diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini index 1c6a7e3b7c6..ac0c9e9c867 100644 --- a/custom/conf/app.example.ini +++ b/custom/conf/app.example.ini @@ -879,6 +879,9 @@ ROUTER = console ;; Allow deletion of unadopted repositories ;ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES = false +;; Don't allow download source archive files from UI +;DISABLE_DOWNLOAD_SOURCE_ARCHIVES = false + ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;[repository.editor] diff --git a/docs/content/doc/advanced/config-cheat-sheet.en-us.md b/docs/content/doc/advanced/config-cheat-sheet.en-us.md index cb2b9526d7d..e4e7ad7b198 100644 --- a/docs/content/doc/advanced/config-cheat-sheet.en-us.md +++ b/docs/content/doc/advanced/config-cheat-sheet.en-us.md @@ -78,6 +78,7 @@ Values containing `#` or `;` must be quoted using `` ` `` or `"""`. - `DEFAULT_BRANCH`: **main**: Default branch name of all repositories. - `ALLOW_ADOPTION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to adopt unadopted repositories - `ALLOW_DELETION_OF_UNADOPTED_REPOSITORIES`: **false**: Allow non-admin users to delete unadopted repositories +- `DISABLE_DOWNLOAD_SOURCE_ARCHIVES`: **false**: Don't allow download source archive files from UI ### Repository - Editor (`repository.editor`) diff --git a/modules/setting/repository.go b/modules/setting/repository.go index 733bc6d90e6..d0406dbf902 100644 --- a/modules/setting/repository.go +++ b/modules/setting/repository.go @@ -48,6 +48,7 @@ var ( DefaultBranch string AllowAdoptionOfUnadoptedRepositories bool AllowDeleteOfUnadoptedRepositories bool + DisableDownloadSourceArchives bool // Repository editor settings Editor struct { diff --git a/modules/templates/base.go b/modules/templates/base.go index 282019f826c..9563650e127 100644 --- a/modules/templates/base.go +++ b/modules/templates/base.go @@ -35,10 +35,11 @@ func BaseVars() Vars { "IsLandingPageExplore": setting.LandingPageURL == setting.LandingPageExplore, "IsLandingPageOrganizations": setting.LandingPageURL == setting.LandingPageOrganizations, - "ShowRegistrationButton": setting.Service.ShowRegistrationButton, - "ShowMilestonesDashboardPage": setting.Service.ShowMilestonesDashboardPage, - "ShowFooterBranding": setting.ShowFooterBranding, - "ShowFooterVersion": setting.ShowFooterVersion, + "ShowRegistrationButton": setting.Service.ShowRegistrationButton, + "ShowMilestonesDashboardPage": setting.Service.ShowMilestonesDashboardPage, + "ShowFooterBranding": setting.ShowFooterBranding, + "ShowFooterVersion": setting.ShowFooterVersion, + "DisableDownloadSourceArchives": setting.Repository.DisableDownloadSourceArchives, "EnableSwagger": setting.API.EnableSwagger, "EnableOpenIDSignIn": setting.Service.EnableOpenIDSignIn, diff --git a/routers/web/web.go b/routers/web/web.go index b4e8666c44f..a9f43fb2c4f 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -290,6 +290,13 @@ func RegisterRoutes(m *web.Route) { } } + dlSourceEnabled := func(ctx *context.Context) { + if setting.Repository.DisableDownloadSourceArchives { + ctx.Error(http.StatusNotFound) + return + } + } + // FIXME: not all routes need go through same middleware. // Especially some AJAX requests, we can reduce middleware number to improve performance. // Routers. @@ -1106,7 +1113,7 @@ func RegisterRoutes(m *web.Route) { m.Group("/archive", func() { m.Get("/*", repo.Download) m.Post("/*", repo.InitiateDownload) - }, repo.MustBeNotEmpty, reqRepoCodeReader) + }, repo.MustBeNotEmpty, dlSourceEnabled, reqRepoCodeReader) m.Group("/branches", func() { m.Get("", repo.Branches) diff --git a/templates/mail/release.tmpl b/templates/mail/release.tmpl index a95647105ca..931c0d1b541 100644 --- a/templates/mail/release.tmpl +++ b/templates/mail/release.tmpl @@ -31,12 +31,14 @@
{{.locale.Tr "mail.release.downloads"}}