forked from forgejo/forgejo
bug fixed
This commit is contained in:
Lunny Xiao
parent
9791e70da6
commit
16b6e5d50b
5 changed files with 522 additions and 88 deletions
|
|
@ -14,8 +14,6 @@ import (
|
|||
|
||||
"github.com/go-martini/martini"
|
||||
|
||||
"github.com/gogits/webdav"
|
||||
|
||||
"github.com/gogits/gogs/models"
|
||||
"github.com/gogits/gogs/modules/auth"
|
||||
"github.com/gogits/gogs/modules/base"
|
||||
|
|
@ -266,89 +264,6 @@ func authRequired(ctx *middleware.Context) {
|
|||
ctx.HTML(401, fmt.Sprintf("status/401"))
|
||||
}
|
||||
|
||||
func Http(ctx *middleware.Context, params martini.Params) {
|
||||
username := params["username"]
|
||||
reponame := params["reponame"]
|
||||
if strings.HasSuffix(reponame, ".git") {
|
||||
reponame = reponame[:len(reponame)-4]
|
||||
}
|
||||
|
||||
//fmt.Println("req:", ctx.Req.Header)
|
||||
|
||||
repoUser, err := models.GetUserByName(username)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "repo.GetUserByName", nil)
|
||||
return
|
||||
}
|
||||
|
||||
repo, err := models.GetRepositoryByName(repoUser.Id, reponame)
|
||||
if err != nil {
|
||||
ctx.Handle(500, "repo.GetRepositoryByName", nil)
|
||||
return
|
||||
}
|
||||
|
||||
isPull := webdav.IsPullMethod(ctx.Req.Method)
|
||||
var askAuth = !(!repo.IsPrivate && isPull)
|
||||
|
||||
//authRequired(ctx)
|
||||
//return
|
||||
|
||||
// check access
|
||||
if askAuth {
|
||||
// check digit auth
|
||||
|
||||
// check basic auth
|
||||
baHead := ctx.Req.Header.Get("Authorization")
|
||||
if baHead == "" {
|
||||
authRequired(ctx)
|
||||
return
|
||||
}
|
||||
|
||||
auths := strings.Fields(baHead)
|
||||
if len(auths) != 2 || auths[0] != "Basic" {
|
||||
ctx.Handle(401, "no basic auth and digit auth", nil)
|
||||
return
|
||||
}
|
||||
authUsername, passwd, err := basicDecode(auths[1])
|
||||
if err != nil {
|
||||
ctx.Handle(401, "no basic auth and digit auth", nil)
|
||||
return
|
||||
}
|
||||
|
||||
authUser, err := models.GetUserByName(authUsername)
|
||||
if err != nil {
|
||||
ctx.Handle(401, "no basic auth and digit auth", nil)
|
||||
return
|
||||
}
|
||||
|
||||
newUser := &models.User{Passwd: passwd}
|
||||
newUser.EncodePasswd()
|
||||
if authUser.Passwd != newUser.Passwd {
|
||||
ctx.Handle(401, "no basic auth and digit auth", nil)
|
||||
return
|
||||
}
|
||||
|
||||
var tp = models.AU_WRITABLE
|
||||
if isPull {
|
||||
tp = models.AU_READABLE
|
||||
}
|
||||
|
||||
has, err := models.HasAccess(authUsername, username+"/"+reponame, tp)
|
||||
if err != nil || !has {
|
||||
ctx.Handle(401, "no basic auth and digit auth", nil)
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
dir := models.RepoPath(username, reponame)
|
||||
|
||||
prefix := path.Join("/", username, params["reponame"])
|
||||
server := webdav.NewServer(
|
||||
dir, prefix, true)
|
||||
|
||||
server.ServeHTTP(ctx.ResponseWriter, ctx.Req)
|
||||
}
|
||||
|
||||
func Setting(ctx *middleware.Context, params martini.Params) {
|
||||
if !ctx.Repo.IsOwner {
|
||||
ctx.Handle(404, "repo.Setting", nil)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue