From 93e7b604cd922da0a71d587b5645beab7aa65d80 Mon Sep 17 00:00:00 2001 From: banjun Date: Mon, 6 Apr 2015 22:14:26 +0900 Subject: [PATCH] let non-anonymous user read access to public repos with basic auth --- .../core/servlet/BasicAuthenticationFilter.scala | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/src/main/scala/gitbucket/core/servlet/BasicAuthenticationFilter.scala b/src/main/scala/gitbucket/core/servlet/BasicAuthenticationFilter.scala index a8467b8d0..42acffd99 100644 --- a/src/main/scala/gitbucket/core/servlet/BasicAuthenticationFilter.scala +++ b/src/main/scala/gitbucket/core/servlet/BasicAuthenticationFilter.scala @@ -43,12 +43,16 @@ class BasicAuthenticationFilter extends Filter with RepositoryService with Accou case auth => decodeAuthHeader(auth).split(":", 2) match { case Array(username, password) => { authenticate(settings, username, password) match { - case Some(account) if (isUpdating || repository.repository.isPrivate) => { - if(hasWritePermission(repository.owner, repository.name, Some(account))){ - request.setAttribute(Keys.Request.UserName, account.userName) - chain.doFilter(req, wrappedResponse) + case Some(account) => { + if (isUpdating || repository.repository.isPrivate) { + if(hasWritePermission(repository.owner, repository.name, Some(account))){ + request.setAttribute(Keys.Request.UserName, account.userName) + chain.doFilter(req, wrappedResponse) + } else { + requireAuth(response) + } } else { - requireAuth(response) + chain.doFilter(req, wrappedResponse) } } case _ => requireAuth(response)