mirror of
https://github.com/git/git.git
synced 2024-11-24 02:17:02 +08:00
gitweb: Check permissions first in git_search
Check first if relevant features: 'search', 'pickaxe', 'grep', as appropriate, are enabled before doing anything else in git_search. This should make git_search code more clear. While at it, expand a bit error message (e.g. 'Pickaxe' -> 'Pickaxe search'). Signed-off-by: Jakub Narebski <jnareb@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
parent
a598ded1e2
commit
e0ca364551
@ -313,6 +313,10 @@ our %feature = (
|
||||
# Enable text search, which will list the commits which match author,
|
||||
# committer or commit text to a given string. Enabled by default.
|
||||
# Project specific override is not supported.
|
||||
#
|
||||
# Note that this controls all search features, which means that if
|
||||
# it is disabled, then 'grep' and 'pickaxe' search would also be
|
||||
# disabled.
|
||||
'search' => {
|
||||
'override' => 0,
|
||||
'default' => [1]},
|
||||
@ -6787,7 +6791,23 @@ sub git_history {
|
||||
}
|
||||
|
||||
sub git_search {
|
||||
gitweb_check_feature('search') or die_error(403, "Search is disabled");
|
||||
$searchtype ||= 'commit';
|
||||
|
||||
# check if appropriate features are enabled
|
||||
gitweb_check_feature('search')
|
||||
or die_error(403, "Search is disabled");
|
||||
if ($searchtype eq 'pickaxe') {
|
||||
# pickaxe may take all resources of your box and run for several minutes
|
||||
# with every query - so decide by yourself how public you make this feature
|
||||
gitweb_check_feature('pickaxe')
|
||||
or die_error(403, "Pickaxe search is disabled");
|
||||
}
|
||||
if ($searchtype eq 'grep') {
|
||||
# grep search might be potentially CPU-intensive, too
|
||||
gitweb_check_feature('grep')
|
||||
or die_error(403, "Grep search is disabled");
|
||||
}
|
||||
|
||||
if (!defined $searchtext) {
|
||||
die_error(400, "Text field is empty");
|
||||
}
|
||||
@ -6802,18 +6822,6 @@ sub git_search {
|
||||
$page = 0;
|
||||
}
|
||||
|
||||
$searchtype ||= 'commit';
|
||||
if ($searchtype eq 'pickaxe') {
|
||||
# pickaxe may take all resources of your box and run for several minutes
|
||||
# with every query - so decide by yourself how public you make this feature
|
||||
gitweb_check_feature('pickaxe')
|
||||
or die_error(403, "Pickaxe is disabled");
|
||||
}
|
||||
if ($searchtype eq 'grep') {
|
||||
gitweb_check_feature('grep')
|
||||
or die_error(403, "Grep is disabled");
|
||||
}
|
||||
|
||||
git_header_html();
|
||||
|
||||
if ($searchtype eq 'commit' or $searchtype eq 'author' or $searchtype eq 'committer') {
|
||||
|
Loading…
Reference in New Issue
Block a user