From 92d477ebb639fde958a928f0ed046c62280a5c60 Mon Sep 17 00:00:00 2001 From: James Moger Date: Thu, 6 Dec 2012 17:05:15 -0500 Subject: [PATCH] Fixed anonymous browsing of branch panel --- src/com/gitblit/models/UserModel.java | 7 +++++++ src/com/gitblit/wicket/pages/RepositoryPage.java | 2 +- src/com/gitblit/wicket/panels/BranchesPanel.java | 4 ++-- 3 files changed, 10 insertions(+), 3 deletions(-) diff --git a/src/com/gitblit/models/UserModel.java b/src/com/gitblit/models/UserModel.java index f1bc5efc..ac67ff78 100644 --- a/src/com/gitblit/models/UserModel.java +++ b/src/com/gitblit/models/UserModel.java @@ -360,6 +360,12 @@ public class UserModel implements Principal, Serializable, Comparable public boolean canView(RepositoryModel repository) { return canAccess(repository, AccessRestrictionType.VIEW, AccessPermission.VIEW); } + + public boolean canView(RepositoryModel repository, String ref) { + // Default UserModel doesn't implement ref-level security. + // Other Realms (i.e. Gerrit) may override this method. + return canView(repository); + } public boolean canClone(RepositoryModel repository) { return canAccess(repository, AccessRestrictionType.CLONE, AccessPermission.CLONE); @@ -587,6 +593,7 @@ public class UserModel implements Principal, Serializable, Comparable return nameVerified && emailVerified; } + @Deprecated public boolean hasBranchPermission(String repositoryName, String branch) { // Default UserModel doesn't implement branch-level security. Other Realms (i.e. Gerrit) may override this method. return hasRepositoryPermission(repositoryName) || hasTeamRepositoryPermission(repositoryName); diff --git a/src/com/gitblit/wicket/pages/RepositoryPage.java b/src/com/gitblit/wicket/pages/RepositoryPage.java index 3acf73af..b4e1a0e3 100644 --- a/src/com/gitblit/wicket/pages/RepositoryPage.java +++ b/src/com/gitblit/wicket/pages/RepositoryPage.java @@ -112,7 +112,7 @@ public abstract class RepositoryPage extends BasePage { // workaround until get().getUser() is reviewed throughout the app user = UserModel.ANONYMOUS; } - boolean canAccess = user.hasBranchPermission(repositoryName, + boolean canAccess = user.canView(getRepositoryModel(), branch.reference.getName()); if (!canAccess) { error(getString("gb.accessDenied"), true); diff --git a/src/com/gitblit/wicket/panels/BranchesPanel.java b/src/com/gitblit/wicket/panels/BranchesPanel.java index 26fedc1e..1262077c 100644 --- a/src/com/gitblit/wicket/panels/BranchesPanel.java +++ b/src/com/gitblit/wicket/panels/BranchesPanel.java @@ -67,14 +67,14 @@ public class BranchesPanel extends BasePanel { List localBranches = JGitUtils.getLocalBranches(r, false, -1); for (RefModel refModel : localBranches) { - if (user.hasBranchPermission(model.name, refModel.reference.getName())) { + if (user.canView(model, refModel.reference.getName())) { branches.add(refModel); } } if (model.showRemoteBranches) { List remoteBranches = JGitUtils.getRemoteBranches(r, false, -1); for (RefModel refModel : remoteBranches) { - if (user.hasBranchPermission(model.name, refModel.reference.getName())) { + if (user.canView(model, refModel.reference.getName())) { branches.add(refModel); } } -- 2.39.5