diff options
author | zeripath <art27@cantab.net> | 2020-04-19 15:26:58 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-04-19 15:26:58 +0100 |
commit | 41f05588edf8026e43e799dd56114ac001bd7589 (patch) | |
tree | d08e88f994837fc2c889d8e00280a8b36ba14e66 /routers | |
parent | 9588d2c6226c3d027bc5eca8cde7f85806dc3633 (diff) | |
download | gitea-41f05588edf8026e43e799dd56114ac001bd7589.tar.gz gitea-41f05588edf8026e43e799dd56114ac001bd7589.zip |
Prevent clones and pushes to disabled wiki (#11131)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'routers')
-rw-r--r-- | routers/private/serv.go | 21 | ||||
-rw-r--r-- | routers/repo/http.go | 13 |
2 files changed, 33 insertions, 1 deletions
diff --git a/routers/private/serv.go b/routers/private/serv.go index 91c28143ee..d5b5fcc8f7 100644 --- a/routers/private/serv.go +++ b/routers/private/serv.go @@ -329,8 +329,27 @@ func ServCommand(ctx *macaron.Context) { results.RepoID = repo.ID } - // Finally if we're trying to touch the wiki we should init it if results.IsWiki { + // Ensure the wiki is enabled before we allow access to it + if _, err := repo.GetUnit(models.UnitTypeWiki); err != nil { + if models.IsErrUnitTypeNotExist(err) { + ctx.JSON(http.StatusForbidden, map[string]interface{}{ + "results": results, + "type": "ErrForbidden", + "err": "repository wiki is disabled", + }) + return + } + log.Error("Failed to get the wiki unit in %-v Error: %v", repo, err) + ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ + "results": results, + "type": "InternalServerError", + "err": fmt.Sprintf("Failed to get the wiki unit in %s/%s Error: %v", ownerName, repoName, err), + }) + return + } + + // Finally if we're trying to touch the wiki we should init it if err = wiki_service.InitWiki(repo); err != nil { log.Error("Failed to initialize the wiki in %-v Error: %v", repo, err) ctx.JSON(http.StatusInternalServerError, map[string]interface{}{ diff --git a/routers/repo/http.go b/routers/repo/http.go index 725659bcf0..650642a581 100644 --- a/routers/repo/http.go +++ b/routers/repo/http.go @@ -298,6 +298,19 @@ func HTTP(ctx *context.Context) { } } + if isWiki { + // Ensure the wiki is enabled before we allow access to it + if _, err := repo.GetUnit(models.UnitTypeWiki); err != nil { + if models.IsErrUnitTypeNotExist(err) { + ctx.HandleText(http.StatusForbidden, "repository wiki is disabled") + return + } + log.Error("Failed to get the wiki unit in %-v Error: %v", repo, err) + ctx.ServerError("GetUnit(UnitTypeWiki) for "+repo.FullName(), err) + return + } + } + environ = append(environ, models.ProtectedBranchRepoID+fmt.Sprintf("=%d", repo.ID)) w := ctx.Resp |