X-Git-Url: http://git.pjr.cc/?p=gwvp-mini.git;a=blobdiff_plain;f=gwvpmini%2Fgwvpmini_view.php;h=b47c1528b5e0aba2d9607163d746a1e5e64ff263;hp=d1b7eaadba0d748a8c06e1ae3419a770f96a40ee;hb=3175ff316104151c9cca5d33aa09b61f2da6253c;hpb=1b92a34cf5410903805474d427466ca4063f8b6c
diff --git a/gwvpmini/gwvpmini_view.php b/gwvpmini/gwvpmini_view.php
index d1b7eaa..b47c152 100644
--- a/gwvpmini/gwvpmini_view.php
+++ b/gwvpmini/gwvpmini_view.php
@@ -62,6 +62,9 @@ function gwvpmini_RepoViewPageBody()
$repo_base = gwvpmini_getConfigVal("repodir");
+ $bperms_f = gwvpmini_GetRepoPerms(gwvpmini_GetRepoId($repo_view_call));
+ $bperms = $bperms_f["b"];
+
$owner_view = false;
if($_SERVER["SERVER_PORT"] == 443) $proto="https://";
@@ -73,16 +76,30 @@ function gwvpmini_RepoViewPageBody()
$owner_name = $owner["username"];
-
+ // TODO: fix this so that if user has no read access to repo, they cant see it
if(isset($_SESSION["id"])) {
if($owner["id"] == $_SESSION["id"]) {
$owner_view = true;
+ } else if ($bperms != "r") {
+ // check user level perms
+ $perm = gwvpmini_GetRepoPerm($rid, $_SESSION["id"]);
+ if($perm < 1) {
+ header("Location: $BASE_URL");
+ return;
+ }
+ }
+ } else {
+ if($bperms != "a") {
+ header("Location: $BASE_URL");
+ return;
}
}
error_log("STUFF:".print_r($owner,true));
- $cloneurl = "git clone $proto$sname$BASE_URL/git/$repo_view_call.git";
+ if($bperms != "a") $login = $_SESSION["username"]."@password:";
+ else $login = "";
+ $cloneurl = "git clone $proto$login$sname$BASE_URL/git/$repo_view_call.git";
echo "
";
if($owner_view) $owner_extra = " (YOU)";
@@ -92,9 +109,9 @@ function gwvpmini_RepoViewPageBody()
echo "$desc
";
if($owner_view) {
- $bperms_f = gwvpmini_GetRepoPerms(gwvpmini_GetRepoId($repo_view_call));
- $bperms = $bperms_f["b"];
+
+
$anyo = "";
$regd = "";