tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-07-22 18:28:37 +00:00
Code Releases Activity

fix users being able bypass limits with repo transfers (#34031)

Browse Source 
prevent user from being able to transfer repo to user who cannot have
more repositories
This commit is contained in:
TheFox0x7
2025-03-31 22:19:32 +02:00
committed by GitHub
parent a2e8a289b2
commit 4d2323183d
6 changed files with 92 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
services/repository/transfer.go
View File

@@ -20,10 +20,22 @@ import (
"code.gitea.io/gitea/modules/gitrepo"
"code.gitea.io/gitea/modules/globallock"
"code.gitea.io/gitea/modules/log"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/util"
notify_service "code.gitea.io/gitea/services/notify"
)
type LimitReachedError struct{ Limit int }
func (LimitReachedError) Error() string {
return "Repository limit has been reached"
}
func IsRepositoryLimitReached(err error) bool {
_, ok := err.(LimitReachedError)
return ok
}
func getRepoWorkingLockKey(repoID int64) string {
return fmt.Sprintf("repo_working_%d", repoID)
}
@@ -49,6 +61,11 @@ func AcceptTransferOwnership(ctx context.Context, repo *repo_model.Repository, d
return err
}
if !doer.IsAdmin && !repoTransfer.Recipient.CanCreateRepo() {
limit := util.Iif(repoTransfer.Recipient.MaxRepoCreation >= 0, repoTransfer.Recipient.MaxRepoCreation, setting.Repository.MaxCreationLimit)
return LimitReachedError{Limit: limit}
}
if !repoTransfer.CanUserAcceptOrRejectTransfer(ctx, doer) {
return util.ErrPermissionDenied
}
@@ -399,6 +416,11 @@ func StartRepositoryTransfer(ctx context.Context, doer, newOwner *user_model.Use
return err
}
if !doer.IsAdmin && !newOwner.CanCreateRepo() {
limit := util.Iif(newOwner.MaxRepoCreation >= 0, newOwner.MaxRepoCreation, setting.Repository.MaxCreationLimit)
return LimitReachedError{Limit: limit}
}
var isDirectTransfer bool
oldOwnerName := repo.OwnerName

42
services/repository/transfer_test.go
View File

@@ -1,4 +1,4 @@
// Copyright 2019 The Gitea Authors. All rights reserved.
// Copyright 2025 The Gitea Authors. All rights reserved.
// SPDX-License-Identifier: MIT
package repository
@@ -14,11 +14,14 @@ import (
repo_model "code.gitea.io/gitea/models/repo"
"code.gitea.io/gitea/models/unittest"
user_model "code.gitea.io/gitea/models/user"
"code.gitea.io/gitea/modules/setting"
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/modules/util"
"code.gitea.io/gitea/services/feed"
notify_service "code.gitea.io/gitea/services/notify"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
var notifySync sync.Once
@@ -125,3 +128,40 @@ func TestRepositoryTransfer(t *testing.T) {
err = RejectRepositoryTransfer(db.DefaultContext, repo2, doer)
assert.True(t, repo_model.IsErrNoPendingTransfer(err))
}
// Test transfer rejections
func TestRepositoryTransferRejection(t *testing.T) {
require.NoError(t, unittest.PrepareTestDatabase())
// Set limit to 0 repositories so no repositories can be transferred
defer test.MockVariableValue(&setting.Repository.MaxCreationLimit, 0)()
// Admin case
doerAdmin := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 1})
repo := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 5})
transfer, err := repo_model.GetPendingRepositoryTransfer(db.DefaultContext, repo)
require.NoError(t, err)
require.NotNil(t, transfer)
require.NoError(t, transfer.LoadRecipient(db.DefaultContext))
require.True(t, transfer.Recipient.CanCreateRepo()) // admin is not subject to limits
// Administrator should not be affected by the limits so transfer should be successful
assert.NoError(t, AcceptTransferOwnership(db.DefaultContext, repo, doerAdmin))
// Non admin user case
doer := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 10})
repo = unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 21})
transfer, err = repo_model.GetPendingRepositoryTransfer(db.DefaultContext, repo)
require.NoError(t, err)
require.NotNil(t, transfer)
require.NoError(t, transfer.LoadRecipient(db.DefaultContext))
require.False(t, transfer.Recipient.CanCreateRepo()) // regular user is subject to limits
// Cannot accept because of the limit
err = AcceptTransferOwnership(db.DefaultContext, repo, doer)
assert.Error(t, err)
assert.True(t, IsRepositoryLimitReached(err))
}