From 4c8525211f1eb9f0317b9c60ef500d7a9c622354 Mon Sep 17 00:00:00 2001
From: Santos Gallegos <santos_g@outlook.com>
Date: Wed, 23 May 2018 18:50:17 -0500
Subject: [PATCH 1/2] Fix 5xx status in old webhooks

---
 readthedocs/core/views/hooks.py               | 16 ++++++--
 .../rtd_tests/tests/test_post_commit_hooks.py | 37 +++++++++++++++++++
 2 files changed, 49 insertions(+), 4 deletions(-)

diff --git a/readthedocs/core/views/hooks.py b/readthedocs/core/views/hooks.py
index 9a306aaea73..0eba40f1814 100644
--- a/readthedocs/core/views/hooks.py
+++ b/readthedocs/core/views/hooks.py
@@ -90,10 +90,14 @@ def build_branches(project, branch_list):
 
 
 def get_project_from_url(url):
-    projects = (
-        Project.objects.filter(repo__iendswith=url) |
-        Project.objects.filter(repo__iendswith=url + '.git'))
-    return projects
+    if not url:
+        return Project.objects.none()
+    else:
+        projects = (
+            Project.objects.filter(repo__iendswith=url) |
+            Project.objects.filter(repo__iendswith=url + '.git')
+        )
+        return projects
 
 
 def log_info(project, msg):
@@ -278,6 +282,8 @@ def bitbucket_build(request):
                 branches = [commit.get('branch', '')
                             for commit in data['commits']]
                 repository = data['repository']
+                if not repository['absolute_url']:
+                    return HttpResponse('Invalid request', status=400)
                 search_url = 'bitbucket.org{0}'.format(
                     repository['absolute_url'].rstrip('/')
                 )
@@ -285,6 +291,8 @@ def bitbucket_build(request):
                 changes = data['push']['changes']
                 branches = [change['new']['name']
                             for change in changes]
+                if not data['repository']['full_name']:
+                    return HttpResponse('Invalid request', status=400)
                 search_url = 'bitbucket.org/{0}'.format(
                     data['repository']['full_name']
                 )
diff --git a/readthedocs/rtd_tests/tests/test_post_commit_hooks.py b/readthedocs/rtd_tests/tests/test_post_commit_hooks.py
index fe781e16bd8..6b71e043be4 100644
--- a/readthedocs/rtd_tests/tests/test_post_commit_hooks.py
+++ b/readthedocs/rtd_tests/tests/test_post_commit_hooks.py
@@ -146,6 +146,18 @@ def test_gitlab_post_commit_knows_default_branches(self):
         rtd.default_branch = old_default
         rtd.save()
 
+    def test_gitlab_request_empty_url(self):
+        """
+        The gitlab hook shouldn't build any project
+        if the url, ssh_url or ref are empty.
+        """
+        self.payload['project']['http_url'] = ''
+        r = self.client.post(
+            '/gitlab/', data=json.dumps(self.payload),
+            content_type='application/json'
+        )
+        self.assertEqual(r.status_code, 404)
+
     def test_gitlab_webhook_is_deprecated(self):
         # Project is created after feature, not included in historical allowance
         url = 'https://github.com/rtfd/readthedocs-build'
@@ -265,6 +277,19 @@ def test_400_on_no_ref(self):
                              content_type='application/json')
         self.assertEqual(r.status_code, 400)
 
+    def test_github_request_empty_url(self):
+        """
+        The github hook shouldn't build any project
+        if the url, ssh_url or ref are empty.
+        """
+        self.payload['repository']['url'] = ''
+        self.payload['repository']['ssh_url'] = ''
+        r = self.client.post(
+            '/github/', data=json.dumps(self.payload),
+            content_type='application/json'
+        )
+        self.assertEqual(r.status_code, 403)
+
     def test_private_repo_mapping(self):
         """
         Test for private GitHub repo mapping.
@@ -534,6 +559,18 @@ def test_bitbucket_default_branch(self):
                              content_type='application/json')
         self.assertContains(r, '(URL Build) Build Started: bitbucket.org/test/project [latest]')
 
+    def test_bitbucket_request_empty_url(self):
+        """
+        The bitbucket hook shouldn't build any project
+        if the url, ssh_url or ref are empty.
+        """
+        self.git_payload['repository']['absolute_url'] = ''
+        r = self.client.post(
+            '/bitbucket/', data=json.dumps(self.git_payload),
+            content_type='application/json'
+        )
+        self.assertEqual(r.status_code, 400)
+
     def test_bitbucket_webhook_is_deprecated(self):
         # Project is created after feature, not included in historical allowance
         url = 'https://bitbucket.org/rtfd/readthedocs-build'

From 100bbdd4995fe822d975cb98e7b4d5baf0e29a0b Mon Sep 17 00:00:00 2001
From: Santos Gallegos <santos_g@outlook.com>
Date: Wed, 23 May 2018 19:32:02 -0500
Subject: [PATCH 2/2] Linter

---
 readthedocs/core/views/hooks.py | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/readthedocs/core/views/hooks.py b/readthedocs/core/views/hooks.py
index 0eba40f1814..c773f7b4489 100644
--- a/readthedocs/core/views/hooks.py
+++ b/readthedocs/core/views/hooks.py
@@ -92,12 +92,11 @@ def build_branches(project, branch_list):
 def get_project_from_url(url):
     if not url:
         return Project.objects.none()
-    else:
-        projects = (
-            Project.objects.filter(repo__iendswith=url) |
-            Project.objects.filter(repo__iendswith=url + '.git')
-        )
-        return projects
+    projects = (
+        Project.objects.filter(repo__iendswith=url) |
+        Project.objects.filter(repo__iendswith=url + '.git')
+    )
+    return projects
 
 
 def log_info(project, msg):