Jonathan Miller
3396440926
Add organization-scoped branch protection rules that cascade to all
repos within the org. Repo-level rules take precedence; org rules
serve as the fallback when no repo rule matches a branch.
- New table: org_protected_branch (migration v332)
- OrgProtectedBranch model with full CRUD operations
- API endpoints: GET/POST/PATCH/DELETE /api/v1/orgs/{org}/branch_protections
- Inheritance via GetFirstMatchProtectedBranchRule() fallback
- InheritedFrom field added to BranchProtection API response
- Org rules use team-based whitelists (no per-user IDs at org level)
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
96 lines
5.7 KiB
Go
96 lines
5.7 KiB
Go
// Copyright 2026 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package structs
|
|
|
|
import "time"
|
|
|
|
// OrgBranchProtection represents an org-level branch protection ruleset
|
|
type OrgBranchProtection struct {
|
|
ID int64 `json:"id"`
|
|
OrgID int64 `json:"org_id"`
|
|
RuleName string `json:"rule_name"`
|
|
Priority int64 `json:"priority"`
|
|
EnablePush bool `json:"enable_push"`
|
|
EnablePushWhitelist bool `json:"enable_push_whitelist"`
|
|
PushWhitelistTeams []string `json:"push_whitelist_teams"`
|
|
EnableForcePush bool `json:"enable_force_push"`
|
|
EnableForcePushAllowlist bool `json:"enable_force_push_allowlist"`
|
|
ForcePushAllowlistTeams []string `json:"force_push_allowlist_teams"`
|
|
EnableMergeWhitelist bool `json:"enable_merge_whitelist"`
|
|
MergeWhitelistTeams []string `json:"merge_whitelist_teams"`
|
|
EnableStatusCheck bool `json:"enable_status_check"`
|
|
StatusCheckContexts []string `json:"status_check_contexts"`
|
|
RequiredApprovals int64 `json:"required_approvals"`
|
|
EnableApprovalsWhitelist bool `json:"enable_approvals_whitelist"`
|
|
ApprovalsWhitelistTeams []string `json:"approvals_whitelist_teams"`
|
|
BlockOnRejectedReviews bool `json:"block_on_rejected_reviews"`
|
|
BlockOnOfficialReviewRequests bool `json:"block_on_official_review_requests"`
|
|
BlockOnOutdatedBranch bool `json:"block_on_outdated_branch"`
|
|
DismissStaleApprovals bool `json:"dismiss_stale_approvals"`
|
|
IgnoreStaleApprovals bool `json:"ignore_stale_approvals"`
|
|
RequireSignedCommits bool `json:"require_signed_commits"`
|
|
ProtectedFilePatterns string `json:"protected_file_patterns"`
|
|
UnprotectedFilePatterns string `json:"unprotected_file_patterns"`
|
|
BlockAdminMergeOverride bool `json:"block_admin_merge_override"`
|
|
// swagger:strfmt date-time
|
|
Created time.Time `json:"created_at"`
|
|
// swagger:strfmt date-time
|
|
Updated time.Time `json:"updated_at"`
|
|
}
|
|
|
|
// CreateOrgBranchProtectionOption options for creating an org-level branch protection
|
|
type CreateOrgBranchProtectionOption struct {
|
|
RuleName string `json:"rule_name" binding:"Required"`
|
|
Priority int64 `json:"priority"`
|
|
EnablePush bool `json:"enable_push"`
|
|
EnablePushWhitelist bool `json:"enable_push_whitelist"`
|
|
PushWhitelistTeams []string `json:"push_whitelist_teams"`
|
|
EnableForcePush bool `json:"enable_force_push"`
|
|
EnableForcePushAllowlist bool `json:"enable_force_push_allowlist"`
|
|
ForcePushAllowlistTeams []string `json:"force_push_allowlist_teams"`
|
|
EnableMergeWhitelist bool `json:"enable_merge_whitelist"`
|
|
MergeWhitelistTeams []string `json:"merge_whitelist_teams"`
|
|
EnableStatusCheck bool `json:"enable_status_check"`
|
|
StatusCheckContexts []string `json:"status_check_contexts"`
|
|
RequiredApprovals int64 `json:"required_approvals"`
|
|
EnableApprovalsWhitelist bool `json:"enable_approvals_whitelist"`
|
|
ApprovalsWhitelistTeams []string `json:"approvals_whitelist_teams"`
|
|
BlockOnRejectedReviews bool `json:"block_on_rejected_reviews"`
|
|
BlockOnOfficialReviewRequests bool `json:"block_on_official_review_requests"`
|
|
BlockOnOutdatedBranch bool `json:"block_on_outdated_branch"`
|
|
DismissStaleApprovals bool `json:"dismiss_stale_approvals"`
|
|
IgnoreStaleApprovals bool `json:"ignore_stale_approvals"`
|
|
RequireSignedCommits bool `json:"require_signed_commits"`
|
|
ProtectedFilePatterns string `json:"protected_file_patterns"`
|
|
UnprotectedFilePatterns string `json:"unprotected_file_patterns"`
|
|
BlockAdminMergeOverride bool `json:"block_admin_merge_override"`
|
|
}
|
|
|
|
// EditOrgBranchProtectionOption options for editing an org-level branch protection
|
|
type EditOrgBranchProtectionOption struct {
|
|
Priority *int64 `json:"priority"`
|
|
EnablePush *bool `json:"enable_push"`
|
|
EnablePushWhitelist *bool `json:"enable_push_whitelist"`
|
|
PushWhitelistTeams []string `json:"push_whitelist_teams"`
|
|
EnableForcePush *bool `json:"enable_force_push"`
|
|
EnableForcePushAllowlist *bool `json:"enable_force_push_allowlist"`
|
|
ForcePushAllowlistTeams []string `json:"force_push_allowlist_teams"`
|
|
EnableMergeWhitelist *bool `json:"enable_merge_whitelist"`
|
|
MergeWhitelistTeams []string `json:"merge_whitelist_teams"`
|
|
EnableStatusCheck *bool `json:"enable_status_check"`
|
|
StatusCheckContexts []string `json:"status_check_contexts"`
|
|
RequiredApprovals *int64 `json:"required_approvals"`
|
|
EnableApprovalsWhitelist *bool `json:"enable_approvals_whitelist"`
|
|
ApprovalsWhitelistTeams []string `json:"approvals_whitelist_teams"`
|
|
BlockOnRejectedReviews *bool `json:"block_on_rejected_reviews"`
|
|
BlockOnOfficialReviewRequests *bool `json:"block_on_official_review_requests"`
|
|
BlockOnOutdatedBranch *bool `json:"block_on_outdated_branch"`
|
|
DismissStaleApprovals *bool `json:"dismiss_stale_approvals"`
|
|
IgnoreStaleApprovals *bool `json:"ignore_stale_approvals"`
|
|
RequireSignedCommits *bool `json:"require_signed_commits"`
|
|
ProtectedFilePatterns *string `json:"protected_file_patterns"`
|
|
UnprotectedFilePatterns *string `json:"unprotected_file_patterns"`
|
|
BlockAdminMergeOverride *bool `json:"block_admin_merge_override"`
|
|
}
|