From 92d477ebb639fde958a928f0ed046c62280a5c60 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 6 Dec 2012 17:05:15 -0500
Subject: [PATCH] Fixed anonymous browsing of branch panel

---
 src/com/gitblit/models/UserModel.java            | 7 +++++++
 src/com/gitblit/wicket/pages/RepositoryPage.java | 2 +-
 src/com/gitblit/wicket/panels/BranchesPanel.java | 4 ++--
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/com/gitblit/models/UserModel.java b/src/com/gitblit/models/UserModel.java
index f1bc5efc..ac67ff78 100644
--- a/src/com/gitblit/models/UserModel.java
+++ b/src/com/gitblit/models/UserModel.java
@@ -360,6 +360,12 @@ public class UserModel implements Principal, Serializable, Comparable<UserModel>
 	public boolean canView(RepositoryModel repository) {
 		return canAccess(repository, AccessRestrictionType.VIEW, AccessPermission.VIEW);
 	}
+	
+	public boolean canView(RepositoryModel repository, String ref) {
+		// Default UserModel doesn't implement ref-level security.
+		// Other Realms (i.e. Gerrit) may override this method.
+		return canView(repository);
+	}
 
 	public boolean canClone(RepositoryModel repository) {
 		return canAccess(repository, AccessRestrictionType.CLONE, AccessPermission.CLONE);
@@ -587,6 +593,7 @@ public class UserModel implements Principal, Serializable, Comparable<UserModel>
 		return nameVerified && emailVerified;
 	}
 	
+	@Deprecated
 	public boolean hasBranchPermission(String repositoryName, String branch) {
 		// Default UserModel doesn't implement branch-level security. Other Realms (i.e. Gerrit) may override this method.
 		return hasRepositoryPermission(repositoryName) || hasTeamRepositoryPermission(repositoryName);
diff --git a/src/com/gitblit/wicket/pages/RepositoryPage.java b/src/com/gitblit/wicket/pages/RepositoryPage.java
index 3acf73af..b4e1a0e3 100644
--- a/src/com/gitblit/wicket/pages/RepositoryPage.java
+++ b/src/com/gitblit/wicket/pages/RepositoryPage.java
@@ -112,7 +112,7 @@ public abstract class RepositoryPage extends BasePage {
 					// workaround until get().getUser() is reviewed throughout the app
 					user = UserModel.ANONYMOUS;
 				}
-				boolean canAccess = user.hasBranchPermission(repositoryName,
+				boolean canAccess = user.canView(getRepositoryModel(),
 								branch.reference.getName());
 				if (!canAccess) {
 					error(getString("gb.accessDenied"), true);
diff --git a/src/com/gitblit/wicket/panels/BranchesPanel.java b/src/com/gitblit/wicket/panels/BranchesPanel.java
index 26fedc1e..1262077c 100644
--- a/src/com/gitblit/wicket/panels/BranchesPanel.java
+++ b/src/com/gitblit/wicket/panels/BranchesPanel.java
@@ -67,14 +67,14 @@ public class BranchesPanel extends BasePanel {
 
 		List<RefModel> localBranches = JGitUtils.getLocalBranches(r, false, -1);
 		for (RefModel refModel : localBranches) {
-			if (user.hasBranchPermission(model.name, refModel.reference.getName())) {
+			if (user.canView(model, refModel.reference.getName())) {
 				branches.add(refModel);
 			}
 		}
 		if (model.showRemoteBranches) {
 			List<RefModel> remoteBranches = JGitUtils.getRemoteBranches(r, false, -1);
 			for (RefModel refModel : remoteBranches) {
-				if (user.hasBranchPermission(model.name, refModel.reference.getName())) {
+				if (user.canView(model, refModel.reference.getName())) {
 					branches.add(refModel);
 				}
 			}
-- 
2.39.5