repository_auth.patch - Redmine

       end
       def subversion_field_tags(form, repository)
           login_options = [["--- #{l(:actionview_instancetag_blank_option)} ---", '']]
           login_options << [l("repository_login_usernamepassword"), 0]
           login_options << [l("repository_login_current_username"), 1]
           login_options << [l("repository_login_current_role"), 2]
           content_tag('p', form.text_field(:url, :size => 60, :required => true, :disabled => (repository && !repository.root_url.blank?)) +
                            '<br />(http://, https://, svn://, file:///)') +
           content_tag('p', form.select(:login_method, login_options)) +
           content_tag('p', form.text_field(:login, :size => 30)) +
           content_tag('p', form.password_field(:password, :size => 30, :name => 'ignore',
                                                :value => ((repository.new_record? || repository.password.blank?) ? '' : ('x'*15)),
                                                :onfocus => "this.value=''; this.name='repository[password]';",
                                                :onchange => "this.name='repository[password]';"))
                                                :onchange => "this.name='repository[password]';")) +
           content_tag('p', form.password_field(:security_token, :size => 30, :name => 'ignore',
                                                :value => ((repository.new_record? || repository.security_token.blank?) ? '' : ('x'*15)),
                                                :onfocus => "this.value=''; this.name='repository[security_token]';",
                                                :onchange => "this.name='repository[security_token]';"))
       end
     #      select_tag('login_method', options_for_select(login_method, repository.class.name.demodulize),
     #               :onchange => remote_function(:url => { :controller => 'repositories', :action => 'edit', :id => @project }, :method => :get, :with => "Form.serialize(this.form)") ) +
       def darcs_field_tags(form, repository)
           content_tag('p', form.text_field(:url, :label => 'Root directory', :size => 60, :required => true, :disabled => (repository && !repository.new_record?)))
       end

       end
       def scm
         @scm ||= self.scm_adapter.new url, root_url, login, password
         @scm ||= self.scm_adapter.new url, root_url, login, password, login_method, security_token, project
         update_attribute(:root_url, @scm.root_url) if root_url.blank?
         @scm
       end

     class AddSpecialRepositorySecurity < ActiveRecord::Migration
       def self.down
         remove_column :repositories, :login_method
         remove_column :repositories, :security_token
       end
       def self.up
         add_column :repositories, :login_method, :int, :default => 0, :null => true
         add_column :repositories, :security_token, :string, :limit => 60, :default => "", :null => true
       end
     end

     Redmine - a mod_perl module to authenticate webdav subversion users
     against redmine database
     In addition this module allows to authenticate a redmine server
     for webdav subversion access, bypassing full authentication, still a
     llowing to apply repository based security (e.g. .authz files)
     =head1 SYNOPSIS
     This module allow anonymous users to browse public project and
-...
          Order deny,allow
          Deny from all
          # only allow reading orders
          AuthType Basic
          AuthName redmine
          Require valid-user
          PerlAccessHandler Apache::Authn::Redmine::redmine_access_handler
          PerlAuthenHandler Apache::Authn::Redmine::redmine_authen_handler
          RedmineSecurityToken "redmine"
          <Limit GET PROPFIND OPTIONS REPORT>
            Allow from redmine.server.ip
          </Limit>
-...
         args_how => TAKE1,
         errmsg => 'RedmineCacheCredsMax must be decimal number',
       },
+      {
         name => 'RedmineSecurityToken',
         req_override => OR_AUTHCFG,
         args_how => TAKE1,
         errmsg => 'RedmineSecurityToken additional authentication token',
       },
     );
     sub RedmineDSN {
-...
+    }
     sub RedmineDbUser { set_val('RedmineDbUser', @_); }
     sub RedmineDbPass { set_val('RedmineDbPass', @_); }
     sub RedmineSecurityToken { set_val('RedmineSecurityToken', @_); }
     sub RedmineDbWhereClause {
       my ($self, $parms, $arg) = @_;
       $self->{RedmineQuery} = trim($self->{RedmineQuery}.($arg ? $arg : "")." ");
-...
         return DBI->connect($cfg->{RedmineDSN}, $cfg->{RedmineDbUser}, $cfg->{RedmineDbPass});
+    }
     sub redmine_access_handler {
       my $r = shift;
       unless ($r->some_auth_required) {
           $r->log_reason("No authentication has been configured");
           return FORBIDDEN;
+      }
       my $method = $r->method;
       return OK unless defined $read_only_methods{$method};
       my $project_id = get_project_identifier($r);
       $r->set_handlers(PerlAuthenHandler => [\&OK])
           if is_public_project($project_id, $r);
       return OK
+    }
     sub redmine_authen_handler {
       my $r = shift;
       my ($res, $redmine_pass) =  $r->get_basic_auth_pw();
       return $res unless $res == OK;
       my $cfg = Apache2::Module::get_config(__PACKAGE__, $r->server, $r->per_dir_config);
       if ($cfg->{RedmineSecurityToken}) {
         my $securityToken = $cfg->{RedmineSecurityToken};
         if ($securityToken ne $redmine_pass) {
           $r->log_error("Apache::Authn::Redmine - Provided SecurityToken did not match");
           $r->note_auth_failure();
           return AUTH_REQUIRED;
+        }
+      }
       return OK;
+    }
 ;

     field_comments_sorting: Display comments
     field_parent_title: Parent page
     field_editable: Editable
     field_login_method: Authentication method
     field_security_token: Security token
     repository_login_usernamepassword: Provided credentials
     repository_login_current_username: Name of current user
     repository_login_current_role: Role of current user
     setting_app_title: Application title
     setting_app_subtitle: Application subtitle
     setting_welcome_text: Welcome text

               end
             end
             def initialize(url, root_url=nil, login=nil, password=nil)
             def initialize(url, root_url=nil, login=nil, password=nil, login_method=nil, security_token=nil, project=nil)
               @url = url
               @login = login if login && !login.empty?
               @password = (password || "") if @login
               @root_url = root_url.blank? ? retrieve_root_url : root_url
               @login_method = login_method.blank? ? 0 : login_method
               @security_token = security_token.blank? ? "" : security_token
               @project = project
             end
             def adapter_name
-...
             def supports_annotate?
               respond_to?('annotate')
             end
     	def use_current_user
     	  @use_current_user
     	end
             def root_url
               @root_url
             end

             private
             def credentials_string
               str = ''
               str << " --username #{shell_quote(@login)}" unless @login.blank?
               str << " --password #{shell_quote(@password)}" unless @login.blank? || @password.blank?
     	  if !(User.current.is_a?(AnonymousUser))
                 if (@login_method == 1)
     	       str = ''
                    str << " --username #{shell_quote(User.current.login)}"
                    str << " --password #{shell_quote( (@security_token.blank? ? "foo" : @security_token) )}"
     	    end
                 if (@login_method == 2) && (!@project.nil?)
     	       role = User.current.role_for_project(@project)
     	       if !role.blank?
     	         str = ''
                      str << " --username #{shell_quote(role.name)}"
                      str << " --password #{shell_quote( (@security_token.blank? ? "foo" : @security_token) )}"
                    end
                 end
               end
     	  if (str.blank?)
     	    str = ''
                 str << " --username #{shell_quote(@login)}" unless @login.blank?
                 str << " --password #{shell_quote(@password)}" unless @login.blank? || @password.blank?
               end
               str
             end
           end

Project

General

Profile

Redmine

Feature #2647 » repository_auth.patch