diff options
| author | guillep2k <18600385+guillep2k@users.noreply.github.com> | 2020-05-21 10:48:01 -0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-21 08:48:01 -0500 |
| commit | e963525c5e0a0b40825fde36e33ce31bf12df3c0 (patch) | |
| tree | 31d073922dbf0df3510c9c9ed0e8e0a2d9f4b053 /routers | |
| parent | 0b8b81e02902a5c11829cce7f439f84731a8eaeb (diff) | |
| download | gitea-e963525c5e0a0b40825fde36e33ce31bf12df3c0.tar.gz gitea-e963525c5e0a0b40825fde36e33ce31bf12df3c0.zip | |
Prevent transferring repos to invisible orgs (#11517)
Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/repo/setting.go | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/routers/repo/setting.go b/routers/repo/setting.go index 7a2db88c1f..dff13ff5b3 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -22,6 +22,7 @@ import ( "code.gitea.io/gitea/modules/log" "code.gitea.io/gitea/modules/repository" "code.gitea.io/gitea/modules/setting" + "code.gitea.io/gitea/modules/structs" "code.gitea.io/gitea/modules/timeutil" "code.gitea.io/gitea/modules/validation" "code.gitea.io/gitea/routers/utils" @@ -379,6 +380,14 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) { return } + if newOwner.Type == models.UserTypeOrganization { + if !ctx.User.IsAdmin && newOwner.Visibility == structs.VisibleTypePrivate && !ctx.User.IsUserPartOfOrg(newOwner.ID) { + // The user shouldn't know about this organization + ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), tplSettingsOptions, nil) + return + } + } + // Close the GitRepo if open if ctx.Repo.GitRepo != nil { ctx.Repo.GitRepo.Close() |