Check if project state permits write before evaluating Git commands

All of the supported Git commands required the project to be writable. We have seen HTTP 500s at Google because not all code paths would check if the project state permits writes. This commit moves the check in ReceiveCommits to a more central to mitigate the problem. Change-Id: Icdea3349583f676580991cd688ae7e9d95564a21
2018-02-13 13:55:21 +01:00
parent a3d0ed721a
commit 2f08b4113b
1 changed files with 5 additions and 14 deletions
--- a/java/com/google/gerrit/server/git/receive/ReceiveCommits.java
+++ b/java/com/google/gerrit/server/git/receive/ReceiveCommits.java
@@ -838,6 +838,11 @@ class ReceiveCommits {
        continue;
      }

+      if (!projectState.getProject().getState().permitsWrite()) {
+        reject(cmd, "prohibited by Gerrit: project state does not permit write");
+        return;
+      }
+
      if (MagicBranch.isMagicBranch(cmd.getRefName())) {
        parseMagicBranch(cmd);
        continue;
@@ -1070,9 +1075,6 @@ class ReceiveCommits {
    } catch (AuthException err) {
      ok = false;
    }
-    if (!projectState.statePermitsWrite()) {
-      reject(cmd, "prohibited by Gerrit: project state does not permit write");
-    }
    if (ok) {
      if (isHead(cmd) && !isCommit(cmd)) {
        return;
@@ -1169,9 +1171,6 @@ class ReceiveCommits {
      if (!validRefOperation(cmd)) {
        return;
      }
-      if (!projectState.statePermitsWrite()) {
-        cmd.setResult(REJECTED_NONFASTFORWARD, " project state does not permit write.");
-      }
      actualCommands.add(cmd);
    } else {
      cmd.setResult(
@@ -1519,10 +1518,6 @@ class ReceiveCommits {

    magicBranch.dest = new Branch.NameKey(project.getNameKey(), ref);
    magicBranch.perm = permissions.ref(ref);
-    if (!projectState.getProject().getState().permitsWrite()) {
-      reject(cmd, "project state does not permit write");
-      return;
-    }

    try {
      magicBranch.perm.check(RefPermission.CREATE_CHANGE);
@@ -1570,10 +1565,6 @@ class ReceiveCommits {
        reject(cmd, e.getMessage());
        return;
      }
-      if (!projectState.statePermitsWrite()) {
-        reject(cmd, "project state does not permit write");
-        return;
-      }
    }

    RevWalk walk = rp.getRevWalk();