From ca193867e31bc7ac7941a8ef6e71822c6598efa3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Oskar=20Thor=C3=A9n?= Date: Tue, 31 Oct 2017 10:41:22 -0500 Subject: [PATCH] Whitelist users who can create repos --- src/clj/commiteth/routes/services.clj | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/clj/commiteth/routes/services.clj b/src/clj/commiteth/routes/services.clj index 18730c5..0eaa50b 100644 --- a/src/clj/commiteth/routes/services.clj +++ b/src/clj/commiteth/routes/services.clj @@ -180,6 +180,12 @@ (dissoc :email) (assoc :status-team-member? status-member?))})) +;; NOTE: This assumes username can be trusted and not tampered with +(def user-whitelisted? + #{"oskarth" + "annadanchenko" + "tpatja"}) + (defapi service-routes (when (:dev env) {:swagger {:ui "/swagger-ui" @@ -256,4 +262,4 @@ ;; NOTE: Don't allow anyone to create repos; manual add :auth-rules authenticated? :current-user user - (handle-toggle-repo user params false))))) + (handle-toggle-repo user params user-whitelisted?)))))