Do not allow inactive users to access repositories using private keys (#3887)
This commit is contained in:
parent
9495429982
commit
b66d6b3449
1 changed files with 6 additions and 0 deletions
|
@ -230,6 +230,12 @@ func runServ(c *cli.Context) error {
|
|||
fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
|
||||
}
|
||||
|
||||
if !user.IsActive || user.ProhibitLogin {
|
||||
fail("Your account is not active or has been disabled by Administrator",
|
||||
"User %s is disabled and have no access to repository %s",
|
||||
user.Name, repoPath)
|
||||
}
|
||||
|
||||
mode, err := models.AccessLevel(user.ID, repo)
|
||||
if err != nil {
|
||||
fail("Internal error", "Failed to check access: %v", err)
|
||||
|
|
Reference in a new issue