Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-07 05:55:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/takezoe/gitbucket

Browse Source
This commit is contained in:
takezoe
2014-04-18 07:54:10 +09:00
parent d558476cd2 1db891a771
commit 82ef5457b0
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/main/scala/servlet/BasicAuthenticationFilter.scala
View File

@@ -3,6 +3,7 @@ package servlet
import javax.servlet._ import javax.servlet._
import javax.servlet.http._ import javax.servlet.http._
import service.{SystemSettingsService, AccountService, RepositoryService} import service.{SystemSettingsService, AccountService, RepositoryService}
import model.Account
import org.slf4j.LoggerFactory import org.slf4j.LoggerFactory
import util.Implicits._ import util.Implicits._
import util.ControlUtil._ import util.ControlUtil._
@@ -38,10 +39,13 @@ class BasicAuthenticationFilter extends Filter with RepositoryService with Accou
request.getHeader("Authorization") match { request.getHeader("Authorization") match {
case null => requireAuth(response) case null => requireAuth(response)
case auth => decodeAuthHeader(auth).split(":") match { case auth => decodeAuthHeader(auth).split(":") match {
case Array(username, password) if(isWritableUser(username, password, repository)) => { case Array(username, password) => getWritableUser(username, password, repository) match {
request.setAttribute(Keys.Request.UserName, username) case Some(account) => {
request.setAttribute(Keys.Request.UserName, account.userName)
chain.doFilter(req, wrappedResponse) chain.doFilter(req, wrappedResponse)
} }
case None => requireAuth(response)
}
case _ => requireAuth(response) case _ => requireAuth(response)
} }
} }
@@ -61,10 +65,10 @@ class BasicAuthenticationFilter extends Filter with RepositoryService with Accou
} }
} }
private def isWritableUser(username: String, password: String, repository: RepositoryService.RepositoryInfo): Boolean = private def getWritableUser(username: String, password: String, repository: RepositoryService.RepositoryInfo): Option[Account] =
authenticate(loadSystemSettings(), username, password) match { authenticate(loadSystemSettings(), username, password) match {
case Some(account) => hasWritePermission(repository.owner, repository.name, Some(account)) case x @ Some(account) if(hasWritePermission(repository.owner, repository.name, x)) => x
case None => false case _ => None
} }
private def requireAuth(response: HttpServletResponse): Unit = { private def requireAuth(response: HttpServletResponse): Unit = {