re-use gated logic

model/repo.go

@@ -26,7 +26,6 @@ type Repo struct {
 	IsTrusted   bool   `json:"trusted"                  meddler:"repo_trusted"`
 	IsStarred   bool   `json:"starred,omitempty"        meddler:"-"`
 	IsGated     bool   `json:"gated"                    meddler:"repo_gated"`
-	IsGatedConf bool   `json:"gated_conf"               meddler:"repo_gated_conf"`
 	AllowPull   bool   `json:"allow_pr"                 meddler:"repo_allow_pr"`
 	AllowPush   bool   `json:"allow_push"               meddler:"repo_allow_push"`
 	AllowDeploy bool   `json:"allow_deploys"            meddler:"repo_allow_deploys"`

model/sender.go

@@ -1,7 +1,7 @@
 package model
 
 type SenderService interface {
-	SenderAllowed(*User, *Repo, *Build) (bool, error)
+	SenderAllowed(*User, *Repo, *Build, *Config) (bool, error)
 	SenderCreate(*Repo, *Sender) error
 	SenderUpdate(*Repo, *Sender) error
 	SenderDelete(*Repo, string) error

plugins/sender/builtin.go

@@ -13,8 +13,8 @@ func New(store model.SenderStore) model.SenderService {
 	return &builtin{store}
 }
 
-func (b *builtin) SenderAllowed(user *model.User, repo *model.Repo, build *model.Build) (bool, error) {
-	if repo.IsPrivate == false && build.Event == model.EventPull && build.Sender != user.Login {
+func (b *builtin) SenderAllowed(user *model.User, repo *model.Repo, build *model.Build, conf *model.Config) (bool, error) {
+	if !conf.Approved {
 		sender, err := b.store.SenderFind(repo, build.Sender)
 		if err != nil || sender.Block {
 			return false, nil

plugins/sender/plugin.go

@@ -16,7 +16,7 @@ func NewRemote(endpoint string) model.SenderService {
 	return &plugin{endpoint}
 }
 
-func (p *plugin) SenderAllowed(user *model.User, repo *model.Repo, build *model.Build) (bool, error) {
+func (p *plugin) SenderAllowed(user *model.User, repo *model.Repo, build *model.Build, conf *model.Config) (bool, error) {
 	path := fmt.Sprintf("%s/senders/%s/%s/%s/verify", p.endpoint, repo.Owner, repo.Name, build.Sender)
 	err := internal.Send("POST", path, build, nil)
 	if err != nil {

server/hook.go

@@ -147,7 +147,7 @@ func PostHook(c *gin.Context) {
 			Hash:     sha,
 			Approved: false,
 		}
-		if user.Login == repo.Owner || build.Event != model.EventPull {
+		if user.Login == repo.Owner || build.Event != model.EventPull || repo.IsGated == false {
 			conf.Approved = true
 		}
 		err = Config.Storage.Config.ConfigInsert(conf)
@@ -158,7 +158,7 @@ func PostHook(c *gin.Context) {
 		}
 	}
 	if !conf.Approved {
-		if user.Login == repo.Owner || build.Event != model.EventPull || !repo.IsGatedConf {
+		if user.Login == repo.Owner || build.Event != model.EventPull || repo.IsGated == false {
 			conf.Approved = true
 			Config.Storage.Config.ConfigUpdate(conf)
 		}
@@ -195,8 +195,8 @@ func PostHook(c *gin.Context) {
 	build.Verified = true
 	build.Status = model.StatusPending
 
-	if repo.IsGated || repo.IsGatedConf {
-		allowed, _ := Config.Services.Senders.SenderAllowed(user, repo, build)
+	if repo.IsGated {
+		allowed, _ := Config.Services.Senders.SenderAllowed(user, repo, build, conf)
 		if !allowed {
 			build.Status = model.StatusBlocked
 		}

store/datastore/ddl/mysql/16.sql

@@ -13,9 +13,6 @@ CREATE TABLE config (
 ALTER TABLE builds ADD COLUMN build_config_id INTEGER;
 UPDATE builds set build_config_id = 0;
 
-ALTER TABLE repos ADD COLUMN repo_gated_conf BOOLEAN;
-UPDATE repos SET repo_gated_conf = 0;
-
 -- +migrate Down
 
 DROP TABLE config;

store/datastore/ddl/postgres/16.sql

@@ -13,9 +13,6 @@ CREATE TABLE config (
 ALTER TABLE builds ADD COLUMN build_config_id INTEGER;
 UPDATE builds set build_config_id = 0;
 
-ALTER TABLE repos ADD COLUMN repo_gated_conf BOOLEAN;
-UPDATE repos SET repo_gated_conf = 0;
-
 -- +migrate Down
 
 DROP TABLE config;

store/datastore/ddl/sqlite3/16.sql

@@ -13,9 +13,6 @@ CREATE TABLE config (
 ALTER TABLE builds ADD COLUMN build_config_id INTEGER;
 UPDATE builds set build_config_id = 0;
 
-ALTER TABLE repos ADD COLUMN repo_gated_conf BOOLEAN;
-UPDATE repos SET repo_gated_conf = 0;
-
 -- +migrate Down
 
 DROP TABLE config;