You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

572 lines
17 KiB

Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
5 years ago
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
5 years ago
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
5 years ago
  1. // Copyright 2016 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package models
  5. import (
  6. "context"
  7. "fmt"
  8. "strings"
  9. "time"
  10. "code.gitea.io/gitea/modules/base"
  11. "code.gitea.io/gitea/modules/log"
  12. "code.gitea.io/gitea/modules/timeutil"
  13. "code.gitea.io/gitea/modules/util"
  14. "github.com/gobwas/glob"
  15. "github.com/unknwon/com"
  16. )
  17. const (
  18. // ProtectedBranchRepoID protected Repo ID
  19. ProtectedBranchRepoID = "GITEA_REPO_ID"
  20. // ProtectedBranchPRID protected Repo PR ID
  21. ProtectedBranchPRID = "GITEA_PR_ID"
  22. )
  23. // ProtectedBranch struct
  24. type ProtectedBranch struct {
  25. ID int64 `xorm:"pk autoincr"`
  26. RepoID int64 `xorm:"UNIQUE(s)"`
  27. BranchName string `xorm:"UNIQUE(s)"`
  28. CanPush bool `xorm:"NOT NULL DEFAULT false"`
  29. EnableWhitelist bool
  30. WhitelistUserIDs []int64 `xorm:"JSON TEXT"`
  31. WhitelistTeamIDs []int64 `xorm:"JSON TEXT"`
  32. EnableMergeWhitelist bool `xorm:"NOT NULL DEFAULT false"`
  33. WhitelistDeployKeys bool `xorm:"NOT NULL DEFAULT false"`
  34. MergeWhitelistUserIDs []int64 `xorm:"JSON TEXT"`
  35. MergeWhitelistTeamIDs []int64 `xorm:"JSON TEXT"`
  36. EnableStatusCheck bool `xorm:"NOT NULL DEFAULT false"`
  37. StatusCheckContexts []string `xorm:"JSON TEXT"`
  38. EnableApprovalsWhitelist bool `xorm:"NOT NULL DEFAULT false"`
  39. ApprovalsWhitelistUserIDs []int64 `xorm:"JSON TEXT"`
  40. ApprovalsWhitelistTeamIDs []int64 `xorm:"JSON TEXT"`
  41. RequiredApprovals int64 `xorm:"NOT NULL DEFAULT 0"`
  42. BlockOnRejectedReviews bool `xorm:"NOT NULL DEFAULT false"`
  43. BlockOnOutdatedBranch bool `xorm:"NOT NULL DEFAULT false"`
  44. DismissStaleApprovals bool `xorm:"NOT NULL DEFAULT false"`
  45. RequireSignedCommits bool `xorm:"NOT NULL DEFAULT false"`
  46. ProtectedFilePatterns string `xorm:"TEXT"`
  47. CreatedUnix timeutil.TimeStamp `xorm:"created"`
  48. UpdatedUnix timeutil.TimeStamp `xorm:"updated"`
  49. }
  50. // IsProtected returns if the branch is protected
  51. func (protectBranch *ProtectedBranch) IsProtected() bool {
  52. return protectBranch.ID > 0
  53. }
  54. // CanUserPush returns if some user could push to this protected branch
  55. func (protectBranch *ProtectedBranch) CanUserPush(userID int64) bool {
  56. if !protectBranch.CanPush {
  57. return false
  58. }
  59. if !protectBranch.EnableWhitelist {
  60. if user, err := GetUserByID(userID); err != nil {
  61. log.Error("GetUserByID: %v", err)
  62. return false
  63. } else if repo, err := GetRepositoryByID(protectBranch.RepoID); err != nil {
  64. log.Error("GetRepositoryByID: %v", err)
  65. return false
  66. } else if writeAccess, err := HasAccessUnit(user, repo, UnitTypeCode, AccessModeWrite); err != nil {
  67. log.Error("HasAccessUnit: %v", err)
  68. return false
  69. } else {
  70. return writeAccess
  71. }
  72. }
  73. if base.Int64sContains(protectBranch.WhitelistUserIDs, userID) {
  74. return true
  75. }
  76. if len(protectBranch.WhitelistTeamIDs) == 0 {
  77. return false
  78. }
  79. in, err := IsUserInTeams(userID, protectBranch.WhitelistTeamIDs)
  80. if err != nil {
  81. log.Error("IsUserInTeams: %v", err)
  82. return false
  83. }
  84. return in
  85. }
  86. // IsUserMergeWhitelisted checks if some user is whitelisted to merge to this branch
  87. func (protectBranch *ProtectedBranch) IsUserMergeWhitelisted(userID int64) bool {
  88. if !protectBranch.EnableMergeWhitelist {
  89. return true
  90. }
  91. if base.Int64sContains(protectBranch.MergeWhitelistUserIDs, userID) {
  92. return true
  93. }
  94. if len(protectBranch.MergeWhitelistTeamIDs) == 0 {
  95. return false
  96. }
  97. in, err := IsUserInTeams(userID, protectBranch.MergeWhitelistTeamIDs)
  98. if err != nil {
  99. log.Error("IsUserInTeams: %v", err)
  100. return false
  101. }
  102. return in
  103. }
  104. // IsUserOfficialReviewer check if user is official reviewer for the branch (counts towards required approvals)
  105. func (protectBranch *ProtectedBranch) IsUserOfficialReviewer(user *User) (bool, error) {
  106. return protectBranch.isUserOfficialReviewer(x, user)
  107. }
  108. func (protectBranch *ProtectedBranch) isUserOfficialReviewer(e Engine, user *User) (bool, error) {
  109. repo, err := getRepositoryByID(e, protectBranch.RepoID)
  110. if err != nil {
  111. return false, err
  112. }
  113. if !protectBranch.EnableApprovalsWhitelist {
  114. // Anyone with write access is considered official reviewer
  115. writeAccess, err := hasAccessUnit(e, user, repo, UnitTypeCode, AccessModeWrite)
  116. if err != nil {
  117. return false, err
  118. }
  119. return writeAccess, nil
  120. }
  121. if base.Int64sContains(protectBranch.ApprovalsWhitelistUserIDs, user.ID) {
  122. return true, nil
  123. }
  124. inTeam, err := isUserInTeams(e, user.ID, protectBranch.ApprovalsWhitelistTeamIDs)
  125. if err != nil {
  126. return false, err
  127. }
  128. return inTeam, nil
  129. }
  130. // HasEnoughApprovals returns true if pr has enough granted approvals.
  131. func (protectBranch *ProtectedBranch) HasEnoughApprovals(pr *PullRequest) bool {
  132. if protectBranch.RequiredApprovals == 0 {
  133. return true
  134. }
  135. return protectBranch.GetGrantedApprovalsCount(pr) >= protectBranch.RequiredApprovals
  136. }
  137. // GetGrantedApprovalsCount returns the number of granted approvals for pr. A granted approval must be authored by a user in an approval whitelist.
  138. func (protectBranch *ProtectedBranch) GetGrantedApprovalsCount(pr *PullRequest) int64 {
  139. sess := x.Where("issue_id = ?", pr.IssueID).
  140. And("type = ?", ReviewTypeApprove).
  141. And("official = ?", true)
  142. if protectBranch.DismissStaleApprovals {
  143. sess = sess.And("stale = ?", false)
  144. }
  145. approvals, err := sess.Count(new(Review))
  146. if err != nil {
  147. log.Error("GetGrantedApprovalsCount: %v", err)
  148. return 0
  149. }
  150. return approvals
  151. }
  152. // MergeBlockedByRejectedReview returns true if merge is blocked by rejected reviews
  153. // An official ReviewRequest should also block Merge like Reject
  154. func (protectBranch *ProtectedBranch) MergeBlockedByRejectedReview(pr *PullRequest) bool {
  155. if !protectBranch.BlockOnRejectedReviews {
  156. return false
  157. }
  158. rejectExist, err := x.Where("issue_id = ?", pr.IssueID).
  159. And("type in ( ?, ?)", ReviewTypeReject, ReviewTypeRequest).
  160. And("official = ?", true).
  161. Exist(new(Review))
  162. if err != nil {
  163. log.Error("MergeBlockedByRejectedReview: %v", err)
  164. return true
  165. }
  166. return rejectExist
  167. }
  168. // MergeBlockedByOutdatedBranch returns true if merge is blocked by an outdated head branch
  169. func (protectBranch *ProtectedBranch) MergeBlockedByOutdatedBranch(pr *PullRequest) bool {
  170. return protectBranch.BlockOnOutdatedBranch && pr.CommitsBehind > 0
  171. }
  172. // GetProtectedFilePatterns parses a semicolon separated list of protected file patterns and returns a glob.Glob slice
  173. func (protectBranch *ProtectedBranch) GetProtectedFilePatterns() []glob.Glob {
  174. extarr := make([]glob.Glob, 0, 10)
  175. for _, expr := range strings.Split(strings.ToLower(protectBranch.ProtectedFilePatterns), ";") {
  176. expr = strings.TrimSpace(expr)
  177. if expr != "" {
  178. if g, err := glob.Compile(expr, '.', '/'); err != nil {
  179. log.Info("Invalid glob expresion '%s' (skipped): %v", expr, err)
  180. } else {
  181. extarr = append(extarr, g)
  182. }
  183. }
  184. }
  185. return extarr
  186. }
  187. // GetProtectedBranchByRepoID getting protected branch by repo ID
  188. func GetProtectedBranchByRepoID(repoID int64) ([]*ProtectedBranch, error) {
  189. protectedBranches := make([]*ProtectedBranch, 0)
  190. return protectedBranches, x.Where("repo_id = ?", repoID).Desc("updated_unix").Find(&protectedBranches)
  191. }
  192. // GetProtectedBranchBy getting protected branch by ID/Name
  193. func GetProtectedBranchBy(repoID int64, branchName string) (*ProtectedBranch, error) {
  194. return getProtectedBranchBy(x, repoID, branchName)
  195. }
  196. func getProtectedBranchBy(e Engine, repoID int64, branchName string) (*ProtectedBranch, error) {
  197. rel := &ProtectedBranch{RepoID: repoID, BranchName: branchName}
  198. has, err := e.Get(rel)
  199. if err != nil {
  200. return nil, err
  201. }
  202. if !has {
  203. return nil, nil
  204. }
  205. return rel, nil
  206. }
  207. // GetProtectedBranchByID getting protected branch by ID
  208. func GetProtectedBranchByID(id int64) (*ProtectedBranch, error) {
  209. rel := &ProtectedBranch{}
  210. has, err := x.ID(id).Get(rel)
  211. if err != nil {
  212. return nil, err
  213. }
  214. if !has {
  215. return nil, nil
  216. }
  217. return rel, nil
  218. }
  219. // WhitelistOptions represent all sorts of whitelists used for protected branches
  220. type WhitelistOptions struct {
  221. UserIDs []int64
  222. TeamIDs []int64
  223. MergeUserIDs []int64
  224. MergeTeamIDs []int64
  225. ApprovalsUserIDs []int64
  226. ApprovalsTeamIDs []int64
  227. }
  228. // UpdateProtectBranch saves branch protection options of repository.
  229. // If ID is 0, it creates a new record. Otherwise, updates existing record.
  230. // This function also performs check if whitelist user and team's IDs have been changed
  231. // to avoid unnecessary whitelist delete and regenerate.
  232. func UpdateProtectBranch(repo *Repository, protectBranch *ProtectedBranch, opts WhitelistOptions) (err error) {
  233. if err = repo.GetOwner(); err != nil {
  234. return fmt.Errorf("GetOwner: %v", err)
  235. }
  236. whitelist, err := updateUserWhitelist(repo, protectBranch.WhitelistUserIDs, opts.UserIDs)
  237. if err != nil {
  238. return err
  239. }
  240. protectBranch.WhitelistUserIDs = whitelist
  241. whitelist, err = updateUserWhitelist(repo, protectBranch.MergeWhitelistUserIDs, opts.MergeUserIDs)
  242. if err != nil {
  243. return err
  244. }
  245. protectBranch.MergeWhitelistUserIDs = whitelist
  246. whitelist, err = updateApprovalWhitelist(repo, protectBranch.ApprovalsWhitelistUserIDs, opts.ApprovalsUserIDs)
  247. if err != nil {
  248. return err
  249. }
  250. protectBranch.ApprovalsWhitelistUserIDs = whitelist
  251. // if the repo is in an organization
  252. whitelist, err = updateTeamWhitelist(repo, protectBranch.WhitelistTeamIDs, opts.TeamIDs)
  253. if err != nil {
  254. return err
  255. }
  256. protectBranch.WhitelistTeamIDs = whitelist
  257. whitelist, err = updateTeamWhitelist(repo, protectBranch.MergeWhitelistTeamIDs, opts.MergeTeamIDs)
  258. if err != nil {
  259. return err
  260. }
  261. protectBranch.MergeWhitelistTeamIDs = whitelist
  262. whitelist, err = updateTeamWhitelist(repo, protectBranch.ApprovalsWhitelistTeamIDs, opts.ApprovalsTeamIDs)
  263. if err != nil {
  264. return err
  265. }
  266. protectBranch.ApprovalsWhitelistTeamIDs = whitelist
  267. // Make sure protectBranch.ID is not 0 for whitelists
  268. if protectBranch.ID == 0 {
  269. if _, err = x.Insert(protectBranch); err != nil {
  270. return fmt.Errorf("Insert: %v", err)
  271. }
  272. return nil
  273. }
  274. if _, err = x.ID(protectBranch.ID).AllCols().Update(protectBranch); err != nil {
  275. return fmt.Errorf("Update: %v", err)
  276. }
  277. return nil
  278. }
  279. // GetProtectedBranches get all protected branches
  280. func (repo *Repository) GetProtectedBranches() ([]*ProtectedBranch, error) {
  281. protectedBranches := make([]*ProtectedBranch, 0)
  282. return protectedBranches, x.Find(&protectedBranches, &ProtectedBranch{RepoID: repo.ID})
  283. }
  284. // GetBranchProtection get the branch protection of a branch
  285. func (repo *Repository) GetBranchProtection(branchName string) (*ProtectedBranch, error) {
  286. return GetProtectedBranchBy(repo.ID, branchName)
  287. }
  288. // IsProtectedBranch checks if branch is protected
  289. func (repo *Repository) IsProtectedBranch(branchName string, doer *User) (bool, error) {
  290. if doer == nil {
  291. return true, nil
  292. }
  293. protectedBranch := &ProtectedBranch{
  294. RepoID: repo.ID,
  295. BranchName: branchName,
  296. }
  297. has, err := x.Exist(protectedBranch)
  298. if err != nil {
  299. return true, err
  300. }
  301. return has, nil
  302. }
  303. // IsProtectedBranchForPush checks if branch is protected for push
  304. func (repo *Repository) IsProtectedBranchForPush(branchName string, doer *User) (bool, error) {
  305. if doer == nil {
  306. return true, nil
  307. }
  308. protectedBranch := &ProtectedBranch{
  309. RepoID: repo.ID,
  310. BranchName: branchName,
  311. }
  312. has, err := x.Get(protectedBranch)
  313. if err != nil {
  314. return true, err
  315. } else if has {
  316. return !protectedBranch.CanUserPush(doer.ID), nil
  317. }
  318. return false, nil
  319. }
  320. // updateApprovalWhitelist checks whether the user whitelist changed and returns a whitelist with
  321. // the users from newWhitelist which have explicit read or write access to the repo.
  322. func updateApprovalWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) {
  323. hasUsersChanged := !util.IsSliceInt64Eq(currentWhitelist, newWhitelist)
  324. if !hasUsersChanged {
  325. return currentWhitelist, nil
  326. }
  327. whitelist = make([]int64, 0, len(newWhitelist))
  328. for _, userID := range newWhitelist {
  329. if reader, err := repo.IsReader(userID); err != nil {
  330. return nil, err
  331. } else if !reader {
  332. continue
  333. }
  334. whitelist = append(whitelist, userID)
  335. }
  336. return
  337. }
  338. // updateUserWhitelist checks whether the user whitelist changed and returns a whitelist with
  339. // the users from newWhitelist which have write access to the repo.
  340. func updateUserWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) {
  341. hasUsersChanged := !util.IsSliceInt64Eq(currentWhitelist, newWhitelist)
  342. if !hasUsersChanged {
  343. return currentWhitelist, nil
  344. }
  345. whitelist = make([]int64, 0, len(newWhitelist))
  346. for _, userID := range newWhitelist {
  347. user, err := GetUserByID(userID)
  348. if err != nil {
  349. return nil, fmt.Errorf("GetUserByID [user_id: %d, repo_id: %d]: %v", userID, repo.ID, err)
  350. }
  351. perm, err := GetUserRepoPermission(repo, user)
  352. if err != nil {
  353. return nil, fmt.Errorf("GetUserRepoPermission [user_id: %d, repo_id: %d]: %v", userID, repo.ID, err)
  354. }
  355. if !perm.CanWrite(UnitTypeCode) {
  356. continue // Drop invalid user ID
  357. }
  358. whitelist = append(whitelist, userID)
  359. }
  360. return
  361. }
  362. // updateTeamWhitelist checks whether the team whitelist changed and returns a whitelist with
  363. // the teams from newWhitelist which have write access to the repo.
  364. func updateTeamWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) {
  365. hasTeamsChanged := !util.IsSliceInt64Eq(currentWhitelist, newWhitelist)
  366. if !hasTeamsChanged {
  367. return currentWhitelist, nil
  368. }
  369. teams, err := GetTeamsWithAccessToRepo(repo.OwnerID, repo.ID, AccessModeRead)
  370. if err != nil {
  371. return nil, fmt.Errorf("GetTeamsWithAccessToRepo [org_id: %d, repo_id: %d]: %v", repo.OwnerID, repo.ID, err)
  372. }
  373. whitelist = make([]int64, 0, len(teams))
  374. for i := range teams {
  375. if com.IsSliceContainsInt64(newWhitelist, teams[i].ID) {
  376. whitelist = append(whitelist, teams[i].ID)
  377. }
  378. }
  379. return
  380. }
  381. // DeleteProtectedBranch removes ProtectedBranch relation between the user and repository.
  382. func (repo *Repository) DeleteProtectedBranch(id int64) (err error) {
  383. protectedBranch := &ProtectedBranch{
  384. RepoID: repo.ID,
  385. ID: id,
  386. }
  387. sess := x.NewSession()
  388. defer sess.Close()
  389. if err = sess.Begin(); err != nil {
  390. return err
  391. }
  392. if affected, err := sess.Delete(protectedBranch); err != nil {
  393. return err
  394. } else if affected != 1 {
  395. return fmt.Errorf("delete protected branch ID(%v) failed", id)
  396. }
  397. return sess.Commit()
  398. }
  399. // DeletedBranch struct
  400. type DeletedBranch struct {
  401. ID int64 `xorm:"pk autoincr"`
  402. RepoID int64 `xorm:"UNIQUE(s) INDEX NOT NULL"`
  403. Name string `xorm:"UNIQUE(s) NOT NULL"`
  404. Commit string `xorm:"UNIQUE(s) NOT NULL"`
  405. DeletedByID int64 `xorm:"INDEX"`
  406. DeletedBy *User `xorm:"-"`
  407. DeletedUnix timeutil.TimeStamp `xorm:"INDEX created"`
  408. }
  409. // AddDeletedBranch adds a deleted branch to the database
  410. func (repo *Repository) AddDeletedBranch(branchName, commit string, deletedByID int64) error {
  411. deletedBranch := &DeletedBranch{
  412. RepoID: repo.ID,
  413. Name: branchName,
  414. Commit: commit,
  415. DeletedByID: deletedByID,
  416. }
  417. sess := x.NewSession()
  418. defer sess.Close()
  419. if err := sess.Begin(); err != nil {
  420. return err
  421. }
  422. if _, err := sess.InsertOne(deletedBranch); err != nil {
  423. return err
  424. }
  425. return sess.Commit()
  426. }
  427. // GetDeletedBranches returns all the deleted branches
  428. func (repo *Repository) GetDeletedBranches() ([]*DeletedBranch, error) {
  429. deletedBranches := make([]*DeletedBranch, 0)
  430. return deletedBranches, x.Where("repo_id = ?", repo.ID).Desc("deleted_unix").Find(&deletedBranches)
  431. }
  432. // GetDeletedBranchByID get a deleted branch by its ID
  433. func (repo *Repository) GetDeletedBranchByID(id int64) (*DeletedBranch, error) {
  434. deletedBranch := &DeletedBranch{}
  435. has, err := x.ID(id).Get(deletedBranch)
  436. if err != nil {
  437. return nil, err
  438. }
  439. if !has {
  440. return nil, nil
  441. }
  442. return deletedBranch, nil
  443. }
  444. // RemoveDeletedBranch removes a deleted branch from the database
  445. func (repo *Repository) RemoveDeletedBranch(id int64) (err error) {
  446. deletedBranch := &DeletedBranch{
  447. RepoID: repo.ID,
  448. ID: id,
  449. }
  450. sess := x.NewSession()
  451. defer sess.Close()
  452. if err = sess.Begin(); err != nil {
  453. return err
  454. }
  455. if affected, err := sess.Delete(deletedBranch); err != nil {
  456. return err
  457. } else if affected != 1 {
  458. return fmt.Errorf("remove deleted branch ID(%v) failed", id)
  459. }
  460. return sess.Commit()
  461. }
  462. // LoadUser loads the user that deleted the branch
  463. // When there's no user found it returns a NewGhostUser
  464. func (deletedBranch *DeletedBranch) LoadUser() {
  465. user, err := GetUserByID(deletedBranch.DeletedByID)
  466. if err != nil {
  467. user = NewGhostUser()
  468. }
  469. deletedBranch.DeletedBy = user
  470. }
  471. // RemoveDeletedBranch removes all deleted branches
  472. func RemoveDeletedBranch(repoID int64, branch string) error {
  473. _, err := x.Where("repo_id=? AND name=?", repoID, branch).Delete(new(DeletedBranch))
  474. return err
  475. }
  476. // RemoveOldDeletedBranches removes old deleted branches
  477. func RemoveOldDeletedBranches(ctx context.Context, olderThan time.Duration) {
  478. // Nothing to do for shutdown or terminate
  479. log.Trace("Doing: DeletedBranchesCleanup")
  480. deleteBefore := time.Now().Add(-olderThan)
  481. _, err := x.Where("deleted_unix < ?", deleteBefore.Unix()).Delete(new(DeletedBranch))
  482. if err != nil {
  483. log.Error("DeletedBranchesCleanup: %v", err)
  484. }
  485. }