diff options
| author | Liwiusz Ociepa <liwiusz.ociepa@softwarelab.eu> | 2008-11-27 14:51:14 +0000 |
|---|---|---|
| committer | Liwiusz Ociepa <liwiusz.ociepa@softwarelab.eu> | 2008-11-27 14:51:14 +0000 |
| commit | 131b15fc7a0d81fd06af7309844aeefabbc8744f (patch) | |
| tree | 589e4ea0b9066353aac9f5f859918495a53c03fc | |
| parent | f6b1583a1ad72aa540e57ad3a596dbfe824909cb (diff) | |
| download | redmine-131b15fc7a0d81fd06af7309844aeefabbc8744f.tar.gz redmine-131b15fc7a0d81fd06af7309844aeefabbc8744f.zip | |
Fix access to Repository Parent Path (FORBIDEN instead of AUTH_REQUIRED).swistak
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/branches/swistak@2058 e93f8b46-1217-0410-a6f0-8f06a7374b81
| -rw-r--r-- | extra/svn/Redmine.pm | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/extra/svn/Redmine.pm b/extra/svn/Redmine.pm index 45d64be8e..80a776994 100644 --- a/extra/svn/Redmine.pm +++ b/extra/svn/Redmine.pm @@ -238,7 +238,11 @@ sub authen_handler { my ($res, $redmine_pass) = $r->get_basic_auth_pw(); return $res unless $res == OK; - if (is_member($r->user, $redmine_pass, $r)) { + my $project_id = get_project_identifier($r); + if (!$project_id) { + return FORBIDDEN; + } + if (is_member($r->user, $redmine_pass, $r, $project_id)) { return OK; } else { $r->note_auth_failure(); @@ -294,9 +298,9 @@ sub is_member { my $redmine_user = shift; my $redmine_pass = shift; my $r = shift; + my $project_id = shift; my $dbh = connect_database($r); - my $project_id = get_project_identifier($r); my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass); @@ -355,7 +359,7 @@ sub get_project_identifier { my $location = $r->location; my ($identifier) = $r->uri =~ m{$location/*([^/]+)}; - $identifier ? $identifier : " "; + $identifier; } sub connect_database { |