block modifications of pullreq refs (#739)

2023-10-30 10:55:32 +00:00 · 2023-10-30 10:55:32 +00:00 · bd31faee07
parent 96aebcef92
commit bd31faee07
3 changed files with 21 additions and 0 deletions
--- a/app/api/controller/githook/post_receive.go
+++ b/app/api/controller/githook/post_receive.go
@ -34,6 +34,9 @@ const (

 	// gitReferenceNamePrefixTag is the prefix of references of type tag.
 	gitReferenceNamePrefixTag = "refs/tags/"
+
+	// gitReferenceNamePrefixTag is the prefix of pull req references.
+	gitReferenceNamePullReq = "refs/pullreq/"
 )

 // PostReceive executes the post-receive hook for a git repository.
--- a/app/api/controller/githook/pre_receive.go
+++ b/app/api/controller/githook/pre_receive.go
@ -62,6 +62,11 @@ func (c *Controller) PreReceive(
 		return output, nil
 	}

+	if c.blockPullReqRefUpdate(refUpdates) {
+		output.Error = ptr.String(usererror.ErrPullReqRefsCantBeModified.Error())
+		return output, nil
+	}
+
 	// TODO: Remove the dummy session and use the real session, once that has been done and the session has a value.
 	dummySession := &auth.Session{
 		Principal: types.Principal{ID: principalID, Admin: false}, // TODO: In the dummySession "Admin" is always false
@ -76,6 +81,16 @@ func (c *Controller) PreReceive(
 	return output, nil
 }

+func (c *Controller) blockPullReqRefUpdate(refUpdates changedRefs) bool {
+	fn := func(ref string) bool {
+		return strings.HasPrefix(ref, gitReferenceNamePullReq)
+	}
+
+	return slices.ContainsFunc(refUpdates.other.created, fn) ||
+		slices.ContainsFunc(refUpdates.other.deleted, fn) ||
+		slices.ContainsFunc(refUpdates.other.updated, fn)
+}
+
 func (c *Controller) checkProtectionRules(
 	ctx context.Context,
 	session *auth.Session,
--- a/app/api/usererror/usererror.go
+++ b/app/api/usererror/usererror.go
@ -67,6 +67,9 @@ var (
 	// ErrDefaultBranchCantBeDeleted is returned if the user tries to delete the default branch of a repository.
 	ErrDefaultBranchCantBeDeleted = New(http.StatusBadRequest, "The default branch of a repository can't be deleted")

+	// ErrPullReqRefsCantBeModified is returned if a user tries to tinker with a pull request git ref.
+	ErrPullReqRefsCantBeModified = New(http.StatusBadRequest, "The pull request git refs can't be modified")
+
 	// ErrRequestTooLarge is returned if the request it too large.
 	ErrRequestTooLarge = New(http.StatusRequestEntityTooLarge, "The request is too large")