sim1222-mirror/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-08-31 21:12:51 +09:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Add a config option to block "expensive" pages for anonymous users (#34024)

Browse Source 
Fix #33966

```
;; User must sign in to view anything.
;; It could be set to "expensive" to block anonymous users accessing some pages which consume a lot of resources,
;; for example: block anonymous AI crawlers from accessing repo code pages.
;; The "expensive" mode is experimental and subject to change.
;REQUIRE_SIGNIN_VIEW = false
```
This commit is contained in:
wxiaoguang
2025-03-30 13:26:19 +08:00
committed by GitHub
parent d7a6133825
commit b59705fa34
21 changed files with 225 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
tests/integration/signin_test.go
View File

@ -16,6 +16,7 @@ import (
"code.gitea.io/gitea/modules/test"
"code.gitea.io/gitea/modules/translation"
"code.gitea.io/gitea/modules/web"
"code.gitea.io/gitea/routers"
"code.gitea.io/gitea/services/context"
"code.gitea.io/gitea/tests"
@ -166,3 +167,32 @@ func TestEnablePasswordSignInFormAndEnablePasskeyAuth(t *testing.T) {
AssertHTMLElement(t, doc, ".signin-passkey", true)
})
}
func TestRequireSignInView(t *testing.T) {
defer tests.PrepareTestEnv(t)()
t.Run("NoRequireSignInView", func(t *testing.T) {
require.False(t, setting.Service.RequireSignInViewStrict)
require.False(t, setting.Service.BlockAnonymousAccessExpensive)
req := NewRequest(t, "GET", "/user2/repo1/src/branch/master")
MakeRequest(t, req, http.StatusOK)
})
t.Run("RequireSignInView", func(t *testing.T) {
defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, true)()
defer test.MockVariableValue(&testWebRoutes, routers.NormalRoutes())()
req := NewRequest(t, "GET", "/user2/repo1/src/branch/master")
resp := MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, "/user/login", resp.Header().Get("Location"))
})
t.Run("BlockAnonymousAccessExpensive", func(t *testing.T) {
defer test.MockVariableValue(&setting.Service.RequireSignInViewStrict, false)()
defer test.MockVariableValue(&setting.Service.BlockAnonymousAccessExpensive, true)()
defer test.MockVariableValue(&testWebRoutes, routers.NormalRoutes())()
req := NewRequest(t, "GET", "/user2/repo1")
MakeRequest(t, req, http.StatusOK)
req = NewRequest(t, "GET", "/user2/repo1/src/branch/master")
resp := MakeRequest(t, req, http.StatusSeeOther)
assert.Equal(t, "/user/login", resp.Header().Get("Location"))
})
}