diff options
| author | Runxi Yu <me@runxiyu.org> | 2025-02-19 21:24:47 +0800 |
|---|---|---|
| committer | Runxi Yu <me@runxiyu.org> | 2025-02-19 21:24:47 +0800 |
| commit | 114dd59d703d00efe86ad02eb956aa5343daa08e (patch) | |
| tree | 937eb5579864e6da5a4210fdcf943a7fb15acf07 | |
| parent | ssh/recv, hooks: Create MRs on push, reject pushes to others' MRs (diff) | |
| download | forge-114dd59d703d00efe86ad02eb956aa5343daa08e.tar.gz forge-114dd59d703d00efe86ad02eb956aa5343daa08e.tar.zst forge-114dd59d703d00efe86ad02eb956aa5343daa08e.zip | |
all: Use COALESCE to handle some nullable database fields
| -rw-r--r-- | git_hooks_handle.go | 7 | ||||
| -rw-r--r-- | http_auth.go | 2 | ||||
| -rw-r--r-- | http_handle_login.go | 7 | ||||
| -rw-r--r-- | http_handle_repo_contrib_index.go | 2 | ||||
| -rw-r--r-- | http_handle_repo_contrib_one.go | 2 |
5 files changed, 15 insertions, 5 deletions
diff --git a/git_hooks_handle.go b/git_hooks_handle.go index 9dc3ed6..24f8077 100644 --- a/git_hooks_handle.go +++ b/git_hooks_handle.go @@ -139,7 +139,7 @@ func hooks_handle_connection(conn net.Conn) { } else { // Existing contrib branch var existing_merge_request_user_id int err = database.QueryRow(ctx, - "SELECT creator FROM merge_requests WHERE source_ref = $1 AND repo_id = $2", + "SELECT COALESCE(creator, 0) FROM merge_requests WHERE source_ref = $1 AND repo_id = $2", strings.TrimPrefix(ref_name, "refs/heads/contrib/"), pack_to_hook.repo_id, ).Scan(&existing_merge_request_user_id) if err != nil { @@ -150,6 +150,11 @@ func hooks_handle_connection(conn net.Conn) { } return 1 } + if existing_merge_request_user_id == 0 { + all_ok = false + fmt.Fprintln(ssh_stderr, "Rejecting push to merge request with no owner", ref_name) + continue + } if existing_merge_request_user_id != pack_to_hook.user_id { all_ok = false diff --git a/http_auth.go b/http_auth.go index 370e38b..eb6e604 100644 --- a/http_auth.go +++ b/http_auth.go @@ -10,7 +10,7 @@ func get_user_info_from_request(r *http.Request) (id int, username string, err e return } - err = database.QueryRow(r.Context(), "SELECT user_id, username FROM users u JOIN sessions s ON u.id = s.user_id WHERE s.session_id = $1;", session_cookie.Value).Scan(&id, &username) + err = database.QueryRow(r.Context(), "SELECT user_id, COALESCE(username, '') FROM users u JOIN sessions s ON u.id = s.user_id WHERE s.session_id = $1;", session_cookie.Value).Scan(&id, &username) return } diff --git a/http_handle_login.go b/http_handle_login.go index f45db80..5aed680 100644 --- a/http_handle_login.go +++ b/http_handle_login.go @@ -23,7 +23,7 @@ func handle_login(w http.ResponseWriter, r *http.Request, params map[string]any) password := r.PostFormValue("password") var password_hash string - err := database.QueryRow(r.Context(), "SELECT id, password FROM users WHERE username = $1", username).Scan(&user_id, &password_hash) + err := database.QueryRow(r.Context(), "SELECT id, COALESCE(password, '') FROM users WHERE username = $1", username).Scan(&user_id, &password_hash) if err != nil { if errors.Is(err, pgx.ErrNoRows) { params["login_error"] = "Unknown username" @@ -33,6 +33,11 @@ func handle_login(w http.ResponseWriter, r *http.Request, params map[string]any) http.Error(w, "Error querying user information: "+err.Error(), http.StatusInternalServerError) return } + if password_hash == "" { + params["login_error"] = "User has no password" + render_template(w, "login", params) + return + } match, err := argon2id.ComparePasswordAndHash(password, password_hash) if err != nil { diff --git a/http_handle_repo_contrib_index.go b/http_handle_repo_contrib_index.go index 94a24b8..e864dfa 100644 --- a/http_handle_repo_contrib_index.go +++ b/http_handle_repo_contrib_index.go @@ -11,7 +11,7 @@ type id_title_status_t struct { } func handle_repo_contrib_index(w http.ResponseWriter, r *http.Request, params map[string]any) { - rows, err := database.Query(r.Context(), "SELECT id, title, status FROM merge_requests WHERE repo_id = $1", params["repo_id"]) + rows, err := database.Query(r.Context(), "SELECT id, COALESCE(title, 'Untitled'), status FROM merge_requests WHERE repo_id = $1", params["repo_id"]) if err != nil { http.Error(w, "Error querying merge requests: "+err.Error(), http.StatusInternalServerError) return diff --git a/http_handle_repo_contrib_one.go b/http_handle_repo_contrib_one.go index 6841f2b..0691050 100644 --- a/http_handle_repo_contrib_one.go +++ b/http_handle_repo_contrib_one.go @@ -16,7 +16,7 @@ func handle_repo_contrib_one(w http.ResponseWriter, r *http.Request, params map[ } var title, status, source_ref, destination_branch string - err = database.QueryRow(r.Context(), "SELECT title, status, source_ref, destination_branch FROM merge_requests WHERE id = $1", mr_id).Scan(&title, &status, &source_ref, &destination_branch) + err = database.QueryRow(r.Context(), "SELECT COALESCE(title, ''), status, source_ref, COALESCE(destination_branch, '') FROM merge_requests WHERE id = $1", mr_id).Scan(&title, &status, &source_ref, &destination_branch) if err != nil { http.Error(w, "Error querying merge request: "+err.Error(), http.StatusInternalServerError) return |