Add require signed commit for protected branch (#9708)

* Add require signed commit for protected branch * Fix fmt * Make editor show if they will be signed * bugfix * Add basic merge check and better information for CRUD * linting comment * Add descriptors to merge signing * Slight refactor * Slight improvement to appearances * Handle Merge API * manage CRUD API * Move error to error.go * Remove fix to delete.go * prep for merge * need to tolerate \r\n in message * check protected branch before trying to load it * Apply suggestions from code review Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com> * fix commit-reader Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-01-15 08:32:57 +00:00 · 2020-01-15 08:32:57 +00:00 · 66ee9b87f9
commit 66ee9b87f9
parent 6b1fa12359
29 changed files with 618 additions and 122 deletions
--- a/models/pull_sign.go
+++ b/models/pull_sign.go
@ -11,16 +11,16 @@ import (
 )

 // SignMerge determines if we should sign a PR merge commit to the base repository
-func (pr *PullRequest) SignMerge(u *User, tmpBasePath, baseCommit, headCommit string) (bool, string) {
+func (pr *PullRequest) SignMerge(u *User, tmpBasePath, baseCommit, headCommit string) (bool, string, error) {
 	if err := pr.GetBaseRepo(); err != nil {
 		log.Error("Unable to get Base Repo for pull request")
-		return false, ""
+		return false, "", err
 	}
 	repo := pr.BaseRepo

 	signingKey := signingKey(repo.RepoPath())
 	if signingKey == "" {
-		return false, ""
+		return false, "", &ErrWontSign{noKey}
 	}
 	rules := signingModeFromStrings(setting.Repository.Signing.Merges)

@ -30,92 +30,101 @@ func (pr *PullRequest) SignMerge(u *User, tmpBasePath, baseCommit, headCommit st
 	for _, rule := range rules {
 		switch rule {
 		case never:
-			return false, ""
+			return false, "", &ErrWontSign{never}
 		case always:
 			break
 		case pubkey:
 			keys, err := ListGPGKeys(u.ID)
-			if err != nil || len(keys) == 0 {
-				return false, ""
+			if err != nil {
+				return false, "", err
+			}
+			if len(keys) == 0 {
+				return false, "", &ErrWontSign{pubkey}
 			}
 		case twofa:
-			twofa, err := GetTwoFactorByUID(u.ID)
-			if err != nil || twofa == nil {
-				return false, ""
+			twofaModel, err := GetTwoFactorByUID(u.ID)
+			if err != nil {
+				return false, "", err
+			}
+			if twofaModel == nil {
+				return false, "", &ErrWontSign{twofa}
 			}
 		case approved:
 			protectedBranch, err := GetProtectedBranchBy(repo.ID, pr.BaseBranch)
-			if err != nil || protectedBranch == nil {
-				return false, ""
+			if err != nil {
+				return false, "", err
+			}
+			if protectedBranch == nil {
+				return false, "", &ErrWontSign{approved}
 			}
 			if protectedBranch.GetGrantedApprovalsCount(pr) < 1 {
-				return false, ""
+				return false, "", &ErrWontSign{approved}
 			}
 		case baseSigned:
 			if gitRepo == nil {
 				gitRepo, err = git.OpenRepository(tmpBasePath)
 				if err != nil {
-					return false, ""
+					return false, "", err
 				}
 				defer gitRepo.Close()
 			}
 			commit, err := gitRepo.GetCommit(baseCommit)
 			if err != nil {
-				return false, ""
+				return false, "", err
 			}
 			verification := ParseCommitWithSignature(commit)
 			if !verification.Verified {
-				return false, ""
+				return false, "", &ErrWontSign{baseSigned}
 			}
 		case headSigned:
 			if gitRepo == nil {
 				gitRepo, err = git.OpenRepository(tmpBasePath)
 				if err != nil {
-					return false, ""
+					return false, "", err
 				}
 				defer gitRepo.Close()
 			}
 			commit, err := gitRepo.GetCommit(headCommit)
 			if err != nil {
-				return false, ""
+				return false, "", err
 			}
 			verification := ParseCommitWithSignature(commit)
 			if !verification.Verified {
-				return false, ""
+				return false, "", &ErrWontSign{headSigned}
 			}
 		case commitsSigned:
 			if gitRepo == nil {
 				gitRepo, err = git.OpenRepository(tmpBasePath)
 				if err != nil {
-					return false, ""
+					return false, "", err
 				}
 				defer gitRepo.Close()
 			}
 			commit, err := gitRepo.GetCommit(headCommit)
 			if err != nil {
-				return false, ""
+				return false, "", err
 			}
 			verification := ParseCommitWithSignature(commit)
 			if !verification.Verified {
-				return false, ""
+				return false, "", &ErrWontSign{commitsSigned}
 			}
 			// need to work out merge-base
 			mergeBaseCommit, _, err := gitRepo.GetMergeBase("", baseCommit, headCommit)
 			if err != nil {
-				return false, ""
+				return false, "", err
 			}
 			commitList, err := commit.CommitsBeforeUntil(mergeBaseCommit)
 			if err != nil {
-				return false, ""
+				return false, "", err
 			}
 			for e := commitList.Front(); e != nil; e = e.Next() {
 				commit = e.Value.(*git.Commit)
 				verification := ParseCommitWithSignature(commit)
 				if !verification.Verified {
-					return false, ""
+					return false, "", &ErrWontSign{commitsSigned}
 				}
 			}
 		}
 	}
-	return true, signingKey
+	return true, signingKey, nil
 }