Mercurial > hg > tc-symbol-server
changeset 47:ac1c53584add
reported 'access denied per project' error while downloading pdb's
author | Evgeniy.Koshkin |
---|---|
date | Tue, 01 Oct 2013 10:54:38 +0400 |
parents | dc2b9737654f |
children | c6dfb8e038ce |
files | server/src/jetbrains/buildServer/symbols/DownloadSymbolsController.java |
diffstat | 1 files changed, 14 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/server/src/jetbrains/buildServer/symbols/DownloadSymbolsController.java Wed Sep 04 19:29:47 2013 +0400 +++ b/server/src/jetbrains/buildServer/symbols/DownloadSymbolsController.java Tue Oct 01 10:54:38 2013 +0400 @@ -23,6 +23,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.io.BufferedOutputStream; +import java.io.IOException; import java.io.InputStream; import java.util.Iterator; import java.util.Map; @@ -90,10 +91,19 @@ final SUser user = myAuthHelper.getAuthenticatedUser(request, response, new Predicate<SUser>() { public boolean apply(SUser user) { - final String projectId = findRelatedProjectId(guid); - if(projectId == null) return false; - //TODO: response.sendError(HttpServletResponse.SC_FORBIDDEN, "You have no permissions to download PDB files."); - return user.isPermissionGrantedForProject(projectId, Permission.VIEW_BUILD_RUNTIME_DATA); + try{ + final String projectId = findRelatedProjectId(guid); + if(projectId == null) { + WebUtil.notFound(request, response, "File not found", null); + return false; + } + boolean hasPermissions = user.isPermissionGrantedForProject(projectId, Permission.VIEW_BUILD_RUNTIME_DATA); + if(!hasPermissions) response.sendError(HttpServletResponse.SC_FORBIDDEN, String.format("You have no access to PDB files in the project with id %s.", projectId)); + return hasPermissions; + } catch (IOException e) { + LOG.debug(e); + return false; + } } }); if (user == null) return null;