diff --git a/routers/api/v1/repo/migrate.go b/routers/api/v1/repo/migrate.go index 2caaa130e8..455e89e93e 100644 --- a/routers/api/v1/repo/migrate.go +++ b/routers/api/v1/repo/migrate.go @@ -12,7 +12,6 @@ import ( "code.gitea.io/gitea/models" "code.gitea.io/gitea/models/db" - "code.gitea.io/gitea/models/organization" "code.gitea.io/gitea/models/perm" access_model "code.gitea.io/gitea/models/perm/access" repo_model "code.gitea.io/gitea/models/repo" @@ -86,22 +85,7 @@ func Migrate(ctx *context.APIContext) { } if !ctx.Doer.IsAdmin { - if !repoOwner.IsOrganization() && ctx.Doer.ID != repoOwner.ID { - ctx.Error(http.StatusForbidden, "", "Given user is not an organization.") - return - } - - if repoOwner.IsOrganization() { - // Check ownership of organization. - isOwner, err := organization.OrgFromUser(repoOwner).IsOwnedBy(ctx, ctx.Doer.ID) - if err != nil { - ctx.Error(http.StatusInternalServerError, "IsOwnedBy", err) - return - } else if !isOwner { - ctx.Error(http.StatusForbidden, "", "Given user is not owner of organization.") - return - } - } + ctx.Error(http.StatusForbidden, "", "You need to be administrator of this Forgejo instance to be able to create mirrors.") } remoteAddr, err := forms.ParseRemoteAddr(form.CloneAddr, form.AuthUsername, form.AuthPassword) diff --git a/routers/web/repo/migrate.go b/routers/web/repo/migrate.go index 97b0c425ea..554a470eab 100644 --- a/routers/web/repo/migrate.go +++ b/routers/web/repo/migrate.go @@ -150,6 +150,12 @@ func handleMigrateRemoteAddrError(ctx *context.Context, err error, tpl base.TplN // MigratePost response for migrating from external git repository func MigratePost(ctx *context.Context) { form := web.GetForm(ctx).(*forms.MigrateRepoForm) + + if !ctx.Doer.IsAdmin { + ctx.Error(http.StatusForbidden, "MigratePost: you need to be site administrator to use migrations and mirrors") + return + } + if setting.Repository.DisableMigrations { ctx.Error(http.StatusForbidden, "MigratePost: the site administrator has disabled migrations") return