Mercurial > gemma

diff pkg/middleware/modifyquery.go @ 467:73c7b2d6246e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Used hex-encoded usernames and a stored procedure to decode them to impersonate with the metamorph user.
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Wed, 22 Aug 2018 17:43:30 +0200
parents ffdb507d5b42
children 1b08432a0e5d
line wrap: on
line diff
--- a/pkg/middleware/modifyquery.go	Wed Aug 22 17:30:12 2018 +0200
+++ b/pkg/middleware/modifyquery.go	Wed Aug 22 17:43:30 2018 +0200
@@ -1,6 +1,7 @@
 package middleware
 
 import (
+	"encoding/hex"
 	"log"
 	"net/http"
 	"net/url"
@@ -81,9 +82,9 @@
 	parameters.Del("env")
 
 	session, ok := auth.GetSession(req)
-	if ok && !strings.ContainsAny(session.User, auth.InvalidRoleCharacters) {
+	if ok {
 		log.Printf("Injecting user %s\n", session.User)
-		parameters.Set("env", "user:"+session.User)
+		parameters.Set("env", "user:"+hex.EncodeToString([]byte(session.User)))
 	}
 	return nil
 }