Disable custom Git Hooks globally via configuration file #2450
Conversation
| @@ -817,6 +818,7 @@ func NewContext() { | |||
| ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER") | |||
| MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6) | |||
| ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false) | |||
| DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(false) | |||
There was a problem hiding this comment.
Please add this also to the app.ini file.
There was a problem hiding this comment.
@JonasFranzDEV Thanks for this feedback. I've just pushed a new commit with the option in app.ini
lunny
added
the
type/feature
| @@ -237,7 +237,7 @@ func (u *User) CanCreateOrganization() bool { | |||
|
|
|||
| // CanEditGitHook returns true if user can edit Git hooks. | |||
| func (u *User) CanEditGitHook() bool { | |||
| return u.IsAdmin || u.AllowGitHook | |||
| return !setting.DisableGitHooks && (u.IsAdmin || u.AllowGitHook) | |||
There was a problem hiding this comment.
Thanks for this feedback, especially linking me to where I could look. Investigating this (by calling the API to see what the response would be), I found that it only returns the standard gitea/slack/discord/etc.. hooks, and couldn't find it returning the githooks.
|
LGTM |
tboerger
added
the
lgtm/need 1
conf/app.ini
Outdated
| @@ -206,6 +206,8 @@ REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER | |||
| MIN_PASSWORD_LENGTH = 6 | |||
| ; True when users are allowed to import local server paths | |||
| IMPORT_LOCAL_PATHS = false | |||
| ; Disable all (including admin) users to create custom git-hooks | |||
There was a problem hiding this comment.
I would suggest Prevent all users (including admin) from creating custom git hooks
|
Thanks @ethantkoenig. I've update the comment in app.ini to align with what you suggested. It is now much more clear. |
| @@ -86,7 +86,7 @@ | |||
| <div class="inline field"> | |||
| <div class="ui checkbox"> | |||
| <label><strong>{{.i18n.Tr "admin.users.allow_git_hook"}}</strong></label> | |||
| <input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}}> | |||
| <input name="allow_git_hook" type="checkbox" {{if .User.CanEditGitHook}}checked{{end}} {{if DisableGitHooks}}disabled{{end}}> | |||
There was a problem hiding this comment.
Since User.CanEditGitHook already checks this, is this change needed?
https://github.com/go-gitea/gitea/pull/2450/files#diff-46259196476f860fea33754fcb22e9eeR240
There was a problem hiding this comment.
Thanks for the review @bkcsoft. This change is needed so that an admin doesn't get confused. If the global setting is set to disable githooks, then the template change will prevent the admin from checking the box in the admin dashboard and wondering why the change doesn't take effect.
There was a problem hiding this comment.
aah right, missed the "disabled" part :)
|
LGTM |
tboerger
added
lgtm/done
|
@techknowlogick try rebasing on master and see if the build-failures still persist |
|
@bkcsoft I've just rebased against master, and the build failed. However, I think that could just be the upgrade for Drone, as I looked at a couple other builds from others and they failed in the same way. |
|
@bkcsoft I've just rebased again with the most recent changes and drone is now reporting a success. |
|
@techknowlogick please rabase again |
|
@lafriks I've just rebased. The build was cancelled. Should I push again so Drone tries to re-run, or was it cancelled for a reason? |
|
@techknowlogick yes, do force push |
|
@lafriks I had force-pushed after this most recent rebase, however as now it is the same as my local I can't force push again. Is there another way to trigger drone? |
|
@techknowlogick you should still be able to do |
|
@lafriks nevermind. I was able to force push again. |
|
@techknowlogick I'm sorry but you will have to rebase again as other PR build was first :) |
Signed-off-by: Matti Ranta <matti@mdranta.net>
Signed-off-by: Matti Ranta <matti@mdranta.net>
|
Make LG-TM work |
Fixes #2449 by allowing the disabling of custom git hooks via configuration file