Disable custom Git Hooks globally via configuration file (#2450)

* Create option to disable githooks globally via configuration file

* Update comment in app.ini to align with @ethantkoenig's suggestion

Signed-off-by: Matti Ranta <matti@mdranta.net>
release/v1.15
techknowlogick 2017-09-12 05:25:42 -04:00 committed by Lauris BH
parent 3fecf94086
commit 9bdbfbf6f3
5 changed files with 9 additions and 2 deletions

2
conf/app.ini vendored
View File

@ -206,6 +206,8 @@ REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
MIN_PASSWORD_LENGTH = 6 MIN_PASSWORD_LENGTH = 6
; True when users are allowed to import local server paths ; True when users are allowed to import local server paths
IMPORT_LOCAL_PATHS = false IMPORT_LOCAL_PATHS = false
; Prevent all users (including admin) from creating custom git hooks
DISABLE_GIT_HOOKS = false
[openid] [openid]
; ;

View File

@ -237,7 +237,7 @@ func (u *User) CanCreateOrganization() bool {
// CanEditGitHook returns true if user can edit Git hooks. // CanEditGitHook returns true if user can edit Git hooks.
func (u *User) CanEditGitHook() bool { func (u *User) CanEditGitHook() bool {
return u.IsAdmin || u.AllowGitHook return !setting.DisableGitHooks && (u.IsAdmin || u.AllowGitHook)
} }
// CanImportLocal returns true if user can migrate repository by local path. // CanImportLocal returns true if user can migrate repository by local path.

View File

@ -124,6 +124,7 @@ var (
ReverseProxyAuthUser string ReverseProxyAuthUser string
MinPasswordLength int MinPasswordLength int
ImportLocalPaths bool ImportLocalPaths bool
DisableGitHooks bool
// Database settings // Database settings
UseSQLite3 bool UseSQLite3 bool
@ -817,6 +818,7 @@ func NewContext() {
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER") ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6) MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false) ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
InternalToken = sec.Key("INTERNAL_TOKEN").String() InternalToken = sec.Key("INTERNAL_TOKEN").String()
if len(InternalToken) == 0 { if len(InternalToken) == 0 {
secretBytes := make([]byte, 32) secretBytes := make([]byte, 32)

View File

@ -155,6 +155,9 @@ func NewFuncMap() []template.FuncMap {
} }
return out.String() return out.String()
}, },
"DisableGitHooks": func() bool {
return setting.DisableGitHooks
},
}} }}
} }

View File

@ -86,7 +86,7 @@
<div class="inline field"> <div class="inline field">
<div class="ui checkbox"> <div class="ui checkbox">
<label><strong>{{.i18n.Tr "admin.users.allow_git_hook"}}</strong></label> <label><strong>{{.i18n.Tr "admin.users.allow_git_hook"}}</strong></label>
<input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}}> <input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}} {{if DisableGitHooks}}disabled{{end}}>
</div> </div>
</div> </div>
<div class="inline field"> <div class="inline field">