Protect default branch against deletion (#11115)
Although default branch is not offered for deletion in the templates, we need to prevent it both at the router level and in the pre-receive hook. Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>pull/11298/head^2
parent
a1f11a05e9
commit
505e456f26
|
@ -1683,6 +1683,7 @@ branch.deleted_by = Deleted by %s
|
|||
branch.restore_success = Branch '%s' has been restored.
|
||||
branch.restore_failed = Failed to restore branch '%s'.
|
||||
branch.protected_deletion_failed = Branch '%s' is protected. It cannot be deleted.
|
||||
branch.default_deletion_failed = Branch '%s' is the default branch. It cannot be deleted.
|
||||
branch.restore = Restore Branch '%s'
|
||||
branch.download = Download Branch '%s'
|
||||
branch.included_desc = This branch is part of the default branch
|
||||
|
|
|
@ -206,6 +206,14 @@ func HookPreReceive(ctx *macaron.Context, opts private.HookOptions) {
|
|||
refFullName := opts.RefFullNames[i]
|
||||
|
||||
branchName := strings.TrimPrefix(refFullName, git.BranchPrefix)
|
||||
if branchName == repo.DefaultBranch && newCommitID == git.EmptySHA {
|
||||
log.Warn("Forbidden: Branch: %s is the default branch in %-v and cannot be deleted", branchName, repo)
|
||||
ctx.JSON(http.StatusForbidden, map[string]interface{}{
|
||||
"err": fmt.Sprintf("branch %s is the default branch and cannot be deleted", branchName),
|
||||
})
|
||||
return
|
||||
}
|
||||
|
||||
protectBranch, err := models.GetProtectedBranchBy(repo.ID, branchName)
|
||||
if err != nil {
|
||||
log.Error("Unable to get protected branch: %s in %-v Error: %v", branchName, repo, err)
|
||||
|
|
|
@ -57,8 +57,12 @@ func Branches(ctx *context.Context) {
|
|||
// DeleteBranchPost responses for delete merged branch
|
||||
func DeleteBranchPost(ctx *context.Context) {
|
||||
defer redirect(ctx)
|
||||
|
||||
branchName := ctx.Query("name")
|
||||
if branchName == ctx.Repo.Repository.DefaultBranch {
|
||||
ctx.Flash.Error(ctx.Tr("repo.branch.default_deletion_failed", branchName))
|
||||
return
|
||||
}
|
||||
|
||||
isProtected, err := ctx.Repo.Repository.IsProtectedBranch(branchName, ctx.User)
|
||||
if err != nil {
|
||||
log.Error("DeleteBranch: %v", err)
|
||||
|
|
Loading…
Reference in New Issue