githubFork/gitblit.git - Solinfo Gitblit

			@@ -62,12 +62,22 @@
			protected abstract String getUrlRequestAction(String url);

			/**
			* Determine if the action may be executed on the repository.
			*
			* @param repository
			* @param action
			* @return true if the action may be performed
			*/
			protected abstract boolean isActionAllowed(RepositoryModel repository, String action);

			/**
			* Determine if the repository requires authentication.
			*
			* @param repository
			* @param action
			* @return true if authentication required
			*/
			protected abstract boolean requiresAuthentication(RepositoryModel repository);
			protected abstract boolean requiresAuthentication(RepositoryModel repository, String action);

			/**
			* Determine if the user can access the repository and perform the specified
			@@ -110,6 +120,14 @@
			httpResponse.sendError(HttpServletResponse.SC_NOT_FOUND);
			return;
			}

			// Confirm that the action may be executed on the repository
			if (!isActionAllowed(model, urlRequestType)) {
			logger.info(MessageFormat.format("ARF: action {0} on {1} forbidden ({2})",
			urlRequestType, model, HttpServletResponse.SC_FORBIDDEN));
			httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
			return;
			}

			// Wrap the HttpServletRequest with the AccessRestrictionRequest which
			// overrides the servlet container user principal methods.
			@@ -127,7 +145,7 @@
			}

			// BASIC authentication challenge and response processing
			if (!StringUtils.isEmpty(urlRequestType) && requiresAuthentication(model)) {
			if (!StringUtils.isEmpty(urlRequestType) && requiresAuthentication(model, urlRequestType)) {
			if (user == null) {
			// challenge client to provide credentials. send 401.
			if (GitBlit.isDebugMode()) {