Google Git
Sign in
go/All-Projects/7160903102780cca9090ec74a71897f7ab13bb16^!/.
commit
7160903102780cca9090ec74a71897f7ab13bb16
[log] [tgz]
author
Russ Cox <rsc@golang.org>
Mon Sep 14 12:16:29 2020 -0400
committer
Russ Cox <rsc@golang.org>
Mon Sep 14 16:42:37 2020 +0000
tree
bbee5a5a50efbcc783a83c808df5d1f0ee7aa950
parent
953674879be875835100baf030266954e944d5db [diff]
rules.pl: add Trust+2 check and disallow self-code-review

For golang/go#40699.

Change-Id: I681f08cb84aa9bf4b227188594ea02c2727b3697
Reviewed-on: https://go-review.googlesource.com/c/All-Projects/+/254799
Reviewed-by: Andrew Bonventre <andybons@google.com>

diff --git a/rules.pl b/rules.pl
index 88efe81..4247e63 100644
--- a/rules.pl
+++ b/rules.pl

@@ -1,22 +1,93 @@
-% We don't send email if the commit message says DO NOT REVIEW, so don't allow submit either.
-% Case insensitive because the mail filter rules are.
+% submit_rule in the actual project (go, scratch, etc.)
+% generates a list of labels and whether they are ok, needed, or can be ignored.
+% Most repos don't define a specific submit_rule; the server uses gerrit:default_submit.
+%
+% submit_filter, defined below, is applied to the output of submit_rule to adjust it.
+% The adjustments are:
+%
+%  * do_not_review_filter: add a “rejected by Do-Not-Review label”
+%    if the commit message says DO NOT REVIEW.
+%
+%  * do_not_submit_filter: add a “rejected by Do-Not-Submit label”
+%    if the commit message says DO NOT SUBMIT.
+%
+%  * trust_filter: make sure that two different people have set
+%    either Code-Review+2 or Trust+1 on the commit.
+%
+%  * self_review_filter: make sure that Code-Review+2
+%    is from someone other than the author of the commit.
+%
+% Note that if you make any mistake in this file that causes
+% a Prolog execution exception or makes submit_filter not succeed,
+% the usual signal you get in Gerrit is that labels disappear from the UI for all CLs.
+% Sometimes you get an internal error popup instead (syntax errors do this, for example).
+
 submit_filter(In, Out) :-
-	In =.. [submit | I],
+	Gobot = user(5976),
+	In =.. [submit | A],
+	do_not_review_filter(Gobot, A, B),
+	do_not_submit_filter(Gobot, B, C),
+	trust_filter(Gobot, C, D),
+	self_review_filter(Gobot, D, E),
+	Out =.. [submit | E].
+
+% We don't send email if the commit message says DO NOT REVIEW,
+% so don't allow submit either.
+% Case insensitive because the mail filter rules are.
+do_not_review_filter(Gobot, In, Out) :-
 	gerrit:commit_message_matches('[Dd][Oo][ \t\r\n]+[Nn][Oo][Tt][ \t\r\n]+[Rr][Ee][Vv][Ii][Ee][Ww]'),
 	!,
 	gerrit:commit_author(Id),
 	Error = label('Do-Not-Review', reject(Id)),
-	Out =.. [submit, Error | I].
+	Out = [Error | In].
+
+do_not_review_filter(Gobot, In, Out) :-
+	Out = In.
 
 % Don't allow submit of DO NOT SUBMIT commit message either.
 % Case insensitive because DO NOT REVIEW is.
-submit_filter(In, Out) :-
-	In =.. [submit | I],
+do_not_submit_filter(Gobot, In, Out) :-
 	gerrit:commit_message_matches('[Dd][Oo][ \t\r\n]+[Nn][Oo][Tt][ \t\r\n]+[Ss][Uu][Bb][Mm][Ii][Tt]'),
 	!,
 	gerrit:commit_author(Id),
 	Error = label('Do-Not-Submit', reject(Id)),
-	Out =.. [submit, Error | I].
+	Out = [Error | In].
 
-% Otherwise, pass submit rule through.
-submit_filter(In, Out) :- In = Out.
+do_not_submit_filter(Gobot, In, Out) :-
+	Out = In.
+
+% Check for two trusted author/reviewers, unless Self-Review-OK label set by project.
+trust_filter(Gobot, In, Out) :- has_label('Self-Review-OK', In), !, Out = In.
+trust_filter(Gobot, In, Out) :- trust2, !, Out = [label('Trust-2', ok(Gobot)) | In].
+trust_filter(Gobot, In, Out) :- Out = [label('Trust-2', reject(Gobot)) | In].
+
+trust2 :- trust(U1), trust(U2), U1 \= U2.
+
+trust(U) :- gerrit:commit_label(label('Code-Review', 2), U).
+trust(U) :- gerrit:commit_label(label('Trust', 1), U).
+
+% Reject self-code-review, unless Self-Review-OK label set by project.
+%
+% NOTE: Projects (= repos) that allow self-code-review and that do not require Trust+2
+% (for example, the blog and proposal projects), can use this in rules.pl to set Self-Review-OK:
+%
+%	submit_rule(S) :-
+%		Gobot = user(5976),
+%		gerrit:default_submit(R),
+%		R =.. [submit | A],
+%		self_review_ok(Gobot, A, B),
+%		S =.. [submit | B].
+%
+%	self_review_ok(Gobot, In, Out) :- Out = [label('Self-Review-OK', ok(Gobot)) | In].
+%
+self_review_filter(Gobot, In, Out) :- has_label('Self-Review-OK', In), !, Out = In.
+self_review_filter(Gobot, In, Out) :- self_review, !, Out = [label('Self-Review', reject(Gobot)) | In].
+self_review_filter(Gobot, In, Out) :- Out = In.
+
+self_review :-
+	gerrit:change_owner(Owner),
+	gerrit:commit_label(label('Code-Review', 2), Owner).
+
+% has_label checks whether the list contains the label L.
+has_label(L, [label(L, _) | T]).
+has_label(L, [_ | T]) :- has_label(L, T).