From 0a2063b2866e62dd54a0e07d5a0e4edd41a7dfba Mon Sep 17 00:00:00 2001
From: Andrew Gerrand <adg@golang.org>
Date: Mon, 9 Dec 2013 14:33:08 +1100
Subject: [PATCH] go.tools/dashboard/app: only accept commits when given master
 key

R=dvyukov, rsc
CC=golang-dev
https://golang.org/cl/37790044
---
 app/build/handler.go | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/app/build/handler.go b/app/build/handler.go
index 00481d5f..55010ec6 100644
--- a/app/build/handler.go
+++ b/app/build/handler.go
@@ -17,6 +17,7 @@ import (
 
 	"appengine"
 	"appengine/datastore"
+
 	"cache"
 )
 
@@ -47,6 +48,9 @@ func commitHandler(r *http.Request) (interface{}, error) {
 	if r.Method != "POST" {
 		return nil, errBadMethod(r.Method)
 	}
+	if !isMasterKey(c, r.FormValue("key")) {
+		return nil, errors.New("can only POST commits with master key")
+	}
 
 	// POST request
 	defer r.Body.Close()
@@ -433,13 +437,11 @@ func validHash(hash string) bool {
 }
 
 func validKey(c appengine.Context, key, builder string) bool {
-	if appengine.IsDevAppServer() {
-		return true
-	}
-	if key == secretKey(c) {
-		return true
-	}
-	return key == builderKey(c, builder)
+	return isMasterKey(c, key) || key == builderKey(c, builder)
+}
+
+func isMasterKey(c appengine.Context, key string) bool {
+	return appengine.IsDevAppServer() || key == secretKey(c)
 }
 
 func builderKey(c appengine.Context, builder string) string {