luckyimnotanigger/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2025-05-31 20:02:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

Prevent git operations for inactive users (#13527)

Browse source 
* prevent git operations for inactive users

* Some fixes

* Deny push to the repositories which's owner is inactive

* deny operations also when user is ProhibitLogin

Co-authored-by: zeripath <art27@cantab.net>
This commit is contained in:
Lunny Xiao 2020-11-13 07:29:11 +08:00 committed by GitHub
parent ee7133d135
commit ff7341b994
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 44 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

9
routers/repo/http.go
View file

@ -105,6 +105,10 @@ func HTTP(ctx *context.Context) {
ctx.NotFoundOrServerError("GetUserByName", models.IsErrUserNotExist, err)
return
}
if !owner.IsActive {
ctx.HandleText(http.StatusForbidden, "Repository cannot be accessed. You cannot push or open issues/pull-requests.")
return
}
repoExist := true
repo, err := models.GetRepositoryByName(owner.ID, reponame)
@ -244,6 +248,11 @@ func HTTP(ctx *context.Context) {
}
}
if !authUser.IsActive || authUser.ProhibitLogin {
ctx.HandleText(http.StatusForbidden, "Your account is disabled.")
return
}
if repoExist {
perm, err := models.GetUserRepoPermission(repo, authUser)
if err != nil {