prevent git operations for inactive users

lunny · lunny · commit ad39c50f380c · 2020-11-12T15:32:44.000+08:00
diff --git a/routers/private/serv.go b/routers/private/serv.go
@@ -61,6 +61,12 @@ func ServNoCommand(ctx *macaron.Context) {
 			})
 			return
 		}
+		if !user.IsActive {
+			ctx.JSON(http.StatusForbidden, map[string]interface{}{
+				"err": fmt.Sprintf("Your account is unactived."),
+			})
+			return
+		}
 		results.Owner = user
 	}
 	ctx.JSON(http.StatusOK, &results)
diff --git a/routers/repo/http.go b/routers/repo/http.go
@@ -244,6 +244,11 @@ func HTTP(ctx *context.Context) {
 			}
 		}
 
+		if !authUser.IsActive {
+			ctx.HandleText(http.StatusForbidden, "Your account is unactived.")
+			return
+		}
+
 		if repoExist {
 			perm, err := models.GetUserRepoPermission(repo, authUser)
 			if err != nil {

Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,12 @@ func ServNoCommand(ctx *macaron.Context) {`
`61`	`61`	`})`
`62`	`62`	`return`
`63`	`63`	`}`
	`64`	`+ if !user.IsActive {`
	`65`	`+ ctx.JSON(http.StatusForbidden, map[string]interface{}{`
	`66`	`+ "err": fmt.Sprintf("Your account is unactived."),`
	`67`	`+ })`
	`68`	`+ return`
	`69`	`+ }`
`64`	`70`	`results.Owner = user`
`65`	`71`	`}`
`66`	`72`	`ctx.JSON(http.StatusOK, &results)`
Original file line number	Diff line number	Diff line change
`@@ -244,6 +244,11 @@ func HTTP(ctx *context.Context) {`
`244`	`244`	`}`
`245`	`245`	`}`
`246`	`246`
	`247`	`+ if !authUser.IsActive {`
	`248`	`+ ctx.HandleText(http.StatusForbidden, "Your account is unactived.")`
	`249`	`+ return`
	`250`	`+ }`
	`251`	`+`
`247`	`252`	`if repoExist {`
`248`	`253`	`perm, err := models.GetUserRepoPermission(repo, authUser)`
`249`	`254`	`if err != nil {`