ghwikipp: When trusted users push without a PR, determine the hash while locked.

SDLPushPostBot · June 15, 2022, 3:28am

From d7c70c2f212ac34f8f6c34f34aea76a217fb507e Mon Sep 17 00:00:00 2001
From: "Ryan C. Gordon" <[EMAIL REDACTED]>
Date: Tue, 14 Jun 2022 23:22:42 -0400
Subject: [PATCH] When trusted users push without a PR, determine the hash
 while locked.

Otherwise, our query of HEAD's hash might get the wrong commit if something
else grabs the lock and makes changes.
---
 index.php | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/index.php b/index.php
index f628307..0c50b48 100644
--- a/index.php
+++ b/index.php
@@ -762,6 +762,7 @@ function make_new_page_version($page, $ext, $newtext, $comment)
         }
     }
 
+    $hash = '';
     $cmd = '';
     $trusted_author = $_SESSION['is_trusted'] || $_SESSION['is_admin'];   // trusted/admin authors push right to main. Untrusted authors generate pull requests.
     $escmain = $github_repo_main_branch;
@@ -774,6 +775,11 @@ function make_new_page_version($page, $ext, $newtext, $comment)
     unset($output);
     $failed = (exec($cmd, $output, $result) === false) || ($result != 0);
     unlink($git_commit_message_file);
+
+    if (!$failed && $trusted_author) {
+        $hash = `cd $escrawdata ; git show-ref -s HEAD`;
+    }
+
     exec("cd $escrawdata && git checkout $escmain && ( git reset --hard HEAD ; git clean -df )");   // just in case.
 
     $cooked = '';
@@ -795,7 +801,6 @@ function make_new_page_version($page, $ext, $newtext, $comment)
     }
 
     if ($trusted_author) {
-        $hash = `cd $escrawdata ; git show-ref -s HEAD`;
         print_template('pushed_to_main', [ 'hash' => $hash, 'commiturl' => "$github_url/commit/$hash", 'cooked' => $cooked ]);
     } else {  // generate a pull request so we can review before applying.
         $user = $_SESSION['github_user'];
@@ -861,6 +866,7 @@ function delete_page($page, $comment)
         fail400("No such page to delete.");
     }
 
+    $hash = '';
     $cmd = '';
 
     $trusted_author = $_SESSION['is_trusted'] || $_SESSION['is_admin'];   // trusted/admin authors push right to main. Untrusted authors generate pull requests.
@@ -874,6 +880,11 @@ function delete_page($page, $comment)
     unset($output);
     $failed = (exec($cmd, $output, $result) === false) || ($result != 0);
     unlink($git_commit_message_file);
+
+    if (!$failed && $trusted_author) {
+        $hash = `cd $escrawdata ; git show-ref -s HEAD`;
+    }
+
     exec("cd $escrawdata && git checkout $escmain && ( git reset --hard HEAD ; git clean -df )");   // just in case.
 
     release_git_repo_lock();
@@ -890,7 +901,6 @@ function delete_page($page, $comment)
     $cooked = '[page deleted]';
 
     if ($trusted_author) {
-        $hash = `cd $escrawdata ; git show-ref -s HEAD`;
         print_template('pushed_to_main', [ 'hash' => $hash, 'commiturl' => "$github_url/commit/$hash", 'cooked' => $cooked ]);
     } else {  // generate a pull request so we can review before applying.
         $user = $_SESSION['github_user'];