Nemcio/GitBucket
1
0
Fork 0
mirror of https://github.com/gitbucket/gitbucket.git synced 2025-11-08 22:45:51 +01:00
Code Issues Packages Projects Releases Wiki Activity

(refs #464)Add Security sealed trait which is used by plugin

Browse Source
This commit is contained in:
Naoki Takezoe
2014-08-12 00:02:48 +09:00
parent 4e652b5ccd
commit ea5d898b27
3 changed files with 27 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/main/scala/servlet/PluginActionInvokeFilter.scala
View File

@@ -11,6 +11,7 @@ import plugin.PluginConnectionHolder
import service.RepositoryService.RepositoryInfo
import service.SystemSettingsService.SystemSettings
import org.json4s.jackson.Json
import plugin.Security._
class PluginActionInvokeFilter extends Filter with SystemSettingsService with RepositoryService with AccountService {
@@ -84,28 +85,28 @@ class PluginActionInvokeFilter extends Filter with SystemSettingsService with Re
} else false
}
private def filterAction(security: String, context: app.Context, repository: Option[RepositoryInfo] = None): Boolean = {
private def filterAction(security: Security, context: app.Context, repository: Option[RepositoryInfo] = None): Boolean = {
if(repository.isDefined){
if(repository.get.repository.isPrivate){
security match {
case "owner" => context.loginAccount.isDefined && context.loginAccount.get.userName == repository.get.owner // TODO for group repository
case "member" => false // TODO owner or collaborator
case "admin" => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
case Owner() => context.loginAccount.isDefined && context.loginAccount.get.userName == repository.get.owner // TODO for group repository
case Member() => false // TODO owner or collaborator
case Admin() => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
}
} else {
security match {
case "all" => true
case "login" => context.loginAccount.isDefined
case "owner" => context.loginAccount.isDefined && context.loginAccount.get.userName == repository.get.owner // TODO for group repository
case "member" => false // TODO owner or collaborator
case "admin" => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
case All() => true
case Login() => context.loginAccount.isDefined
case Owner() => context.loginAccount.isDefined && context.loginAccount.get.userName == repository.get.owner // TODO for group repository
case Member() => false // TODO owner or collaborator
case Admin() => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
}
}
} else {
security match {
case "all" => true
case "login" => context.loginAccount.isDefined
case "admin" => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
case All() => true
case Login() => context.loginAccount.isDefined
case Admin() => context.loginAccount.isDefined && context.loginAccount.get.isAdmin
}
}
}