complete collaborator feature ・ 8ced241 ・ Gitprep

- complete collaborator feature;
- Browse files
- Yuki Kimoto commited on 2013-11-17
- 1 parent dfcd7d0
  
  commit 8ced241a03380d68504907b4149281f89ea72c45

Showing 2 changed files with 28 additions and 3 deletions

+4 -3

lib/Gitprep.pm

@@ -204,8 +204,9 @@ sub startup {
                 $self->basic_auth("Git Area", sub {
                   my ($auth_user, $auth_password) = @_;
                   
-                  my $is_valid
-                    = $user eq $auth_user && $api->check_user_and_password($auth_user, $auth_password);
+                  my $is_valid =
+                    ($user eq $auth_user || $api->is_collaborator($user, $project, $auth_user))
+                    && $api->check_user_and_password($auth_user, $auth_password);
                   
                   return $is_valid;
                 });
@@ -245,7 +246,7 @@ sub startup {
               my $project = $self->param('project');
               my $private = $self->app->manager->is_private_project($user, $project);
               if ($private) {
-                if ($api->logined($user)) {
+                if ($api->can_access_private_project($user, $project)) {
                   return 1;
                 }
                 else {

+24

lib/Gitprep/API.pm

View

@@ -42,6 +42,30 @@ sub check_user_and_password {
   return $is_valid;
 }
 
+sub is_collaborator {
+  my ($self, $user, $project, $session_user) = @_;
+
+  $session_user = $self->cntl->session('user') unless defined $session_user;
+  
+  my $row = $self->app->dbi->model('collaboration')->select(
+    id => [$user, $project, $session_user]
+  )->one;
+  
+  return $row ? 1 : 0;
+}
+
+sub can_access_private_project {
+  my ($self, $user, $project) = @_;
+
+  my $session_user = $self->cntl->session('user');
+  
+  my $is_valid =
+    ($user eq $session_user || $self->is_collaborator($user, $project))
+    && $self->logined;
+  
+  return $is_valid;
+}
+
 sub new {
   my ($class, $cntl) = @_;
 

...	...	@@ -204,8 +204,9 @@ sub startup {
204	204	$self->basic_auth("Git Area", sub {
205	205	my ($auth_user, $auth_password) = @_;
206	206
207		- my $is_valid
208		- = $user eq $auth_user && $api->check_user_and_password($auth_user, $auth_password);
	207	+ my $is_valid =
	208	+ ($user eq $auth_user \|\| $api->is_collaborator($user, $project, $auth_user))
	209	+ && $api->check_user_and_password($auth_user, $auth_password);
209	210
210	211	return $is_valid;
211	212	});
...	...	@@ -245,7 +246,7 @@ sub startup {
245	246	my $project = $self->param('project');
246	247	my $private = $self->app->manager->is_private_project($user, $project);
247	248	if ($private) {
248		- if ($api->logined($user)) {
	249	+ if ($api->can_access_private_project($user, $project)) {
249	250	return 1;
250	251	}
251	252	else {

...	...	@@ -42,6 +42,30 @@ sub check_user_and_password {
42	42	return $is_valid;
43	43	}
44	44
	45	+sub is_collaborator {
	46	+ my ($self, $user, $project, $session_user) = @_;
	47	+
	48	+ $session_user = $self->cntl->session('user') unless defined $session_user;
	49	+
	50	+ my $row = $self->app->dbi->model('collaboration')->select(
	51	+ id => [$user, $project, $session_user]
	52	+ )->one;
	53	+
	54	+ return $row ? 1 : 0;
	55	+}
	56	+
	57	+sub can_access_private_project {
	58	+ my ($self, $user, $project) = @_;
	59	+
	60	+ my $session_user = $self->cntl->session('user');
	61	+
	62	+ my $is_valid =
	63	+ ($user eq $session_user \|\| $self->is_collaborator($user, $project))
	64	+ && $self->logined;
	65	+
	66	+ return $is_valid;
	67	+}
	68	+
45	69	sub new {
46	70	my ($class, $cntl) = @_;
47	71