This is an automated email from the ASF dual-hosted git repository. gcruz pushed a commit to branch gc/8454 in repository https://gitbox.apache.org/repos/asf/allura.git
commit b96c435051a11638fe929ff25aaa9be71eed2bdf Author: Guillermo Cruz <[email protected]> AuthorDate: Mon Aug 22 13:11:54 2022 -0600 [#8454] prevent anonymous github project imports --- ForgeImporters/forgeimporters/github/__init__.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/ForgeImporters/forgeimporters/github/__init__.py b/ForgeImporters/forgeimporters/github/__init__.py index d0a4d26b2..34dab0a3f 100644 --- a/ForgeImporters/forgeimporters/github/__init__.py +++ b/ForgeImporters/forgeimporters/github/__init__.py @@ -226,6 +226,9 @@ class GitHubOAuthMixin: ''' def oauth_begin(self, scope=None): # type: (list[str]) -> None + if c.user.is_anonymous(): + log.info("User needs authorization before importing a project") + return None client_id = config.get('github_importer.client_id') secret = config.get('github_importer.client_secret') if not client_id or not secret:
