@@ -6,6 +6,7 @@ | |||
#### fixes | |||
- Fixed bug where a repository set as authenticated push did not have anonymous clone access (issue 96) | |||
- Fixed bug in Basic authentication if passwords had a colon (Github/peterloron) | |||
#### changes |
@@ -74,9 +74,10 @@ public abstract class AccessRestrictionFilter extends AuthenticationFilter { | |||
* Determine if the repository requires authentication. | |||
* | |||
* @param repository | |||
* @param action | |||
* @return true if authentication required | |||
*/ | |||
protected abstract boolean requiresAuthentication(RepositoryModel repository); | |||
protected abstract boolean requiresAuthentication(RepositoryModel repository, String action); | |||
/** | |||
* Determine if the user can access the repository and perform the specified | |||
@@ -144,7 +145,7 @@ public abstract class AccessRestrictionFilter extends AuthenticationFilter { | |||
} | |||
// BASIC authentication challenge and response processing | |||
if (!StringUtils.isEmpty(urlRequestType) && requiresAuthentication(model)) { | |||
if (!StringUtils.isEmpty(urlRequestType) && requiresAuthentication(model, urlRequestType)) { | |||
if (user == null) { | |||
// challenge client to provide credentials. send 401. | |||
if (GitBlit.isDebugMode()) { |
@@ -72,10 +72,11 @@ public class DownloadZipFilter extends AccessRestrictionFilter { | |||
* Determine if the repository requires authentication. | |||
* | |||
* @param repository | |||
* @param action | |||
* @return true if authentication required | |||
*/ | |||
@Override | |||
protected boolean requiresAuthentication(RepositoryModel repository) { | |||
protected boolean requiresAuthentication(RepositoryModel repository, String action) { | |||
return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW); | |||
} | |||
@@ -105,11 +105,19 @@ public class GitFilter extends AccessRestrictionFilter { | |||
* Determine if the repository requires authentication. | |||
* | |||
* @param repository | |||
* @param action | |||
* @return true if authentication required | |||
*/ | |||
@Override | |||
protected boolean requiresAuthentication(RepositoryModel repository) { | |||
return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH); | |||
protected boolean requiresAuthentication(RepositoryModel repository, String action) { | |||
if (gitUploadPack.equals(action)) { | |||
// send to client | |||
return repository.accessRestriction.atLeast(AccessRestrictionType.CLONE); | |||
} else if (gitReceivePack.equals(action)) { | |||
// receive from client | |||
return repository.accessRestriction.atLeast(AccessRestrictionType.PUSH); | |||
} | |||
return false; | |||
} | |||
/** |
@@ -92,10 +92,11 @@ public class PagesFilter extends AccessRestrictionFilter { | |||
* Determine if the repository requires authentication. | |||
* | |||
* @param repository | |||
* @param action | |||
* @return true if authentication required | |||
*/ | |||
@Override | |||
protected boolean requiresAuthentication(RepositoryModel repository) { | |||
protected boolean requiresAuthentication(RepositoryModel repository, String action) { | |||
return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW); | |||
} | |||
@@ -70,10 +70,11 @@ public class SyndicationFilter extends AccessRestrictionFilter { | |||
* Determine if the repository requires authentication. | |||
* | |||
* @param repository | |||
* @param action | |||
* @return true if authentication required | |||
*/ | |||
@Override | |||
protected boolean requiresAuthentication(RepositoryModel repository) { | |||
protected boolean requiresAuthentication(RepositoryModel repository, String action) { | |||
return repository.accessRestriction.atLeast(AccessRestrictionType.VIEW); | |||
} | |||