diff options
author | Bobby Earl <bobby.earl@blackbaud.com> | 2016-03-08 17:28:30 +0300 |
---|---|---|
committer | Chris Rebert <code@chrisrebert.com> | 2016-03-14 11:13:44 +0300 |
commit | 3abf20e4d268697c0790c78b9d3b155ddc5aa077 (patch) | |
tree | 0e655b3ff2863b233f47437cf32912fa3347cf4f | |
parent | 69a0c532a44b748ddf9aea34b19d98ed6feb275c (diff) |
Allowing trusted org user to bypass file whitelist check; fixes #30
Closes #31
-rw-r--r-- | SECURITY.md | 4 | ||||
-rw-r--r-- | src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/SECURITY.md b/SECURITY.md index aac11dd..4f05753 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -26,7 +26,9 @@ We thank you again for helping ensure the security of Savage by responsibly repo [GitHub] <<<(Request details about the PR using the PR's HEAD commit's SHA)<<< [Savage] [GitHub] >>>(Response with details about the PR)>>> [Savage] * Savage checks list of files modified by the PR against the whitelist - * If any files are outside of the whitelist, stop further processing. + * If any files are outside of the whitelist, stop further processing, + unless the user submitting the PR is trusted (by virtue of being a public member of a GitHub organization + in the list defined by the `savage.trusted-orgs` setting) [GitHub] <<<(Request for Git data for the PR's HEAD commit via its SHA)<<< [Savage] [GitHub] >>>(Response with Git data for the PR's HEAD commit)>>> [Savage] diff --git a/src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala b/src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala index 904e7a2..aa207b9 100644 --- a/src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala +++ b/src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala @@ -85,6 +85,7 @@ class PullRequestEventHandler( implicit val prNum = pr.number val bsBase = pr.getBase val prHead = pr.getHead + val prUser = pr.getUser.username val destinationRepo = bsBase.getRepo.repositoryId destinationRepo match { case None => log.error(s"Received event from GitHub about irrelevant repository with unsafe name") @@ -106,7 +107,7 @@ class PullRequestEventHandler( } case Success(affectedFiles) => { log.debug("Files affected by {}: {}", prNum, affectedFiles) - if (areSafe(affectedFiles)) { + if (isTrusted(prUser) || areSafe(affectedFiles)) { if (areInteresting(affectedFiles)) { logPrInfo(s"Requesting build for safe & interesting PR") pusher ! PullRequestPushRequest( |