From: Simon Brandhof Date: Wed, 7 Nov 2012 13:53:45 +0000 (+0100) Subject: SONAR-3895 emulate global role "user" X-Git-Tag: 3.4~367 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=3130c5526c708aecf1c504711d5a83f53e5915fc;p=sonarqube.git SONAR-3895 emulate global role "user" --- diff --git a/sonar-server/src/main/webapp/WEB-INF/lib/need_authorization.rb b/sonar-server/src/main/webapp/WEB-INF/lib/need_authorization.rb index cb6b9e77fce..9eb60637ce5 100644 --- a/sonar-server/src/main/webapp/WEB-INF/lib/need_authorization.rb +++ b/sonar-server/src/main/webapp/WEB-INF/lib/need_authorization.rb @@ -58,7 +58,17 @@ module NeedAuthorization # def has_role?(role, objects=nil) if objects.nil? - AuthorizerFactory.authorizer.has_role?(self, role.to_sym) + role_symbol=role.to_sym + if role_symbol==:admin + AuthorizerFactory.authorizer.has_role?(self, role_symbol) + else + # There's no concept of global users or global codeviewers. + # Someone is considered as user if + # - authentication is not forced + # - authentication is forced and user is authenticated + force_authentication = Api::Utils.java_facade.getConfigurationValue('sonar.forceAuthentication')=='true' + !force_authentication || self.id + end elsif objects.is_a?(Array) has_role_for_resources?(role, objects) else @@ -72,7 +82,7 @@ module NeedAuthorization def has_role_for_resources?(role, objects) return [] if objects.nil? || objects.size==0 - + resource_ids=[] objects.each do |obj| resource_ids<