--- /dev/null
+/*\r
+ * Copyright 2013 gitblit.com.\r
+ *\r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+package com.gitblit.tests;\r
+\r
+import java.io.File;\r
+\r
+import org.junit.Assert;\r
+import org.junit.Test;\r
+\r
+import com.gitblit.ConfigUserService;\r
+import com.gitblit.Constants.AccessPermission;\r
+import com.gitblit.Constants.AccessRestrictionType;\r
+import com.gitblit.models.RepositoryModel;\r
+import com.gitblit.models.TeamModel;\r
+import com.gitblit.models.UserModel;\r
+\r
+/**\r
+ * https://code.google.com/p/gitblit/issues/detail?id=259\r
+ * \r
+ * Reported Problem:\r
+ * We have an user with RWD access rights, but he can’t push.\r
+ * \r
+ * @see src/test/resources/issue0259.conf\r
+ * \r
+ * At the next day he try again and he can push to the project.\r
+ * \r
+ * @author James Moger\r
+ *\r
+ */\r
+public class Issue0259Test extends Assert {\r
+\r
+ RepositoryModel repo(String name, AccessRestrictionType restriction) {\r
+ RepositoryModel repo = new RepositoryModel();\r
+ repo.name = name;\r
+ repo.accessRestriction = restriction;\r
+ return repo;\r
+ }\r
+ \r
+ /**\r
+ * Test the provided users.conf file for expected access permissions.\r
+ * \r
+ * @throws Exception\r
+ */\r
+ @Test\r
+ public void testFile() throws Exception {\r
+ File realmFile = new File("src/test/resources/issue0259.conf");\r
+ ConfigUserService service = new ConfigUserService(realmFile);\r
+ \r
+ RepositoryModel test = repo("test.git", AccessRestrictionType.VIEW);\r
+ RepositoryModel projects_test = repo("projects/test.git", AccessRestrictionType.VIEW);\r
+ \r
+ UserModel a = service.getUserModel("a");\r
+ UserModel b = service.getUserModel("b");\r
+ UserModel c = service.getUserModel("c");\r
+ \r
+ // assert RWD or RW+ for projects/test.git\r
+ assertEquals(AccessPermission.DELETE, a.getRepositoryPermission(projects_test).permission);\r
+ assertEquals(AccessPermission.DELETE, b.getRepositoryPermission(projects_test).permission);\r
+ assertEquals(AccessPermission.REWIND, c.getRepositoryPermission(projects_test).permission);\r
+ \r
+ assertTrue(a.canPush(projects_test));\r
+ assertTrue(b.canPush(projects_test));\r
+ assertTrue(c.canPush(projects_test));\r
+\r
+ assertTrue(a.canDeleteRef(projects_test));\r
+ assertTrue(b.canDeleteRef(projects_test));\r
+ assertTrue(c.canDeleteRef(projects_test));\r
+\r
+ assertFalse(a.canRewindRef(projects_test));\r
+ assertFalse(b.canRewindRef(projects_test));\r
+ assertTrue(c.canRewindRef(projects_test));\r
+ \r
+ // assert R for test.git\r
+ assertEquals(AccessPermission.CLONE, a.getRepositoryPermission(test).permission);\r
+ assertEquals(AccessPermission.CLONE, b.getRepositoryPermission(test).permission);\r
+ assertEquals(AccessPermission.REWIND, c.getRepositoryPermission(test).permission);\r
+\r
+ assertTrue(a.canClone(test));\r
+ assertTrue(b.canClone(test));\r
+\r
+ assertFalse(a.canPush(test));\r
+ assertFalse(b.canPush(test));\r
+ assertTrue(c.canPush(test));\r
+ }\r
+ \r
+ @Test\r
+ public void testTeamsOrder() throws Exception {\r
+ testTeams(false);\r
+ }\r
+\r
+ @Test\r
+ public void testTeamsReverseOrder() throws Exception {\r
+ testTeams(true);\r
+ }\r
+\r
+ /**\r
+ * Tests multiple teams each with a regex permisson that will match. The\r
+ * highest matching permission should be used. Order should be irrelevant.\r
+ * \r
+ * @param reverseOrder\r
+ * @throws Exception\r
+ */\r
+ private void testTeams(boolean reverseOrder) throws Exception {\r
+ RepositoryModel test = repo("test.git", AccessRestrictionType.VIEW);\r
+ RepositoryModel projects_test = repo("projects/test.git", AccessRestrictionType.VIEW);\r
+ \r
+ TeamModel t1 = new TeamModel("t1");\r
+ t1.setRepositoryPermission(".*", AccessPermission.CLONE);\r
+ \r
+ TeamModel t2 = new TeamModel("t2");\r
+ t2.setRepositoryPermission("projects/.*", AccessPermission.DELETE); \r
+ \r
+ UserModel a = new UserModel("a");\r
+ if (reverseOrder) {\r
+ a.teams.add(t2);\r
+ a.teams.add(t1);\r
+ } else {\r
+ a.teams.add(t1);\r
+ a.teams.add(t2);\r
+ }\r
+ \r
+ assertEquals(AccessPermission.CLONE, a.getRepositoryPermission(test).permission);\r
+ assertEquals(AccessPermission.DELETE, a.getRepositoryPermission(projects_test).permission);\r
+ \r
+ assertTrue(a.canClone(test));\r
+ assertTrue(a.canClone(projects_test));\r
+ \r
+ assertFalse(a.canDeleteRef(test));\r
+ assertTrue(a.canDeleteRef(projects_test));\r
+ }\r
+ \r
+ @Test\r
+ public void testTeam() throws Exception {\r
+ testTeam(false); \r
+ }\r
+ \r
+ @Test\r
+ public void testTeamReverseOrder() throws Exception {\r
+ testTeam(true);\r
+ }\r
+ \r
+ /**\r
+ * Test a single team that has multiple repository permissions that all match.\r
+ * Here defined order IS important. The first permission match wins so it is\r
+ * important to define permissions from most-specific match to least-specific\r
+ * match.\r
+ * \r
+ * If the defined permissions are:\r
+ * R:.*\r
+ * RWD:projects/.*\r
+ * then the expected result is R for all repositories because it is first.\r
+ * \r
+ * But if the defined permissions are:\r
+ * RWD:projects/.*\r
+ * R:.*\r
+ * then the expected result is RWD for projects/test.git and R for test.git\r
+ * \r
+ * @param reverseOrder\r
+ * @throws Exception\r
+ */\r
+ private void testTeam(boolean reverseOrder) throws Exception {\r
+ RepositoryModel test = repo("test.git", AccessRestrictionType.VIEW);\r
+ RepositoryModel projects_test = repo("projects/test.git", AccessRestrictionType.VIEW);\r
+ \r
+ TeamModel t1 = new TeamModel("t1");\r
+ if (reverseOrder) {\r
+ t1.setRepositoryPermission("projects/.*", AccessPermission.DELETE);\r
+ t1.setRepositoryPermission(".*", AccessPermission.CLONE);\r
+ } else {\r
+ t1.setRepositoryPermission(".*", AccessPermission.CLONE);\r
+ t1.setRepositoryPermission("projects/.*", AccessPermission.DELETE);\r
+ }\r
+ UserModel a = new UserModel("a");\r
+ a.teams.add(t1);\r
+ \r
+ assertEquals(AccessPermission.CLONE, a.getRepositoryPermission(test).permission);\r
+ assertTrue(a.canClone(test));\r
+ assertFalse(a.canDeleteRef(test));\r
+ assertTrue(a.canClone(projects_test));\r
+\r
+ if (reverseOrder) {\r
+ // RWD permission is found first\r
+ assertEquals(AccessPermission.DELETE, a.getRepositoryPermission(projects_test).permission);\r
+ assertTrue(a.canDeleteRef(projects_test));\r
+ } else {\r
+ // R permission is found first\r
+ assertEquals(AccessPermission.CLONE, a.getRepositoryPermission(projects_test).permission);\r
+ assertFalse(a.canDeleteRef(projects_test));\r
+ }\r
+ }\r
+}\r
projects / gitblit.git / commitdiff