Add submit hook
The submit hook is invoked synchronously when a change is submitted. If
it returns a non-zero exit status, a MergeValidationException is thrown
and the submit is prevented.
This adds back the ability to block submit by a hook. Previously this
was possible with the ref-update hook until its purpose was changed and
only invoked on ref updates such as branch creation, deletion, or fast-
forward by direct push.
Change-Id: Ie4efb90df645ecac01638b23305dc2ffb547192e
diff --git a/src/main/java/com/googlesource/gerrit/plugins/hooks/Module.java b/src/main/java/com/googlesource/gerrit/plugins/hooks/Module.java
index 4b9ecdd..bb2ee4c 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/hooks/Module.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/hooks/Module.java
@@ -30,6 +30,7 @@
import com.google.gerrit.extensions.events.TopicEditedListener;
import com.google.gerrit.extensions.registration.DynamicSet;
import com.google.gerrit.server.git.validators.CommitValidationListener;
+import com.google.gerrit.server.git.validators.MergeValidationListener;
import com.google.gerrit.server.git.validators.RefOperationValidationListener;
import com.google.inject.AbstractModule;
import com.google.inject.Scopes;
@@ -52,6 +53,7 @@
DynamicSet.bind(binder(), DraftPublishedListener.class).to(DraftPublished.class);
DynamicSet.bind(binder(), GitReferenceUpdatedListener.class).to(GitReferenceUpdated.class);
DynamicSet.bind(binder(), HashtagsEditedListener.class).to(HashtagsEdited.class);
+ DynamicSet.bind(binder(), MergeValidationListener.class).to(Submit.class);
DynamicSet.bind(binder(), NewProjectCreatedListener.class).to(NewProjectCreated.class);
DynamicSet.bind(binder(), RefOperationValidationListener.class).to(RefUpdate.class);
DynamicSet.bind(binder(), ReviewerAddedListener.class).to(ReviewerAdded.class);
diff --git a/src/main/java/com/googlesource/gerrit/plugins/hooks/Submit.java b/src/main/java/com/googlesource/gerrit/plugins/hooks/Submit.java
new file mode 100644
index 0000000..59cfc43
--- /dev/null
+++ b/src/main/java/com/googlesource/gerrit/plugins/hooks/Submit.java
@@ -0,0 +1,63 @@
+// Copyright (C) 2018 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.googlesource.gerrit.plugins.hooks;
+
+import com.google.gerrit.reviewdb.client.Branch;
+import com.google.gerrit.reviewdb.client.PatchSet;
+import com.google.gerrit.server.IdentifiedUser;
+import com.google.gerrit.server.git.CodeReviewCommit;
+import com.google.gerrit.server.git.validators.MergeValidationException;
+import com.google.gerrit.server.git.validators.MergeValidationListener;
+import com.google.gerrit.server.project.ProjectState;
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+import org.eclipse.jgit.lib.Repository;
+
+@Singleton
+public class Submit implements MergeValidationListener {
+ private final SynchronousHook hook;
+ private final HookFactory hookFactory;
+
+ @Inject
+ Submit(HookFactory hookFactory) {
+ this.hook = hookFactory.createSync("submitHook", "submit");
+ this.hookFactory = hookFactory;
+ }
+
+ @Override
+ public void onPreMerge(
+ Repository repo,
+ CodeReviewCommit commit,
+ ProjectState destProject,
+ Branch.NameKey destBranch,
+ PatchSet.Id patchSetId,
+ IdentifiedUser caller)
+ throws MergeValidationException {
+ String projectName = destProject.getProject().getName();
+
+ HookArgs args = hookFactory.createArgs();
+ args.add("--project", projectName);
+ args.add("--branch", destBranch.get());
+ args.add("--submitter", caller.getNameEmail());
+ args.add("--submitter-username", caller.getUserName());
+ args.add("--patchset", patchSetId.get());
+ args.add("--commit", commit.getId().name());
+
+ HookResult result = hook.run(projectName, args);
+ if (result != null && result.getExitValue() != 0) {
+ throw new MergeValidationException(result.toString());
+ }
+ }
+}
diff --git a/src/main/resources/Documentation/config.md b/src/main/resources/Documentation/config.md
index e3aa1b9..7a1cbd2 100644
--- a/src/main/resources/Documentation/config.md
+++ b/src/main/resources/Documentation/config.md
@@ -78,6 +78,9 @@
hooks.reviewerDeletedHook
: Filename for the reviewer update hook. If not set, defaults to `reviewer-deleted`.
+hooks.submitHook
+: Filename for the submit hook. If not set, defaults to `submit`.
+
hooks.topicChangedHook
: Filename for the topic changed hook. If not set, defaults to `topic-changed`.
diff --git a/src/main/resources/Documentation/hooks.md b/src/main/resources/Documentation/hooks.md
index 2c00a95..4fd192d 100644
--- a/src/main/resources/Documentation/hooks.md
+++ b/src/main/resources/Documentation/hooks.md
@@ -34,6 +34,18 @@
commit-received --project <project name> --refname <refname> --uploader <uploader> --oldrev <sha1> --newrev <sha1> --cmdref <refname>
```
+### submit
+
+This is called when a user attempts to submit a change. It allows the submit to
+be rejected.
+
+If the hook exits with non-zero return code the submit will be rejected and the
+ouput from the hook will be returned to the user.
+
+```
+ submit --project <project name> --branch <branch> --submitter <submitter> --patchset <patchset id> --commit <sha1>
+```
+
## Asynchronous Hooks
These hooks are invoked asynchronously on a background thread.
