Add API for manipulating Git hooks (#6436)

* Add API for manipulating Git hooks

Signed-off-by: Segev Finer <[email protected]>

* Replace code.gitea.io/sdk with PR branch temporarily for CI

* Switch back to code.gitea.io/sdk@master

* Return 403 instead of 404 on no permission to edit hooks in API

* Add tests for Git hooks API

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <[email protected]>

* Update models/repo_list_test.go

Co-Authored-By: segevfiner <[email protected]>

* empty line

Author: segevfiner

go.mod

@@ -3,7 +3,7 @@ module code.gitea.io/gitea
 go 1.12
 
 require (
-	code.gitea.io/sdk v0.0.0-20190321154058-a669487e86e0
+	code.gitea.io/sdk v0.0.0-20190416172854-7d954d775498
 	github.com/BurntSushi/toml v0.3.1 // indirect
 	github.com/PuerkitoBio/goquery v0.0.0-20170324135448-ed7d758e9a34
 	github.com/RoaringBitmap/roaring v0.4.7 // indirect

go.sum

@@ -1,6 +1,6 @@
 cloud.google.com/go v0.30.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-code.gitea.io/sdk v0.0.0-20190321154058-a669487e86e0 h1:pIKKrTUox+0pGcZwFl19Glw9gKfoeNkA02EqeiSmLjs=
-code.gitea.io/sdk v0.0.0-20190321154058-a669487e86e0/go.mod h1:5bZt0dRznpn2JysytQnV0yCru3FwDv9O5G91jo+lDAk=
+code.gitea.io/sdk v0.0.0-20190416172854-7d954d775498 h1:rcjwXMYIjYts88akPiyy/GB+imecpf159jojChciEEw=
+code.gitea.io/sdk v0.0.0-20190416172854-7d954d775498/go.mod h1:5bZt0dRznpn2JysytQnV0yCru3FwDv9O5G91jo+lDAk=
 github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/PuerkitoBio/goquery v0.0.0-20170324135448-ed7d758e9a34 h1:UsHpWO0Elp6NaWVARdZHjiYwkhrspHVEGsyIKPb9OI8=

integrations/api_repo_git_hook_test.go

@@ -0,0 +1,194 @@
+// Copyright 2019 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package integrations
+
+import (
+	"fmt"
+	"net/http"
+	"testing"
+
+	"code.gitea.io/gitea/models"
+	api "code.gitea.io/sdk/gitea"
+
+	"github.com/stretchr/testify/assert"
+)
+
+const testHookContent = `#!/bin/bash
+
+echo Hello, World!
+`
+
+func TestAPIListGitHooks(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 37}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	// user1 is an admin user
+	session := loginUser(t, "user1")
+	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git?token=%s",
+		owner.Name, repo.Name, token)
+	resp := MakeRequest(t, req, http.StatusOK)
+	var apiGitHooks []*api.GitHook
+	DecodeJSON(t, resp, &apiGitHooks)
+	assert.Len(t, apiGitHooks, 3)
+	for _, apiGitHook := range apiGitHooks {
+		if apiGitHook.Name == "pre-receive" {
+			assert.True(t, apiGitHook.IsActive)
+			assert.Equal(t, testHookContent, apiGitHook.Content)
+		} else {
+			assert.False(t, apiGitHook.IsActive)
+			assert.Empty(t, apiGitHook.Content)
+		}
+	}
+}
+
+func TestAPIListGitHooksNoHooks(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	// user1 is an admin user
+	session := loginUser(t, "user1")
+	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git?token=%s",
+		owner.Name, repo.Name, token)
+	resp := MakeRequest(t, req, http.StatusOK)
+	var apiGitHooks []*api.GitHook
+	DecodeJSON(t, resp, &apiGitHooks)
+	assert.Len(t, apiGitHooks, 3)
+	for _, apiGitHook := range apiGitHooks {
+		assert.False(t, apiGitHook.IsActive)
+		assert.Empty(t, apiGitHook.Content)
+	}
+}
+
+func TestAPIListGitHooksNoAccess(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	session := loginUser(t, owner.Name)
+	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git?token=%s",
+		owner.Name, repo.Name, token)
+	MakeRequest(t, req, http.StatusForbidden)
+}
+
+func TestAPIGetGitHook(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 37}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	// user1 is an admin user
+	session := loginUser(t, "user1")
+	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
+		owner.Name, repo.Name, token)
+	resp := MakeRequest(t, req, http.StatusOK)
+	var apiGitHook *api.GitHook
+	DecodeJSON(t, resp, &apiGitHook)
+	assert.True(t, apiGitHook.IsActive)
+	assert.Equal(t, testHookContent, apiGitHook.Content)
+}
+
+func TestAPIGetGitHookNoAccess(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	session := loginUser(t, owner.Name)
+	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
+		owner.Name, repo.Name, token)
+	MakeRequest(t, req, http.StatusForbidden)
+}
+
+func TestAPIEditGitHook(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	// user1 is an admin user
+	session := loginUser(t, "user1")
+	token := getTokenForLoggedInUser(t, session)
+
+	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
+		owner.Name, repo.Name, token)
+	req := NewRequestWithJSON(t, "PATCH", urlStr, &api.EditGitHookOption{
+		Content: testHookContent,
+	})
+	resp := MakeRequest(t, req, http.StatusOK)
+	var apiGitHook *api.GitHook
+	DecodeJSON(t, resp, &apiGitHook)
+	assert.True(t, apiGitHook.IsActive)
+	assert.Equal(t, testHookContent, apiGitHook.Content)
+
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
+		owner.Name, repo.Name, token)
+	resp = MakeRequest(t, req, http.StatusOK)
+	var apiGitHook2 *api.GitHook
+	DecodeJSON(t, resp, &apiGitHook2)
+	assert.True(t, apiGitHook2.IsActive)
+	assert.Equal(t, testHookContent, apiGitHook2.Content)
+}
+
+func TestAPIEditGitHookNoAccess(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	session := loginUser(t, owner.Name)
+	token := getTokenForLoggedInUser(t, session)
+	urlStr := fmt.Sprintf("/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
+		owner.Name, repo.Name, token)
+	req := NewRequestWithJSON(t, "PATCH", urlStr, &api.EditGitHookOption{
+		Content: testHookContent,
+	})
+	MakeRequest(t, req, http.StatusForbidden)
+}
+
+func TestAPIDeleteGitHook(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 37}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	// user1 is an admin user
+	session := loginUser(t, "user1")
+	token := getTokenForLoggedInUser(t, session)
+
+	req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
+		owner.Name, repo.Name, token)
+	MakeRequest(t, req, http.StatusNoContent)
+
+	req = NewRequestf(t, "GET", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
+		owner.Name, repo.Name, token)
+	resp := MakeRequest(t, req, http.StatusOK)
+	var apiGitHook2 *api.GitHook
+	DecodeJSON(t, resp, &apiGitHook2)
+	assert.False(t, apiGitHook2.IsActive)
+	assert.Empty(t, apiGitHook2.Content)
+}
+
+func TestAPIDeleteGitHookNoAccess(t *testing.T) {
+	prepareTestEnv(t)
+
+	repo := models.AssertExistsAndLoadBean(t, &models.Repository{ID: 1}).(*models.Repository)
+	owner := models.AssertExistsAndLoadBean(t, &models.User{ID: repo.OwnerID}).(*models.User)
+
+	session := loginUser(t, owner.Name)
+	token := getTokenForLoggedInUser(t, session)
+	req := NewRequestf(t, "DELETE", "/api/v1/repos/%s/%s/hooks/git/pre-receive?token=%s",
+		owner.Name, repo.Name, token)
+	MakeRequest(t, req, http.StatusForbidden)
+}

integrations/api_repo_test.go

@@ -70,9 +70,9 @@ func TestAPISearchRepo(t *testing.T) {
 		expectedResults
 	}{
 		{name: "RepositoriesMax50", requestURL: "/api/v1/repos/search?limit=50", expectedResults: expectedResults{
-			nil:   {count: 20},
-			user:  {count: 20},
-			user2: {count: 20}},
+			nil:   {count: 21},
+			user:  {count: 21},
+			user2: {count: 21}},
 		},
 		{name: "RepositoriesMax10", requestURL: "/api/v1/repos/search?limit=10", expectedResults: expectedResults{
 			nil:   {count: 10},

integrations/gitea-repositories-meta/user2/git_hooks_test.git/HEAD

@@ -0,0 +1 @@
+ref: refs/heads/master

integrations/gitea-repositories-meta/user2/git_hooks_test.git/config

@@ -0,0 +1,4 @@
+[core]
+	repositoryformatversion = 0
+	filemode = true
+	bare = true

integrations/gitea-repositories-meta/user2/git_hooks_test.git/description

@@ -0,0 +1 @@
+Unnamed repository; edit this file 'description' to name the repository.

integrations/gitea-repositories-meta/user2/git_hooks_test.git/hooks/applypatch-msg.sample

@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message taken by
+# applypatch from an e-mail message.
+#
+# The hook should exit with non-zero status after issuing an
+# appropriate message if it wants to stop the commit.  The hook is
+# allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "applypatch-msg".
+
+. git-sh-setup
+commitmsg="$(git rev-parse --git-path hooks/commit-msg)"
+test -x "$commitmsg" && exec "$commitmsg" ${1+"$@"}
+:

integrations/gitea-repositories-meta/user2/git_hooks_test.git/hooks/commit-msg.sample

@@ -0,0 +1,24 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message.
+# Called by "git commit" with one argument, the name of the file
+# that has the commit message.  The hook should exit with non-zero
+# status after issuing an appropriate message if it wants to stop the
+# commit.  The hook is allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "commit-msg".
+
+# Uncomment the below to add a Signed-off-by line to the message.
+# Doing this in a hook is a bad idea in general, but the prepare-commit-msg
+# hook is more suited to it.
+#
+# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
+# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
+
+# This example catches duplicate Signed-off-by lines.
+
+test "" = "$(grep '^Signed-off-by: ' "$1" |
+	 sort | uniq -c | sed -e '/^[ 	]*1[ 	]/d')" || {
+	echo >&2 Duplicate Signed-off-by lines.
+	exit 1
+}

integrations/gitea-repositories-meta/user2/git_hooks_test.git/hooks/post-receive

@@ -0,0 +1,7 @@
+#!/usr/bin/env bash
+ORI_DIR=`pwd`
+SHELL_FOLDER=$(cd "$(dirname "$0")";pwd)
+cd "$ORI_DIR"
+for i in `ls "$SHELL_FOLDER/post-receive.d"`; do
+    sh "$SHELL_FOLDER/post-receive.d/$i"
+done