mirror of
https://github.com/go-gitea/gitea.git
synced 2026-06-18 22:48:28 +00:00
6fb96fcfdf
Backport #38074 ## Summary Fixes #38062. Private repositories with a code unit configured for **anonymous read access** (Settings → Public Access → Code: anonymous view) could not be cloned without credentials. The git HTTP auth gate (`httpBase`) only bypassed authentication for non-private repos, ignoring the per-unit anonymous access setting entirely. - Check anonymous permissions via `access_model.GetDoerRepoPermission(ctx, repo, nil)` + `CanAccess` before requiring auth on pull operations, so the per-unit `AnonymousAccessMode` is respected through the existing permission model - This also correctly handles `setting.Repository.ForcePrivate` (which the naive direct-field check would have missed) - Push (receive-pack) and `RequireSignInViewStrict` continue to require credentials as before Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>