From 09f817c2c9b6ec00b5d3d9f17a94c222a6e4517a Mon Sep 17 00:00:00 2001
From: Jonas Franz <info@jonasfranz.software>
Date: Wed, 13 Sep 2017 18:01:44 +0200
Subject: [PATCH 1/4] Hotfix for "Add time manually"
 (https://github.com/go-gitea/gitea/pull/2211#issuecomment-328780125)

Signed-off-by: Jonas Franz <info@jonasfranz.software>
---
 routers/repo/issue_timetrack.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/routers/repo/issue_timetrack.go b/routers/repo/issue_timetrack.go
index e01cd48a66a7f..4d77ca3cea210 100644
--- a/routers/repo/issue_timetrack.go
+++ b/routers/repo/issue_timetrack.go
@@ -41,7 +41,7 @@ func AddTimeManually(c *context.Context, form auth.AddTimeManuallyForm) {
 		return
 	}
 
-	if _, err := models.AddTime(c.User, issue, int64(total)); err != nil {
+	if _, err := models.AddTime(c.User, issue, int64(total.Seconds())); err != nil {
 		c.Handle(http.StatusInternalServerError, "AddTime", err)
 		return
 	}

From b4b970352d9a5c945d0dd4c0ba4bfdc9219aa87c Mon Sep 17 00:00:00 2001
From: Jonas Franz <info@jonasfranz.software>
Date: Sun, 17 Sep 2017 23:26:53 +0200
Subject: [PATCH 2/4] Checking if Code unit is enabled before creating a fork.

Signed-off-by: Jonas Franz <info@jonasfranz.software>
---
 models/repo.go           |  2 +-
 modules/context/repo.go  | 92 ++++++++++++++++++++++++----------------
 routers/routes/routes.go |  6 ++-
 3 files changed, 60 insertions(+), 40 deletions(-)

diff --git a/models/repo.go b/models/repo.go
index 4b3b0322d6ac1..4c844d9b56635 100644
--- a/models/repo.go
+++ b/models/repo.go
@@ -638,7 +638,7 @@ func (repo *Repository) UpdateSize() error {
 
 // CanBeForked returns true if repository meets the requirements of being forked.
 func (repo *Repository) CanBeForked() bool {
-	return !repo.IsBare
+	return !repo.IsBare && repo.UnitEnabled(UnitTypeCode)
 }
 
 // CanEnablePulls returns true if repository meets the requirements of accepting pulls.
diff --git a/modules/context/repo.go b/modules/context/repo.go
index a82535a6d4855..933b04da5e0f5 100644
--- a/modules/context/repo.go
+++ b/modules/context/repo.go
@@ -177,54 +177,72 @@ func RepoAssignment() macaron.Handler {
 	return func(ctx *Context) {
 		var (
 			owner *models.User
+			repo  *models.Repository
 			err   error
 		)
+		if repoid := ctx.ParamsInt64(":repoid"); repoid == 0 {
+			userName := ctx.Params(":username")
+			repoName := ctx.Params(":reponame")
 
-		userName := ctx.Params(":username")
-		repoName := ctx.Params(":reponame")
-
-		// Check if the user is the same as the repository owner
-		if ctx.IsSigned && ctx.User.LowerName == strings.ToLower(userName) {
-			owner = ctx.User
-		} else {
-			owner, err = models.GetUserByName(userName)
+			// Check if the user is the same as the repository owner
+			if ctx.IsSigned && ctx.User.LowerName == strings.ToLower(userName) {
+				owner = ctx.User
+			} else {
+				owner, err = models.GetUserByName(userName)
+				if err != nil {
+					if models.IsErrUserNotExist(err) {
+						if ctx.Query("go-get") == "1" {
+							earlyResponseForGoGetMeta(ctx)
+							return
+						}
+						ctx.Handle(404, "GetUserByName", nil)
+					} else {
+						ctx.Handle(500, "GetUserByName", err)
+					}
+					return
+				}
+			}
+			// Get repository.
+			repo, err = models.GetRepositoryByName(owner.ID, repoName)
 			if err != nil {
-				if models.IsErrUserNotExist(err) {
-					if ctx.Query("go-get") == "1" {
-						earlyResponseForGoGetMeta(ctx)
-						return
+				if models.IsErrRepoNotExist(err) {
+					redirectRepoID, err := models.LookupRepoRedirect(owner.ID, repoName)
+					if err == nil {
+						RedirectToRepo(ctx, redirectRepoID)
+					} else if models.IsErrRepoRedirectNotExist(err) {
+						if ctx.Query("go-get") == "1" {
+							earlyResponseForGoGetMeta(ctx)
+							return
+						}
+						ctx.Handle(404, "GetRepositoryByName", nil)
+					} else {
+						ctx.Handle(500, "LookupRepoRedirect", err)
 					}
-					ctx.Handle(404, "GetUserByName", nil)
 				} else {
-					ctx.Handle(500, "GetUserByName", err)
+					ctx.Handle(500, "GetRepositoryByName", err)
 				}
 				return
 			}
-		}
-		ctx.Repo.Owner = owner
-		ctx.Data["Username"] = ctx.Repo.Owner.Name
-
-		// Get repository.
-		repo, err := models.GetRepositoryByName(owner.ID, repoName)
-		if err != nil {
-			if models.IsErrRepoNotExist(err) {
-				redirectRepoID, err := models.LookupRepoRedirect(owner.ID, repoName)
-				if err == nil {
-					RedirectToRepo(ctx, redirectRepoID)
-				} else if models.IsErrRepoRedirectNotExist(err) {
-					if ctx.Query("go-get") == "1" {
-						earlyResponseForGoGetMeta(ctx)
-						return
-					}
-					ctx.Handle(404, "GetRepositoryByName", nil)
+		} else {
+			repo, err = models.GetRepositoryByID(repoid)
+			if err != nil {
+				if models.IsErrRepoNotExist(err) {
+					ctx.Handle(404, "GetRepositoryByID", nil)
 				} else {
-					ctx.Handle(500, "LookupRepoRedirect", err)
+					ctx.Handle(500, "GetRepositoryByID", err)
 				}
-			} else {
-				ctx.Handle(500, "GetRepositoryByName", err)
+				return
 			}
-			return
+			if err = repo.GetOwner(); err != nil {
+				ctx.Handle(500, "GetOwner", err)
+				return
+			}
+			owner = repo.Owner
 		}
+
+		ctx.Repo.Owner = owner
+		ctx.Data["Username"] = ctx.Repo.Owner.Name
+
 		repo.Owner = owner
 
 		// Admin has super access.
@@ -269,9 +287,9 @@ func RepoAssignment() macaron.Handler {
 		ctx.Data["RepoName"] = ctx.Repo.Repository.Name
 		ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
 
-		gitRepo, err := git.OpenRepository(models.RepoPath(userName, repoName))
+		gitRepo, err := git.OpenRepository(repo.RepoPath())
 		if err != nil {
-			ctx.Handle(500, "RepoAssignment Invalid repo "+models.RepoPath(userName, repoName), err)
+			ctx.Handle(500, "RepoAssignment Invalid repo", err)
 			return
 		}
 		ctx.Repo.GitRepo = gitRepo
diff --git a/routers/routes/routes.go b/routers/routes/routes.go
index a0684c84787ae..4c48cfcdad1a3 100644
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@@ -419,8 +419,10 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Post("/create", bindIgnErr(auth.CreateRepoForm{}), repo.CreatePost)
 		m.Get("/migrate", repo.Migrate)
 		m.Post("/migrate", bindIgnErr(auth.MigrateRepoForm{}), repo.MigratePost)
-		m.Combo("/fork/:repoid").Get(repo.Fork).
-			Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
+		m.Group("/fork", func() {
+			m.Combo("/:repoid").Get(repo.Fork).
+				Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
+		}, context.RepoAssignment(), context.UnitTypes(), context.LoadRepoUnits(), context.CheckUnit(models.UnitTypeCode))
 	}, reqSignIn)
 
 	m.Group("/:username/:reponame", func() {

From f779a8fc8daffe54e7276b18c2137512f3ef550e Mon Sep 17 00:00:00 2001
From: Jonas Franz <info@jonasfranz.software>
Date: Mon, 18 Sep 2017 07:07:09 +0200
Subject: [PATCH 3/4] Adding a discrete function for RepoIDAssignment

Signed-off-by: Jonas Franz <info@jonasfranz.software>
---
 modules/context/repo.go  | 156 ++++++++++++++++++++++++++-------------
 routers/routes/routes.go |   2 +-
 2 files changed, 104 insertions(+), 54 deletions(-)

diff --git a/modules/context/repo.go b/modules/context/repo.go
index 933b04da5e0f5..f5733befc9b42 100644
--- a/modules/context/repo.go
+++ b/modules/context/repo.go
@@ -172,77 +172,127 @@ func RedirectToRepo(ctx *Context, redirectRepoID int64) {
 	ctx.Redirect(redirectPath)
 }
 
-// RepoAssignment returns a macaron to handle repository assignment
-func RepoAssignment() macaron.Handler {
+func RepoIDAssignment() macaron.Handler {
 	return func(ctx *Context) {
 		var (
-			owner *models.User
-			repo  *models.Repository
 			err   error
 		)
-		if repoid := ctx.ParamsInt64(":repoid"); repoid == 0 {
-			userName := ctx.Params(":username")
-			repoName := ctx.Params(":reponame")
 
-			// Check if the user is the same as the repository owner
-			if ctx.IsSigned && ctx.User.LowerName == strings.ToLower(userName) {
-				owner = ctx.User
+		repoID := ctx.ParamsInt64(":repoid")
+
+		// Get repository.
+		repo, err := models.GetRepositoryByID(repoID)
+		if err != nil {
+			if models.IsErrRepoNotExist(err) {
+				ctx.Handle(404, "GetRepositoryByID", nil)
 			} else {
-				owner, err = models.GetUserByName(userName)
-				if err != nil {
-					if models.IsErrUserNotExist(err) {
-						if ctx.Query("go-get") == "1" {
-							earlyResponseForGoGetMeta(ctx)
-							return
-						}
-						ctx.Handle(404, "GetUserByName", nil)
-					} else {
-						ctx.Handle(500, "GetUserByName", err)
-					}
-					return
-				}
+				ctx.Handle(500, "GetRepositoryByID", err)
+			}
+			return
+		}
+
+		if err = repo.GetOwner(); err != nil {
+			ctx.Handle(500, "GetOwner", err)
+			return
+		}
+
+		// Admin has super access.
+		if ctx.IsSigned && ctx.User.IsAdmin {
+			ctx.Repo.AccessMode = models.AccessModeOwner
+		} else {
+			var userID int64
+			if ctx.User != nil {
+				userID = ctx.User.ID
 			}
-			// Get repository.
-			repo, err = models.GetRepositoryByName(owner.ID, repoName)
+			mode, err := models.AccessLevel(userID, repo)
 			if err != nil {
-				if models.IsErrRepoNotExist(err) {
-					redirectRepoID, err := models.LookupRepoRedirect(owner.ID, repoName)
-					if err == nil {
-						RedirectToRepo(ctx, redirectRepoID)
-					} else if models.IsErrRepoRedirectNotExist(err) {
-						if ctx.Query("go-get") == "1" {
-							earlyResponseForGoGetMeta(ctx)
-							return
-						}
-						ctx.Handle(404, "GetRepositoryByName", nil)
-					} else {
-						ctx.Handle(500, "LookupRepoRedirect", err)
-					}
-				} else {
-					ctx.Handle(500, "GetRepositoryByName", err)
-				}
+				ctx.Handle(500, "AccessLevel", err)
+				return
+			}
+			ctx.Repo.AccessMode = mode
+		}
+
+		// Check access.
+		if ctx.Repo.AccessMode == models.AccessModeNone {
+			if ctx.Query("go-get") == "1" {
+				earlyResponseForGoGetMeta(ctx)
+				return
+			}
+			ctx.Handle(404, "no access right", err)
+			return
+		}
+		ctx.Data["HasAccess"] = true
+
+		if repo.IsMirror {
+			ctx.Repo.Mirror, err = models.GetMirrorByRepoID(repo.ID)
+			if err != nil {
+				ctx.Handle(500, "GetMirror", err)
 				return
 			}
+			ctx.Data["MirrorEnablePrune"] = ctx.Repo.Mirror.EnablePrune
+			ctx.Data["MirrorInterval"] = ctx.Repo.Mirror.Interval
+			ctx.Data["Mirror"] = ctx.Repo.Mirror
+		}
+
+		ctx.Repo.Repository = repo
+		ctx.Data["RepoName"] = ctx.Repo.Repository.Name
+		ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
+	}
+}
+
+// RepoAssignment returns a macaron to handle repository assignment
+func RepoAssignment() macaron.Handler {
+	return func(ctx *Context) {
+		var (
+			owner *models.User
+			err   error
+		)
+
+		userName := ctx.Params(":username")
+		repoName := ctx.Params(":reponame")
+
+		// Check if the user is the same as the repository owner
+		if ctx.IsSigned && ctx.User.LowerName == strings.ToLower(userName) {
+			owner = ctx.User
 		} else {
-			repo, err = models.GetRepositoryByID(repoid)
+			owner, err = models.GetUserByName(userName)
 			if err != nil {
-				if models.IsErrRepoNotExist(err) {
-					ctx.Handle(404, "GetRepositoryByID", nil)
+				if models.IsErrUserNotExist(err) {
+					if ctx.Query("go-get") == "1" {
+						earlyResponseForGoGetMeta(ctx)
+						return
+					}
+					ctx.Handle(404, "GetUserByName", nil)
 				} else {
-					ctx.Handle(500, "GetRepositoryByID", err)
+					ctx.Handle(500, "GetUserByName", err)
 				}
 				return
 			}
-			if err = repo.GetOwner(); err != nil {
-				ctx.Handle(500, "GetOwner", err)
-				return
-			}
-			owner = repo.Owner
 		}
-
 		ctx.Repo.Owner = owner
 		ctx.Data["Username"] = ctx.Repo.Owner.Name
 
+		// Get repository.
+		repo, err := models.GetRepositoryByName(owner.ID, repoName)
+		if err != nil {
+			if models.IsErrRepoNotExist(err) {
+				redirectRepoID, err := models.LookupRepoRedirect(owner.ID, repoName)
+				if err == nil {
+					RedirectToRepo(ctx, redirectRepoID)
+				} else if models.IsErrRepoRedirectNotExist(err) {
+					if ctx.Query("go-get") == "1" {
+						earlyResponseForGoGetMeta(ctx)
+						return
+					}
+					ctx.Handle(404, "GetRepositoryByName", nil)
+				} else {
+					ctx.Handle(500, "LookupRepoRedirect", err)
+				}
+			} else {
+				ctx.Handle(500, "GetRepositoryByName", err)
+			}
+			return
+		}
 		repo.Owner = owner
 
 		// Admin has super access.
@@ -287,9 +337,9 @@ func RepoAssignment() macaron.Handler {
 		ctx.Data["RepoName"] = ctx.Repo.Repository.Name
 		ctx.Data["IsBareRepo"] = ctx.Repo.Repository.IsBare
 
-		gitRepo, err := git.OpenRepository(repo.RepoPath())
+		gitRepo, err := git.OpenRepository(models.RepoPath(userName, repoName))
 		if err != nil {
-			ctx.Handle(500, "RepoAssignment Invalid repo", err)
+			ctx.Handle(500, "RepoAssignment Invalid repo "+models.RepoPath(userName, repoName), err)
 			return
 		}
 		ctx.Repo.GitRepo = gitRepo
diff --git a/routers/routes/routes.go b/routers/routes/routes.go
index 4c48cfcdad1a3..c5d6793ff38c6 100644
--- a/routers/routes/routes.go
+++ b/routers/routes/routes.go
@@ -422,7 +422,7 @@ func RegisterRoutes(m *macaron.Macaron) {
 		m.Group("/fork", func() {
 			m.Combo("/:repoid").Get(repo.Fork).
 				Post(bindIgnErr(auth.CreateRepoForm{}), repo.ForkPost)
-		}, context.RepoAssignment(), context.UnitTypes(), context.LoadRepoUnits(), context.CheckUnit(models.UnitTypeCode))
+		}, context.RepoIDAssignment(), context.UnitTypes(), context.LoadRepoUnits(), context.CheckUnit(models.UnitTypeCode))
 	}, reqSignIn)
 
 	m.Group("/:username/:reponame", func() {

From 489d41bdaf1c57e18b2d20dc6f38d67a43877b33 Mon Sep 17 00:00:00 2001
From: Jonas Franz <info@jonasfranz.software>
Date: Mon, 18 Sep 2017 07:16:14 +0200
Subject: [PATCH 4/4] Improved Documentation

---
 modules/context/repo.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/context/repo.go b/modules/context/repo.go
index f5733befc9b42..acfccfcd052aa 100644
--- a/modules/context/repo.go
+++ b/modules/context/repo.go
@@ -171,7 +171,7 @@ func RedirectToRepo(ctx *Context, redirectRepoID int64) {
 	)
 	ctx.Redirect(redirectPath)
 }
-
+// RepoIDAssignment returns an macaron handler which assigns the repo to the context.
 func RepoIDAssignment() macaron.Handler {
 	return func(ctx *Context) {
 		var (