Merge pull request 'fix: make branch protection work for new branches' (#5688) from gusted/forgejo-branch-protection-new-branch into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5688 Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
This commit is contained in:
commit
b30203bc48
3 changed files with 35 additions and 0 deletions
|
@ -272,6 +272,17 @@ func CutDiffAroundLine(originalDiff io.Reader, line int64, old bool, numbersOfLi
|
||||||
|
|
||||||
// GetAffectedFiles returns the affected files between two commits
|
// GetAffectedFiles returns the affected files between two commits
|
||||||
func GetAffectedFiles(repo *Repository, oldCommitID, newCommitID string, env []string) ([]string, error) {
|
func GetAffectedFiles(repo *Repository, oldCommitID, newCommitID string, env []string) ([]string, error) {
|
||||||
|
objectFormat, err := repo.GetObjectFormat()
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
// If the oldCommitID is empty, then we must assume its a new branch, so diff
|
||||||
|
// against the empty tree. So all changes of this new branch are included.
|
||||||
|
if oldCommitID == objectFormat.EmptyObjectID().String() {
|
||||||
|
oldCommitID = objectFormat.EmptyTree().String()
|
||||||
|
}
|
||||||
|
|
||||||
stdoutReader, stdoutWriter, err := os.Pipe()
|
stdoutReader, stdoutWriter, err := os.Pipe()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Error("Unable to create os.Pipe for %s", repo.Path)
|
log.Error("Unable to create os.Pipe for %s", repo.Path)
|
||||||
|
|
|
@ -131,6 +131,8 @@ var ignoredErrorMessage = []string{
|
||||||
`:SSHLog() [E] ssh: Not allowed to push to protected branch protected. HookPreReceive(last) failed: internal API error response, status=403`,
|
`:SSHLog() [E] ssh: Not allowed to push to protected branch protected. HookPreReceive(last) failed: internal API error response, status=403`,
|
||||||
// TestGit/HTTP/BranchProtectMerge
|
// TestGit/HTTP/BranchProtectMerge
|
||||||
`:SSHLog() [E] ssh: branch protected is protected from force push. HookPreReceive(last) failed: internal API error response, status=403`,
|
`:SSHLog() [E] ssh: branch protected is protected from force push. HookPreReceive(last) failed: internal API error response, status=403`,
|
||||||
|
// TestGit/HTTP/BranchProtect
|
||||||
|
`:SSHLog() [E] ssh: branch before-create-2 is protected from changing file protected-file-data-`,
|
||||||
// TestGit/HTTP/MergeFork/CreatePRAndMerge
|
// TestGit/HTTP/MergeFork/CreatePRAndMerge
|
||||||
`:DeleteBranchPost() [E] DeleteBranch: GetBranch: branch does not exist [repo_id: 1099 name: user2:master]`, // sqlite
|
`:DeleteBranchPost() [E] DeleteBranch: GetBranch: branch does not exist [repo_id: 1099 name: user2:master]`, // sqlite
|
||||||
"s/web/repo/branch.go:108:DeleteBranchPost() [E] DeleteBranch: GetBranch: branch does not exist [repo_id: 10000 name: user2:master]", // mysql
|
"s/web/repo/branch.go:108:DeleteBranchPost() [E] DeleteBranch: GetBranch: branch does not exist [repo_id: 10000 name: user2:master]", // mysql
|
||||||
|
|
|
@ -369,6 +369,28 @@ func doBranchProtect(baseCtx *APITestContext, dstPath string) func(t *testing.T)
|
||||||
|
|
||||||
ctx := NewAPITestContext(t, baseCtx.Username, baseCtx.Reponame, auth_model.AccessTokenScopeWriteRepository)
|
ctx := NewAPITestContext(t, baseCtx.Username, baseCtx.Reponame, auth_model.AccessTokenScopeWriteRepository)
|
||||||
|
|
||||||
|
t.Run("PushToNewProtectedBranch", func(t *testing.T) {
|
||||||
|
t.Run("CreateBranchProtected", doGitCreateBranch(dstPath, "before-create-1"))
|
||||||
|
t.Run("ProtectProtectedBranch", doProtectBranch(ctx, "before-create-1", parameterProtectBranch{
|
||||||
|
"enable_push": "all",
|
||||||
|
"apply_to_admins": "on",
|
||||||
|
}))
|
||||||
|
t.Run("PushProtectedBranch", doGitPushTestRepository(dstPath, "origin", "before-create-1"))
|
||||||
|
|
||||||
|
t.Run("GenerateCommit", func(t *testing.T) {
|
||||||
|
_, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "protected-file-data-")
|
||||||
|
require.NoError(t, err)
|
||||||
|
})
|
||||||
|
|
||||||
|
t.Run("ProtectProtectedBranch", doProtectBranch(ctx, "before-create-2", parameterProtectBranch{
|
||||||
|
"enable_push": "all",
|
||||||
|
"protected_file_patterns": "protected-file-data-*",
|
||||||
|
"apply_to_admins": "on",
|
||||||
|
}))
|
||||||
|
|
||||||
|
doGitPushTestRepositoryFail(dstPath, "origin", "HEAD:before-create-2")(t)
|
||||||
|
})
|
||||||
|
|
||||||
t.Run("FailToPushToProtectedBranch", func(t *testing.T) {
|
t.Run("FailToPushToProtectedBranch", func(t *testing.T) {
|
||||||
t.Run("ProtectProtectedBranch", doProtectBranch(ctx, "protected"))
|
t.Run("ProtectProtectedBranch", doProtectBranch(ctx, "protected"))
|
||||||
t.Run("Create modified-protected-branch", doGitCheckoutBranch(dstPath, "-b", "modified-protected-branch", "protected"))
|
t.Run("Create modified-protected-branch", doGitCheckoutBranch(dstPath, "-b", "modified-protected-branch", "protected"))
|
||||||
|
|
Loading…
Reference in a new issue