summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLunny Xiao <xiaolunwen@gmail.com>2019-02-23 05:56:05 +0800
committerzeripath <art27@cantab.net>2019-02-22 21:56:05 +0000
commit4a2fbbeb101555129ab83f972c41936113f1f6c2 (patch)
treec49f69b37865c6a4cad19dd81141173b8fa680ea
parent134e55510eda8c3c6d61da18ee97e3243c6e3bc2 (diff)
downloadgitea-4a2fbbeb101555129ab83f972c41936113f1f6c2.tar.gz
gitea-4a2fbbeb101555129ab83f972c41936113f1f6c2.zip
fix bug user could change private repository to public when force private enabled. (#6156)
Diffstat
-rw-r--r--routers/repo/setting.go8
-rw-r--r--templates/repo/settings/options.tmpl2
2 files changed, 9 insertions, 1 deletions
diff --git a/routers/repo/setting.go b/routers/repo/setting.go
index 5b5eaeb288..809aab27aa 100644
--- a/routers/repo/setting.go
+++ b/routers/repo/setting.go
@@ -6,6 +6,7 @@
package repo
import (
+ "errors"
"strings"
"time"
@@ -36,6 +37,7 @@ const (
func Settings(ctx *context.Context) {
ctx.Data["Title"] = ctx.Tr("repo.settings")
ctx.Data["PageIsSettingsOptions"] = true
+ ctx.Data["ForcePrivate"] = setting.Repository.ForcePrivate
ctx.HTML(200, tplSettingsOptions)
}
@@ -94,6 +96,12 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
}
visibilityChanged := repo.IsPrivate != form.Private
+ // when ForcePrivate enabled, you could change public repo to private, but could not change private to public
+ if visibilityChanged && setting.Repository.ForcePrivate && !form.Private {
+ ctx.ServerError("Force Private enabled", errors.New("cannot change private repository to public"))
+ return
+ }
+
repo.IsPrivate = form.Private
if err := models.UpdateRepository(repo, visibilityChanged); err != nil {
ctx.ServerError("UpdateRepository", err)
diff --git a/templates/repo/settings/options.tmpl b/templates/repo/settings/options.tmpl
index 432f20e74f..94fbcbe651 100644
--- a/templates/repo/settings/options.tmpl
+++ b/templates/repo/settings/options.tmpl
@@ -19,7 +19,7 @@
<div class="inline field">
<label>{{.i18n.Tr "repo.visibility"}}</label>
<div class="ui checkbox">
- <input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}>
+ <input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}{{if and $.ForcePrivate .Repository.IsPrivate}} readonly{{end}}>
<label>{{.i18n.Tr "repo.visibility_helper" | Safe}} {{if .Repository.NumForks}}<span class="text red">{{.i18n.Tr "repo.visibility_fork_helper"}}</span>{{end}}</label>
</div>
</div>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-23 18:44:09 +0000