]> source.dussan.org Git - gitea.git/commitdiff
projects / gitea.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3a500cf)
Added option to disable migrations (#13114)
authorPaweł Bogusławski <pawel.boguslawski@ib.pl>
Mon, 21 Dec 2020 14:39:41 +0000 (15:39 +0100)
committerGitHub <noreply@github.com>
Mon, 21 Dec 2020 14:39:41 +0000 (15:39 +0100)
* Added option to disable migrations

This patch introduces DISABLE_MIGRATIONS parameter in [repository]
section of app.ini (by default set to false). If set to true
it blocks access to repository migration feature.

This mod hides also local repo import option in user editor if
local repo importing or migrations is disabled.

* Alter Example config

DISABLE_MIGRATIONS set to false in example config to
match its default value.

* HTTP error 403 instead of 500 on denied access to migration

* Parameter DISABLE_MIGRATIONS exposed via API

Fixes: 04b04cf854bcb3ed7659442bcf79822bdebe29e9
Author-Change-Id: IB#1105130

14 files changed:
custom/conf/app.example.ini patch | blob | history
docs/content/doc/advanced/config-cheat-sheet.en-us.md patch | blob | history
integrations/api_settings_test.go patch | blob | history
modules/context/context.go patch | blob | history
modules/cron/tasks_basic.go patch | blob | history
modules/setting/repository.go patch | blob | history
modules/structs/settings.go patch | blob | history
routers/admin/users.go patch | blob | history
routers/api/v1/repo/migrate.go patch | blob | history
routers/api/v1/settings/settings.go patch | blob | history
routers/repo/migrate.go patch | blob | history
templates/admin/user/edit.tmpl patch | blob | history
templates/base/head_navbar.tmpl patch | blob | history
templates/swagger/v1_json.tmpl patch | blob | history

diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index 1e77ff270658ce792cf993976699ba9c487753de..b89bbf894e50032d27ea7523a49c4be5dab964a9 100644 (file)
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -66,6 +66,8 @@ DEFAULT_REPO_UNITS = repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,re
 PREFIX_ARCHIVE_FILES = true
 ; Disable the creation of new mirrors. Pre-existing mirrors remain valid.
 DISABLE_MIRRORS = false
+; Disable migrating feature.
+DISABLE_MIGRATIONS = false
 ; The default branch name of new repositories
 DEFAULT_BRANCH = master
 ; Allow adoption of unadopted repositories
diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
index e30e740f7f18385b5bf5d1bce4c2b3af55cffe45..d482523f797bc714e0dc7f60a7cd25ea03d1db13 100644 (file)
--- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md
+++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md
@@ -74,6 +74,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`.
 - `DEFAULT_REPO_UNITS`: **repo.code,repo.releases,repo.issues,repo.pulls,repo.wiki,repo.projects**: Comma separated list of default repo units. Allowed values: \[repo.code, repo.releases, repo.issues, repo.pulls, repo.wiki, repo.projects\]. Note: Code and Releases can currently not be deactivated. If you specify default repo units you should still list them for future compatibility. External wiki and issue tracker can't be enabled by default as it requires additional settings. Disabled repo units will not be added to new repositories regardless if it is in the default list.
 - `PREFIX_ARCHIVE_FILES`: **true**: Prefix archive files by placing them in a directory named after the repository.
 - `DISABLE_MIRRORS`: **false**: Disable the creation of **new** mirrors. Pre-existing mirrors remain valid.
+- `DISABLE_MIGRATIONS`: **false**: Disable migrating feature.
 - `DEFAULT_BRANCH`: **master**: Default branch name of all repositories.
 - `ALLOW_ADOPTION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to adopt unadopted repositories
 - `ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to delete unadopted repositories
diff --git a/integrations/api_settings_test.go b/integrations/api_settings_test.go
index 60dbf7a9dc0f3daf41ccaf078af534c996c92eb0..19a005387696bd7dfcf20bb0bc4b464f599e0de0 100644 (file)
--- a/integrations/api_settings_test.go
+++ b/integrations/api_settings_test.go
@@ -43,8 +43,9 @@ func TestAPIExposedSettings(t *testing.T) {
 
        DecodeJSON(t, resp, &repo)
        assert.EqualValues(t, &api.GeneralRepoSettings{
-               MirrorsDisabled: setting.Repository.DisableMirrors,
-               HTTPGitDisabled: setting.Repository.DisableHTTPGit,
+               MirrorsDisabled:    setting.Repository.DisableMirrors,
+               HTTPGitDisabled:    setting.Repository.DisableHTTPGit,
+               MigrationsDisabled: setting.Repository.DisableMigrations,
        }, repo)
 
        attachment := new(api.GeneralAttachmentSettings)
diff --git a/modules/context/context.go b/modules/context/context.go
index 1405860e07d8c51cf5b94274bb9a2bf98cc61236..c6597cf024b33c285768f568a199652bc74fa232 100644 (file)
--- a/modules/context/context.go
+++ b/modules/context/context.go
@@ -343,6 +343,7 @@ func Contexter() macaron.Handler {
 
                ctx.Data["EnableSwagger"] = setting.API.EnableSwagger
                ctx.Data["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn
+               ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations
 
                c.Map(ctx)
        }
diff --git a/modules/cron/tasks_basic.go b/modules/cron/tasks_basic.go
index 4da21fc7d9ddd422751c4a6832ef77e657d5ce04..a45704e889394b803cde2b22857c01230a4f2087 100644 (file)
--- a/modules/cron/tasks_basic.go
+++ b/modules/cron/tasks_basic.go
@@ -11,6 +11,7 @@ import (
        "code.gitea.io/gitea/models"
        "code.gitea.io/gitea/modules/migrations"
        repository_service "code.gitea.io/gitea/modules/repository"
+       "code.gitea.io/gitea/modules/setting"
        mirror_service "code.gitea.io/gitea/services/mirror"
 )
 
@@ -115,5 +116,7 @@ func initBasicTasks() {
        registerArchiveCleanup()
        registerSyncExternalUsers()
        registerDeletedBranchesCleanup()
-       registerUpdateMigrationPosterID()
+       if !setting.Repository.DisableMigrations {
+               registerUpdateMigrationPosterID()
+       }
 }
diff --git a/modules/setting/repository.go b/modules/setting/repository.go
index 328a09454b427ecc6f7bc6950f7a4522dbd4ce15..139512bf008c1b03c9cb7a2927d38ef3f21606de 100644 (file)
--- a/modules/setting/repository.go
+++ b/modules/setting/repository.go
@@ -42,6 +42,7 @@ var (
                DefaultRepoUnits                        []string
                PrefixArchiveFiles                      bool
                DisableMirrors                          bool
+               DisableMigrations                       bool
                DefaultBranch                           string
                AllowAdoptionOfUnadoptedRepositories    bool
                AllowDeleteOfUnadoptedRepositories      bool
@@ -152,6 +153,7 @@ var (
                DefaultRepoUnits:                        []string{},
                PrefixArchiveFiles:                      true,
                DisableMirrors:                          false,
+               DisableMigrations:                       false,
                DefaultBranch:                           "master",
 
                // Repository editor settings
diff --git a/modules/structs/settings.go b/modules/structs/settings.go
index 0cb7b3284158ddbc363dc3e42e84300b6fed83ab..5fd916affe91f01d7c536e58760c5421e819d2e7 100644 (file)
--- a/modules/structs/settings.go
+++ b/modules/structs/settings.go
@@ -6,8 +6,9 @@ package structs
 
 // GeneralRepoSettings contains global repository settings exposed by API
 type GeneralRepoSettings struct {
-       MirrorsDisabled bool `json:"mirrors_disabled"`
-       HTTPGitDisabled bool `json:"http_git_disabled"`
+       MirrorsDisabled    bool `json:"mirrors_disabled"`
+       HTTPGitDisabled    bool `json:"http_git_disabled"`
+       MigrationsDisabled bool `json:"migrations_disabled"`
 }
 
 // GeneralUISettings contains global ui settings exposed by API
diff --git a/routers/admin/users.go b/routers/admin/users.go
index 4382ee3877f4e734dbad314cbb334264c0188f6a..06c391b8e075f0a0443bb6b1eb684a7eca0ff2cd 100644 (file)
--- a/routers/admin/users.go
+++ b/routers/admin/users.go
@@ -191,6 +191,7 @@ func EditUser(ctx *context.Context) {
        ctx.Data["PageIsAdmin"] = true
        ctx.Data["PageIsAdminUsers"] = true
        ctx.Data["DisableRegularOrgCreation"] = setting.Admin.DisableRegularOrgCreation
+       ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations
 
        prepareUserInfo(ctx)
        if ctx.Written() {
@@ -205,6 +206,7 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) {
        ctx.Data["Title"] = ctx.Tr("admin.users.edit_account")
        ctx.Data["PageIsAdmin"] = true
        ctx.Data["PageIsAdminUsers"] = true
+       ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations
 
        u := prepareUserInfo(ctx)
        if ctx.Written() {
diff --git a/routers/api/v1/repo/migrate.go b/routers/api/v1/repo/migrate.go
index 511e91f94e1a17233fc003f37ce9f10bb0819e6f..ab480c29aaf2ec88d4fdd86e6eaef4dd8caba704 100644 (file)
--- a/routers/api/v1/repo/migrate.go
+++ b/routers/api/v1/repo/migrate.go
@@ -119,6 +119,11 @@ func Migrate(ctx *context.APIContext, form api.MigrateRepoOptions) {
                return
        }
 
+       if setting.Repository.DisableMigrations {
+               ctx.Error(http.StatusForbidden, "MigrationsGlobalDisabled", fmt.Errorf("the site administrator has disabled migrations"))
+               return
+       }
+
        var opts = migrations.MigrateOptions{
                CloneAddr:      remoteAddr,
                RepoName:       form.RepoName,
diff --git a/routers/api/v1/settings/settings.go b/routers/api/v1/settings/settings.go
index c94a3141e2f8197ecd0ae45b3e00503c230e7f0a..6095988404b011846cc9e73b6782b8954e074a3f 100644 (file)
--- a/routers/api/v1/settings/settings.go
+++ b/routers/api/v1/settings/settings.go
@@ -57,8 +57,9 @@ func GetGeneralRepoSettings(ctx *context.APIContext) {
        //   "200":
        //     "$ref": "#/responses/GeneralRepoSettings"
        ctx.JSON(http.StatusOK, api.GeneralRepoSettings{
-               MirrorsDisabled: setting.Repository.DisableMirrors,
-               HTTPGitDisabled: setting.Repository.DisableHTTPGit,
+               MirrorsDisabled:    setting.Repository.DisableMirrors,
+               HTTPGitDisabled:    setting.Repository.DisableHTTPGit,
+               MigrationsDisabled: setting.Repository.DisableMigrations,
        })
 }
 
diff --git a/routers/repo/migrate.go b/routers/repo/migrate.go
index d843a043a7a53574cd8afa0a767dabba4fdf79f0..a628fd2e2fd363d09ce92279a6f6df2680c1dcd3 100644 (file)
--- a/routers/repo/migrate.go
+++ b/routers/repo/migrate.go
@@ -6,6 +6,7 @@
 package repo
 
 import (
+       "net/http"
        "strings"
 
        "code.gitea.io/gitea/models"
@@ -25,6 +26,11 @@ const (
 
 // Migrate render migration of repository page
 func Migrate(ctx *context.Context) {
+       if setting.Repository.DisableMigrations {
+               ctx.Error(http.StatusForbidden, "Migrate: the site administrator has disabled migrations")
+               return
+       }
+
        ctx.Data["Services"] = append([]structs.GitServiceType{structs.PlainGitService}, structs.SupportedFullGitService...)
        serviceType := ctx.QueryInt("service_type")
        if serviceType == 0 {
@@ -60,6 +66,11 @@ func Migrate(ctx *context.Context) {
 }
 
 func handleMigrateError(ctx *context.Context, owner *models.User, err error, name string, tpl base.TplName, form *auth.MigrateRepoForm) {
+       if setting.Repository.DisableMigrations {
+               ctx.Error(http.StatusForbidden, "MigrateError: the site administrator has disabled migrations")
+               return
+       }
+
        switch {
        case migrations.IsRateLimitError(err):
                ctx.RenderWithErr(ctx.Tr("form.visit_rate_limit"), tpl, form)
@@ -107,6 +118,11 @@ func handleMigrateError(ctx *context.Context, owner *models.User, err error, nam
 
 // MigratePost response for migrating from external git repository
 func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) {
+       if setting.Repository.DisableMigrations {
+               ctx.Error(http.StatusForbidden, "MigratePost: the site administrator has disabled migrations")
+               return
+       }
+
        ctx.Data["Title"] = ctx.Tr("new_migrate")
        // Plain git should be first
        ctx.Data["service"] = structs.GitServiceType(form.Service)
diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl
index 7f1706e55a4391837104b499e725c486f97dc303..d6cbdd5f53f5c6635ee9429e4d8a0cdabfb7f500 100644 (file)
--- a/templates/admin/user/edit.tmpl
+++ b/templates/admin/user/edit.tmpl
@@ -95,7 +95,7 @@
                                                <input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}} {{if DisableGitHooks}}disabled{{end}}>
                                        </div>
                                </div>
-                               <div class="inline field">
+                               <div class="inline field" {{if or (DisableImportLocal) (.DisableMigrations)}}hidden{{end}}>
                                        <div class="ui checkbox">
                                                <label><strong>{{.i18n.Tr "admin.users.allow_import_local"}}</strong></label>
                                                <input name="allow_import_local" type="checkbox" {{if .User.CanImportLocal}}checked{{end}} {{if DisableImportLocal}}disabled{{end}}>
diff --git a/templates/base/head_navbar.tmpl b/templates/base/head_navbar.tmpl
index 5ce07ff8c516f729dae3550231c1fe4147a30c18..207c522ee8bad529fe1d822d02ecd4665e98b856 100644 (file)
--- a/templates/base/head_navbar.tmpl
+++ b/templates/base/head_navbar.tmpl
@@ -89,9 +89,11 @@
                                        <a class="item" href="{{AppSubUrl}}/repo/create">
                                                <span class="fitted">{{svg "octicon-plus"}}</span> {{.i18n.Tr "new_repo"}}
                                        </a>
-                                       <a class="item" href="{{AppSubUrl}}/repo/migrate">
-                                               <span class="fitted">{{svg "octicon-repo-push"}}</span> {{.i18n.Tr "new_migrate"}}
-                                       </a>
+                                       {{if not .DisableMigrations}}
+                                               <a class="item" href="{{AppSubUrl}}/repo/migrate">
+                                                       <span class="fitted">{{svg "octicon-repo-push"}}</span> {{.i18n.Tr "new_migrate"}}
+                                               </a>
+                                       {{end}}
                                        {{if .SignedUser.CanCreateOrganization}}
                                        <a class="item" href="{{AppSubUrl}}/org/create">
                                                <span class="fitted">{{svg "octicon-organization"}}</span> {{.i18n.Tr "new_org"}}
diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl
index aa31b3f07892e476e3331de26089f552d7a4ffb5..bb3b6b4fed4fcb86ba3f94f6e77e7fbdb186e376 100644 (file)
--- a/templates/swagger/v1_json.tmpl
+++ b/templates/swagger/v1_json.tmpl
@@ -13688,6 +13688,10 @@
           "type": "boolean",
           "x-go-name": "HTTPGitDisabled"
         },
+        "migrations_disabled": {
+          "type": "boolean",
+          "x-go-name": "MigrationsDisabled"
+        },
         "mirrors_disabled": {
           "type": "boolean",
           "x-go-name": "MirrorsDisabled"
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea