From edcd28b9ace1b69523831c9d32c97322d91b55b6 Mon Sep 17 00:00:00 2001
From: Pulkit Kathuria <kevincobain2000@gmail.com>
Date: Mon, 22 Jan 2024 10:26:35 +0900
Subject: [PATCH] bug on verify

---
 action.yml                 | 3 ++-
 app/pkg/destroy_handler.go | 9 +++++----
 app/pkg/upload_handler.go  | 2 +-
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/action.yml b/action.yml
index aaa818e..9407026 100644
--- a/action.yml
+++ b/action.yml
@@ -136,7 +136,8 @@ runs:
           -d '{
             "org": "${{github.repository_owner}}",
             "repo": "${{ github.event.repository.name }}",
-            "type": "${{ inputs.type }}"
+            "type": "${{ inputs.type }}",
+            "commit": "${{ github.sha }}"
           }' \
           "${{inputs.host}}/destroy"
 
diff --git a/app/pkg/destroy_handler.go b/app/pkg/destroy_handler.go
index e01ccd8..9fc2907 100644
--- a/app/pkg/destroy_handler.go
+++ b/app/pkg/destroy_handler.go
@@ -21,9 +21,10 @@ func NewDestroyHandler() *DestroyHandler {
 }
 
 type DestroyRequest struct {
-	Org  string `json:"org"  form:"org" validate:"required,ascii,excludes=/" message:"org is required"`
-	Repo string `json:"repo" form:"repo" validate:"required,ascii,excludes=/" message:"repo is required"`
-	Type string `json:"type" form:"type" validate:"ascii,excludes=/" message:"ascii type is required"`
+	Org    string `json:"org"  form:"org" validate:"required,ascii,excludes=/" message:"org is required"`
+	Repo   string `json:"repo" form:"repo" validate:"required,ascii,excludes=/" message:"repo is required"`
+	Type   string `json:"type" form:"type" validate:"ascii,excludes=/" message:"ascii type is required"`
+	Commit string `json:"commit" form:"commit" validate:"ascii,excludes=/" message:"ascii commit is required"`
 }
 
 func (h *DestroyHandler) Post(c echo.Context) error {
@@ -40,7 +41,7 @@ func (h *DestroyHandler) Post(c echo.Context) error {
 	}
 
 	if os.Getenv("GITHUB_API") != "" {
-		if err := h.github.VerifyGithubToken(c.Request().Header.Get("Authorization"), req.Org, req.Repo, req.Type); err != nil {
+		if err := h.github.VerifyGithubToken(c.Request().Header.Get("Authorization"), req.Org, req.Repo, req.Commit); err != nil {
 			return echo.NewHTTPError(http.StatusUnauthorized, err.Error())
 		}
 	}
diff --git a/app/pkg/upload_handler.go b/app/pkg/upload_handler.go
index 53af4b6..9f8308a 100644
--- a/app/pkg/upload_handler.go
+++ b/app/pkg/upload_handler.go
@@ -47,7 +47,7 @@ func (h *UploadHandler) Post(c echo.Context) error {
 
 	// set by default to api.github and "" on tests
 	if os.Getenv("GITHUB_API") != "" {
-		if err := h.github.VerifyGithubToken(c.Request().Header.Get("Authorization"), req.Org, req.Repo, req.Type); err != nil {
+		if err := h.github.VerifyGithubToken(c.Request().Header.Get("Authorization"), req.Org, req.Repo, req.Commit); err != nil {
 			return echo.NewHTTPError(http.StatusUnauthorized, err.Error())
 		}
 	}