Defect #3662 » LDAP_check_commit_access_in_Redmine.pm.patch
| Redmine.pm (working copy) | ||
|---|---|---|
| 282 | 282 |
my $ret; |
| 283 | 283 |
while (my ($hashed_password, $auth_source_id, $permissions) = $sth->fetchrow_array) {
|
| 284 | 284 | |
| 285 |
my $method = $r->method; |
|
| 285 | 286 |
unless ($auth_source_id) {
|
| 286 |
my $method = $r->method; |
|
| 287 | 287 |
if ($hashed_password eq $pass_digest && (defined $read_only_methods{$method} || $permissions =~ /:commit_access/) ) {
|
| 288 | 288 |
$ret = 1; |
| 289 | 289 |
last; |
| ... | ... | |
| 302 | 302 |
bindpw => $rowldap[4] ? $rowldap[4] : "", |
| 303 | 303 |
filter => "(".$rowldap[6]."=%s)"
|
| 304 | 304 |
); |
| 305 |
$ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass)); |
|
| 305 |
$ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass) && (defined $read_only_methods{$method} || $permissions =~ /:commit_access/));
|
|
| 306 | 306 |
} |
| 307 | 307 |
$sthldap->finish(); |
| 308 | 308 |
} |