From ae55eaf97c12cba5a4a1cafb7c6928624876988d Mon Sep 17 00:00:00 2001
From: justusbunsi <61625851+justusbunsi@users.noreply.github.com>
Date: Sun, 10 Oct 2021 19:45:57 +0200
Subject: [PATCH] Prevent bot from interpreting unknown actions

Signed-off-by: Steven Kriegler <61625851+justusbunsi@users.noreply.github.com>
---
 internal/webhooks/gitea/comment.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/internal/webhooks/gitea/comment.go b/internal/webhooks/gitea/comment.go
index 51bf054..5cbe899 100644
--- a/internal/webhooks/gitea/comment.go
+++ b/internal/webhooks/gitea/comment.go
@@ -59,6 +59,10 @@ func (w *CommentWebhook) Validate() error {
 		return fmt.Errorf("ignore hook for non-bot action comment")
 	}
 
+	if w.Comment.Body != string(actions.ActionReview) {
+		return fmt.Errorf("ignore hook for unknown bot action")
+	}
+
 	w.ConfiguredProject = settings.Projects[pIdx]
 
 	return nil