closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9545 Commits
2 Branches
178 MiB
Tree: 3eb323901c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3eb323901c'
${ noResults }
gitea/models/branches.go

572 lines
17 KiB
Raw Normal View History

Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Graceful: Xorm, RepoIndexer, Cron and Others (#9282) * Change graceful to use a singleton obtained through GetManager instead of a global. * Graceful: Make TestPullRequests shutdownable * Graceful: Make the cron tasks graceful * Graceful: AddTestPullRequest run in graceful ctx * Graceful: SyncMirrors shutdown * Graceful: SetDefaultContext for Xorm to be HammerContext * Avoid starting graceful for migrate commands and checkout * Graceful: DeliverHooks now can be shutdown * Fix multiple syncing errors in modules/sync/UniqueQueue & Make UniqueQueue closable * Begin the process of making the repo indexer shutdown gracefully
4 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Allow to set protected file patterns that can not be changed under no conditions (#10806) Co-Authored-By: zeripath <art27@cantab.net>
4 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Display ui time with customize time location (#7792) * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger
5 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Allow to set protected file patterns that can not be changed under no conditions (#10806) Co-Authored-By: zeripath <art27@cantab.net>
4 years ago
Use gitea forked macaron (#7933) Signed-off-by: Tamal Saha <tamal@appscode.com>
5 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Remove unused vars (#1063) * remove unused vars * remove unused comment
7 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
#6946 Run hooks on merge/edit and cope with protected branches (#6961) * Fix #6946 by checking PullRequest ID on pushing * Ensure we have the owner name, the pr attributes and the the issue * Fix TestSearchRepo by waiting till indexing is done * Update integrations/repo_search_test.go * changes as per @mrsdizzie * missing comma * Spelling mistake * Fix full pushing environment
5 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532) Fix #5997. If a push causes the patch/diff of a PR towards target branch to change, all existing reviews for the PR will be set and shown as stale. New branch protection option to dismiss stale approvals are added. To show that a review is not based on the latest PR changes, an hourglass is shown
4 years ago
Prevent merge of outdated PRs on protected branches (#11012) * Block PR on Outdated Branch * finalize * cleanup * fix typo and sentences thanks @guillep2k Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532) Fix #5997. If a push causes the patch/diff of a PR towards target branch to change, all existing reviews for the PR will be set and shown as stale. New branch protection option to dismiss stale approvals are added. To show that a review is not based on the latest PR changes, an hourglass is shown
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Allow to set protected file patterns that can not be changed under no conditions (#10806) Co-Authored-By: zeripath <art27@cantab.net>
4 years ago
Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532) Fix #5997. If a push causes the patch/diff of a PR towards target branch to change, all existing reviews for the PR will be set and shown as stale. New branch protection option to dismiss stale approvals are added. To show that a review is not based on the latest PR changes, an hourglass is shown
4 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Possibility to not use whitelist but allow anyone with write access * fix existing test * rename migration function * Try to give a better name for migration step * Clear settings if higher level setting is not set * Move official reviews to db instead of counting approvals each time * migration * fix * fix migration * fix migration * Remove NOT NULL from EnableWhitelist as migration isn't possible * Fix migration, reviews are connected to issues. * Fix SQL query issues in GetReviewersByPullID. * Simplify function GetReviewersByIssueID * Handle reviewers that has been deleted * Ensure reviews for test is in a well defined order * Only clear and set official reviews when it is an approve or reject.
5 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Possibility to not use whitelist but allow anyone with write access * fix existing test * rename migration function * Try to give a better name for migration step * Clear settings if higher level setting is not set * Move official reviews to db instead of counting approvals each time * migration * fix * fix migration * fix migration * Remove NOT NULL from EnableWhitelist as migration isn't possible * Fix migration, reviews are connected to issues. * Fix SQL query issues in GetReviewersByPullID. * Simplify function GetReviewersByIssueID * Handle reviewers that has been deleted * Ensure reviews for test is in a well defined order * Only clear and set official reviews when it is an approve or reject.
5 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
5 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Allow repo admin to merge PR regardless of review status (#9611) * Allow repo admin to merge even if review is not ok.
4 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Fix incorrect MergeWhitelistTeamIDs check in CanUserMerge function (#4519) (#4525)
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
5 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Possibility to not use whitelist but allow anyone with write access * fix existing test * rename migration function * Try to give a better name for migration step * Clear settings if higher level setting is not set * Move official reviews to db instead of counting approvals each time * migration * fix * fix migration * fix migration * Remove NOT NULL from EnableWhitelist as migration isn't possible * Fix migration, reviews are connected to issues. * Fix SQL query issues in GetReviewersByPullID. * Simplify function GetReviewersByIssueID * Handle reviewers that has been deleted * Ensure reviews for test is in a well defined order * Only clear and set official reviews when it is an approve or reject.
5 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532) Fix #5997. If a push causes the patch/diff of a PR towards target branch to change, all existing reviews for the PR will be set and shown as stale. New branch protection option to dismiss stale approvals are added. To show that a review is not based on the latest PR changes, an hourglass is shown
4 years ago
Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Possibility to not use whitelist but allow anyone with write access * fix existing test * rename migration function * Try to give a better name for migration step * Clear settings if higher level setting is not set * Move official reviews to db instead of counting approvals each time * migration * fix * fix migration * fix migration * Remove NOT NULL from EnableWhitelist as migration isn't possible * Fix migration, reviews are connected to issues. * Fix SQL query issues in GetReviewersByPullID. * Simplify function GetReviewersByIssueID * Handle reviewers that has been deleted * Ensure reviews for test is in a well defined order * Only clear and set official reviews when it is an approve or reject.
5 years ago
Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532) Fix #5997. If a push causes the patch/diff of a PR towards target branch to change, all existing reviews for the PR will be set and shown as stale. New branch protection option to dismiss stale approvals are added. To show that a review is not based on the latest PR changes, an hourglass is shown
4 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Possibility to not use whitelist but allow anyone with write access * fix existing test * rename migration function * Try to give a better name for migration step * Clear settings if higher level setting is not set * Move official reviews to db instead of counting approvals each time * migration * fix * fix migration * fix migration * Remove NOT NULL from EnableWhitelist as migration isn't possible * Fix migration, reviews are connected to issues. * Fix SQL query issues in GetReviewersByPullID. * Simplify function GetReviewersByIssueID * Handle reviewers that has been deleted * Ensure reviews for test is in a well defined order * Only clear and set official reviews when it is an approve or reject.
5 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
fix approvals limitation (#5521)
6 years ago
Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Possibility to not use whitelist but allow anyone with write access * fix existing test * rename migration function * Try to give a better name for migration step * Clear settings if higher level setting is not set * Move official reviews to db instead of counting approvals each time * migration * fix * fix migration * fix migration * Remove NOT NULL from EnableWhitelist as migration isn't possible * Fix migration, reviews are connected to issues. * Fix SQL query issues in GetReviewersByPullID. * Simplify function GetReviewersByIssueID * Handle reviewers that has been deleted * Ensure reviews for test is in a well defined order * Only clear and set official reviews when it is an approve or reject.
5 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Add branch protection option to block merge on requested changes. (#9592) * Add branch protection option to block merge on requested changes. * Add migration step * Fix check to correct negation * Apply suggestions from code review Language improvement. Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com> * Copyright year. Co-authored-by: John Olheiser <42128690+jolheiser@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
add request review from specific reviewers feature in pull request (#10756) * add request review feature in pull request add a way to notify specific reviewers to review like github , by add or delet a special type review . The acton is is similar to Assign , so many code reuse the function and items of Assignee, but the meaning and result is different. The Permission style is is similar to github, that only writer can add a review request from Reviewers, but the poster can recall and remove a review request after a reviwer has revied even if he don't have Write Premission. only manager , the poster and reviewer of a request review can remove it. The reviewers can be requested to review contain all readers for private repo , for public, contain all writers and watchers. The offical Review Request will block merge if Reject can block it. an other change: add ui otify for Assignees. Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv> Signed-off-by: a1012112796 <1012112796@qq.com> * new change * add placeholder string * do some changes follow #10238 to add review requests num on lists also change icon for review requests to eye Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
Add branch protection option to block merge on requested changes. (#9592) * Add branch protection option to block merge on requested changes. * Add migration step * Fix check to correct negation * Apply suggestions from code review Language improvement. Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com> * Copyright year. Co-authored-by: John Olheiser <42128690+jolheiser@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
add request review from specific reviewers feature in pull request (#10756) * add request review feature in pull request add a way to notify specific reviewers to review like github , by add or delet a special type review . The acton is is similar to Assign , so many code reuse the function and items of Assignee, but the meaning and result is different. The Permission style is is similar to github, that only writer can add a review request from Reviewers, but the poster can recall and remove a review request after a reviwer has revied even if he don't have Write Premission. only manager , the poster and reviewer of a request review can remove it. The reviewers can be requested to review contain all readers for private repo , for public, contain all writers and watchers. The offical Review Request will block merge if Reject can block it. an other change: add ui otify for Assignees. Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv> Signed-off-by: a1012112796 <1012112796@qq.com> * new change * add placeholder string * do some changes follow #10238 to add review requests num on lists also change icon for review requests to eye Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
Add branch protection option to block merge on requested changes. (#9592) * Add branch protection option to block merge on requested changes. * Add migration step * Fix check to correct negation * Apply suggestions from code review Language improvement. Co-Authored-By: John Olheiser <42128690+jolheiser@users.noreply.github.com> * Copyright year. Co-authored-by: John Olheiser <42128690+jolheiser@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
Prevent merge of outdated PRs on protected branches (#11012) * Block PR on Outdated Branch * finalize * cleanup * fix typo and sentences thanks @guillep2k Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
Allow to set protected file patterns that can not be changed under no conditions (#10806) Co-Authored-By: zeripath <art27@cantab.net>
4 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Add golangci (#6418)
5 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Add golangci (#6418)
5 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Add golangci (#6418)
5 years ago
Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Possibility to not use whitelist but allow anyone with write access * fix existing test * rename migration function * Try to give a better name for migration step * Clear settings if higher level setting is not set * Move official reviews to db instead of counting approvals each time * migration * fix * fix migration * fix migration * Remove NOT NULL from EnableWhitelist as migration isn't possible * Fix migration, reviews are connected to issues. * Fix SQL query issues in GetReviewersByPullID. * Simplify function GetReviewersByIssueID * Handle reviewers that has been deleted * Ensure reviews for test is in a well defined order * Only clear and set official reviews when it is an approve or reject.
5 years ago
Add golangci (#6418)
5 years ago
Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055) * Possibility to not use whitelist but allow anyone with write access * fix existing test * rename migration function * Try to give a better name for migration step * Clear settings if higher level setting is not set * Move official reviews to db instead of counting approvals each time * migration * fix * fix migration * fix migration * Remove NOT NULL from EnableWhitelist as migration isn't possible * Fix migration, reviews are connected to issues. * Fix SQL query issues in GetReviewersByPullID. * Simplify function GetReviewersByIssueID * Handle reviewers that has been deleted * Ensure reviews for test is in a well defined order * Only clear and set official reviews when it is an approve or reject.
5 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Allow users with explicit read access to give approvals (#8382)
5 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Replace deprecated Id method with ID (#2655)
7 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Fix typos in models/ and modules/ (#1248)
7 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Update branch API endpoint to show effective branch protection. (#9031) * Add API endpoint for displaying effective branch protection. * Add status checks.
5 years ago
Do not allow commiting to protected branch from online editor (#1502) * Do not allow commiting to protected branch from online editor * Add editor integration tests for adding new file and not allowing to add new file to protected branch
7 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Fix the protected branch panic issue (#3567)
6 years ago
Do not allow commiting to protected branch from online editor (#1502) * Do not allow commiting to protected branch from online editor * Add editor integration tests for adding new file and not allowing to add new file to protected branch
7 years ago
Push whitelist now doesn't apply to branch deletion (#4601) (#4607)
6 years ago
Do not allow commiting to protected branch from online editor (#1502) * Do not allow commiting to protected branch from online editor * Add editor integration tests for adding new file and not allowing to add new file to protected branch
7 years ago
improve protected branch to add whitelist support (#2451) * improve protected branch to add whitelist support * fix lint * fix style check * fix tests * fix description on UI and import * fix test * bug fixed * fix tests and languages * move isSliceInt64Eq to util pkg; improve function names & typo
7 years ago
Do not allow commiting to protected branch from online editor (#1502) * Do not allow commiting to protected branch from online editor * Add editor integration tests for adding new file and not allowing to add new file to protected branch
7 years ago
Allow users with explicit read access to give approvals (#8382)
5 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Restrict permission check on repositories and fix some problems (#5314) * fix units permission problems * fix some bugs and merge LoadUnits to repoAssignment * refactor permission struct and add some copyright heads * remove unused codes * fix routes units check * improve permission check * add unit tests for permission * fix typo * fix tests * fix some routes * fix api permission check * improve permission check * fix some permission check * fix tests * fix tests * improve some permission check * fix some permission check * refactor AccessLevel * fix bug * fix tests * fix tests * fix tests * fix AccessLevel * rename CanAccess * fix tests * fix comment * fix bug * add missing unit for test repos * fix bug * rename some functions * fix routes check
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Restrict permission check on repositories and fix some problems (#5314) * fix units permission problems * fix some bugs and merge LoadUnits to repoAssignment * refactor permission struct and add some copyright heads * remove unused codes * fix routes units check * improve permission check * add unit tests for permission * fix typo * fix tests * fix some routes * fix api permission check * improve permission check * fix some permission check * fix tests * fix tests * improve some permission check * fix some permission check * refactor AccessLevel * fix bug * fix tests * fix tests * fix tests * fix AccessLevel * rename CanAccess * fix tests * fix comment * fix bug * add missing unit for test repos * fix bug * rename some functions * fix routes check
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Approvals at Branch Protection (#5350) * Add branch protection for approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add required approvals Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add missing comments and fmt Signed-off-by: Jonas Franz <info@jonasfranz.software> * Add type = approval and group by reviewer_id to review * Prevent users from adding negative review limits * Add migration for approval whitelists Signed-off-by: Jonas Franz <info@jonasfranz.software>
6 years ago
Add protected branch whitelists for merging (#3689) * Add database migrations for merge whitelist * Add merge whitelist settings for protected branches * Add checks for merge whitelists
6 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Refactor session close as xorm already does everything needed internally (#2020)
7 years ago
Protected branches system (#339) * Protected branches system * Moved default branch to branches section (`:org/:reponame/settings/branches`). * Initial support Protected Branch. - Admin does not restrict - Owner not to limit - To write permission restrictions * reformat tmpl * finished the UI and add/delete protected branch response * remove unused comment * indent all the template files and remove ru translations since we use crowdin * fix the push bug
7 years ago
Add branch overiew page (#2108) * Add branch overiew page * fix changed method name on sub menu * remove unused code
7 years ago
Display ui time with customize time location (#7792) * display ui time with customize time location * fix lint * rename UILocation to DefaultUILocation * move time related functions to modules/timeutil * fix tests * fix tests * fix build * fix swagger
5 years ago
Add branch overiew page (#2108) * Add branch overiew page * fix changed method name on sub menu * remove unused code
7 years ago
Fix deleted branch isn't removed when push the branch again (#9516)
4 years ago
Add branch overiew page (#2108) * Add branch overiew page * fix changed method name on sub menu * remove unused code
7 years ago
Refactor Cron and merge dashboard tasks (#10745) * Refactor Cron and merge dashboard tasks * Merge Cron and Dashboard tasks * Make every cron task report a system notice on completion * Refactor the creation of these tasks * Ensure that execution counts of tasks is correct * Allow cron tasks to be started from the cron page * golangci-lint fixes * Enforce that only one task with the same name can be registered Signed-off-by: Andrew Thornton <art27@cantab.net> * fix name check Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @guillep2k * as per @lafriks Signed-off-by: Andrew Thornton <art27@cantab.net> * Add git.CommandContext variants Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years ago
Graceful: Xorm, RepoIndexer, Cron and Others (#9282) * Change graceful to use a singleton obtained through GetManager instead of a global. * Graceful: Make TestPullRequests shutdownable * Graceful: Make the cron tasks graceful * Graceful: AddTestPullRequest run in graceful ctx * Graceful: SyncMirrors shutdown * Graceful: SetDefaultContext for Xorm to be HammerContext * Avoid starting graceful for migrate commands and checkout * Graceful: DeliverHooks now can be shutdown * Fix multiple syncing errors in modules/sync/UniqueQueue & Make UniqueQueue closable * Begin the process of making the repo indexer shutdown gracefully
4 years ago
Add branch overiew page (#2108) * Add branch overiew page * fix changed method name on sub menu * remove unused code
7 years ago
Refactor Cron and merge dashboard tasks (#10745) * Refactor Cron and merge dashboard tasks * Merge Cron and Dashboard tasks * Make every cron task report a system notice on completion * Refactor the creation of these tasks * Ensure that execution counts of tasks is correct * Allow cron tasks to be started from the cron page * golangci-lint fixes * Enforce that only one task with the same name can be registered Signed-off-by: Andrew Thornton <art27@cantab.net> * fix name check Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @guillep2k * as per @lafriks Signed-off-by: Andrew Thornton <art27@cantab.net> * Add git.CommandContext variants Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years ago
Add branch overiew page (#2108) * Add branch overiew page * fix changed method name on sub menu * remove unused code
7 years ago
Better logging (#6038) (#6095) * Panic don't fatal on create new logger Fixes #5854 Signed-off-by: Andrew Thornton <art27@cantab.net> * partial broken * Update the logging infrastrcture Signed-off-by: Andrew Thornton <art27@cantab.net> * Reset the skip levels for Fatal and Error Signed-off-by: Andrew Thornton <art27@cantab.net> * broken ncsa * More log.Error fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove nal * set log-levels to lowercase * Make console_test test all levels * switch to lowercased levels * OK now working * Fix vetting issues * Fix lint * Fix tests * change default logging to match current gitea * Improve log testing Signed-off-by: Andrew Thornton <art27@cantab.net> * reset error skip levels to 0 * Update documentation and access logger configuration * Redirect the router log back to gitea if redirect macaron log but also allow setting the log level - i.e. TRACE * Fix broken level caching * Refactor the router log * Add Router logger * Add colorizing options * Adjust router colors * Only create logger if they will be used * update app.ini.sample * rename Attribute ColorAttribute * Change from white to green for function * Set fatal/error levels * Restore initial trace logger * Fix Trace arguments in modules/auth/auth.go * Properly handle XORMLogger * Improve admin/config page * fix fmt * Add auto-compression of old logs * Update error log levels * Remove the unnecessary skip argument from Error, Fatal and Critical * Add stacktrace support * Fix tests * Remove x/sync from vendors? * Add stderr option to console logger * Use filepath.ToSlash to protect against Windows in tests * Remove prefixed underscores from names in colors.go * Remove not implemented database logger This was removed from Gogs on 4 Mar 2016 but left in the configuration since then. * Ensure that log paths are relative to ROOT_PATH * use path.Join * rename jsonConfig to logConfig * Rename "config" to "jsonConfig" to make it clearer * Requested changes * Requested changes: XormLogger * Try to color the windows terminal If successful default to colorizing the console logs * fixup * Colorize initially too * update vendor * Colorize logs on default and remove if this is not a colorizing logger * Fix documentation * fix test * Use go-isatty to detect if on windows we are on msys or cygwin * Fix spelling mistake * Add missing vendors * More changes * Rationalise the ANSI writer protection * Adjust colors on advice from @0x5c * Make Flags a comma separated list * Move to use the windows constant for ENABLE_VIRTUAL_TERMINAL_PROCESSING * Ensure matching is done on the non-colored message - to simpify EXPRESSION
5 years ago
Add branch overiew page (#2108) * Add branch overiew page * fix changed method name on sub menu * remove unused code
7 years ago
 
  1. // Copyright 2016 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models
  6. 

  7. import (
  8. 	"context"
  9. 	"fmt"
  10. 	"strings"
  11. 	"time"
  12. 

  13. 	"code.gitea.io/gitea/modules/base"
  14. 	"code.gitea.io/gitea/modules/log"
  15. 	"code.gitea.io/gitea/modules/timeutil"
  16. 	"code.gitea.io/gitea/modules/util"
  17. 

  18. 	"github.com/gobwas/glob"
  19. 	"github.com/unknwon/com"
  20. )
  21. 

  22. const (
  23. 	// ProtectedBranchRepoID protected Repo ID

  24. 	ProtectedBranchRepoID = "GITEA_REPO_ID"
  25. 	// ProtectedBranchPRID protected Repo PR ID

  26. 	ProtectedBranchPRID = "GITEA_PR_ID"
  27. )
  28. 

  29. // ProtectedBranch struct

  30. type ProtectedBranch struct {
  31. 	ID                        int64  `xorm:"pk autoincr"`
  32. 	RepoID                    int64  `xorm:"UNIQUE(s)"`
  33. 	BranchName                string `xorm:"UNIQUE(s)"`
  34. 	CanPush                   bool   `xorm:"NOT NULL DEFAULT false"`
  35. 	EnableWhitelist           bool
  36. 	WhitelistUserIDs          []int64  `xorm:"JSON TEXT"`
  37. 	WhitelistTeamIDs          []int64  `xorm:"JSON TEXT"`
  38. 	EnableMergeWhitelist      bool     `xorm:"NOT NULL DEFAULT false"`
  39. 	WhitelistDeployKeys       bool     `xorm:"NOT NULL DEFAULT false"`
  40. 	MergeWhitelistUserIDs     []int64  `xorm:"JSON TEXT"`
  41. 	MergeWhitelistTeamIDs     []int64  `xorm:"JSON TEXT"`
  42. 	EnableStatusCheck         bool     `xorm:"NOT NULL DEFAULT false"`
  43. 	StatusCheckContexts       []string `xorm:"JSON TEXT"`
  44. 	EnableApprovalsWhitelist  bool     `xorm:"NOT NULL DEFAULT false"`
  45. 	ApprovalsWhitelistUserIDs []int64  `xorm:"JSON TEXT"`
  46. 	ApprovalsWhitelistTeamIDs []int64  `xorm:"JSON TEXT"`
  47. 	RequiredApprovals         int64    `xorm:"NOT NULL DEFAULT 0"`
  48. 	BlockOnRejectedReviews    bool     `xorm:"NOT NULL DEFAULT false"`
  49. 	BlockOnOutdatedBranch     bool     `xorm:"NOT NULL DEFAULT false"`
  50. 	DismissStaleApprovals     bool     `xorm:"NOT NULL DEFAULT false"`
  51. 	RequireSignedCommits      bool     `xorm:"NOT NULL DEFAULT false"`
  52. 	ProtectedFilePatterns     string   `xorm:"TEXT"`
  53. 

  54. 	CreatedUnix timeutil.TimeStamp `xorm:"created"`
  55. 	UpdatedUnix timeutil.TimeStamp `xorm:"updated"`
  56. }
  57. 

  58. // IsProtected returns if the branch is protected

  59. func (protectBranch *ProtectedBranch) IsProtected() bool {
  60. 	return protectBranch.ID > 0
  61. }
  62. 

  63. // CanUserPush returns if some user could push to this protected branch

  64. func (protectBranch *ProtectedBranch) CanUserPush(userID int64) bool {
  65. 	if !protectBranch.CanPush {
  66. 		return false
  67. 	}
  68. 

  69. 	if !protectBranch.EnableWhitelist {
  70. 		if user, err := GetUserByID(userID); err != nil {
  71. 			log.Error("GetUserByID: %v", err)
  72. 			return false
  73. 		} else if repo, err := GetRepositoryByID(protectBranch.RepoID); err != nil {
  74. 			log.Error("GetRepositoryByID: %v", err)
  75. 			return false
  76. 		} else if writeAccess, err := HasAccessUnit(user, repo, UnitTypeCode, AccessModeWrite); err != nil {
  77. 			log.Error("HasAccessUnit: %v", err)
  78. 			return false
  79. 		} else {
  80. 			return writeAccess
  81. 		}
  82. 	}
  83. 

  84. 	if base.Int64sContains(protectBranch.WhitelistUserIDs, userID) {
  85. 		return true
  86. 	}
  87. 

  88. 	if len(protectBranch.WhitelistTeamIDs) == 0 {
  89. 		return false
  90. 	}
  91. 

  92. 	in, err := IsUserInTeams(userID, protectBranch.WhitelistTeamIDs)
  93. 	if err != nil {
  94. 		log.Error("IsUserInTeams: %v", err)
  95. 		return false
  96. 	}
  97. 	return in
  98. }
  99. 

  100. // IsUserMergeWhitelisted checks if some user is whitelisted to merge to this branch

  101. func (protectBranch *ProtectedBranch) IsUserMergeWhitelisted(userID int64) bool {
  102. 	if !protectBranch.EnableMergeWhitelist {
  103. 		return true
  104. 	}
  105. 

  106. 	if base.Int64sContains(protectBranch.MergeWhitelistUserIDs, userID) {
  107. 		return true
  108. 	}
  109. 

  110. 	if len(protectBranch.MergeWhitelistTeamIDs) == 0 {
  111. 		return false
  112. 	}
  113. 

  114. 	in, err := IsUserInTeams(userID, protectBranch.MergeWhitelistTeamIDs)
  115. 	if err != nil {
  116. 		log.Error("IsUserInTeams: %v", err)
  117. 		return false
  118. 	}
  119. 	return in
  120. }
  121. 

  122. // IsUserOfficialReviewer check if user is official reviewer for the branch (counts towards required approvals)

  123. func (protectBranch *ProtectedBranch) IsUserOfficialReviewer(user *User) (bool, error) {
  124. 	return protectBranch.isUserOfficialReviewer(x, user)
  125. }
  126. 

  127. func (protectBranch *ProtectedBranch) isUserOfficialReviewer(e Engine, user *User) (bool, error) {
  128. 	repo, err := getRepositoryByID(e, protectBranch.RepoID)
  129. 	if err != nil {
  130. 		return false, err
  131. 	}
  132. 

  133. 	if !protectBranch.EnableApprovalsWhitelist {
  134. 		// Anyone with write access is considered official reviewer

  135. 		writeAccess, err := hasAccessUnit(e, user, repo, UnitTypeCode, AccessModeWrite)
  136. 		if err != nil {
  137. 			return false, err
  138. 		}
  139. 		return writeAccess, nil
  140. 	}
  141. 

  142. 	if base.Int64sContains(protectBranch.ApprovalsWhitelistUserIDs, user.ID) {
  143. 		return true, nil
  144. 	}
  145. 

  146. 	inTeam, err := isUserInTeams(e, user.ID, protectBranch.ApprovalsWhitelistTeamIDs)
  147. 	if err != nil {
  148. 		return false, err
  149. 	}
  150. 

  151. 	return inTeam, nil
  152. }
  153. 

  154. // HasEnoughApprovals returns true if pr has enough granted approvals.

  155. func (protectBranch *ProtectedBranch) HasEnoughApprovals(pr *PullRequest) bool {
  156. 	if protectBranch.RequiredApprovals == 0 {
  157. 		return true
  158. 	}
  159. 	return protectBranch.GetGrantedApprovalsCount(pr) >= protectBranch.RequiredApprovals
  160. }
  161. 

  162. // GetGrantedApprovalsCount returns the number of granted approvals for pr. A granted approval must be authored by a user in an approval whitelist.

  163. func (protectBranch *ProtectedBranch) GetGrantedApprovalsCount(pr *PullRequest) int64 {
  164. 	sess := x.Where("issue_id = ?", pr.IssueID).
  165. 		And("type = ?", ReviewTypeApprove).
  166. 		And("official = ?", true)
  167. 	if protectBranch.DismissStaleApprovals {
  168. 		sess = sess.And("stale = ?", false)
  169. 	}
  170. 	approvals, err := sess.Count(new(Review))
  171. 	if err != nil {
  172. 		log.Error("GetGrantedApprovalsCount: %v", err)
  173. 		return 0
  174. 	}
  175. 

  176. 	return approvals
  177. }
  178. 

  179. // MergeBlockedByRejectedReview returns true if merge is blocked by rejected reviews

  180. // An official ReviewRequest should also block Merge like Reject

  181. func (protectBranch *ProtectedBranch) MergeBlockedByRejectedReview(pr *PullRequest) bool {
  182. 	if !protectBranch.BlockOnRejectedReviews {
  183. 		return false
  184. 	}
  185. 	rejectExist, err := x.Where("issue_id = ?", pr.IssueID).
  186. 		And("type in ( ?, ?)", ReviewTypeReject, ReviewTypeRequest).
  187. 		And("official = ?", true).
  188. 		Exist(new(Review))
  189. 	if err != nil {
  190. 		log.Error("MergeBlockedByRejectedReview: %v", err)
  191. 		return true
  192. 	}
  193. 

  194. 	return rejectExist
  195. }
  196. 

  197. // MergeBlockedByOutdatedBranch returns true if merge is blocked by an outdated head branch

  198. func (protectBranch *ProtectedBranch) MergeBlockedByOutdatedBranch(pr *PullRequest) bool {
  199. 	return protectBranch.BlockOnOutdatedBranch && pr.CommitsBehind > 0
  200. }
  201. 

  202. // GetProtectedFilePatterns parses a semicolon separated list of protected file patterns and returns a glob.Glob slice

  203. func (protectBranch *ProtectedBranch) GetProtectedFilePatterns() []glob.Glob {
  204. 	extarr := make([]glob.Glob, 0, 10)
  205. 	for _, expr := range strings.Split(strings.ToLower(protectBranch.ProtectedFilePatterns), ";") {
  206. 		expr = strings.TrimSpace(expr)
  207. 		if expr != "" {
  208. 			if g, err := glob.Compile(expr, '.', '/'); err != nil {
  209. 				log.Info("Invalid glob expresion '%s' (skipped): %v", expr, err)
  210. 			} else {
  211. 				extarr = append(extarr, g)
  212. 			}
  213. 		}
  214. 	}
  215. 	return extarr
  216. }
  217. 

  218. // GetProtectedBranchByRepoID getting protected branch by repo ID

  219. func GetProtectedBranchByRepoID(repoID int64) ([]*ProtectedBranch, error) {
  220. 	protectedBranches := make([]*ProtectedBranch, 0)
  221. 	return protectedBranches, x.Where("repo_id = ?", repoID).Desc("updated_unix").Find(&protectedBranches)
  222. }
  223. 

  224. // GetProtectedBranchBy getting protected branch by ID/Name

  225. func GetProtectedBranchBy(repoID int64, branchName string) (*ProtectedBranch, error) {
  226. 	return getProtectedBranchBy(x, repoID, branchName)
  227. }
  228. 

  229. func getProtectedBranchBy(e Engine, repoID int64, branchName string) (*ProtectedBranch, error) {
  230. 	rel := &ProtectedBranch{RepoID: repoID, BranchName: branchName}
  231. 	has, err := e.Get(rel)
  232. 	if err != nil {
  233. 		return nil, err
  234. 	}
  235. 	if !has {
  236. 		return nil, nil
  237. 	}
  238. 	return rel, nil
  239. }
  240. 

  241. // GetProtectedBranchByID getting protected branch by ID

  242. func GetProtectedBranchByID(id int64) (*ProtectedBranch, error) {
  243. 	rel := &ProtectedBranch{ID: id}
  244. 	has, err := x.Get(rel)
  245. 	if err != nil {
  246. 		return nil, err
  247. 	}
  248. 	if !has {
  249. 		return nil, nil
  250. 	}
  251. 	return rel, nil
  252. }
  253. 

  254. // WhitelistOptions represent all sorts of whitelists used for protected branches

  255. type WhitelistOptions struct {
  256. 	UserIDs []int64
  257. 	TeamIDs []int64
  258. 

  259. 	MergeUserIDs []int64
  260. 	MergeTeamIDs []int64
  261. 

  262. 	ApprovalsUserIDs []int64
  263. 	ApprovalsTeamIDs []int64
  264. }
  265. 

  266. // UpdateProtectBranch saves branch protection options of repository.

  267. // If ID is 0, it creates a new record. Otherwise, updates existing record.

  268. // This function also performs check if whitelist user and team's IDs have been changed

  269. // to avoid unnecessary whitelist delete and regenerate.

  270. func UpdateProtectBranch(repo *Repository, protectBranch *ProtectedBranch, opts WhitelistOptions) (err error) {
  271. 	if err = repo.GetOwner(); err != nil {
  272. 		return fmt.Errorf("GetOwner: %v", err)
  273. 	}
  274. 

  275. 	whitelist, err := updateUserWhitelist(repo, protectBranch.WhitelistUserIDs, opts.UserIDs)
  276. 	if err != nil {
  277. 		return err
  278. 	}
  279. 	protectBranch.WhitelistUserIDs = whitelist
  280. 

  281. 	whitelist, err = updateUserWhitelist(repo, protectBranch.MergeWhitelistUserIDs, opts.MergeUserIDs)
  282. 	if err != nil {
  283. 		return err
  284. 	}
  285. 	protectBranch.MergeWhitelistUserIDs = whitelist
  286. 

  287. 	whitelist, err = updateApprovalWhitelist(repo, protectBranch.ApprovalsWhitelistUserIDs, opts.ApprovalsUserIDs)
  288. 	if err != nil {
  289. 		return err
  290. 	}
  291. 	protectBranch.ApprovalsWhitelistUserIDs = whitelist
  292. 

  293. 	// if the repo is in an organization

  294. 	whitelist, err = updateTeamWhitelist(repo, protectBranch.WhitelistTeamIDs, opts.TeamIDs)
  295. 	if err != nil {
  296. 		return err
  297. 	}
  298. 	protectBranch.WhitelistTeamIDs = whitelist
  299. 

  300. 	whitelist, err = updateTeamWhitelist(repo, protectBranch.MergeWhitelistTeamIDs, opts.MergeTeamIDs)
  301. 	if err != nil {
  302. 		return err
  303. 	}
  304. 	protectBranch.MergeWhitelistTeamIDs = whitelist
  305. 

  306. 	whitelist, err = updateTeamWhitelist(repo, protectBranch.ApprovalsWhitelistTeamIDs, opts.ApprovalsTeamIDs)
  307. 	if err != nil {
  308. 		return err
  309. 	}
  310. 	protectBranch.ApprovalsWhitelistTeamIDs = whitelist
  311. 

  312. 	// Make sure protectBranch.ID is not 0 for whitelists

  313. 	if protectBranch.ID == 0 {
  314. 		if _, err = x.Insert(protectBranch); err != nil {
  315. 			return fmt.Errorf("Insert: %v", err)
  316. 		}
  317. 		return nil
  318. 	}
  319. 

  320. 	if _, err = x.ID(protectBranch.ID).AllCols().Update(protectBranch); err != nil {
  321. 		return fmt.Errorf("Update: %v", err)
  322. 	}
  323. 

  324. 	return nil
  325. }
  326. 

  327. // GetProtectedBranches get all protected branches

  328. func (repo *Repository) GetProtectedBranches() ([]*ProtectedBranch, error) {
  329. 	protectedBranches := make([]*ProtectedBranch, 0)
  330. 	return protectedBranches, x.Find(&protectedBranches, &ProtectedBranch{RepoID: repo.ID})
  331. }
  332. 

  333. // GetBranchProtection get the branch protection of a branch

  334. func (repo *Repository) GetBranchProtection(branchName string) (*ProtectedBranch, error) {
  335. 	return GetProtectedBranchBy(repo.ID, branchName)
  336. }
  337. 

  338. // IsProtectedBranch checks if branch is protected

  339. func (repo *Repository) IsProtectedBranch(branchName string, doer *User) (bool, error) {
  340. 	if doer == nil {
  341. 		return true, nil
  342. 	}
  343. 

  344. 	protectedBranch := &ProtectedBranch{
  345. 		RepoID:     repo.ID,
  346. 		BranchName: branchName,
  347. 	}
  348. 

  349. 	has, err := x.Exist(protectedBranch)
  350. 	if err != nil {
  351. 		return true, err
  352. 	}
  353. 	return has, nil
  354. }
  355. 

  356. // IsProtectedBranchForPush checks if branch is protected for push

  357. func (repo *Repository) IsProtectedBranchForPush(branchName string, doer *User) (bool, error) {
  358. 	if doer == nil {
  359. 		return true, nil
  360. 	}
  361. 

  362. 	protectedBranch := &ProtectedBranch{
  363. 		RepoID:     repo.ID,
  364. 		BranchName: branchName,
  365. 	}
  366. 

  367. 	has, err := x.Get(protectedBranch)
  368. 	if err != nil {
  369. 		return true, err
  370. 	} else if has {
  371. 		return !protectedBranch.CanUserPush(doer.ID), nil
  372. 	}
  373. 

  374. 	return false, nil
  375. }
  376. 

  377. // updateApprovalWhitelist checks whether the user whitelist changed and returns a whitelist with

  378. // the users from newWhitelist which have explicit read or write access to the repo.

  379. func updateApprovalWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) {
  380. 	hasUsersChanged := !util.IsSliceInt64Eq(currentWhitelist, newWhitelist)
  381. 	if !hasUsersChanged {
  382. 		return currentWhitelist, nil
  383. 	}
  384. 

  385. 	whitelist = make([]int64, 0, len(newWhitelist))
  386. 	for _, userID := range newWhitelist {
  387. 		if reader, err := repo.IsReader(userID); err != nil {
  388. 			return nil, err
  389. 		} else if !reader {
  390. 			continue
  391. 		}
  392. 		whitelist = append(whitelist, userID)
  393. 	}
  394. 

  395. 	return
  396. }
  397. 

  398. // updateUserWhitelist checks whether the user whitelist changed and returns a whitelist with

  399. // the users from newWhitelist which have write access to the repo.

  400. func updateUserWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) {
  401. 	hasUsersChanged := !util.IsSliceInt64Eq(currentWhitelist, newWhitelist)
  402. 	if !hasUsersChanged {
  403. 		return currentWhitelist, nil
  404. 	}
  405. 

  406. 	whitelist = make([]int64, 0, len(newWhitelist))
  407. 	for _, userID := range newWhitelist {
  408. 		user, err := GetUserByID(userID)
  409. 		if err != nil {
  410. 			return nil, fmt.Errorf("GetUserByID [user_id: %d, repo_id: %d]: %v", userID, repo.ID, err)
  411. 		}
  412. 		perm, err := GetUserRepoPermission(repo, user)
  413. 		if err != nil {
  414. 			return nil, fmt.Errorf("GetUserRepoPermission [user_id: %d, repo_id: %d]: %v", userID, repo.ID, err)
  415. 		}
  416. 

  417. 		if !perm.CanWrite(UnitTypeCode) {
  418. 			continue // Drop invalid user ID

  419. 		}
  420. 

  421. 		whitelist = append(whitelist, userID)
  422. 	}
  423. 

  424. 	return
  425. }
  426. 

  427. // updateTeamWhitelist checks whether the team whitelist changed and returns a whitelist with

  428. // the teams from newWhitelist which have write access to the repo.

  429. func updateTeamWhitelist(repo *Repository, currentWhitelist, newWhitelist []int64) (whitelist []int64, err error) {
  430. 	hasTeamsChanged := !util.IsSliceInt64Eq(currentWhitelist, newWhitelist)
  431. 	if !hasTeamsChanged {
  432. 		return currentWhitelist, nil
  433. 	}
  434. 

  435. 	teams, err := GetTeamsWithAccessToRepo(repo.OwnerID, repo.ID, AccessModeRead)
  436. 	if err != nil {
  437. 		return nil, fmt.Errorf("GetTeamsWithAccessToRepo [org_id: %d, repo_id: %d]: %v", repo.OwnerID, repo.ID, err)
  438. 	}
  439. 

  440. 	whitelist = make([]int64, 0, len(teams))
  441. 	for i := range teams {
  442. 		if com.IsSliceContainsInt64(newWhitelist, teams[i].ID) {
  443. 			whitelist = append(whitelist, teams[i].ID)
  444. 		}
  445. 	}
  446. 

  447. 	return
  448. }
  449. 

  450. // DeleteProtectedBranch removes ProtectedBranch relation between the user and repository.

  451. func (repo *Repository) DeleteProtectedBranch(id int64) (err error) {
  452. 	protectedBranch := &ProtectedBranch{
  453. 		RepoID: repo.ID,
  454. 		ID:     id,
  455. 	}
  456. 

  457. 	sess := x.NewSession()
  458. 	defer sess.Close()
  459. 	if err = sess.Begin(); err != nil {
  460. 		return err
  461. 	}
  462. 

  463. 	if affected, err := sess.Delete(protectedBranch); err != nil {
  464. 		return err
  465. 	} else if affected != 1 {
  466. 		return fmt.Errorf("delete protected branch ID(%v) failed", id)
  467. 	}
  468. 

  469. 	return sess.Commit()
  470. }
  471. 

  472. // DeletedBranch struct

  473. type DeletedBranch struct {
  474. 	ID          int64              `xorm:"pk autoincr"`
  475. 	RepoID      int64              `xorm:"UNIQUE(s) INDEX NOT NULL"`
  476. 	Name        string             `xorm:"UNIQUE(s) NOT NULL"`
  477. 	Commit      string             `xorm:"UNIQUE(s) NOT NULL"`
  478. 	DeletedByID int64              `xorm:"INDEX"`
  479. 	DeletedBy   *User              `xorm:"-"`
  480. 	DeletedUnix timeutil.TimeStamp `xorm:"INDEX created"`
  481. }
  482. 

  483. // AddDeletedBranch adds a deleted branch to the database

  484. func (repo *Repository) AddDeletedBranch(branchName, commit string, deletedByID int64) error {
  485. 	deletedBranch := &DeletedBranch{
  486. 		RepoID:      repo.ID,
  487. 		Name:        branchName,
  488. 		Commit:      commit,
  489. 		DeletedByID: deletedByID,
  490. 	}
  491. 

  492. 	sess := x.NewSession()
  493. 	defer sess.Close()
  494. 	if err := sess.Begin(); err != nil {
  495. 		return err
  496. 	}
  497. 

  498. 	if _, err := sess.InsertOne(deletedBranch); err != nil {
  499. 		return err
  500. 	}
  501. 

  502. 	return sess.Commit()
  503. }
  504. 

  505. // GetDeletedBranches returns all the deleted branches

  506. func (repo *Repository) GetDeletedBranches() ([]*DeletedBranch, error) {
  507. 	deletedBranches := make([]*DeletedBranch, 0)
  508. 	return deletedBranches, x.Where("repo_id = ?", repo.ID).Desc("deleted_unix").Find(&deletedBranches)
  509. }
  510. 

  511. // GetDeletedBranchByID get a deleted branch by its ID

  512. func (repo *Repository) GetDeletedBranchByID(ID int64) (*DeletedBranch, error) {
  513. 	deletedBranch := &DeletedBranch{ID: ID}
  514. 	has, err := x.Get(deletedBranch)
  515. 	if err != nil {
  516. 		return nil, err
  517. 	}
  518. 	if !has {
  519. 		return nil, nil
  520. 	}
  521. 	return deletedBranch, nil
  522. }
  523. 

  524. // RemoveDeletedBranch removes a deleted branch from the database

  525. func (repo *Repository) RemoveDeletedBranch(id int64) (err error) {
  526. 	deletedBranch := &DeletedBranch{
  527. 		RepoID: repo.ID,
  528. 		ID:     id,
  529. 	}
  530. 

  531. 	sess := x.NewSession()
  532. 	defer sess.Close()
  533. 	if err = sess.Begin(); err != nil {
  534. 		return err
  535. 	}
  536. 

  537. 	if affected, err := sess.Delete(deletedBranch); err != nil {
  538. 		return err
  539. 	} else if affected != 1 {
  540. 		return fmt.Errorf("remove deleted branch ID(%v) failed", id)
  541. 	}
  542. 

  543. 	return sess.Commit()
  544. }
  545. 

  546. // LoadUser loads the user that deleted the branch

  547. // When there's no user found it returns a NewGhostUser

  548. func (deletedBranch *DeletedBranch) LoadUser() {
  549. 	user, err := GetUserByID(deletedBranch.DeletedByID)
  550. 	if err != nil {
  551. 		user = NewGhostUser()
  552. 	}
  553. 	deletedBranch.DeletedBy = user
  554. }
  555. 

  556. // RemoveDeletedBranch removes all deleted branches

  557. func RemoveDeletedBranch(repoID int64, branch string) error {
  558. 	_, err := x.Where("repo_id=? AND name=?", repoID, branch).Delete(new(DeletedBranch))
  559. 	return err
  560. }
  561. 

  562. // RemoveOldDeletedBranches removes old deleted branches

  563. func RemoveOldDeletedBranches(ctx context.Context, olderThan time.Duration) {
  564. 	// Nothing to do for shutdown or terminate

  565. 	log.Trace("Doing: DeletedBranchesCleanup")
  566. 

  567. 	deleteBefore := time.Now().Add(-olderThan)
  568. 	_, err := x.Where("deleted_unix < ?", deleteBefore.Unix()).Delete(new(DeletedBranch))
  569. 	if err != nil {
  570. 		log.Error("DeletedBranchesCleanup: %v", err)
  571. 	}
  572. }