fixes:
- Fixed incorrect tagger attribution in the dashboard (issue-276)
- Fixed support for implied SSH urls in web.otherUrls (issue-311)
+ - Fixed injection of unnecessary explicit CLONE permissions for a fork when users or teams already had implied regex permissions (issue-320)
- Bind LDAP connection after establishing TLS initialization (issue-343)
- Fixed NPE when attempting to add a permission without a registrant (issue-344)
- Invalidate all cached repository data on "clear cache" (issue-346)
if (!ArrayUtils.isEmpty(repository.owners)) {
for (String owner : repository.owners) {
UserModel originOwner = userManager.getUserModel(owner);
- if (originOwner != null) {
+ if (originOwner != null && !originOwner.canClone(cloneModel)) {
+ // origin owner can't yet clone fork, grant explicit clone access
originOwner.setRepositoryPermission(cloneName, AccessPermission.CLONE);
reviseUser(originOwner.username, originOwner);
}
for (String name : users) {
if (!name.equalsIgnoreCase(user.username)) {
UserModel cloneUser = userManager.getUserModel(name);
- if (cloneUser.canClone(repository)) {
- // origin user can clone origin, grant clone access to fork
+ if (cloneUser.canClone(repository) && !cloneUser.canClone(cloneModel)) {
+ // origin user can't yet clone fork, grant explicit clone access
cloneUser.setRepositoryPermission(cloneName, AccessPermission.CLONE);
}
cloneUsers.add(cloneUser);
List<TeamModel> cloneTeams = new ArrayList<TeamModel>();
for (String name : teams) {
TeamModel cloneTeam = userManager.getTeamModel(name);
- if (cloneTeam.canClone(repository)) {
- // origin team can clone origin, grant clone access to fork
+ if (cloneTeam.canClone(repository) && !cloneTeam.canClone(cloneModel)) {
+ // origin team can't yet clone fork, grant explicit clone access
cloneTeam.setRepositoryPermission(cloneName, AccessPermission.CLONE);
}
cloneTeams.add(cloneTeam);
projects / gitblit.git / commitdiff