1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-30 01:10:58 +01:00

Disable CSRF checks on Git push when updating repository.

Summary: This disables CSRF checking around the `$repository->writeStatusMessage` so that pushing changes over HTTP to Git repositories doesn't fail miserably.

Test Plan: Applied this fix and I could `git push` to hosted repositories again.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4052

Differential Revision: https://secure.phabricator.com/D7490
This commit is contained in:
James Rhodes 2013-11-04 07:33:29 -08:00 committed by epriestley
parent 0ceb53bfae
commit 3e2efaf00e

View file

@ -180,7 +180,7 @@ abstract class DiffusionController extends PhabricatorController {
switch ($repository->getVersionControlSystem()) {
case PhabricatorRepositoryType::REPOSITORY_TYPE_GIT:
$result = $this->serveGitRequest($repository);
$result = $this->serveGitRequest($repository, $viewer);
break;
default:
$result = new PhabricatorVCSResponse(
@ -192,9 +192,11 @@ abstract class DiffusionController extends PhabricatorController {
$code = $result->getHTTPResponseCode();
if ($is_push && ($code == 200)) {
$unguarded = AphrontWriteGuard::beginScopedUnguardedWrites();
$repository->writeStatusMessage(
PhabricatorRepositoryStatusMessage::TYPE_NEEDS_UPDATE,
PhabricatorRepositoryStatusMessage::CODE_OKAY);
unset($unguarded);
}
return $result;
@ -454,7 +456,9 @@ abstract class DiffusionController extends PhabricatorController {
/**
* @phutil-external-symbol class PhabricatorStartup
*/
private function serveGitRequest(PhabricatorRepository $repository) {
private function serveGitRequest(
PhabricatorRepository $repository,
PhabricatorUser $viewer) {
$request = $this->getRequest();
$request_path = $this->getRequestDirectoryPath();
@ -492,8 +496,9 @@ abstract class DiffusionController extends PhabricatorController {
'GIT_HTTP_EXPORT_ALL' => '1',
'PATH_INFO' => $request_path,
'REMOTE_USER' => $viewer->getUsername(),
// TODO: Set these correctly.
'REMOTE_USER' => '',
// GIT_COMMITTER_NAME
// GIT_COMMITTER_EMAIL
);