| @@ -238,7 +238,11 sub authen_handler { | |||||
| 238 | my ($res, $redmine_pass) = $r->get_basic_auth_pw(); |
|
238 | my ($res, $redmine_pass) = $r->get_basic_auth_pw(); | |
| 239 | return $res unless $res == OK; |
|
239 | return $res unless $res == OK; | |
| 240 |
|
240 | |||
| 241 | if (is_member($r->user, $redmine_pass, $r)) { |
|
241 | my $project_id = get_project_identifier($r); | |
|
|
242 | if (!$project_id) { | |||
|
|
243 | return FORBIDDEN; | |||
|
|
244 | } | |||
|
|
245 | if (is_member($r->user, $redmine_pass, $r, $project_id)) { | |||
| 242 | return OK; |
|
246 | return OK; | |
| 243 | } else { |
|
247 | } else { | |
| 244 | $r->note_auth_failure(); |
|
248 | $r->note_auth_failure(); | |
| @@ -294,9 +298,9 sub is_member { | |||||
| 294 | my $redmine_user = shift; |
|
298 | my $redmine_user = shift; | |
| 295 | my $redmine_pass = shift; |
|
299 | my $redmine_pass = shift; | |
| 296 | my $r = shift; |
|
300 | my $r = shift; | |
|
|
301 | my $project_id = shift; | |||
| 297 |
|
302 | |||
| 298 | my $dbh = connect_database($r); |
|
303 | my $dbh = connect_database($r); | |
| 299 | my $project_id = get_project_identifier($r); |
|
|||
| 300 |
|
304 | |||
| 301 | my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass); |
|
305 | my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass); | |
| 302 |
|
306 | |||
| @@ -355,7 +359,7 sub get_project_identifier { | |||||
| 355 |
|
359 | |||
| 356 | my $location = $r->location; |
|
360 | my $location = $r->location; | |
| 357 | my ($identifier) = $r->uri =~ m{$location/*([^/]+)}; |
|
361 | my ($identifier) = $r->uri =~ m{$location/*([^/]+)}; | |
| 358 |
$identifier |
|
362 | $identifier; | |
| 359 | } |
|
363 | } | |
| 360 |
|
364 | |||
| 361 | sub connect_database { |
|
365 | sub connect_database { | |
General Comments 0
You need to be logged in to leave comments.
Login now