diff options
| author | Paweł Bogusławski <pawel.boguslawski@ib.pl> | 2020-12-21 15:39:41 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-12-21 15:39:41 +0100 |
| commit | 839daa85aaba5172b3dd2b3f882aa9639a09f13a (patch) | |
| tree | cc99ed17087fd3b3b44cdb650efe16e6f0394e55 /routers | |
| parent | 3a500cf8c4b7892e13cb506af6fe3ab5c1c2faff (diff) | |
| download | gitea-839daa85aaba5172b3dd2b3f882aa9639a09f13a.tar.gz gitea-839daa85aaba5172b3dd2b3f882aa9639a09f13a.zip | |
Added option to disable migrations (#13114)
* Added option to disable migrations
This patch introduces DISABLE_MIGRATIONS parameter in [repository]
section of app.ini (by default set to false). If set to true
it blocks access to repository migration feature.
This mod hides also local repo import option in user editor if
local repo importing or migrations is disabled.
* Alter Example config
DISABLE_MIGRATIONS set to false in example config to
match its default value.
* HTTP error 403 instead of 500 on denied access to migration
* Parameter DISABLE_MIGRATIONS exposed via API
Fixes: 04b04cf854bcb3ed7659442bcf79822bdebe29e9
Author-Change-Id: IB#1105130
Diffstat (limited to 'routers')
| -rw-r--r-- | routers/admin/users.go | 2 | ||||
| -rw-r--r-- | routers/api/v1/repo/migrate.go | 5 | ||||
| -rw-r--r-- | routers/api/v1/settings/settings.go | 5 | ||||
| -rw-r--r-- | routers/repo/migrate.go | 16 |
4 files changed, 26 insertions, 2 deletions
diff --git a/routers/admin/users.go b/routers/admin/users.go index 4382ee3877..06c391b8e0 100644 --- a/routers/admin/users.go +++ b/routers/admin/users.go @@ -191,6 +191,7 @@ func EditUser(ctx *context.Context) { ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminUsers"] = true ctx.Data["DisableRegularOrgCreation"] = setting.Admin.DisableRegularOrgCreation + ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations prepareUserInfo(ctx) if ctx.Written() { @@ -205,6 +206,7 @@ func EditUserPost(ctx *context.Context, form auth.AdminEditUserForm) { ctx.Data["Title"] = ctx.Tr("admin.users.edit_account") ctx.Data["PageIsAdmin"] = true ctx.Data["PageIsAdminUsers"] = true + ctx.Data["DisableMigrations"] = setting.Repository.DisableMigrations u := prepareUserInfo(ctx) if ctx.Written() { diff --git a/routers/api/v1/repo/migrate.go b/routers/api/v1/repo/migrate.go index 511e91f94e..ab480c29aa 100644 --- a/routers/api/v1/repo/migrate.go +++ b/routers/api/v1/repo/migrate.go @@ -119,6 +119,11 @@ func Migrate(ctx *context.APIContext, form api.MigrateRepoOptions) { return } + if setting.Repository.DisableMigrations { + ctx.Error(http.StatusForbidden, "MigrationsGlobalDisabled", fmt.Errorf("the site administrator has disabled migrations")) + return + } + var opts = migrations.MigrateOptions{ CloneAddr: remoteAddr, RepoName: form.RepoName, diff --git a/routers/api/v1/settings/settings.go b/routers/api/v1/settings/settings.go index c94a3141e2..6095988404 100644 --- a/routers/api/v1/settings/settings.go +++ b/routers/api/v1/settings/settings.go @@ -57,8 +57,9 @@ func GetGeneralRepoSettings(ctx *context.APIContext) { // "200": // "$ref": "#/responses/GeneralRepoSettings" ctx.JSON(http.StatusOK, api.GeneralRepoSettings{ - MirrorsDisabled: setting.Repository.DisableMirrors, - HTTPGitDisabled: setting.Repository.DisableHTTPGit, + MirrorsDisabled: setting.Repository.DisableMirrors, + HTTPGitDisabled: setting.Repository.DisableHTTPGit, + MigrationsDisabled: setting.Repository.DisableMigrations, }) } diff --git a/routers/repo/migrate.go b/routers/repo/migrate.go index d843a043a7..a628fd2e2f 100644 --- a/routers/repo/migrate.go +++ b/routers/repo/migrate.go @@ -6,6 +6,7 @@ package repo import ( + "net/http" "strings" "code.gitea.io/gitea/models" @@ -25,6 +26,11 @@ const ( // Migrate render migration of repository page func Migrate(ctx *context.Context) { + if setting.Repository.DisableMigrations { + ctx.Error(http.StatusForbidden, "Migrate: the site administrator has disabled migrations") + return + } + ctx.Data["Services"] = append([]structs.GitServiceType{structs.PlainGitService}, structs.SupportedFullGitService...) serviceType := ctx.QueryInt("service_type") if serviceType == 0 { @@ -60,6 +66,11 @@ func Migrate(ctx *context.Context) { } func handleMigrateError(ctx *context.Context, owner *models.User, err error, name string, tpl base.TplName, form *auth.MigrateRepoForm) { + if setting.Repository.DisableMigrations { + ctx.Error(http.StatusForbidden, "MigrateError: the site administrator has disabled migrations") + return + } + switch { case migrations.IsRateLimitError(err): ctx.RenderWithErr(ctx.Tr("form.visit_rate_limit"), tpl, form) @@ -107,6 +118,11 @@ func handleMigrateError(ctx *context.Context, owner *models.User, err error, nam // MigratePost response for migrating from external git repository func MigratePost(ctx *context.Context, form auth.MigrateRepoForm) { + if setting.Repository.DisableMigrations { + ctx.Error(http.StatusForbidden, "MigratePost: the site administrator has disabled migrations") + return + } + ctx.Data["Title"] = ctx.Tr("new_migrate") // Plain git should be first ctx.Data["service"] = structs.GitServiceType(form.Service) |