Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent git operations for inactive users (#13527) #13536

Merged
merged 1 commit into from
Nov 13, 2020
Merged

Prevent git operations for inactive users (#13527) #13536

merged 1 commit into from
Nov 13, 2020

Conversation

lunny
Copy link
Member

@lunny lunny commented Nov 13, 2020

backport from #13527

  • prevent git operations for inactive users

  • Some fixes

  • Deny push to the repositories which's owner is inactive

  • deny operations also when user is ProhibitLogin

Co-authored-by: zeripath art27@cantab.net

Please check the following:

  1. Make sure you are targeting the master branch, pull requests on release branches are only allowed for bug fixes.
  2. Read contributing guidelines: https://github.com/go-gitea/gitea/blob/master/CONTRIBUTING.md
  3. Describe what your pull request does and which issue you're targeting (if any)

You MUST delete the content above including this line before posting, otherwise your pull request will be invalid.

@lunny @zeripath
Prevent git operations for inactive users (go-gitea#13527)
8da4c5a 
* prevent git operations for inactive users

* Some fixes

* Deny push to the repositories which's owner is inactive

* deny operations also when user is ProhibitLogin

Co-authored-by: zeripath <art27@cantab.net>
@lunny lunny added the type/bug label Nov 13, 2020
@6543 6543 added this to the 1.13.0 milestone Nov 13, 2020
@6543 6543 added the topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! label Nov 13, 2020
@GiteaBot GiteaBot added the lgtm/need 1 This PR needs approval from one additional maintainer to be merged. label Nov 13, 2020
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Nov 13, 2020
@lunny lunny merged commit ee0097f into go-gitea:release/v1.13 Nov 13, 2020
@lunny lunny deleted the lunny/inactive_user2 branch November 13, 2020 01:28
@go-gitea go-gitea locked and limited conversation to collaborators Dec 14, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@6543 6543 6543 approved these changes

@mrsdizzie mrsdizzie mrsdizzie approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! type/bug
Projects
None yet
Milestone
1.13.0
Development

Successfully merging this pull request may close these issues.
4 participants
@lunny @mrsdizzie @6543 @GiteaBot