Fix access to Repository Parent Path (FORBIDEN instead of AUTH_REQUIRED).

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/swistak@2058 e93f8b46-1217-0410-a6f0-8f06a7374b81
2026-03-05 12:01:23 +01:00 · 2008-11-27 14:51:14 +00:00
parent f6b1583a1a
commit 131b15fc7a
1 changed files with 7 additions and 3 deletions
--- a/extra/svn/Redmine.pm
+++ b/extra/svn/Redmine.pm
@@ -238,7 +238,11 @@ sub authen_handler {
  my ($res, $redmine_pass) =  $r->get_basic_auth_pw();
  return $res unless $res == OK;
  
-  if (is_member($r->user, $redmine_pass, $r)) {
+  my $project_id  = get_project_identifier($r);
+  if (!$project_id) {
+    return FORBIDDEN;
+  }
+  if (is_member($r->user, $redmine_pass, $r, $project_id)) {
      return OK;
  } else {
      $r->note_auth_failure();
@@ -294,9 +298,9 @@ sub is_member {
  my $redmine_user = shift;
  my $redmine_pass = shift;
  my $r = shift;
+  my $project_id = shift;

  my $dbh         = connect_database($r);
-  my $project_id  = get_project_identifier($r);

  my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass);

@@ -355,7 +359,7 @@ sub get_project_identifier {
    
    my $location = $r->location;
    my ($identifier) = $r->uri =~ m{$location/*([^/]+)};
-    $identifier ? $identifier : " ";
+    $identifier;
 }

 sub connect_database {