X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=lib%2FPlack%2FApp%2FGruntmaster.pm;h=f091892c75364acab62bec77a11defab31818a61;hb=5251db546cbc5eb678a007cfee54d170ad29ff45;hp=bd11fe04e33c429dd3ef7ed8cc7342ddd5cead95;hpb=02ce2ef628e5973f32dd1ff8c94b79ce00293c93;p=gruntmaster-page.git

diff --git a/lib/Plack/App/Gruntmaster.pm b/lib/Plack/App/Gruntmaster.pm
index bd11fe0..f091892 100644
--- a/lib/Plack/App/Gruntmaster.pm
+++ b/lib/Plack/App/Gruntmaster.pm
@@ -113,7 +113,8 @@ sub dispatch_request{
 
 		sub (/src/:job) {
 			return NOT_FOUND if !job;
-			forbid job->private || job->problem->private || job->contest && job->contest->is_running;
+			my $isowner = remote_user && remote_user->id eq job->rawowner;
+			forbid !$isowner && (job->private || job->problem->private || job->contest && job->contest->is_running);
 			my @headers = ('X-Forever' => 1, 'Cache-Control' => 'public, max-age=604800', 'Content-Type' => CONTENT_TYPES->{job->format});
 			[200, \@headers, [job->source]]
 		},
@@ -136,6 +137,7 @@ sub dispatch_request{
 				my ($r) = @_;
 				return $r if ref $r ne 'Plack::App::Gruntmaster::Response';
 				my @hdrs = ('X-Forever' => 1, 'Cache-Control' => "$privacy, max-age=$r->{maxage}");
+				push @hdrs, Vary => 'Authorization' if $privacy eq 'private';
 				return [200, ['Content-Type' => 'application/json', @hdrs], [encode_json $r->{params}]] if $format eq 'json';
 				my $ret = render $r->{template}, 'en', title => $r->{title}, %{$r->{params}};
 				[200, ['Content-Type' => 'text/html', @hdrs], [encode 'UTF-8', $ret]]