From 7ee7e72b099a12b8fa970817767ac06fda319339 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Thu, 6 Jun 2019 10:06:24 +0200
Subject: [PATCH] Fix behaviour of triggering multibuild containers

It is okay to trigger rebuild of a multibuild container when access to
main container got approved

Also specify explicit behaviour on service and release actions
---
 src/api/app/controllers/trigger_controller.rb | 37 +++++++++++--------
 1 file changed, 21 insertions(+), 16 deletions(-)

diff --git a/src/api/app/controllers/trigger_controller.rb b/src/api/app/controllers/trigger_controller.rb
index 13eabd8eb2d..3806dabb51b 100644
--- a/src/api/app/controllers/trigger_controller.rb
+++ b/src/api/app/controllers/trigger_controller.rb
@@ -19,13 +19,6 @@ class TriggerController < ApplicationController
 
   include Trigger::Errors
 
-  def check_rebuild_permission!
-    return if User.session.can_modify_project?(@prj)
-    return if @pkg.project == @prj && policy(@pkg).update?
-
-    raise NoPermissionForPackage.setup('no_permission', 403, "no permission for package #{@pkg} in project #{@prj}")
-  end
-
   def rebuild
     check_rebuild_permission!
     Backend::Api::Sources::Package.rebuild(@prj.name, @pkg_name)
@@ -46,16 +39,20 @@ def runservice
     raise NoPermissionForPackage.setup('no_permission', 403, "no permission for package #{@pkg} in project #{@pkg.project}") unless policy(@pkg).update?
 
     # execute the service in backend
-    path = @pkg.source_path
-    params = { cmd: 'runservice', comment: 'runservice via trigger', user: User.session!.login }
-    path << build_query_from_hash(params, [:cmd, :comment, :user])
-    pass_to_backend(path)
+    pass_to_backend(prepare_path_for_runservice)
 
     @pkg.sources_changed
   end
 
   private
 
+  def check_rebuild_permission!
+    return if User.session.can_modify_project?(@prj)
+    return if @pkg.project == @prj && policy(@pkg).update?
+
+    raise NoPermissionForPackage.setup('no_permission', 403, "no permission for package #{@pkg} in project #{@prj}")
+  end
+
   def matched_repo?(repo)
     repo.release_targets.where(trigger: 'manual').any? do |releasetarget|
       release_target_repository_project = releasetarget.target_repository.project
@@ -71,6 +68,12 @@ def matched_repo?(repo)
     end
   end
 
+  def prepare_path_for_runservice
+    path = @pkg.source_path
+    params = { cmd: 'runservice', comment: 'runservice via trigger', user: User.session!.login }
+    URI(path + build_query_from_hash(params, [:cmd, :comment, :user])).to_s
+  end
+
   def require_project_param
     render_error(message: 'Token must define the release package', status: 403, errorcode: 'no_permission') if params[:project].present?
   end
@@ -99,13 +102,15 @@ def require_valid_token
     else
       @prj = Project.get_by_name(params[:project])
       @pkg_name = params[:package] # for multibuild container
-      if @token.class == Token::Rebuild
-        opts = { use_source: false,
+      opts = if @token.class == Token::Rebuild
+               { use_source: false,
                  follow_project_links: true,
+                 follow_multibuild: true }
+             else
+               { use_source: true,
+                 follow_project_links: false,
                  follow_multibuild: false }
-      else
-        opts = { use_source: true }
-      end
+             end
       @pkg = Package.get_by_project_and_name(params[:project].to_s, params[:package].to_s, opts)
     end
   end