From d54bd60b923bbd703bb668601d412d4295d2f503 Mon Sep 17 00:00:00 2001
From: Boris Stumm <bs@kedev.eu>
Date: Wed, 06 Jan 2016 07:51:19 -0500
Subject: [PATCH] Fix for #993 LIST_BRANCHES without admin

---
 src/main/java/com/gitblit/servlet/RpcFilter.java |   15 ++-------------
 1 files changed, 2 insertions(+), 13 deletions(-)

diff --git a/src/main/java/com/gitblit/servlet/RpcFilter.java b/src/main/java/com/gitblit/servlet/RpcFilter.java
index 34474d5..355bcb9 100644
--- a/src/main/java/com/gitblit/servlet/RpcFilter.java
+++ b/src/main/java/com/gitblit/servlet/RpcFilter.java
@@ -128,7 +128,7 @@
 				return;
 			} else {
 				// check user access for request
-				if (user.canAdmin() || canAccess(user, requestType)) {
+				if (user.canAdmin() || !adminRequest) {
 					// authenticated request permitted.
 					// pass processing to the restricted servlet.
 					newSession(authenticatedRequest, httpResponse);
@@ -153,15 +153,4 @@
 		// pass processing to the restricted servlet.
 		chain.doFilter(authenticatedRequest, httpResponse);
 	}
-
-	private boolean canAccess(UserModel user, RpcRequest requestType) {
-		switch (requestType) {
-		case GET_PROTOCOL:
-			return true;
-		case LIST_REPOSITORIES:
-			return true;
-		default:
-			return user.canAdmin();
-		}
-	}
-}
\ No newline at end of file
+}

--
Gitblit v1.9.1