diff options
| -rw-r--r-- | conf/app.ini | 2 | ||||
| -rw-r--r-- | integrations/repo_test.go | 37 | ||||
| -rw-r--r-- | modules/context/repo.go | 1 | ||||
| -rw-r--r-- | modules/setting/setting.go | 2 | ||||
| -rw-r--r-- | templates/repo/bare.tmpl | 8 | ||||
| -rw-r--r-- | templates/repo/home.tmpl | 12 | ||||
| -rw-r--r-- | templates/repo/wiki/view.tmpl | 12 |
7 files changed, 61 insertions, 13 deletions
diff --git a/conf/app.ini b/conf/app.ini index 8f04435b5f..bb0654e2e2 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -126,6 +126,8 @@ SSH_KEY_TEST_PATH = SSH_KEYGEN_PATH = ssh-keygen ; Enable SSH Authorized Key Backup when rewriting all keys, default is true SSH_BACKUP_AUTHORIZED_KEYS = true +; Enable exposure of SSH clone URL to anonymous visitors, default is false +SSH_EXPOSE_ANONYMOUS = false ; Indicate whether to check minimum key size with corresponding type MINIMUM_KEY_SIZE_CHECK = false ; Disable CDN even in "prod" mode diff --git a/integrations/repo_test.go b/integrations/repo_test.go index 004156b446..f5ba4d8d82 100644 --- a/integrations/repo_test.go +++ b/integrations/repo_test.go @@ -5,8 +5,13 @@ package integrations import ( + "fmt" "net/http" "testing" + + "code.gitea.io/gitea/modules/setting" + + "github.com/stretchr/testify/assert" ) func TestViewRepo(t *testing.T) { @@ -37,3 +42,35 @@ func TestViewRepo3(t *testing.T) { session := loginUser(t, "user3") session.MakeRequest(t, req, http.StatusOK) } + +func TestViewRepo1CloneLinkAnonymous(t *testing.T) { + prepareTestEnv(t) + + req := NewRequest(t, "GET", "/user2/repo1") + resp := MakeRequest(t, req, http.StatusOK) + + htmlDoc := NewHTMLParser(t, resp.Body) + link, exists := htmlDoc.doc.Find("#repo-clone-https").Attr("data-link") + assert.True(t, exists, "The template has changed") + assert.Equal(t, setting.AppURL+"user2/repo1.git", link) + _, exists = htmlDoc.doc.Find("#repo-clone-ssh").Attr("data-link") + assert.False(t, exists) +} + +func TestViewRepo1CloneLinkAuthorized(t *testing.T) { + prepareTestEnv(t) + + session := loginUser(t, "user2") + + req := NewRequest(t, "GET", "/user2/repo1") + resp := session.MakeRequest(t, req, http.StatusOK) + + htmlDoc := NewHTMLParser(t, resp.Body) + link, exists := htmlDoc.doc.Find("#repo-clone-https").Attr("data-link") + assert.True(t, exists, "The template has changed") + assert.Equal(t, setting.AppURL+"user2/repo1.git", link) + link, exists = htmlDoc.doc.Find("#repo-clone-ssh").Attr("data-link") + assert.True(t, exists, "The template has changed") + sshURL := fmt.Sprintf("%s@%s:user2/repo1.git", setting.RunUser, setting.SSH.Domain) + assert.Equal(t, sshURL, link) +} diff --git a/modules/context/repo.go b/modules/context/repo.go index e46170b76d..d636496f50 100644 --- a/modules/context/repo.go +++ b/modules/context/repo.go @@ -285,6 +285,7 @@ func RepoAssignment() macaron.Handler { ctx.Data["IsRepositoryWriter"] = ctx.Repo.IsWriter() ctx.Data["DisableSSH"] = setting.SSH.Disabled + ctx.Data["ExposeAnonSSH"] = setting.SSH.ExposeAnonymous ctx.Data["DisableHTTP"] = setting.Repository.DisableHTTPGit ctx.Data["CloneLink"] = repo.CloneLink() ctx.Data["WikiCloneLink"] = repo.WikiCloneLink() diff --git a/modules/setting/setting.go b/modules/setting/setting.go index f24a87653b..82187e81be 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -99,6 +99,7 @@ var ( AuthorizedKeysBackup bool `ini:"SSH_AUTHORIZED_KEYS_BACKUP"` MinimumKeySizeCheck bool `ini:"-"` MinimumKeySizes map[string]int `ini:"-"` + ExposeAnonymous bool `ini:"SSH_EXPOSE_ANONYMOUS"` }{ Disabled: false, StartBuiltinServer: false, @@ -707,6 +708,7 @@ func NewContext() { } } SSH.AuthorizedKeysBackup = sec.Key("SSH_AUTHORIZED_KEYS_BACKUP").MustBool(true) + SSH.ExposeAnonymous = sec.Key("SSH_EXPOSE_ANONYMOUS").MustBool(false) if err = Cfg.Section("server").MapTo(&LFS); err != nil { log.Fatal(4, "Failed to map LFS settings: %v", err) diff --git a/templates/repo/bare.tmpl b/templates/repo/bare.tmpl index b72738fe34..bd37228ad1 100644 --- a/templates/repo/bare.tmpl +++ b/templates/repo/bare.tmpl @@ -28,9 +28,11 @@ {{else}} <input id="repo-clone-url" value="{{$.CloneLink.SSH}}" readonly> {{end}} - <button class="ui basic button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> - <i class="octicon octicon-clippy"></i> - </button> + {{if not (and $.DisableHTTP $.DisableSSH)}} + <button class="ui basic button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> + <i class="octicon octicon-clippy"></i> + </button> + {{end}} </div> </div> <div class="ui divider"></div> diff --git a/templates/repo/home.tmpl b/templates/repo/home.tmpl index 664326c562..5af574ee04 100644 --- a/templates/repo/home.tmpl +++ b/templates/repo/home.tmpl @@ -56,19 +56,21 @@ {{if UseHTTPS}}HTTPS{{else}}HTTP{{end}} </button> {{end}} - {{if not $.DisableSSH}} + {{if and (not $.DisableSSH) (or $.IsSigned $.ExposeAnonSSH)}} <button class="ui basic clone button" id="repo-clone-ssh" data-link="{{.CloneLink.SSH}}"> SSH </button> {{end}} {{if not $.DisableHTTP}} <input id="repo-clone-url" value="{{$.CloneLink.HTTPS}}" readonly> - {{else}} + {{else if and (not $.DisableSSH) (or $.IsSigned $.ExposeAnonSSH)}} <input id="repo-clone-url" value="{{$.CloneLink.SSH}}" readonly> {{end}} - <button class="ui basic icon button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> - <i class="octicon octicon-clippy"></i> - </button> + {{if or ((not $.DisableHTTP) (and (not $.DisableSSH) (or $.IsSigned $.ExposeAnonSSH)))}} + <button class="ui basic icon button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> + <i class="octicon octicon-clippy"></i> + </button> + {{end}} <div class="ui basic jump dropdown icon button poping up" data-content="{{.i18n.Tr "repo.download_archive"}}" data-variation="tiny inverted" data-position="top right"> <i class="download icon"></i> <div class="menu"> diff --git a/templates/repo/wiki/view.tmpl b/templates/repo/wiki/view.tmpl index b9aa4e9560..8eab1ac07b 100644 --- a/templates/repo/wiki/view.tmpl +++ b/templates/repo/wiki/view.tmpl @@ -35,19 +35,21 @@ {{if UseHTTPS}}HTTPS{{else}}HTTP{{end}} </button> {{end}} - {{if not $.DisableSSH}} + {{if and (not $.DisableSSH) (or $.IsSigned $.ExposeAnonSSH)}} <button class="ui basic clone button" id="repo-clone-ssh" data-link="{{.WikiCloneLink.SSH}}"> SSH </button> {{end}} {{if not $.DisableHTTP}} <input id="repo-clone-url" value="{{$.WikiCloneLink.HTTPS}}" readonly> - {{else}} + {{else if and (not $.DisableSSH) (or $.IsSigned $.ExposeAnonSSH)}} <input id="repo-clone-url" value="{{$.WikiCloneLink.SSH}}" readonly> {{end}} - <button class="ui basic icon button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> - <i class="octicon octicon-clippy"></i> - </button> + {{if or ((not $.DisableHTTP) (and (not $.DisableSSH) (or $.IsSigned $.ExposeAnonSSH)))}} + <button class="ui basic icon button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> + <i class="octicon octicon-clippy"></i> + </button> + {{end}} </div> </div> </div> |