From 3abf20e4d268697c0790c78b9d3b155ddc5aa077 Mon Sep 17 00:00:00 2001
From: Bobby Earl <bobby.earl@blackbaud.com>
Date: Tue, 8 Mar 2016 09:28:30 -0500
Subject: Allowing trusted org user to bypass file whitelist check; fixes #30

Closes #31
---
 SECURITY.md                                                           | 4 +++-
 .../com/getbootstrap/savage/server/PullRequestEventHandler.scala      | 3 ++-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/SECURITY.md b/SECURITY.md
index aac11dd..4f05753 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -26,7 +26,9 @@ We thank you again for helping ensure the security of Savage by responsibly repo
 [GitHub]  <<<(Request details about the PR using the PR's HEAD commit's SHA)<<<  [Savage]
 [GitHub]  >>>(Response with details about the PR)>>>  [Savage]
 * Savage checks list of files modified by the PR against the whitelist
-  * If any files are outside of the whitelist, stop further processing.
+  * If any files are outside of the whitelist, stop further processing,
+      unless the user submitting the PR is trusted (by virtue of being a public member of a GitHub organization
+      in the list defined by the `savage.trusted-orgs` setting)
 
 [GitHub]  <<<(Request for Git data for the PR's HEAD commit via its SHA)<<<  [Savage]
 [GitHub]  >>>(Response with Git data for the PR's HEAD commit)>>>  [Savage]
diff --git a/src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala b/src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala
index 904e7a2..aa207b9 100644
--- a/src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala
+++ b/src/main/scala/com/getbootstrap/savage/server/PullRequestEventHandler.scala
@@ -85,6 +85,7 @@ class PullRequestEventHandler(
       implicit val prNum = pr.number
       val bsBase = pr.getBase
       val prHead = pr.getHead
+      val prUser = pr.getUser.username
       val destinationRepo = bsBase.getRepo.repositoryId
       destinationRepo match {
         case None => log.error(s"Received event from GitHub about irrelevant repository with unsafe name")
@@ -106,7 +107,7 @@ class PullRequestEventHandler(
                       }
                       case Success(affectedFiles) => {
                         log.debug("Files affected by {}: {}", prNum, affectedFiles)
-                        if (areSafe(affectedFiles)) {
+                        if (isTrusted(prUser) || areSafe(affectedFiles)) {
                           if (areInteresting(affectedFiles)) {
                             logPrInfo(s"Requesting build for safe & interesting PR")
                             pusher ! PullRequestPushRequest(
-- 
cgit v1.2.3