summaryrefslogtreecommitdiffstats
path: root/src/com
diff options
context:
space:
mode:
Diffstat (limited to 'src/com')
-rw-r--r--src/com/gitblit/AccessRestrictionFilter.java5
-rw-r--r--src/com/gitblit/DownloadZipFilter.java3
-rw-r--r--src/com/gitblit/GitFilter.java12
-rw-r--r--src/com/gitblit/PagesFilter.java3
-rw-r--r--src/com/gitblit/SyndicationFilter.java3
5 files changed, 19 insertions, 7 deletions
diff --git a/src/com/gitblit/AccessRestrictionFilter.java b/src/com/gitblit/AccessRestrictionFilter.java
index e9b6587b..aeb6835c 100644
--- a/src/com/gitblit/AccessRestrictionFilter.java
+++ b/src/com/gitblit/AccessRestrictionFilter.java
@@ -74,9 +74,10 @@ public abstract class AccessRestrictionFilter extends AuthenticationFilter {
* Determine if the repository requires authentication.
*
* @param repository
+ * @param action
* @return true if authentication required
*/
- protected abstract boolean requiresAuthentication(RepositoryModel repository);
+ protected abstract boolean requiresAuthentication(RepositoryModel repository, String action);
/**
* Determine if the user can access the repository and perform the specified
@@ -144,7 +145,7 @@ public abstract class AccessRestrictionFilter extends AuthenticationFilter {
}
// BASIC authentication challenge and response processing
- if (!StringUtils.isEmpty(urlRequestType) && requiresAuthentication(model)) {
+ if (!StringUtils.isEmpty(urlRequestType) && requiresAuthentication(model, urlRequestType)) {
if (user == null) {
// challenge client to provide credentials. send 401.
if (GitBlit.isDebugMode()) {
diff --git a/src/com/gitblit/DownloadZipFilter.java b/src/com/gitblit/DownloadZipFilter.java
index d22649b5..e515b55e 100644
--- a/src/com/gitblit/DownloadZipFilter.java
+++ b/src/com/gitblit/DownloadZipFilter.java
@@ -72,10 +72,11 @@ public class DownloadZipFilter extends AccessRestrictionFilter {
* Determine if the repository requires authentication.
*
* @param repository
+ * @param action
* @return true if authentication required
*/
@Override
- protected boolean requiresAuthentication(RepositoryModel repository) {
+ protected boolean requiresAuthentication(RepositoryModel repository, String action) {
return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW);
}
diff --git a/src/com/gitblit/GitFilter.java b/src/com/gitblit/GitFilter.java
index e76fd767..4ae5b6c2 100644
--- a/src/com/gitblit/GitFilter.java
+++ b/src/com/gitblit/GitFilter.java
@@ -105,11 +105,19 @@ public class GitFilter extends AccessRestrictionFilter {
* Determine if the repository requires authentication.
*
* @param repository
+ * @param action
* @return true if authentication required
*/
@Override
- protected boolean requiresAuthentication(RepositoryModel repository) {
- return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);
+ protected boolean requiresAuthentication(RepositoryModel repository, String action) {
+ if (gitUploadPack.equals(action)) {
+ // send to client
+ return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE);
+ } else if (gitReceivePack.equals(action)) {
+ // receive from client
+ return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH);
+ }
+ return false;
}
/**
diff --git a/src/com/gitblit/PagesFilter.java b/src/com/gitblit/PagesFilter.java
index b29bede2..c092c64d 100644
--- a/src/com/gitblit/PagesFilter.java
+++ b/src/com/gitblit/PagesFilter.java
@@ -92,10 +92,11 @@ public class PagesFilter extends AccessRestrictionFilter {
* Determine if the repository requires authentication.
*
* @param repository
+ * @param action
* @return true if authentication required
*/
@Override
- protected boolean requiresAuthentication(RepositoryModel repository) {
+ protected boolean requiresAuthentication(RepositoryModel repository, String action) {
return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW);
}
diff --git a/src/com/gitblit/SyndicationFilter.java b/src/com/gitblit/SyndicationFilter.java
index 7e2561b9..08265666 100644
--- a/src/com/gitblit/SyndicationFilter.java
+++ b/src/com/gitblit/SyndicationFilter.java
@@ -70,10 +70,11 @@ public class SyndicationFilter extends AccessRestrictionFilter {
* Determine if the repository requires authentication.
*
* @param repository
+ * @param action
* @return true if authentication required
*/
@Override
- protected boolean requiresAuthentication(RepositoryModel repository) {
+ protected boolean requiresAuthentication(RepositoryModel repository, String action) {
return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW);
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-30 07:02:38 +0000