Clarified access restrictions.

author James Moger <james.moger@gitblit.com>

Thu, 12 May 2011 02:33:16 +0000 (22:33 -0400)

committer James Moger <james.moger@gitblit.com>

Thu, 12 May 2011 02:33:16 +0000 (22:33 -0400)
author James Moger <james.moger@gitblit.com>
Thu, 12 May 2011 02:33:16 +0000 (22:33 -0400)
committer James Moger <james.moger@gitblit.com>
Thu, 12 May 2011 02:33:16 +0000 (22:33 -0400)
diff --git a/src/com/gitblit/Constants.java b/src/com/gitblit/Constants.java

index 3ca917dcf7d5618d439f106cbf2961528b09bebb..7d1758db27e47e8c5e2ddca84cb4183011cdaea7 100644 (file)
--- a/src/com/gitblit/Constants.java
+++ b/src/com/gitblit/Constants.java
@@ -13,9 +13,9 @@ public class Constants {
         public static enum AccessRestrictionType {\r
                 NONE, PUSH, CLONE, VIEW;\r
  \r
-               public static AccessRestrictionType fromString(String name) {\r
+               public static AccessRestrictionType fromName(String name) {\r
                         for (AccessRestrictionType type : values()) {\r
-                               if (type.toString().equalsIgnoreCase(name)) {\r
+                               if (type.name().equalsIgnoreCase(name)) {\r
                                         return type;\r
                                 }\r
                         }\r
@@ -29,13 +29,13 @@ public class Constants {
                 public String toString() {\r
                         switch (this) {\r
                         case NONE:\r
-                               return "none";\r
+                               return "Anonymous View, Clone, & Push";\r
                         case PUSH:\r
-                               return "push";\r
+                               return "Anonymous View & Clone, Authenticated Push";\r
                         case CLONE:\r
-                               return "clone";\r
+                               return "Anonymous View, Authenticated Clone & Push";\r
                         case VIEW:\r
-                               return "view";\r
+                               return "Authenticated View, Clone, & Push";\r
                         }\r
                         return "none";\r
                 }\r
diff --git a/src/com/gitblit/GitBlit.java b/src/com/gitblit/GitBlit.java

index d0daa5362f03a681212897262a2df426364e82ec..40cb3886137836185575c880bf99ea44121e7414 100644 (file)
--- a/src/com/gitblit/GitBlit.java
+++ b/src/com/gitblit/GitBlit.java
@@ -140,7 +140,7 @@ public class GitBlit implements ServletContextListener {
         public RepositoryModel getRepositoryModel(UserModel user, String repositoryName) {\r
                 RepositoryModel model = getRepositoryModel(repositoryName);\r
                 if (model.accessRestriction.atLeast(AccessRestrictionType.VIEW)) {\r
-                       if (user != null && user.canView(model)) {\r
+                       if (user != null && user.canAccessRepository(model.name)) {\r
                                 return model;\r
                         }\r
                         return null;\r
@@ -161,7 +161,7 @@ public class GitBlit implements ServletContextListener {
                         model.owner = config.getString("gitblit", null, "owner");\r
                         model.useTickets = config.getBoolean("gitblit", "useTickets", false);\r
                         model.useDocs = config.getBoolean("gitblit", "useDocs", false);\r
-                       model.accessRestriction = AccessRestrictionType.fromString(config.getString("gitblit", null, "accessRestriction"));\r
+                       model.accessRestriction = AccessRestrictionType.fromName(config.getString("gitblit", null, "accessRestriction"));\r
                         model.showRemoteBranches = config.getBoolean("gitblit", "showRemoteBranches", false);\r
                 }\r
                 r.close();\r
@@ -195,7 +195,7 @@ public class GitBlit implements ServletContextListener {
                 config.setString("gitblit", null, "owner", repository.owner);\r
                 config.setBoolean("gitblit", null, "useTickets", repository.useTickets);\r
                 config.setBoolean("gitblit", null, "useDocs", repository.useDocs);\r
-               config.setString("gitblit", null, "accessRestriction", repository.accessRestriction.toString());\r
+               config.setString("gitblit", null, "accessRestriction", repository.accessRestriction.name());\r
                 config.setBoolean("gitblit", null, "showRemoteBranches", repository.showRemoteBranches);\r
                 try {\r
                         config.save();\r
diff --git a/src/com/gitblit/GitBlitServlet.java b/src/com/gitblit/GitBlitServlet.java

index cb23e47e44c5c2f5c98838f477ba4eeb6f0110ec..ffdc1b0443da4bccf40ede197b5973d360659816 100644 (file)
--- a/src/com/gitblit/GitBlitServlet.java
+++ b/src/com/gitblit/GitBlitServlet.java
@@ -49,9 +49,8 @@ public class GitBlitServlet extends GitServlet {
                                         boolean authorizedUser = req.isUserInRole(repository);\r
                                         if (function.startsWith("git-receive-pack") || (query.indexOf("service=git-receive-pack") > -1)) {\r
                                                 // Push request\r
-                                               boolean pushRestricted = model.accessRestriction.atLeast(AccessRestrictionType.PUSH);\r
-                                               if (!pushRestricted || (pushRestricted && authorizedUser)) {\r
-                                                       // push-unrestricted or push-authorized\r
+                                               if (authorizedUser) {\r
+                                                       // clone-restricted or push-authorized\r
                                                         super.service(req, rsp);\r
                                                         return;\r
                                                 } else {\r
@@ -64,7 +63,7 @@ public class GitBlitServlet extends GitServlet {
                                                 // Clone request\r
                                                 boolean cloneRestricted = model.accessRestriction.atLeast(AccessRestrictionType.CLONE);\r
                                                 if (!cloneRestricted || (cloneRestricted && authorizedUser)) {\r
-                                                       // clone-unrestricted or clone-authorized\r
+                                                       // push-restricted or clone-authorized\r
                                                         super.service(req, rsp);\r
                                                         return;\r
                                                 } else {\r
diff --git a/src/com/gitblit/wicket/models/UserModel.java b/src/com/gitblit/wicket/models/UserModel.java

index c65d3564e3121902cc9bd59e00914295ecf0d4d2..34c32e71148339826abff63099748c402badf9e7 100644 (file)
--- a/src/com/gitblit/wicket/models/UserModel.java
+++ b/src/com/gitblit/wicket/models/UserModel.java
@@ -4,8 +4,6 @@ import java.io.Serializable;
  import java.util.ArrayList;\r
  import java.util.List;\r
  \r
-import com.gitblit.Constants.AccessRestrictionType;\r
-\r
  public class UserModel implements Serializable {\r
  \r
         private static final long serialVersionUID = 1L;\r
@@ -39,27 +37,9 @@ public class UserModel implements Serializable {
         public boolean canAdmin() {\r
                 return canAdmin;\r
         }\r
-       \r
-       public boolean canClone(RepositoryModel repository) {\r
-               return canAccess(repository, AccessRestrictionType.CLONE);\r
-       }\r
  \r
-       public boolean canPush(RepositoryModel repository) {\r
-               return canAccess(repository, AccessRestrictionType.PUSH);\r
-       }\r
-       \r
-       public boolean canView(RepositoryModel repository) {\r
-               return canAccess(repository, AccessRestrictionType.VIEW);\r
-       }\r
-       \r
-       private boolean canAccess(RepositoryModel repository, AccessRestrictionType minimum) {\r
-               if (repository.accessRestriction.atLeast(minimum)) {\r
-                       // repository is restricted, must check roles\r
-                       return canAdmin || repositories.contains(repository.name);\r
-               } else {\r
-                       // repository is not restricted\r
-                       return true;\r
-               }\r
+       public boolean canAccessRepository(String repositoryName) {\r
+               return canAdmin || repositories.contains(repositoryName);\r
         }\r
  \r
         public void setCookie(String cookie) {\r
author	James Moger <james.moger@gitblit.com>
	Thu, 12 May 2011 02:33:16 +0000 (22:33 -0400)
committer	James Moger <james.moger@gitblit.com>
	Thu, 12 May 2011 02:33:16 +0000 (22:33 -0400)
src/com/gitblit/Constants.java		patch \| blob \| history
src/com/gitblit/GitBlit.java		patch \| blob \| history
src/com/gitblit/GitBlitServlet.java		patch \| blob \| history
src/com/gitblit/wicket/models/UserModel.java		patch \| blob \| history