20,6 @@ Cysioland Damaris Padieu Daniel Speichert David Yzaguirre -Denis Denisov Dmitriy Nogay Enrico Testori hypertesto AT gmail DOT com Ezequiel Gonzalez Rial diff --git a/options/locale/locale_ru-RU.ini b/options/locale/locale_ru-RU.ini index 62ad3a6c3d566..8f9c844213cf2 100644 --- a/options/locale/locale_ru-RU.ini +++ b/options/locale/locale_ru-RU.ini @@ -754,18 +754,6 @@ settings.add_key_success=Новый ключ развертывания '%s' у settings.deploy_key_deletion=Удалить ключ развертывания settings.deploy_key_deletion_desc=Удаление ключа развертывания приведет к удалению всех связанных прав доступа к репозиторию. Вы хотите продолжить? settings.deploy_key_deletion_success=Ключ развертывания успешно удален! -settings.branches=Ветки -settings.protected_branch=Ограничение Веток -settings.protected_branch_can_push=Разрешить пуш? -settings.protected_branch_can_push_yes=Можно пушить -settings.protected_branch_can_push_no=Нельзя пушить -settings.add_protected_branch=Включить защиту -settings.delete_protected_branch=Отключить защиту -settings.add_protected_branch_success=%s Заблокировано успешно -settings.add_protected_branch_failed= %s Заблокировано неуспешно -settings.remove_protected_branch_success=%s Разблокирован успешно -settings.protected_branch_deletion=Удалить защищенную ветку -settings.protected_branch_deletion_desc=Пользователь с разрешениями на запись может напрямую пушить в этой ветке. Вы уверены? diff.browse_source=Просмотр исходного кода diff.parent=Родитель diff --git a/public/js/index.js b/public/js/index.js index d3634fcd48fb4..9272c050658e2 100644 --- a/public/js/index.js +++ b/public/js/index.js @@ -603,7 +603,7 @@ function initProtectedBranch() { $.post($this.data('url'), { "_csrf": csrf, "canPush": false, - "branchName": $this.val(), + "branchName": $this.data('val'), }, function (data) { if (data.redirect) { diff --git a/routers/repo/setting.go b/routers/repo/setting.go index bef2ee7306ea8..91068d242ae9d 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -493,15 +493,16 @@ func ProtectedBranchPost(ctx *context.Context) { return } - canPush := ctx.QueryBool("canPush") branchName := strings.ToLower(ctx.Query("branchName")) - if len(branchName) == 0 || ctx.Repo.Owner.LowerName == branchName { + if len(branchName) == 0 || !ctx.Repo.GitRepo.IsBranchExist(branchName) { ctx.JSON(200, map[string]string{ "redirect": setting.AppSubURL + ctx.Req.URL.Path, }) return } + canPush := ctx.QueryBool("canPush") + if canPush { if err := ctx.Repo.Repository.AddProtectedBranch(branchName, canPush); err != nil { ctx.Flash.Error(ctx.Tr("repo.settings.add_protected_branch_failed", branchName)) diff --git a/templates/repo/settings/branches.tmpl b/templates/repo/settings/branches.tmpl index 40e51060e678c..dbb32acd31742 100644 --- a/templates/repo/settings/branches.tmpl +++ b/templates/repo/settings/branches.tmpl @@ -6,7 +6,6 @@ {{template "repo/settings/navbar" .}}
    {{template "base/alert" .}} -

    {{.i18n.Tr "repo.default_branch"}}

    @@ -21,24 +20,24 @@
    {{if not .Repository.IsBare}}
    -
    -
    - -
    {{.Repository.DefaultBranch}}
    -
    -
    +
    +
    + +
    {{.Repository.DefaultBranch}}
    + +
    +
    {{end}} -
    @@ -52,48 +51,45 @@
    {{.CsrfTokenHtml}}
    - -
    + +
    -
    - - - -
    Choose a branch...
    - +
    -
    -
    -
    - -
    +
    - - - {{range .ProtectedBranches}} - - - - - {{else}} - - {{end}} - -
    {{.BranchName}}
    There is no protected branch
    -
    + + + {{range .ProtectedBranches}} + + + + + {{else}} + + {{end}} + +
    {{.BranchName}}
    There is no protected branch
    +
    -{{template "base/footer" .}} +{{template "base/footer" .}} \ No newline at end of file diff --git a/templates/repo/settings/navbar.tmpl b/templates/repo/settings/navbar.tmpl index 13cdc7d34eede..2c715574268bb 100644 --- a/templates/repo/settings/navbar.tmpl +++ b/templates/repo/settings/navbar.tmpl @@ -8,9 +8,9 @@ {{.i18n.Tr "repo.settings.collaboration"}} {{if not .Repository.IsBare}} - - {{.i18n.Tr "repo.settings.branches"}} - + + {{.i18n.Tr "repo.settings.branches"}} + {{end}} {{.i18n.Tr "repo.settings.hooks"}} From 73856202a185f899e2268ebeba40e442757978de Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Mon, 20 Feb 2017 22:43:35 +0800 Subject: [PATCH 6/6] fix the push bug --- cmd/update.go | 3 +-- models/branches.go | 10 ++++++++-- templates/repo/settings/branches.tmpl | 4 ---- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/cmd/update.go b/cmd/update.go index a8df02de4eed2..58e60493d01fc 100644 --- a/cmd/update.go +++ b/cmd/update.go @@ -54,7 +54,7 @@ func runUpdate(c *cli.Context) error { // protected branch check branchName := strings.TrimPrefix(args[0], git.BranchPrefix) repoID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchRepoID), 10, 64) - log.GitLogger.Trace("pushing to", repoID, branchName) + log.GitLogger.Trace("pushing to %d %v", repoID, branchName) accessMode := models.ParseAccessMode(os.Getenv(models.ProtectedBranchAccessMode)) // skip admin or owner AccessMode if accessMode == models.AccessModeWrite { @@ -65,7 +65,6 @@ func runUpdate(c *cli.Context) error { if protectBranch != nil { log.GitLogger.Fatal(2, "protected branches can not be pushed to") - fail("protected branches can not be pushed to", "protected branches can not be pushed to") } } diff --git a/models/branches.go b/models/branches.go index 478f0b96764e7..a02ff1b8bbeff 100644 --- a/models/branches.go +++ b/models/branches.go @@ -52,8 +52,14 @@ func GetProtectedBranchByRepoID(RepoID int64) ([]*ProtectedBranch, error) { // GetProtectedBranchBy getting protected branch by ID/Name func GetProtectedBranchBy(repoID int64, BranchName string) (*ProtectedBranch, error) { rel := &ProtectedBranch{RepoID: repoID, BranchName: strings.ToLower(BranchName)} - _, err := x.Get(rel) - return rel, err + has, err := x.Get(rel) + if err != nil { + return nil, err + } + if !has { + return nil, nil + } + return rel, nil } // GetProtectedBranches get all protected btanches diff --git a/templates/repo/settings/branches.tmpl b/templates/repo/settings/branches.tmpl index dbb32acd31742..79dd05392e600 100644 --- a/templates/repo/settings/branches.tmpl +++ b/templates/repo/settings/branches.tmpl @@ -48,10 +48,6 @@ {{.i18n.Tr "repo.settings.protected_branch"}}
    -
    - {{.CsrfTokenHtml}} -
    -