Skip to content

Commit 0ea5c43

Browse files
takezoetakezoe
committed
(refs gitbucket#10)Update authentication for git repository access
1 parent 3fab3d2 commit 0ea5c43

File tree

1 file changed

+9
-26
lines changed

1 file changed

+9
-26
lines changed

src/main/scala/Plugin.scala

Lines changed: 9 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,11 @@
11
import javax.servlet.http.{HttpServletResponse, HttpServletRequest}
22

3+
import gitbucket.core.model._
34
import gitbucket.core.service.AccountService
45
import gitbucket.core.service.SystemSettingsService.SystemSettings
56
import gitbucket.gist.controller.GistController
67
import gitbucket.core.plugin._
78
import gitbucket.core.util.Version
8-
import gitbucket.core.util.Implicits._
99
import java.io.File
1010
import javax.servlet.ServletContext
1111
import gitbucket.gist.util.Configurations._
@@ -64,33 +64,16 @@ class Plugin extends gitbucket.core.plugin.Plugin {
6464

6565
class GistRepositoryFilter extends GitRepositoryFilter with AccountService {
6666

67-
override def filter(request: HttpServletRequest, response: HttpServletResponse,
68-
settings: SystemSettings, isUpdating: Boolean): Boolean = {
69-
implicit val r = request
70-
67+
override def filter(path: String, userName: Option[String], settings: SystemSettings, isUpdating: Boolean)
68+
(implicit session: Session): Boolean = {
7169
if(isUpdating){
72-
// Allow updating to self repository only
73-
val passed = for {
74-
auth <- Option(request.getHeader("Authorization"))
75-
Array(username, password) = decodeAuthHeader(auth).split(":", 2)
76-
account <- authenticate(settings, username, password)
77-
} yield {
78-
request.paths match {
79-
case Array(_, _, owner, _*) => owner == username || account.isAdmin
80-
}
81-
}
82-
83-
passed getOrElse false
70+
(for {
71+
userName <- userName
72+
account <- getAccountByUserName(userName)
73+
} yield
74+
path.startsWith(userName + "/") || account.isAdmin
75+
).getOrElse(false)
8476
} else true
8577
}
8678

87-
// TODO This method shoud be provided by gitbucket-core
88-
private def decodeAuthHeader(header: String): String = {
89-
try {
90-
new String(new sun.misc.BASE64Decoder().decodeBuffer(header.substring(6)))
91-
} catch {
92-
case _: Throwable => ""
93-
}
94-
}
95-
9679
}

0 commit comments

Comments
 (0)