diff options
| author | Frank West <frank.west.iii@gmail.com> | 2016-08-08 06:29:23 +0300 |
|---|---|---|
| committer | Frank West <frank.west.iii@gmail.com> | 2016-08-15 05:34:55 +0300 |
| commit | ade0c2c8922c0838ba85cf69419cbb109453d6b2 (patch) | |
| tree | 34631dfd4d42827c94cb7b4883b2f0127d63964e /app/services/files | |
| parent | 30f5b9a5b711b46f1065baf755e413ceced5646b (diff) | |
Prevents accidental overwrites of commits from UI
Currently when a user performs an update of a file through the UI and there
has already been a change committed to the file the previous commits will be
overwritten without a check to see if the file has been changed.
This commit uses the last commit sha at the time the user starts editing the
file and compares it with the current sha of the file being edited to ensure
they are the same before committing the file. If the shas do not match we
throw an exception preventing the commit from the commit from occurring.
Fixes #5857
Diffstat (limited to 'app/services/files')
| -rw-r--r-- | app/services/files/base_service.rb | 1 | ||||
| -rw-r--r-- | app/services/files/update_service.rb | 23 |
2 files changed, 24 insertions, 0 deletions
diff --git a/app/services/files/base_service.rb b/app/services/files/base_service.rb index c4a206f785e..ea94818713b 100644 --- a/app/services/files/base_service.rb +++ b/app/services/files/base_service.rb @@ -15,6 +15,7 @@ module Files else params[:file_content] end + @last_commit_sha = params[:last_commit_sha] # Validate parameters validate diff --git a/app/services/files/update_service.rb b/app/services/files/update_service.rb index 8d2b5083179..4fc3b640799 100644 --- a/app/services/files/update_service.rb +++ b/app/services/files/update_service.rb @@ -2,11 +2,34 @@ require_relative "base_service" module Files class UpdateService < Files::BaseService + class FileChangedError < StandardError; end + def commit repository.update_file(current_user, @file_path, @file_content, branch: @target_branch, previous_path: @previous_path, message: @commit_message) end + + private + + def validate + super + + if file_has_changed? + raise FileChangedError.new("You are attempting to update a file that has changed since you started editing it.") + end + end + + def file_has_changed? + return false unless @last_commit_sha && last_commit + + @last_commit_sha != last_commit.sha + end + + def last_commit + @last_commit ||= Gitlab::Git::Commit. + last_for_path(@source_project.repository, @source_branch, @file_path) + end end end |