gitea/opengist
0
0
Fork 0
mirror of https://github.com/thomiceli/opengist.git synced 2025-07-13 03:11:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix perms for http/ssh clone (#288)

Browse Source
This commit is contained in:
Thomas Miceli
2024-05-28 01:30:08 +02:00
committed by GitHub
parent 77d87aeecd
commit 38892d8a4a
12 changed files with 225 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
internal/web/git_http.go
View File

@ -73,7 +73,7 @@ func gitHttp(ctx echo.Context) error {
allow, err := auth.ShouldAllowUnauthenticatedGistAccess(ContextAuthInfo{ctx}, true)
if err != nil {
panic("impossible")
log.Fatal().Err(err).Msg("Cannot check if unauthenticated access is allowed")
}
// Shows basic auth if :
@ -105,7 +105,14 @@ func gitHttp(ctx echo.Context) error {
return plainText(ctx, 404, "Check your credentials or make sure you have access to the Gist")
}
if ok, err := utils.Argon2id.Verify(authPassword, gist.User.Password); !ok || gist.User.Username != authUsername {
var userToCheckPermissions *db.User
if gist.Private != db.PrivateVisibility && isPull {
userToCheckPermissions, _ = db.GetUserByUsername(authUsername)
} else {
userToCheckPermissions = &gist.User
}
if ok, err := utils.Argon2id.Verify(authPassword, userToCheckPermissions.Password); !ok {
if err != nil {
return errorRes(500, "Cannot verify password", err)
}