diff --git a/app/services/concerns/protected_branch_params_able.rb b/app/services/concerns/protected_branch_params_able.rb new file mode 100644 index 000000000..aeb62e646 --- /dev/null +++ b/app/services/concerns/protected_branch_params_able.rb @@ -0,0 +1,248 @@ +module ProtectedBranchParamsAble + extend ActiveSupport::Concern + + private + + # { + # "approvals_whitelist_teams": [ + # "string" + # ], //批准团队(或审查团队)白名单 + # "approvals_whitelist_username": [ + # "string" + # ], // 批准用户(或审查者)白名单 + # "block_on_outdated_branch": true, // 如果拉取过时,阻止合并 + # "block_on_rejected_reviews": true, // 拒绝审核,阻止合并请求 + # "branch_name": "string", //分支名称 + # "dismiss_stale_approvals": true, // 取消过时的批准 + # "enable_approvals_whitelist": true, //是否批准仅限列入白名单的用户或者团队, 主要用户pr的审核批准计数功能 + # "enable_merge_whitelist": true, // 是否启用合并请求白名单 + # "enable_push": true, //启用、禁止推送 + # "enable_push_whitelist": true, // 是否启动推送白名单 + # "enable_status_check": true, //是否启用状态检查 + # "merge_whitelist_teams": [ + # "string" + # ], // 合并请求团队白名单 + # "merge_whitelist_usernames": [ + # "string" + # ], // 合并请求用户白名单 + # "protected_file_patterns": "string", //保护文件模式 + # "push_whitelist_deploy_keys": true, // 具有推送权限的部署密钥白名单 + # "push_whitelist_teams": [ + # "string" + # ], //推送团队白名单 + # "push_whitelist_usernames": [ + # "string" + # ], //推送用户白名单 + # "require_signed_commits": true, //是否需要签名提交 + # "required_approvals": 0, // 所需批准数 + # "status_check_contexts": [ + # "string" + # ] // 状态检查规则 + # } + + + # branch_name :string(255) default("") + # can_push :boolean default("0"), not null + # enable_whitelist :boolean default("0") + # whitelist_user_i_ds :text(65535) + # whitelist_team_i_ds :text(65535) + # enable_merge_whitelist :boolean default("0"), not null + # whitelist_deploy_keys :boolean default("0"), not null + # merge_whitelist_user_i_ds :text(65535) + # merge_whitelist_team_i_ds :text(65535) + # enable_status_check :boolean default("0"), not null + # status_check_contexts :text(65535) + # approvals_whitelist_user_i_ds :text(65535) + # approvals_whitelist_team_i_ds :text(65535) + # required_approvals :integer default("0") + # enable_approvals_whitelist :boolean default("0"), not null + # block_on_rejected_reviews :boolean default("0"), not null + # dismiss_stale_approvals :boolean default("0"), not null + # require_signed_commits :boolean default("0"), not null + # protected_file_patterns :text(65535) + # block_on_outdated_branch :boolean default("0"), not null + def protected_branch_params + { + branch_name: params[:branch_name], + can_push: can_push_params, + enable_whitelist: enable_whitelist_params, + whitelist_user_i_ds: whitelist_user_i_ds_params, + # whitelist_team_i_ds: whitelist_team_i_ds_params, + enable_merge_whitelist: enable_merge_whitelist_params, + merge_whitelist_user_i_ds: merge_whitelist_user_i_ds_params, + # merge_whitelist_team_i_ds: merge_whitelist_team_i_ds_params, + enable_status_check: enable_status_check_params, + required_approvals: params[:required_approvals] || 0, + enable_approvals_whitelist: enable_approvals_whitelist_params, + approvals_whitelist_user_i_ds: approvals_whitelist_user_i_ds_params, + # approvals_whitelist_team_i_ds: approvals_whitelist_team_i_ds_params, + block_on_rejected_reviews: block_on_rejected_reviews_params, + dismiss_stale_approvals: dismiss_stale_approvals_params, + require_signed_commits: require_signed_commits_params, + block_on_outdated_branch: block_on_outdated_branch_params + } + end + + def enable_status_check_params + str_to_boolean(params[:enable_status_check] || false) + end + + def enable_approvals_whitelist_params + str_to_boolean(params[:enable_approvals_whitelist] || false) + end + def block_on_rejected_reviews_params + str_to_boolean(params[:block_on_rejected_reviews] || false) + end + + def dismiss_stale_approvals_params + str_to_boolean(params[:dismiss_stale_approvals] || false) + end + + def require_signed_commits_params + str_to_boolean(params[:require_signed_commits] || false) + end + + def block_on_outdated_branch_params + str_to_boolean(params[:block_on_outdated_branch] || false) + end + + def can_push_params + return false if !can_push? + return true if enable_whitelist? + str_to_boolean(params[:enable_push]) + end + + def enable_whitelist_params + return false if !can_push? + str_to_boolean(params[:enable_push_whitelist]) + end + + def whitelist_user_i_ds_params + return [] if !can_push? + user_ids(get_push_whitelist_usernames) + end + + def whitelist_team_i_ds_params + # params[:push_whitelist_usernames] + end + + def enable_merge_whitelist_params + str_to_boolean(params[:enable_merge_whitelist] || false) + end + + def merge_whitelist_user_i_ds_params + return [] if !enable_merge_whitelist? + user_ids(get_merge_whitelist_usernames) + end + + def merge_whitelist_team_i_ds_params + params[:merge_whitelist_teams] + end + + def approvals_whitelist_user_i_ds_params + return [] if !enable_approvals_whitelist? + user_ids(get_approvals_whitelist_usernames) + end + + def approvals_whitelist_team_i_ds_params + params[:approvals_whitelist_teams] + end + + def user_ids(names) + member_ids & names_by_params(names) + end + + def member_ids + @repository.project.writable_members.map(&:user_id) + end + + def names_by_params(names) + User.where(login: names.to_a).ids + end + + def get_push_whitelist_usernames + return [] if !can_push? || !enable_whitelist? + filter_empty_element Array(params[:push_whitelist_usernames]) + end + + def get_merge_whitelist_usernames + return [] if !enable_merge_whitelist? + filter_empty_element Array(params[:merge_whitelist_usernames]) + end + + def get_approvals_whitelist_usernames + return [] if !enable_approvals_whitelist? + filter_empty_element Array(params[:approvals_whitelist_usernames]) + end + + def check_users!(names) + names.each {|name| + check_user!(name) + break + } + end + + def check_user!(name) + user_exist = User.exists?(login: name) + raise Error, "user '#{name}' does not exist" if !user_exist + end + + def can_push? + str_to_boolean(params[:enable_push]) === true + end + + def enable_whitelist? + str_to_boolean(params[:enable_push_whitelist]) === true + end + + def enable_merge_whitelist? + str_to_boolean(params[:enable_merge_whitelist]) === true + end + + def enable_approvals_whitelist? + str_to_boolean(params[:enable_approvals_whitelist]) === true + end + + def filter_empty_element(array) + array.reject { |e| e.to_s.empty? } + end + + def gitea_protected_branch_saved?(protected_branch) + protected_branch[:status] === success + end + + def gitea_protected_branch_params + { + approvals_whitelist_username: get_approvals_whitelist_usernames, + branch_name: params[:branch_name], + enable_approvals_whitelist: enable_approvals_whitelist_params, + enable_merge_whitelist: enable_merge_whitelist_params, + enable_push: can_push_params, + enable_push_whitelist: enable_whitelist_params, + enable_status_check: enable_status_check_params, + # merge_whitelist_teams: [], + merge_whitelist_usernames: get_merge_whitelist_usernames, + # protected_file_patterns: string, + # push_whitelist_deploy_keys: true, + # push_whitelist_teams: [], + push_whitelist_usernames: get_push_whitelist_usernames, + block_on_rejected_reviews: block_on_rejected_reviews_params, + dismiss_stale_approvals: dismiss_stale_approvals_params, + require_signed_commits: require_signed_commits_params, + block_on_outdated_branch: block_on_outdated_branch_params + + } + end + + def validate! + protected_branch_exists = repository.protected_branches.exists?(params[:branch_name]) + raise Error, "Protected branch '#{branch_name}' already exists" if protected_branch_exists + + check_users!(get_push_whitelist_usernames) if get_push_whitelist_usernames.any? + check_users!(get_merge_whitelist_usernames) if get_merge_whitelist_usernames.any? + check_users!(get_approvals_whitelist_usernames) if get_approvals_whitelist_usernames.any? + + raise Error, '分支名称不能为空' if params[:branch_name].blank? + + end +end diff --git a/app/services/protected_branches/base_service.rb b/app/services/protected_branches/base_service.rb index bfa3a432a..f56a4e33c 100644 --- a/app/services/protected_branches/base_service.rb +++ b/app/services/protected_branches/base_service.rb @@ -1,5 +1,7 @@ module ProtectedBranches class BaseService < ApplicationService + include ProtectedBranchParamsAble + Error = Class.new(StandardError) attr_accessor :repository, :owner, :params @@ -8,261 +10,6 @@ module ProtectedBranches end # delegate :repository, to: :project - - def protected_branch_params - # { - # "approvals_whitelist_teams": [ - # "string" - # ], //批准团队(或审查团队)白名单 - # "approvals_whitelist_username": [ - # "string" - # ], // 批准用户(或审查者)白名单 - # "block_on_outdated_branch": true, // 如果拉取过时,阻止合并 - # "block_on_rejected_reviews": true, // 拒绝审核,阻止合并请求 - # "branch_name": "string", //分支名称 - # "dismiss_stale_approvals": true, // 取消过时的批准 - # "enable_approvals_whitelist": true, //是否批准仅限列入白名单的用户或者团队, 主要用户pr的审核批准计数功能 - # "enable_merge_whitelist": true, // 是否启用合并请求白名单 - # "enable_push": true, //启用、禁止推送 - # "enable_push_whitelist": true, // 是否启动推送白名单 - # "enable_status_check": true, //是否启用状态检查 - # "merge_whitelist_teams": [ - # "string" - # ], // 合并请求团队白名单 - # "merge_whitelist_usernames": [ - # "string" - # ], // 合并请求用户白名单 - # "protected_file_patterns": "string", //保护文件模式 - # "push_whitelist_deploy_keys": true, // 具有推送权限的部署密钥白名单 - # "push_whitelist_teams": [ - # "string" - # ], //推送团队白名单 - # "push_whitelist_usernames": [ - # "string" - # ], //推送用户白名单 - # "require_signed_commits": true, //是否需要签名提交 - # "required_approvals": 0, // 所需批准数 - # "status_check_contexts": [ - # "string" - # ] // 状态检查规则 - # } - - - # branch_name :string(255) default("") - # can_push :boolean default("0"), not null - # enable_whitelist :boolean default("0") - # whitelist_user_i_ds :text(65535) - # whitelist_team_i_ds :text(65535) - # enable_merge_whitelist :boolean default("0"), not null - # whitelist_deploy_keys :boolean default("0"), not null - # merge_whitelist_user_i_ds :text(65535) - # merge_whitelist_team_i_ds :text(65535) - # enable_status_check :boolean default("0"), not null - # status_check_contexts :text(65535) - # approvals_whitelist_user_i_ds :text(65535) - # approvals_whitelist_team_i_ds :text(65535) - # required_approvals :integer default("0") - # enable_approvals_whitelist :boolean default("0"), not null - # block_on_rejected_reviews :boolean default("0"), not null - # dismiss_stale_approvals :boolean default("0"), not null - # require_signed_commits :boolean default("0"), not null - # protected_file_patterns :text(65535) - # block_on_outdated_branch :boolean default("0"), not null - - { - branch_name: params[:branch_name], - can_push: can_push_params, - enable_whitelist: enable_whitelist_params, - whitelist_user_i_ds: whitelist_user_i_ds_params, - # whitelist_team_i_ds: whitelist_team_i_ds_params, - enable_merge_whitelist: enable_merge_whitelist_params, - merge_whitelist_user_i_ds: merge_whitelist_user_i_ds_params, - # merge_whitelist_team_i_ds: merge_whitelist_team_i_ds_params, - enable_status_check: enable_status_check_params, - required_approvals: params[:required_approvals] || 0, - enable_approvals_whitelist: enable_approvals_whitelist_params, - approvals_whitelist_user_i_ds: approvals_whitelist_user_i_ds_params, - # approvals_whitelist_team_i_ds: approvals_whitelist_team_i_ds_params, - block_on_rejected_reviews: block_on_rejected_reviews_params, - dismiss_stale_approvals: dismiss_stale_approvals_params, - require_signed_commits: require_signed_commits_params, - block_on_outdated_branch: block_on_outdated_branch_params - } - end - - def enable_status_check_params - str_to_boolean(params[:enable_status_check] || false) - end - - def enable_approvals_whitelist_params - str_to_boolean(params[:enable_approvals_whitelist] || false) - end - def block_on_rejected_reviews_params - str_to_boolean(params[:block_on_rejected_reviews] || false) - end - - def dismiss_stale_approvals_params - str_to_boolean(params[:dismiss_stale_approvals] || false) - end - - def require_signed_commits_params - str_to_boolean(params[:require_signed_commits] || false) - end - - def block_on_outdated_branch_params - str_to_boolean(params[:block_on_outdated_branch] || false) - end - - def can_push_params - return false if !can_push? - return true if enable_whitelist? - str_to_boolean(params[:enable_push]) - end - - def enable_whitelist_params - return false if !can_push? - str_to_boolean(params[:enable_push_whitelist]) - end - - def whitelist_user_i_ds_params - return [] if !can_push? - user_ids(get_push_whitelist_usernames) - end - - def whitelist_team_i_ds_params - # params[:push_whitelist_usernames] - end - - def enable_merge_whitelist_params - str_to_boolean(params[:enable_merge_whitelist] || false) - end - - def merge_whitelist_user_i_ds_params - returtn [] if !enable_merge_whitelist? - user_ids(get_merge_whitelist_usernames) - end - - def merge_whitelist_team_i_ds_params - params[:merge_whitelist_teams] - end - - def approvals_whitelist_user_i_ds_params - return [] if !enable_approvals_whitelist? - user_ids(get_approvals_whitelist_usernames) - end - - def approvals_whitelist_team_i_ds_params - params[:approvals_whitelist_teams] - end - - def user_ids(names) - member_ids & names_by_params(names) - end - - def member_ids - @repository.project.writable_members.map(&:user_id) - end - - def names_by_params(names) - User.where(login: names.to_a).ids - end - - def get_push_whitelist_usernames - return [] if !can_push? || !enable_whitelist? - filter_empty_element Array(params[:push_whitelist_usernames]) - end - - def get_merge_whitelist_usernames - return [] if !enable_merge_whitelist? - filter_empty_element Array(params[:merge_whitelist_usernames]) - end - - def get_approvals_whitelist_usernames - return [] if !enable_approvals_whitelist? - filter_empty_element Array(params[:approvals_whitelist_usernames]) - end - - def check_users!(names) - names.each {|name| - check_user!(name) - break - } - end - - def check_user!(name) - user_exist = User.exists?(login: name) - raise Error, "user '#{name}' does not exist" if !user_exist - end - - def can_push? - str_to_boolean(params[:enable_push]) === true - end - - def enable_whitelist? - str_to_boolean(params[:enable_push_whitelist]) === true - end - - def enable_merge_whitelist? - str_to_boolean(params[:enable_merge_whitelist]) === true - end - - def enable_approvals_whitelist? - str_to_boolean(params[:enable_approvals_whitelist]) === true - end - - def filter_empty_element(array) - array.reject { |e| e.to_s.empty? } - end - - def save_gitea_protected_branch! - @gitea_protected_branch ||= Gitea::Repository::ProtectedBranches::CreateService.call(@owner.login, - @repository.identifier,gitea_protected_branch_params, @owner.gitea_token) - - raise Error, @gitea_protected_branch[:message] if @gitea_protected_branch[:status] != :success - end - - def gitea_protected_branch_saved? - @gitea_protected_branch[:status] === success - end - - def gitea_protected_branch - @gitea_protected_branch[:body] - end - - def gitea_protected_branch_params - { - approvals_whitelist_username: get_approvals_whitelist_usernames, - branch_name: params[:branch_name], - enable_approvals_whitelist: enable_approvals_whitelist_params, - enable_merge_whitelist: enable_merge_whitelist_params, - enable_push: can_push_params, - enable_push_whitelist: enable_whitelist_params, - enable_status_check: enable_status_check_params, - # merge_whitelist_teams: [], - merge_whitelist_usernames: get_merge_whitelist_usernames, - # protected_file_patterns: string, - # push_whitelist_deploy_keys: true, - # push_whitelist_teams: [], - push_whitelist_usernames: get_push_whitelist_usernames, - block_on_rejected_reviews: block_on_rejected_reviews_params, - dismiss_stale_approvals: dismiss_stale_approvals_params, - require_signed_commits: require_signed_commits_params, - block_on_outdated_branch: block_on_outdated_branch_params - - } - end - - def validate! - protected_branch_exists = repository.protected_branches.exists?(params[:branch_name]) - raise Error, "Protected branch '#{branch_name}' already exists" if protected_branch_exists - - check_users!(get_push_whitelist_usernames) if get_push_whitelist_usernames.any? - check_users!(get_merge_whitelist_usernames) if get_merge_whitelist_usernames.any? - check_users!(get_approvals_whitelist_usernames) if get_approvals_whitelist_usernames.any? - - raise Error, '分支名称不能为空' if params[:branch_name].blank? - - end end def error(errors, award: nil, status: nil) diff --git a/app/services/protected_branches/create_service.rb b/app/services/protected_branches/create_service.rb index 02112a188..3b3eca9a9 100644 --- a/app/services/protected_branches/create_service.rb +++ b/app/services/protected_branches/create_service.rb @@ -19,5 +19,13 @@ module ProtectedBranches def save_protected_branch! protected_branch.save end + + def save_gitea_protected_branch! + @gitea_protected_branch ||= Gitea::Repository::ProtectedBranches::CreateService.call(@owner.login, + @repository.identifier, gitea_protected_branch_params, @owner.gitea_token) + + raise Error, @gitea_protected_branch[:message] unless gitea_protected_branch_saved?(@gitea_protected_branch) + end + end end