1 files changed, 42 insertions, 6 deletions

diff --git a/routers/web/web.go b/routers/web/web.go
index 5fefbad88a..142f2384eb 100644
--- a/routers/web/web.go
+++ b/routers/web/web.go
@@ -303,6 +303,13 @@ func RegisterRoutes(m *web.Route) {
 		}
 	}
 
+	packagesEnabled := func(ctx *context.Context) {
+		if !setting.Packages.Enabled {
+			ctx.Error(http.StatusForbidden)
+			return
+		}
+	}
+
 	// FIXME: not all routes need go through same middleware.
 	// Especially some AJAX requests, we can reduce middleware number to improve performance.
 	// Routers.
@@ -443,12 +450,27 @@ func RegisterRoutes(m *web.Route) {
 		m.Combo("/keys").Get(user_setting.Keys).
 			Post(bindIgnErr(forms.AddKeyForm{}), user_setting.KeysPost)
 		m.Post("/keys/delete", user_setting.DeleteKey)
+		m.Group("/packages", func() {
+			m.Get("", user_setting.Packages)
+			m.Group("/rules", func() {
+				m.Group("/add", func() {
+					m.Get("", user_setting.PackagesRuleAdd)
+					m.Post("", bindIgnErr(forms.PackageCleanupRuleForm{}), user_setting.PackagesRuleAddPost)
+				})
+				m.Group("/{id}", func() {
+					m.Get("", user_setting.PackagesRuleEdit)
+					m.Post("", bindIgnErr(forms.PackageCleanupRuleForm{}), user_setting.PackagesRuleEditPost)
+					m.Get("/preview", user_setting.PackagesRulePreview)
+				})
+			})
+		}, packagesEnabled)
 		m.Get("/organization", user_setting.Organization)
 		m.Get("/repos", user_setting.Repos)
 		m.Post("/repos/unadopted", user_setting.AdoptOrDeleteRepository)
 	}, reqSignIn, func(ctx *context.Context) {
 		ctx.Data["PageIsUserSettings"] = true
 		ctx.Data["AllThemes"] = setting.UI.Themes
+		ctx.Data["EnablePackages"] = setting.Packages.Enabled
 	})
 
 	m.Group("/user", func() {
@@ -526,12 +548,10 @@ func RegisterRoutes(m *web.Route) {
 			m.Post("/delete", admin.DeleteRepo)
 		})
 
-		if setting.Packages.Enabled {
-			m.Group("/packages", func() {
-				m.Get("", admin.Packages)
-				m.Post("/delete", admin.DeletePackageVersion)
-			})
-		}
+		m.Group("/packages", func() {
+			m.Get("", admin.Packages)
+			m.Post("/delete", admin.DeletePackageVersion)
+		}, packagesEnabled)
 
 		m.Group("/hooks", func() {
 			m.Get("", admin.DefaultOrSystemWebhooks)
@@ -750,8 +770,24 @@ func RegisterRoutes(m *web.Route) {
 				})
 
 				m.Route("/delete", "GET,POST", org.SettingsDelete)
+
+				m.Group("/packages", func() {
+					m.Get("", org.Packages)
+					m.Group("/rules", func() {
+						m.Group("/add", func() {
+							m.Get("", org.PackagesRuleAdd)
+							m.Post("", bindIgnErr(forms.PackageCleanupRuleForm{}), org.PackagesRuleAddPost)
+						})
+						m.Group("/{id}", func() {
+							m.Get("", org.PackagesRuleEdit)
+							m.Post("", bindIgnErr(forms.PackageCleanupRuleForm{}), org.PackagesRuleEditPost)
+							m.Get("/preview", org.PackagesRulePreview)
+						})
+					})
+				}, packagesEnabled)
 			}, func(ctx *context.Context) {
 				ctx.Data["EnableOAuth2"] = setting.OAuth2.Enable
+				ctx.Data["EnablePackages"] = setting.Packages.Enabled
 			})
 		}, context.OrgAssignment(true, true))
 	}, reqSignIn)