Skip to content
Permalink
Browse files Browse the repository at this point in the history
Merge pull request from GHSA-5m7g-pj8w-7593
* fix(allowlist)!: modify repo allowlist behavior

* setting allow pull to false on create repo endpoint by default

Co-authored-by: ecrupper <easton.crupper12@gmail.com>
  • Loading branch information
wass3r and ecrupper committed Nov 9, 2022
1 parent 1cc1eab commit 05558ee
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions api/repo.go
Expand Up @@ -153,8 +153,7 @@ func CreateRepo(c *gin.Context) {
if !input.GetAllowPull() && !input.GetAllowPush() &&
!input.GetAllowDeploy() && !input.GetAllowTag() &&
!input.GetAllowComment() {
// default events to push and pull_request
r.SetAllowPull(true)
// default event to push
r.SetAllowPush(true)
} else {
r.SetAllowComment(input.GetAllowComment())
Expand Down Expand Up @@ -1044,11 +1043,12 @@ func ChownRepo(c *gin.Context) {
}

// checkAllowlist is a helper function to ensure only repos in the
// allowlist are allowed to enable repos. If the allowlist is
// empty then any repo can be enabled.
// allowlist are allowed to enable repos.
//
// a single entry of '*' allows any repo to be enabled.
func checkAllowlist(r *library.Repo, allowlist []string) bool {
// if the allowlist is not set or empty allow any repo to be enabled
if len(allowlist) == 0 {
// check if all repos are allowed to be enabled
if len(allowlist) == 1 && allowlist[0] == "*" {
return true
}

Expand Down

0 comments on commit 05558ee

Please sign in to comment.