mirror of
1
Fork 0
forgejo/tests
Gergely Nagy c8645d2a70
hooks: Harden when we accept push options that change repo settings
It is possible to change some repo settings (its visibility, and
template status) via `git push` options: `-o repo.private=true`, `-o
repo.template=true`.

Previously, there weren't sufficient permission checks on these, and
anyone who could `git push` to a repository - including via an AGit
workflow! - was able to change either of these settings. To guard
against this, the pre-receive hook will now check if either of these
options are present, and if so, will perform additional permission
checks to ensure that these can only be set by a repository owner or
an administrator. Additionally, changing these settings is disabled for
forks, even for the fork's owner.

There's still a case where the owner of a repository can change the
visibility of it, and it will not propagate to forks (it propagates to
forks when changing the visibility via the API), but that's an
inconsistency, not a security issue.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit cc80e66153)

Conflicts: tests/integration/git_push_test.go
  	DeleteRepositoryDirectly does not exist
	CreateRepoOptions is in repo_module
2024-04-18 23:07:18 +02:00
..
e2e Rewrite logger system (#24726) 2023-05-21 22:35:11 +00:00
fuzz Move fuzz tests into tests/fuzz (#22376) 2023-01-09 15:30:14 +08:00
gitea-lfs-meta Test views of LFS files (#22196) 2022-12-23 07:41:56 +08:00
gitea-repositories-meta Allow get release download files and lfs files with oauth2 token format (#26430) (#27378) 2023-10-03 14:48:40 +02:00
integration hooks: Harden when we accept push options that change repo settings 2024-04-18 23:07:18 +02:00
testdata/data/attachments/a/0 Allow get release download files and lfs files with oauth2 token format (#26430) (#27378) 2023-10-03 14:48:40 +02:00
mssql.ini.tmpl Do not use deprecated log config options by default (#26592) (#26600) 2023-08-21 07:27:20 +02:00
mysql.ini.tmpl Do not use deprecated log config options by default (#26592) (#26600) 2023-08-21 07:27:20 +02:00
mysql8.ini.tmpl Do not use deprecated log config options by default (#26592) (#26600) 2023-08-21 07:27:20 +02:00
pgsql.ini.tmpl Do not use deprecated log config options by default (#26592) (#26600) 2023-08-21 07:27:20 +02:00
sqlite.ini.tmpl Do not use deprecated log config options by default (#26592) (#26600) 2023-08-21 07:27:20 +02:00
test_utils.go [TESTS] tests.AddFixtures helper loads additional per-test fixtures 2023-11-25 08:08:37 +01:00