*/\r
public boolean hasRepositoryPermission(String name) {\r
String repository = AccessPermission.repositoryFromRole(name).toLowerCase();\r
- return permissions.containsKey(repository) || repositories.contains(repository);\r
+ if (permissions.containsKey(repository)) {\r
+ // exact repository permission specified\r
+ return true;\r
+ } else {\r
+ // search for regex permission match\r
+ for (String key : permissions.keySet()) {\r
+ if (name.matches(key)) {\r
+ AccessPermission p = permissions.get(key);\r
+ if (p != null) {\r
+ return true;\r
+ }\r
+ }\r
+ }\r
+ }\r
+ return false;\r
}\r
\r
/**\r
*/\r
public boolean hasRepositoryPermission(String name) {\r
String repository = AccessPermission.repositoryFromRole(name).toLowerCase();\r
- return permissions.containsKey(repository) || repositories.contains(repository);\r
+ if (permissions.containsKey(repository)) {\r
+ // exact repository permission specified\r
+ return true;\r
+ } else {\r
+ // search for regex permission match\r
+ for (String key : permissions.keySet()) {\r
+ if (name.matches(key)) {\r
+ AccessPermission p = permissions.get(key);\r
+ if (p != null) {\r
+ return true;\r
+ }\r
+ }\r
+ }\r
+ }\r
+ return false;\r
}\r
\r
/**\r
UserModel user = new UserModel("test");
repository.owner = user.username;
+ assertFalse("user SHOULD NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
assertTrue("owner CAN NOT view!", user.canView(repository));
assertTrue("owner CAN NOT clone!", user.canClone(repository));
assertTrue("owner CAN NOT push!", user.canPush(repository));
UserModel user = new UserModel("test");
repository.owner = user.username;
+ assertFalse("user SHOULD NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
assertTrue("user CAN NOT view!", user.canView(repository));
assertTrue("user CAN NOT clone!", user.canClone(repository));
assertTrue("user CAN NOT push!", user.canPush(repository));
UserModel user = new UserModel("visitor");
repository.owner = "test";
+ assertFalse("user HAS a repository permission!", user.hasRepositoryPermission(repository.name));
assertFalse("user CAN view!", user.canView(repository));
assertFalse("user CAN clone!", user.canClone(repository));
assertFalse("user CAN push!", user.canPush(repository));
UserModel user = new UserModel("test");
user.setRepositoryPermission("ubercool/[A-Za-z0-9-~_\\./]+", AccessPermission.CLONE);
+ assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
assertTrue("user CAN NOT view!", user.canView(repository));
assertTrue("user CAN NOT clone!", user.canClone(repository));
assertFalse("user CAN push!", user.canPush(repository));
projects / gitblit.git / commitdiff