mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-11-10 04:05:42 +01:00
Disable custom Git Hooks globally via configuration file (#2450)
* Create option to disable githooks globally via configuration file * Update comment in app.ini to align with @ethantkoenig's suggestion Signed-off-by: Matti Ranta <matti@mdranta.net>
This commit is contained in:
parent
3fecf94086
commit
9bdbfbf6f3
5 changed files with 9 additions and 2 deletions
2
conf/app.ini
vendored
2
conf/app.ini
vendored
|
@ -206,6 +206,8 @@ REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
|
||||||
MIN_PASSWORD_LENGTH = 6
|
MIN_PASSWORD_LENGTH = 6
|
||||||
; True when users are allowed to import local server paths
|
; True when users are allowed to import local server paths
|
||||||
IMPORT_LOCAL_PATHS = false
|
IMPORT_LOCAL_PATHS = false
|
||||||
|
; Prevent all users (including admin) from creating custom git hooks
|
||||||
|
DISABLE_GIT_HOOKS = false
|
||||||
|
|
||||||
[openid]
|
[openid]
|
||||||
;
|
;
|
||||||
|
|
|
@ -237,7 +237,7 @@ func (u *User) CanCreateOrganization() bool {
|
||||||
|
|
||||||
// CanEditGitHook returns true if user can edit Git hooks.
|
// CanEditGitHook returns true if user can edit Git hooks.
|
||||||
func (u *User) CanEditGitHook() bool {
|
func (u *User) CanEditGitHook() bool {
|
||||||
return u.IsAdmin || u.AllowGitHook
|
return !setting.DisableGitHooks && (u.IsAdmin || u.AllowGitHook)
|
||||||
}
|
}
|
||||||
|
|
||||||
// CanImportLocal returns true if user can migrate repository by local path.
|
// CanImportLocal returns true if user can migrate repository by local path.
|
||||||
|
|
|
@ -124,6 +124,7 @@ var (
|
||||||
ReverseProxyAuthUser string
|
ReverseProxyAuthUser string
|
||||||
MinPasswordLength int
|
MinPasswordLength int
|
||||||
ImportLocalPaths bool
|
ImportLocalPaths bool
|
||||||
|
DisableGitHooks bool
|
||||||
|
|
||||||
// Database settings
|
// Database settings
|
||||||
UseSQLite3 bool
|
UseSQLite3 bool
|
||||||
|
@ -817,6 +818,7 @@ func NewContext() {
|
||||||
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
|
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
|
||||||
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
|
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
|
||||||
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
|
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
|
||||||
|
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false)
|
||||||
InternalToken = sec.Key("INTERNAL_TOKEN").String()
|
InternalToken = sec.Key("INTERNAL_TOKEN").String()
|
||||||
if len(InternalToken) == 0 {
|
if len(InternalToken) == 0 {
|
||||||
secretBytes := make([]byte, 32)
|
secretBytes := make([]byte, 32)
|
||||||
|
|
|
@ -155,6 +155,9 @@ func NewFuncMap() []template.FuncMap {
|
||||||
}
|
}
|
||||||
return out.String()
|
return out.String()
|
||||||
},
|
},
|
||||||
|
"DisableGitHooks": func() bool {
|
||||||
|
return setting.DisableGitHooks
|
||||||
|
},
|
||||||
}}
|
}}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -86,7 +86,7 @@
|
||||||
<div class="inline field">
|
<div class="inline field">
|
||||||
<div class="ui checkbox">
|
<div class="ui checkbox">
|
||||||
<label><strong>{{.i18n.Tr "admin.users.allow_git_hook"}}</strong></label>
|
<label><strong>{{.i18n.Tr "admin.users.allow_git_hook"}}</strong></label>
|
||||||
<input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}}>
|
<input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}} {{if DisableGitHooks}}disabled{{end}}>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
<div class="inline field">
|
<div class="inline field">
|
||||||
|
|
Loading…
Reference in a new issue