Browse Source

Feature #2583: Disable HTTP cloning (#3667)

* Can disable GIT interactions by HTTP protocol

* rename variable + fix wiki link

* missing space
pull/3740/merge
Thibault Meyer 8 years ago committed by 无闻
parent
commit
c47fbc629b
  1. 2
      conf/app.ini
  2. 1
      modules/context/repo.go
  3. 2
      modules/setting/setting.go
  4. 5
      routers/repo/http.go
  5. 6
      templates/repo/bare.tmpl
  6. 6
      templates/repo/home.tmpl
  7. 6
      templates/repo/wiki/view.tmpl

2
conf/app.ini

@ -24,6 +24,8 @@ PULL_REQUEST_QUEUE_LENGTH = 1000
; Preferred Licenses to place at the top of the List ; Preferred Licenses to place at the top of the List
; Name must match file name in conf/license or custom/conf/license ; Name must match file name in conf/license or custom/conf/license
PREFERRED_LICENSES = Apache License 2.0,MIT License PREFERRED_LICENSES = Apache License 2.0,MIT License
; Disable ability to interact with repositories by HTTP protocol
DISABLE_HTTP_GIT = false
[repository.editor] [repository.editor]
; List of file extensions that should have line wraps in the CodeMirror editor ; List of file extensions that should have line wraps in the CodeMirror editor

1
modules/context/repo.go

@ -256,6 +256,7 @@ func RepoAssignment(args ...bool) macaron.Handler {
ctx.Data["IsRepositoryWriter"] = ctx.Repo.IsWriter() ctx.Data["IsRepositoryWriter"] = ctx.Repo.IsWriter()
ctx.Data["DisableSSH"] = setting.SSH.Disabled ctx.Data["DisableSSH"] = setting.SSH.Disabled
ctx.Data["DisableHTTP"] = setting.Repository.DisableHTTPGit
ctx.Data["CloneLink"] = repo.CloneLink() ctx.Data["CloneLink"] = repo.CloneLink()
ctx.Data["WikiCloneLink"] = repo.WikiCloneLink() ctx.Data["WikiCloneLink"] = repo.WikiCloneLink()

2
modules/setting/setting.go

@ -118,6 +118,7 @@ var (
MirrorQueueLength int MirrorQueueLength int
PullRequestQueueLength int PullRequestQueueLength int
PreferredLicenses []string PreferredLicenses []string
DisableHTTPGit bool
// Repository editor settings // Repository editor settings
Editor struct { Editor struct {
@ -494,6 +495,7 @@ func NewContext() {
// Determine and create root git repository path. // Determine and create root git repository path.
sec = Cfg.Section("repository") sec = Cfg.Section("repository")
Repository.DisableHTTPGit = sec.Key("DISABLE_HTTP_GIT").MustBool()
RepoRootPath = sec.Key("ROOT").MustString(path.Join(homeDir, "gogs-repositories")) RepoRootPath = sec.Key("ROOT").MustString(path.Join(homeDir, "gogs-repositories"))
forcePathSeparator(RepoRootPath) forcePathSeparator(RepoRootPath)
if !filepath.IsAbs(RepoRootPath) { if !filepath.IsAbs(RepoRootPath) {

5
routers/repo/http.go

@ -479,6 +479,11 @@ func HTTPBackend(ctx *context.Context, cfg *serviceConfig) http.HandlerFunc {
for _, route := range routes { for _, route := range routes {
r.URL.Path = strings.ToLower(r.URL.Path) // blue: In case some repo name has upper case name r.URL.Path = strings.ToLower(r.URL.Path) // blue: In case some repo name has upper case name
if m := route.reg.FindStringSubmatch(r.URL.Path); m != nil { if m := route.reg.FindStringSubmatch(r.URL.Path); m != nil {
if setting.Repository.DisableHTTPGit {
w.WriteHeader(http.StatusForbidden)
w.Write([]byte("Interacting with repositories by HTTP protocol is not allowed"))
return
}
if route.method != r.Method { if route.method != r.Method {
if r.Proto == "HTTP/1.1" { if r.Proto == "HTTP/1.1" {
w.WriteHeader(http.StatusMethodNotAllowed) w.WriteHeader(http.StatusMethodNotAllowed)

6
templates/repo/bare.tmpl

@ -16,15 +16,21 @@
<div class="item"> <div class="item">
<h3>{{.i18n.Tr "repo.clone_this_repo"}} <small>{{.i18n.Tr "repo.clone_helper" "http://git-scm.com/book/en/Git-Basics-Getting-a-Git-Repository" | Str2html}}</small></h3> <h3>{{.i18n.Tr "repo.clone_this_repo"}} <small>{{.i18n.Tr "repo.clone_helper" "http://git-scm.com/book/en/Git-Basics-Getting-a-Git-Repository" | Str2html}}</small></h3>
<div class="ui action small input"> <div class="ui action small input">
{{if not $.DisableHTTP}}
<button class="ui basic clone button" id="repo-clone-https" data-link="{{.CloneLink.HTTPS}}"> <button class="ui basic clone button" id="repo-clone-https" data-link="{{.CloneLink.HTTPS}}">
{{if UseHTTPS}}HTTPS{{else}}HTTP{{end}} {{if UseHTTPS}}HTTPS{{else}}HTTP{{end}}
</button> </button>
{{end}}
{{if not $.DisableSSH}} {{if not $.DisableSSH}}
<button class="ui basic clone button" id="repo-clone-ssh" data-link="{{.CloneLink.SSH}}"> <button class="ui basic clone button" id="repo-clone-ssh" data-link="{{.CloneLink.SSH}}">
SSH SSH
</button> </button>
{{end}} {{end}}
{{if not $.DisableHTTP}}
<input id="repo-clone-url" value="{{$.CloneLink.HTTPS}}" readonly> <input id="repo-clone-url" value="{{$.CloneLink.HTTPS}}" readonly>
{{else}}
<input id="repo-clone-url" value="{{$.CloneLink.SSH}}" readonly>
{{end}}
<button class="ui basic button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> <button class="ui basic button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url">
<i class="octicon octicon-clippy"></i> <i class="octicon octicon-clippy"></i>
</button> </button>

6
templates/repo/home.tmpl

@ -51,15 +51,21 @@
<!-- Only show colne panel in repository home page --> <!-- Only show colne panel in repository home page -->
{{if eq $n 0}} {{if eq $n 0}}
<div class="ui action small input" id="clone-panel"> <div class="ui action small input" id="clone-panel">
{{if not $.DisableHTTP}}
<button class="ui basic clone button" id="repo-clone-https" data-link="{{.CloneLink.HTTPS}}"> <button class="ui basic clone button" id="repo-clone-https" data-link="{{.CloneLink.HTTPS}}">
{{if UseHTTPS}}HTTPS{{else}}HTTP{{end}} {{if UseHTTPS}}HTTPS{{else}}HTTP{{end}}
</button> </button>
{{end}}
{{if not $.DisableSSH}} {{if not $.DisableSSH}}
<button class="ui basic clone button" id="repo-clone-ssh" data-link="{{.CloneLink.SSH}}"> <button class="ui basic clone button" id="repo-clone-ssh" data-link="{{.CloneLink.SSH}}">
SSH SSH
</button> </button>
{{end}} {{end}}
{{if not $.DisableHTTP}}
<input id="repo-clone-url" value="{{$.CloneLink.HTTPS}}" readonly> <input id="repo-clone-url" value="{{$.CloneLink.HTTPS}}" readonly>
{{else}}
<input id="repo-clone-url" value="{{$.CloneLink.SSH}}" readonly>
{{end}}
<button class="ui basic icon button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> <button class="ui basic icon button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url">
<i class="octicon octicon-clippy"></i> <i class="octicon octicon-clippy"></i>
</button> </button>

6
templates/repo/wiki/view.tmpl

@ -29,15 +29,21 @@
</div> </div>
<div class="ui six wide column"> <div class="ui six wide column">
<div class="ui action small input" id="clone-panel"> <div class="ui action small input" id="clone-panel">
{{if not $.DisableHTTP}}
<button class="ui basic clone button" id="repo-clone-https" data-link="{{.WikiCloneLink.HTTPS}}"> <button class="ui basic clone button" id="repo-clone-https" data-link="{{.WikiCloneLink.HTTPS}}">
{{if UseHTTPS}}HTTPS{{else}}HTTP{{end}} {{if UseHTTPS}}HTTPS{{else}}HTTP{{end}}
</button> </button>
{{end}}
{{if not $.DisableSSH}} {{if not $.DisableSSH}}
<button class="ui basic clone button" id="repo-clone-ssh" data-link="{{.WikiCloneLink.SSH}}"> <button class="ui basic clone button" id="repo-clone-ssh" data-link="{{.WikiCloneLink.SSH}}">
SSH SSH
</button> </button>
{{end}} {{end}}
{{if not $.DisableHTTP}}
<input id="repo-clone-url" value="{{$.WikiCloneLink.HTTPS}}" readonly> <input id="repo-clone-url" value="{{$.WikiCloneLink.HTTPS}}" readonly>
{{else}}
<input id="repo-clone-url" value="{{$.WikiCloneLink.SSH}}" readonly>
{{end}}
<button class="ui basic icon button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url"> <button class="ui basic icon button poping up clipboard" id="clipboard-btn" data-original="{{.i18n.Tr "repo.copy_link"}}" data-success="{{.i18n.Tr "repo.copy_link_success"}}" data-error="{{.i18n.Tr "repo.copy_link_error"}}" data-content="{{.i18n.Tr "repo.copy_link"}}" data-variation="inverted tiny" data-clipboard-target="#repo-clone-url">
<i class="octicon octicon-clippy"></i> <i class="octicon octicon-clippy"></i>
</button> </button>

Loading…
Cancel
Save