third_party
/
gitea
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check user instead of organization when creating a repo from a template via API (#16346)

Browse Source 
* Check user instead of organization

* Enforce that only admins can copy a repo to another user
tokarchuk/v1.17
Ion Jaureguialzo Sarasola 4 years ago committed by GitHub
parent ff69dfff7a
commit 251d7f524a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 4 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 13
      routers/api/v1/repo/repo.go

13
routers/api/v1/repo/repo.go
Unescape View File

@ -374,16 +374,21 @@ func Generate(ctx *context.APIContext) {
ctxUser := ctx.User ctxUser := ctx.User
var err error var err error
if form.Owner != ctxUser.Name { if form.Owner != ctxUser.Name {
ctxUser, err = models.GetOrgByName(form.Owner) ctxUser, err = models.GetUserByName(form.Owner)
if err != nil { if err != nil {
if models.IsErrOrgNotExist(err) { if models.IsErrUserNotExist(err) {
ctx.JSON(http.StatusNotFound, map[string]interface{}{ ctx.JSON(http.StatusNotFound, map[string]interface{}{
"error": "request owner `" + form.Name + "` is not exist", "error": "request owner `" + form.Owner + "` does not exist",
}) })
return return
} }
ctx.Error(http.StatusInternalServerError, "GetOrgByName", err) ctx.Error(http.StatusInternalServerError, "GetUserByName", err)
return
}
if !ctx.User.IsAdmin && !ctxUser.IsOrganization() {
ctx.Error(http.StatusForbidden, "", "Only admin can generate repository for other user.")
return return
} }

Write Preview
Loading…
Cancel
Save