Gitblit devel
parent: a909bf13 | patch | commit | ignore whitespace
Joel Johnson
2015-06-30 2db6b39fdff61ce48788767ad475632a1b29f831 
fix permission capping for HTTP/HTTPS

Previously used request scheme, but request scheme is unrelated to
the URL being generated. Instead, base the permission capping on the
scheme of the URL itself.
1 files modified
5 ■■■■■ changed files
src/main/java/com/gitblit/manager/ServicesManager.java 5 ●●●●● patch | view | raw | blame | history 
 src/main/java/com/gitblit/manager/ServicesManager.java


@@ -166,13 +166,14 @@


            settings.getBoolean(Keys.web.showHttpServletUrls, true)) {


            AccessPermission permission = user.getRepositoryPermission(repository).permission;


            if (permission.exceeds(AccessPermission.NONE)) {


                Transport transport = Transport.fromString(request.getScheme());


                String repoUrl = getRepositoryUrl(request, username, repository);


                Transport transport = Transport.fromUrl(repoUrl);


                if (permission.atLeast(AccessPermission.PUSH) && !acceptsPush(transport)) {


                    // downgrade the repo permission for this transport


                    // because it is not an acceptable PUSH transport


                    permission = AccessPermission.CLONE;


                }


                list.add(new RepositoryUrl(getRepositoryUrl(request, username, repository), permission));


                list.add(new RepositoryUrl(repoUrl, permission));


            }


        }