diff options
author | 6543 | 2022-06-16 22:09:41 +0200 |
---|---|---|
committer | GitHub | 2022-06-16 22:09:41 +0200 |
commit | 7e1784fd3f3535c9535494ea78a8803a01692f09 (patch) | |
tree | 8a4194d7fbcd43bd3baaa6b54f0f45a5838b3ffb | |
parent | 7a214dd212c7835e424b9113bdcb33d984f0500b (diff) | |
parent | e3e06d13afdd882ca5934fde77217ff9554354c4 (diff) |
Merge branch 'main' into feature-activitypub
-rw-r--r-- | routers/api/v1/repo/release.go | 6 | ||||
-rw-r--r-- | routers/api/v1/repo/release_tags.go | 7 | ||||
-rw-r--r-- | routers/api/v1/repo/tag.go | 14 | ||||
-rw-r--r-- | routers/web/repo/branch.go | 6 | ||||
-rw-r--r-- | routers/web/repo/release.go | 6 | ||||
-rw-r--r-- | services/release/release.go | 14 | ||||
-rw-r--r-- | templates/swagger/v1_json.tmpl | 12 |
7 files changed, 64 insertions, 1 deletions
diff --git a/routers/api/v1/repo/release.go b/routers/api/v1/repo/release.go index e454b418b..8dfe7e06d 100644 --- a/routers/api/v1/repo/release.go +++ b/routers/api/v1/repo/release.go @@ -345,6 +345,8 @@ func DeleteRelease(ctx *context.APIContext) { // "$ref": "#/responses/empty" // "404": // "$ref": "#/responses/notFound" + // "405": + // "$ref": "#/responses/empty" id := ctx.ParamsInt64(":id") rel, err := models.GetReleaseByID(ctx, id) @@ -358,6 +360,10 @@ func DeleteRelease(ctx *context.APIContext) { return } if err := release_service.DeleteReleaseByID(ctx, id, ctx.Doer, false); err != nil { + if models.IsErrProtectedTagName(err) { + ctx.Error(http.StatusMethodNotAllowed, "delTag", "user not allowed to delete protected tag") + return + } ctx.Error(http.StatusInternalServerError, "DeleteReleaseByID", err) return } diff --git a/routers/api/v1/repo/release_tags.go b/routers/api/v1/repo/release_tags.go index a737bcf1c..73dee73e1 100644 --- a/routers/api/v1/repo/release_tags.go +++ b/routers/api/v1/repo/release_tags.go @@ -92,6 +92,8 @@ func DeleteReleaseByTag(ctx *context.APIContext) { // "$ref": "#/responses/empty" // "404": // "$ref": "#/responses/notFound" + // "405": + // "$ref": "#/responses/empty" tag := ctx.Params(":tag") @@ -111,7 +113,12 @@ func DeleteReleaseByTag(ctx *context.APIContext) { } if err = releaseservice.DeleteReleaseByID(ctx, release.ID, ctx.Doer, false); err != nil { + if models.IsErrProtectedTagName(err) { + ctx.Error(http.StatusMethodNotAllowed, "delTag", "user not allowed to delete protected tag") + return + } ctx.Error(http.StatusInternalServerError, "DeleteReleaseByID", err) + return } ctx.Status(http.StatusNoContent) diff --git a/routers/api/v1/repo/tag.go b/routers/api/v1/repo/tag.go index 894291275..433d823c7 100644 --- a/routers/api/v1/repo/tag.go +++ b/routers/api/v1/repo/tag.go @@ -176,6 +176,8 @@ func CreateTag(ctx *context.APIContext) { // "$ref": "#/responses/Tag" // "404": // "$ref": "#/responses/notFound" + // "405": + // "$ref": "#/responses/empty" // "409": // "$ref": "#/responses/conflict" form := web.GetForm(ctx).(*api.CreateTagOption) @@ -196,6 +198,11 @@ func CreateTag(ctx *context.APIContext) { ctx.Error(http.StatusConflict, "tag exist", err) return } + if models.IsErrProtectedTagName(err) { + ctx.Error(http.StatusMethodNotAllowed, "CreateNewTag", "user not allowed to create protected tag") + return + } + ctx.InternalServerError(err) return } @@ -236,6 +243,8 @@ func DeleteTag(ctx *context.APIContext) { // "$ref": "#/responses/empty" // "404": // "$ref": "#/responses/notFound" + // "405": + // "$ref": "#/responses/empty" // "409": // "$ref": "#/responses/conflict" tagName := ctx.Params("*") @@ -256,7 +265,12 @@ func DeleteTag(ctx *context.APIContext) { } if err = releaseservice.DeleteReleaseByID(ctx, tag.ID, ctx.Doer, true); err != nil { + if models.IsErrProtectedTagName(err) { + ctx.Error(http.StatusMethodNotAllowed, "delTag", "user not allowed to delete protected tag") + return + } ctx.Error(http.StatusInternalServerError, "DeleteReleaseByID", err) + return } ctx.Status(http.StatusNoContent) diff --git a/routers/web/repo/branch.go b/routers/web/repo/branch.go index 4bd2af4e8..84970a96a 100644 --- a/routers/web/repo/branch.go +++ b/routers/web/repo/branch.go @@ -373,6 +373,12 @@ func CreateBranch(ctx *context.Context) { err = repo_service.CreateNewBranchFromCommit(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.CommitID, form.NewBranchName) } if err != nil { + if models.IsErrProtectedTagName(err) { + ctx.Flash.Error(ctx.Tr("repo.release.tag_name_protected")) + ctx.Redirect(ctx.Repo.RepoLink + "/src/" + ctx.Repo.BranchNameSubURL()) + return + } + if models.IsErrTagAlreadyExists(err) { e := err.(models.ErrTagAlreadyExists) ctx.Flash.Error(ctx.Tr("repo.branch.tag_collision", e.TagName)) diff --git a/routers/web/repo/release.go b/routers/web/repo/release.go index fba3ef7a0..666294631 100644 --- a/routers/web/repo/release.go +++ b/routers/web/repo/release.go @@ -519,7 +519,11 @@ func DeleteTag(ctx *context.Context) { func deleteReleaseOrTag(ctx *context.Context, isDelTag bool) { if err := releaseservice.DeleteReleaseByID(ctx, ctx.FormInt64("id"), ctx.Doer, isDelTag); err != nil { - ctx.Flash.Error("DeleteReleaseByID: " + err.Error()) + if models.IsErrProtectedTagName(err) { + ctx.Flash.Error(ctx.Tr("repo.release.tag_name_protected")) + } else { + ctx.Flash.Error("DeleteReleaseByID: " + err.Error()) + } } else { if isDelTag { ctx.Flash.Success(ctx.Tr("repo.release.deletion_tag_success")) diff --git a/services/release/release.go b/services/release/release.go index a3d7d4720..6fa966de1 100644 --- a/services/release/release.go +++ b/services/release/release.go @@ -294,6 +294,20 @@ func DeleteReleaseByID(ctx context.Context, id int64, doer *user_model.User, del } if delTag { + protectedTags, err := git_model.GetProtectedTags(rel.RepoID) + if err != nil { + return fmt.Errorf("GetProtectedTags: %v", err) + } + isAllowed, err := git_model.IsUserAllowedToControlTag(protectedTags, rel.TagName, rel.PublisherID) + if err != nil { + return err + } + if !isAllowed { + return models.ErrProtectedTagName{ + TagName: rel.TagName, + } + } + if stdout, _, err := git.NewCommand(ctx, "tag", "-d", rel.TagName). SetDescription(fmt.Sprintf("DeleteReleaseByID (git tag -d): %d", rel.ID)). RunStdString(&git.RunOpts{Dir: repo.RepoPath()}); err != nil && !strings.Contains(err.Error(), "not found") { diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl index 2daf85586..f3f9a3367 100644 --- a/templates/swagger/v1_json.tmpl +++ b/templates/swagger/v1_json.tmpl @@ -9012,6 +9012,9 @@ }, "404": { "$ref": "#/responses/notFound" + }, + "405": { + "$ref": "#/responses/empty" } } } @@ -9095,6 +9098,9 @@ }, "404": { "$ref": "#/responses/notFound" + }, + "405": { + "$ref": "#/responses/empty" } } }, @@ -9863,6 +9869,9 @@ "404": { "$ref": "#/responses/notFound" }, + "405": { + "$ref": "#/responses/empty" + }, "409": { "$ref": "#/responses/conflict" } @@ -9950,6 +9959,9 @@ "404": { "$ref": "#/responses/notFound" }, + "405": { + "$ref": "#/responses/empty" + }, "409": { "$ref": "#/responses/conflict" } |