config.setStringList(USER, model.username, ROLE, roles);\r
\r
// discrete repository permissions\r
- if (model.permissions != null) {\r
+ if (model.permissions != null && !model.canAdmin) {\r
List<String> permissions = new ArrayList<String>();\r
for (Map.Entry<String, AccessPermission> entry : model.permissions.entrySet()) {\r
if (entry.getValue().exceeds(AccessPermission.NONE)) {\r
}\r
config.setStringList(TEAM, model.name, ROLE, roles);\r
\r
- if (model.permissions == null) {\r
- // null check on "final" repositories because JSON-sourced TeamModel\r
- // can have a null repositories object\r
- if (!ArrayUtils.isEmpty(model.repositories)) {\r
- config.setStringList(TEAM, model.name, REPOSITORY, new ArrayList<String>(\r
- model.repositories));\r
- }\r
- } else {\r
- // discrete repository permissions\r
- List<String> permissions = new ArrayList<String>();\r
- for (Map.Entry<String, AccessPermission> entry : model.permissions.entrySet()) {\r
- if (entry.getValue().exceeds(AccessPermission.NONE)) {\r
- // code:repository (e.g. RW+:~james/myrepo.git\r
- permissions.add(entry.getValue().asRole(entry.getKey()));\r
+ if (!model.canAdmin) {\r
+ // write team permission for non-admin teams\r
+ if (model.permissions == null) {\r
+ // null check on "final" repositories because JSON-sourced TeamModel\r
+ // can have a null repositories object\r
+ if (!ArrayUtils.isEmpty(model.repositories)) {\r
+ config.setStringList(TEAM, model.name, REPOSITORY, new ArrayList<String>(\r
+ model.repositories));\r
}\r
+ } else {\r
+ // discrete repository permissions\r
+ List<String> permissions = new ArrayList<String>();\r
+ for (Map.Entry<String, AccessPermission> entry : model.permissions.entrySet()) {\r
+ if (entry.getValue().exceeds(AccessPermission.NONE)) {\r
+ // code:repository (e.g. RW+:~james/myrepo.git\r
+ permissions.add(entry.getValue().asRole(entry.getKey()));\r
+ }\r
+ }\r
+ config.setStringList(TEAM, model.name, REPOSITORY, permissions);\r
}\r
- config.setStringList(TEAM, model.name, REPOSITORY, permissions);\r
}\r
\r
// null check on "final" users because JSON-sourced TeamModel\r
user.excludeFromFederation = roles.contains(Constants.NOT_FEDERATED_ROLE);\r
\r
// repository memberships\r
- Set<String> repositories = new HashSet<String>(Arrays.asList(config\r
- .getStringList(USER, username, REPOSITORY)));\r
- for (String repository : repositories) {\r
- user.addRepositoryPermission(repository);\r
+ if (!user.canAdmin) {\r
+ // non-admin, read permissions\r
+ Set<String> repositories = new HashSet<String>(Arrays.asList(config\r
+ .getStringList(USER, username, REPOSITORY)));\r
+ for (String repository : repositories) {\r
+ user.addRepositoryPermission(repository);\r
+ }\r
}\r
\r
// update cache\r
team.canFork = roles.contains(Constants.FORK_ROLE);\r
team.canCreate = roles.contains(Constants.CREATE_ROLE);\r
\r
- team.addRepositoryPermissions(Arrays.asList(config.getStringList(TEAM, teamname,\r
- REPOSITORY)));\r
+ if (!team.canAdmin) {\r
+ // non-admin team, read permissions\r
+ team.addRepositoryPermissions(Arrays.asList(config.getStringList(TEAM, teamname,\r
+ REPOSITORY)));\r
+ }\r
team.addUsers(Arrays.asList(config.getStringList(TEAM, teamname, USER)));\r
team.addMailingLists(Arrays.asList(config.getStringList(TEAM, teamname,\r
MAILINGLIST)));\r
*/\r
public List<RegistrantAccessPermission> getRepositoryPermissions() {\r
List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();\r
+ if (canAdmin()) {\r
+ // user has REWIND access to all repositories\r
+ return list;\r
+ }\r
for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) {\r
String registrant = entry.getKey();\r
+ AccessPermission ap = entry.getValue();\r
String source = null;\r
- boolean editable = true;\r
+ boolean mutable = true;\r
PermissionType pType = PermissionType.EXPLICIT;\r
- if (canAdmin()) {\r
- pType = PermissionType.ADMINISTRATOR;\r
- editable = false;\r
- } else if (isMyPersonalRepository(registrant)) {\r
+ if (isMyPersonalRepository(registrant)) {\r
pType = PermissionType.OWNER;\r
- editable = false;\r
+ ap = AccessPermission.REWIND;\r
+ mutable = false;\r
} else if (StringUtils.findInvalidCharacter(registrant) != null) {\r
// a regex will have at least 1 invalid character\r
pType = PermissionType.REGEX;\r
source = registrant;\r
}\r
- list.add(new RegistrantAccessPermission(registrant, entry.getValue(), pType, RegistrantType.REPOSITORY, source, editable));\r
+ list.add(new RegistrantAccessPermission(registrant, ap, pType, RegistrantType.REPOSITORY, source, mutable));\r
}\r
Collections.sort(list);\r
return list;\r