From 114dd59d703d00efe86ad02eb956aa5343daa08e Mon Sep 17 00:00:00 2001
From: Runxi Yu <me@runxiyu.org>
Date: Wed, 19 Feb 2025 21:24:47 +0800
Subject: [PATCH] all: Use COALESCE to handle some nullable database fields

---
 git_hooks_handle.go               | 7 ++++++-
 http_auth.go                      | 2 +-
 http_handle_login.go              | 7 ++++++-
 http_handle_repo_contrib_index.go | 2 +-
 http_handle_repo_contrib_one.go   | 2 +-

diff --git a/git_hooks_handle.go b/git_hooks_handle.go
index 9dc3ed6380853622115bc118f4cede522a53ff10..24f8077a1cbc838889fa0712a3ca178c25970918 100644
--- a/git_hooks_handle.go
+++ b/git_hooks_handle.go
@@ -139,7 +139,7 @@ 							}
 						} else { // Existing contrib branch
 							var existing_merge_request_user_id int
 							err = database.QueryRow(ctx,
-								"SELECT creator FROM merge_requests WHERE source_ref = $1 AND repo_id = $2",
+								"SELECT COALESCE(creator, 0) FROM merge_requests WHERE source_ref = $1 AND repo_id = $2",
 								strings.TrimPrefix(ref_name, "refs/heads/contrib/"), pack_to_hook.repo_id,
 							).Scan(&existing_merge_request_user_id)
 							if err != nil {
@@ -149,6 +149,11 @@ 								} else {
 									fmt.Fprintln(ssh_stderr, "Error querying for existing merge request:", err.Error())
 								}
 								return 1
+							}
+							if existing_merge_request_user_id == 0 {
+								all_ok = false
+								fmt.Fprintln(ssh_stderr, "Rejecting push to merge request with no owner", ref_name)
+								continue
 							}
 
 							if existing_merge_request_user_id != pack_to_hook.user_id {
diff --git a/http_auth.go b/http_auth.go
index 370e38b45efa8fd74ab43d8f824654e71d35747d..eb6e6040942c9df3b243adf228ac0a0833fb616d 100644
--- a/http_auth.go
+++ b/http_auth.go
@@ -10,7 +10,7 @@ 	if err != nil {
 		return
 	}
 
-	err = database.QueryRow(r.Context(), "SELECT user_id, username FROM users u JOIN sessions s ON u.id = s.user_id WHERE s.session_id = $1;", session_cookie.Value).Scan(&id, &username)
+	err = database.QueryRow(r.Context(), "SELECT user_id, COALESCE(username, '') FROM users u JOIN sessions s ON u.id = s.user_id WHERE s.session_id = $1;", session_cookie.Value).Scan(&id, &username)
 
 	return
 }
diff --git a/http_handle_login.go b/http_handle_login.go
index f45db800befc888fb81eea96134c71027093c584..5aed6803a53eaa78e590d095360c768f9d2df229 100644
--- a/http_handle_login.go
+++ b/http_handle_login.go
@@ -23,7 +23,7 @@ 	username := r.PostFormValue("username")
 	password := r.PostFormValue("password")
 
 	var password_hash string
-	err := database.QueryRow(r.Context(), "SELECT id, password FROM users WHERE username = $1", username).Scan(&user_id, &password_hash)
+	err := database.QueryRow(r.Context(), "SELECT id, COALESCE(password, '') FROM users WHERE username = $1", username).Scan(&user_id, &password_hash)
 	if err != nil {
 		if errors.Is(err, pgx.ErrNoRows) {
 			params["login_error"] = "Unknown username"
@@ -31,6 +31,11 @@ 			render_template(w, "login", params)
 			return
 		}
 		http.Error(w, "Error querying user information: "+err.Error(), http.StatusInternalServerError)
+		return
+	}
+	if password_hash == "" {
+		params["login_error"] = "User has no password"
+		render_template(w, "login", params)
 		return
 	}
 
diff --git a/http_handle_repo_contrib_index.go b/http_handle_repo_contrib_index.go
index 94a24b89003ccaca7f4579192219f808bac7c96a..e864dfa235b2ac132186872f434008bcb041aad0 100644
--- a/http_handle_repo_contrib_index.go
+++ b/http_handle_repo_contrib_index.go
@@ -11,7 +11,7 @@ 	Status string
 }
 
 func handle_repo_contrib_index(w http.ResponseWriter, r *http.Request, params map[string]any) {
-	rows, err := database.Query(r.Context(), "SELECT id, title, status FROM merge_requests WHERE repo_id = $1", params["repo_id"])
+	rows, err := database.Query(r.Context(), "SELECT id, COALESCE(title, 'Untitled'), status FROM merge_requests WHERE repo_id = $1", params["repo_id"])
 	if err != nil {
 		http.Error(w, "Error querying merge requests: "+err.Error(), http.StatusInternalServerError)
 		return
diff --git a/http_handle_repo_contrib_one.go b/http_handle_repo_contrib_one.go
index 6841f2b363bc36654b7d2d44d6a550272f01a135..06910503e4b4f1b9fe0f715b59aac907e2df7308 100644
--- a/http_handle_repo_contrib_one.go
+++ b/http_handle_repo_contrib_one.go
@@ -16,7 +16,7 @@ 		return
 	}
 
 	var title, status, source_ref, destination_branch string
-	err = database.QueryRow(r.Context(), "SELECT title, status, source_ref, destination_branch FROM merge_requests WHERE id = $1", mr_id).Scan(&title, &status, &source_ref, &destination_branch)
+	err = database.QueryRow(r.Context(), "SELECT COALESCE(title, ''), status, source_ref, COALESCE(destination_branch, '') FROM merge_requests WHERE id = $1", mr_id).Scan(&title, &status, &source_ref, &destination_branch)
 	if err != nil {
 		http.Error(w, "Error querying merge request: "+err.Error(), http.StatusInternalServerError)
 		return

-- 
2.48.1