From fda80b9e56f2b6b962de8a13aa4928de2a765f9b Mon Sep 17 00:00:00 2001 From: Matti R Date: Sat, 2 Sep 2017 02:49:02 -0400 Subject: [PATCH 1/2] Create option to disable githooks globally via configuration file Signed-off-by: Matti Ranta --- conf/app.ini | 2 ++ models/user.go | 2 +- modules/setting/setting.go | 2 ++ modules/templates/helper.go | 3 +++ templates/admin/user/edit.tmpl | 2 +- 5 files changed, 9 insertions(+), 2 deletions(-) diff --git a/conf/app.ini b/conf/app.ini index 676321d7d5b4b..e983729a09204 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -206,6 +206,8 @@ REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER MIN_PASSWORD_LENGTH = 6 ; True when users are allowed to import local server paths IMPORT_LOCAL_PATHS = false +; Disable all (including admin) users to create custom git-hooks +DISABLE_GIT_HOOKS = false [openid] ; diff --git a/models/user.go b/models/user.go index 01f14edb7f06f..1e2502ebc0ce0 100644 --- a/models/user.go +++ b/models/user.go @@ -237,7 +237,7 @@ func (u *User) CanCreateOrganization() bool { // CanEditGitHook returns true if user can edit Git hooks. func (u *User) CanEditGitHook() bool { - return u.IsAdmin || u.AllowGitHook + return !setting.DisableGitHooks && (u.IsAdmin || u.AllowGitHook) } // CanImportLocal returns true if user can migrate repository by local path. diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 00aaad6913bd9..721dd0f0f75c0 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -124,6 +124,7 @@ var ( ReverseProxyAuthUser string MinPasswordLength int ImportLocalPaths bool + DisableGitHooks bool // Database settings UseSQLite3 bool @@ -817,6 +818,7 @@ func NewContext() { ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER") MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6) ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false) + DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false) InternalToken = sec.Key("INTERNAL_TOKEN").String() if len(InternalToken) == 0 { secretBytes := make([]byte, 32) diff --git a/modules/templates/helper.go b/modules/templates/helper.go index 821ff6c9c75ad..5ac0f6ee54e46 100644 --- a/modules/templates/helper.go +++ b/modules/templates/helper.go @@ -155,6 +155,9 @@ func NewFuncMap() []template.FuncMap { } return out.String() }, + "DisableGitHooks": func() bool { + return setting.DisableGitHooks + }, }} } diff --git a/templates/admin/user/edit.tmpl b/templates/admin/user/edit.tmpl index 4feeef302a40b..ae7cb56616f4c 100644 --- a/templates/admin/user/edit.tmpl +++ b/templates/admin/user/edit.tmpl @@ -86,7 +86,7 @@
- +
From 5d6100c3db6d6a1351c3e87ab61799a29fdb96e8 Mon Sep 17 00:00:00 2001 From: Matti R Date: Fri, 8 Sep 2017 21:59:27 -0400 Subject: [PATCH 2/2] Update comment in app.ini to align with @ethantkoenig's suggestion Signed-off-by: Matti Ranta --- conf/app.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/conf/app.ini b/conf/app.ini index e983729a09204..9674b815c9817 100644 --- a/conf/app.ini +++ b/conf/app.ini @@ -206,7 +206,7 @@ REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER MIN_PASSWORD_LENGTH = 6 ; True when users are allowed to import local server paths IMPORT_LOCAL_PATHS = false -; Disable all (including admin) users to create custom git-hooks +; Prevent all users (including admin) from creating custom git hooks DISABLE_GIT_HOOKS = false [openid]