Do not allow inactive users to access repositories using private keys (#3887)
This commit is contained in:
		
							parent
							
								
									9495429982
								
							
						
					
					
						commit
						b66d6b3449
					
				
					 1 changed files with 6 additions and 0 deletions
				
			
		|  | @ -230,6 +230,12 @@ func runServ(c *cli.Context) error { | |||
| 				fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err) | ||||
| 			} | ||||
| 
 | ||||
| 			if !user.IsActive || user.ProhibitLogin { | ||||
| 				fail("Your account is not active or has been disabled by Administrator", | ||||
| 					"User %s is disabled and have no access to repository %s", | ||||
| 					user.Name, repoPath) | ||||
| 			} | ||||
| 
 | ||||
| 			mode, err := models.AccessLevel(user.ID, repo) | ||||
| 			if err != nil { | ||||
| 				fail("Internal error", "Failed to check access: %v", err) | ||||
|  |  | |||
		Loading…
	
	Add table
		
		Reference in a new issue
	
	 Lauris BH
						Lauris BH