diff options
| author | James Moger <james.moger@gmail.com> | 2016-01-16 18:10:19 -0500 |
|---|---|---|
| committer | James Moger <james.moger@gmail.com> | 2016-01-16 18:10:19 -0500 |
| commit | 3d10bc669a9ba263c2e5884ac3e1a7eb4c2f11b6 (patch) | |
| tree | 9eecf8ffc32c80bd5899105dc1f7a77c02315022 /src | |
| parent | 2539ceea0d47467d54cedd340afa6ede2909b2bd (diff) | |
| parent | d54bd60b923bbd703bb668601d412d4295d2f503 (diff) | |
| download | gitblit-3d10bc669a9ba263c2e5884ac3e1a7eb4c2f11b6.tar.gz gitblit-3d10bc669a9ba263c2e5884ac3e1a7eb4c2f11b6.zip | |
Merge pull request #994 from KeDevServices/master
Fix for #993 LIST_BRANCHES without admin
Diffstat (limited to 'src')
| -rw-r--r-- | src/main/java/com/gitblit/servlet/RpcFilter.java | 15 |
1 files changed, 2 insertions, 13 deletions
diff --git a/src/main/java/com/gitblit/servlet/RpcFilter.java b/src/main/java/com/gitblit/servlet/RpcFilter.java index 34474d55..355bcb96 100644 --- a/src/main/java/com/gitblit/servlet/RpcFilter.java +++ b/src/main/java/com/gitblit/servlet/RpcFilter.java @@ -128,7 +128,7 @@ public class RpcFilter extends AuthenticationFilter { return;
} else {
// check user access for request
- if (user.canAdmin() || canAccess(user, requestType)) {
+ if (user.canAdmin() || !adminRequest) {
// authenticated request permitted.
// pass processing to the restricted servlet.
newSession(authenticatedRequest, httpResponse);
@@ -153,15 +153,4 @@ public class RpcFilter extends AuthenticationFilter { // pass processing to the restricted servlet.
chain.doFilter(authenticatedRequest, httpResponse);
}
-
- private boolean canAccess(UserModel user, RpcRequest requestType) {
- switch (requestType) {
- case GET_PROTOCOL:
- return true;
- case LIST_REPOSITORIES:
- return true;
- default:
- return user.canAdmin();
- }
- }
-}
\ No newline at end of file +}
|