Feature Request: General Config option to disable non-safeDir

[vinylplz]

Would it be possible to add an option in the general plugin configuration settings to disable the ability to run scripts outside of the safeDir ($STASH_HOME/external-hooks/)? We give admin to a large subset of our users so they can add repos and manage permissions as needed, but we aren't comfortable with them being able to upload and run arbitrary CLI scripts on the server.

In other words, we could go to "Manage Add-Ons"->"External Hooks"->"Configure" and uncheck an option "Allows scripts outside safeDir" or similar.

[seletskiy]

Unchecking that option is only possible for SYS_ADMIN (it's not repo/project admin!) role in Stash, e.g. the highest possible administration level. The amount of required privileges is the same as for going to the "Manage Add-Ons" and re-enabling feature there.

[vinylplz]

seletskly,

Thanks. I confirmed that it's not possible to save a hook with the SafeMode checkbox unchecked as a non-sysadmin user.