You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@maven.apache.org by ha...@apache.org on 2007/05/01 00:19:12 UTC
svn commit: r533868 -
/maven/sandbox/trunk/enterprise/enterprise-web/src/main/java/org/apache/maven/enterprise/web/EnterpriseIDiskWebDavServlet.java
Author: handyande
Date: Mon Apr 30 15:19:11 2007
New Revision: 533868
URL: http://svn.apache.org/viewvc?view=rev&rev=533868
Log:
Fix permissions on idisk, registered users can see other users work - of course ;)
Modified:
maven/sandbox/trunk/enterprise/enterprise-web/src/main/java/org/apache/maven/enterprise/web/EnterpriseIDiskWebDavServlet.java
Modified: maven/sandbox/trunk/enterprise/enterprise-web/src/main/java/org/apache/maven/enterprise/web/EnterpriseIDiskWebDavServlet.java
URL: http://svn.apache.org/viewvc/maven/sandbox/trunk/enterprise/enterprise-web/src/main/java/org/apache/maven/enterprise/web/EnterpriseIDiskWebDavServlet.java?view=diff&rev=533868&r1=533867&r2=533868
==============================================================================
--- maven/sandbox/trunk/enterprise/enterprise-web/src/main/java/org/apache/maven/enterprise/web/EnterpriseIDiskWebDavServlet.java (original)
+++ maven/sandbox/trunk/enterprise/enterprise-web/src/main/java/org/apache/maven/enterprise/web/EnterpriseIDiskWebDavServlet.java Mon Apr 30 15:19:11 2007
@@ -76,9 +76,16 @@
throws ServletException, IOException
{
HttpServletRequest request = davRequest.getRequest();
+ boolean isRead = WebdavMethodUtil.isReadMethod( request.getMethod() );
/* we don't always need to authenticate read requests */
if ( isAnonRequest( davRequest ) )
+ {
+ return true;
+ }
+
+ /* All users can read all areas, a bit useless otherwise! */
+ if ( isRead )
{
return true;
}