super(req);\r
user = new UserModel("anonymous");\r
}\r
- \r
+\r
UserModel getUser() {\r
return user;\r
}\r
if (role.equals(Constants.ADMIN_ROLE)) {\r
return user.canAdmin;\r
}\r
+ // Gitblit does not currently use actual roles in the traditional\r
+ // servlet container sense. That is the reason this is marked\r
+ // deprecated, but I may want to revisit this.\r
return user.canAccessRepository(role);\r
}\r
\r
*/\r
@Override\r
protected boolean canAccess(RepositoryModel repository, UserModel user, String action) {\r
- return user.canAccessRepository(repository.name);\r
+ return user.canAccessRepository(repository);\r
}\r
\r
}\r
return null;\r
}\r
if (model.accessRestriction.atLeast(AccessRestrictionType.VIEW)) {\r
- if (user != null && user.canAccessRepository(model.name)) {\r
+ if (user != null && user.canAccessRepository(model)) {\r
return model;\r
}\r
return null;\r
}\r
boolean readOnly = repository.isFrozen;\r
if (readOnly || repository.accessRestriction.atLeast(AccessRestrictionType.PUSH)) {\r
- boolean authorizedUser = user.canAccessRepository(repository.name);\r
+ boolean authorizedUser = user.canAccessRepository(repository);\r
if (action.equals(gitReceivePack)) {\r
// Push request\r
if (!readOnly && authorizedUser) {\r
*/\r
@Override\r
protected boolean canAccess(RepositoryModel repository, UserModel user, String action) {\r
- return user.canAccessRepository(repository.name);\r
+ return user.canAccessRepository(repository);\r
}\r
\r
}\r
import java.util.HashSet;\r
import java.util.Set;\r
\r
+import com.gitblit.utils.StringUtils;\r
+\r
/**\r
* UserModel is a serializable model class that represents a user and the user's\r
* restricted repository memberships. Instances of UserModels are also used as\r
this.username = username;\r
}\r
\r
+ /**\r
+ * This method does not take into consideration Ownership where the\r
+ * administrator has not explicitly granted access to the owner.\r
+ * \r
+ * @param repositoryName\r
+ * @return\r
+ */\r
+ @Deprecated\r
public boolean canAccessRepository(String repositoryName) {\r
return canAdmin || repositories.contains(repositoryName.toLowerCase());\r
}\r
\r
+ public boolean canAccessRepository(RepositoryModel repository) {\r
+ boolean isOwner = !StringUtils.isEmpty(repository.owner)\r
+ && repository.owner.equals(username);\r
+ return canAdmin || isOwner || repositories.contains(repository.name.toLowerCase());\r
+ }\r
+\r
public void addRepository(String name) {\r
repositories.add(name.toLowerCase());\r
}\r
model.canAdmin = false;\r
assertFalse("Admin should not have #admin!", model.canAdmin);\r
String repository = GitBlitSuite.getHelloworldRepository().getDirectory().getName();\r
- assertFalse("Admin can still access repository!", model.canAccessRepository(repository));\r
+ RepositoryModel repositoryModel = GitBlit.self().getRepositoryModel(model, repository);\r
+ assertFalse("Admin can still access repository!", model.canAccessRepository(repositoryModel));\r
model.addRepository(repository);\r
- assertTrue("Admin can't access repository!", model.canAccessRepository(repository));\r
+ assertTrue("Admin can't access repository!", model.canAccessRepository(repositoryModel));\r
assertEquals(GitBlit.self().getRepositoryModel(model, "pretend"), null);\r
assertNotNull(GitBlit.self().getRepositoryModel(model, repository));\r
assertTrue(GitBlit.self().getRepositoryModels(model).size() > 0);\r
projects / gitblit.git / commitdiff