Skip to content

Commit

Permalink
Do not allow inactive users to access repositories using private keys (
Browse files Browse the repository at this point in the history 
…#3887) (#3889)
  • Loading branch information
@lafriks
lafriks authored May 2, 2018
1 parent 40c6eb0 commit e35d7ae
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions cmd/serv.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -230,6 +230,12 @@ func runServ(c *cli.Context) error {
fail("internal error", "Failed to get user by key ID(%d): %v", keyID, err)
}

if !user.IsActive || user.ProhibitLogin {
fail("Your account is not active or has been disabled by Administrator",
"User %s is disabled and have no access to repository %s",
user.Name, repoPath)
}

mode, err := models.AccessLevel(user.ID, repo)
if err != nil {
fail("Internal error", "Failed to check access: %v", err)
Expand Down

0 comments on commit e35d7ae

Please sign in to comment.