From 8f3a6ed9f30e0c5186fa0be6cf70c911ae5b72d0 Mon Sep 17 00:00:00 2001 From: NGPixel Date: Sat, 29 Apr 2017 11:53:44 -0400 Subject: [PATCH] feat: Use current user as commit author --- server/helpers/security.js | 10 +++++++++- server/libs/git.js | 5 ++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/server/helpers/security.js b/server/helpers/security.js index bb73d2d8..c82b30ed 100644 --- a/server/helpers/security.js +++ b/server/helpers/security.js @@ -1,7 +1,15 @@ 'use strict' +/* global appdata, appconfig */ + +const _ = require('lodash') + module.exports = { sanitizeCommitUser (user) { - + let wlist = new RegExp('(?!([^a-zA-Z0-9-_.\',& ]|' + appdata.regex.cjk.source + '))', 'g') + return { + name: _.chain(user.name).replace(wlist, '').trim().value(), + email: appconfig.git.showUserEmail ? user.email : appconfig.git.serverEmail + } } } diff --git a/server/libs/git.js b/server/libs/git.js index 72223855..66809bcf 100644 --- a/server/libs/git.js +++ b/server/libs/git.js @@ -7,6 +7,8 @@ const fs = Promise.promisifyAll(require('fs')) const _ = require('lodash') const URL = require('url') +const securityHelper = require('../helpers/security') + /** * Git Model */ @@ -207,7 +209,8 @@ module.exports = { commitMsg = (isTracked) ? 'Updated ' + gitFilePath : 'Added ' + gitFilePath return self._git.add(gitFilePath) }).then(() => { - return self._git.exec('commit', ['-m', commitMsg, '--author="' + author.name + ' <' + author.email + '>"']).catch((err) => { + let commitUsr = securityHelper.sanitizeCommitUser(author) + return self._git.exec('commit', ['-m', commitMsg, '--author="' + commitUsr.name + ' <' + commitUsr.email + '>"']).catch((err) => { if (_.includes(err.stdout, 'nothing to commit')) { return true } }) })