jro_apps/redmine Commit - r7688:26125be6b120

204

205

my $method = $r->method;

205

my $method = $r->method;

206

return OK unless defined $read_only_methods{$method};

206

return OK unless defined $read_only_methods{$method};

207

208

return OK if is_authentication_forced($r);

207

209

208

my $project_id = get_project_identifier($r);

210

my $project_id = get_project_identifier($r);

209

211

219

my ($res, $redmine_pass) = $r->get_basic_auth_pw();

221

my ($res, $redmine_pass) = $r->get_basic_auth_pw();

220

return $res unless $res == OK;

222

return $res unless $res == OK;

221

223

224

my $project_id = get_project_identifier($r);

225

my $method = $r->method;

226

if (defined $read_only_methods{$method} && is_public_project($project_id, $r) && non_member_role_allows_browse_repository($r)) {

227

return OK;

228

}

229

222

if (is_member($r->user, $redmine_pass, $r)) {

230

if (is_member($r->user, $redmine_pass, $r)) {

223

return OK;

231

return OK;

224

} else {

232

} else {

255

sub is_public_project {

263

sub is_public_project {

256

my $project_id = shift;

264

my $project_id = shift;

257

my $r = shift;

265

my $r = shift;

258

259

if (is_authentication_forced($r)) {

260

return 0;

261

}

262

266

263

my $dbh = connect_database($r);

267

my $dbh = connect_database($r);

264

my $sth = $dbh->prepare(

268

my $sth = $dbh->prepare(

280

$ret;

284

$ret;

281

}

285

}

282

286

283

sub ~~anonymous~~_role_allows_browse_repository {

287

sub system_role_allows_browse_repository {

284

my $r = shift;

288

my $r = shift;

289

my $system_role = shift;

285

290

286

my $dbh = connect_database($r);

291

my $dbh = connect_database($r);

287

my $sth = $dbh->prepare(

292

my $sth = $dbh->prepare(

288

"SELECT permissions FROM roles WHERE builtin = 2;"

293

"SELECT permissions FROM roles WHERE builtin = ?;"

289

);

294

);

290

295

291

$sth->execute();

296

$sth->execute($system_role);

292

my $ret = 0;

297

my $ret = 0;

293

if (my @row = $sth->fetchrow_array) {

298

if (my @row = $sth->fetchrow_array) {

294

if ($row[0] =~ /:browse_repository/) {

299

if ($row[0] =~ /:browse_repository/) {

303

$ret;

308

$ret;

304

}

309

}

305

310

311

sub non_member_role_allows_browse_repository {

312

my $r = shift;

313

my $ret = system_role_allows_browse_repository($r, 1);

314

$ret;

315

}

316

317

sub anonymous_role_allows_browse_repository {

318

my $r = shift;

319

my $ret = system_role_allows_browse_repository($r, 2);

320

$ret;

321

}

322

306

# perhaps we should use repository right (other read right) to check public access.

323

# perhaps we should use repository right (other read right) to check public access.

307

# it could be faster BUT it doesn't work for the moment.

324

# it could be faster BUT it doesn't work for the moment.

308

# sub is_public_project_by_file {

325

# sub is_public_project_by_file {

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

               my $method = $r->method;
               return OK unless defined $read_only_methods{$method};
+              return OK if is_authentication_forced($r);
               my $project_id = get_project_identifier($r);
               my ($res, $redmine_pass) =  $r->get_basic_auth_pw();
               return $res unless $res == OK;
+              my $project_id = get_project_identifier($r);
+              my $method = $r->method;
+              if (defined $read_only_methods{$method} && is_public_project($project_id, $r) && non_member_role_allows_browse_repository($r)) {
+                  return OK;
+              }
               if (is_member($r->user, $redmine_pass, $r)) {
                   return OK;
               } else {
             sub is_public_project {
                 my $project_id = shift;
                 my $r = shift;
-                if (is_authentication_forced($r)) {
-                  return 0;
                 my $dbh = connect_database($r);
                 my $sth = $dbh->prepare(
                 $ret;
             }
-            sub anonymous_role_allows_browse_repository {
+            sub system_role_allows_browse_repository {
               my $r = shift;
+              my $system_role = shift;
               my $dbh = connect_database($r);
               my $sth = $dbh->prepare(
-                  "SELECT permissions FROM roles WHERE builtin = 2;"
+                  "SELECT permissions FROM roles WHERE builtin = ?;"
               );
-              $sth->execute();
+              $sth->execute($system_role);
               my $ret = 0;
               if (my @row = $sth->fetchrow_array) {
                 if ($row[0] =~ /:browse_repository/) {
               $ret;
             }
+            sub non_member_role_allows_browse_repository {
+              my $r = shift;
+              my $ret = system_role_allows_browse_repository($r, 1);
+              $ret;
+            }
+            sub anonymous_role_allows_browse_repository {
+              my $r = shift;
+              my $ret = system_role_allows_browse_repository($r, 2);
+              $ret;
+            }
             # perhaps we should use repository right (other read right) to check public access.
             # it could be faster BUT it doesn't work for the moment.
             # sub is_public_project_by_file {