fix bug user could change private repository to public when force private enabled. (#6156)
This commit is contained in:
		
					parent
					
						
							
								134e55510e
							
						
					
				
			
			
				commit
				
					
						4a2fbbeb10
					
				
			
		
					 2 changed files with 9 additions and 1 deletions
				
			
		|  | @ -6,6 +6,7 @@ | ||||||
| package repo | package repo | ||||||
| 
 | 
 | ||||||
| import ( | import ( | ||||||
|  | 	"errors" | ||||||
| 	"strings" | 	"strings" | ||||||
| 	"time" | 	"time" | ||||||
| 
 | 
 | ||||||
|  | @ -36,6 +37,7 @@ const ( | ||||||
| func Settings(ctx *context.Context) { | func Settings(ctx *context.Context) { | ||||||
| 	ctx.Data["Title"] = ctx.Tr("repo.settings") | 	ctx.Data["Title"] = ctx.Tr("repo.settings") | ||||||
| 	ctx.Data["PageIsSettingsOptions"] = true | 	ctx.Data["PageIsSettingsOptions"] = true | ||||||
|  | 	ctx.Data["ForcePrivate"] = setting.Repository.ForcePrivate | ||||||
| 	ctx.HTML(200, tplSettingsOptions) | 	ctx.HTML(200, tplSettingsOptions) | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  | @ -94,6 +96,12 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) { | ||||||
| 		} | 		} | ||||||
| 
 | 
 | ||||||
| 		visibilityChanged := repo.IsPrivate != form.Private | 		visibilityChanged := repo.IsPrivate != form.Private | ||||||
|  | 		// when ForcePrivate enabled, you could change public repo to private, but could not change private to public | ||||||
|  | 		if visibilityChanged && setting.Repository.ForcePrivate && !form.Private { | ||||||
|  | 			ctx.ServerError("Force Private enabled", errors.New("cannot change private repository to public")) | ||||||
|  | 			return | ||||||
|  | 		} | ||||||
|  | 
 | ||||||
| 		repo.IsPrivate = form.Private | 		repo.IsPrivate = form.Private | ||||||
| 		if err := models.UpdateRepository(repo, visibilityChanged); err != nil { | 		if err := models.UpdateRepository(repo, visibilityChanged); err != nil { | ||||||
| 			ctx.ServerError("UpdateRepository", err) | 			ctx.ServerError("UpdateRepository", err) | ||||||
|  |  | ||||||
|  | @ -19,7 +19,7 @@ | ||||||
| 					<div class="inline field"> | 					<div class="inline field"> | ||||||
| 						<label>{{.i18n.Tr "repo.visibility"}}</label> | 						<label>{{.i18n.Tr "repo.visibility"}}</label> | ||||||
| 						<div class="ui checkbox"> | 						<div class="ui checkbox"> | ||||||
| 							<input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}> | 							<input name="private" type="checkbox" {{if .Repository.IsPrivate}}checked{{end}}{{if and $.ForcePrivate .Repository.IsPrivate}} readonly{{end}}> | ||||||
| 							<label>{{.i18n.Tr "repo.visibility_helper" | Safe}} {{if .Repository.NumForks}}<span class="text red">{{.i18n.Tr "repo.visibility_fork_helper"}}</span>{{end}}</label> | 							<label>{{.i18n.Tr "repo.visibility_helper" | Safe}} {{if .Repository.NumForks}}<span class="text red">{{.i18n.Tr "repo.visibility_fork_helper"}}</span>{{end}}</label> | ||||||
| 						</div> | 						</div> | ||||||
| 					</div> | 					</div> | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue
	
	 Lunny Xiao
				Lunny Xiao