#1511 Allow local import only for admin users

1 files changed, 34 insertions, 0 deletions

diff --git a/modules/auth/repo_form.go b/modules/auth/repo_form.go
index 191117bbdf..766f540f40 100644
--- a/modules/auth/repo_form.go
+++ b/modules/auth/repo_form.go
@@ -5,8 +5,14 @@
 package auth
 
 import (
+	"net/url"
+	"strings"
+
+	"github.com/Unknwon/com"
 	"github.com/go-macaron/binding"
 	"gopkg.in/macaron.v1"
+
+	"github.com/gogits/gogs/models"
 )
 
 // _______________________________________    _________.______________________ _______________.___.
@@ -46,6 +52,34 @@ func (f *MigrateRepoForm) Validate(ctx *macaron.Context, errs binding.Errors) bi
 	return validate(errs, ctx.Data, f, ctx.Locale)
 }
 
+// ParseRemoteAddr checks if given remote address is valid,
+// and returns composed URL with needed username and passowrd.
+// It also checks if given user has permission when remote address
+// is actually a local path.
+func (f MigrateRepoForm) ParseRemoteAddr(user *models.User) (string, error) {
+	remoteAddr := f.CloneAddr
+
+	// Remote address can be HTTP/HTTPS/Git URL or local path.
+	if strings.HasPrefix(remoteAddr, "http://") ||
+		strings.HasPrefix(remoteAddr, "https://") ||
+		strings.HasPrefix(remoteAddr, "git://") {
+		u, err := url.Parse(remoteAddr)
+		if err != nil {
+			return "", models.ErrInvalidCloneAddr{IsURLError: true}
+		}
+		if len(f.AuthUsername)+len(f.AuthPassword) > 0 {
+			u.User = url.UserPassword(f.AuthUsername, f.AuthPassword)
+		}
+		remoteAddr = u.String()
+	} else if !user.CanImportLocal() {
+		return "", models.ErrInvalidCloneAddr{IsPermissionDenied: true}
+	} else if !com.IsDir(remoteAddr) {
+		return "", models.ErrInvalidCloneAddr{IsInvalidPath: true}
+	}
+
+	return remoteAddr, nil
+}
+
 type RepoSettingForm struct {
 	RepoName    string `binding:"Required;AlphaDashDot;MaxSize(100)"`
 	Description string `binding:"MaxSize(255)"`