Skip to content

Commit

Permalink
don't allow pull requests to be created on an archived repository (go…
Browse files Browse the repository at this point in the history
…-gitea#5883)

* don't allow pull requests to be created on an archived repository
Also disable the "PR" button if the repo is archived

* Refuse creating an issue/PR via API calls too
  • Loading branch information
adelowo authored and techknowlogick committed Jan 30, 2019
1 parent 6dc2f40 commit 57a69ef
Show file tree
Hide file tree
Showing 3 changed files with 15 additions and 8 deletions.
19 changes: 13 additions & 6 deletions routers/api/v1/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ import (
api "code.gitea.io/sdk/gitea"

"github.com/go-macaron/binding"
"gopkg.in/macaron.v1"
macaron "gopkg.in/macaron.v1"
)

func sudo() macaron.Handler {
Expand Down Expand Up @@ -371,6 +371,13 @@ func mustEnableUserHeatmap(ctx *context.Context) {
}
}

func mustNotBeArchived(ctx *context.Context) {
if ctx.Repo.Repository.IsArchived {
ctx.Status(404)
return
}
}

// RegisterRoutes registers all v1 APIs routes to web application.
// FIXME: custom form error response
func RegisterRoutes(m *macaron.Macaron) {
Expand Down Expand Up @@ -518,11 +525,11 @@ func RegisterRoutes(m *macaron.Macaron) {
}, mustEnableIssues)
m.Group("/issues", func() {
m.Combo("").Get(repo.ListIssues).
Post(reqToken(), bind(api.CreateIssueOption{}), repo.CreateIssue)
Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueOption{}), repo.CreateIssue)
m.Group("/comments", func() {
m.Get("", repo.ListRepoIssueComments)
m.Combo("/:id", reqToken()).
Patch(bind(api.EditIssueCommentOption{}), repo.EditIssueComment).
Patch(mustNotBeArchived, bind(api.EditIssueCommentOption{}), repo.EditIssueComment).
Delete(repo.DeleteIssueComment)
})
m.Group("/:index", func() {
Expand All @@ -531,7 +538,7 @@ func RegisterRoutes(m *macaron.Macaron) {

m.Group("/comments", func() {
m.Combo("").Get(repo.ListIssueComments).
Post(reqToken(), bind(api.CreateIssueCommentOption{}), repo.CreateIssueComment)
Post(reqToken(), mustNotBeArchived, bind(api.CreateIssueCommentOption{}), repo.CreateIssueComment)
m.Combo("/:id", reqToken()).Patch(bind(api.EditIssueCommentOption{}), repo.EditIssueCommentDeprecated).
Delete(repo.DeleteIssueCommentDeprecated)
})
Expand Down Expand Up @@ -593,12 +600,12 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Get("/editorconfig/:filename", context.RepoRef(), reqRepoReader(models.UnitTypeCode), repo.GetEditorconfig)
m.Group("/pulls", func() {
m.Combo("").Get(bind(api.ListPullRequestsOptions{}), repo.ListPullRequests).
Post(reqToken(), bind(api.CreatePullRequestOption{}), repo.CreatePullRequest)
Post(reqToken(), mustNotBeArchived, bind(api.CreatePullRequestOption{}), repo.CreatePullRequest)
m.Group("/:index", func() {
m.Combo("").Get(repo.GetPullRequest).
Patch(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(api.EditPullRequestOption{}), repo.EditPullRequest)
m.Combo("/merge").Get(repo.IsPullRequestMerged).
Post(reqToken(), reqRepoWriter(models.UnitTypePullRequests), bind(auth.MergePullRequestForm{}), repo.MergePullRequest)
Post(reqToken(), mustNotBeArchived, reqRepoWriter(models.UnitTypePullRequests), bind(auth.MergePullRequestForm{}), repo.MergePullRequest)
})
}, mustAllowPulls, reqRepoReader(models.UnitTypeCode), context.ReferencesGitRepo())
m.Group("/statuses", func() {
Expand Down
2 changes: 1 addition & 1 deletion routers/routes/routes.go
Original file line number Diff line number Diff line change
Expand Up @@ -586,7 +586,7 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Group("/milestone", func() {
m.Get("/:id", repo.MilestoneIssuesAndPulls)
}, reqRepoIssuesOrPullsWriter, context.RepoRef())
m.Combo("/compare/*", reqRepoCodeReader, reqRepoPullsReader, repo.MustAllowPulls, repo.SetEditorconfigIfExists).
m.Combo("/compare/*", context.RepoMustNotBeArchived(), reqRepoCodeReader, reqRepoPullsReader, repo.MustAllowPulls, repo.SetEditorconfigIfExists).
Get(repo.SetDiffViewStyle, repo.CompareAndPullRequest).
Post(bindIgnErr(auth.CreateIssueForm{}), repo.CompareAndPullRequestPost)

Expand Down
2 changes: 1 addition & 1 deletion templates/repo/home.tmpl
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@
{{end}}
{{template "repo/sub_menu" .}}
<div class="ui stackable secondary menu mobile--margin-between-items mobile--no-negative-margins">
{{if and .PullRequestCtx.Allowed .IsViewBranch}}
{{if and .PullRequestCtx.Allowed .IsViewBranch (not .Repository.IsArchived)}}
<div class="fitted item">
<a href="{{.BaseRepo.Link}}/compare/{{.BaseRepo.DefaultBranch | EscapePound}}...{{ if .Repository.IsFork }}{{.Repository.Owner.Name}}{{ else }}{{ .SignedUserName }}{{ end }}:{{.BranchName | EscapePound}}">
<button class="ui green tiny compact button"><i class="octicon octicon-git-compare"></i></button>
Expand Down

0 comments on commit 57a69ef

Please sign in to comment.