mirrors
/
gitea
mirror da https://github.com/go-gitea/gitea.git
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Rilasci 210 Wiki Attività
Sfoglia il codice sorgente

fix admin lost permission caused by #947

tags/v1.2.0-rc1
Lunny Xiao 7 anni fa
parent
25d6e2a660
commit
6362462da8
Nessun account collegato all'indirizzo email del committer
4 ha cambiato i file con 14 aggiunte e 9 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 1
    1
      cmd/serv.go
  2. 6
    6
      models/repo.go
  3. 6
    1
      modules/context/repo.go
  4. 1
    1
      routers/repo/http.go

+ 1
- 1
cmd/serv.go Vedi File

@@ -250,7 +250,7 @@ func runServ(c *cli.Context) error {
user.Name, requestedMode, repoPath)
}

if !repo.CheckUnitUser(user.ID, unitType) {
if !repo.CheckUnitUser(user.ID, user.IsAdmin, unitType) {
fail("You do not have allowed for this action",
"User %s does not have allowed access to repository %s 's code",
user.Name, repoPath)

+ 6
- 6
models/repo.go Vedi File

@@ -330,8 +330,8 @@ func (repo *Repository) getUnits(e Engine) (err error) {
}

// CheckUnitUser check whether user could visit the unit of this repository
func (repo *Repository) CheckUnitUser(userID int64, unitType UnitType) bool {
if err := repo.getUnitsByUserID(x, userID); err != nil {
func (repo *Repository) CheckUnitUser(userID int64, isAdmin bool, unitType UnitType) bool {
if err := repo.getUnitsByUserID(x, userID, isAdmin); err != nil {
return false
}

@@ -344,11 +344,11 @@ func (repo *Repository) CheckUnitUser(userID int64, unitType UnitType) bool {
}

// LoadUnitsByUserID loads units according userID's permissions
func (repo *Repository) LoadUnitsByUserID(userID int64) error {
return repo.getUnitsByUserID(x, userID)
func (repo *Repository) LoadUnitsByUserID(userID int64, isAdmin bool) error {
return repo.getUnitsByUserID(x, userID, isAdmin)
}

func (repo *Repository) getUnitsByUserID(e Engine, userID int64) (err error) {
func (repo *Repository) getUnitsByUserID(e Engine, userID int64, isAdmin bool) (err error) {
if repo.Units != nil {
return nil
}
@@ -358,7 +358,7 @@ func (repo *Repository) getUnitsByUserID(e Engine, userID int64) (err error) {
return err
}

if !repo.Owner.IsOrganization() || userID == 0 {
if !repo.Owner.IsOrganization() || userID == 0 || isAdmin {
return nil
}


+ 6
- 1
modules/context/repo.go Vedi File

@@ -496,11 +496,16 @@ func RequireRepoWriter() macaron.Handler {
// LoadRepoUnits loads repsitory's units, it should be called after repository and user loaded
func LoadRepoUnits() macaron.Handler {
return func(ctx *Context) {
var isAdmin bool
if ctx.User != nil && ctx.User.IsAdmin {
isAdmin = true
}

var userID int64
if ctx.User != nil {
userID = ctx.User.ID
}
err := ctx.Repo.Repository.LoadUnitsByUserID(userID)
err := ctx.Repo.Repository.LoadUnitsByUserID(userID, isAdmin)
if err != nil {
ctx.Handle(500, "LoadUnitsByUserID", err)
return

+ 1
- 1
routers/repo/http.go Vedi File

@@ -206,7 +206,7 @@ func HTTP(ctx *context.Context) {
}
}

if !repo.CheckUnitUser(authUser.ID, unitType) {
if !repo.CheckUnitUser(authUser.ID, authUser.IsAdmin, unitType) {
ctx.HandleText(http.StatusForbidden, fmt.Sprintf("User %s does not have allowed access to repository %s 's code",
authUser.Name, repo.RepoPath()))
return

Write Preview
Loading…
Annulla
Salva