Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-05 04:56:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix OwnerOnlyAuthenticator

Browse Source
This commit is contained in:
takezoe
2013-07-03 16:34:01 +09:00
parent d26a07e28e
commit 04da7eb9de
1 changed files with 12 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
src/main/scala/util/Authenticator.scala
View File

@@ -7,17 +7,20 @@ import RepositoryService.RepositoryInfo
/**
* Allows only the repository owner and administrators.
*/
trait OwnerOnlyAuthenticator { self: ControllerBase =>
protected def ownerOnly(action: => Any) = { authenticate(action) }
protected def ownerOnly[T](action: T => Any) = (form: T) => { authenticate(action(form)) }
trait OwnerOnlyAuthenticator { self: ControllerBase with RepositoryService =>
protected def ownerOnly(action: (RepositoryInfo) => Any) = { authenticate(action) }
protected def ownerOnly[T](action: (T, RepositoryInfo) => Any) = (form: T) => { authenticate(action(form, _)) }
private def authenticate(action: => Any) = {
private def authenticate(action: (RepositoryInfo) => Any) = {
{
context.loginAccount match {
case Some(x) if(x.isAdmin) => action
case Some(x) if(request.getRequestURI.split("/")(1) == x.userName) => action
case _ => Unauthorized()
}
val paths = request.getRequestURI.substring(request.getContextPath.length).split("/")
getRepository(paths(1), paths(2), baseUrl).map { repository =>
context.loginAccount match {
case Some(x) if(x.isAdmin) => action(repository)
case Some(x) if(repository.owner == x.userName) => action(repository)
case _ => Unauthorized()
}
} getOrElse NotFound()
}
}
}
@@ -43,7 +46,6 @@ trait UsersOnlyAuthenticator { self: ControllerBase =>
* Allows only administrators.
*/
trait AdminOnlyAuthenticator { self: ControllerBase =>
protected def adminOnly(action: => Any) = { authenticate(action) }
protected def adminOnly[T](action: T => Any) = (form: T) => { authenticate(action(form)) }