From 0487e39f8285b07c2cbc947a6f7552e8fc966fbe Mon Sep 17 00:00:00 2001 From: Jason Song Date: Sat, 8 Apr 2023 05:43:12 +0800 Subject: [PATCH] Treat PRs with agit flow as fork PRs when triggering actions. (#23884) (#23967) Backport #23884. There is no fork concept in agit flow, anyone with read permission can push `refs/for//` to the repo. So we should treat it as a fork pull request because it may be from an untrusted user. --- services/actions/notifier_helper.go | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/services/actions/notifier_helper.go b/services/actions/notifier_helper.go index f4f6a3aa5..e9e8d5f4e 100644 --- a/services/actions/notifier_helper.go +++ b/services/actions/notifier_helper.go @@ -152,6 +152,21 @@ func notify(ctx context.Context, input *notifyInput) error { return fmt.Errorf("json.Marshal: %w", err) } + isForkPullRequest := false + if pr := input.PullRequest; pr != nil { + switch pr.Flow { + case issues_model.PullRequestFlowGithub: + isForkPullRequest = pr.IsFromFork() + case issues_model.PullRequestFlowAGit: + // There is no fork concept in agit flow, anyone with read permission can push refs/for// to the repo. + // So we can treat it as a fork pull request because it may be from an untrusted user + isForkPullRequest = true + default: + // unknown flow, assume it's a fork pull request to be safe + isForkPullRequest = true + } + } + for id, content := range workflows { run := actions_model.ActionRun{ Title: strings.SplitN(commit.CommitMessage, "\n", 2)[0], @@ -161,7 +176,7 @@ func notify(ctx context.Context, input *notifyInput) error { TriggerUserID: input.Doer.ID, Ref: ref, CommitSHA: commit.ID.String(), - IsForkPullRequest: input.PullRequest != nil && input.PullRequest.IsFromFork(), + IsForkPullRequest: isForkPullRequest, Event: input.Event, EventPayload: string(p), Status: actions_model.StatusWaiting,