pull-requests: validate ref types for pull request so users cannot provide wrongs ones.
marcink -
r3302:2e5cf174 stable
Not Reviewed
Show More
Add another comment
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
@@ -56,6 +56,25
56 assert_error(id_, expected, given=response.body)
56 assert_error(id_, expected, given=response.body)
57
57
58 @pytest.mark.backends("git", "hg")
58 @pytest.mark.backends("git", "hg")
59 @pytest.mark.parametrize('source_ref', [
60 'bookmarg:default:initial'
61 ])
62 def test_create_with_wrong_refs_data(self, backend, source_ref):
63
64 data = self._prepare_data(backend)
65 data['source_ref'] = source_ref
66
67 id_, params = build_data(
68 self.apikey_regular, 'create_pull_request', **data)
69
70 response = api_call(self.app, params)
71
72 expected = "Ref `{}` type is not allowed. " \
73 "Only:['bookmark', 'book', 'tag', 'branch'] " \
74 "are possible.".format(source_ref)
75 assert_error(id_, expected, given=response.body)
76
77 @pytest.mark.backends("git", "hg")
59 def test_create_with_correct_data(self, backend):
78 def test_create_with_correct_data(self, backend):
60 data = self._prepare_data(backend)
79 data = self._prepare_data(backend)
61 RepoModel().revoke_user_permission(
80 RepoModel().revoke_user_permission(
@@ -84,11 +84,11
84
84
85 def test_non_supported_refs(self):
85 def test_non_supported_refs(self):
86 repo = Mock()
86 repo = Mock()
87 ref = 'ancestor:ref'
87 ref = 'bookmark:ref'
88 with pytest.raises(JSONRPCError) as excinfo:
88 with pytest.raises(JSONRPCError) as excinfo:
89 utils.resolve_ref_or_error(ref, repo)
89 utils.resolve_ref_or_error(ref, repo)
90 expected_message = (
90 expected_message = (
91 'The specified value:ancestor:`ref` does not exist, or is not allowed.')
91 'The specified value:bookmark:`ref` does not exist, or is not allowed.')
92 assert excinfo.value.message == expected_message
92 assert excinfo.value.message == expected_message
93
93
94 def test_branch_is_not_found(self):
94 def test_branch_is_not_found(self):
@@ -388,7 +388,19
388 raise JSONRPCError('Ref `{ref}` does not exist'.format(ref=ref))
388 raise JSONRPCError('Ref `{ref}` does not exist'.format(ref=ref))
389
389
390
390
391 def resolve_ref_or_error(ref, repo):
391 def _get_ref_hash(repo, type_, name):
392 vcs_repo = repo.scm_instance()
393 if type_ in ['branch'] and vcs_repo.alias in ('hg', 'git'):
394 return vcs_repo.branches[name]
395 elif type_ in ['bookmark', 'book'] and vcs_repo.alias == 'hg':
396 return vcs_repo.bookmarks[name]
397 else:
398 raise ValueError()
399
400
401 def resolve_ref_or_error(ref, repo, allowed_ref_types=None):
402 allowed_ref_types = allowed_ref_types or ['bookmark', 'book', 'tag', 'branch']
403
392 def _parse_ref(type_, name, hash_=None):
404 def _parse_ref(type_, name, hash_=None):
393 return type_, name, hash_
405 return type_, name, hash_
394
406
@@ -399,6 +411,12
399 'Ref `{ref}` given in a wrong format. Please check the API'
411 'Ref `{ref}` given in a wrong format. Please check the API'
400 ' documentation for more details'.format(ref=ref))
412 ' documentation for more details'.format(ref=ref))
401
413
414 if ref_type not in allowed_ref_types:
415 raise JSONRPCError(
416 'Ref `{ref}` type is not allowed. '
417 'Only:{allowed_refs} are possible.'.format(
418 ref=ref, allowed_refs=allowed_ref_types))
419
402 try:
420 try:
403 ref_hash = ref_hash or _get_ref_hash(repo, ref_type, ref_name)
421 ref_hash = ref_hash or _get_ref_hash(repo, ref_type, ref_name)
404 except (KeyError, ValueError):
422 except (KeyError, ValueError):
@@ -429,13 +447,3
429 "raw_diff": raw_diff,
447 "raw_diff": raw_diff,
430 "stats": stats
448 "stats": stats
431 }
449 }
432
433
434 def _get_ref_hash(repo, type_, name):
435 vcs_repo = repo.scm_instance()
436 if type_ == 'branch' and vcs_repo.alias in ('hg', 'git'):
437 return vcs_repo.branches[name]
438 elif type_ == 'bookmark' and vcs_repo.alias == 'hg':
439 return vcs_repo.bookmarks[name]
440 else:
441 raise ValueError()
@@ -129,6 +129,8
129 'This pull request cannot be updated because the source '
129 'This pull request cannot be updated because the source '
130 'reference is missing.'),
130 'reference is missing.'),
131 }
131 }
132 REF_TYPES = ['bookmark', 'book', 'tag', 'branch']
133 UPDATABLE_REF_TYPES = ['bookmark', 'book', 'branch']
132
134
133 def __get_pull_request(self, pull_request):
135 def __get_pull_request(self, pull_request):
134 return self._get_instance((
136 return self._get_instance((
@@ -671,7 +673,7
671
673
672 def has_valid_update_type(self, pull_request):
674 def has_valid_update_type(self, pull_request):
673 source_ref_type = pull_request.source_ref_parts.type
675 source_ref_type = pull_request.source_ref_parts.type
674 return source_ref_type in ['book', 'branch', 'tag']
676 return source_ref_type in self.REF_TYPES
675
677
676 def update_commits(self, pull_request):
678 def update_commits(self, pull_request):
677 """
679 """
@@ -751,7 +753,7
751 pull_request_version = pull_request
753 pull_request_version = pull_request
752
754
753 try:
755 try:
754 if target_ref_type in ('tag', 'branch', 'book'):
756 if target_ref_type in self.REF_TYPES:
755 target_commit = target_repo.get_commit(target_ref_name)
757 target_commit = target_repo.get_commit(target_ref_name)
756 else:
758 else:
757 target_commit = target_repo.get_commit(target_ref_id)
759 target_commit = target_repo.get_commit(target_ref_id)
@@ -1326,7 +1328,7
1326 return merge_state
1328 return merge_state
1327
1329
1328 def _refresh_reference(self, reference, vcs_repository):
1330 def _refresh_reference(self, reference, vcs_repository):
1329 if reference.type in ('branch', 'book'):
1331 if reference.type in self.UPDATABLE_REF_TYPES:
1330 name_or_id = reference.name
1332 name_or_id = reference.name
1331 else:
1333 else:
1332 name_or_id = reference.commit_id
1334 name_or_id = reference.commit_id
Comments 0
You need to be logged in to leave comments. Login now