From 822dfe5d6f1b97b7849bc6fd735ee8c9d1103c19 Mon Sep 17 00:00:00 2001 From: James Moger Date: Fri, 19 Oct 2012 21:32:57 -0400 Subject: [PATCH] Completed permissions UI, RPC, and Manager support (issue 36) --- docs/02_rpc.mkd | 18 +- docs/04_releases.mkd | 11 +- src/com/gitblit/ConfigUserService.java | 12 +- src/com/gitblit/Constants.java | 5 + src/com/gitblit/FederationPullExecutor.java | 4 +- src/com/gitblit/FileUserService.java | 3 +- src/com/gitblit/GitBlit.java | 43 ++--- src/com/gitblit/RpcServlet.java | 35 ++-- .../gitblit/client/EditRepositoryDialog.java | 29 ++-- src/com/gitblit/client/EditTeamDialog.java | 23 ++- src/com/gitblit/client/EditUserDialog.java | 22 ++- src/com/gitblit/client/GitblitClient.java | 51 ++++-- .../client/RegistrantPermissionsPanel.java | 140 ++++++++++++++++ .../RegistrantPermissionsTableModel.java | 120 +++++++++++++ src/com/gitblit/client/RepositoriesPanel.java | 21 ++- src/com/gitblit/client/TeamsPanel.java | 2 +- src/com/gitblit/client/UsersPanel.java | 2 +- src/com/gitblit/client/UsersTableModel.java | 4 +- ...n.java => RegistrantAccessPermission.java} | 26 ++- .../gitblit/models/TeamAccessPermission.java | 51 ------ src/com/gitblit/models/TeamModel.java | 7 +- .../gitblit/models/UserAccessPermission.java | 51 ------ src/com/gitblit/models/UserModel.java | 11 +- src/com/gitblit/utils/RpcUtils.java | 62 +++++-- .../gitblit/wicket/GitBlitWebApp.properties | 3 +- .../wicket/pages/EditRepositoryPage.java | 16 +- .../gitblit/wicket/pages/EditTeamPage.java | 12 +- .../gitblit/wicket/pages/EditUserPage.java | 14 +- ...l.html => RegistrantPermissionsPanel.html} | 4 +- ...l.java => RegistrantPermissionsPanel.java} | 56 +++---- .../wicket/panels/TeamPermissionsPanel.html | 24 --- .../wicket/panels/TeamPermissionsPanel.java | 157 ------------------ .../wicket/panels/UserPermissionsPanel.html | 24 --- .../wicket/panels/UserPermissionsPanel.java | 157 ------------------ src/com/gitblit/wicket/panels/UsersPanel.java | 2 +- tests/com/gitblit/tests/RpcTests.java | 27 ++- 36 files changed, 582 insertions(+), 667 deletions(-) create mode 100644 src/com/gitblit/client/RegistrantPermissionsPanel.java create mode 100644 src/com/gitblit/client/RegistrantPermissionsTableModel.java rename src/com/gitblit/models/{RepositoryAccessPermission.java => RegistrantAccessPermission.java} (56%) delete mode 100644 src/com/gitblit/models/TeamAccessPermission.java delete mode 100644 src/com/gitblit/models/UserAccessPermission.java rename src/com/gitblit/wicket/panels/{RepositoryPermissionsPanel.html => RegistrantPermissionsPanel.html} (83%) rename src/com/gitblit/wicket/panels/{RepositoryPermissionsPanel.java => RegistrantPermissionsPanel.java} (66%) delete mode 100644 src/com/gitblit/wicket/panels/TeamPermissionsPanel.html delete mode 100644 src/com/gitblit/wicket/panels/TeamPermissionsPanel.java delete mode 100644 src/com/gitblit/wicket/panels/UserPermissionsPanel.html delete mode 100644 src/com/gitblit/wicket/panels/UserPermissionsPanel.java diff --git a/docs/02_rpc.mkd b/docs/02_rpc.mkd index d05ca27f..35528bfc 100644 --- a/docs/02_rpc.mkd +++ b/docs/02_rpc.mkd @@ -64,10 +64,18 @@ The Gitblit API includes methods for retrieving and interpreting RSS feeds. The Gitblit v0.7.01 (inferred version) Gitblit v0.8.02 Gitblit v0.9.0 - v1.0.03 -Gitblit v1.1.0+4 +Gitblit v1.1.04 +Gitblit v1.2.0+5 +#### Protocol Version 5 + +- *SET_REPOSITORY_MEMBERS* will reject all calls because this would elevate all discrete permissions to RW+ +Use *SET_REPOSITORY_MEMBER_PERMISSIONS* instead. +- *SET_REPOSITORY_TEAMS* will reject all calls because this would elevate all discrete permissions to RW+ +Use *SET_REPOSITORY_TEAM_PERMISSIONS* instead. + ### RPC Request and Response Types @@ -90,9 +98,13 @@ The Gitblit API includes methods for retrieving and interpreting RSS feeds. The - + + + - + + + diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd index 920ae386..70e0ad2f 100644 --- a/docs/04_releases.mkd +++ b/docs/04_releases.mkd @@ -1,8 +1,10 @@ ## Release History -
+

Update Note

-If you are updating from an earlier release AND you have indexed branches with the Lucene indexing feature, you need to be aware that this release will completely re-index your repositories. Please be sure to provide ample heap resources as appropriate for your installation. +The permissions model has changed in this release. +

+If you are updating your server, you must also update any Gitblit Manager and Federation Client installs to 1.2.0 as well. The data model used by the RPC mechanism has changed slightly for the new permissions infrastructure.

### Current Release @@ -65,6 +67,11 @@ If *realm.ldap.maintainTeams==true* **AND** *realm.ldap.admins* is not empty, th ### Older Releases +
+

Update Note

+If you are updating from an earlier release AND you have indexed branches with the Lucene indexing feature, you need to be aware that this release will completely re-index your repositories. Please be sure to provide ample heap resources as appropriate for your installation. +
+ **1.1.0** *released 2012-08-25* #### fixes diff --git a/src/com/gitblit/ConfigUserService.java b/src/com/gitblit/ConfigUserService.java index 82cd33e3..015cef76 100644 --- a/src/com/gitblit/ConfigUserService.java +++ b/src/com/gitblit/ConfigUserService.java @@ -840,16 +840,8 @@ public class ConfigUserService implements IUserService { } config.setStringList(USER, model.username, ROLE, roles); - // repository memberships - if (model.permissions == null) { - // null check on "final" repositories because JSON-sourced UserModel - // can have a null repositories object - if (!ArrayUtils.isEmpty(model.repositories)) { - config.setStringList(USER, model.username, REPOSITORY, new ArrayList( - model.repositories)); - } - } else { - // discrete repository permissions + // discrete repository permissions + if (model.permissions != null) { List permissions = new ArrayList(); for (Map.Entry entry : model.permissions.entrySet()) { if (entry.getValue().exceeds(AccessPermission.NONE)) { diff --git a/src/com/gitblit/Constants.java b/src/com/gitblit/Constants.java index 0e68355e..970c3db5 100644 --- a/src/com/gitblit/Constants.java +++ b/src/com/gitblit/Constants.java @@ -255,6 +255,7 @@ public class Constants { LIST_USERS, CREATE_USER, EDIT_USER, DELETE_USER, LIST_TEAMS, CREATE_TEAM, EDIT_TEAM, DELETE_TEAM, LIST_REPOSITORY_MEMBERS, SET_REPOSITORY_MEMBERS, LIST_REPOSITORY_TEAMS, SET_REPOSITORY_TEAMS, + LIST_REPOSITORY_MEMBER_PERMISSIONS, SET_REPOSITORY_MEMBER_PERMISSIONS, LIST_REPOSITORY_TEAM_PERMISSIONS, SET_REPOSITORY_TEAM_PERMISSIONS, LIST_FEDERATION_REGISTRATIONS, LIST_FEDERATION_RESULTS, LIST_FEDERATION_PROPOSALS, LIST_FEDERATION_SETS, EDIT_SETTINGS, LIST_STATUS; @@ -379,6 +380,10 @@ public class Constants { } } + public static enum RegistrantType { + REPOSITORY, USER, TEAM; + } + @Documented @Retention(RetentionPolicy.RUNTIME) public @interface Unused { diff --git a/src/com/gitblit/FederationPullExecutor.java b/src/com/gitblit/FederationPullExecutor.java index 03109dea..19afacc7 100644 --- a/src/com/gitblit/FederationPullExecutor.java +++ b/src/com/gitblit/FederationPullExecutor.java @@ -335,7 +335,7 @@ public class FederationPullExecutor implements Runnable { // reparent all repository permissions if the local // repositories are stored within subfolders if (!StringUtils.isEmpty(registrationFolder)) { - if (user.permissions != null && user.permissions.size() > 0) { + if (user.permissions != null) { // pulling from >= 1.2 version Map copy = new HashMap(user.permissions); user.permissions.clear(); @@ -359,7 +359,7 @@ public class FederationPullExecutor implements Runnable { GitBlit.self().updateUserModel(user.username, user, true); } else { // update repository permissions of local user - if (user.permissions != null && user.permissions.size() > 0) { + if (user.permissions != null) { // pulling from >= 1.2 version Map copy = new HashMap(user.permissions); for (Map.Entry entry : copy.entrySet()) { diff --git a/src/com/gitblit/FileUserService.java b/src/com/gitblit/FileUserService.java index d411b68f..39c9a5dc 100644 --- a/src/com/gitblit/FileUserService.java +++ b/src/com/gitblit/FileUserService.java @@ -329,8 +329,7 @@ public class FileUserService extends FileSettings implements IUserService { UserModel oldUser = getUserModel(username); List roles; if (model.permissions == null) { - // legacy, use repository list - roles = new ArrayList(model.repositories); + roles = new ArrayList(); } else { // discrete repository permissions roles = new ArrayList(); diff --git a/src/com/gitblit/GitBlit.java b/src/com/gitblit/GitBlit.java index af13e02d..ce556b6e 100644 --- a/src/com/gitblit/GitBlit.java +++ b/src/com/gitblit/GitBlit.java @@ -78,20 +78,20 @@ import com.gitblit.Constants.AuthorizationControl; import com.gitblit.Constants.FederationRequest; import com.gitblit.Constants.FederationStrategy; import com.gitblit.Constants.FederationToken; +import com.gitblit.Constants.RegistrantType; import com.gitblit.models.FederationModel; import com.gitblit.models.FederationProposal; import com.gitblit.models.FederationSet; import com.gitblit.models.ForkModel; import com.gitblit.models.Metric; import com.gitblit.models.ProjectModel; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.RepositoryModel; import com.gitblit.models.SearchResult; import com.gitblit.models.ServerSettings; import com.gitblit.models.ServerStatus; import com.gitblit.models.SettingModel; -import com.gitblit.models.TeamAccessPermission; import com.gitblit.models.TeamModel; -import com.gitblit.models.UserAccessPermission; import com.gitblit.models.UserModel; import com.gitblit.utils.ArrayUtils; import com.gitblit.utils.ByteFormat; @@ -637,11 +637,11 @@ public class GitBlit implements ServletContextListener { * @param repository * @return a list of User-AccessPermission tuples */ - public List getUserAccessPermissions(RepositoryModel repository) { - List permissions = new ArrayList(); + public List getUserAccessPermissions(RepositoryModel repository) { + List permissions = new ArrayList(); for (String user : userService.getUsernamesForRepositoryRole(repository.name)) { AccessPermission ap = userService.getUserModel(user).getRepositoryPermission(repository); - permissions.add(new UserAccessPermission(user, ap)); + permissions.add(new RegistrantAccessPermission(user, ap, RegistrantType.USER)); } return permissions; } @@ -653,10 +653,10 @@ public class GitBlit implements ServletContextListener { * @param permissions * @return true if the user models have been updated */ - public boolean setUserAccessPermissions(RepositoryModel repository, List permissions) { + public boolean setUserAccessPermissions(RepositoryModel repository, Collection permissions) { List users = new ArrayList(); - for (UserAccessPermission up : permissions) { - UserModel user = userService.getUserModel(up.user); + for (RegistrantAccessPermission up : permissions) { + UserModel user = userService.getUserModel(up.registrant); user.setRepositoryPermission(repository.name, up.permission); users.add(user); } @@ -686,7 +686,9 @@ public class GitBlit implements ServletContextListener { */ @Deprecated public boolean setRepositoryUsers(RepositoryModel repository, List repositoryUsers) { - return userService.setUsernamesForRepositoryRole(repository.name, repositoryUsers); + // rejects all changes since 1.2.0 because this would elevate + // all discrete access permissions to RW+ + return false; } /** @@ -767,11 +769,11 @@ public class GitBlit implements ServletContextListener { * @param repository * @return a list of Team-AccessPermission tuples */ - public List getTeamAccessPermissions(RepositoryModel repository) { - List permissions = new ArrayList(); + public List getTeamAccessPermissions(RepositoryModel repository) { + List permissions = new ArrayList(); for (String team : userService.getTeamnamesForRepositoryRole(repository.name)) { AccessPermission ap = userService.getTeamModel(team).getRepositoryPermission(repository); - permissions.add(new TeamAccessPermission(team, ap)); + permissions.add(new RegistrantAccessPermission(team, ap, RegistrantType.TEAM)); } return permissions; } @@ -783,10 +785,10 @@ public class GitBlit implements ServletContextListener { * @param permissions * @return true if the team models have been updated */ - public boolean setTeamAccessPermissions(RepositoryModel repository, List permissions) { + public boolean setTeamAccessPermissions(RepositoryModel repository, Collection permissions) { List teams = new ArrayList(); - for (TeamAccessPermission tp : permissions) { - TeamModel team = userService.getTeamModel(tp.team); + for (RegistrantAccessPermission tp : permissions) { + TeamModel team = userService.getTeamModel(tp.registrant); team.setRepositoryPermission(repository.name, tp.permission); teams.add(team); } @@ -794,14 +796,13 @@ public class GitBlit implements ServletContextListener { } /** - * Returns the list of all teams who are allowed to bypass the access - * restriction placed on the specified repository. + * Returns the list of all teams who have an explicit access permission for + * the specified repository. * * @see IUserService.getTeamnamesForRepositoryRole(String) * @param repository - * @return list of all teamnames that can bypass the access restriction + * @return list of all teamnames with explicit access permissions to the repository */ - @Deprecated public List getRepositoryTeams(RepositoryModel repository) { return userService.getTeamnamesForRepositoryRole(repository.name); } @@ -817,7 +818,9 @@ public class GitBlit implements ServletContextListener { */ @Deprecated public boolean setRepositoryTeams(RepositoryModel repository, List repositoryTeams) { - return userService.setTeamnamesForRepositoryRole(repository.name, repositoryTeams); + // rejects all changes since 1.2.0 because this would elevate + // all discrete access permissions to RW+ + return false; } /** diff --git a/src/com/gitblit/RpcServlet.java b/src/com/gitblit/RpcServlet.java index 2a6ba26c..0c9ac379 100644 --- a/src/com/gitblit/RpcServlet.java +++ b/src/com/gitblit/RpcServlet.java @@ -30,6 +30,7 @@ import javax.servlet.http.HttpServletResponse; import org.eclipse.jgit.lib.Repository; import com.gitblit.Constants.RpcRequest; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.RefModel; import com.gitblit.models.RepositoryModel; import com.gitblit.models.ServerSettings; @@ -49,7 +50,7 @@ public class RpcServlet extends JsonServlet { private static final long serialVersionUID = 1L; - public static final int PROTOCOL_VERSION = 4; + public static final int PROTOCOL_VERSION = 5; public RpcServlet() { super(); @@ -226,25 +227,33 @@ public class RpcServlet extends JsonServlet { RepositoryModel model = GitBlit.self().getRepositoryModel(objectName); result = GitBlit.self().getRepositoryUsers(model); } else if (RpcRequest.SET_REPOSITORY_MEMBERS.equals(reqType)) { - // update repository access list + // rejected since 1.2.0 + response.setStatus(failureCode); + } else if (RpcRequest.LIST_REPOSITORY_MEMBER_PERMISSIONS.equals(reqType)) { + // get repository member permissions RepositoryModel model = GitBlit.self().getRepositoryModel(objectName); - Collection names = deserialize(request, response, RpcUtils.NAMES_TYPE); - List users = new ArrayList(names); - if (!GitBlit.self().setRepositoryUsers(model, users)) { - response.setStatus(failureCode); - } + result = GitBlit.self().getUserAccessPermissions(model); + } else if (RpcRequest.SET_REPOSITORY_MEMBER_PERMISSIONS.equals(reqType)) { + // set the repository permissions for the specified users + RepositoryModel model = GitBlit.self().getRepositoryModel(objectName); + Collection permissions = deserialize(request, response, RpcUtils.REGISTRANT_PERMISSIONS_TYPE); + result = GitBlit.self().setUserAccessPermissions(model, permissions); } else if (RpcRequest.LIST_REPOSITORY_TEAMS.equals(reqType)) { // get repository teams RepositoryModel model = GitBlit.self().getRepositoryModel(objectName); result = GitBlit.self().getRepositoryTeams(model); } else if (RpcRequest.SET_REPOSITORY_TEAMS.equals(reqType)) { - // update repository team access list + // rejected since 1.2.0 + response.setStatus(failureCode); + } else if (RpcRequest.LIST_REPOSITORY_TEAM_PERMISSIONS.equals(reqType)) { + // get repository team permissions RepositoryModel model = GitBlit.self().getRepositoryModel(objectName); - Collection names = deserialize(request, response, RpcUtils.NAMES_TYPE); - List teams = new ArrayList(names); - if (!GitBlit.self().setRepositoryTeams(model, teams)) { - response.setStatus(failureCode); - } + result = GitBlit.self().getTeamAccessPermissions(model); + } else if (RpcRequest.SET_REPOSITORY_TEAM_PERMISSIONS.equals(reqType)) { + // set the repository permissions for the specified teams + RepositoryModel model = GitBlit.self().getRepositoryModel(objectName); + Collection permissions = deserialize(request, response, RpcUtils.REGISTRANT_PERMISSIONS_TYPE); + result = GitBlit.self().setTeamAccessPermissions(model, permissions); } else if (RpcRequest.LIST_FEDERATION_REGISTRATIONS.equals(reqType)) { // return the list of federation registrations if (allowAdmin) { diff --git a/src/com/gitblit/client/EditRepositoryDialog.java b/src/com/gitblit/client/EditRepositoryDialog.java index e15b1546..0adf8a80 100644 --- a/src/com/gitblit/client/EditRepositoryDialog.java +++ b/src/com/gitblit/client/EditRepositoryDialog.java @@ -59,6 +59,7 @@ import javax.swing.ScrollPaneConstants; import com.gitblit.Constants.AccessRestrictionType; import com.gitblit.Constants.AuthorizationControl; import com.gitblit.Constants.FederationStrategy; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.RepositoryModel; import com.gitblit.utils.ArrayUtils; import com.gitblit.utils.StringUtils; @@ -116,11 +117,11 @@ public class EditRepositoryDialog extends JDialog { private JComboBox headRefField; - private JPalette usersPalette; + private RegistrantPermissionsPanel usersPalette; private JPalette setsPalette; - private JPalette teamsPalette; + private RegistrantPermissionsPanel teamsPalette; private JPalette indexedBranchesPalette; @@ -280,7 +281,7 @@ public class EditRepositoryDialog extends JDialog { clonePushPanel .add(newFieldPanel(Translation.get("gb.verifyCommitter"), verifyCommitter)); - usersPalette = new JPalette(); + usersPalette = new RegistrantPermissionsPanel(); JPanel northAccessPanel = new JPanel(new BorderLayout(5, 5)); northAccessPanel.add(newFieldPanel(Translation.get("gb.accessRestriction"), accessRestriction), BorderLayout.NORTH); @@ -290,13 +291,13 @@ public class EditRepositoryDialog extends JDialog { JPanel accessPanel = new JPanel(new BorderLayout(5, 5)); accessPanel.add(northAccessPanel, BorderLayout.NORTH); - accessPanel.add(newFieldPanel(Translation.get("gb.permittedUsers"), + accessPanel.add(newFieldPanel(Translation.get("gb.userPermissions"), usersPalette), BorderLayout.CENTER); - teamsPalette = new JPalette(); + teamsPalette = new RegistrantPermissionsPanel(); JPanel teamsPanel = new JPanel(new BorderLayout(5, 5)); teamsPanel.add( - newFieldPanel(Translation.get("gb.permittedTeams"), + newFieldPanel(Translation.get("gb.teamPermissions"), teamsPalette), BorderLayout.CENTER); setsPalette = new JPalette(); @@ -545,16 +546,16 @@ public class EditRepositoryDialog extends JDialog { this.allowNamed.setSelected(!authenticated); } - public void setUsers(String owner, List all, List selected) { + public void setUsers(String owner, List all, List permissions) { ownerField.setModel(new DefaultComboBoxModel(all.toArray())); if (!StringUtils.isEmpty(owner)) { ownerField.setSelectedItem(owner); } - usersPalette.setObjects(all, selected); + usersPalette.setObjects(all, permissions); } - public void setTeams(List all, List selected) { - teamsPalette.setObjects(all, selected); + public void setTeams(List all, List permissions) { + teamsPalette.setObjects(all, permissions); } public void setRepositories(List repositories) { @@ -607,12 +608,12 @@ public class EditRepositoryDialog extends JDialog { return repository; } - public List getPermittedUsers() { - return usersPalette.getSelections(); + public List getUserAccessPermissions() { + return usersPalette.getPermissions(); } - public List getPermittedTeams() { - return teamsPalette.getSelections(); + public List getTeamAccessPermissions() { + return teamsPalette.getPermissions(); } public void setCustomFields(RepositoryModel repository, Map customFields) { diff --git a/src/com/gitblit/client/EditTeamDialog.java b/src/com/gitblit/client/EditTeamDialog.java index 57d6bcfb..4eb07295 100644 --- a/src/com/gitblit/client/EditTeamDialog.java +++ b/src/com/gitblit/client/EditTeamDialog.java @@ -45,6 +45,7 @@ import javax.swing.JTextField; import javax.swing.KeyStroke; import com.gitblit.Constants.AccessRestrictionType; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.RepositoryModel; import com.gitblit.models.ServerSettings; import com.gitblit.models.TeamModel; @@ -74,7 +75,7 @@ public class EditTeamDialog extends JDialog { private JTextField mailingListsField; - private JPalette repositoryPalette; + private RegistrantPermissionsPanel repositoryPalette; private JPalette userPalette; @@ -138,7 +139,7 @@ public class EditTeamDialog extends JDialog { fieldsPanel.add(newFieldPanel(Translation.get("gb.mailingLists"), mailingListsField)); final Insets _insets = new Insets(5, 5, 5, 5); - repositoryPalette = new JPalette(); + repositoryPalette = new RegistrantPermissionsPanel(); userPalette = new JPalette(); userPalette.setEnabled(settings.supportsTeamMembershipChanges); @@ -278,8 +279,9 @@ public class EditTeamDialog extends JDialog { team.mailingLists.addAll(list); } - team.repositories.clear(); - team.repositories.addAll(repositoryPalette.getSelections()); + for (RegistrantAccessPermission rp : repositoryPalette.getPermissions()) { + team.setRepositoryPermission(rp.registrant, rp.permission); + } team.users.clear(); team.users.addAll(userPalette.getSelections()); @@ -305,18 +307,21 @@ public class EditTeamDialog extends JDialog { } } - public void setRepositories(List repositories, List selected) { + public void setRepositories(List repositories, List permissions) { List restricted = new ArrayList(); for (RepositoryModel repo : repositories) { if (repo.accessRestriction.exceeds(AccessRestrictionType.NONE)) { restricted.add(repo.name); } } - StringUtils.sortRepositorynames(restricted); - if (selected != null) { - StringUtils.sortRepositorynames(selected); + + // remove repositories for which team already has a permission + for (RegistrantAccessPermission rp : permissions) { + restricted.remove(rp.registrant); } - repositoryPalette.setObjects(restricted, selected); + + StringUtils.sortRepositorynames(restricted); + repositoryPalette.setObjects(restricted, permissions); } public void setUsers(List users, List selected) { diff --git a/src/com/gitblit/client/EditUserDialog.java b/src/com/gitblit/client/EditUserDialog.java index 4ef036e8..5b789da5 100644 --- a/src/com/gitblit/client/EditUserDialog.java +++ b/src/com/gitblit/client/EditUserDialog.java @@ -47,6 +47,7 @@ import javax.swing.KeyStroke; import com.gitblit.Constants.AccessRestrictionType; import com.gitblit.Keys; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.RepositoryModel; import com.gitblit.models.ServerSettings; import com.gitblit.models.TeamModel; @@ -85,7 +86,7 @@ public class EditUserDialog extends JDialog { private JCheckBox notFederatedCheckbox; - private JPalette repositoryPalette; + private RegistrantPermissionsPanel repositoryPalette; private JPalette teamsPalette; @@ -157,7 +158,7 @@ public class EditUserDialog extends JDialog { notFederatedCheckbox)); final Insets _insets = new Insets(5, 5, 5, 5); - repositoryPalette = new JPalette(); + repositoryPalette = new RegistrantPermissionsPanel(); teamsPalette = new JPalette(); teamsPalette.setEnabled(settings.supportsTeamMembershipChanges); @@ -318,8 +319,9 @@ public class EditUserDialog extends JDialog { user.canCreate = canCreateCheckbox.isSelected(); user.excludeFromFederation = notFederatedCheckbox.isSelected(); - user.repositories.clear(); - user.repositories.addAll(repositoryPalette.getSelections()); + for (RegistrantAccessPermission rp : repositoryPalette.getPermissions()) { + user.setRepositoryPermission(rp.registrant, rp.permission); + } user.teams.clear(); user.teams.addAll(teamsPalette.getSelections()); @@ -338,18 +340,20 @@ public class EditUserDialog extends JDialog { } } - public void setRepositories(List repositories, List selected) { + public void setRepositories(List repositories, List permissions) { List restricted = new ArrayList(); for (RepositoryModel repo : repositories) { if (repo.accessRestriction.exceeds(AccessRestrictionType.NONE)) { restricted.add(repo.name); } } - StringUtils.sortRepositorynames(restricted); - if (selected != null) { - StringUtils.sortRepositorynames(selected); + // remove repositories for which user already has a permission + for (RegistrantAccessPermission rp : permissions) { + restricted.remove(rp.registrant); } - repositoryPalette.setObjects(restricted, selected); + + StringUtils.sortRepositorynames(restricted); + repositoryPalette.setObjects(restricted, permissions); } public void setTeams(List teams, List selected) { diff --git a/src/com/gitblit/client/GitblitClient.java b/src/com/gitblit/client/GitblitClient.java index 52d4e06d..9815cbe8 100644 --- a/src/com/gitblit/client/GitblitClient.java +++ b/src/com/gitblit/client/GitblitClient.java @@ -35,6 +35,7 @@ import com.gitblit.GitBlitException.NotAllowedException; import com.gitblit.GitBlitException.UnauthorizedException; import com.gitblit.GitBlitException.UnknownRequestException; import com.gitblit.Keys; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.FederationModel; import com.gitblit.models.FeedEntryModel; import com.gitblit.models.FeedModel; @@ -485,12 +486,20 @@ public class GitblitClient implements Serializable { public List getPermittedUsernames(RepositoryModel repository) { List usernames = new ArrayList(); for (UserModel user : this.allUsers) { - if (user.repositories.contains(repository.name)) { + if (user.hasRepositoryPermission(repository.name)) { usernames.add(user.username); } } return usernames; } + + public List getUserAccessPermissions(RepositoryModel repository) throws IOException { + return RpcUtils.getRepositoryMemberPermissions(repository, url, account, password); + } + + public boolean setUserAccessPermissions(RepositoryModel repository, List permissions) throws IOException { + return RpcUtils.setRepositoryMemberPermissions(repository, permissions, url, account, password); + } public List getTeams() { return allTeams; @@ -508,12 +517,20 @@ public class GitblitClient implements Serializable { public List getPermittedTeamnames(RepositoryModel repository) { List teamnames = new ArrayList(); for (TeamModel team : this.allTeams) { - if (team.repositories.contains(repository.name)) { + if (team.hasRepositoryPermission(repository.name)) { teamnames.add(team.name); } } return teamnames; } + + public List getTeamAccessPermissions(RepositoryModel repository) throws IOException { + return RpcUtils.getRepositoryTeamPermissions(repository, url, account, password); + } + + public boolean setTeamAccessPermissions(RepositoryModel repository, List permissions) throws IOException { + return RpcUtils.setRepositoryTeamPermissions(repository, permissions, url, account, password); + } public TeamModel getTeamModel(String name) { for (TeamModel team : allTeams) { @@ -532,44 +549,44 @@ public class GitblitClient implements Serializable { return allRepositories; } - public boolean createRepository(RepositoryModel repository, List permittedUsers) + public boolean createRepository(RepositoryModel repository, List userPermissions) throws IOException { - return createRepository(repository, permittedUsers, null); + return createRepository(repository, userPermissions, null); } - public boolean createRepository(RepositoryModel repository, List permittedUsers, - List permittedTeams) throws IOException { + public boolean createRepository(RepositoryModel repository, List userPermissions, + List teamPermissions) throws IOException { boolean success = true; success &= RpcUtils.createRepository(repository, url, account, password); - if (permittedUsers != null && permittedUsers.size() > 0) { + if (userPermissions != null && userPermissions.size() > 0) { // if new repository has named members, set them - success &= RpcUtils.setRepositoryMembers(repository, permittedUsers, url, account, + success &= RpcUtils.setRepositoryMemberPermissions(repository, userPermissions, url, account, password); } - if (permittedTeams != null && permittedTeams.size() > 0) { + if (teamPermissions != null && teamPermissions.size() > 0) { // if new repository has named teams, set them - success &= RpcUtils.setRepositoryTeams(repository, permittedTeams, url, account, + success &= RpcUtils.setRepositoryTeamPermissions(repository, teamPermissions, url, account, password); } return success; } public boolean updateRepository(String name, RepositoryModel repository, - List permittedUsers) throws IOException { - return updateRepository(name, repository, permittedUsers, null); + List userPermissions) throws IOException { + return updateRepository(name, repository, userPermissions, null); } public boolean updateRepository(String name, RepositoryModel repository, - List permittedUsers, List permittedTeams) throws IOException { + List userPermissions, List teamPermissions) throws IOException { boolean success = true; success &= RpcUtils.updateRepository(name, repository, url, account, password); // set the repository members - if (permittedUsers != null) { - success &= RpcUtils.setRepositoryMembers(repository, permittedUsers, url, account, + if (userPermissions != null) { + success &= RpcUtils.setRepositoryMemberPermissions(repository, userPermissions, url, account, password); } - if (permittedTeams != null) { - success &= RpcUtils.setRepositoryTeams(repository, permittedTeams, url, account, + if (teamPermissions != null) { + success &= RpcUtils.setRepositoryTeamPermissions(repository, teamPermissions, url, account, password); } return success; diff --git a/src/com/gitblit/client/RegistrantPermissionsPanel.java b/src/com/gitblit/client/RegistrantPermissionsPanel.java new file mode 100644 index 00000000..fa7ff5a8 --- /dev/null +++ b/src/com/gitblit/client/RegistrantPermissionsPanel.java @@ -0,0 +1,140 @@ +/* + * Copyright 2012 gitblit.com. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.gitblit.client; + +import java.awt.BorderLayout; +import java.awt.Dimension; +import java.awt.event.ActionEvent; +import java.awt.event.ActionListener; +import java.util.ArrayList; +import java.util.List; + +import javax.swing.DefaultCellEditor; +import javax.swing.DefaultComboBoxModel; +import javax.swing.JButton; +import javax.swing.JComboBox; +import javax.swing.JPanel; +import javax.swing.JScrollPane; +import javax.swing.JTable; + +import com.gitblit.Constants.AccessPermission; +import com.gitblit.models.RegistrantAccessPermission; + +public class RegistrantPermissionsPanel extends JPanel { + + private static final long serialVersionUID = 1L; + + private JTable permissionsTable; + + private RegistrantPermissionsTableModel tableModel; + + private DefaultComboBoxModel registrantModel; + + private JComboBox registrantSelector; + + private JComboBox permissionSelector; + + private JButton addButton; + + private JPanel addPanel; + + public RegistrantPermissionsPanel() { + super(new BorderLayout(5, 5)); + tableModel = new RegistrantPermissionsTableModel(); + permissionsTable = new JTable(tableModel); + permissionsTable.setPreferredScrollableViewportSize(new Dimension(400, 150)); + JScrollPane jsp = new JScrollPane(permissionsTable); + add(jsp, BorderLayout.CENTER); + + permissionsTable.getColumnModel().getColumn(RegistrantPermissionsTableModel.Columns.Permission.ordinal()) + .setCellEditor(new AccessPermissionEditor()); + + registrantModel = new DefaultComboBoxModel(); + registrantSelector = new JComboBox(registrantModel); + permissionSelector = new JComboBox(AccessPermission.NEWPERMISSIONS); + addButton = new JButton(Translation.get("gb.add")); + addButton.addActionListener(new ActionListener() { + public void actionPerformed(ActionEvent e) { + if (registrantSelector.getSelectedIndex() < 0) { + return; + } + if (permissionSelector.getSelectedIndex() < 0) { + return; + } + + RegistrantAccessPermission rp = new RegistrantAccessPermission(); + rp.registrant = registrantSelector.getSelectedItem().toString(); + rp.permission = (AccessPermission) permissionSelector.getSelectedItem(); + tableModel.permissions.add(rp); + + registrantModel.removeElement(rp.registrant); + registrantSelector.setSelectedIndex(-1); + registrantSelector.invalidate(); + addPanel.setVisible(registrantModel.getSize() > 0); + + tableModel.fireTableDataChanged(); + } + }); + + addPanel = new JPanel(); + addPanel.add(registrantSelector); + addPanel.add(permissionSelector); + addPanel.add(addButton); + add(addPanel, BorderLayout.SOUTH); + } + + @Override + public void setEnabled(boolean enabled) { + super.setEnabled(enabled); + permissionsTable.setEnabled(false); + } + + public void setObjects(List registrants, List permissions) { + List filtered; + if (registrants == null) { + filtered = new ArrayList(); + } else { + filtered = new ArrayList(registrants); + } + if (permissions == null) { + permissions = new ArrayList(); + } + for (RegistrantAccessPermission rp : permissions) { + filtered.remove(rp.registrant); + } + for (String registrant : filtered) { + registrantModel.addElement(registrant); + } + tableModel.setPermissions(permissions); + + registrantSelector.setSelectedIndex(-1); + permissionSelector.setSelectedIndex(-1); + addPanel.setVisible(filtered.size() > 0); + } + + public List getPermissions() { + return tableModel.permissions; + } + + private class AccessPermissionEditor extends DefaultCellEditor { + + private static final long serialVersionUID = 1L; + + public AccessPermissionEditor() { + super(new JComboBox(AccessPermission.values())); + } + } +} diff --git a/src/com/gitblit/client/RegistrantPermissionsTableModel.java b/src/com/gitblit/client/RegistrantPermissionsTableModel.java new file mode 100644 index 00000000..91acec8b --- /dev/null +++ b/src/com/gitblit/client/RegistrantPermissionsTableModel.java @@ -0,0 +1,120 @@ +/* + * Copyright 2012 gitblit.com. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.gitblit.client; + +import java.util.ArrayList; +import java.util.List; + +import javax.swing.table.AbstractTableModel; + +import com.gitblit.Constants.AccessPermission; +import com.gitblit.models.RegistrantAccessPermission; + +/** + * Table model of a registrant permissions. + * + * @author James Moger + * + */ +public class RegistrantPermissionsTableModel extends AbstractTableModel { + + private static final long serialVersionUID = 1L; + + List permissions; + + enum Columns { + Registrant, Permission; + + @Override + public String toString() { + return name().replace('_', ' '); + } + } + + public RegistrantPermissionsTableModel() { + this(new ArrayList()); + } + + public RegistrantPermissionsTableModel(List list) { + setPermissions(list); + } + + public void setPermissions(List list) { + this.permissions = list; + } + + @Override + public int getRowCount() { + return permissions.size(); + } + + @Override + public int getColumnCount() { + return Columns.values().length; + } + + @Override + public String getColumnName(int column) { + Columns col = Columns.values()[column]; + switch (col) { + case Registrant: + return Translation.get("gb.name"); + case Permission: + return Translation.get("gb.permission"); + } + return ""; + } + + /** + * Returns Object.class regardless of columnIndex. + * + * @param columnIndex + * the column being queried + * @return the Object.class + */ + public Class getColumnClass(int columnIndex) { + if (columnIndex == Columns.Permission.ordinal()) { + return AccessPermission.class; + } + return String.class; + } + + @Override + public boolean isCellEditable(int rowIndex, int columnIndex) { + return columnIndex == Columns.Permission.ordinal(); + } + + @Override + public Object getValueAt(int rowIndex, int columnIndex) { + RegistrantAccessPermission rp = permissions.get(rowIndex); + Columns col = Columns.values()[columnIndex]; + switch (col) { + case Registrant: + return rp.registrant; + case Permission: + return rp.permission; + } + return null; + } + + @Override + public void setValueAt(Object o, int rowIndex, int columnIndex) { + RegistrantAccessPermission rp = permissions.get(rowIndex); + if (columnIndex == Columns.Permission.ordinal()) { + rp.permission = (AccessPermission) o; + } + } +} diff --git a/src/com/gitblit/client/RepositoriesPanel.java b/src/com/gitblit/client/RepositoriesPanel.java index 54158e8e..972dda19 100644 --- a/src/com/gitblit/client/RepositoriesPanel.java +++ b/src/com/gitblit/client/RepositoriesPanel.java @@ -49,6 +49,7 @@ import javax.swing.table.TableRowSorter; import com.gitblit.Constants; import com.gitblit.Constants.RpcRequest; import com.gitblit.Keys; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.FeedModel; import com.gitblit.models.RepositoryModel; import com.gitblit.utils.StringUtils; @@ -401,8 +402,8 @@ public abstract class RepositoriesPanel extends JPanel { gitblit.getPostReceiveScriptsInherited(null), null); dialog.setVisible(true); final RepositoryModel newRepository = dialog.getRepository(); - final List permittedUsers = dialog.getPermittedUsers(); - final List permittedTeams = dialog.getPermittedTeams(); + final List permittedUsers = dialog.getUserAccessPermissions(); + final List permittedTeams = dialog.getTeamAccessPermissions(); if (newRepository == null) { return; } @@ -452,10 +453,14 @@ public abstract class RepositoriesPanel extends JPanel { repository); dialog.setLocationRelativeTo(RepositoriesPanel.this); List usernames = gitblit.getUsernames(); - List members = gitblit.getPermittedUsernames(repository); - dialog.setUsers(repository.owner, usernames, members); - dialog.setTeams(gitblit.getTeamnames(), gitblit.getPermittedTeamnames(repository)); - dialog.setRepositories(gitblit.getRepositories()); + try { + List members = gitblit.getUserAccessPermissions(repository); + dialog.setUsers(repository.owner, usernames, members); + dialog.setTeams(gitblit.getTeamnames(), gitblit.getTeamAccessPermissions(repository)); + dialog.setRepositories(gitblit.getRepositories()); + } catch (IOException e) { + // TODO + } dialog.setFederationSets(gitblit.getFederationSets(), repository.federationSets); List allLocalBranches = new ArrayList(); allLocalBranches.add(Constants.DEFAULT_BRANCH); @@ -471,8 +476,8 @@ public abstract class RepositoriesPanel extends JPanel { } dialog.setVisible(true); final RepositoryModel revisedRepository = dialog.getRepository(); - final List permittedUsers = dialog.getPermittedUsers(); - final List permittedTeams = dialog.getPermittedTeams(); + final List permittedUsers = dialog.getUserAccessPermissions(); + final List permittedTeams = dialog.getTeamAccessPermissions(); if (revisedRepository == null) { return; } diff --git a/src/com/gitblit/client/TeamsPanel.java b/src/com/gitblit/client/TeamsPanel.java index 71825665..6539d1c5 100644 --- a/src/com/gitblit/client/TeamsPanel.java +++ b/src/com/gitblit/client/TeamsPanel.java @@ -305,7 +305,7 @@ public abstract class TeamsPanel extends JPanel { gitblit.getSettings()); dialog.setLocationRelativeTo(TeamsPanel.this); dialog.setTeams(gitblit.getTeams()); - dialog.setRepositories(gitblit.getRepositories(), new ArrayList(team.repositories)); + dialog.setRepositories(gitblit.getRepositories(), team.getRepositoryPermissions()); dialog.setUsers(gitblit.getUsernames(), team.users == null ? null : new ArrayList( team.users)); dialog.setPreReceiveScripts(gitblit.getPreReceiveScriptsUnused(null), diff --git a/src/com/gitblit/client/UsersPanel.java b/src/com/gitblit/client/UsersPanel.java index 0dfa0434..9fcad7bc 100644 --- a/src/com/gitblit/client/UsersPanel.java +++ b/src/com/gitblit/client/UsersPanel.java @@ -309,7 +309,7 @@ public abstract class UsersPanel extends JPanel { gitblit.getSettings()); dialog.setLocationRelativeTo(UsersPanel.this); dialog.setUsers(gitblit.getUsers()); - dialog.setRepositories(gitblit.getRepositories(), new ArrayList(user.repositories)); + dialog.setRepositories(gitblit.getRepositories(), user.getRepositoryPermissions()); dialog.setTeams(gitblit.getTeams(), user.teams == null ? null : new ArrayList( user.teams)); dialog.setVisible(true); diff --git a/src/com/gitblit/client/UsersTableModel.java b/src/com/gitblit/client/UsersTableModel.java index f635f7e8..b8ce45d4 100644 --- a/src/com/gitblit/client/UsersTableModel.java +++ b/src/com/gitblit/client/UsersTableModel.java @@ -110,8 +110,8 @@ public class UsersTableModel extends AbstractTableModel { return (model.teams == null || model.teams.size() == 0) ? "" : String .valueOf(model.teams.size()); case Repositories: - return (model.repositories == null || model.repositories.size() == 0) ? "" : String - .valueOf(model.repositories.size()); + return (model.permissions == null || model.permissions.size() == 0) ? "" : String + .valueOf(model.permissions.size()); } return null; } diff --git a/src/com/gitblit/models/RepositoryAccessPermission.java b/src/com/gitblit/models/RegistrantAccessPermission.java similarity index 56% rename from src/com/gitblit/models/RepositoryAccessPermission.java rename to src/com/gitblit/models/RegistrantAccessPermission.java index 06f5c053..93027450 100644 --- a/src/com/gitblit/models/RepositoryAccessPermission.java +++ b/src/com/gitblit/models/RegistrantAccessPermission.java @@ -18,35 +18,43 @@ package com.gitblit.models; import java.io.Serializable; import com.gitblit.Constants.AccessPermission; +import com.gitblit.Constants.RegistrantType; import com.gitblit.utils.StringUtils; /** - * Represents a Repository-AccessPermission tuple. + * Represents a Registrant-AccessPermission tuple. * * @author James Moger */ -public class RepositoryAccessPermission implements Serializable, Comparable { +public class RegistrantAccessPermission implements Serializable, Comparable { private static final long serialVersionUID = 1L; - public String repository; + public String registrant; public AccessPermission permission; + public RegistrantType type; - public RepositoryAccessPermission() { + public RegistrantAccessPermission() { } - public RepositoryAccessPermission(String repository, AccessPermission permission) { - this.repository = repository; + public RegistrantAccessPermission(String registrant, AccessPermission permission, RegistrantType type) { + this.registrant = registrant; this.permission = permission; + this.type = type; } @Override - public int compareTo(RepositoryAccessPermission p) { - return StringUtils.compareRepositoryNames(repository, p.repository); + public int compareTo(RegistrantAccessPermission p) { + switch (type) { + case REPOSITORY: + return StringUtils.compareRepositoryNames(registrant, p.registrant); + default: + return registrant.toLowerCase().compareTo(p.registrant.toLowerCase()); + } } @Override public String toString() { - return permission.asRole(repository); + return permission.asRole(registrant); } } \ No newline at end of file diff --git a/src/com/gitblit/models/TeamAccessPermission.java b/src/com/gitblit/models/TeamAccessPermission.java deleted file mode 100644 index 23468c6d..00000000 --- a/src/com/gitblit/models/TeamAccessPermission.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright 2012 gitblit.com. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gitblit.models; - -import java.io.Serializable; - -import com.gitblit.Constants.AccessPermission; - -/** - * Represents a Team-AccessPermission tuple. - * - * @author James Moger - */ -public class TeamAccessPermission implements Serializable, Comparable { - - private static final long serialVersionUID = 1L; - - public String team; - public AccessPermission permission; - - public TeamAccessPermission() { - } - - public TeamAccessPermission(String team, AccessPermission permission) { - this.team = team; - this.permission = permission; - } - - @Override - public int compareTo(TeamAccessPermission p) { - return team.compareTo(p.team); - } - - @Override - public String toString() { - return permission.asRole("@" + team); - } -} \ No newline at end of file diff --git a/src/com/gitblit/models/TeamModel.java b/src/com/gitblit/models/TeamModel.java index 95e6ef4e..4c3a8427 100644 --- a/src/com/gitblit/models/TeamModel.java +++ b/src/com/gitblit/models/TeamModel.java @@ -27,6 +27,7 @@ import java.util.Set; import com.gitblit.Constants.AccessPermission; import com.gitblit.Constants.AccessRestrictionType; +import com.gitblit.Constants.RegistrantType; import com.gitblit.Constants.Unused; /** @@ -93,10 +94,10 @@ public class TeamModel implements Serializable, Comparable { * * @return the team's list of permissions */ - public List getRepositoryPermissions() { - List list = new ArrayList(); + public List getRepositoryPermissions() { + List list = new ArrayList(); for (Map.Entry entry : permissions.entrySet()) { - list.add(new RepositoryAccessPermission(entry.getKey(), entry.getValue())); + list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), RegistrantType.REPOSITORY)); } Collections.sort(list); return list; diff --git a/src/com/gitblit/models/UserAccessPermission.java b/src/com/gitblit/models/UserAccessPermission.java deleted file mode 100644 index a77fff29..00000000 --- a/src/com/gitblit/models/UserAccessPermission.java +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright 2012 gitblit.com. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gitblit.models; - -import java.io.Serializable; - -import com.gitblit.Constants.AccessPermission; - -/** - * Represents a User-AccessPermission tuple. - * - * @author James Moger - */ -public class UserAccessPermission implements Serializable, Comparable { - - private static final long serialVersionUID = 1L; - - public String user; - public AccessPermission permission; - - public UserAccessPermission() { - } - - public UserAccessPermission(String user, AccessPermission permission) { - this.user = user; - this.permission = permission; - } - - @Override - public int compareTo(UserAccessPermission p) { - return user.compareTo(p.user); - } - - @Override - public String toString() { - return permission.asRole(user); - } -} \ No newline at end of file diff --git a/src/com/gitblit/models/UserModel.java b/src/com/gitblit/models/UserModel.java index 38a7aaed..fc9cbfba 100644 --- a/src/com/gitblit/models/UserModel.java +++ b/src/com/gitblit/models/UserModel.java @@ -28,6 +28,7 @@ import java.util.Set; import com.gitblit.Constants.AccessPermission; import com.gitblit.Constants.AccessRestrictionType; import com.gitblit.Constants.AuthorizationControl; +import com.gitblit.Constants.RegistrantType; import com.gitblit.Constants.Unused; import com.gitblit.utils.ArrayUtils; import com.gitblit.utils.StringUtils; @@ -133,10 +134,10 @@ public class UserModel implements Principal, Serializable, Comparable * * @return the user's list of permissions */ - public List getRepositoryPermissions() { - List list = new ArrayList(); + public List getRepositoryPermissions() { + List list = new ArrayList(); for (Map.Entry entry : permissions.entrySet()) { - list.add(new RepositoryAccessPermission(entry.getKey(), entry.getValue())); + list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), RegistrantType.REPOSITORY)); } Collections.sort(list); return list; @@ -208,10 +209,10 @@ public class UserModel implements Principal, Serializable, Comparable // and the permissions of teams of which the user belongs AccessPermission permission = AccessPermission.NONE; if (permissions.containsKey(repository.name.toLowerCase())) { - // exact repository permission specified + // exact repository permission specified, use it AccessPermission p = permissions.get(repository.name.toLowerCase()); if (p != null) { - permission = p; + return p; } } else { // search for regex permission match diff --git a/src/com/gitblit/utils/RpcUtils.java b/src/com/gitblit/utils/RpcUtils.java index 2b80e2af..ed23dab6 100644 --- a/src/com/gitblit/utils/RpcUtils.java +++ b/src/com/gitblit/utils/RpcUtils.java @@ -25,6 +25,7 @@ import java.util.Map; import com.gitblit.Constants; import com.gitblit.Constants.RpcRequest; import com.gitblit.GitBlitException.UnknownRequestException; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.FederationModel; import com.gitblit.models.FederationProposal; import com.gitblit.models.FederationSet; @@ -71,6 +72,9 @@ public class RpcUtils { private static final Type BRANCHES_TYPE = new TypeToken>>() { }.getType(); + public static final Type REGISTRANT_PERMISSIONS_TYPE = new TypeToken>() { + }.getType(); + /** * * @param remoteURL @@ -357,25 +361,42 @@ public class RpcUtils { Collection list = JsonUtils.retrieveJson(url, NAMES_TYPE, account, password); return new ArrayList(list); } + + /** + * Retrieves the list of user access permissions for the specified repository. + * + * @param repository + * @param serverUrl + * @param account + * @param password + * @return list of User-AccessPermission tuples + * @throws IOException + */ + public static List getRepositoryMemberPermissions(RepositoryModel repository, + String serverUrl, String account, char [] password) throws IOException { + String url = asLink(serverUrl, RpcRequest.LIST_REPOSITORY_MEMBER_PERMISSIONS, repository.name); + Collection list = JsonUtils.retrieveJson(url, REGISTRANT_PERMISSIONS_TYPE, account, password); + return new ArrayList(list); + } /** - * Sets the repository user membership list. + * Sets the repository user access permissions * * @param repository - * @param memberships + * @param permissions * @param serverUrl * @param account * @param password * @return true if the action succeeded * @throws IOException */ - public static boolean setRepositoryMembers(RepositoryModel repository, - List memberships, String serverUrl, String account, char[] password) + public static boolean setRepositoryMemberPermissions(RepositoryModel repository, + List permissions, String serverUrl, String account, char[] password) throws IOException { - return doAction(RpcRequest.SET_REPOSITORY_MEMBERS, repository.name, memberships, serverUrl, + return doAction(RpcRequest.SET_REPOSITORY_MEMBER_PERMISSIONS, repository.name, permissions, serverUrl, account, password); } - + /** * Retrieves the list of teams that can access the specified repository. * @@ -392,25 +413,42 @@ public class RpcUtils { Collection list = JsonUtils.retrieveJson(url, NAMES_TYPE, account, password); return new ArrayList(list); } + + /** + * Retrieves the list of team access permissions for the specified repository. + * + * @param repository + * @param serverUrl + * @param account + * @param password + * @return list of Team-AccessPermission tuples + * @throws IOException + */ + public static List getRepositoryTeamPermissions(RepositoryModel repository, + String serverUrl, String account, char [] password) throws IOException { + String url = asLink(serverUrl, RpcRequest.LIST_REPOSITORY_TEAM_PERMISSIONS, repository.name); + Collection list = JsonUtils.retrieveJson(url, REGISTRANT_PERMISSIONS_TYPE, account, password); + return new ArrayList(list); + } /** - * Sets the repository team membership list. + * Sets the repository team access permissions * * @param repository - * @param teams + * @param permissions * @param serverUrl * @param account * @param password * @return true if the action succeeded * @throws IOException */ - public static boolean setRepositoryTeams(RepositoryModel repository, - List teams, String serverUrl, String account, char[] password) + public static boolean setRepositoryTeamPermissions(RepositoryModel repository, + List permissions, String serverUrl, String account, char[] password) throws IOException { - return doAction(RpcRequest.SET_REPOSITORY_TEAMS, repository.name, teams, serverUrl, + return doAction(RpcRequest.SET_REPOSITORY_TEAM_PERMISSIONS, repository.name, permissions, serverUrl, account, password); } - + /** * Retrieves the list of federation registrations. These are the list of * registrations that this Gitblit instance is pulling from. diff --git a/src/com/gitblit/wicket/GitBlitWebApp.properties b/src/com/gitblit/wicket/GitBlitWebApp.properties index eb7d7725..e46bb0ed 100644 --- a/src/com/gitblit/wicket/GitBlitWebApp.properties +++ b/src/com/gitblit/wicket/GitBlitWebApp.properties @@ -353,4 +353,5 @@ gb.clonePermission = {0} (clone) gb.pushPermission = {0} (push) gb.createPermission = {0} (push, ref creation) gb.deletePermission = {0} (push, ref creation+deletion) -gb.rewindPermission = {0} (push, ref creation+deletion+rewind) \ No newline at end of file +gb.rewindPermission = {0} (push, ref creation+deletion+rewind) +gb.permission = permission diff --git a/src/com/gitblit/wicket/pages/EditRepositoryPage.java b/src/com/gitblit/wicket/pages/EditRepositoryPage.java index 4e34d898..200a50e0 100644 --- a/src/com/gitblit/wicket/pages/EditRepositoryPage.java +++ b/src/com/gitblit/wicket/pages/EditRepositoryPage.java @@ -54,9 +54,8 @@ import com.gitblit.Constants.FederationStrategy; import com.gitblit.GitBlit; import com.gitblit.GitBlitException; import com.gitblit.Keys; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.RepositoryModel; -import com.gitblit.models.TeamAccessPermission; -import com.gitblit.models.UserAccessPermission; import com.gitblit.models.UserModel; import com.gitblit.utils.ArrayUtils; import com.gitblit.utils.StringUtils; @@ -64,8 +63,7 @@ import com.gitblit.wicket.GitBlitWebSession; import com.gitblit.wicket.StringChoiceRenderer; import com.gitblit.wicket.WicketUtils; import com.gitblit.wicket.panels.BulletListPanel; -import com.gitblit.wicket.panels.TeamPermissionsPanel; -import com.gitblit.wicket.panels.UserPermissionsPanel; +import com.gitblit.wicket.panels.RegistrantPermissionsPanel; public class EditRepositoryPage extends RootSubPage { @@ -117,8 +115,8 @@ public class EditRepositoryPage extends RootSubPage { List indexedBranches = new ArrayList(); List federationSets = new ArrayList(); - final List repositoryUsers = new ArrayList(); - final List repositoryTeams = new ArrayList(); + final List repositoryUsers = new ArrayList(); + final List repositoryTeams = new ArrayList(); List preReceiveScripts = new ArrayList(); List postReceiveScripts = new ArrayList(); @@ -146,8 +144,10 @@ public class EditRepositoryPage extends RootSubPage { final String oldName = repositoryModel.name; - UserPermissionsPanel usersPalette = new UserPermissionsPanel("users", repositoryUsers, getAccessPermissions()); - TeamPermissionsPanel teamsPalette = new TeamPermissionsPanel("teams", repositoryTeams, getAccessPermissions()); + RegistrantPermissionsPanel usersPalette = new RegistrantPermissionsPanel("users", + GitBlit.self().getAllUsernames(), repositoryUsers, getAccessPermissions()); + RegistrantPermissionsPanel teamsPalette = new RegistrantPermissionsPanel("teams", + GitBlit.self().getAllTeamnames(), repositoryTeams, getAccessPermissions()); // indexed local branches palette List allLocalBranches = new ArrayList(); diff --git a/src/com/gitblit/wicket/pages/EditTeamPage.java b/src/com/gitblit/wicket/pages/EditTeamPage.java index 05c91215..a4e2c5e2 100644 --- a/src/com/gitblit/wicket/pages/EditTeamPage.java +++ b/src/com/gitblit/wicket/pages/EditTeamPage.java @@ -39,15 +39,15 @@ import org.apache.wicket.model.util.ListModel; import com.gitblit.Constants.AccessRestrictionType; import com.gitblit.GitBlit; import com.gitblit.GitBlitException; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.RepositoryModel; -import com.gitblit.models.RepositoryAccessPermission; import com.gitblit.models.TeamModel; import com.gitblit.utils.StringUtils; import com.gitblit.wicket.RequiresAdminRole; import com.gitblit.wicket.StringChoiceRenderer; import com.gitblit.wicket.WicketUtils; import com.gitblit.wicket.panels.BulletListPanel; -import com.gitblit.wicket.panels.RepositoryPermissionsPanel; +import com.gitblit.wicket.panels.RegistrantPermissionsPanel; @RequiresAdminRole public class EditTeamPage extends RootSubPage { @@ -98,7 +98,7 @@ public class EditTeamPage extends RootSubPage { List postReceiveScripts = new ArrayList(); final String oldName = teamModel.name; - final List permissions = teamModel.getRepositoryPermissions(); + final List permissions = teamModel.getRepositoryPermissions(); // users palette final Palette users = new Palette("users", new ListModel( @@ -147,8 +147,8 @@ public class EditTeamPage extends RootSubPage { } } // update team permissions - for (RepositoryAccessPermission repositoryPermission : permissions) { - teamModel.setRepositoryPermission(repositoryPermission.repository, repositoryPermission.permission); + for (RegistrantAccessPermission repositoryPermission : permissions) { + teamModel.setRepositoryPermission(repositoryPermission.registrant, repositoryPermission.permission); } Iterator selectedUsers = users.getSelectedChoices(); @@ -224,7 +224,7 @@ public class EditTeamPage extends RootSubPage { : StringUtils.flattenStrings(teamModel.mailingLists, " ")); form.add(new TextField("mailingLists", mailingLists)); - form.add(new RepositoryPermissionsPanel("repositories", permissions, getAccessPermissions())); + form.add(new RegistrantPermissionsPanel("repositories", repos, permissions, getAccessPermissions())); form.add(preReceivePalette); form.add(new BulletListPanel("inheritedPreReceive", "inherited", GitBlit.self() .getPreReceiveScriptsInherited(null))); diff --git a/src/com/gitblit/wicket/pages/EditUserPage.java b/src/com/gitblit/wicket/pages/EditUserPage.java index 6e353543..3fc1eab1 100644 --- a/src/com/gitblit/wicket/pages/EditUserPage.java +++ b/src/com/gitblit/wicket/pages/EditUserPage.java @@ -38,15 +38,15 @@ import com.gitblit.Constants.AccessRestrictionType; import com.gitblit.GitBlit; import com.gitblit.GitBlitException; import com.gitblit.Keys; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.RepositoryModel; -import com.gitblit.models.RepositoryAccessPermission; import com.gitblit.models.TeamModel; import com.gitblit.models.UserModel; import com.gitblit.utils.StringUtils; import com.gitblit.wicket.RequiresAdminRole; import com.gitblit.wicket.StringChoiceRenderer; import com.gitblit.wicket.WicketUtils; -import com.gitblit.wicket.panels.RepositoryPermissionsPanel; +import com.gitblit.wicket.panels.RegistrantPermissionsPanel; @RequiresAdminRole public class EditUserPage extends RootSubPage { @@ -93,6 +93,8 @@ public class EditUserPage extends RootSubPage { repos.add(repo); } } + StringUtils.sortRepositorynames(repos); + List userTeams = new ArrayList(); for (TeamModel team : userModel.teams) { userTeams.add(team.name); @@ -100,7 +102,7 @@ public class EditUserPage extends RootSubPage { Collections.sort(userTeams); final String oldName = userModel.username; - final List permissions = userModel.getRepositoryPermissions(); + final List permissions = userModel.getRepositoryPermissions(); final Palette teams = new Palette("teams", new ListModel( new ArrayList(userTeams)), new CollectionModel(GitBlit.self() @@ -171,8 +173,8 @@ public class EditUserPage extends RootSubPage { } // update user permissions - for (RepositoryAccessPermission repositoryPermission : permissions) { - userModel.setRepositoryPermission(repositoryPermission.repository, repositoryPermission.permission); + for (RegistrantAccessPermission repositoryPermission : permissions) { + userModel.setRepositoryPermission(repositoryPermission.registrant, repositoryPermission.permission); } Iterator selectedTeams = teams.getSelectedChoices(); @@ -234,7 +236,7 @@ public class EditUserPage extends RootSubPage { form.add(new CheckBox("canFork")); form.add(new CheckBox("canCreate")); form.add(new CheckBox("excludeFromFederation")); - form.add(new RepositoryPermissionsPanel("repositories", permissions, getAccessPermissions())); + form.add(new RegistrantPermissionsPanel("repositories", repos, permissions, getAccessPermissions())); form.add(teams.setEnabled(editTeams)); form.add(new Button("save")); diff --git a/src/com/gitblit/wicket/panels/RepositoryPermissionsPanel.html b/src/com/gitblit/wicket/panels/RegistrantPermissionsPanel.html similarity index 83% rename from src/com/gitblit/wicket/panels/RepositoryPermissionsPanel.html rename to src/com/gitblit/wicket/panels/RegistrantPermissionsPanel.html index 1c7e44ef..dd76d9fd 100644 --- a/src/com/gitblit/wicket/panels/RepositoryPermissionsPanel.html +++ b/src/com/gitblit/wicket/panels/RegistrantPermissionsPanel.html @@ -9,13 +9,13 @@
- +
- +
diff --git a/src/com/gitblit/wicket/panels/RepositoryPermissionsPanel.java b/src/com/gitblit/wicket/panels/RegistrantPermissionsPanel.java similarity index 66% rename from src/com/gitblit/wicket/panels/RepositoryPermissionsPanel.java rename to src/com/gitblit/wicket/panels/RegistrantPermissionsPanel.java index 3d967d36..936659d2 100644 --- a/src/com/gitblit/wicket/panels/RepositoryPermissionsPanel.java +++ b/src/com/gitblit/wicket/panels/RegistrantPermissionsPanel.java @@ -15,6 +15,7 @@ */ package com.gitblit.wicket.panels; +import java.util.ArrayList; import java.util.Arrays; import java.util.Iterator; import java.util.List; @@ -35,49 +36,48 @@ import org.apache.wicket.model.CompoundPropertyModel; import org.apache.wicket.model.IModel; import com.gitblit.Constants.AccessPermission; -import com.gitblit.GitBlit; -import com.gitblit.models.RepositoryAccessPermission; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.utils.DeepCopier; /** - * Allows user to manipulate repository access permissions. + * Allows user to manipulate registrant access permissions. * * @author James Moger * */ -public class RepositoryPermissionsPanel extends BasePanel { +public class RegistrantPermissionsPanel extends BasePanel { private static final long serialVersionUID = 1L; - public RepositoryPermissionsPanel(String wicketId, final List permissions, final Map translations) { + public RegistrantPermissionsPanel(String wicketId, List allRegistrants, final List permissions, final Map translations) { super(wicketId); // update existing permissions repeater - RefreshingView dataView = new RefreshingView("permissionRow") { + RefreshingView dataView = new RefreshingView("permissionRow") { private static final long serialVersionUID = 1L; @Override - protected Iterator> getItemModels() { + protected Iterator> getItemModels() { // the iterator returns RepositoryPermission objects, but we need it to // return models - return new ModelIteratorAdapter(permissions.iterator()) { + return new ModelIteratorAdapter(permissions.iterator()) { @Override - protected IModel model(RepositoryAccessPermission permission) { - return new CompoundPropertyModel(permission); + protected IModel model(RegistrantAccessPermission permission) { + return new CompoundPropertyModel(permission); } }; } @Override - protected Item newItem(String id, int index, IModel model) { + protected Item newItem(String id, int index, IModel model) { // this item sets markup class attribute to either 'odd' or // 'even' for decoration - return new OddEvenItem(id, index, model); + return new OddEvenItem(id, index, model); } - public void populateItem(final Item item) { - final RepositoryAccessPermission entry = item.getModelObject(); - item.add(new Label("repository", entry.repository)); + public void populateItem(final Item item) { + final RegistrantAccessPermission entry = item.getModelObject(); + item.add(new Label("registrant", entry.registrant)); // use ajax to get immediate update of permission level change // otherwise we can lose it if they change levels and then add @@ -99,16 +99,16 @@ public class RepositoryPermissionsPanel extends BasePanel { add(dataView); setOutputMarkupId(true); - // filter out repositories we already have permissions for - final List repositories = GitBlit.self().getRepositoryList(); - for (RepositoryAccessPermission rp : permissions) { - repositories.remove(rp.repository); + // filter out registrants we already have permissions for + final List registrants = new ArrayList(allRegistrants); + for (RegistrantAccessPermission rp : permissions) { + registrants.remove(rp.registrant); } // add new permission form - IModel addPermissionModel = new CompoundPropertyModel(new RepositoryAccessPermission()); - Form addPermissionForm = new Form("addPermissionForm", addPermissionModel); - addPermissionForm.add(new DropDownChoice("repository", repositories)); + IModel addPermissionModel = new CompoundPropertyModel(new RegistrantAccessPermission()); + Form addPermissionForm = new Form("addPermissionForm", addPermissionModel); + addPermissionForm.add(new DropDownChoice("registrant", registrants)); addPermissionForm.add(new DropDownChoice("permission", Arrays .asList(AccessPermission.NEWPERMISSIONS), new AccessPermissionRenderer(translations))); AjaxButton button = new AjaxButton("addPermissionButton", addPermissionForm) { @@ -118,20 +118,20 @@ public class RepositoryPermissionsPanel extends BasePanel { @Override protected void onSubmit(AjaxRequestTarget target, Form form) { // add permission to our list - RepositoryAccessPermission rp = (RepositoryAccessPermission) form.getModel().getObject(); + RegistrantAccessPermission rp = (RegistrantAccessPermission) form.getModel().getObject(); permissions.add(DeepCopier.copy(rp)); - // remove repository from available choices - repositories.remove(rp.repository); + // remove registrant from available choices + registrants.remove(rp.registrant); // force the panel to refresh - target.addComponent(RepositoryPermissionsPanel.this); + target.addComponent(RegistrantPermissionsPanel.this); } }; addPermissionForm.add(button); - // only show add permission form if we have a repository choice - add(addPermissionForm.setVisible(repositories.size() > 0)); + // only show add permission form if we have a registrant choice + add(addPermissionForm.setVisible(registrants.size() > 0)); } private class AccessPermissionRenderer implements IChoiceRenderer { diff --git a/src/com/gitblit/wicket/panels/TeamPermissionsPanel.html b/src/com/gitblit/wicket/panels/TeamPermissionsPanel.html deleted file mode 100644 index d728f651..00000000 --- a/src/com/gitblit/wicket/panels/TeamPermissionsPanel.html +++ /dev/null @@ -1,24 +0,0 @@ - - - - - - -
-
- -
-
- -
-
- - -
- - - - \ No newline at end of file diff --git a/src/com/gitblit/wicket/panels/TeamPermissionsPanel.java b/src/com/gitblit/wicket/panels/TeamPermissionsPanel.java deleted file mode 100644 index e51aab47..00000000 --- a/src/com/gitblit/wicket/panels/TeamPermissionsPanel.java +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright 2012 gitblit.com. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gitblit.wicket.panels; - -import java.util.Arrays; -import java.util.Iterator; -import java.util.List; -import java.util.Map; - -import org.apache.wicket.ajax.AjaxRequestTarget; -import org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior; -import org.apache.wicket.ajax.markup.html.form.AjaxButton; -import org.apache.wicket.markup.html.basic.Label; -import org.apache.wicket.markup.html.form.DropDownChoice; -import org.apache.wicket.markup.html.form.Form; -import org.apache.wicket.markup.html.form.IChoiceRenderer; -import org.apache.wicket.markup.repeater.Item; -import org.apache.wicket.markup.repeater.OddEvenItem; -import org.apache.wicket.markup.repeater.RefreshingView; -import org.apache.wicket.markup.repeater.util.ModelIteratorAdapter; -import org.apache.wicket.model.CompoundPropertyModel; -import org.apache.wicket.model.IModel; - -import com.gitblit.Constants.AccessPermission; -import com.gitblit.GitBlit; -import com.gitblit.models.TeamAccessPermission; -import com.gitblit.utils.DeepCopier; - -/** - * Allows user to manipulate user access permissions. - * - * @author James Moger - * - */ -public class TeamPermissionsPanel extends BasePanel { - - private static final long serialVersionUID = 1L; - - public TeamPermissionsPanel(String wicketId, final List permissions, final Map translations) { - super(wicketId); - - // update existing permissions repeater - RefreshingView dataView = new RefreshingView("permissionRow") { - private static final long serialVersionUID = 1L; - - @Override - protected Iterator> getItemModels() { - // the iterator returns RepositoryPermission objects, but we need it to - // return models - return new ModelIteratorAdapter(permissions.iterator()) { - @Override - protected IModel model(TeamAccessPermission permission) { - return new CompoundPropertyModel(permission); - } - }; - } - - @Override - protected Item newItem(String id, int index, IModel model) { - // this item sets markup class attribute to either 'odd' or - // 'even' for decoration - return new OddEvenItem(id, index, model); - } - - public void populateItem(final Item item) { - final TeamAccessPermission entry = item.getModelObject(); - item.add(new Label("team", entry.team)); - - // use ajax to get immediate update of permission level change - // otherwise we can lose it if they change levels and then add - // a new repository permission - final DropDownChoice permissionChoice = new DropDownChoice( - "permission", Arrays.asList(AccessPermission.values()), new AccessPermissionRenderer(translations)); - permissionChoice.add(new AjaxFormComponentUpdatingBehavior("onchange") { - - private static final long serialVersionUID = 1L; - - protected void onUpdate(AjaxRequestTarget target) { - target.addComponent(permissionChoice); - } - }); - - item.add(permissionChoice); - } - }; - add(dataView); - setOutputMarkupId(true); - - // filter out teams we already have permissions for - final List teams = GitBlit.self().getAllTeamnames(); - for (TeamAccessPermission tp : permissions) { - teams.remove(tp.team); - } - - // add new permission form - IModel addPermissionModel = new CompoundPropertyModel(new TeamAccessPermission()); - Form addPermissionForm = new Form("addPermissionForm", addPermissionModel); - addPermissionForm.add(new DropDownChoice("team", teams)); - addPermissionForm.add(new DropDownChoice("permission", Arrays - .asList(AccessPermission.NEWPERMISSIONS), new AccessPermissionRenderer(translations))); - AjaxButton button = new AjaxButton("addPermissionButton", addPermissionForm) { - - private static final long serialVersionUID = 1L; - - @Override - protected void onSubmit(AjaxRequestTarget target, Form form) { - // add permission to our list - TeamAccessPermission tp = (TeamAccessPermission) form.getModel().getObject(); - permissions.add(DeepCopier.copy(tp)); - - // remove team from available choices - teams.remove(tp.team); - - // force the panel to refresh - target.addComponent(TeamPermissionsPanel.this); - } - }; - addPermissionForm.add(button); - - // only show add permission form if we have a team choice - add(addPermissionForm.setVisible(teams.size() > 0)); - } - - private class AccessPermissionRenderer implements IChoiceRenderer { - - private static final long serialVersionUID = 1L; - - private final Map map; - - public AccessPermissionRenderer(Map map) { - this.map = map; - } - - @Override - public String getDisplayValue(AccessPermission type) { - return map.get(type); - } - - @Override - public String getIdValue(AccessPermission type, int index) { - return Integer.toString(index); - } - } -} diff --git a/src/com/gitblit/wicket/panels/UserPermissionsPanel.html b/src/com/gitblit/wicket/panels/UserPermissionsPanel.html deleted file mode 100644 index 14d43055..00000000 --- a/src/com/gitblit/wicket/panels/UserPermissionsPanel.html +++ /dev/null @@ -1,24 +0,0 @@ - - - - - - -
-
- -
-
- -
-
- - -
- - - - \ No newline at end of file diff --git a/src/com/gitblit/wicket/panels/UserPermissionsPanel.java b/src/com/gitblit/wicket/panels/UserPermissionsPanel.java deleted file mode 100644 index 6d0ae588..00000000 --- a/src/com/gitblit/wicket/panels/UserPermissionsPanel.java +++ /dev/null @@ -1,157 +0,0 @@ -/* - * Copyright 2012 gitblit.com. - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package com.gitblit.wicket.panels; - -import java.util.Arrays; -import java.util.Iterator; -import java.util.List; -import java.util.Map; - -import org.apache.wicket.ajax.AjaxRequestTarget; -import org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior; -import org.apache.wicket.ajax.markup.html.form.AjaxButton; -import org.apache.wicket.markup.html.basic.Label; -import org.apache.wicket.markup.html.form.DropDownChoice; -import org.apache.wicket.markup.html.form.Form; -import org.apache.wicket.markup.html.form.IChoiceRenderer; -import org.apache.wicket.markup.repeater.Item; -import org.apache.wicket.markup.repeater.OddEvenItem; -import org.apache.wicket.markup.repeater.RefreshingView; -import org.apache.wicket.markup.repeater.util.ModelIteratorAdapter; -import org.apache.wicket.model.CompoundPropertyModel; -import org.apache.wicket.model.IModel; - -import com.gitblit.Constants.AccessPermission; -import com.gitblit.GitBlit; -import com.gitblit.models.UserAccessPermission; -import com.gitblit.utils.DeepCopier; - -/** - * Allows user to manipulate user access permissions. - * - * @author James Moger - * - */ -public class UserPermissionsPanel extends BasePanel { - - private static final long serialVersionUID = 1L; - - public UserPermissionsPanel(String wicketId, final List permissions, final Map translations) { - super(wicketId); - - // update existing permissions repeater - RefreshingView dataView = new RefreshingView("permissionRow") { - private static final long serialVersionUID = 1L; - - @Override - protected Iterator> getItemModels() { - // the iterator returns RepositoryPermission objects, but we need it to - // return models - return new ModelIteratorAdapter(permissions.iterator()) { - @Override - protected IModel model(UserAccessPermission permission) { - return new CompoundPropertyModel(permission); - } - }; - } - - @Override - protected Item newItem(String id, int index, IModel model) { - // this item sets markup class attribute to either 'odd' or - // 'even' for decoration - return new OddEvenItem(id, index, model); - } - - public void populateItem(final Item item) { - final UserAccessPermission entry = item.getModelObject(); - item.add(new Label("user", entry.user)); - - // use ajax to get immediate update of permission level change - // otherwise we can lose it if they change levels and then add - // a new repository permission - final DropDownChoice permissionChoice = new DropDownChoice( - "permission", Arrays.asList(AccessPermission.values()), new AccessPermissionRenderer(translations)); - permissionChoice.add(new AjaxFormComponentUpdatingBehavior("onchange") { - - private static final long serialVersionUID = 1L; - - protected void onUpdate(AjaxRequestTarget target) { - target.addComponent(permissionChoice); - } - }); - - item.add(permissionChoice); - } - }; - add(dataView); - setOutputMarkupId(true); - - // filter out users we already have permissions for - final List users = GitBlit.self().getAllUsernames(); - for (UserAccessPermission up : permissions) { - users.remove(up.user); - } - - // add new permission form - IModel addPermissionModel = new CompoundPropertyModel(new UserAccessPermission()); - Form addPermissionForm = new Form("addPermissionForm", addPermissionModel); - addPermissionForm.add(new DropDownChoice("user", users)); - addPermissionForm.add(new DropDownChoice("permission", Arrays - .asList(AccessPermission.NEWPERMISSIONS), new AccessPermissionRenderer(translations))); - AjaxButton button = new AjaxButton("addPermissionButton", addPermissionForm) { - - private static final long serialVersionUID = 1L; - - @Override - protected void onSubmit(AjaxRequestTarget target, Form form) { - // add permission to our list - UserAccessPermission up = (UserAccessPermission) form.getModel().getObject(); - permissions.add(DeepCopier.copy(up)); - - // remove user from available choices - users.remove(up.user); - - // force the panel to refresh - target.addComponent(UserPermissionsPanel.this); - } - }; - addPermissionForm.add(button); - - // only show add permission form if we have a user choice - add(addPermissionForm.setVisible(users.size() > 0)); - } - - private class AccessPermissionRenderer implements IChoiceRenderer { - - private static final long serialVersionUID = 1L; - - private final Map map; - - public AccessPermissionRenderer(Map map) { - this.map = map; - } - - @Override - public String getDisplayValue(AccessPermission type) { - return map.get(type); - } - - @Override - public String getIdValue(AccessPermission type, int index) { - return Integer.toString(index); - } - } -} diff --git a/src/com/gitblit/wicket/panels/UsersPanel.java b/src/com/gitblit/wicket/panels/UsersPanel.java index c5dba847..46c502e5 100644 --- a/src/com/gitblit/wicket/panels/UsersPanel.java +++ b/src/com/gitblit/wicket/panels/UsersPanel.java @@ -84,7 +84,7 @@ public class UsersPanel extends BasePanel { item.add(new Label("accesslevel", entry.canAdmin() ? "administrator" : "")); item.add(new Label("teams", entry.teams.size() > 0 ? ("" + entry.teams.size()) : "")); item.add(new Label("repositories", - entry.repositories.size() > 0 ? ("" + entry.repositories.size()) : "")); + entry.permissions.size() > 0 ? ("" + entry.permissions.size()) : "")); Fragment userLinks = new Fragment("userLinks", "userAdminLinks", this); userLinks.add(new BookmarkablePageLink("editUser", EditUserPage.class, WicketUtils.newUsernameParameter(entry.username))); diff --git a/tests/com/gitblit/tests/RpcTests.java b/tests/com/gitblit/tests/RpcTests.java index 3ad0ec59..c739eba3 100644 --- a/tests/com/gitblit/tests/RpcTests.java +++ b/tests/com/gitblit/tests/RpcTests.java @@ -32,11 +32,14 @@ import org.junit.AfterClass; import org.junit.BeforeClass; import org.junit.Test; +import com.gitblit.Constants.AccessPermission; import com.gitblit.Constants.AccessRestrictionType; import com.gitblit.Constants.AuthorizationControl; +import com.gitblit.Constants.RegistrantType; import com.gitblit.GitBlitException.UnauthorizedException; import com.gitblit.Keys; import com.gitblit.RpcServlet; +import com.gitblit.models.RegistrantAccessPermission; import com.gitblit.models.FederationModel; import com.gitblit.models.FederationProposal; import com.gitblit.models.FederationSet; @@ -180,6 +183,7 @@ public class RpcTests { String originalName = model.name; model.name = "garbagerepo2.git"; model.accessRestriction = AccessRestrictionType.PUSH; + model.authorizationControl = AuthorizationControl.NAMED; assertTrue("Failed to update repository!", RpcUtils.updateRepository(originalName, model, url, account, password.toCharArray())); @@ -192,20 +196,21 @@ public class RpcTests { UserModel testMember = new UserModel("justadded"); assertTrue(RpcUtils.createUser(testMember, url, account, password.toCharArray())); - List members = RpcUtils.getRepositoryMembers(retrievedRepository, url, account, + List permissions = RpcUtils.getRepositoryMemberPermissions(retrievedRepository, url, account, password.toCharArray()); - assertEquals("Membership roster is not empty!", 0, members.size()); - members.add(testMember.username); + assertEquals("Membership permissions is not empty!", 0, permissions.size()); + permissions.add(new RegistrantAccessPermission(testMember.username, AccessPermission.PUSH, RegistrantType.USER)); assertTrue( - "Failed to set memberships!", - RpcUtils.setRepositoryMembers(retrievedRepository, members, url, account, + "Failed to set member permissions!", + RpcUtils.setRepositoryMemberPermissions(retrievedRepository, permissions, url, account, password.toCharArray())); - members = RpcUtils.getRepositoryMembers(retrievedRepository, url, account, + permissions = RpcUtils.getRepositoryMemberPermissions(retrievedRepository, url, account, password.toCharArray()); boolean foundMember = false; - for (String member : members) { - if (member.equalsIgnoreCase(testMember.username)) { + for (RegistrantAccessPermission permission : permissions) { + if (permission.registrant.equalsIgnoreCase(testMember.username)) { foundMember = true; + assertEquals(AccessPermission.PUSH, permission.permission); break; } } @@ -281,7 +286,11 @@ public class RpcTests { assertTrue(helloworldTeams.contains(aTeam.name)); // set no teams - assertTrue(RpcUtils.setRepositoryTeams(helloworld, new ArrayList(), url, account, + List permissions = new ArrayList(); + for (String team : helloworldTeams) { + permissions.add(new RegistrantAccessPermission(team, AccessPermission.NONE, RegistrantType.TEAM)); + } + assertTrue(RpcUtils.setRepositoryTeamPermissions(helloworld, permissions, url, account, password.toCharArray())); helloworldTeams = RpcUtils.getRepositoryTeams(helloworld, url, account, password.toCharArray()); -- 2.39.5
url parametersrequired
user
permission		protocol
version		json
EDIT_TEAMteam nameadmin2TeamModel-
DELETE_TEAMteam nameadmin2--
LIST_REPOSITORY_MEMBERSrepository nameadmin1-List<String>
SET_REPOSITORY_MEMBERSrepository nameadmin1List<String>-
SET_REPOSITORY_MEMBERSrepository nameadmin1List<String>-
LIST_REPOSITORY_MEMBER_PERMISSIONSrepository nameadmin5-List<String>
SET_REPOSITORY_MEMBER_PERMISSIONSrepository nameadmin5List<String>-
LIST_REPOSITORY_TEAMSrepository nameadmin2-List<String>
SET_REPOSITORY_TEAMSrepository nameadmin2List<String>-
SET_REPOSITORY_TEAMSrepository nameadmin2List<String>-
LIST_REPOSITORY_TEAM_PERMISSIONSrepository nameadmin5-List<String>
SET_REPOSITORY_TEAM_PERMISSIONSrepository nameadmin5List<String>-
LIST_SETTINGS-admin1-ServerSettings (management keys)
CLEAR_REPOSITORY_CACHE--4--
web.enableRpcAdministration=true