drone/app/api/controller/githook/controller.go

// Copyright 2023 Harness, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package githook

import (
	"context"
	"fmt"

	"github.com/harness/gitness/app/api/controller/limiter"
	"github.com/harness/gitness/app/api/usererror"
	"github.com/harness/gitness/app/auth"
	"github.com/harness/gitness/app/auth/authz"
	eventsgit "github.com/harness/gitness/app/events/git"
	eventsrepo "github.com/harness/gitness/app/events/repo"
	"github.com/harness/gitness/app/services/protection"
	"github.com/harness/gitness/app/services/settings"
	"github.com/harness/gitness/app/store"
	"github.com/harness/gitness/app/url"
	"github.com/harness/gitness/errors"
	"github.com/harness/gitness/git"
	"github.com/harness/gitness/git/api"
	"github.com/harness/gitness/git/hook"
	"github.com/harness/gitness/git/sha"
	"github.com/harness/gitness/types"
	"github.com/harness/gitness/types/enum"
)

type Controller struct {
	authorizer          authz.Authorizer
	principalStore      store.PrincipalStore
	repoStore           store.RepoStore
	gitReporter         *eventsgit.Reporter
	repoReporter        *eventsrepo.Reporter
	git                 git.Interface
	pullreqStore        store.PullReqStore
	urlProvider         url.Provider
	protectionManager   *protection.Manager
	limiter             limiter.ResourceLimiter
	settings            *settings.Service
	preReceiveExtender  PreReceiveExtender
	updateExtender      UpdateExtender
	postReceiveExtender PostReceiveExtender
}

func NewController(
	authorizer authz.Authorizer,
	principalStore store.PrincipalStore,
	repoStore store.RepoStore,
	gitReporter *eventsgit.Reporter,
	repoReporter *eventsrepo.Reporter,
	git git.Interface,
	pullreqStore store.PullReqStore,
	urlProvider url.Provider,
	protectionManager *protection.Manager,
	limiter limiter.ResourceLimiter,
	settings *settings.Service,
	preReceiveExtender PreReceiveExtender,
	updateExtender UpdateExtender,
	postReceiveExtender PostReceiveExtender,
) *Controller {
	return &Controller{
		authorizer:          authorizer,
		principalStore:      principalStore,
		repoStore:           repoStore,
		gitReporter:         gitReporter,
		repoReporter:        repoReporter,
		git:                 git,
		pullreqStore:        pullreqStore,
		urlProvider:         urlProvider,
		protectionManager:   protectionManager,
		limiter:             limiter,
		settings:            settings,
		preReceiveExtender:  preReceiveExtender,
		updateExtender:      updateExtender,
		postReceiveExtender: postReceiveExtender,
	}
}

func (c *Controller) getRepoCheckAccess(ctx context.Context,
	_ *auth.Session, repoID int64, _ enum.Permission) (*types.Repository, error) {
	if repoID < 1 {
		return nil, usererror.BadRequest("A valid repository reference must be provided.")
	}

	repo, err := c.repoStore.Find(ctx, repoID)
	if err != nil {
		return nil, fmt.Errorf("failed to find repo with id %d: %w", repoID, err)
	}

	// TODO: execute permission check. block anything but Harness service?

	return repo, nil
}

// GetBaseSHAForScanningChanges returns the commit sha to which the new sha of the reference
// should be compared against when scanning incoming changes.
// NOTE: If no such a sha exists, then (sha.None, false, nil) is returned.
// This will happen in case the default branch doesn't exist yet.
func GetBaseSHAForScanningChanges(
	ctx context.Context,
	rgit RestrictedGIT,
	repo *types.Repository,
	env hook.Environment,
	refUpdates []hook.ReferenceUpdate,
	findBaseFor hook.ReferenceUpdate,
) (sha.SHA, bool, error) {
	// always return old SHA of ref if possible (even if ref was deleted, that's on the caller)
	if !findBaseFor.Old.IsNil() {
		return findBaseFor.Old, true, nil
	}

	// reference is just being created.
	// For now we use default branch as a fallback (can be optimized to most recent commit on reference that exists)
	dfltBranchFullRef := api.BranchPrefix + repo.DefaultBranch
	for _, refUpdate := range refUpdates {
		if refUpdate.Ref != dfltBranchFullRef {
			continue
		}

		// default branch is being updated as part of push - make sure we use OLD default branch sha for comparison
		if !refUpdate.Old.IsNil() {
			return refUpdate.Old, true, nil
		}

		// default branch is being created - no fallback available
		return sha.None, false, nil
	}

	// read default branch from git
	dfltBranchOut, err := rgit.GetBranch(ctx, &git.GetBranchParams{
		ReadParams: git.ReadParams{
			RepoUID:             repo.GitUID,
			AlternateObjectDirs: env.AlternateObjectDirs,
		},
		BranchName: repo.DefaultBranch,
	})
	if errors.IsNotFound(err) {
		// this happens for empty repo's where the default branch wasn't created yet.
		return sha.None, false, nil
	}
	if err != nil {
		return sha.None, false, fmt.Errorf("failed to get default branch from git: %w", err)
	}

	return dfltBranchOut.Branch.SHA, true, nil
}

func isForcePush(
	ctx context.Context,
	rgit RestrictedGIT,
	gitUID string,
	alternateObjectDirs []string,
	branchUpdate hook.ReferenceUpdate,
) (bool, error) {
	if branchUpdate.Old.IsNil() || branchUpdate.New.IsNil() {
		return false, nil
	}

	result, err := rgit.IsAncestor(ctx, git.IsAncestorParams{
		ReadParams: git.ReadParams{
			RepoUID:             gitUID,
			AlternateObjectDirs: alternateObjectDirs,
		},
		AncestorCommitSHA:   branchUpdate.Old,
		DescendantCommitSHA: branchUpdate.New,
	})
	if err != nil {
		return false, err
	}

	return !result.Ancestor, nil
}