public List<RegistrantAccessPermission> getUserAccessPermissions(RepositoryModel repository) {\r
List<RegistrantAccessPermission> permissions = new ArrayList<RegistrantAccessPermission>();\r
for (String user : userService.getUsernamesForRepositoryRole(repository.name)) {\r
- AccessPermission ap = userService.getUserModel(user).getRepositoryPermission(repository);\r
- permissions.add(new RegistrantAccessPermission(user, ap, RegistrantType.USER));\r
+ UserModel model = userService.getUserModel(user);\r
+ AccessPermission ap = model.getRepositoryPermission(repository);\r
+ boolean isExplicit = model.hasExplicitRepositoryPermission(repository.name);\r
+ permissions.add(new RegistrantAccessPermission(user, ap, isExplicit, RegistrantType.USER));\r
}\r
return permissions;\r
}\r
public boolean setUserAccessPermissions(RepositoryModel repository, Collection<RegistrantAccessPermission> permissions) {\r
List<UserModel> users = new ArrayList<UserModel>();\r
for (RegistrantAccessPermission up : permissions) {\r
- UserModel user = userService.getUserModel(up.registrant);\r
- user.setRepositoryPermission(repository.name, up.permission);\r
- users.add(user);\r
+ if (up.isExplicit) {\r
+ // only set explicitly defined permissions\r
+ UserModel user = userService.getUserModel(up.registrant);\r
+ user.setRepositoryPermission(repository.name, up.permission);\r
+ users.add(user);\r
+ }\r
}\r
return userService.updateUserModels(users);\r
}\r
public List<RegistrantAccessPermission> getTeamAccessPermissions(RepositoryModel repository) {\r
List<RegistrantAccessPermission> permissions = new ArrayList<RegistrantAccessPermission>();\r
for (String team : userService.getTeamnamesForRepositoryRole(repository.name)) {\r
- AccessPermission ap = userService.getTeamModel(team).getRepositoryPermission(repository);\r
- permissions.add(new RegistrantAccessPermission(team, ap, RegistrantType.TEAM));\r
+ TeamModel model = userService.getTeamModel(team);\r
+ AccessPermission ap = model.getRepositoryPermission(repository);\r
+ boolean isExplicit = model.hasExplicitRepositoryPermission(repository.name);\r
+ permissions.add(new RegistrantAccessPermission(team, ap, isExplicit, RegistrantType.TEAM));\r
}\r
return permissions;\r
}\r
public boolean setTeamAccessPermissions(RepositoryModel repository, Collection<RegistrantAccessPermission> permissions) {\r
List<TeamModel> teams = new ArrayList<TeamModel>();\r
for (RegistrantAccessPermission tp : permissions) {\r
- TeamModel team = userService.getTeamModel(tp.registrant);\r
- team.setRepositoryPermission(repository.name, tp.permission);\r
- teams.add(team);\r
+ if (tp.isExplicit) {\r
+ // only set explicitly defined access permissions\r
+ TeamModel team = userService.getTeamModel(tp.registrant);\r
+ team.setRepositoryPermission(repository.name, tp.permission);\r
+ teams.add(team);\r
+ }\r
}\r
return userService.updateTeamModels(teams);\r
}\r
import java.util.TreeSet;\r
\r
import com.gitblit.Constants;\r
+import com.gitblit.Constants.AccessPermission;\r
import com.gitblit.Constants.AccessRestrictionType;\r
import com.gitblit.Constants.AuthorizationControl;\r
import com.gitblit.Constants.RegistrantType;\r
import com.gitblit.GitBlitException.UnauthorizedException;\r
import com.gitblit.GitBlitException.UnknownRequestException;\r
import com.gitblit.Keys;\r
-import com.gitblit.models.RegistrantAccessPermission;\r
import com.gitblit.models.FederationModel;\r
import com.gitblit.models.FeedEntryModel;\r
import com.gitblit.models.FeedModel;\r
+import com.gitblit.models.RegistrantAccessPermission;\r
import com.gitblit.models.RepositoryModel;\r
import com.gitblit.models.ServerSettings;\r
import com.gitblit.models.ServerStatus;\r
List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();\r
for (UserModel user : allUsers) {\r
if (user.hasRepositoryPermission(repository.name)) {\r
- list.add(new RegistrantAccessPermission(user.username, user.permissions.get(repository.name), RegistrantType.USER));\r
+ AccessPermission ap = user.getRepositoryPermission(repository);\r
+ boolean isExplicit = user.hasExplicitRepositoryPermission(repository.name);\r
+ list.add(new RegistrantAccessPermission(user.username, ap, isExplicit, RegistrantType.USER));\r
}\r
}\r
return list;\r
List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();\r
for (TeamModel team : allTeams) {\r
if (team.hasRepositoryPermission(repository.name)) {\r
- list.add(new RegistrantAccessPermission(team.name, team.permissions.get(repository.name), RegistrantType.TEAM));\r
+ AccessPermission ap = team.getRepositoryPermission(repository);\r
+ boolean isExplicit = team.hasExplicitRepositoryPermission(repository.name);\r
+ list.add(new RegistrantAccessPermission(team.name, ap, isExplicit, RegistrantType.TEAM));\r
}\r
}\r
return list;\r
import javax.swing.JPanel;\r
import javax.swing.JScrollPane;\r
import javax.swing.JTable;\r
+import javax.swing.SwingConstants;\r
+import javax.swing.table.DefaultTableCellRenderer;\r
\r
import com.gitblit.Constants.AccessPermission;\r
import com.gitblit.models.RegistrantAccessPermission;\r
JScrollPane jsp = new JScrollPane(permissionsTable);\r
add(jsp, BorderLayout.CENTER);\r
\r
+ permissionsTable.getColumnModel().getColumn(RegistrantPermissionsTableModel.Columns.Type.ordinal())\r
+ .setCellRenderer(new RegexRenderer());\r
permissionsTable.getColumnModel().getColumn(RegistrantPermissionsTableModel.Columns.Permission.ordinal())\r
- .setCellEditor(new AccessPermissionEditor());\r
+ .setCellEditor(new AccessPermissionEditor());\r
\r
registrantModel = new DefaultComboBoxModel();\r
registrantSelector = new JComboBox(registrantModel);\r
super(new JComboBox(AccessPermission.values()));\r
}\r
}\r
+ \r
+ private class RegexRenderer extends DefaultTableCellRenderer {\r
+\r
+ private static final long serialVersionUID = 1L;\r
+\r
+ public RegexRenderer() {\r
+ super();\r
+ setHorizontalAlignment(SwingConstants.CENTER);\r
+ }\r
+\r
+ @Override\r
+ protected void setValue(Object value) {\r
+ boolean isExplicit = (Boolean) value;\r
+ if (isExplicit) {\r
+ // explicit permission\r
+ setText("");\r
+ setToolTipText(null);\r
+ } else {\r
+ // regex matched permission\r
+ setText("regex");\r
+ setToolTipText(Translation.get("gb.regexPermission"));\r
+ }\r
+ }\r
+ }\r
}\r
List<RegistrantAccessPermission> permissions;\r
\r
enum Columns {\r
- Registrant, Permission;\r
+ Registrant, Type, Permission;\r
\r
@Override\r
public String toString() {\r
switch (col) {\r
case Registrant:\r
return Translation.get("gb.name");\r
+ case Type:\r
+ return Translation.get("gb.type");\r
case Permission:\r
return Translation.get("gb.permission");\r
}\r
public Class<?> getColumnClass(int columnIndex) {\r
if (columnIndex == Columns.Permission.ordinal()) {\r
return AccessPermission.class;\r
+ } else if (columnIndex == Columns.Type.ordinal()) {\r
+ return Boolean.class;\r
}\r
return String.class;\r
}\r
\r
@Override\r
public boolean isCellEditable(int rowIndex, int columnIndex) {\r
- return columnIndex == Columns.Permission.ordinal();\r
+ if (columnIndex == Columns.Permission.ordinal()) {\r
+ // in order for the permission to be editable it must be\r
+ // explicitly defined on the object. regex permissions are inherited\r
+ // and therefore can not be directly manipulated unless the current\r
+ // object is the source of the regex (i.e. a user or team with explicit\r
+ // regex definition)\r
+ return permissions.get(rowIndex).isExplicit;\r
+ }\r
+ return false;\r
}\r
\r
@Override\r
switch (col) {\r
case Registrant:\r
return rp.registrant;\r
+ case Type:\r
+ return rp.isExplicit;\r
case Permission:\r
return rp.permission;\r
}\r
public String registrant;
public AccessPermission permission;
public RegistrantType type;
+ public boolean isExplicit;
public RegistrantAccessPermission() {
+ isExplicit = true;
}
- public RegistrantAccessPermission(String registrant, AccessPermission permission, RegistrantType type) {
+ public RegistrantAccessPermission(String registrant, AccessPermission permission, boolean isExplicit, RegistrantType type) {
this.registrant = registrant;
this.permission = permission;
+ this.isExplicit = isExplicit;
this.type = type;
}
public List<RegistrantAccessPermission> getRepositoryPermissions() {\r
List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();\r
for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) {\r
- list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), RegistrantType.REPOSITORY));\r
+ list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), true, RegistrantType.REPOSITORY));\r
}\r
Collections.sort(list);\r
return list;\r
return false;\r
}\r
\r
+ /**\r
+ * Returns true if the team has an explicitly specified access permission for\r
+ * this repository.\r
+ * \r
+ * @param name\r
+ * @return if the team has an explicitly specified access permission\r
+ */\r
+ public boolean hasExplicitRepositoryPermission(String name) {\r
+ String repository = AccessPermission.repositoryFromRole(name).toLowerCase();\r
+ return permissions.containsKey(repository);\r
+ }\r
+ \r
/**\r
* Adds a repository permission to the team.\r
* <p>\r
public List<RegistrantAccessPermission> getRepositoryPermissions() {\r
List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();\r
for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) {\r
- list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), RegistrantType.REPOSITORY));\r
+ list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), true, RegistrantType.REPOSITORY));\r
}\r
Collections.sort(list);\r
return list;\r
return false;\r
}\r
\r
+ /**\r
+ * Returns true if the user has an explicitly specified access permission for\r
+ * this repository.\r
+ * \r
+ * @param name\r
+ * @return if the user has an explicitly specified access permission\r
+ */\r
+ public boolean hasExplicitRepositoryPermission(String name) {\r
+ String repository = AccessPermission.repositoryFromRole(name).toLowerCase();\r
+ return permissions.containsKey(repository);\r
+ }\r
+ \r
/**\r
* Adds a repository permission to the team.\r
* <p>\r
gb.deletePermission = {0} (push, ref creation+deletion)\r
gb.rewindPermission = {0} (push, ref creation+deletion+rewind)\r
gb.permission = permission\r
+gb.regexPermission = this permission is set from a regular expression
\ No newline at end of file
<wicket:panel>\r
\r
<div wicket:id="permissionRow">\r
- <div style="padding-top:10px" class="row-fluid">\r
- <span class="span8" wicket:id="registrant"></span> <select class="input-medium" wicket:id="permission"></select>\r
+ <div style="padding-top:10px;border-left:1px solid #ccc;border-right:1px solid #ccc;" class="row-fluid">\r
+ <div style="padding-top:5px;padding-left:5px;" class="span6" wicket:id="registrant"></div><div style="padding-top:5px;" class="span2"><span class="label label-info" wicket:id="regex">[regex]</span></div> <select class="input-medium" wicket:id="permission"></select>\r
</div>\r
</div>\r
\r
import com.gitblit.Constants.AccessPermission;
import com.gitblit.models.RegistrantAccessPermission;
import com.gitblit.utils.DeepCopier;
+import com.gitblit.wicket.WicketUtils;
/**
* Allows user to manipulate registrant access permissions.
public void populateItem(final Item<RegistrantAccessPermission> item) {
final RegistrantAccessPermission entry = item.getModelObject();
item.add(new Label("registrant", entry.registrant));
+ if (entry.isExplicit) {
+ item.add(new Label("regex", "").setVisible(false));
+ } else {
+ Label regex = new Label("regex", "regex");
+ WicketUtils.setHtmlTooltip(regex, getString("gb.regexPermission"));
+ item.add(regex);
+ }
// use ajax to get immediate update of permission level change
// otherwise we can lose it if they change levels and then add
// a new repository permission
final DropDownChoice<AccessPermission> permissionChoice = new DropDownChoice<AccessPermission>(
"permission", Arrays.asList(AccessPermission.values()), new AccessPermissionRenderer(translations));
- permissionChoice.add(new AjaxFormComponentUpdatingBehavior("onchange") {
+ // only allow changing an explicitly defined permission
+ // this is designed to prevent changing a regex permission in
+ // a repository
+ permissionChoice.setEnabled(entry.isExplicit);
+ if (entry.isExplicit) {
+ permissionChoice.add(new AjaxFormComponentUpdatingBehavior("onchange") {
- private static final long serialVersionUID = 1L;
+ private static final long serialVersionUID = 1L;
- protected void onUpdate(AjaxRequestTarget target) {
- target.addComponent(permissionChoice);
- }
- });
+ protected void onUpdate(AjaxRequestTarget target) {
+ target.addComponent(permissionChoice);
+ }
+ });
+ }
item.add(permissionChoice);
}
List<RegistrantAccessPermission> permissions = RpcUtils.getRepositoryMemberPermissions(retrievedRepository, url, account,\r
password.toCharArray());\r
assertEquals("Membership permissions is not empty!", 0, permissions.size());\r
- permissions.add(new RegistrantAccessPermission(testMember.username, AccessPermission.PUSH, RegistrantType.USER));\r
+ permissions.add(new RegistrantAccessPermission(testMember.username, AccessPermission.PUSH, true, RegistrantType.USER));\r
assertTrue(\r
"Failed to set member permissions!",\r
RpcUtils.setRepositoryMemberPermissions(retrievedRepository, permissions, url, account,\r
// set no teams\r
List<RegistrantAccessPermission> permissions = new ArrayList<RegistrantAccessPermission>();\r
for (String team : helloworldTeams) {\r
- permissions.add(new RegistrantAccessPermission(team, AccessPermission.NONE, RegistrantType.TEAM));\r
+ permissions.add(new RegistrantAccessPermission(team, AccessPermission.NONE, true, RegistrantType.TEAM));\r
}\r
assertTrue(RpcUtils.setRepositoryTeamPermissions(helloworld, permissions, url, account,\r
password.toCharArray()));\r
projects / gitblit.git / commitdiff