diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-01-29 10:41:33 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2017-01-29 10:41:33 +0000 |
| commit | 83921f27d4aff8b24c3a3e4685b92196d3439424 (patch) | |
| tree | ca3b71fe3e3716c42d7b653a793ca886010e8a17 | |
| parent | 2e6d3f447bb6d0550fe12782b0d5e9f148fda55f (diff) | |
| download | redmine-83921f27d4aff8b24c3a3e4685b92196d3439424.tar.gz redmine-83921f27d4aff8b24c3a3e4685b92196d3439424.zip | |
Merged r16286 (#24307).
git-svn-id: http://svn.redmine.org/redmine/branches/3.2-stable@16297 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | extra/svn/Redmine.pm | 5 | ||||
| -rw-r--r-- | test/extra/redmine_pm/repository_subversion_test_pm.rb | 25 |
2 files changed, 28 insertions, 2 deletions
diff --git a/extra/svn/Redmine.pm b/extra/svn/Redmine.pm index bac1cb2fc..0cb99b632 100644 --- a/extra/svn/Redmine.pm +++ b/extra/svn/Redmine.pm @@ -244,6 +244,7 @@ sub RedmineDSN { WHERE users.login=? AND projects.identifier=? + AND EXISTS (SELECT 1 FROM enabled_modules em WHERE em.project_id = projects.id AND em.name = 'repository') AND users.type='User' AND users.status=1 AND ( @@ -390,7 +391,9 @@ sub is_public_project { my $dbh = connect_database($r); my $sth = $dbh->prepare( - "SELECT is_public FROM projects WHERE projects.identifier = ? AND projects.status <> 9;" + "SELECT is_public FROM projects + WHERE projects.identifier = ? AND projects.status <> 9 + AND EXISTS (SELECT 1 FROM enabled_modules em WHERE em.project_id = projects.id AND em.name = 'repository');" ); $sth->execute($project_id); diff --git a/test/extra/redmine_pm/repository_subversion_test_pm.rb b/test/extra/redmine_pm/repository_subversion_test_pm.rb index e031bba19..336619cf6 100644 --- a/test/extra/redmine_pm/repository_subversion_test_pm.rb +++ b/test/extra/redmine_pm/repository_subversion_test_pm.rb @@ -19,7 +19,7 @@ require File.expand_path('../test_case', __FILE__) require 'tmpdir' class RedminePmTest::RepositorySubversionTest < RedminePmTest::TestCase - fixtures :projects, :users, :members, :roles, :member_roles, :auth_sources + fixtures :projects, :users, :members, :roles, :member_roles, :auth_sources, :enabled_modules SVN_BIN = Redmine::Configuration['scm_subversion_command'] || "svn" @@ -38,6 +38,11 @@ class RedminePmTest::RepositorySubversionTest < RedminePmTest::TestCase assert_failure "ls", svn_url end + def test_anonymous_read_on_public_project_with_module_disabled_should_fail + Project.find(1).disable_module! :repository + assert_failure "ls", svn_url + end + def test_anonymous_read_on_private_repo_should_fail Project.find(1).update_attribute :is_public, false assert_failure "ls", svn_url @@ -128,6 +133,15 @@ class RedminePmTest::RepositorySubversionTest < RedminePmTest::TestCase end end + def test_member_read_on_private_repo_with_module_disabled_should_fail + Role.find(2).add_permission! :browse_repository + Project.find(1).update_attribute :is_public, false + Project.find(1).disable_module! :repository + with_credentials "dlopper", "foo" do + assert_failure "ls", svn_url + end + end + def test_member_commit_on_public_repo_with_permission_should_succeed Role.find(2).add_permission! :commit_access with_credentials "dlopper", "foo" do @@ -158,6 +172,15 @@ class RedminePmTest::RepositorySubversionTest < RedminePmTest::TestCase end end + def test_member_commit_on_private_repo_with_module_disabled_should_fail + Role.find(2).add_permission! :commit_access + Project.find(1).update_attribute :is_public, false + Project.find(1).disable_module! :repository + with_credentials "dlopper", "foo" do + assert_failure "mkdir --message Creating_a_directory", svn_url(random_filename) + end + end + def test_invalid_credentials_should_fail Project.find(1).update_attribute :is_public, false with_credentials "dlopper", "foo" do |