fix bug user could change private repository to public when force private enabled...

author Lunny Xiao <xiaolunwen@gmail.com>

Fri, 22 Feb 2019 21:56:05 +0000 (05:56 +0800)

committer zeripath <art27@cantab.net>

Fri, 22 Feb 2019 21:56:05 +0000 (21:56 +0000)
author Lunny Xiao <xiaolunwen@gmail.com>
Fri, 22 Feb 2019 21:56:05 +0000 (05:56 +0800)
committer zeripath <art27@cantab.net>
Fri, 22 Feb 2019 21:56:05 +0000 (21:56 +0000)
diff --git a/routers/repo/setting.go b/routers/repo/setting.go

index 5b5eaeb288f9026b861f6350395ae3e75edccaeb..809aab27aa744da82d0f77c903ded23f7f460d2e 100644 (file)
--- a/routers/repo/setting.go
+++ b/routers/repo/setting.go
@@ -6,6 +6,7 @@
  package repo
  
  import (
+       "errors"
         "strings"
         "time"
  
@@ -36,6 +37,7 @@ const (
  func Settings(ctx *context.Context) {
         ctx.Data["Title"] = ctx.Tr("repo.settings")
         ctx.Data["PageIsSettingsOptions"] = true
+       ctx.Data["ForcePrivate"] = setting.Repository.ForcePrivate
         ctx.HTML(200, tplSettingsOptions)
  }
  
@@ -94,6 +96,12 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
                 }
  
                 visibilityChanged := repo.IsPrivate != form.Private
+               // when ForcePrivate enabled, you could change public repo to private, but could not change private to public
+               if visibilityChanged && setting.Repository.ForcePrivate && !form.Private {
+                       ctx.ServerError("Force Private enabled", errors.New("cannot change private repository to public"))
+                       return
+               }
+
                 repo.IsPrivate = form.Private
                 if err := models.UpdateRepository(repo, visibilityChanged); err != nil {
                         ctx.ServerError("UpdateRepository", err)
diff --git a/templates/repo/settings/options.tmpl b/templates/repo/settings/options.tmpl

index 432f20e74f08bf6d56058eb4578c3d49992a071a..94fbcbe651b57d617d7f76e8d2013afdc0e6c5a4 100644 (file)
--- a/templates/repo/settings/options.tmpl
+++ b/templates/repo/settings/options.tmpl
@@ -19,7 +19,7 @@
                                         <div class="inline field">
                                                 <label>{{.i18n.Tr "repo.visibility"}}</label>
                                                 <div class="ui checkbox">
-                                                       <input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}>
+                                                       <input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}{{if and $.ForcePrivate .Repository.IsPrivate}} readonly{{end}}>
                                                         <label>{{.i18n.Tr "repo.visibility_helper" | Safe}} {{if .Repository.NumForks}}<span class="text red">{{.i18n.Tr "repo.visibility_fork_helper"}}</span>{{end}}</label>
                                                 </div>
                                         </div>
author	Lunny Xiao <xiaolunwen@gmail.com>
	Fri, 22 Feb 2019 21:56:05 +0000 (05:56 +0800)
committer	zeripath <art27@cantab.net>
	Fri, 22 Feb 2019 21:56:05 +0000 (21:56 +0000)
routers/repo/setting.go		patch \| blob \| history
templates/repo/settings/options.tmpl		patch \| blob \| history