From 58e7ec808177e53981792b1489695a51d2c91fe5 Mon Sep 17 00:00:00 2001 From: James Moger Date: Wed, 10 Oct 2012 17:13:18 -0400 Subject: [PATCH] Add regex permission matching to hasRepositoryPermission check (issue 36) --- src/com/gitblit/models/TeamModel.java | 16 +++++++++++++++- src/com/gitblit/models/UserModel.java | 16 +++++++++++++++- tests/com/gitblit/tests/PermissionsTest.java | 4 ++++ 3 files changed, 34 insertions(+), 2 deletions(-) diff --git a/src/com/gitblit/models/TeamModel.java b/src/com/gitblit/models/TeamModel.java index 0b9c5069..896adfe6 100644 --- a/src/com/gitblit/models/TeamModel.java +++ b/src/com/gitblit/models/TeamModel.java @@ -92,7 +92,21 @@ public class TeamModel implements Serializable, Comparable { */ public boolean hasRepositoryPermission(String name) { String repository = AccessPermission.repositoryFromRole(name).toLowerCase(); - return permissions.containsKey(repository) || repositories.contains(repository); + if (permissions.containsKey(repository)) { + // exact repository permission specified + return true; + } else { + // search for regex permission match + for (String key : permissions.keySet()) { + if (name.matches(key)) { + AccessPermission p = permissions.get(key); + if (p != null) { + return true; + } + } + } + } + return false; } /** diff --git a/src/com/gitblit/models/UserModel.java b/src/com/gitblit/models/UserModel.java index a4a40245..d8c2abe3 100644 --- a/src/com/gitblit/models/UserModel.java +++ b/src/com/gitblit/models/UserModel.java @@ -132,7 +132,21 @@ public class UserModel implements Principal, Serializable, Comparable */ public boolean hasRepositoryPermission(String name) { String repository = AccessPermission.repositoryFromRole(name).toLowerCase(); - return permissions.containsKey(repository) || repositories.contains(repository); + if (permissions.containsKey(repository)) { + // exact repository permission specified + return true; + } else { + // search for regex permission match + for (String key : permissions.keySet()) { + if (name.matches(key)) { + AccessPermission p = permissions.get(key); + if (p != null) { + return true; + } + } + } + } + return false; } /** diff --git a/tests/com/gitblit/tests/PermissionsTest.java b/tests/com/gitblit/tests/PermissionsTest.java index 83ab11e1..41ff5a63 100644 --- a/tests/com/gitblit/tests/PermissionsTest.java +++ b/tests/com/gitblit/tests/PermissionsTest.java @@ -2329,6 +2329,7 @@ public class PermissionsTest extends Assert { UserModel user = new UserModel("test"); repository.owner = user.username; + assertFalse("user SHOULD NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name)); assertTrue("owner CAN NOT view!", user.canView(repository)); assertTrue("owner CAN NOT clone!", user.canClone(repository)); assertTrue("owner CAN NOT push!", user.canPush(repository)); @@ -2352,6 +2353,7 @@ public class PermissionsTest extends Assert { UserModel user = new UserModel("test"); repository.owner = user.username; + assertFalse("user SHOULD NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name)); assertTrue("user CAN NOT view!", user.canView(repository)); assertTrue("user CAN NOT clone!", user.canClone(repository)); assertTrue("user CAN NOT push!", user.canPush(repository)); @@ -2375,6 +2377,7 @@ public class PermissionsTest extends Assert { UserModel user = new UserModel("visitor"); repository.owner = "test"; + assertFalse("user HAS a repository permission!", user.hasRepositoryPermission(repository.name)); assertFalse("user CAN view!", user.canView(repository)); assertFalse("user CAN clone!", user.canClone(repository)); assertFalse("user CAN push!", user.canPush(repository)); @@ -2398,6 +2401,7 @@ public class PermissionsTest extends Assert { UserModel user = new UserModel("test"); user.setRepositoryPermission("ubercool/[A-Za-z0-9-~_\\./]+", AccessPermission.CLONE); + assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name)); assertTrue("user CAN NOT view!", user.canView(repository)); assertTrue("user CAN NOT clone!", user.canClone(repository)); assertFalse("user CAN push!", user.canPush(repository)); -- 2.39.5