diff --git a/modules/git/diff.go b/modules/git/diff.go index 10ef3d83fb..d9f3f6dda9 100644 --- a/modules/git/diff.go +++ b/modules/git/diff.go @@ -272,6 +272,17 @@ func CutDiffAroundLine(originalDiff io.Reader, line int64, old bool, numbersOfLi // GetAffectedFiles returns the affected files between two commits func GetAffectedFiles(repo *Repository, oldCommitID, newCommitID string, env []string) ([]string, error) { + objectFormat, err := repo.GetObjectFormat() + if err != nil { + return nil, err + } + + // If the oldCommitID is empty, then we must assume its a new branch, so diff + // against the empty tree. So all changes of this new branch are included. + if oldCommitID == objectFormat.EmptyObjectID().String() { + oldCommitID = objectFormat.EmptyTree().String() + } + stdoutReader, stdoutWriter, err := os.Pipe() if err != nil { log.Error("Unable to create os.Pipe for %s", repo.Path) diff --git a/modules/testlogger/testlogger.go b/modules/testlogger/testlogger.go index 95cbb86591..7897cc6b07 100644 --- a/modules/testlogger/testlogger.go +++ b/modules/testlogger/testlogger.go @@ -131,6 +131,8 @@ var ignoredErrorMessage = []string{ `:SSHLog() [E] ssh: Not allowed to push to protected branch protected. HookPreReceive(last) failed: internal API error response, status=403`, // TestGit/HTTP/BranchProtectMerge `:SSHLog() [E] ssh: branch protected is protected from force push. HookPreReceive(last) failed: internal API error response, status=403`, + // TestGit/HTTP/BranchProtect + `:SSHLog() [E] ssh: branch before-create-2 is protected from changing file protected-file-data-`, // TestGit/HTTP/MergeFork/CreatePRAndMerge `:DeleteBranchPost() [E] DeleteBranch: GetBranch: branch does not exist [repo_id: 1099 name: user2:master]`, // sqlite "s/web/repo/branch.go:108:DeleteBranchPost() [E] DeleteBranch: GetBranch: branch does not exist [repo_id: 10000 name: user2:master]", // mysql diff --git a/tests/integration/git_test.go b/tests/integration/git_test.go index 2c46fdde68..5e03d2887d 100644 --- a/tests/integration/git_test.go +++ b/tests/integration/git_test.go @@ -369,6 +369,28 @@ func doBranchProtect(baseCtx *APITestContext, dstPath string) func(t *testing.T) ctx := NewAPITestContext(t, baseCtx.Username, baseCtx.Reponame, auth_model.AccessTokenScopeWriteRepository) + t.Run("PushToNewProtectedBranch", func(t *testing.T) { + t.Run("CreateBranchProtected", doGitCreateBranch(dstPath, "before-create-1")) + t.Run("ProtectProtectedBranch", doProtectBranch(ctx, "before-create-1", parameterProtectBranch{ + "enable_push": "all", + "apply_to_admins": "on", + })) + t.Run("PushProtectedBranch", doGitPushTestRepository(dstPath, "origin", "before-create-1")) + + t.Run("GenerateCommit", func(t *testing.T) { + _, err := generateCommitWithNewData(littleSize, dstPath, "user2@example.com", "User Two", "protected-file-data-") + require.NoError(t, err) + }) + + t.Run("ProtectProtectedBranch", doProtectBranch(ctx, "before-create-2", parameterProtectBranch{ + "enable_push": "all", + "protected_file_patterns": "protected-file-data-*", + "apply_to_admins": "on", + })) + + doGitPushTestRepositoryFail(dstPath, "origin", "HEAD:before-create-2")(t) + }) + t.Run("FailToPushToProtectedBranch", func(t *testing.T) { t.Run("ProtectProtectedBranch", doProtectBranch(ctx, "protected")) t.Run("Create modified-protected-branch", doGitCheckoutBranch(dstPath, "-b", "modified-protected-branch", "protected"))