improve protected branch to add whitelist support #2451
Conversation
lunny
added
type/enhancement
models/migrations/v39.go
Outdated
| if _, err := x.Exec("ALTER TABLE protected_branch DROP COLUMN can_push"); err != nil { | ||
| return fmt.Errorf("DROP COLUMN can_push: %v", err) | ||
| } | ||
| default: |
There was a problem hiding this comment.
Need also migration support for PostgreSQL and MSSQL
models/migrations/v39.go
Outdated
| if _, err := x.Exec("ALTER TABLE protected_branch DROP COLUMN can_push"); err != nil { | ||
| return fmt.Errorf("DROP COLUMN can_push: %v", err) | ||
| } | ||
| default: |
| } else { | ||
| if protectBranch != nil { | ||
| if err := ctx.Repo.Repository.DeleteProtectedBranch(protectBranch.ID); err != nil { | ||
| ctx.Handle(500, "UpdateProtectBranch", err) |
options/locale/locale_en-US.ini
Outdated
| @@ -922,6 +922,16 @@ settings.protected_branch=Branch Protection | |||
| settings.protected_branch_can_push=Allow push? | |||
| settings.protected_branch_can_push_yes=You can push | |||
| settings.protected_branch_can_push_no=You can not push | |||
| settings.branch_protection = Branch Protection for <b>%s</b> | |||
| settings.protect_this_branch = Protect this branch | |||
| settings.protect_this_branch_desc = Disable force pushes and prevent from deletion. | |||
There was a problem hiding this comment.
I would suggest Disable force pushes and prevent deletion.
options/locale/locale_en-US.ini
Outdated
| settings.branch_protection = Branch Protection for <b>%s</b> | ||
| settings.protect_this_branch = Protect this branch | ||
| settings.protect_this_branch_desc = Disable force pushes and prevent from deletion. | ||
| settings.update_protect_branch_success = Change branch protect options successfully. |
There was a problem hiding this comment.
I would suggest Branch protect options changed successfully.
options/locale/locale_en-US.ini
Outdated
| settings.protect_whitelist_committers_desc = Add people or teams to whitelist of direct push to this branch. Users in whitelist will bypass require pull request check. | ||
| settings.protect_whitelist_users = Users who can push to this branch | ||
| settings.protect_whitelist_search_users = Search users | ||
| settings.protect_whitelist_teams = Teams for which members of them can push to this branch |
There was a problem hiding this comment.
I would suggest Teams whose members can push to this branch.
options/locale/locale_en-US.ini
Outdated
| settings.protect_this_branch_desc = Disable force pushes and prevent from deletion. | ||
| settings.update_protect_branch_success = Change branch protect options successfully. | ||
| settings.protect_whitelist_committers = Whitelist who can push to this branch | ||
| settings.protect_whitelist_committers_desc = Add people or teams to whitelist of direct push to this branch. Users in whitelist will bypass require pull request check. |
There was a problem hiding this comment.
I would suggest Add users or teams to this branch's whitelist. Whitelisted users bypass the typical push restrictions.
models/migrations/v39.go
Outdated
|
|
||
| "code.gitea.io/gitea/modules/log" | ||
| "code.gitea.io/gitea/modules/setting" | ||
| "github.com/go-xorm/xorm" |
|
LGTM |
tboerger
added
the
lgtm/need 1
| if protectBranch.ID == 0 { | ||
| if _, err = x.Insert(protectBranch); err != nil { | ||
| return fmt.Errorf("Insert: %v", err) | ||
| } |
|
@lunny From the screenshot, do we really need to differentiate between Users and Teams? Can't they be in the same list? (Gitea knows the difference internally anyhow) |
|
@bkcsoft For a non-organization repository, we only have users. For an organization repository, we will have users and teams. I think both are needed. |
|
@lunny Right, the list it returns would be different, but I still don't understand why it needs to be 2 lists? |
|
Two lists is easy to implement. 😄 We can optimist it later. We still need pull request control, status check and approval control. |
|
I also would like to see there single list instead of two but I agree that it can be implemented later |
lunny
force-pushed
the
lunny/improve_proteced_branch
branch
2 times, most recently
from
7cea815 to
1666907
Compare
models/branches.go
Outdated
| } else if has { | ||
| return nil | ||
| } | ||
| func (p Int64Slice) Len() int { return len(p) } |
There was a problem hiding this comment.
Would it be possible to move these helpers for int64 slices to a util file? They don't have anything to do with branches.
models/org.go
Outdated
| @@ -577,6 +577,11 @@ func (org *User) getUserTeamIDs(e Engine, userID int64) ([]int64, error) { | |||
| Find(&teamIDs) | |||
| } | |||
|
|
|||
| // TeamsHaveAccessToRepo returns all teamsthat have given access level to the repository. | |||
| func (org *User) TeamsHaveAccessToRepo(repoID int64, mode AccessMode) ([]*Team, error) { | |||
There was a problem hiding this comment.
I'd suggest renaming to TeamsWithAccessToRepo(and similarly GetTeamsWithAccessToRepo)
models/repo.go
Outdated
| } | ||
|
|
||
| // getUsersWithAccesMode returns users that have at least given access mode to the repository. | ||
| func (repo *Repository) getUsersWithAccesMode(e Engine, mode AccessMode) (_ []*User, err error) { |
lunny
force-pushed
the
lunny/improve_proteced_branch
branch
2 times, most recently
from
0ad42cc to
bcadda5
Compare
|
will be part of #32 |
|
@ethantkoenig all done. |
|
my gitea version 1.2 the protect branch tool didn't work, but when i use version 1.1.3, it works well |
|
@LanaYuan could you try on https://try.gitea.io |
lunny
force-pushed
the
lunny/improve_proteced_branch
branch
from
bcadda5 to
f71a25a
Compare
|
LGTM |
tboerger
added
lgtm/done
Codecov Report
@@ Coverage Diff @@
## master #2451 +/- ##
==========================================
- Coverage 27.83% 27.75% -0.09%
==========================================
Files 83 83
Lines 16835 16886 +51
==========================================
Hits 4686 4686
- Misses 11474 11525 +51
Partials 675 675
Continue to review full report at Codecov.
|
This PR will add a protected branch edit page to enable or disable protected branch. It also add support to whitelist users or whitelist teams so that special users could push to the branch.