Correctly check http git access rights for reverse proxy authorized users (#3721)

2018-03-29 04:39:51 +03:00 · 2018-03-29 04:39:51 +03:00 · ab5cc6f3a9
commit ab5cc6f3a9
parent 4c6e170ceb
1 changed files with 20 additions and 20 deletions
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@ -184,6 +184,7 @@ func HTTP(ctx *context.Context) {
 					return
 				}
 			}
+		}

 		if !isPublicPull {
 			has, err := models.HasAccess(authUser.ID, repo, accessMode)
@ -211,7 +212,6 @@ func HTTP(ctx *context.Context) {
 				return
 			}
 		}
-		}

 		if !repo.CheckUnitUser(authUser.ID, authUser.IsAdmin, unitType) {
 			ctx.HandleText(http.StatusForbidden, fmt.Sprintf("User %s does not have allowed access to repository %s 's code",