Skip to content

Commit 1b9d569

Browse files
HeCorrHeCorr
committed
Check for DisableStars inside middlewares
1 parent 7bd7761 commit 1b9d569

File tree

5 files changed

+21
-40
lines changed

5 files changed

+21
-40
lines changed

routers/api/v1/api.go

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -580,6 +580,16 @@ func reqWebhooksEnabled() func(ctx *context.APIContext) {
580580
}
581581
}
582582

583+
// reqStarsEnabled requires Starring to be enabled in the config.
584+
func reqStarsEnabled() func(ctx *context.APIContext) {
585+
return func(ctx *context.APIContext) {
586+
if setting.Repository.DisableStars {
587+
ctx.Error(http.StatusForbidden, "", "stars disabled by administrator")
588+
return
589+
}
590+
}
591+
}
592+
583593
func orgAssignment(args ...bool) func(ctx *context.APIContext) {
584594
var (
585595
assignOrg bool
@@ -995,7 +1005,7 @@ func Routes() *web.Router {
9951005
m.Get("/{target}", user.CheckFollowing)
9961006
})
9971007

998-
m.Get("/starred", user.GetStarredRepos)
1008+
m.Get("/starred", user.GetStarredRepos, reqStarsEnabled())
9991009

10001010
m.Get("/subscriptions", user.GetWatchedRepos)
10011011
}, context.UserAssignmentAPI(), checkTokenPublicOnly())
@@ -1086,7 +1096,7 @@ func Routes() *web.Router {
10861096
m.Put("", user.Star)
10871097
m.Delete("", user.Unstar)
10881098
}, repoAssignment(), checkTokenPublicOnly())
1089-
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository))
1099+
}, reqStarsEnabled(), tokenRequiresScopes(auth_model.AccessTokenScopeCategoryRepository))
10901100
m.Get("/times", repo.ListMyTrackedTimes)
10911101
m.Get("/stopwatches", repo.GetStopwatches)
10921102
m.Get("/subscriptions", user.GetMyWatchedRepos)
@@ -1248,7 +1258,7 @@ func Routes() *web.Router {
12481258
m.Post("/markup", reqToken(), bind(api.MarkupOption{}), misc.Markup)
12491259
m.Post("/markdown", reqToken(), bind(api.MarkdownOption{}), misc.Markdown)
12501260
m.Post("/markdown/raw", reqToken(), misc.MarkdownRaw)
1251-
m.Get("/stargazers", repo.ListStargazers)
1261+
m.Get("/stargazers", repo.ListStargazers, reqStarsEnabled())
12521262
m.Get("/subscribers", repo.ListSubscribers)
12531263
m.Group("/subscription", func() {
12541264
m.Get("", user.IsWatching)

routers/api/v1/repo/star.go

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,6 @@ import (
77
"net/http"
88

99
repo_model "code.gitea.io/gitea/models/repo"
10-
"code.gitea.io/gitea/modules/setting"
1110
api "code.gitea.io/gitea/modules/structs"
1211
"code.gitea.io/gitea/routers/api/v1/utils"
1312
"code.gitea.io/gitea/services/context"
@@ -48,11 +47,6 @@ func ListStargazers(ctx *context.APIContext) {
4847
// "403":
4948
// "$ref": "#/responses/forbidden"
5049

51-
if setting.Repository.DisableStars {
52-
ctx.Error(http.StatusForbidden, "StarsDisabled", "Stars are disabled.")
53-
return
54-
}
55-
5650
stargazers, err := repo_model.GetStargazers(ctx, ctx.Repo.Repository, utils.GetListOptions(ctx))
5751
if err != nil {
5852
ctx.Error(http.StatusInternalServerError, "GetStargazers", err)

routers/api/v1/user/star.go

Lines changed: 0 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,6 @@ import (
1111
access_model "code.gitea.io/gitea/models/perm/access"
1212
repo_model "code.gitea.io/gitea/models/repo"
1313
user_model "code.gitea.io/gitea/models/user"
14-
"code.gitea.io/gitea/modules/setting"
1514
api "code.gitea.io/gitea/modules/structs"
1615
"code.gitea.io/gitea/routers/api/v1/utils"
1716
"code.gitea.io/gitea/services/context"
@@ -70,11 +69,6 @@ func GetStarredRepos(ctx *context.APIContext) {
7069
// "403":
7170
// "$ref": "#/responses/forbidden"
7271

73-
if setting.Repository.DisableStars {
74-
ctx.Error(http.StatusForbidden, "StarsDisabled", "Stars are disabled.")
75-
return
76-
}
77-
7872
private := ctx.ContextUser.ID == ctx.Doer.ID
7973
repos, err := getStarredRepos(ctx, ctx.ContextUser, private)
8074
if err != nil {
@@ -108,11 +102,6 @@ func GetMyStarredRepos(ctx *context.APIContext) {
108102
// "403":
109103
// "$ref": "#/responses/forbidden"
110104

111-
if setting.Repository.DisableStars {
112-
ctx.Error(http.StatusForbidden, "StarsDisabled", "Stars are disabled.")
113-
return
114-
}
115-
116105
repos, err := getStarredRepos(ctx, ctx.Doer, true)
117106
if err != nil {
118107
ctx.Error(http.StatusInternalServerError, "getStarredRepos", err)
@@ -146,11 +135,6 @@ func IsStarring(ctx *context.APIContext) {
146135
// "403":
147136
// "$ref": "#/responses/forbidden"
148137

149-
if setting.Repository.DisableStars {
150-
ctx.Error(http.StatusForbidden, "StarsDisabled", "Stars are disabled.")
151-
return
152-
}
153-
154138
if repo_model.IsStaring(ctx, ctx.Doer.ID, ctx.Repo.Repository.ID) {
155139
ctx.Status(http.StatusNoContent)
156140
} else {
@@ -182,11 +166,6 @@ func Star(ctx *context.APIContext) {
182166
// "404":
183167
// "$ref": "#/responses/notFound"
184168

185-
if setting.Repository.DisableStars {
186-
ctx.Error(http.StatusForbidden, "StarsDisabled", "Stars are disabled.")
187-
return
188-
}
189-
190169
err := repo_model.StarRepo(ctx, ctx.Doer, ctx.Repo.Repository, true)
191170
if err != nil {
192171
if errors.Is(err, user_model.ErrBlockedUser) {
@@ -223,11 +202,6 @@ func Unstar(ctx *context.APIContext) {
223202
// "403":
224203
// "$ref": "#/responses/forbidden"
225204

226-
if setting.Repository.DisableStars {
227-
ctx.Error(http.StatusForbidden, "StarsDisabled", "Stars are disabled.")
228-
return
229-
}
230-
231205
err := repo_model.StarRepo(ctx, ctx.Doer, ctx.Repo.Repository, false)
232206
if err != nil {
233207
ctx.Error(http.StatusInternalServerError, "StarRepo", err)

routers/web/repo/view.go

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -346,10 +346,6 @@ func Watchers(ctx *context.Context) {
346346

347347
// Stars render repository's starred users
348348
func Stars(ctx *context.Context) {
349-
if setting.Repository.DisableStars {
350-
ctx.NotFound("Stars disabled", nil)
351-
return
352-
}
353349
ctx.Data["Title"] = ctx.Tr("repo.stargazers")
354350
ctx.Data["CardsTitle"] = ctx.Tr("repo.stargazers")
355351
RenderUserCards(ctx, ctx.Repo.Repository.NumStars, func(opts db.ListOptions) ([]*user_model.User, error) {

routers/web/web.go

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -347,6 +347,13 @@ func registerRoutes(m *web.Router) {
347347
}
348348
}
349349

350+
starsEnabled := func(ctx *context.Context) {
351+
if setting.Repository.DisableStars {
352+
ctx.Error(http.StatusForbidden)
353+
return
354+
}
355+
}
356+
350357
lfsServerEnabled := func(ctx *context.Context) {
351358
if !setting.LFS.StartServer {
352359
ctx.Error(http.StatusNotFound)
@@ -1593,7 +1600,7 @@ func registerRoutes(m *web.Router) {
15931600
// end "/{username}/{reponame}": repo code
15941601

15951602
m.Group("/{username}/{reponame}", func() {
1596-
m.Get("/stars", repo.Stars)
1603+
m.Get("/stars", repo.Stars, starsEnabled)
15971604
m.Get("/watchers", repo.Watchers)
15981605
m.Get("/search", reqUnitCodeReader, repo.Search)
15991606
m.Post("/action/{action}", reqSignIn, repo.Action)

0 commit comments

Comments
 (0)