closed-social
/
gitea
3
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9321 Commits
2 Branches
178 MiB
Tree: a88f3663eb
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a88f3663eb'
${ noResults }
gitea/models/pull_sign.go

130 lines
3.4 KiB
Raw Normal View History

Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Display pull request head branch even the branch deleted or repository deleted (#10413) * Display pull request head branch even the branch deleted or repository deleted * Merge getHeadRepo/loadHeadRepo and getBaseRepo/loadBaseRepo on pull and fill repo when pr.Issue.Repo is available * retrieve sha from pull head when pull request branch deleted and fix tests * Fix test * Ensure MustHeadRepoName returns empty string if no head repo Co-authored-by: zeripath <art27@cantab.net>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
API add/generalize pagination (#9452) * paginate results * fixed deadlock * prevented breaking change * updated swagger * go fmt * fixed find topic * go mod tidy * go mod vendor with go1.13.5 * fixed repo find topics * fixed unit test * added Limit method to Engine struct; use engine variable when provided; fixed gitignore * use ItemsPerPage for default pagesize; fix GetWatchers, getOrgUsersByOrgID and GetStargazers; fix GetAllCommits headers; reverted some changed behaviors * set Page value on Home route * improved memory allocations * fixed response headers * removed logfiles * fixed import order * import order * improved swagger * added function to get models.ListOptions from context * removed pagesize diff on unit test * fixed imports * removed unnecessary struct field * fixed go fmt * scoped PR * code improvements * code improvements * go mod tidy * fixed import order * fixed commit statuses session * fixed files headers * fixed headers; added pagination for notifications * go mod tidy * go fmt * removed Private from user search options; added setting.UI.IssuePagingNum as default valeu on repo's issues list * Apply suggestions from code review Co-Authored-By: 6543 <6543@obermui.de> Co-Authored-By: zeripath <art27@cantab.net> * fixed build error * CI.restart() * fixed merge conflicts resolve * fixed conflicts resolve * improved FindTrackedTimesOptions.ToOptions() method * added backwards compatibility on ListReleases request; fixed issue tracked time ToSession * fixed build error; fixed swagger template * fixed swagger template * fixed ListReleases backwards compatibility * added page to user search route Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign: Handle ErrTwoFactorNotEnrolled correctly (#10008)
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
Add require signed commit for protected branch (#9708) * Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
4 years ago
Sign protected branches (#8993) * Move SignMerge to PullRequest * Add approved signing mode * As per @guillep2k comment
4 years ago
 
  1. // Copyright 2019 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package models
  6. 

  7. import (
  8. 	"code.gitea.io/gitea/modules/git"
  9. 	"code.gitea.io/gitea/modules/log"
  10. 	"code.gitea.io/gitea/modules/setting"
  11. )
  12. 

  13. // SignMerge determines if we should sign a PR merge commit to the base repository

  14. func (pr *PullRequest) SignMerge(u *User, tmpBasePath, baseCommit, headCommit string) (bool, string, error) {
  15. 	if err := pr.LoadBaseRepo(); err != nil {
  16. 		log.Error("Unable to get Base Repo for pull request")
  17. 		return false, "", err
  18. 	}
  19. 	repo := pr.BaseRepo
  20. 

  21. 	signingKey := signingKey(repo.RepoPath())
  22. 	if signingKey == "" {
  23. 		return false, "", &ErrWontSign{noKey}
  24. 	}
  25. 	rules := signingModeFromStrings(setting.Repository.Signing.Merges)
  26. 

  27. 	var gitRepo *git.Repository
  28. 	var err error
  29. 

  30. 	for _, rule := range rules {
  31. 		switch rule {
  32. 		case never:
  33. 			return false, "", &ErrWontSign{never}
  34. 		case always:
  35. 			break
  36. 		case pubkey:
  37. 			keys, err := ListGPGKeys(u.ID, ListOptions{})
  38. 			if err != nil {
  39. 				return false, "", err
  40. 			}
  41. 			if len(keys) == 0 {
  42. 				return false, "", &ErrWontSign{pubkey}
  43. 			}
  44. 		case twofa:
  45. 			twofaModel, err := GetTwoFactorByUID(u.ID)
  46. 			if err != nil && !IsErrTwoFactorNotEnrolled(err) {
  47. 				return false, "", err
  48. 			}
  49. 			if twofaModel == nil {
  50. 				return false, "", &ErrWontSign{twofa}
  51. 			}
  52. 		case approved:
  53. 			protectedBranch, err := GetProtectedBranchBy(repo.ID, pr.BaseBranch)
  54. 			if err != nil {
  55. 				return false, "", err
  56. 			}
  57. 			if protectedBranch == nil {
  58. 				return false, "", &ErrWontSign{approved}
  59. 			}
  60. 			if protectedBranch.GetGrantedApprovalsCount(pr) < 1 {
  61. 				return false, "", &ErrWontSign{approved}
  62. 			}
  63. 		case baseSigned:
  64. 			if gitRepo == nil {
  65. 				gitRepo, err = git.OpenRepository(tmpBasePath)
  66. 				if err != nil {
  67. 					return false, "", err
  68. 				}
  69. 				defer gitRepo.Close()
  70. 			}
  71. 			commit, err := gitRepo.GetCommit(baseCommit)
  72. 			if err != nil {
  73. 				return false, "", err
  74. 			}
  75. 			verification := ParseCommitWithSignature(commit)
  76. 			if !verification.Verified {
  77. 				return false, "", &ErrWontSign{baseSigned}
  78. 			}
  79. 		case headSigned:
  80. 			if gitRepo == nil {
  81. 				gitRepo, err = git.OpenRepository(tmpBasePath)
  82. 				if err != nil {
  83. 					return false, "", err
  84. 				}
  85. 				defer gitRepo.Close()
  86. 			}
  87. 			commit, err := gitRepo.GetCommit(headCommit)
  88. 			if err != nil {
  89. 				return false, "", err
  90. 			}
  91. 			verification := ParseCommitWithSignature(commit)
  92. 			if !verification.Verified {
  93. 				return false, "", &ErrWontSign{headSigned}
  94. 			}
  95. 		case commitsSigned:
  96. 			if gitRepo == nil {
  97. 				gitRepo, err = git.OpenRepository(tmpBasePath)
  98. 				if err != nil {
  99. 					return false, "", err
  100. 				}
  101. 				defer gitRepo.Close()
  102. 			}
  103. 			commit, err := gitRepo.GetCommit(headCommit)
  104. 			if err != nil {
  105. 				return false, "", err
  106. 			}
  107. 			verification := ParseCommitWithSignature(commit)
  108. 			if !verification.Verified {
  109. 				return false, "", &ErrWontSign{commitsSigned}
  110. 			}
  111. 			// need to work out merge-base

  112. 			mergeBaseCommit, _, err := gitRepo.GetMergeBase("", baseCommit, headCommit)
  113. 			if err != nil {
  114. 				return false, "", err
  115. 			}
  116. 			commitList, err := commit.CommitsBeforeUntil(mergeBaseCommit)
  117. 			if err != nil {
  118. 				return false, "", err
  119. 			}
  120. 			for e := commitList.Front(); e != nil; e = e.Next() {
  121. 				commit = e.Value.(*git.Commit)
  122. 				verification := ParseCommitWithSignature(commit)
  123. 				if !verification.Verified {
  124. 					return false, "", &ErrWontSign{commitsSigned}
  125. 				}
  126. 			}
  127. 		}
  128. 	}
  129. 	return true, signingKey, nil
  130. }