Fix inconsistency with owner permissions check

diff --git a/src/main/java/com/gitblit/models/RepositoryModel.java b/src/main/java/com/gitblit/models/RepositoryModel.java
index f84e96b938f63fa012ae3db2f1f17bb058d4b768..a81c622af4d35f0d319b2802429e7447ea2aaad4 100644 (file)
--- a/src/main/java/com/gitblit/models/RepositoryModel.java
+++ b/src/main/java/com/gitblit/models/RepositoryModel.java
@@ -182,9 +182,9 @@ public class RepositoryModel implements Serializable, Comparable<RepositoryModel
 \r
        public boolean isOwner(String username) {\r
                if (StringUtils.isEmpty(username) || ArrayUtils.isEmpty(owners)) {\r
-                       return false;\r
+                       return isUsersPersonalRepository(username);\r
                }\r
-               return owners.contains(username.toLowerCase());\r
+               return owners.contains(username.toLowerCase()) || isUsersPersonalRepository(username);\r
        }\r
 \r
        public boolean isPersonalRepository() {\r

diff --git a/src/main/java/com/gitblit/models/UserModel.java b/src/main/java/com/gitblit/models/UserModel.java
index 64bca82562248e47ef90de1c512b44354defa438..e15227482f2ea9d99cc186c502fa216bf2b0f73a 100644 (file)
--- a/src/main/java/com/gitblit/models/UserModel.java
+++ b/src/main/java/com/gitblit/models/UserModel.java
@@ -552,15 +552,15 @@ public class UserModel implements Principal, Serializable, Comparable<UserModel>
                }\r
                return false;\r
        }\r
-       \r
+\r
        /**\r
         * Returns true if the user is allowed to administer the specified repository\r
-        * \r
+        *\r
         * @param repo\r
         * @return true if the user can administer the repository\r
         */\r
        public boolean canAdmin(RepositoryModel repo) {\r
-               return canAdmin() || isMyPersonalRepository(repo.name);\r
+               return canAdmin() || repo.isOwner(username) || isMyPersonalRepository(repo.name);\r
        }\r
 \r
        public boolean isAuthenticated() {\r

diff --git a/src/test/java/com/gitblit/tests/PermissionsTest.java b/src/test/java/com/gitblit/tests/PermissionsTest.java
index cffce51b15a06db2e7af1dc0a76494f0cac2a43e..46695e951ce391bd9ed986f12f52259c59bd2024 100644 (file)
--- a/src/test/java/com/gitblit/tests/PermissionsTest.java
+++ b/src/test/java/com/gitblit/tests/PermissionsTest.java
@@ -2508,7 +2508,7 @@ public class PermissionsTest extends GitblitUnitTest {
 
        @Test
        public void testOwner() throws Exception {
-               RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
+               RepositoryModel repository = new RepositoryModel("~jj/myrepo.git", null, null, new Date());
                repository.authorizationControl = AuthorizationControl.NAMED;
                repository.accessRestriction = AccessRestrictionType.VIEW;
 
@@ -2530,11 +2530,30 @@ public class PermissionsTest extends GitblitUnitTest {
 
                assertFalse("owner CAN NOT delete!", user.canDelete(repository));
                assertTrue("owner CAN NOT edit!", user.canEdit(repository));
+
+               // test personal repo owner
+               UserModel jj = new UserModel("jj");
+               assertFalse("jj SHOULD NOT HAVE a repository permission!", jj.hasRepositoryPermission(repository.name));
+               assertTrue("jj CAN NOT view!", jj.canView(repository));
+               assertTrue("jj CAN NOT clone!", jj.canClone(repository));
+               assertTrue("jj CAN NOT push!", jj.canPush(repository));
+
+               assertTrue("jj CAN NOT create ref!", jj.canCreateRef(repository));
+               assertTrue("jj CAN NOT delete ref!", jj.canDeleteRef(repository));
+               assertTrue("jj CAN NOT rewind ref!", jj.canRewindRef(repository));
+
+               assertEquals("jj has wrong permission!", AccessPermission.REWIND, jj.getRepositoryPermission(repository).permission);
+
+               assertFalse("jj CAN fork!", jj.canFork(repository));
+
+               assertTrue("jj CAN NOT delete!", jj.canDelete(repository));
+               assertTrue("jj CAN NOT edit!", jj.canEdit(repository));
+               assertTrue(repository.isOwner(jj.username));
        }
 
        @Test
        public void testMultipleOwners() throws Exception {
-               RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
+               RepositoryModel repository = new RepositoryModel("~jj/myrepo.git", null, null, new Date());
                repository.authorizationControl = AuthorizationControl.NAMED;
                repository.accessRestriction = AccessRestrictionType.VIEW;
 
@@ -2579,6 +2598,25 @@ public class PermissionsTest extends GitblitUnitTest {
 
                assertTrue(repository.isOwner(user.username));
                assertTrue(repository.isOwner(user2.username));
+
+               // test personal repo owner
+               UserModel jj = new UserModel("jj");
+               assertFalse("jj SHOULD NOT HAVE a repository permission!", jj.hasRepositoryPermission(repository.name));
+               assertTrue("jj CAN NOT view!", jj.canView(repository));
+               assertTrue("jj CAN NOT clone!", jj.canClone(repository));
+               assertTrue("jj CAN NOT push!", jj.canPush(repository));
+
+               assertTrue("jj CAN NOT create ref!", jj.canCreateRef(repository));
+               assertTrue("jj CAN NOT delete ref!", jj.canDeleteRef(repository));
+               assertTrue("jj CAN NOT rewind ref!", jj.canRewindRef(repository));
+
+               assertEquals("jj has wrong permission!", AccessPermission.REWIND, jj.getRepositoryPermission(repository).permission);
+
+               assertFalse("jj CAN fork!", jj.canFork(repository));
+
+               assertTrue("jj CAN NOT delete!", jj.canDelete(repository));
+               assertTrue("jj CAN NOT edit!", jj.canEdit(repository));
+               assertTrue(repository.isOwner(jj.username));
        }
 
        @Test