(refs #644)Fix authentication for Git access via HTTP

Fork: 0

johnpearcey / gitbucket_jkp

Browse code (refs #644)Fix authentication for Git access via HTTP master
1 parent 1208232 commit cacce54714944afd521ddcae6d401fda7c34f223 Naoki Takezoe authored on 12 Mar 2015

Patch

Unified Split

Showing 1 changed file

                Ignore Space
               Show notes
              View
            
          
          11 ■■■■■
          src/main/scala/gitbucket/core/servlet/BasicAuthenticationFilter.scala
       override def setCharacterEncoding(encoding: String) = {}
    }
 
    val isUpdating = request.getRequestURI.endsWith("/git-receive-pack") || "service=git-receive-pack".equals(request.getQueryString)
 
    val settings = loadSystemSettings()
 
    try {
      defining(request.paths){
                  case null => requireAuth(response)
                  case auth => decodeAuthHeader(auth).split(":") match {
                    case Array(username, password) => {
                      authenticate(settings, username, password) match {
                        case Some(account) => {
                          if(isUpdating && hasWritePermission(repository.owner, repository.name, Some(account))){
                        case Some(account) if (isUpdating || repository.repository.isPrivate) => {
                          if(hasWritePermission(repository.owner, repository.name, Some(account))){
                            request.setAttribute(Keys.Request.UserName, account.userName)
                            chain.doFilter(req, wrappedResponse)
                          } else {
                            requireAuth(response)
                          }
                          chain.doFilter(req, wrappedResponse)
                        }
                        case None => requireAuth(response)
                        case _ => requireAuth(response)
                      }
                    }
                    case _ => requireAuth(response)
                  }
       override def setCharacterEncoding(encoding: String) = {}
     }
     val isUpdating = request.getRequestURI.endsWith("/git-receive-pack") || "service=git-receive-pack".equals(request.getQueryString)
     val settings = loadSystemSettings()
     try {
       defining(request.paths){
                   case null => requireAuth(response)
                   case auth => decodeAuthHeader(auth).split(":") match {
                     case Array(username, password) => {
                       authenticate(settings, username, password) match {
+                        case Some(account) => {
+                          if(isUpdating && hasWritePermission(repository.owner, repository.name, Some(account))){
+                        case Some(account) if (isUpdating || repository.repository.isPrivate) => {
+                          if(hasWritePermission(repository.owner, repository.name, Some(account))){
                             request.setAttribute(Keys.Request.UserName, account.userName)
+                            chain.doFilter(req, wrappedResponse)
+                          } else {
+                            requireAuth(response)
                           }
-                          chain.doFilter(req, wrappedResponse)
                         }
+                        case None => requireAuth(response)
+                        case _ => requireAuth(response)
                       }
                     }
                     case _ => requireAuth(response)
                   }

Show line notes below