vertical-align: middle;\r
}\r
\r
+span.authorizationControl label {\r
+ display: inline;\r
+ color: #777;\r
+ padding:5px 0px 5px 10px; \r
+}\r
+\r
div.page_footer {\r
clear: both;\r
height: 17px;\r
REPOSITORY, USER, TEAM;\r
}\r
\r
+ public static enum PermissionType {\r
+ EXPLICIT, OWNER, REGEX;\r
+ }\r
+ \r
public static enum GCStatus {\r
READY, COLLECTING;\r
\r
import com.gitblit.Constants.FederationRequest;\r
import com.gitblit.Constants.FederationStrategy;\r
import com.gitblit.Constants.FederationToken;\r
+import com.gitblit.Constants.PermissionType;\r
import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.models.FederationModel;\r
import com.gitblit.models.FederationProposal;\r
* @return a list of User-AccessPermission tuples\r
*/\r
public List<RegistrantAccessPermission> getUserAccessPermissions(RepositoryModel repository) {\r
- List<RegistrantAccessPermission> permissions = new ArrayList<RegistrantAccessPermission>();\r
+ Set<RegistrantAccessPermission> permissions = new LinkedHashSet<RegistrantAccessPermission>();\r
+ if (!StringUtils.isEmpty(repository.owner)) {\r
+ UserModel owner = userService.getUserModel(repository.owner);\r
+ if (owner != null) {\r
+ permissions.add(new RegistrantAccessPermission(owner.username, AccessPermission.REWIND, PermissionType.OWNER, RegistrantType.USER, false));\r
+ }\r
+ }\r
+ if (repository.isPersonalRepository()) {\r
+ UserModel owner = userService.getUserModel(repository.projectPath.substring(1));\r
+ if (owner != null) {\r
+ permissions.add(new RegistrantAccessPermission(owner.username, AccessPermission.REWIND, PermissionType.OWNER, RegistrantType.USER, false));\r
+ }\r
+ }\r
for (String user : userService.getUsernamesForRepositoryRole(repository.name)) {\r
UserModel model = userService.getUserModel(user);\r
AccessPermission ap = model.getRepositoryPermission(repository);\r
- boolean isExplicit = model.hasExplicitRepositoryPermission(repository.name);\r
- permissions.add(new RegistrantAccessPermission(user, ap, isExplicit, RegistrantType.USER));\r
- }\r
- return permissions;\r
+ PermissionType pType = PermissionType.REGEX;\r
+ boolean editable = false;\r
+ if (repository.isOwner(model.username)) {\r
+ pType = PermissionType.OWNER;\r
+ } else if (repository.isUsersPersonalRepository(model.username)) {\r
+ pType = PermissionType.OWNER;\r
+ } else if (model.hasExplicitRepositoryPermission(repository.name)) {\r
+ pType = PermissionType.EXPLICIT;\r
+ editable = true;\r
+ } \r
+ permissions.add(new RegistrantAccessPermission(user, ap, pType, RegistrantType.USER, editable));\r
+ }\r
+ return new ArrayList<RegistrantAccessPermission>(permissions);\r
}\r
\r
/**\r
public boolean setUserAccessPermissions(RepositoryModel repository, Collection<RegistrantAccessPermission> permissions) {\r
List<UserModel> users = new ArrayList<UserModel>();\r
for (RegistrantAccessPermission up : permissions) {\r
- if (up.isExplicit) {\r
- // only set explicitly defined permissions\r
+ if (up.isEditable) {\r
+ // only set editable defined permissions\r
UserModel user = userService.getUserModel(up.registrant);\r
user.setRepositoryPermission(repository.name, up.permission);\r
users.add(user);\r
for (String team : userService.getTeamnamesForRepositoryRole(repository.name)) {\r
TeamModel model = userService.getTeamModel(team);\r
AccessPermission ap = model.getRepositoryPermission(repository);\r
- boolean isExplicit = model.hasExplicitRepositoryPermission(repository.name);\r
- permissions.add(new RegistrantAccessPermission(team, ap, isExplicit, RegistrantType.TEAM));\r
+ PermissionType pType = PermissionType.REGEX;\r
+ boolean editable = false;\r
+ if (model.hasExplicitRepositoryPermission(repository.name)) {\r
+ pType = PermissionType.EXPLICIT;\r
+ editable = true;\r
+ }\r
+ permissions.add(new RegistrantAccessPermission(team, ap, pType, RegistrantType.TEAM, editable));\r
}\r
return permissions;\r
}\r
public boolean setTeamAccessPermissions(RepositoryModel repository, Collection<RegistrantAccessPermission> permissions) {\r
List<TeamModel> teams = new ArrayList<TeamModel>();\r
for (RegistrantAccessPermission tp : permissions) {\r
- if (tp.isExplicit) {\r
+ if (tp.isEditable) {\r
// only set explicitly defined access permissions\r
TeamModel team = userService.getTeamModel(tp.registrant);\r
team.setRepositoryPermission(repository.name, tp.permission);\r
config.setBoolean(Constants.CONFIG_GITBLIT, null, "isFederated", repository.isFederated);\r
config.setString(Constants.CONFIG_GITBLIT, null, "gcThreshold", repository.gcThreshold);\r
config.setString(Constants.CONFIG_GITBLIT, null, "gcPeriod", repository.gcPeriod);\r
- config.setString(Constants.CONFIG_GITBLIT, null, "lastGC", new SimpleDateFormat(Constants.ISO8601).format(repository.lastGC));\r
+ if (repository.lastGC != null) {\r
+ config.setString(Constants.CONFIG_GITBLIT, null, "lastGC", new SimpleDateFormat(Constants.ISO8601).format(repository.lastGC));\r
+ }\r
\r
updateList(config, "federationSets", repository.federationSets);\r
updateList(config, "preReceiveScript", repository.preReceiveScripts);\r
import java.awt.Insets;\r
import java.awt.event.ActionEvent;\r
import java.awt.event.ActionListener;\r
+import java.awt.event.ItemEvent;\r
+import java.awt.event.ItemListener;\r
import java.awt.event.KeyEvent;\r
import java.text.MessageFormat;\r
import java.util.ArrayList;\r
import javax.swing.BoxLayout;\r
import javax.swing.ButtonGroup;\r
import javax.swing.DefaultComboBoxModel;\r
+import javax.swing.DefaultListCellRenderer;\r
import javax.swing.ImageIcon;\r
import javax.swing.JButton;\r
import javax.swing.JCheckBox;\r
import com.gitblit.Constants.AccessRestrictionType;\r
import com.gitblit.Constants.AuthorizationControl;\r
import com.gitblit.Constants.FederationStrategy;\r
+import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.models.RegistrantAccessPermission;\r
import com.gitblit.models.RepositoryModel;\r
import com.gitblit.utils.ArrayUtils;\r
accessRestriction = new JComboBox(AccessRestrictionType.values());\r
accessRestriction.setRenderer(new AccessRestrictionRenderer());\r
accessRestriction.setSelectedItem(anRepository.accessRestriction);\r
+ accessRestriction.addItemListener(new ItemListener() {\r
+ @Override\r
+ public void itemStateChanged(ItemEvent e) {\r
+ if (e.getStateChange() == ItemEvent.SELECTED) {\r
+ AccessRestrictionType art = (AccessRestrictionType) accessRestriction.getSelectedItem();\r
+ EditRepositoryDialog.this.setupAccessPermissions(art);\r
+ }\r
+ }\r
+ });\r
\r
boolean authenticated = anRepository.authorizationControl != null \r
&& AuthorizationControl.AUTHENTICATED.equals(anRepository.authorizationControl);\r
allowAuthenticated = new JRadioButton(Translation.get("gb.allowAuthenticatedDescription"));\r
allowAuthenticated.setSelected(authenticated);\r
+ allowAuthenticated.addItemListener(new ItemListener() {\r
+ @Override\r
+ public void itemStateChanged(ItemEvent e) {\r
+ if (e.getStateChange() == ItemEvent.SELECTED) {\r
+ usersPalette.setEnabled(false);\r
+ teamsPalette.setEnabled(false);\r
+ }\r
+ }\r
+ });\r
+ \r
allowNamed = new JRadioButton(Translation.get("gb.allowNamedDescription"));\r
allowNamed.setSelected(!authenticated);\r
+ allowNamed.addItemListener(new ItemListener() {\r
+ @Override\r
+ public void itemStateChanged(ItemEvent e) {\r
+ if (e.getStateChange() == ItemEvent.SELECTED) {\r
+ usersPalette.setEnabled(true);\r
+ teamsPalette.setEnabled(true);\r
+ }\r
+ }\r
+ });\r
\r
ButtonGroup group = new ButtonGroup();\r
group.add(allowAuthenticated);\r
clonePushPanel\r
.add(newFieldPanel(Translation.get("gb.verifyCommitter"), verifyCommitter));\r
\r
- usersPalette = new RegistrantPermissionsPanel();\r
+ usersPalette = new RegistrantPermissionsPanel(RegistrantType.USER);\r
JPanel northAccessPanel = new JPanel(new BorderLayout(5, 5));\r
northAccessPanel.add(newFieldPanel(Translation.get("gb.accessRestriction"),\r
accessRestriction), BorderLayout.NORTH);\r
accessPanel.add(newFieldPanel(Translation.get("gb.userPermissions"),\r
usersPalette), BorderLayout.CENTER);\r
\r
- teamsPalette = new RegistrantPermissionsPanel();\r
+ teamsPalette = new RegistrantPermissionsPanel(RegistrantType.TEAM);\r
JPanel teamsPanel = new JPanel(new BorderLayout(5, 5));\r
teamsPanel.add(\r
newFieldPanel(Translation.get("gb.teamPermissions"),\r
panel.addTab(Translation.get("gb.customFields"), customFieldsScrollPane);\r
\r
\r
+ setupAccessPermissions(anRepository.accessRestriction);\r
+\r
JButton createButton = new JButton(Translation.get("gb.save"));\r
createButton.addActionListener(new ActionListener() {\r
public void actionPerformed(ActionEvent event) {\r
panel.add(comp);\r
return panel;\r
}\r
+ \r
+ private void setupAccessPermissions(AccessRestrictionType art) {\r
+ if (AccessRestrictionType.NONE.equals(art)) {\r
+ usersPalette.setEnabled(false);\r
+ teamsPalette.setEnabled(false);\r
+ \r
+ allowAuthenticated.setEnabled(false);\r
+ allowNamed.setEnabled(false);\r
+ } else {\r
+ allowAuthenticated.setEnabled(true);\r
+ allowNamed.setEnabled(true);\r
+ \r
+ if (allowNamed.isSelected()) {\r
+ usersPalette.setEnabled(true);\r
+ teamsPalette.setEnabled(true);\r
+ }\r
+ }\r
+\r
+ }\r
\r
private boolean validateFields() {\r
String rname = nameField.getText();\r
\r
public void setAccessRestriction(AccessRestrictionType restriction) {\r
this.accessRestriction.setSelectedItem(restriction);\r
+ setupAccessPermissions(restriction);\r
}\r
\r
public void setAuthorizationControl(AuthorizationControl authorization) {\r
* restriction.\r
* \r
*/\r
- private class AccessRestrictionRenderer extends JLabel implements\r
- ListCellRenderer {\r
+ private class AccessRestrictionRenderer extends DefaultListCellRenderer {\r
\r
private static final long serialVersionUID = 1L;\r
\r
@Override\r
public Component getListCellRendererComponent(JList list, Object value,\r
int index, boolean isSelected, boolean cellHasFocus) {\r
+ super.getListCellRendererComponent(list, value, index, isSelected, cellHasFocus);\r
+ \r
if (value instanceof AccessRestrictionType) {\r
AccessRestrictionType restriction = (AccessRestrictionType) value;\r
switch (restriction) {\r
import javax.swing.KeyStroke;\r
\r
import com.gitblit.Constants.AccessRestrictionType;\r
+import com.gitblit.Constants.AuthorizationControl;\r
+import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.models.RegistrantAccessPermission;\r
import com.gitblit.models.RepositoryModel;\r
import com.gitblit.models.ServerSettings;\r
import com.gitblit.models.TeamModel;\r
-import com.gitblit.utils.ArrayUtils;\r
import com.gitblit.utils.StringUtils;\r
\r
public class EditTeamDialog extends JDialog {\r
fieldsPanel.add(newFieldPanel(Translation.get("gb.mailingLists"), mailingListsField));\r
\r
final Insets _insets = new Insets(5, 5, 5, 5);\r
- repositoryPalette = new RegistrantPermissionsPanel();\r
+ repositoryPalette = new RegistrantPermissionsPanel(RegistrantType.REPOSITORY);\r
userPalette = new JPalette<String>();\r
userPalette.setEnabled(settings.supportsTeamMembershipChanges);\r
\r
public void setRepositories(List<RepositoryModel> repositories, List<RegistrantAccessPermission> permissions) {\r
List<String> restricted = new ArrayList<String>();\r
for (RepositoryModel repo : repositories) {\r
- if (repo.accessRestriction.exceeds(AccessRestrictionType.NONE)) {\r
+ if (repo.accessRestriction.exceeds(AccessRestrictionType.NONE)\r
+ && repo.authorizationControl.equals(AuthorizationControl.NAMED)) {\r
restricted.add(repo.name);\r
- }\r
+ } \r
}\r
StringUtils.sortRepositorynames(restricted);\r
\r
import javax.swing.KeyStroke;\r
\r
import com.gitblit.Constants.AccessRestrictionType;\r
+import com.gitblit.Constants.AuthorizationControl;\r
+import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.Keys;\r
import com.gitblit.models.RegistrantAccessPermission;\r
import com.gitblit.models.RepositoryModel;\r
notFederatedCheckbox));\r
\r
final Insets _insets = new Insets(5, 5, 5, 5);\r
- repositoryPalette = new RegistrantPermissionsPanel();\r
+ repositoryPalette = new RegistrantPermissionsPanel(RegistrantType.REPOSITORY);\r
teamsPalette = new JPalette<TeamModel>();\r
teamsPalette.setEnabled(settings.supportsTeamMembershipChanges);\r
\r
public void setRepositories(List<RepositoryModel> repositories, List<RegistrantAccessPermission> permissions) {\r
List<String> restricted = new ArrayList<String>();\r
for (RepositoryModel repo : repositories) {\r
- if (repo.accessRestriction.exceeds(AccessRestrictionType.NONE)) {\r
- restricted.add(repo.name);\r
+ // exclude Owner or personal repositories\r
+ if (!repo.isOwner(username) && !repo.isUsersPersonalRepository(username)) {\r
+ if (repo.accessRestriction.exceeds(AccessRestrictionType.NONE)\r
+ && repo.authorizationControl.equals(AuthorizationControl.NAMED)) {\r
+ restricted.add(repo.name);\r
+ } \r
}\r
}\r
StringUtils.sortRepositorynames(restricted);\r
list.add("[^~].*");\r
String lastProject = null;\r
for (String repo : restricted) {\r
- String projectPath = StringUtils.getFirstPathElement(repo);\r
+ String projectPath = StringUtils.getFirstPathElement(repo).toLowerCase();\r
if (lastProject == null || !lastProject.equalsIgnoreCase(projectPath)) {\r
lastProject = projectPath;\r
if (!StringUtils.isEmpty(projectPath)) {\r
// regex for all repositories within a project\r
list.add(projectPath + "/.*");\r
}\r
- list.add(repo);\r
}\r
+ list.add(repo);\r
}\r
\r
// remove repositories for which user already has a permission\r
permissions = new ArrayList<RegistrantAccessPermission>();\r
} else {\r
for (RegistrantAccessPermission rp : permissions) {\r
- list.remove(rp.registrant);\r
+ list.remove(rp.registrant.toLowerCase());\r
}\r
}\r
repositoryPalette.setObjects(list, permissions);\r
import com.gitblit.Constants.AccessPermission;\r
import com.gitblit.Constants.AccessRestrictionType;\r
import com.gitblit.Constants.AuthorizationControl;\r
+import com.gitblit.Constants.PermissionType;\r
import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.GitBlitException.ForbiddenException;\r
import com.gitblit.GitBlitException.NotAllowedException;\r
List<UserModel> users = RpcUtils.getUsers(url, account, password);\r
allUsers.clear();\r
allUsers.addAll(users);\r
+ Collections.sort(users);\r
return allUsers;\r
}\r
\r
List<TeamModel> teams = RpcUtils.getTeams(url, account, password);\r
allTeams.clear();\r
allTeams.addAll(teams);\r
+ Collections.sort(teams);\r
return allTeams;\r
}\r
\r
public List<UserModel> getUsers() {\r
return allUsers;\r
}\r
+ \r
+ public UserModel getUser(String username) {\r
+ for (UserModel user : getUsers()) {\r
+ if (user.username.equalsIgnoreCase(username)) {\r
+ return user;\r
+ }\r
+ }\r
+ return null;\r
+ }\r
\r
public List<String> getUsernames() {\r
List<String> usernames = new ArrayList<String>();\r
}\r
\r
public List<RegistrantAccessPermission> getUserAccessPermissions(RepositoryModel repository) {\r
- List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();\r
- for (UserModel user : allUsers) {\r
+ Set<RegistrantAccessPermission> list = new LinkedHashSet<RegistrantAccessPermission>();\r
+ if (!StringUtils.isEmpty(repository.owner)) {\r
+ UserModel owner = getUser(repository.owner);\r
+ if (owner != null) {\r
+ list.add(new RegistrantAccessPermission(owner.username, AccessPermission.REWIND, PermissionType.OWNER, RegistrantType.USER, false));\r
+ }\r
+ }\r
+ if (repository.isPersonalRepository()) {\r
+ UserModel owner = getUser(repository.projectPath.substring(1));\r
+ if (owner != null) {\r
+ list.add(new RegistrantAccessPermission(owner.username, AccessPermission.REWIND, PermissionType.OWNER, RegistrantType.USER, false));\r
+ }\r
+ }\r
+ for (UserModel user : getUsers()) {\r
if (user.hasRepositoryPermission(repository.name)) {\r
AccessPermission ap = user.getRepositoryPermission(repository);\r
- boolean isExplicit = user.hasExplicitRepositoryPermission(repository.name);\r
- list.add(new RegistrantAccessPermission(user.username, ap, isExplicit, RegistrantType.USER));\r
+ PermissionType pType = PermissionType.REGEX;\r
+ boolean editable = false;\r
+ if (repository.isOwner(user.username)) {\r
+ pType = PermissionType.OWNER;\r
+ } else if (repository.isUsersPersonalRepository(user.username)) {\r
+ pType = PermissionType.OWNER;\r
+ } else if (user.hasExplicitRepositoryPermission(repository.name)) {\r
+ pType = PermissionType.EXPLICIT;\r
+ editable = true;\r
+ } \r
+ list.add(new RegistrantAccessPermission(user.username, ap, pType, RegistrantType.USER, editable));\r
}\r
}\r
- return list;\r
+ List<RegistrantAccessPermission> raps = new ArrayList<RegistrantAccessPermission>(list);\r
+ Collections.sort(raps);\r
+ return raps;\r
}\r
\r
public boolean setUserAccessPermissions(RepositoryModel repository, List<RegistrantAccessPermission> permissions) throws IOException {\r
for (TeamModel team : allTeams) {\r
if (team.hasRepositoryPermission(repository.name)) {\r
AccessPermission ap = team.getRepositoryPermission(repository);\r
- boolean isExplicit = team.hasExplicitRepositoryPermission(repository.name);\r
- list.add(new RegistrantAccessPermission(team.name, ap, isExplicit, RegistrantType.TEAM));\r
+ PermissionType pType = PermissionType.REGEX;\r
+ boolean editable = false;\r
+ if (team.hasExplicitRepositoryPermission(repository.name)) {\r
+ pType = PermissionType.EXPLICIT;\r
+ editable = true;\r
+ }\r
+ list.add(new RegistrantAccessPermission(team.name, ap, pType, RegistrantType.TEAM, editable));\r
}\r
}\r
+ Collections.sort(list);\r
return list;\r
}\r
\r
public List<RepositoryModel> getRepositories() {\r
return allRepositories;\r
}\r
+ \r
+ public RepositoryModel getRepository(String name) {\r
+ for (RepositoryModel repository : allRepositories) {\r
+ if (repository.name.equalsIgnoreCase(name)) {\r
+ return repository;\r
+ }\r
+ }\r
+ return null;\r
+ }\r
\r
public boolean createRepository(RepositoryModel repository, List<RegistrantAccessPermission> userPermissions)\r
throws IOException {\r
import javax.swing.table.DefaultTableCellRenderer;\r
\r
import com.gitblit.Constants.AccessPermission;\r
+import com.gitblit.Constants.PermissionType;\r
+import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.models.RegistrantAccessPermission;\r
+import com.gitblit.utils.StringUtils;\r
\r
public class RegistrantPermissionsPanel extends JPanel {\r
\r
\r
private JPanel addPanel;\r
\r
- public RegistrantPermissionsPanel() {\r
+ public RegistrantPermissionsPanel(final RegistrantType registrantType) {\r
super(new BorderLayout(5, 5));\r
tableModel = new RegistrantPermissionsTableModel();\r
- permissionsTable = new JTable(tableModel);\r
+ permissionsTable = Utils.newTable(tableModel, Utils.DATE_FORMAT);\r
+ permissionsTable.setModel(tableModel);\r
permissionsTable.setPreferredScrollableViewportSize(new Dimension(400, 150));\r
JScrollPane jsp = new JScrollPane(permissionsTable);\r
add(jsp, BorderLayout.CENTER);\r
\r
+ permissionsTable.getColumnModel().getColumn(RegistrantPermissionsTableModel.Columns.Registrant.ordinal())\r
+ .setCellRenderer(new NameRenderer());\r
permissionsTable.getColumnModel().getColumn(RegistrantPermissionsTableModel.Columns.Type.ordinal())\r
- .setCellRenderer(new RegexRenderer());\r
+ .setCellRenderer(new PermissionTypeRenderer());\r
permissionsTable.getColumnModel().getColumn(RegistrantPermissionsTableModel.Columns.Permission.ordinal())\r
.setCellEditor(new AccessPermissionEditor());\r
\r
return;\r
}\r
\r
- RegistrantAccessPermission rp = new RegistrantAccessPermission();\r
+ RegistrantAccessPermission rp = new RegistrantAccessPermission(registrantType);\r
rp.registrant = registrantSelector.getSelectedItem().toString();\r
rp.permission = (AccessPermission) permissionSelector.getSelectedItem();\r
+ if (StringUtils.findInvalidCharacter(rp.registrant) != null) {\r
+ rp.permissionType = PermissionType.REGEX;\r
+ } else {\r
+ rp.permissionType = PermissionType.EXPLICIT;\r
+ }\r
+\r
tableModel.permissions.add(rp);\r
\r
registrantModel.removeElement(rp.registrant);\r
@Override\r
public void setEnabled(boolean enabled) {\r
super.setEnabled(enabled);\r
- permissionsTable.setEnabled(false);\r
+ permissionsTable.setEnabled(enabled);\r
+ registrantSelector.setEnabled(enabled);\r
+ permissionSelector.setEnabled(enabled);\r
+ addButton.setEnabled(enabled);\r
}\r
\r
public void setObjects(List<String> registrants, List<RegistrantAccessPermission> permissions) {\r
permissions = new ArrayList<RegistrantAccessPermission>();\r
}\r
for (RegistrantAccessPermission rp : permissions) {\r
- filtered.remove(rp.registrant);\r
+ if (rp.isEditable) {\r
+ // only remove editable duplicates\r
+ // this allows for specifying an explicit permission\r
+ filtered.remove(rp.registrant);\r
+ }\r
}\r
for (String registrant : filtered) {\r
registrantModel.addElement(registrant);\r
private static final long serialVersionUID = 1L;\r
\r
public AccessPermissionEditor() {\r
- super(new JComboBox(AccessPermission.values()));\r
+ super(new JComboBox(AccessPermission.values())); \r
}\r
}\r
\r
- private class RegexRenderer extends DefaultTableCellRenderer {\r
+ private class PermissionTypeRenderer extends DefaultTableCellRenderer {\r
\r
private static final long serialVersionUID = 1L;\r
\r
- public RegexRenderer() {\r
+ public PermissionTypeRenderer() {\r
super();\r
setHorizontalAlignment(SwingConstants.CENTER);\r
}\r
\r
@Override\r
protected void setValue(Object value) {\r
- boolean isExplicit = (Boolean) value;\r
- if (isExplicit) {\r
- // explicit permission\r
- setText("");\r
- setToolTipText(null);\r
- } else {\r
- // regex matched permission\r
+ PermissionType pType = (PermissionType) value;\r
+ switch (pType) {\r
+ case OWNER:\r
+ setText("owner");\r
+ setToolTipText(Translation.get("gb.ownerPermission"));\r
+ break;\r
+ case REGEX:\r
setText("regex");\r
setToolTipText(Translation.get("gb.regexPermission"));\r
+ break;\r
+ default:\r
+ setText("");\r
+ setToolTipText(null);\r
+ break;\r
}\r
}\r
}\r
// and therefore can not be directly manipulated unless the current\r
// object is the source of the regex (i.e. a user or team with explicit\r
// regex definition)\r
- return permissions.get(rowIndex).isExplicit;\r
+ return permissions.get(rowIndex).isEditable;\r
}\r
return false;\r
}\r
case Registrant:\r
return rp.registrant;\r
case Type:\r
- return rp.isExplicit;\r
+ return rp.permissionType;\r
case Permission:\r
return rp.permission;\r
}\r
import javax.swing.event.ListSelectionListener;\r
import javax.swing.table.TableRowSorter;\r
\r
+import com.gitblit.Constants.PermissionType;\r
import com.gitblit.Constants.RpcRequest;\r
+import com.gitblit.models.RegistrantAccessPermission;\r
import com.gitblit.models.TeamModel;\r
import com.gitblit.models.UserModel;\r
import com.gitblit.utils.StringUtils;\r
gitblit.getSettings());\r
dialog.setLocationRelativeTo(UsersPanel.this);\r
dialog.setUsers(gitblit.getUsers());\r
+ \r
+ List<RegistrantAccessPermission> permissions = user.getRepositoryPermissions();\r
+ for (RegistrantAccessPermission permission : permissions) {\r
+ if (permission.isEditable && PermissionType.EXPLICIT.equals(permission.permissionType)) {\r
+ // Ensure this is NOT an owner permission - which is non-editable\r
+ // We don't know this from within the usermodel, ownership is a\r
+ // property of a repository.\r
+ boolean isOwner = gitblit.getRepository(permission.registrant).isOwner(user.username);\r
+ if (isOwner) {\r
+ permission.permissionType = PermissionType.OWNER;\r
+ permission.isEditable = false;\r
+ }\r
+ }\r
+ }\r
+ \r
dialog.setRepositories(gitblit.getRepositories(), user.getRepositoryPermissions());\r
dialog.setTeams(gitblit.getTeams(), user.teams == null ? null : new ArrayList<TeamModel>(\r
user.teams));\r
import java.io.Serializable;
import com.gitblit.Constants.AccessPermission;
+import com.gitblit.Constants.PermissionType;
import com.gitblit.Constants.RegistrantType;
import com.gitblit.utils.StringUtils;
public String registrant;
public AccessPermission permission;
- public RegistrantType type;
- public boolean isExplicit;
+ public RegistrantType registrantType;
+ public PermissionType permissionType;
+ public boolean isEditable;
- public RegistrantAccessPermission() {
- isExplicit = true;
+ public RegistrantAccessPermission(RegistrantType registrantType) {
+ this.registrantType = registrantType;
+ this.permissionType = PermissionType.EXPLICIT;
+ this.isEditable = true;
}
- public RegistrantAccessPermission(String registrant, AccessPermission permission, boolean isExplicit, RegistrantType type) {
+ public RegistrantAccessPermission(String registrant, AccessPermission permission, PermissionType permissionType, RegistrantType registrantType, boolean isEditable) {
this.registrant = registrant;
this.permission = permission;
- this.isExplicit = isExplicit;
- this.type = type;
+ this.permissionType = permissionType;
+ this.registrantType = registrantType;
+ this.isEditable = isEditable;
}
@Override
public int compareTo(RegistrantAccessPermission p) {
- switch (type) {
+ switch (registrantType) {
case REPOSITORY:
return StringUtils.compareRepositoryNames(registrant, p.registrant);
default:
}
}
+ @Override
+ public int hashCode() {
+ return registrant.hashCode();
+ }
+
+ @Override
+ public boolean equals(Object o) {
+ if (o instanceof RegistrantAccessPermission) {
+ RegistrantAccessPermission p = (RegistrantAccessPermission) o;
+ return registrant.equals(p.registrant);
+ }
+
+ return false;
+ }
+
@Override
public String toString() {
return permission.asRole(registrant);
\r
import com.gitblit.Constants.AccessPermission;\r
import com.gitblit.Constants.AccessRestrictionType;\r
+import com.gitblit.Constants.PermissionType;\r
import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.Constants.Unused;\r
import com.gitblit.utils.StringUtils;\r
public List<RegistrantAccessPermission> getRepositoryPermissions() {\r
List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();\r
for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) {\r
- list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), true, RegistrantType.REPOSITORY));\r
+ String registrant = entry.getKey();\r
+ boolean editable = true;\r
+ PermissionType pType = PermissionType.EXPLICIT;\r
+ if (StringUtils.findInvalidCharacter(registrant) != null) {\r
+ // a regex will have at least 1 invalid character\r
+ pType = PermissionType.REGEX;\r
+ }\r
+ list.add(new RegistrantAccessPermission(registrant, entry.getValue(), pType, RegistrantType.REPOSITORY, editable));\r
}\r
Collections.sort(list);\r
return list;\r
import com.gitblit.Constants.AccessPermission;\r
import com.gitblit.Constants.AccessRestrictionType;\r
import com.gitblit.Constants.AuthorizationControl;\r
+import com.gitblit.Constants.PermissionType;\r
import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.Constants.Unused;\r
import com.gitblit.utils.ArrayUtils;\r
public List<RegistrantAccessPermission> getRepositoryPermissions() {\r
List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();\r
for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) {\r
- list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), true, RegistrantType.REPOSITORY));\r
+ String registrant = entry.getKey();\r
+ boolean editable = true;\r
+ PermissionType pType = PermissionType.EXPLICIT;\r
+ if (isMyPersonalRepository(registrant)) {\r
+ pType = PermissionType.OWNER;\r
+ editable = false;\r
+ } else if (StringUtils.findInvalidCharacter(registrant) != null) {\r
+ // a regex will have at least 1 invalid character\r
+ pType = PermissionType.REGEX;\r
+ }\r
+ list.add(new RegistrantAccessPermission(registrant, entry.getValue(), pType, RegistrantType.REPOSITORY, editable));\r
}\r
Collections.sort(list);\r
return list;\r
// Default UserModel doesn't implement branch-level security. Other Realms (i.e. Gerrit) may override this method.\r
return hasRepositoryPermission(repositoryName);\r
}\r
+ \r
+ public boolean isMyPersonalRepository(String repository) {\r
+ String projectPath = StringUtils.getFirstPathElement(repository);\r
+ return !StringUtils.isEmpty(projectPath) && projectPath.equalsIgnoreCase("~" + username);\r
+ }\r
}\r
gb.duration.oneYear = 1 year\r
gb.duration.years = {0} years\r
gb.authorizationControl = authorization control\r
-gb.allowAuthenticatedDescription = grant restricted access to all authenticated users\r
-gb.allowNamedDescription = grant restricted access to named users or teams\r
+gb.allowAuthenticatedDescription = grant RW+ permission to all authenticated users\r
+gb.allowNamedDescription = grant fine-grained permissions to named users or teams\r
gb.markdownFailure = Failed to parse Markdown content!\r
gb.clearCache = clear cache\r
gb.projects = projects\r
gb.gcPeriodDescription = duration between garbage collections\r
gb.gcThreshold = GC threshold\r
gb.gcThresholdDescription = minimum total size of loose objects to trigger early garbage collection\r
+gb.ownerPermission = repository owner
\ No newline at end of file
import com.gitblit.Constants;\r
import com.gitblit.Constants.AccessPermission;\r
import com.gitblit.Constants.AccessRestrictionType;\r
+import com.gitblit.Constants.AuthorizationControl;\r
import com.gitblit.Constants.FederationStrategy;\r
import com.gitblit.GitBlit;\r
import com.gitblit.Keys;\r
}\r
return map;\r
}\r
+ \r
+ protected Map<AuthorizationControl, String> getAuthorizationControls() {\r
+ Map<AuthorizationControl, String> map = new LinkedHashMap<AuthorizationControl, String>();\r
+ for (AuthorizationControl type : AuthorizationControl.values()) {\r
+ switch (type) {\r
+ case AUTHENTICATED:\r
+ map.put(type, getString("gb.allowAuthenticatedDescription"));\r
+ break;\r
+ case NAMED:\r
+ map.put(type, getString("gb.allowNamedDescription"));\r
+ break;\r
+ }\r
+ }\r
+ return map;\r
+ }\r
\r
protected TimeZone getTimeZone() {\r
return GitBlit.getBoolean(Keys.web.useClientTimezone, false) ? GitBlitWebSession.get()\r
<tbody class="settings">\r
<tr><th><wicket:message key="gb.accessRestriction"></wicket:message></th><td class="edit"><select class="span4" wicket:id="accessRestriction" tabindex="15" /></td></tr>\r
<tr><th colspan="2"><hr/></th></tr>\r
- <tr><th><wicket:message key="gb.authorizationControl"></wicket:message></th><td style="padding:2px;">\r
- <wicket:container wicket:id="authorizationControl">\r
- <label class="radio"><input type="radio" wicket:id="allowAuthenticated" tabindex="16" /> <span class="help-inline"><wicket:message key="gb.allowAuthenticatedDescription"></wicket:message></span></label>\r
- <label class="radio"><input type="radio" wicket:id="allowNamed" tabindex="17" /> <span class="help-inline"><wicket:message key="gb.allowNamedDescription"></wicket:message></span></label>\r
- </wicket:container>\r
- </td></tr>\r
+ <tr><th><wicket:message key="gb.authorizationControl"></wicket:message></th><td style="padding:2px;"><span class="authorizationControl" wicket:id="authorizationControl"></span></td></tr>\r
<tr><th colspan="2"><hr/></th></tr>\r
<tr><th><wicket:message key="gb.isFrozen"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="isFrozen" tabindex="18" /> <span class="help-inline"><wicket:message key="gb.isFrozenDescription"></wicket:message></span></label></td></tr>\r
<tr><th><wicket:message key="gb.allowForks"></wicket:message></th><td class="edit"><label class="checkbox"><input type="checkbox" wicket:id="allowForks" tabindex="19" /> <span class="help-inline"><wicket:message key="gb.allowForksDescription"></wicket:message></span></label></td></tr>\r
import java.util.Set;\r
\r
import org.apache.wicket.PageParameters;\r
+import org.apache.wicket.ajax.AjaxRequestTarget;\r
+import org.apache.wicket.ajax.form.AjaxFormChoiceComponentUpdatingBehavior;\r
+import org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior;\r
import org.apache.wicket.behavior.SimpleAttributeModifier;\r
import org.apache.wicket.extensions.markup.html.form.palette.Palette;\r
import org.apache.wicket.markup.html.WebMarkupContainer;\r
import org.apache.wicket.markup.html.form.DropDownChoice;\r
import org.apache.wicket.markup.html.form.Form;\r
import org.apache.wicket.markup.html.form.IChoiceRenderer;\r
-import org.apache.wicket.markup.html.form.Radio;\r
-import org.apache.wicket.markup.html.form.RadioGroup;\r
+import org.apache.wicket.markup.html.form.RadioChoice;\r
import org.apache.wicket.markup.html.form.TextField;\r
import org.apache.wicket.markup.html.list.ListItem;\r
import org.apache.wicket.markup.html.list.ListView;\r
import com.gitblit.Constants.AccessRestrictionType;\r
import com.gitblit.Constants.AuthorizationControl;\r
import com.gitblit.Constants.FederationStrategy;\r
+import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.GitBlit;\r
import com.gitblit.GitBlitException;\r
import com.gitblit.Keys;\r
private final boolean isCreate;\r
\r
private boolean isAdmin;\r
+ \r
+ RepositoryModel repositoryModel;\r
\r
private IModel<String> mailingLists;\r
\r
\r
setupPage(model);\r
setStatelessHint(false);\r
+ setOutputMarkupId(true);\r
}\r
\r
public EditRepositoryPage(PageParameters params) {\r
RepositoryModel model = GitBlit.self().getRepositoryModel(name);\r
setupPage(model);\r
setStatelessHint(false);\r
+ setOutputMarkupId(true);\r
}\r
\r
- protected void setupPage(final RepositoryModel repositoryModel) {\r
+ protected void setupPage(RepositoryModel model) {\r
+ this.repositoryModel = model;\r
+ \r
// ensure this user can create or edit this repository\r
checkPermissions(repositoryModel);\r
\r
\r
final String oldName = repositoryModel.name;\r
\r
- RegistrantPermissionsPanel usersPalette = new RegistrantPermissionsPanel("users", \r
- GitBlit.self().getAllUsernames(), repositoryUsers, getAccessPermissions());\r
- RegistrantPermissionsPanel teamsPalette = new RegistrantPermissionsPanel("teams", \r
- GitBlit.self().getAllTeamnames(), repositoryTeams, getAccessPermissions());\r
+ final RegistrantPermissionsPanel usersPalette = new RegistrantPermissionsPanel("users", \r
+ RegistrantType.USER, GitBlit.self().getAllUsernames(), repositoryUsers, getAccessPermissions());\r
+ final RegistrantPermissionsPanel teamsPalette = new RegistrantPermissionsPanel("teams", \r
+ RegistrantType.TEAM, GitBlit.self().getAllTeamnames(), repositoryTeams, getAccessPermissions());\r
\r
// indexed local branches palette\r
List<String> allLocalBranches = new ArrayList<String>();\r
};\r
customFieldsListView.setReuseItems(true);\r
\r
- CompoundPropertyModel<RepositoryModel> model = new CompoundPropertyModel<RepositoryModel>(\r
+ CompoundPropertyModel<RepositoryModel> rModel = new CompoundPropertyModel<RepositoryModel>(\r
repositoryModel);\r
- Form<RepositoryModel> form = new Form<RepositoryModel>("editForm", model) {\r
+ Form<RepositoryModel> form = new Form<RepositoryModel>("editForm", rModel) {\r
\r
private static final long serialVersionUID = 1L;\r
\r
form.add(new DropDownChoice<String>("owner", GitBlit.self().getAllUsernames())\r
.setEnabled(GitBlitWebSession.get().canAdmin()));\r
form.add(new CheckBox("allowForks"));\r
- form.add(new DropDownChoice<AccessRestrictionType>("accessRestriction", Arrays\r
- .asList(AccessRestrictionType.values()), new AccessRestrictionRenderer()));\r
+ DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>("accessRestriction", Arrays\r
+ .asList(AccessRestrictionType.values()), new AccessRestrictionRenderer());\r
+ form.add(accessRestriction);\r
form.add(new CheckBox("isFrozen"));\r
// TODO enable origin definition\r
form.add(new TextField<String>("origin").setEnabled(false/* isCreate */));\r
form.add(new TextField<String>("mailingLists", mailingLists));\r
form.add(indexedBranchesPalette);\r
\r
- RadioGroup<AuthorizationControl> group = new RadioGroup<AuthorizationControl>("authorizationControl");\r
- Radio<AuthorizationControl> allowAuthenticated = new Radio<AuthorizationControl>("allowAuthenticated", new Model<AuthorizationControl>(AuthorizationControl.AUTHENTICATED)); \r
- Radio<AuthorizationControl> allowNamed = new Radio<AuthorizationControl>("allowNamed", new Model<AuthorizationControl>(AuthorizationControl.NAMED));\r
- group.add(allowAuthenticated);\r
- group.add(allowNamed);\r
- form.add(group);\r
+ List<AuthorizationControl> acList = Arrays.asList(AuthorizationControl.values());\r
+ final RadioChoice<AuthorizationControl> authorizationControl = new RadioChoice<Constants.AuthorizationControl>(\r
+ "authorizationControl", acList, new AuthorizationControlRenderer());\r
+ form.add(authorizationControl);\r
\r
form.add(new CheckBox("verifyCommitter"));\r
\r
WebMarkupContainer customFieldsSection = new WebMarkupContainer("customFieldsSection");\r
customFieldsSection.add(customFieldsListView);\r
form.add(customFieldsSection.setVisible(!GitBlit.getString(Keys.groovy.customFields, "").isEmpty()));\r
+ \r
+ // initial enable/disable of permission controls\r
+ if (repositoryModel.accessRestriction.equals(AccessRestrictionType.NONE)) {\r
+ // anonymous everything, disable all controls\r
+ usersPalette.setEnabled(false);\r
+ teamsPalette.setEnabled(false);\r
+ authorizationControl.setEnabled(false);\r
+ } else {\r
+ // authenticated something\r
+ // enable authorization controls\r
+ authorizationControl.setEnabled(true);\r
+ \r
+ boolean allowFineGrainedControls = repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED);\r
+ usersPalette.setEnabled(allowFineGrainedControls);\r
+ teamsPalette.setEnabled(allowFineGrainedControls); \r
+ }\r
+ \r
+ accessRestriction.add(new AjaxFormComponentUpdatingBehavior("onchange") {\r
+ \r
+ private static final long serialVersionUID = 1L;\r
+\r
+ protected void onUpdate(AjaxRequestTarget target) {\r
+ // enable/disable permissions panel based on access restriction\r
+ boolean allowAuthorizationControl = repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE);\r
+ authorizationControl.setEnabled(allowAuthorizationControl);\r
+ \r
+ boolean allowFineGrainedControls = allowAuthorizationControl && repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED);\r
+ usersPalette.setEnabled(allowFineGrainedControls);\r
+ teamsPalette.setEnabled(allowFineGrainedControls);\r
+ \r
+ if (allowFineGrainedControls) {\r
+ repositoryModel.authorizationControl = AuthorizationControl.NAMED;\r
+ }\r
+ \r
+ target.addComponent(authorizationControl);\r
+ target.addComponent(usersPalette);\r
+ target.addComponent(teamsPalette);\r
+ }\r
+ });\r
+ \r
+ authorizationControl.add(new AjaxFormChoiceComponentUpdatingBehavior() {\r
+ \r
+ private static final long serialVersionUID = 1L;\r
\r
+ protected void onUpdate(AjaxRequestTarget target) {\r
+ // enable/disable permissions panel based on access restriction\r
+ boolean allowAuthorizationControl = repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE);\r
+ authorizationControl.setEnabled(allowAuthorizationControl);\r
+ \r
+ boolean allowFineGrainedControls = allowAuthorizationControl && repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED);\r
+ usersPalette.setEnabled(allowFineGrainedControls);\r
+ teamsPalette.setEnabled(allowFineGrainedControls);\r
+ \r
+ if (allowFineGrainedControls) {\r
+ repositoryModel.authorizationControl = AuthorizationControl.NAMED;\r
+ }\r
+ \r
+ target.addComponent(authorizationControl);\r
+ target.addComponent(usersPalette);\r
+ target.addComponent(teamsPalette);\r
+ }\r
+ });\r
+ \r
form.add(new Button("save"));\r
Button cancel = new Button("cancel") {\r
private static final long serialVersionUID = 1L;\r
return Integer.toString(index);\r
}\r
}\r
+ \r
+ private class AuthorizationControlRenderer implements IChoiceRenderer<AuthorizationControl> {\r
+\r
+ private static final long serialVersionUID = 1L;\r
+\r
+ private final Map<AuthorizationControl, String> map;\r
+\r
+ public AuthorizationControlRenderer() {\r
+ map = getAuthorizationControls();\r
+ }\r
+\r
+ @Override\r
+ public String getDisplayValue(AuthorizationControl type) {\r
+ return map.get(type);\r
+ }\r
+\r
+ @Override\r
+ public String getIdValue(AuthorizationControl type, int index) {\r
+ return Integer.toString(index);\r
+ }\r
+ }\r
}\r
\r
import com.gitblit.GitBlit;\r
import com.gitblit.GitBlitException;\r
+import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.models.RegistrantAccessPermission;\r
import com.gitblit.models.TeamModel;\r
import com.gitblit.utils.StringUtils;\r
isCreate = true;\r
setupPage(new TeamModel(""));\r
setStatelessHint(false);\r
+ setOutputMarkupId(true);\r
}\r
\r
public EditTeamPage(PageParameters params) {\r
TeamModel model = GitBlit.self().getTeamModel(name);\r
setupPage(model);\r
setStatelessHint(false);\r
+ setOutputMarkupId(true);\r
}\r
\r
protected void setupPage(final TeamModel teamModel) {\r
\r
CompoundPropertyModel<TeamModel> model = new CompoundPropertyModel<TeamModel>(teamModel);\r
\r
- List<String> repos = getAccessRestrictedRepositoryList(true);\r
+ List<String> repos = getAccessRestrictedRepositoryList(true, null);\r
\r
List<String> teamUsers = new ArrayList<String>(teamModel.users);\r
Collections.sort(teamUsers);\r
: StringUtils.flattenStrings(teamModel.mailingLists, " "));\r
form.add(new TextField<String>("mailingLists", mailingLists));\r
\r
- form.add(new RegistrantPermissionsPanel("repositories", repos, permissions, getAccessPermissions()));\r
+ form.add(new RegistrantPermissionsPanel("repositories", RegistrantType.REPOSITORY,\r
+ repos, permissions, getAccessPermissions()));\r
form.add(preReceivePalette);\r
form.add(new BulletListPanel("inheritedPreReceive", "inherited", GitBlit.self()\r
.getPreReceiveScriptsInherited(null)));\r
import com.gitblit.GitBlit;\r
import com.gitblit.GitBlitException;\r
import com.gitblit.Keys;\r
+import com.gitblit.Constants.PermissionType;\r
+import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.models.RegistrantAccessPermission;\r
import com.gitblit.models.TeamModel;\r
import com.gitblit.models.UserModel;\r
isCreate = true;\r
setupPage(new UserModel(""));\r
setStatelessHint(false);\r
+ setOutputMarkupId(true);\r
}\r
\r
public EditUserPage(PageParameters params) {\r
UserModel model = GitBlit.self().getUserModel(name);\r
setupPage(model);\r
setStatelessHint(false);\r
+ setOutputMarkupId(true);\r
}\r
\r
protected void setupPage(final UserModel userModel) {\r
CompoundPropertyModel<UserModel> model = new CompoundPropertyModel<UserModel>(userModel);\r
\r
// build list of projects including all repositories wildcards\r
- List<String> repos = getAccessRestrictedRepositoryList(true);\r
+ List<String> repos = getAccessRestrictedRepositoryList(true, userModel);\r
\r
List<String> userTeams = new ArrayList<String>();\r
for (TeamModel team : userModel.teams) {\r
\r
final String oldName = userModel.username;\r
final List<RegistrantAccessPermission> permissions = userModel.getRepositoryPermissions();\r
+ for (RegistrantAccessPermission permission : permissions) {\r
+ if (permission.isEditable && PermissionType.EXPLICIT.equals(permission.permissionType)) {\r
+ // Ensure this is NOT an owner permission - which is non-editable\r
+ // We don't know this from within the usermodel, ownership is a\r
+ // property of a repository.\r
+ boolean isOwner = GitBlit.self().getRepositoryModel(permission.registrant).isOwner(oldName);\r
+ if (isOwner) {\r
+ permission.permissionType = PermissionType.OWNER;\r
+ permission.isEditable = false;\r
+ }\r
+ }\r
+ }\r
\r
final Palette<String> teams = new Palette<String>("teams", new ListModel<String>(\r
new ArrayList<String>(userTeams)), new CollectionModel<String>(GitBlit.self()\r
form.add(new CheckBox("canFork"));\r
form.add(new CheckBox("canCreate"));\r
form.add(new CheckBox("excludeFromFederation"));\r
- form.add(new RegistrantPermissionsPanel("repositories", repos, permissions, getAccessPermissions()));\r
+ form.add(new RegistrantPermissionsPanel("repositories", RegistrantType.REPOSITORY, repos, permissions, getAccessPermissions()));\r
form.add(teams.setEnabled(editTeams));\r
\r
form.add(new Button("save"));\r
import org.apache.wicket.PageParameters;\r
import org.apache.wicket.markup.html.basic.Label;\r
\r
-import com.gitblit.GitBlit;\r
import com.gitblit.Constants.AccessRestrictionType;\r
+import com.gitblit.Constants.AuthorizationControl;\r
+import com.gitblit.GitBlit;\r
import com.gitblit.models.RepositoryModel;\r
+import com.gitblit.models.UserModel;\r
import com.gitblit.utils.StringUtils;\r
\r
/**\r
super.setupPage("", pageName);\r
}\r
\r
- protected List<String> getAccessRestrictedRepositoryList(boolean includeWildcards) {\r
+ protected List<String> getAccessRestrictedRepositoryList(boolean includeWildcards, UserModel user) {\r
// build list of access-restricted projects\r
String lastProject = null;\r
List<String> repos = new ArrayList<String>();\r
// all repositories excluding personal repositories\r
repos.add("[^~].*");\r
}\r
+ \r
for (String repo : GitBlit.self().getRepositoryList()) {\r
RepositoryModel repositoryModel = GitBlit.self().getRepositoryModel(repo);\r
- if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) {\r
+ if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)\r
+ && repositoryModel.authorizationControl.equals(AuthorizationControl.NAMED)) {\r
+ if (user != null &&\r
+ (repositoryModel.isOwner(user.username) || repositoryModel.isUsersPersonalRepository(user.username))) {\r
+ // exclude Owner or personal repositories\r
+ continue;\r
+ }\r
if (includeWildcards) {\r
if (lastProject == null || !lastProject.equalsIgnoreCase(repositoryModel.projectPath)) {\r
- lastProject = repositoryModel.projectPath;\r
+ lastProject = repositoryModel.projectPath.toLowerCase();\r
if (!StringUtils.isEmpty(repositoryModel.projectPath)) {\r
// regex for all repositories within a project\r
repos.add(repositoryModel.projectPath + "/.*");\r
}\r
}\r
}\r
- repos.add(repo);\r
+ repos.add(repo.toLowerCase());\r
}\r
}\r
return repos;\r
\r
<div wicket:id="permissionRow">\r
<div style="padding-top:10px;border-left:1px solid #ccc;border-right:1px solid #ccc;" class="row-fluid">\r
- <div style="padding-top:5px;padding-left:5px;" class="span6"><span wicket:id="registrant"></span></div><div style="padding-top:5px;padding-right:5px;text-align:right;" class="span2"><span class="label label-info" wicket:id="regex">[regex]</span></div> <select class="input-medium" wicket:id="permission"></select>\r
+ <div style="padding-top:5px;padding-left:5px" class="span6"><span wicket:id="registrant"></span></div><div style="padding-top:5px;padding-right:5px;text-align:right;" class="span2"><span class="label" wicket:id="pType">[permission type]</span></div> <select class="input-medium" wicket:id="permission"></select>\r
</div>\r
</div>\r
\r
import org.apache.wicket.model.IModel;
import com.gitblit.Constants.AccessPermission;
+import com.gitblit.Constants.PermissionType;
import com.gitblit.Constants.RegistrantType;
import com.gitblit.models.RegistrantAccessPermission;
import com.gitblit.utils.DeepCopier;
private static final long serialVersionUID = 1L;
- public RegistrantPermissionsPanel(String wicketId, List<String> allRegistrants, final List<RegistrantAccessPermission> permissions, final Map<AccessPermission, String> translations) {
+ public RegistrantPermissionsPanel(String wicketId,
RegistrantType registrantType, List<String> allRegistrants, final List<RegistrantAccessPermission> permissions, final Map<AccessPermission, String> translations) {
super(wicketId);
+ setOutputMarkupId(true);
// update existing permissions repeater
RefreshingView<RegistrantAccessPermission> dataView = new RefreshingView<RegistrantAccessPermission>("permissionRow") {
public void populateItem(final Item<RegistrantAccessPermission> item) {
final RegistrantAccessPermission entry = item.getModelObject();
- if (RegistrantType.REPOSITORY.equals(entry.type)) {
- // repository, strip .git and show swatch
+ if (RegistrantType.REPOSITORY.equals(entry.registrantType)) {
String repoName = StringUtils.stripDotGit(entry.registrant);
- Label registrant = new Label("registrant", repoName);
- WicketUtils.setCssClass(registrant, "repositorySwatch");
- WicketUtils.setCssBackground(registrant, repoName);
- item.add(registrant);
+ if (StringUtils.findInvalidCharacter(repoName) == null) {
+ // repository, strip .git and show swatch
+ Label registrant = new Label("registrant", repoName);
+ WicketUtils.setCssClass(registrant, "repositorySwatch");
+ WicketUtils.setCssBackground(registrant, repoName);
+ item.add(registrant);
+ } else {
+ // likely a regex
+ Label label = new Label("registrant", entry.registrant);
+ WicketUtils.setCssStyle(label, "font-weight: bold;");
+ item.add(label);
+ }
} else {
- item.add(new Label("registrant", entry.registrant));
+ // user or team
+ Label label = new Label("registrant", entry.registrant);
+ WicketUtils.setCssStyle(label, "font-weight: bold;");
+ item.add(label);
}
- if (entry.isExplicit) {
- item.add(new Label("regex", "").setVisible(false));
- } else {
- Label regex = new Label("regex", "regex");
+ switch (entry.permissionType) {
+ case OWNER:
+ Label owner = new Label("pType", "owner");
+ WicketUtils.setHtmlTooltip(owner, getString("gb.ownerPermission"));
+ item.add(owner);
+ break;
+ case REGEX:
+ Label regex = new Label("pType", "regex");
WicketUtils.setHtmlTooltip(regex, getString("gb.regexPermission"));
item.add(regex);
+ break;
+ default:
+ item.add(new Label("pType", "").setVisible(false));
+ break;
}
// use ajax to get immediate update of permission level change
// only allow changing an explicitly defined permission
// this is designed to prevent changing a regex permission in
// a repository
- permissionChoice.setEnabled(entry.isExplicit);
- if (entry.isExplicit) {
+ permissionChoice.setEnabled(entry.isEditable);
+ permissionChoice.setOutputMarkupId(true);
+ if (entry.isEditable) {
permissionChoice.add(new AjaxFormComponentUpdatingBehavior("onchange") {
private static final long serialVersionUID = 1L;
// filter out registrants we already have permissions for
final List<String> registrants = new ArrayList<String>(allRegistrants);
for (RegistrantAccessPermission rp : permissions) {
- registrants.remove(rp.registrant);
+ if (rp.isEditable) {
+ // only remove editable duplicates
+ // this allows for specifying an explicit permission
+ registrants.remove(rp.registrant);
+ }
}
// add new permission form
- IModel<RegistrantAccessPermission> addPermissionModel = new CompoundPropertyModel<RegistrantAccessPermission>(new RegistrantAccessPermission());
+ IModel<RegistrantAccessPermission> addPermissionModel = new CompoundPropertyModel<RegistrantAccessPermission>(new RegistrantAccessPermission(registrantType));
Form<RegistrantAccessPermission> addPermissionForm = new Form<RegistrantAccessPermission>("addPermissionForm", addPermissionModel);
addPermissionForm.add(new DropDownChoice<String>("registrant", registrants));
addPermissionForm.add(new DropDownChoice<AccessPermission>("permission", Arrays
protected void onSubmit(AjaxRequestTarget target, Form<?> form) {
// add permission to our list
RegistrantAccessPermission rp = (RegistrantAccessPermission) form.getModel().getObject();
- permissions.add(DeepCopier.copy(rp));
+ RegistrantAccessPermission copy = DeepCopier.copy(rp);
+ if (StringUtils.findInvalidCharacter(copy.registrant) != null) {
+ copy.permissionType = PermissionType.REGEX;
+ }
+ permissions.add(copy);
// remove registrant from available choices
registrants.remove(rp.registrant);
add(addPermissionForm.setVisible(registrants.size() > 0));
}
+ protected boolean getStatelessHint()
+ {
+ return false;
+ }
+
+
private class AccessPermissionRenderer implements IChoiceRenderer<AccessPermission> {
private static final long serialVersionUID = 1L;
import com.gitblit.Constants.AccessPermission;\r
import com.gitblit.Constants.AccessRestrictionType;\r
import com.gitblit.Constants.AuthorizationControl;\r
+import com.gitblit.Constants.PermissionType;\r
import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.GitBlitException.UnauthorizedException;\r
import com.gitblit.Keys;\r
List<RegistrantAccessPermission> permissions = RpcUtils.getRepositoryMemberPermissions(retrievedRepository, url, account,\r
password.toCharArray());\r
assertEquals("Membership permissions is not empty!", 0, permissions.size());\r
- permissions.add(new RegistrantAccessPermission(testMember.username, AccessPermission.PUSH, true, RegistrantType.USER));\r
+ permissions.add(new RegistrantAccessPermission(testMember.username, AccessPermission.PUSH, PermissionType.EXPLICIT, RegistrantType.USER, true));\r
assertTrue(\r
"Failed to set member permissions!",\r
RpcUtils.setRepositoryMemberPermissions(retrievedRepository, permissions, url, account,\r
// set no teams\r
List<RegistrantAccessPermission> permissions = new ArrayList<RegistrantAccessPermission>();\r
for (String team : helloworldTeams) {\r
- permissions.add(new RegistrantAccessPermission(team, AccessPermission.NONE, true, RegistrantType.TEAM));\r
+ permissions.add(new RegistrantAccessPermission(team, AccessPermission.NONE, PermissionType.EXPLICIT, RegistrantType.TEAM, true));\r
}\r
assertTrue(RpcUtils.setRepositoryTeamPermissions(helloworld, permissions, url, account,\r
password.toCharArray()));\r
projects / gitblit.git / commitdiff