my $method = $r->method;
return OK unless defined $read_only_methods{$method};
-
- return OK if is_authentication_forced($r);
my $project_id = get_project_identifier($r);
my ($res, $redmine_pass) = $r->get_basic_auth_pw();
return $res unless $res == OK;
- my $project_id = get_project_identifier($r);
- my $method = $r->method;
- if (defined $read_only_methods{$method} && is_public_project($project_id, $r) && non_member_role_allows_browse_repository($r)) {
- return OK;
- }
-
if (is_member($r->user, $redmine_pass, $r)) {
return OK;
} else {
sub is_public_project {
my $project_id = shift;
my $r = shift;
+
+ if (is_authentication_forced($r)) {
+ return 0;
+ }
my $dbh = connect_database($r);
my $sth = $dbh->prepare(
$ret;
}
-sub system_role_allows_browse_repository {
+sub anonymous_role_allows_browse_repository {
my $r = shift;
- my $system_role = shift;
my $dbh = connect_database($r);
my $sth = $dbh->prepare(
- "SELECT permissions FROM roles WHERE builtin = ?;"
+ "SELECT permissions FROM roles WHERE builtin = 2;"
);
- $sth->execute($system_role);
+ $sth->execute();
my $ret = 0;
if (my @row = $sth->fetchrow_array) {
if ($row[0] =~ /:browse_repository/) {
$ret;
}
-sub non_member_role_allows_browse_repository {
- my $r = shift;
- my $ret = system_role_allows_browse_repository($r, 1);
- $ret;
-}
-
-sub anonymous_role_allows_browse_repository {
- my $r = shift;
- my $ret = system_role_allows_browse_repository($r, 2);
- $ret;
-}
-
# perhaps we should use repository right (other read right) to check public access.
# it could be faster BUT it doesn't work for the moment.
# sub is_public_project_by_file {
projects / redmine.git / commitdiff