mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-05-20 17:00:24 +00:00
Prevent anonymous container access if RequireSignInView is enabled (#28877)
Fixes #28875 If `RequireSignInView` is enabled, the ghost user has no access rights.
This commit is contained in:
KN4CK3R
GitHub
parent
b693611b35
commit
caad931385
3 changed files with 24 additions and 6 deletions
|
|
@ -93,7 +93,7 @@ func packageAssignment(ctx *packageAssignmentCtx, errCb func(int, string, any))
|
|||
}
|
||||
|
||||
func determineAccessMode(ctx *Base, pkg *Package, doer *user_model.User) (perm.AccessMode, error) {
|
||||
if setting.Service.RequireSignInView && doer == nil {
|
||||
if setting.Service.RequireSignInView && (doer == nil || doer.IsGhost()) {
|
||||
return perm.AccessModeNone, nil
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue