Fix issue where Git authentication would always 403 on non-public install.

Summary: This fixes an issue where Git authentication would always fail on an install with `policy.allow-public` set to false. This is because when public access is allowed, anonymous users can query the user list. However, when public access is not allowed, you have to be authenticated before you can read any of the user objects. Test Plan: Prior to this fix, I get: ``` james@james-laptop:~/git/8> git clone http://phabricator.local/diffusion/TEST/ Cloning into 'TEST'... fatal: unable to access 'http://phabricator.local/diffusion/TEST/': The requested URL returned error: 403 ``` when `policy.allow-public` is false. After this fix I get: ``` james@james-laptop:~/git/8> git clone http://phabricator.local/diffusion/TEST/ Cloning into 'TEST'... remote: Counting objects: 102, done. remote: Compressing objects: 100% (71/71), done. remote: Total 102 (delta 6), reused 0 (delta 0) Receiving objects: 100% (102/102), 9.89 KiB | 0 bytes/s, done. Resolving deltas: 100% (6/6), done. Checking connectivity... done ``` Reviewers: epriestley, #blessed_reviewers Reviewed By: epriestley CC: Korvin, epriestley, aran Maniphest Tasks: T4049 Differential Revision: https://secure.phabricator.com/D7489
2024-12-20 20:40:56 +01:00 · 2013-11-04 07:29:21 -08:00 · 2013-11-04 07:29:21 -08:00 · 0ceb53bfae
commit 0ceb53bfae
parent 3dcef4f37b
1 changed files with 1 additions and 1 deletions
--- a/src/applications/diffusion/controller/DiffusionController.php
+++ b/src/applications/diffusion/controller/DiffusionController.php
@ -537,7 +537,7 @@ abstract class DiffusionController extends PhabricatorController {
    }

    $user = id(new PhabricatorPeopleQuery())
-      ->setViewer(new PhabricatorUser())
+      ->setViewer(PhabricatorUser::getOmnipotentUser())
      ->withUsernames(array($username))
      ->executeOne();
    if (!$user) {