diff options
| author | Lunny Xiao <xiaolunwen@gmail.com> | 2018-11-28 19:26:14 +0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-11-28 19:26:14 +0800 |
| commit | eabbddcd98717ef20d8475e819f403c50f4a9787 (patch) | |
| tree | efc525e7ec60d56d3bec72019febfa088a128b89 /cmd | |
| parent | 0222623be9fa4a56d870213f77b92139cefc2518 (diff) | |
| download | gitea-eabbddcd98717ef20d8475e819f403c50f4a9787.tar.gz gitea-eabbddcd98717ef20d8475e819f403c50f4a9787.zip | |
Restrict permission check on repositories and fix some problems (#5314)
* fix units permission problems
* fix some bugs and merge LoadUnits to repoAssignment
* refactor permission struct and add some copyright heads
* remove unused codes
* fix routes units check
* improve permission check
* add unit tests for permission
* fix typo
* fix tests
* fix some routes
* fix api permission check
* improve permission check
* fix some permission check
* fix tests
* fix tests
* improve some permission check
* fix some permission check
* refactor AccessLevel
* fix bug
* fix tests
* fix tests
* fix tests
* fix AccessLevel
* rename CanAccess
* fix tests
* fix comment
* fix bug
* add missing unit for test repos
* fix bug
* rename some functions
* fix routes check
Diffstat (limited to 'cmd')
| -rw-r--r-- | cmd/serv.go | 14 |
1 files changed, 2 insertions, 12 deletions
diff --git a/cmd/serv.go b/cmd/serv.go index ca042e2b2b..51b0b4984b 100644 --- a/cmd/serv.go +++ b/cmd/serv.go @@ -193,7 +193,7 @@ func runServ(c *cli.Context) error { keyID int64 user *models.User ) - if requestedMode == models.AccessModeWrite || repo.IsPrivate { + if requestedMode == models.AccessModeWrite || repo.IsPrivate || setting.Service.RequireSignInView { keys := strings.Split(c.Args()[0], "-") if len(keys) != 2 { fail("Key ID format error", "Invalid key argument: %s", c.Args()[0]) @@ -236,7 +236,7 @@ func runServ(c *cli.Context) error { user.Name, repoPath) } - mode, err := private.AccessLevel(user.ID, repo.ID) + mode, err := private.CheckUnitUser(user.ID, repo.ID, user.IsAdmin, unitType) if err != nil { fail("Internal error", "Failed to check access: %v", err) } else if *mode < requestedMode { @@ -249,16 +249,6 @@ func runServ(c *cli.Context) error { user.Name, requestedMode, repoPath) } - check, err := private.CheckUnitUser(user.ID, repo.ID, user.IsAdmin, unitType) - if err != nil { - fail("You do not have allowed for this action", "Failed to access internal api: [user.Name: %s, repoPath: %s]", user.Name, repoPath) - } - if !check { - fail("You do not have allowed for this action", - "User %s does not have allowed access to repository %s 's code", - user.Name, repoPath) - } - os.Setenv(models.EnvPusherName, user.Name) os.Setenv(models.EnvPusherID, fmt.Sprintf("%d", user.ID)) } |