lavender-legacy
/
gitea
7
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Do not allow inactive users to access repositories using private keys (#3887)

release/v1.15
Lauris BH 2018-05-02 16:22:56 +03:00 committed by GitHub
parent 9495429982
commit b66d6b3449
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/serv.go
View File

@ -230,6 +230,12 @@ func runServ(c *cli.Context) error {
fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
}
if !user.IsActive || user.ProhibitLogin {
fail("Your account is not active or has been disabled by Administrator",
"User %s is disabled and have no access to repository %s",
user.Name, repoPath)
}
mode, err := models.AccessLevel(user.ID, repo)
if err != nil {
fail("Internal error", "Failed to check access: %v", err)