Browse Source

Prevent transferring repos to invisible orgs (#11517)

Co-authored-by: Guillermo Prandi <guillep2k@users.noreply.github.com>
for-closed-social
guillep2k 4 years ago
committed by GitHub
parent
commit
e963525c5e
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 0 deletions
  1. +9
    -0
      routers/repo/setting.go

+ 9
- 0
routers/repo/setting.go View File

@ -22,6 +22,7 @@ import (
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/repository"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/structs"
"code.gitea.io/gitea/modules/timeutil"
"code.gitea.io/gitea/modules/validation"
"code.gitea.io/gitea/routers/utils"
@ -379,6 +380,14 @@ func SettingsPost(ctx *context.Context, form auth.RepoSettingForm) {
return
}
if newOwner.Type == models.UserTypeOrganization {
if !ctx.User.IsAdmin && newOwner.Visibility == structs.VisibleTypePrivate && !ctx.User.IsUserPartOfOrg(newOwner.ID) {
// The user shouldn't know about this organization
ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_owner_name"), tplSettingsOptions, nil)
return
}
}
// Close the GitRepo if open
if ctx.Repo.GitRepo != nil {
ctx.Repo.GitRepo.Close()

Loading…
Cancel
Save