gogs
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎README_ZH.md
Lines changed: 1 addition & 1 deletion b/‎README_ZH.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎cmd/hook.go
Lines changed: 47 additions & 1 deletion b/‎cmd/hook.go
Lines changed: 47 additions & 1 deletion
diff --git a/‎cmd/serv.go
Lines changed: 9 additions & 2 deletions b/‎cmd/serv.go
Lines changed: 9 additions & 2 deletions
diff --git a/‎cmd/web.go
Lines changed: 20 additions & 9 deletions b/‎cmd/web.go
Lines changed: 20 additions & 9 deletions
diff --git a/‎conf/locale/locale_en-US.ini
Lines changed: 16 additions & 0 deletions b/‎conf/locale/locale_en-US.ini
Lines changed: 16 additions & 0 deletions
diff --git a/‎gogs.go
Lines changed: 1 addition & 1 deletion b/‎gogs.go
Lines changed: 1 addition & 1 deletion
diff --git a/‎models/action.go
Lines changed: 1 addition & 0 deletions b/‎models/action.go
Lines changed: 1 addition & 0 deletions
diff --git a/‎models/models.go
Lines changed: 2 additions & 2 deletions b/‎models/models.go
Lines changed: 2 additions & 2 deletions
diff --git a/‎models/repo.go
Lines changed: 4 additions & 0 deletions b/‎models/repo.go
Lines changed: 4 additions & 0 deletions
@@ -1,4 +1,4 @@
-Gogs [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs) [![Build status](https://ci.appveyor.com/api/projects/status/b9uu5ejl933e2wlt/branch/master?svg=true)](https://ci.appveyor.com/project/Unknwon/gogs/branch/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/gogs/localized.svg)](https://crowdin.com/project/gogs) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gogits/gogs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+Gogs [![Build Status](https://travis-ci.org/gogits/gogs.svg?branch=master)](https://travis-ci.org/gogits/gogs) [![Build status](https://ci.appveyor.com/api/projects/status/b9uu5ejl933e2wlt/branch/master?svg=true)](https://ci.appveyor.com/project/Unknwon/gogs/branch/master) [![Crowdin](https://d322cqt584bo4o.cloudfront.net/gogs/localized.svg)](https://crowdin.com/project/gogs) [![Sourcegraph](https://sourcegraph.com/github.com/gogits/gogs/-/badge.svg)](https://sourcegraph.com/github.com/gogits/gogs?badge) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/gogits/gogs?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 =====================
 
 ![](https://github.com/gogits/gogs/blob/master/public/img/gogs-large-resize.png?raw=true)
@@ -43,7 +43,7 @@ The goal of this project is to make the easiest, fastest, and most painless way
 - Add/Remove repository collaborators
 - Repository/Organization webhooks (including Slack)
 - Repository Git hooks/deploy keys
-- Repository issues, pull requests and wiki
+- Repository issues, pull requests, wiki and protected branches
 - Migrate and mirror repository and its wiki
 - Web editor for repository files and wiki
 - Jupyter Notebook
 
@@ -24,7 +24,7 @@ Gogs 的目标是打造一个最简单、最快速和最轻松的方式搭建自
 - 支持添加和删除仓库协作者
 - 支持仓库和组织级别 Web 钩子（包括 Slack 集成）
 - 支持仓库 Git 钩子和部署密钥
-- 支持仓库工单（Issue）、合并请求（Pull Request）以及 Wiki
+- 支持仓库工单（Issue）、合并请求（Pull Request）、Wiki 和保护分支
 - 支持迁移和镜像仓库以及它的 Wiki
 - 支持在线编辑仓库文件和 Wiki
 - 支持自定义源的 Gravatar 和 Federated Avatar
 
@@ -8,6 +8,7 @@ import (
 	"bufio"
 	"bytes"
 	"crypto/tls"
+	"fmt"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -64,13 +65,58 @@ func runHookPreReceive(c *cli.Context) error {
 	if len(os.Getenv("SSH_ORIGINAL_COMMAND")) == 0 {
 		return nil
 	}
-	setup(c, "hooks/pre-receive.log", false)
+	setup(c, "hooks/pre-receive.log", true)
+
+	isWiki := strings.Contains(os.Getenv(http.ENV_REPO_CUSTOM_HOOKS_PATH), ".wiki.git/")
 
 	buf := bytes.NewBuffer(nil)
 	scanner := bufio.NewScanner(os.Stdin)
 	for scanner.Scan() {
 		buf.Write(scanner.Bytes())
 		buf.WriteByte('\n')
+
+		if isWiki {
+			continue
+		}
+
+		fields := bytes.Fields(scanner.Bytes())
+		if len(fields) != 3 {
+			continue
+		}
+		oldCommitID := string(fields[0])
+		newCommitID := string(fields[1])
+		branchName := strings.TrimPrefix(string(fields[2]), git.BRANCH_PREFIX)
+
+		// Branch protection
+		repoID := com.StrTo(os.Getenv(http.ENV_REPO_ID)).MustInt64()
+		protectBranch, err := models.GetProtectBranchOfRepoByName(repoID, branchName)
+		if err != nil {
+			if models.IsErrBranchNotExist(err) {
+				continue
+			}
+			fail("Internal error", "GetProtectBranchOfRepoByName [repo_id: %d, branch: %s]: %v", repoID, branchName, err)
+		}
+		if !protectBranch.Protected {
+			continue
+		}
+
+		// Check if branch allows direct push
+		if protectBranch.RequirePullRequest {
+			fail(fmt.Sprintf("Branch '%s' is protected and commits must be merged through pull request", branchName), "")
+		}
+
+		// check and deletion
+		if newCommitID == git.EMPTY_SHA {
+			fail(fmt.Sprintf("Branch '%s' is protected from deletion", branchName), "")
+		}
+
+		// Check force push
+		output, err := git.NewCommand("rev-list", oldCommitID, "^"+newCommitID).Run()
+		if err != nil {
+			fail("Internal error", "Fail to detect force push: %v", err)
+		} else if len(output) > 0 {
+			fail(fmt.Sprintf("Branch '%s' is protected from force push", branchName), "")
+		}
 	}
 
 	customHooksPath := filepath.Join(os.Getenv(http.ENV_REPO_CUSTOM_HOOKS_PATH), "pre-receive")
 
@@ -175,7 +175,7 @@ func runServ(c *cli.Context) error {
 
 	// Prohibit push to mirror repositories.
 	if requestMode > models.ACCESS_MODE_READ && repo.IsMirror {
-		fail("mirror repository is read-only", "")
+		fail("Mirror repository is read-only", "")
 	}
 
 	// Allow anonymous (user is nil) clone for public repositories.
@@ -251,7 +251,14 @@ func runServ(c *cli.Context) error {
 		gitCmd = exec.Command(verb, repoFullName)
 	}
 	if requestMode == models.ACCESS_MODE_WRITE {
-		gitCmd.Env = append(os.Environ(), http.ComposeHookEnvs(repo.RepoPath(), owner.Name, owner.Salt, repo.Name, user)...)
+		gitCmd.Env = append(os.Environ(), http.ComposeHookEnvs(http.ComposeHookEnvsOptions{
+			AuthUser:  user,
+			OwnerName: owner.Name,
+			OwnerSalt: owner.Salt,
+			RepoID:    repo.ID,
+			RepoName:  repo.Name,
+			RepoPath:  repo.RepoPath(),
+		})...)
 	}
 	gitCmd.Dir = setting.RepoRootPath
 	gitCmd.Stdout = os.Stdout
 
@@ -435,10 +435,21 @@ func runWeb(ctx *cli.Context) error {
 			m.Combo("").Get(repo.Settings).
 				Post(bindIgnErr(auth.RepoSettingForm{}), repo.SettingsPost)
 			m.Group("/collaboration", func() {
-				m.Combo("").Get(repo.Collaboration).Post(repo.CollaborationPost)
+				m.Combo("").Get(repo.SettingsCollaboration).Post(repo.SettingsCollaborationPost)
 				m.Post("/access_mode", repo.ChangeCollaborationAccessMode)
 				m.Post("/delete", repo.DeleteCollaboration)
 			})
+			m.Group("/branches", func() {
+				m.Get("", repo.SettingsBranches)
+				m.Post("/default_branch", repo.UpdateDefaultBranch)
+				m.Combo("/*").Get(repo.SettingsProtectedBranch).
+					Post(bindIgnErr(auth.ProtectBranchForm{}), repo.SettingsProtectedBranchPost)
+			}, func(ctx *context.Context) {
+				if ctx.Repo.Repository.IsMirror {
+					ctx.NotFound()
+					return
+				}
+			})
 
 			m.Group("/hooks", func() {
 				m.Get("", repo.Webhooks)
@@ -452,15 +463,15 @@ func runWeb(ctx *cli.Context) error {
 				m.Post("/slack/:id", bindIgnErr(auth.NewSlackHookForm{}), repo.SlackHooksEditPost)
 
 				m.Group("/git", func() {
-					m.Get("", repo.GitHooks)
-					m.Combo("/:name").Get(repo.GitHooksEdit).
-						Post(repo.GitHooksEditPost)
+					m.Get("", repo.SettingsGitHooks)
+					m.Combo("/:name").Get(repo.SettingsGitHooksEdit).
+						Post(repo.SettingsGitHooksEditPost)
 				}, context.GitHookService())
 			})
 
 			m.Group("/keys", func() {
-				m.Combo("").Get(repo.DeployKeys).
-					Post(bindIgnErr(auth.AddSSHKeyForm{}), repo.DeployKeysPost)
+				m.Combo("").Get(repo.SettingsDeployKeys).
+					Post(bindIgnErr(auth.AddSSHKeyForm{}), repo.SettingsDeployKeysPost)
 				m.Post("/delete", repo.DeleteDeployKey)
 			})
 
@@ -555,13 +566,13 @@ func runWeb(ctx *cli.Context) error {
 				m.Post("/upload-remove", bindIgnErr(auth.RemoveUploadFileForm{}), repo.RemoveUploadFileFromServer)
 			}, func(ctx *context.Context) {
 				if !setting.Repository.Upload.Enabled {
-					ctx.Handle(404, "", nil)
+					ctx.NotFound()
 					return
 				}
 			})
 		}, reqRepoWriter, context.RepoRef(), func(ctx *context.Context) {
-			if !ctx.Repo.Repository.CanEnableEditor() || ctx.Repo.IsViewCommit {
-				ctx.Handle(404, "", nil)
+			if !ctx.Repo.CanEnableEditor() {
+				ctx.NotFound()
 				return
 			}
 		})
 
@@ -639,6 +639,22 @@ settings.collaboration.admin = Admin
 settings.collaboration.write = Write
 settings.collaboration.read = Read
 settings.collaboration.undefined = Undefined
+settings.branches = Branches
+settings.default_branch = Default Branch
+settings.default_branch_desc = The default branch is considered the "base" branch for code commits, pull requests and online editing.
+settings.update = Update
+settings.update_default_branch_success = Default branch of this repository has been updated successfully!
+settings.protected_branches = Protected Branches
+settings.protected_branches_desc = Protect branches from force pushing, accidental deletion and whitelist code committers.
+settings.choose_a_branch = Choose a branch...
+settings.branch_protection = Branch Protection
+settings.branch_protection_desc = Please choose protect options for branch <b>%s</b>.
+settings.protect_this_branch = Protect this branch
+settings.protect_this_branch_desc = Disable force pushes and prevent from deletion.
+settings.protect_require_pull_request = Require pull request instead direct pushing
+settings.protect_require_pull_request_desc = Enable this option to disable direct pushing to this branch. Commits have to be pushed to another non-protected branch and merged to this branch through pull request.
+settings.protect_whitelist_committers = Whitelist who can push to this branch
+settings.protect_whitelist_committers_desc = Add people or teams to whitelist of direct push to this branch.
 settings.hooks = Webhooks
 settings.githooks = Git Hooks
 settings.basic_settings = Basic Settings
 
@@ -16,7 +16,7 @@ import (
 	"github.com/gogits/gogs/modules/setting"
 )
 
-const APP_VER = "0.9.153.0217"
+const APP_VER = "0.9.154.0217"
 
 func init() {
 	setting.AppVer = APP_VER
 
@@ -460,6 +460,7 @@ func CommitRepoAction(opts CommitRepoActionOptions) error {
 		opType = ACTION_PUSH_TAG
 		opts.Commits = &PushCommits{}
 	} else {
+		// TODO: detect branch deletion
 		// if not the first commit, set the compare URL.
 		if opts.OldCommitID == git.EMPTY_SHA {
 			isNewBranch = true
 
@@ -65,8 +65,8 @@ func init() {
 		new(Watch), new(Star), new(Follow), new(Action),
 		new(Issue), new(PullRequest), new(Comment), new(Attachment), new(IssueUser),
 		new(Label), new(IssueLabel), new(Milestone),
-		new(Mirror), new(Release), new(LoginSource), new(Webhook),
-		new(HookTask),
+		new(Mirror), new(Release), new(LoginSource), new(Webhook), new(HookTask),
+		new(ProtectBranch),
 		new(Team), new(OrgUser), new(TeamUser), new(TeamRepo),
 		new(Notice), new(EmailAddress))
 
 
@@ -441,6 +441,10 @@ func (repo *Repository) AllowsPulls() bool {
 	return repo.CanEnablePulls() && repo.EnablePulls
 }
 
+func (repo *Repository) IsBranchRequirePullRequest(name string) bool {
+	return IsBranchOfRepoRequirePullRequest(repo.ID, name)
+}
+
 // CanEnableEditor returns true if repository meets the requirements of web editor.
 func (repo *Repository) CanEnableEditor() bool {
 	return !repo.IsMirror
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ import (`
`16`	`16`	`"github.com/gogits/gogs/modules/setting"`
`17`	`17`	`)`
`18`	`18`
`19`		`-const APP_VER = "0.9.153.0217"`
	`19`	`+const APP_VER = "0.9.154.0217"`
`20`	`20`
`21`	`21`	`func init() {`
`22`	`22`	`setting.AppVer = APP_VER`