Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-02 19:45:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix basic authentication to encrypt entered password.

Browse Source
This commit is contained in:
takezoe
2013-06-30 02:14:56 +09:00
parent 5aab24990f
commit a9d0ddbf5a
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/scala/servlet/BasicAuthenticationFilter.scala
View File

@@ -2,6 +2,7 @@ package servlet
import javax.servlet._
import javax.servlet.http._
import util.StringUtil._
import service.{AccountService, RepositoryService}
import org.slf4j.LoggerFactory
@@ -54,7 +55,7 @@ class BasicAuthenticationFilter extends Filter with RepositoryService with Accou
private def isWritableUser(username: String, password: String, repository: RepositoryService.RepositoryInfo): Boolean = {
getAccountByUserName(username) match {
case Some(account) if(account.password == password) => {
case Some(account) if(account.password == encrypt(password)) => {
(account.isAdmin // administrator
|| account.userName == repository.owner // repository owner
|| getCollaborators(repository.owner, repository.name).contains(account.userName)) // collaborator