From 4a2fbbeb101555129ab83f972c41936113f1f6c2 Mon Sep 17 00:00:00 2001 From: Lunny Xiao Date: Sat, 23 Feb 2019 05:56:05 +0800 Subject: [PATCH] fix bug user could change private repository to public when force private enabled. (#6156) --- routers/repo/setting.go | 8 ++++++++ templates/repo/settings/options.tmpl | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/routers/repo/setting.go b/routers/repo/setting.go index 5b5eaeb288..809aab27aa 100644 --- a/routers/repo/setting.go +++ b/routers/repo/setting.go @@ -6,6 +6,7 @@ package repo import ( + "errors" "strings" "time" @@ -36,6 +37,7 @@ const ( func Settings(ctx *context.Context) { ctx.Data["Title"] = ctx.Tr("repo.settings") ctx.Data["PageIsSettingsOptions"] = true + ctx.Data["ForcePrivate"] = setting.Repository.ForcePrivate ctx.HTML(200, tplSettingsOptions) } @@ -94,6 +96,12 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) { } visibilityChanged := repo.IsPrivate != form.Private + // when ForcePrivate enabled, you could change public repo to private, but could not change private to public + if visibilityChanged && setting.Repository.ForcePrivate && !form.Private { + ctx.ServerError("Force Private enabled", errors.New("cannot change private repository to public")) + return + } + repo.IsPrivate = form.Private if err := models.UpdateRepository(repo, visibilityChanged); err != nil { ctx.ServerError("UpdateRepository", err) diff --git a/templates/repo/settings/options.tmpl b/templates/repo/settings/options.tmpl index 432f20e74f..94fbcbe651 100644 --- a/templates/repo/settings/options.tmpl +++ b/templates/repo/settings/options.tmpl @@ -19,7 +19,7 @@
- +