... | ... |
@@ -204,8 +204,9 @@ sub startup { |
204 | 204 |
$self->basic_auth("Git Area", sub { |
205 | 205 |
my ($auth_user, $auth_password) = @_; |
206 | 206 |
|
207 |
- my $is_valid |
|
208 |
- = $user eq $auth_user && $api->check_user_and_password($auth_user, $auth_password); |
|
207 |
+ my $is_valid = |
|
208 |
+ ($user eq $auth_user || $api->is_collaborator($user, $project, $auth_user)) |
|
209 |
+ && $api->check_user_and_password($auth_user, $auth_password); |
|
209 | 210 |
|
210 | 211 |
return $is_valid; |
211 | 212 |
}); |
... | ... |
@@ -245,7 +246,7 @@ sub startup { |
245 | 246 |
my $project = $self->param('project'); |
246 | 247 |
my $private = $self->app->manager->is_private_project($user, $project); |
247 | 248 |
if ($private) { |
248 |
- if ($api->logined($user)) { |
|
249 |
+ if ($api->can_access_private_project($user, $project)) { |
|
249 | 250 |
return 1; |
250 | 251 |
} |
251 | 252 |
else { |
... | ... |
@@ -42,6 +42,30 @@ sub check_user_and_password { |
42 | 42 |
return $is_valid; |
43 | 43 |
} |
44 | 44 |
|
45 |
+sub is_collaborator { |
|
46 |
+ my ($self, $user, $project, $session_user) = @_; |
|
47 |
+ |
|
48 |
+ $session_user = $self->cntl->session('user') unless defined $session_user; |
|
49 |
+ |
|
50 |
+ my $row = $self->app->dbi->model('collaboration')->select( |
|
51 |
+ id => [$user, $project, $session_user] |
|
52 |
+ )->one; |
|
53 |
+ |
|
54 |
+ return $row ? 1 : 0; |
|
55 |
+} |
|
56 |
+ |
|
57 |
+sub can_access_private_project { |
|
58 |
+ my ($self, $user, $project) = @_; |
|
59 |
+ |
|
60 |
+ my $session_user = $self->cntl->session('user'); |
|
61 |
+ |
|
62 |
+ my $is_valid = |
|
63 |
+ ($user eq $session_user || $self->is_collaborator($user, $project)) |
|
64 |
+ && $self->logined; |
|
65 |
+ |
|
66 |
+ return $is_valid; |
|
67 |
+} |
|
68 |
+ |
|
45 | 69 |
sub new { |
46 | 70 |
my ($class, $cntl) = @_; |
47 | 71 |
|