Only show SSH clone URL if signed in (#2169) #2170
No reviewers
Labels
No Label
backport/done
backport/v1.0
backport/v1.1
backport/v1.10
backport/v1.11
backport/v1.12
backport/v1.13
backport/v1.14
backport/v1.15
backport/v1.2
backport/v1.3
backport/v1.4
backport/v1.5
backport/v1.6
backport/v1.7
backport/v1.8
backport/v1.9
bounty
changelog
dependencies
frontport/done
frontport/main
good first issue
Hacktoberfest
hacktoberfest-accepted
in progress
kind/api
kind/breaking
kind/bug
kind/build
kind/deployment
kind/deprecated
kind/docs
kind/enhancement
kind/feature
kind/lint
kind/misc
kind/moderation
kind/package
kind/proposal
kind/question
kind/refactor
kind/regression
kind/security
kind/summary
kind/testing
kind/translation
kind/ui
kind/upstream-related
kind/usability
kind/ux
lgtm/done
lgtm/need 1
lgtm/need 2
performance/bigrepo
performance/cpu
performance/memory
performance/speed
priority/critical
priority/low
priority/maybe
priority/medium
proposal/rejected
reviewed/confirmed
reviewed/duplicate
reviewed/fixed
reviewed/invalid
reviewed/not-a-bug
reviewed/wontfix
skip-changelog
stale
status/blocked
status/needs-feedback
status/wip
theme/2fa
theme/authentication
theme/avatar
theme/backup-restore
theme/docker
theme/federation
theme/issues
theme/kanban
theme/markdown
theme/migration
theme/mobile
theme/pr
theme/signing
theme/sqlite
theme/timetracker
theme/webhook
theme/wiki
No Milestone
No project
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: lunny/gitea#2170
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "master"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR targets issue #2169
For cloning via SSH a user needs to provide a public key. If this is the case, this user has an account or is added by a member. Anonymous visitors hence do not need to see the SSH URL.
This is a hard-coded soliton (as voted by @lafriks), equivalent to GitHub's behavior. If a configurable solution is desired instead, I got another diofferent branch (stklcode/gitea@d7cbf5d72e) ready.This solution introduces a config flag
SSH_EXPOSE_ANONYMOUS
(defaultfalse
) to hide by default and opt-in to the old behavior.If you have configurable solution than submit that
Done. Updated my branch and the above description.
I think default should be false to match GitHub and also for security reason not to expose unneeded URL's
Do not change unneeded spaces
Default value should be better set lower like AuthorizedKeysBackup:
24109f4093/modules/setting/setting.go (L711)
Also integration test would be nice to check that
I hope you don't mind that I added integration tests, thanks for your first PR 👍
Please change also comment that default is false
Please also change condition to be same as for button to take into account that ssh is not disabled
Also do not show copy button if both http and ssh clone are disabled or is not signed in and because of that clone url is not visible
For bare repository check is not needed as there is already check to show clone url only if user is
IsRepositoryAdmin
The button has been shown before, if both were disabled. But you're right, definitely a reasonable change.
Great job 👍 LGTM
LGTM