Add configuration to enable/disable download source from UI. Co-authored-by: zeripath <art27@cantab.net>tags/v1.18.0-rc0
@@ -879,6 +879,9 @@ ROUTER = console | |||
;; Allow deletion of unadopted repositories | |||
;ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES = false | |||
;; Don't allow download source archive files from UI | |||
;DISABLE_DOWNLOAD_SOURCE_ARCHIVES = false | |||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; | |||
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; | |||
;[repository.editor] |
@@ -78,6 +78,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`. | |||
- `DEFAULT_BRANCH`: **main**: Default branch name of all repositories. | |||
- `ALLOW_ADOPTION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to adopt unadopted repositories | |||
- `ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to delete unadopted repositories | |||
- `DISABLE_DOWNLOAD_SOURCE_ARCHIVES`: **false**: Don't allow download source archive files from UI | |||
### Repository - Editor (`repository.editor`) | |||
@@ -48,6 +48,7 @@ var ( | |||
DefaultBranch string | |||
AllowAdoptionOfUnadoptedRepositories bool | |||
AllowDeleteOfUnadoptedRepositories bool | |||
DisableDownloadSourceArchives bool | |||
// Repository editor settings | |||
Editor struct { |
@@ -35,10 +35,11 @@ func BaseVars() Vars { | |||
"IsLandingPageExplore": setting.LandingPageURL == setting.LandingPageExplore, | |||
"IsLandingPageOrganizations": setting.LandingPageURL == setting.LandingPageOrganizations, | |||
"ShowRegistrationButton": setting.Service.ShowRegistrationButton, | |||
"ShowMilestonesDashboardPage": setting.Service.ShowMilestonesDashboardPage, | |||
"ShowFooterBranding": setting.ShowFooterBranding, | |||
"ShowFooterVersion": setting.ShowFooterVersion, | |||
"ShowRegistrationButton": setting.Service.ShowRegistrationButton, | |||
"ShowMilestonesDashboardPage": setting.Service.ShowMilestonesDashboardPage, | |||
"ShowFooterBranding": setting.ShowFooterBranding, | |||
"ShowFooterVersion": setting.ShowFooterVersion, | |||
"DisableDownloadSourceArchives": setting.Repository.DisableDownloadSourceArchives, | |||
"EnableSwagger": setting.API.EnableSwagger, | |||
"EnableOpenIDSignIn": setting.Service.EnableOpenIDSignIn, |
@@ -290,6 +290,13 @@ func RegisterRoutes(m *web.Route) { | |||
} | |||
} | |||
dlSourceEnabled := func(ctx *context.Context) { | |||
if setting.Repository.DisableDownloadSourceArchives { | |||
ctx.Error(http.StatusNotFound) | |||
return | |||
} | |||
} | |||
// FIXME: not all routes need go through same middleware. | |||
// Especially some AJAX requests, we can reduce middleware number to improve performance. | |||
// Routers. | |||
@@ -1106,7 +1113,7 @@ func RegisterRoutes(m *web.Route) { | |||
m.Group("/archive", func() { | |||
m.Get("/*", repo.Download) | |||
m.Post("/*", repo.InitiateDownload) | |||
}, repo.MustBeNotEmpty, reqRepoCodeReader) | |||
}, repo.MustBeNotEmpty, dlSourceEnabled, reqRepoCodeReader) | |||
m.Group("/branches", func() { | |||
m.Get("", repo.Branches) |
@@ -31,12 +31,14 @@ | |||
<br> | |||
{{.locale.Tr "mail.release.downloads"}} | |||
<ul> | |||
{{if not .DisableDownloadSourceArchives}} | |||
<li> | |||
<a href="{{.Release.Repo.Link}}/archive/{{.Release.TagName | PathEscapeSegments}}.zip" rel="nofollow"><strong>{{.locale.Tr "mail.release.download.zip"}}</strong></a> | |||
</li> | |||
<li> | |||
<a href="{{.Release.Repo.Link}}/archive/{{.Release.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow"><strong>{{.locale.Tr "mail.release.download.targz"}}</strong></a> | |||
</li> | |||
{{end}} | |||
{{if .Release.Attachments}} | |||
{{range .Release.Attachments}} | |||
<li> |
@@ -26,13 +26,15 @@ | |||
{{svg "octicon-git-branch"}} | |||
</div> | |||
{{end}} | |||
<div class="ui basic jump dropdown icon button tooltip" data-content="{{$.locale.Tr "repo.branch.download" ($.DefaultBranch)}}" data-position="top right"> | |||
{{svg "octicon-download"}} | |||
<div class="menu"> | |||
<a class="item archive-link" href="{{$.RepoLink}}/archive/{{PathEscapeSegments $.DefaultBranch}}.zip" rel="nofollow">{{svg "octicon-file-zip"}} ZIP</a> | |||
<a class="item archive-link" href="{{$.RepoLink}}/archive/{{PathEscapeSegments $.DefaultBranch}}.tar.gz" rel="nofollow">{{svg "octicon-file-zip"}} TAR.GZ</a> | |||
{{if not $.DisableDownloadSourceArchives}} | |||
<div class="ui basic jump dropdown icon button tooltip" data-content="{{$.locale.Tr "repo.branch.download" ($.DefaultBranch)}}" data-position="top right"> | |||
{{svg "octicon-download"}} | |||
<div class="menu"> | |||
<a class="item archive-link" href="{{$.RepoLink}}/archive/{{PathEscapeSegments $.DefaultBranch}}.zip" rel="nofollow">{{svg "octicon-file-zip"}} ZIP</a> | |||
<a class="item archive-link" href="{{$.RepoLink}}/archive/{{PathEscapeSegments $.DefaultBranch}}.tar.gz" rel="nofollow">{{svg "octicon-file-zip"}} TAR.GZ</a> | |||
</div> | |||
</div> | |||
</div> | |||
{{end}} | |||
</td> | |||
</tr> | |||
</tbody> |
@@ -124,6 +124,7 @@ | |||
{{if eq $n 0}} | |||
<div class="ui action tiny input" id="clone-panel"> | |||
{{template "repo/clone_buttons" .}} | |||
{{if not .DisableDownloadSourceArchives}} | |||
<button id="download-btn" class="ui basic jump dropdown icon button tooltip" data-content="{{.locale.Tr "repo.download_archive"}}" data-position="top right"> | |||
{{svg "octicon-download"}} | |||
<div class="menu"> | |||
@@ -133,6 +134,7 @@ | |||
<a class="item" href="vscode://vscode.git/clone?url={{$.RepoCloneLink.HTTPS}}">{{svg "gitea-vscode" 16 "mr-3"}}{{.locale.Tr "repo.clone_in_vsc"}}</a> | |||
</div> | |||
</button> | |||
{{end}} | |||
</div> | |||
{{end}} | |||
</div> |
@@ -37,8 +37,10 @@ | |||
<div class="download df ac"> | |||
{{if $.Permission.CanRead $.UnitTypeCode}} | |||
<a class="mr-3 mono" href="{{$.RepoLink}}/src/commit/{{.Sha1}}" rel="nofollow">{{svg "octicon-git-commit" 16 "mr-2"}}{{ShortSha .Sha1}}</a> | |||
<a class="archive-link mr-3" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.zip" rel="nofollow">{{svg "octicon-file-zip" 16 "mr-2"}}ZIP</a> | |||
<a class="archive-link mr-3" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow">{{svg "octicon-file-zip" 16 "mr-2"}}TAR.GZ</a> | |||
{{if not $.DisableDownloadSourceArchives}} | |||
<a class="archive-link mr-3" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.zip" rel="nofollow">{{svg "octicon-file-zip" 16 "mr-2"}}ZIP</a> | |||
<a class="archive-link mr-3" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow">{{svg "octicon-file-zip" 16 "mr-2"}}TAR.GZ</a> | |||
{{end}} | |||
{{if (and $.CanCreateRelease $release.IsTag)}} | |||
<a class="mr-3" href="{{$.RepoLink}}/releases/new?tag={{.TagName}}">{{svg "octicon-tag" 16 "mr-2"}}{{$.locale.Tr "repo.release.new_release"}}</a> | |||
{{end}} | |||
@@ -104,8 +106,10 @@ | |||
<div class="download"> | |||
{{if $.Permission.CanRead $.UnitTypeCode}} | |||
<a class="mono" href="{{$.RepoLink}}/src/commit/{{.Sha1}}" rel="nofollow">{{svg "octicon-git-commit" 16 "mr-2"}}{{ShortSha .Sha1}}</a> | |||
<a class="archive-link" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.zip" rel="nofollow">{{svg "octicon-file-zip"}} ZIP</a> | |||
<a class="archive-link" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow">{{svg "octicon-file-zip"}} TAR.GZ</a> | |||
{{if not $.DisableDownloadSourceArchives}} | |||
<a class="archive-link" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.zip" rel="nofollow">{{svg "octicon-file-zip"}} ZIP</a> | |||
<a class="archive-link" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.tar.gz" rel="nofollow">{{svg "octicon-file-zip"}} TAR.GZ</a> | |||
{{end}} | |||
{{end}} | |||
</div> | |||
{{else}} | |||
@@ -146,7 +150,7 @@ | |||
{{$.locale.Tr "repo.release.downloads"}} | |||
</summary> | |||
<ul class="list"> | |||
{{if and (not .IsDraft) ($.Permission.CanRead $.UnitTypeCode)}} | |||
{{if and (not $.DisableDownloadSourceArchives) (not .IsDraft) ($.Permission.CanRead $.UnitTypeCode)}} | |||
<li> | |||
<a class="archive-link" href="{{$.RepoLink}}/archive/{{.TagName | PathEscapeSegments}}.zip" rel="nofollow"><strong>{{svg "octicon-file-zip" 16 "mr-2"}}{{$.locale.Tr "repo.release.source_code"}} (ZIP)</strong></a> | |||
</li> |