TRKJ/gitea
2
0
Fork 0
mirror of https://gitee.com/gitea/gitea synced 2025-11-04 08:30:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Treat PRs with agit flow as fork PRs when triggering actions. (#23884)

Browse Source 
There is no fork concept in agit flow, anyone with read permission can
push `refs/for/<target-branch>/<topic-branch>` to the repo. So we should
treat it as a fork pull request because it may be from an untrusted
user.
This commit is contained in:
Jason Song
2023-04-07 04:57:30 +08:00
committed by GitHub
parent 9b416b2e36
commit d92909fa8b
2 changed files with 17 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
models/actions/run.go
View File

@@ -36,7 +36,7 @@ type ActionRun struct {
TriggerUser *user_model.User `xorm:"-"` TriggerUser *user_model.User `xorm:"-"`
Ref string Ref string
CommitSHA string CommitSHA string
IsForkPullRequest bool IsForkPullRequest bool // If this is triggered by a PR from a forked repository or an untrusted user, we need to check if it is approved and limit permissions when running the workflow.
NeedApproval bool // may need approval if it's a fork pull request NeedApproval bool // may need approval if it's a fork pull request
ApprovedBy int64 `xorm:"index"` // who approved ApprovedBy int64 `xorm:"index"` // who approved
Event webhook_module.HookEventType Event webhook_module.HookEventType

17
services/actions/notifier_helper.go
View File

@@ -152,6 +152,21 @@ func notify(ctx context.Context, input *notifyInput) error {
return fmt.Errorf("json.Marshal: %w", err) return fmt.Errorf("json.Marshal: %w", err)
} }
isForkPullRequest := false
if pr := input.PullRequest; pr != nil {
switch pr.Flow {
case issues_model.PullRequestFlowGithub:
isForkPullRequest = pr.IsFromFork()
case issues_model.PullRequestFlowAGit:
// There is no fork concept in agit flow, anyone with read permission can push refs/for/<target-branch>/<topic-branch> to the repo.
// So we can treat it as a fork pull request because it may be from an untrusted user
isForkPullRequest = true
default:
// unknown flow, assume it's a fork pull request to be safe
isForkPullRequest = true
}
}
for id, content := range workflows { for id, content := range workflows {
run := &actions_model.ActionRun{ run := &actions_model.ActionRun{
Title: strings.SplitN(commit.CommitMessage, "\n", 2)[0], Title: strings.SplitN(commit.CommitMessage, "\n", 2)[0],
@@ -161,7 +176,7 @@ func notify(ctx context.Context, input *notifyInput) error {
TriggerUserID: input.Doer.ID, TriggerUserID: input.Doer.ID,
Ref: ref, Ref: ref,
CommitSHA: commit.ID.String(), CommitSHA: commit.ID.String(),
IsForkPullRequest: input.PullRequest != nil && input.PullRequest.IsFromFork(), IsForkPullRequest: isForkPullRequest,
Event: input.Event, Event: input.Event,
EventPayload: string(p), EventPayload: string(p),
Status: actions_model.StatusWaiting, Status: actions_model.StatusWaiting,