Fork permission bug fixes (#2534)

* Hotfix for "Add time manually" (https://github.com/go-gitea/gitea/pull/2211#issuecomment-328780125)

Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Checking if Code unit is enabled before creating a fork.

Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Adding a discrete function for RepoIDAssignment

Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Improved Documentation

diff --git a/models/repo.go b/models/repo.go
index 4b3b0322d6ac1b5b2b3468dcf176f5e603d9cbbb..4c844d9b56635b3779be2f1f8594367294df4f84 100644 (file)
--- a/models/repo.go
+++ b/models/repo.go
@@ -638,7 +638,7 @@ func (repo *Repository) UpdateSize() error {
 
 // CanBeForked returns true if repository meets the requirements of being forked.
 func (repo *Repository) CanBeForked() bool {
-       return !repo.IsBare
+       return !repo.IsBare && repo.UnitEnabled(UnitTypeCode)
 }
 
 // CanEnablePulls returns true if repository meets the requirements of accepting pulls.

diff --git a/modules/context/repo.go b/modules/context/repo.go
index a82535a6d48555c14ad375f06dd602deacf5b1f2..acfccfcd052aacd63233f981638ed54c31eeb4fd 100644 (file)
--- a/modules/context/repo.go
+++ b/modules/context/repo.go
@@ -171,6 +171,74 @@ func RedirectToRepo(ctx *Context, redirectRepoID int64) {
        )
        ctx.Redirect(redirectPath)
 }
+// RepoIDAssignment returns an macaron handler which assigns the repo to the context.
+func RepoIDAssignment() macaron.Handler {
+       return func(ctx *Context) {
+               var (
+                       err   error
+               )
+
+               repoID := ctx.ParamsInt64(":repoid")
+
+               // Get repository.
+               repo, err := models.GetRepositoryByID(repoID)
+               if err != nil {
+                       if models.IsErrRepoNotExist(err) {
+                               ctx.Handle(404, "GetRepositoryByID", nil)
+                       } else {
+                               ctx.Handle(500, "GetRepositoryByID", err)
+                       }
+                       return
+               }
+
+               if err = repo.GetOwner(); err != nil {
+                       ctx.Handle(500, "GetOwner", err)
+                       return
+               }
+
+               // Admin has super access.
+               if ctx.IsSigned && ctx.User.IsAdmin {
+                       ctx.Repo.AccessMode = models.AccessModeOwner
+               } else {
+                       var userID int64
+                       if ctx.User != nil {
+                               userID = ctx.User.ID
+                       }
+                       mode, err := models.AccessLevel(userID, repo)
+                       if err != nil {
+                               ctx.Handle(500, "AccessLevel", err)
+                               return
+                       }
+                       ctx.Repo.AccessMode = mode
+               }
+
+               // Check access.
+               if ctx.Repo.AccessMode == models.AccessModeNone {
+                       if ctx.Query("go-get") == "1" {
+                               earlyResponseForGoGetMeta(ctx)
+                               return
+                       }
+                       ctx.Handle(404, "no access right", err)
+                       return
+               }
+               ctx.Data["HasAccess"] = true
+
+               if repo.IsMirror {
+                       ctx.Repo.Mirror, err = models.GetMirrorByRepoID(repo.ID)
+                       if err != nil {
+                               ctx.Handle(500, "GetMirror", err)
+                               return
+                       }
+                       ctx.Data["MirrorEnablePrune"] = ctx.Repo.Mirror.EnablePrune
+                       ctx.Data["MirrorInterval"] = ctx.Repo.Mirror.Interval
+                       ctx.Data["Mirror"] = ctx.Repo.Mirror
+               }
+
+               ctx.Repo.Repository = repo
+               ctx.Data["RepoName"] = ctx.Repo.Repository.Name
+               ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
+       }
+}
 
 // RepoAssignment returns a macaron to handle repository assignment
 func RepoAssignment() macaron.Handler {

diff --git a/routers/routes/routes.go b/routers/routes/routes.go
index a0684c84787ae9b8a899d54b6f4d354f0692806a..c5d6793ff38c6950d62d76dabd1266d19af5e515 100644 (file)
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@@ -419,8 +419,10 @@ func RegisterRoutes(m *macaron.Macaron) {
                m.Post("/create", bindIgnErr(auth.CreateRepoForm{}), repo.CreatePost)
                m.Get("/migrate", repo.Migrate)
                m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), repo.MigratePost)
-               m.Combo("/fork/:repoid").Get(repo.Fork).
-                       Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
+               m.Group("/fork", func() {
+                       m.Combo("/:repoid").Get(repo.Fork).
+                               Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
+               }, context.RepoIDAssignment(), context.UnitTypes(), context.LoadRepoUnits(), context.CheckUnit(models.UnitTypeCode))
        }, reqSignIn)
 
        m.Group("/:username/:reponame", func() {