aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAnthony Wang2022-06-16 16:40:43 -0500
committerAnthony Wang2022-06-16 16:40:43 -0500
commita8dea646a06bdfb1585abc156f6727f2729cd876 (patch)
treee626f76156f4ba18143568f0675c3d1fc2ebd2c3
parentdbb1d5ba23e1fede7b505d0b1ee24bd4e9d64dd4 (diff)
parent7e1784fd3f3535c9535494ea78a8803a01692f09 (diff)
Merge branch 'feature-activitypub' into feature-go-ap-inbox-outbox
-rw-r--r--routers/api/v1/repo/release.go6
-rw-r--r--routers/api/v1/repo/release_tags.go7
-rw-r--r--routers/api/v1/repo/tag.go14
-rw-r--r--routers/web/repo/branch.go6
-rw-r--r--routers/web/repo/release.go6
-rw-r--r--services/release/release.go14
-rw-r--r--templates/swagger/v1_json.tmpl12
7 files changed, 64 insertions, 1 deletions
diff --git a/routers/api/v1/repo/release.go b/routers/api/v1/repo/release.go
index e454b418b..8dfe7e06d 100644
--- a/routers/api/v1/repo/release.go
+++ b/routers/api/v1/repo/release.go
@@ -345,6 +345,8 @@ func DeleteRelease(ctx *context.APIContext) {
// "$ref": "#/responses/empty"
// "404":
// "$ref": "#/responses/notFound"
+ // "405":
+ // "$ref": "#/responses/empty"
id := ctx.ParamsInt64(":id")
rel, err := models.GetReleaseByID(ctx, id)
@@ -358,6 +360,10 @@ func DeleteRelease(ctx *context.APIContext) {
return
}
if err := release_service.DeleteReleaseByID(ctx, id, ctx.Doer, false); err != nil {
+ if models.IsErrProtectedTagName(err) {
+ ctx.Error(http.StatusMethodNotAllowed, "delTag", "user not allowed to delete protected tag")
+ return
+ }
ctx.Error(http.StatusInternalServerError, "DeleteReleaseByID", err)
return
}
diff --git a/routers/api/v1/repo/release_tags.go b/routers/api/v1/repo/release_tags.go
index a737bcf1c..73dee73e1 100644
--- a/routers/api/v1/repo/release_tags.go
+++ b/routers/api/v1/repo/release_tags.go
@@ -92,6 +92,8 @@ func DeleteReleaseByTag(ctx *context.APIContext) {
// "$ref": "#/responses/empty"
// "404":
// "$ref": "#/responses/notFound"
+ // "405":
+ // "$ref": "#/responses/empty"
tag := ctx.Params(":tag")
@@ -111,7 +113,12 @@ func DeleteReleaseByTag(ctx *context.APIContext) {
}
if err = releaseservice.DeleteReleaseByID(ctx, release.ID, ctx.Doer, false); err != nil {
+ if models.IsErrProtectedTagName(err) {
+ ctx.Error(http.StatusMethodNotAllowed, "delTag", "user not allowed to delete protected tag")
+ return
+ }
ctx.Error(http.StatusInternalServerError, "DeleteReleaseByID", err)
+ return
}
ctx.Status(http.StatusNoContent)
diff --git a/routers/api/v1/repo/tag.go b/routers/api/v1/repo/tag.go
index 894291275..433d823c7 100644
--- a/routers/api/v1/repo/tag.go
+++ b/routers/api/v1/repo/tag.go
@@ -176,6 +176,8 @@ func CreateTag(ctx *context.APIContext) {
// "$ref": "#/responses/Tag"
// "404":
// "$ref": "#/responses/notFound"
+ // "405":
+ // "$ref": "#/responses/empty"
// "409":
// "$ref": "#/responses/conflict"
form := web.GetForm(ctx).(*api.CreateTagOption)
@@ -196,6 +198,11 @@ func CreateTag(ctx *context.APIContext) {
ctx.Error(http.StatusConflict, "tag exist", err)
return
}
+ if models.IsErrProtectedTagName(err) {
+ ctx.Error(http.StatusMethodNotAllowed, "CreateNewTag", "user not allowed to create protected tag")
+ return
+ }
+
ctx.InternalServerError(err)
return
}
@@ -236,6 +243,8 @@ func DeleteTag(ctx *context.APIContext) {
// "$ref": "#/responses/empty"
// "404":
// "$ref": "#/responses/notFound"
+ // "405":
+ // "$ref": "#/responses/empty"
// "409":
// "$ref": "#/responses/conflict"
tagName := ctx.Params("*")
@@ -256,7 +265,12 @@ func DeleteTag(ctx *context.APIContext) {
}
if err = releaseservice.DeleteReleaseByID(ctx, tag.ID, ctx.Doer, true); err != nil {
+ if models.IsErrProtectedTagName(err) {
+ ctx.Error(http.StatusMethodNotAllowed, "delTag", "user not allowed to delete protected tag")
+ return
+ }
ctx.Error(http.StatusInternalServerError, "DeleteReleaseByID", err)
+ return
}
ctx.Status(http.StatusNoContent)
diff --git a/routers/web/repo/branch.go b/routers/web/repo/branch.go
index 4bd2af4e8..84970a96a 100644
--- a/routers/web/repo/branch.go
+++ b/routers/web/repo/branch.go
@@ -373,6 +373,12 @@ func CreateBranch(ctx *context.Context) {
err = repo_service.CreateNewBranchFromCommit(ctx, ctx.Doer, ctx.Repo.Repository, ctx.Repo.CommitID, form.NewBranchName)
}
if err != nil {
+ if models.IsErrProtectedTagName(err) {
+ ctx.Flash.Error(ctx.Tr("repo.release.tag_name_protected"))
+ ctx.Redirect(ctx.Repo.RepoLink + "/src/" + ctx.Repo.BranchNameSubURL())
+ return
+ }
+
if models.IsErrTagAlreadyExists(err) {
e := err.(models.ErrTagAlreadyExists)
ctx.Flash.Error(ctx.Tr("repo.branch.tag_collision", e.TagName))
diff --git a/routers/web/repo/release.go b/routers/web/repo/release.go
index fba3ef7a0..666294631 100644
--- a/routers/web/repo/release.go
+++ b/routers/web/repo/release.go
@@ -519,7 +519,11 @@ func DeleteTag(ctx *context.Context) {
func deleteReleaseOrTag(ctx *context.Context, isDelTag bool) {
if err := releaseservice.DeleteReleaseByID(ctx, ctx.FormInt64("id"), ctx.Doer, isDelTag); err != nil {
- ctx.Flash.Error("DeleteReleaseByID: " + err.Error())
+ if models.IsErrProtectedTagName(err) {
+ ctx.Flash.Error(ctx.Tr("repo.release.tag_name_protected"))
+ } else {
+ ctx.Flash.Error("DeleteReleaseByID: " + err.Error())
+ }
} else {
if isDelTag {
ctx.Flash.Success(ctx.Tr("repo.release.deletion_tag_success"))
diff --git a/services/release/release.go b/services/release/release.go
index a3d7d4720..6fa966de1 100644
--- a/services/release/release.go
+++ b/services/release/release.go
@@ -294,6 +294,20 @@ func DeleteReleaseByID(ctx context.Context, id int64, doer *user_model.User, del
}
if delTag {
+ protectedTags, err := git_model.GetProtectedTags(rel.RepoID)
+ if err != nil {
+ return fmt.Errorf("GetProtectedTags: %v", err)
+ }
+ isAllowed, err := git_model.IsUserAllowedToControlTag(protectedTags, rel.TagName, rel.PublisherID)
+ if err != nil {
+ return err
+ }
+ if !isAllowed {
+ return models.ErrProtectedTagName{
+ TagName: rel.TagName,
+ }
+ }
+
if stdout, _, err := git.NewCommand(ctx, "tag", "-d", rel.TagName).
SetDescription(fmt.Sprintf("DeleteReleaseByID (git tag -d): %d", rel.ID)).
RunStdString(&git.RunOpts{Dir: repo.RepoPath()}); err != nil && !strings.Contains(err.Error(), "not found") {
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index 9994df78b..23d700ded 100644
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -9196,6 +9196,9 @@
},
"404": {
"$ref": "#/responses/notFound"
+ },
+ "405": {
+ "$ref": "#/responses/empty"
}
}
}
@@ -9279,6 +9282,9 @@
},
"404": {
"$ref": "#/responses/notFound"
+ },
+ "405": {
+ "$ref": "#/responses/empty"
}
}
},
@@ -10047,6 +10053,9 @@
"404": {
"$ref": "#/responses/notFound"
},
+ "405": {
+ "$ref": "#/responses/empty"
+ },
"409": {
"$ref": "#/responses/conflict"
}
@@ -10134,6 +10143,9 @@
"404": {
"$ref": "#/responses/notFound"
},
+ "405": {
+ "$ref": "#/responses/empty"
+ },
"409": {
"$ref": "#/responses/conflict"
}