Mercurial > hg > soundsoftware-site
diff extra/svn/.svn/text-base/Redmine.pm.svn-base @ 245:051f544170fe
* Update to SVN trunk revision 4993
| author | Chris Cannam |
|---|---|
| date | Thu, 03 Mar 2011 11:42:28 +0000 |
| parents | 94944d00e43c |
| children |
line wrap: on
line diff
--- a/extra/svn/.svn/text-base/Redmine.pm.svn-base Thu Mar 03 11:40:10 2011 +0000 +++ b/extra/svn/.svn/text-base/Redmine.pm.svn-base Thu Mar 03 11:42:28 2011 +0000 @@ -148,7 +148,7 @@ my ($self, $parms, $arg) = @_; $self->{RedmineDSN} = $arg; my $query = "SELECT - hashed_password, auth_source_id, permissions + hashed_password, salt, auth_source_id, permissions FROM members, projects, users, roles, member_roles WHERE projects.id=members.project_id @@ -316,11 +316,12 @@ $sth->execute($redmine_user, $project_id); my $ret; - while (my ($hashed_password, $auth_source_id, $permissions) = $sth->fetchrow_array) { + while (my ($hashed_password, $salt, $auth_source_id, $permissions) = $sth->fetchrow_array) { unless ($auth_source_id) { - my $method = $r->method; - if ($hashed_password eq $pass_digest && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) { + my $method = $r->method; + my $salted_password = Digest::SHA1::sha1_hex($salt.$pass_digest); + if ($hashed_password eq $salted_password && ((defined $read_only_methods{$method} && $permissions =~ /:browse_repository/) || $permissions =~ /:commit_access/) ) { $ret = 1; last; }