Add submit hook The submit hook is invoked synchronously when a change is submitted. If it returns a non-zero exit status, a MergeValidationException is thrown and the submit is prevented. This adds back the ability to block submit by a hook. Previously this was possible with the ref-update hook until its purpose was changed and only invoked on ref updates such as branch creation, deletion, or fast- forward by direct push. Change-Id: Ie4efb90df645ecac01638b23305dc2ffb547192e
diff --git a/src/main/java/com/googlesource/gerrit/plugins/hooks/Module.java b/src/main/java/com/googlesource/gerrit/plugins/hooks/Module.java index 4b9ecdd..bb2ee4c 100644 --- a/src/main/java/com/googlesource/gerrit/plugins/hooks/Module.java +++ b/src/main/java/com/googlesource/gerrit/plugins/hooks/Module.java
@@ -30,6 +30,7 @@ import com.google.gerrit.extensions.events.TopicEditedListener; import com.google.gerrit.extensions.registration.DynamicSet; import com.google.gerrit.server.git.validators.CommitValidationListener; +import com.google.gerrit.server.git.validators.MergeValidationListener; import com.google.gerrit.server.git.validators.RefOperationValidationListener; import com.google.inject.AbstractModule; import com.google.inject.Scopes; @@ -52,6 +53,7 @@ DynamicSet.bind(binder(), DraftPublishedListener.class).to(DraftPublished.class); DynamicSet.bind(binder(), GitReferenceUpdatedListener.class).to(GitReferenceUpdated.class); DynamicSet.bind(binder(), HashtagsEditedListener.class).to(HashtagsEdited.class); + DynamicSet.bind(binder(), MergeValidationListener.class).to(Submit.class); DynamicSet.bind(binder(), NewProjectCreatedListener.class).to(NewProjectCreated.class); DynamicSet.bind(binder(), RefOperationValidationListener.class).to(RefUpdate.class); DynamicSet.bind(binder(), ReviewerAddedListener.class).to(ReviewerAdded.class);
diff --git a/src/main/java/com/googlesource/gerrit/plugins/hooks/Submit.java b/src/main/java/com/googlesource/gerrit/plugins/hooks/Submit.java new file mode 100644 index 0000000..59cfc43 --- /dev/null +++ b/src/main/java/com/googlesource/gerrit/plugins/hooks/Submit.java
@@ -0,0 +1,63 @@ +// Copyright (C) 2018 The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package com.googlesource.gerrit.plugins.hooks; + +import com.google.gerrit.reviewdb.client.Branch; +import com.google.gerrit.reviewdb.client.PatchSet; +import com.google.gerrit.server.IdentifiedUser; +import com.google.gerrit.server.git.CodeReviewCommit; +import com.google.gerrit.server.git.validators.MergeValidationException; +import com.google.gerrit.server.git.validators.MergeValidationListener; +import com.google.gerrit.server.project.ProjectState; +import com.google.inject.Inject; +import com.google.inject.Singleton; +import org.eclipse.jgit.lib.Repository; + +@Singleton +public class Submit implements MergeValidationListener { + private final SynchronousHook hook; + private final HookFactory hookFactory; + + @Inject + Submit(HookFactory hookFactory) { + this.hook = hookFactory.createSync("submitHook", "submit"); + this.hookFactory = hookFactory; + } + + @Override + public void onPreMerge( + Repository repo, + CodeReviewCommit commit, + ProjectState destProject, + Branch.NameKey destBranch, + PatchSet.Id patchSetId, + IdentifiedUser caller) + throws MergeValidationException { + String projectName = destProject.getProject().getName(); + + HookArgs args = hookFactory.createArgs(); + args.add("--project", projectName); + args.add("--branch", destBranch.get()); + args.add("--submitter", caller.getNameEmail()); + args.add("--submitter-username", caller.getUserName()); + args.add("--patchset", patchSetId.get()); + args.add("--commit", commit.getId().name()); + + HookResult result = hook.run(projectName, args); + if (result != null && result.getExitValue() != 0) { + throw new MergeValidationException(result.toString()); + } + } +}
diff --git a/src/main/resources/Documentation/config.md b/src/main/resources/Documentation/config.md index e3aa1b9..7a1cbd2 100644 --- a/src/main/resources/Documentation/config.md +++ b/src/main/resources/Documentation/config.md
@@ -78,6 +78,9 @@ hooks.reviewerDeletedHook : Filename for the reviewer update hook. If not set, defaults to `reviewer-deleted`. +hooks.submitHook +: Filename for the submit hook. If not set, defaults to `submit`. + hooks.topicChangedHook : Filename for the topic changed hook. If not set, defaults to `topic-changed`.
diff --git a/src/main/resources/Documentation/hooks.md b/src/main/resources/Documentation/hooks.md index 2c00a95..4fd192d 100644 --- a/src/main/resources/Documentation/hooks.md +++ b/src/main/resources/Documentation/hooks.md
@@ -34,6 +34,18 @@ commit-received --project <project name> --refname <refname> --uploader <uploader> --oldrev <sha1> --newrev <sha1> --cmdref <refname> ``` +### submit + +This is called when a user attempts to submit a change. It allows the submit to +be rejected. + +If the hook exits with non-zero return code the submit will be rejected and the +ouput from the hook will be returned to the user. + +``` + submit --project <project name> --branch <branch> --submitter <submitter> --patchset <patchset id> --commit <sha1> +``` + ## Asynchronous Hooks These hooks are invoked asynchronously on a background thread.