Defect #5383 » redmine.pm.patch
Redmine.pm 2010-04-26 23:05:53.907165730 +0400 | ||
---|---|---|
203 | 203 |
} |
204 | 204 | |
205 | 205 |
my $method = $r->method; |
206 |
return OK unless defined $read_only_methods{$method}; |
|
207 | ||
208 | 206 |
my $project_id = get_project_identifier($r); |
209 | ||
210 |
$r->set_handlers(PerlAuthenHandler => [\&OK]) |
|
211 |
if is_public_project($project_id, $r); |
|
212 | ||
213 |
return OK |
|
207 |
if (is_public_project($project_id, $r) && defined $read_only_methods{$method}) { |
|
208 |
$r->set_handlers(PerlAuthenHandler => [\&OK]); |
|
209 |
} |
|
210 |
return OK; |
|
214 | 211 |
} |
215 | 212 | |
216 | 213 |
sub authen_handler { |
... | ... | |
288 | 285 | |
289 | 286 |
my $ret; |
290 | 287 |
while (my ($hashed_password, $auth_source_id, $permissions) = $sth->fetchrow_array) { |
291 | ||
288 |
my $method = $r->method; |
|
292 | 289 |
unless ($auth_source_id) { |
293 |
my $method = $r->method; |
|
294 | 290 |
if ($hashed_password eq $pass_digest && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) { |
295 | 291 |
$ret = 1; |
296 | 292 |
last; |
... | ... | |
309 | 305 |
bindpw => $rowldap[4] ? $rowldap[4] : "", |
310 | 306 |
filter => "(".$rowldap[6]."=%s)" |
311 | 307 |
); |
312 |
$ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass)); |
|
308 |
$ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass) && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) );
|
|
313 | 309 |
} |
314 | 310 |
$sthldap->finish(); |
315 | 311 |
undef $sthldap; |
- « Previous
- 1
- 2
- Next »