Fix auth issue on #80

1 files changed, 19 insertions, 17 deletions

diff --git a/routers/repo/http.go b/routers/repo/http.go
index c0009f282f..0a211c6f3f 100644
--- a/routers/repo/http.go
+++ b/routers/repo/http.go
@@ -58,7 +58,8 @@ func Http(ctx *middleware.Context, params martini.Params) {
 	}
 
 	// only public pull don't need auth
-	var askAuth = !(!repo.IsPrivate && isPull) || base.Service.RequireSignInView
+	isPublicPull := !repo.IsPrivate && isPull
+	var askAuth = !isPublicPull || base.Service.RequireSignInView
 
 	var authUser *models.User
 
@@ -91,32 +92,33 @@ func Http(ctx *middleware.Context, params martini.Params) {
 		}
 
 		newUser := &models.User{Passwd: passwd, Salt: authUser.Salt}
-
 		newUser.EncodePasswd()
 		if authUser.Passwd != newUser.Passwd {
 			ctx.Handle(401, "no basic auth and digit auth", nil)
 			return
 		}
 
-		var tp = models.AU_WRITABLE
-		if isPull {
-			tp = models.AU_READABLE
-		}
+		if !isPublicPull {
+			var tp = models.AU_WRITABLE
+			if isPull {
+				tp = models.AU_READABLE
+			}
 
-		has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
-		if err != nil {
-			ctx.Handle(401, "no basic auth and digit auth", nil)
-			return
-		} else if !has {
-			if tp == models.AU_READABLE {
-				has, err = models.HasAccess(authUsername, username+"/"+reponame, models.AU_WRITABLE)
-				if err != nil || !has {
+			has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
+			if err != nil {
+				ctx.Handle(401, "no basic auth and digit auth", nil)
+				return
+			} else if !has {
+				if tp == models.AU_READABLE {
+					has, err = models.HasAccess(authUsername, username+"/"+reponame, models.AU_WRITABLE)
+					if err != nil || !has {
+						ctx.Handle(401, "no basic auth and digit auth", nil)
+						return
+					}
+				} else {
 					ctx.Handle(401, "no basic auth and digit auth", nil)
 					return
 				}
-			} else {
-				ctx.Handle(401, "no basic auth and digit auth", nil)
-				return
 			}
 		}
 	}