diff --git a/src/main/scala/gitbucket/core/util/Authenticator.scala b/src/main/scala/gitbucket/core/util/Authenticator.scala index 03f0e59..5cc52a9 100644 --- a/src/main/scala/gitbucket/core/util/Authenticator.scala +++ b/src/main/scala/gitbucket/core/util/Authenticator.scala @@ -15,12 +15,10 @@ protected def oneselfOnly[T](action: T => Any) = (form: T) => { authenticate(action(form)) } private def authenticate(action: => Any) = { - defining(request.paths) { paths => - context.loginAccount match { - case Some(x) if (x.isAdmin) => action - case Some(x) if (paths(0) == x.userName) => action - case _ => Unauthorized() - } + context.loginAccount match { + case Some(x) if (x.isAdmin) => action + case Some(x) if (request.paths(0) == x.userName) => action + case _ => Unauthorized() } } } @@ -33,22 +31,23 @@ protected def ownerOnly[T](action: (T, RepositoryInfo) => Any) = (form: T) => { authenticate(action(form, _)) } private def authenticate(action: (RepositoryInfo) => Any) = { - defining(request.paths) { paths => - getRepository(paths(0), paths(1)).map { repository => - context.loginAccount match { - case Some(x) if (x.isAdmin) => action(repository) - case Some(x) if (repository.owner == x.userName) => action(repository) - // TODO Repository management is allowed for only group managers? - case Some(x) if (getGroupMembers(repository.owner).exists { m => - m.userName == x.userName && m.isManager == true - }) => - action(repository) - case Some(x) if (getCollaboratorUserNames(paths(0), paths(1), Seq(Role.ADMIN)).contains(x.userName)) => - action(repository) - case _ => Unauthorized() - } - } getOrElse NotFound() - } + val paths = request.paths + val userName = params.getOrElse("owner", paths(0)) + val repoName = params.getOrElse("repository", paths(1)) + getRepository(userName, repoName).map { repository => + context.loginAccount match { + case Some(x) if (x.isAdmin) => action(repository) + case Some(x) if (repository.owner == x.userName) => action(repository) + // TODO Repository management is allowed for only group managers? + case Some(x) if (getGroupMembers(repository.owner).exists { m => + m.userName == x.userName && m.isManager == true + }) => + action(repository) + case Some(x) if (getCollaboratorUserNames(userName, repoName, Seq(Role.ADMIN)).contains(x.userName)) => + action(repository) + case _ => Unauthorized() + } + } getOrElse NotFound() } } @@ -90,15 +89,16 @@ protected def referrersOnly[T](action: (T, RepositoryInfo) => Any) = (form: T) => { authenticate(action(form, _)) } private def authenticate(action: (RepositoryInfo) => Any) = { - defining(request.paths) { paths => - getRepository(paths(0), paths(1)).map { repository => - if (isReadable(repository.repository, context.loginAccount)) { - action(repository) - } else { - Unauthorized() - } - } getOrElse NotFound() - } + val paths = request.paths + val userName = params.getOrElse("owner", paths(0)) + val repoName = params.getOrElse("repository", paths(1)) + getRepository(userName, repoName).map { repository => + if (isReadable(repository.repository, context.loginAccount)) { + action(repository) + } else { + Unauthorized() + } + } getOrElse NotFound() } } @@ -112,18 +112,19 @@ } private def authenticate(action: (RepositoryInfo) => Any) = { - defining(request.paths) { paths => - getRepository(paths(0), paths(1)).map { repository => - context.loginAccount match { - case Some(x) if (x.isAdmin) => action(repository) - case Some(x) if (!repository.repository.isPrivate) => action(repository) - case Some(x) if (paths(0) == x.userName) => action(repository) - case Some(x) if (getGroupMembers(repository.owner).exists(_.userName == x.userName)) => action(repository) - case Some(x) if (getCollaboratorUserNames(paths(0), paths(1)).contains(x.userName)) => action(repository) - case _ => Unauthorized() - } - } getOrElse NotFound() - } + val paths = request.paths + val userName = params.getOrElse("owner", paths(0)) + val repoName = params.getOrElse("repository", paths(1)) + getRepository(userName, repoName).map { repository => + context.loginAccount match { + case Some(x) if (x.isAdmin) => action(repository) + case Some(x) if (!repository.repository.isPrivate) => action(repository) + case Some(x) if (userName == x.userName) => action(repository) + case Some(x) if (getGroupMembers(repository.owner).exists(_.userName == x.userName)) => action(repository) + case Some(x) if (getCollaboratorUserNames(userName, repoName).contains(x.userName)) => action(repository) + case _ => Unauthorized() + } + } getOrElse NotFound() } } @@ -137,20 +138,21 @@ } private def authenticate(action: (RepositoryInfo) => Any) = { - defining(request.paths) { paths => - getRepository(paths(0), paths(1)).map { repository => - context.loginAccount match { - case Some(x) if (x.isAdmin) => action(repository) - case Some(x) if (paths(0) == x.userName) => action(repository) - case Some(x) if (getGroupMembers(repository.owner).exists(_.userName == x.userName)) => action(repository) - case Some(x) - if (getCollaboratorUserNames(paths(0), paths(1), Seq(Role.ADMIN, Role.DEVELOPER)) - .contains(x.userName)) => - action(repository) - case _ => Unauthorized() - } - } getOrElse NotFound() - } + val paths = request.paths + val userName = params.getOrElse("owner", paths(0)) + val repoName = params.getOrElse("repository", paths(1)) + getRepository(userName, repoName).map { repository => + context.loginAccount match { + case Some(x) if (x.isAdmin) => action(repository) + case Some(x) if (userName == x.userName) => action(repository) + case Some(x) if (getGroupMembers(repository.owner).exists(_.userName == x.userName)) => action(repository) + case Some(x) + if (getCollaboratorUserNames(userName, repoName, Seq(Role.ADMIN, Role.DEVELOPER)) + .contains(x.userName)) => + action(repository) + case _ => Unauthorized() + } + } getOrElse NotFound() } } @@ -162,14 +164,12 @@ protected def managersOnly[T](action: T => Any) = (form: T) => { authenticate(action(form)) } private def authenticate(action: => Any) = { - defining(request.paths) { paths => - context.loginAccount match { - case Some(x) if (getGroupMembers(paths(0)).exists { member => - member.userName == x.userName && member.isManager - }) => - action - case _ => Unauthorized() - } + context.loginAccount match { + case Some(x) if (getGroupMembers(request.paths(0)).exists { member => + member.userName == x.userName && member.isManager + }) => + action + case _ => Unauthorized() } } }