You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

217 lines
5.5 KiB

  1. // Copyright 2017 The Gitea Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package cmd
  5. import (
  6. "bufio"
  7. "bytes"
  8. "fmt"
  9. "os"
  10. "path/filepath"
  11. "strconv"
  12. "strings"
  13. "code.gitea.io/git"
  14. "code.gitea.io/gitea/models"
  15. "code.gitea.io/gitea/modules/log"
  16. "code.gitea.io/gitea/modules/private"
  17. "code.gitea.io/gitea/modules/setting"
  18. "github.com/urfave/cli"
  19. )
  20. var (
  21. // CmdHook represents the available hooks sub-command.
  22. CmdHook = cli.Command{
  23. Name: "hook",
  24. Usage: "Delegate commands to corresponding Git hooks",
  25. Description: "This should only be called by Git",
  26. Flags: []cli.Flag{
  27. cli.StringFlag{
  28. Name: "config, c",
  29. Value: "custom/conf/app.ini",
  30. Usage: "Custom configuration file path",
  31. },
  32. },
  33. Subcommands: []cli.Command{
  34. subcmdHookPreReceive,
  35. subcmdHookUpadte,
  36. subcmdHookPostReceive,
  37. },
  38. }
  39. subcmdHookPreReceive = cli.Command{
  40. Name: "pre-receive",
  41. Usage: "Delegate pre-receive Git hook",
  42. Description: "This command should only be called by Git",
  43. Action: runHookPreReceive,
  44. }
  45. subcmdHookUpadte = cli.Command{
  46. Name: "update",
  47. Usage: "Delegate update Git hook",
  48. Description: "This command should only be called by Git",
  49. Action: runHookUpdate,
  50. }
  51. subcmdHookPostReceive = cli.Command{
  52. Name: "post-receive",
  53. Usage: "Delegate post-receive Git hook",
  54. Description: "This command should only be called by Git",
  55. Action: runHookPostReceive,
  56. }
  57. )
  58. func hookSetup(logPath string) {
  59. setting.NewContext()
  60. log.NewGitLogger(filepath.Join(setting.LogRootPath, logPath))
  61. models.LoadConfigs()
  62. }
  63. func runHookPreReceive(c *cli.Context) error {
  64. if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
  65. return nil
  66. }
  67. if c.IsSet("config") {
  68. setting.CustomConf = c.String("config")
  69. } else if c.GlobalIsSet("config") {
  70. setting.CustomConf = c.GlobalString("config")
  71. }
  72. hookSetup("hooks/pre-receive.log")
  73. // the environment setted on serv command
  74. repoID, _ := strconv.ParseInt(os.Getenv(models.ProtectedBranchRepoID), 10, 64)
  75. isWiki := (os.Getenv(models.EnvRepoIsWiki) == "true")
  76. username := os.Getenv(models.EnvRepoUsername)
  77. reponame := os.Getenv(models.EnvRepoName)
  78. userIDStr := os.Getenv(models.EnvPusherID)
  79. repoPath := models.RepoPath(username, reponame)
  80. buf := bytes.NewBuffer(nil)
  81. scanner := bufio.NewScanner(os.Stdin)
  82. for scanner.Scan() {
  83. buf.Write(scanner.Bytes())
  84. buf.WriteByte('\n')
  85. // TODO: support news feeds for wiki
  86. if isWiki {
  87. continue
  88. }
  89. fields := bytes.Fields(scanner.Bytes())
  90. if len(fields) != 3 {
  91. continue
  92. }
  93. oldCommitID := string(fields[0])
  94. newCommitID := string(fields[1])
  95. refFullName := string(fields[2])
  96. branchName := strings.TrimPrefix(refFullName, git.BranchPrefix)
  97. protectBranch, err := private.GetProtectedBranchBy(repoID, branchName)
  98. if err != nil {
  99. log.GitLogger.Fatal(2, "retrieve protected branches information failed")
  100. }
  101. if protectBranch != nil && protectBranch.IsProtected() {
  102. // detect force push
  103. if git.EmptySHA != oldCommitID {
  104. output, err := git.NewCommand("rev-list", "--max-count=1", oldCommitID, "^"+newCommitID).RunInDir(repoPath)
  105. if err != nil {
  106. fail("Internal error", "Fail to detect force push: %v", err)
  107. } else if len(output) > 0 {
  108. fail(fmt.Sprintf("branch %s is protected from force push", branchName), "")
  109. }
  110. }
  111. // check and deletion
  112. if newCommitID == git.EmptySHA {
  113. fail(fmt.Sprintf("branch %s is protected from deletion", branchName), "")
  114. } else {
  115. userID, _ := strconv.ParseInt(userIDStr, 10, 64)
  116. canPush, err := private.CanUserPush(protectBranch.ID, userID)
  117. if err != nil {
  118. fail("Internal error", "Fail to detect user can push: %v", err)
  119. } else if !canPush {
  120. fail(fmt.Sprintf("protected branch %s can not be pushed to", branchName), "")
  121. }
  122. }
  123. }
  124. }
  125. return nil
  126. }
  127. func runHookUpdate(c *cli.Context) error {
  128. if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
  129. return nil
  130. }
  131. if c.IsSet("config") {
  132. setting.CustomConf = c.String("config")
  133. } else if c.GlobalIsSet("config") {
  134. setting.CustomConf = c.GlobalString("config")
  135. }
  136. hookSetup("hooks/update.log")
  137. return nil
  138. }
  139. func runHookPostReceive(c *cli.Context) error {
  140. if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
  141. return nil
  142. }
  143. if c.IsSet("config") {
  144. setting.CustomConf = c.String("config")
  145. } else if c.GlobalIsSet("config") {
  146. setting.CustomConf = c.GlobalString("config")
  147. }
  148. hookSetup("hooks/post-receive.log")
  149. // the environment setted on serv command
  150. repoUser := os.Getenv(models.EnvRepoUsername)
  151. isWiki := (os.Getenv(models.EnvRepoIsWiki) == "true")
  152. repoName := os.Getenv(models.EnvRepoName)
  153. pusherID, _ := strconv.ParseInt(os.Getenv(models.EnvPusherID), 10, 64)
  154. pusherName := os.Getenv(models.EnvPusherName)
  155. buf := bytes.NewBuffer(nil)
  156. scanner := bufio.NewScanner(os.Stdin)
  157. for scanner.Scan() {
  158. buf.Write(scanner.Bytes())
  159. buf.WriteByte('\n')
  160. // TODO: support news feeds for wiki
  161. if isWiki {
  162. continue
  163. }
  164. fields := bytes.Fields(scanner.Bytes())
  165. if len(fields) != 3 {
  166. continue
  167. }
  168. oldCommitID := string(fields[0])
  169. newCommitID := string(fields[1])
  170. refFullName := string(fields[2])
  171. if err := private.PushUpdate(models.PushUpdateOptions{
  172. RefFullName: refFullName,
  173. OldCommitID: oldCommitID,
  174. NewCommitID: newCommitID,
  175. PusherID: pusherID,
  176. PusherName: pusherName,
  177. RepoUserName: repoUser,
  178. RepoName: repoName,
  179. }); err != nil {
  180. log.GitLogger.Error(2, "Update: %v", err)
  181. }
  182. }
  183. return nil
  184. }