From b325021c4e3168ef77bf3eb28be1d4c834595de8 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Fri, 27 Sep 2013 14:27:15 -0400
Subject: [PATCH] Change default access restriction to PUSH

Change-Id: I74b3f9fedd77294c53648f8eaa730d4a84917555
---
 releases.moxie                                               | 5 +++--
 src/main/distrib/data/gitblit.properties                     | 4 ++--
 src/main/java/com/gitblit/GitBlit.java                       | 2 +-
 src/main/java/com/gitblit/GitFilter.java                     | 2 +-
 src/main/java/com/gitblit/client/GitblitClient.java          | 2 +-
 src/main/java/com/gitblit/git/GitblitReceivePackFactory.java | 2 +-
 .../java/com/gitblit/wicket/pages/EditRepositoryPage.java    | 4 ++--
 7 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/releases.moxie b/releases.moxie
index 3418a051..8b8cfe8d 100644
--- a/releases.moxie
+++ b/releases.moxie
@@ -5,7 +5,7 @@ r20: {
     title: ${project.name} ${project.version} released
     id: ${project.version}
     date: ${project.buildDate}
-    note: ~
+    note: "The default access restriction has been elevated from NONE to PUSH and anonymous push access has been disabled."
     html: ~
     text: ~
     security: ~
@@ -27,7 +27,8 @@ r20: {
     dependencyChanges: ~
     settings:
     - { name: 'git.createRepositoriesShared', defaultValue: 'false' }
-    - { name: 'git.allowAnonymousPushes', defaultValue: 'true' }
+    - { name: 'git.allowAnonymousPushes', defaultValue: 'false' }
+	- { name: 'git.defaultAccessRestriction', defaultValue: 'PUSH' }
 	- { name: 'web.commitMessageRenderer', defaultValue: 'plain' }
 	- { name: 'web.showBranchGraph', defaultValue: 'true' }
     contributors:
diff --git a/src/main/distrib/data/gitblit.properties b/src/main/distrib/data/gitblit.properties
index 9a02e231..7c62c5ad 100644
--- a/src/main/distrib/data/gitblit.properties
+++ b/src/main/distrib/data/gitblit.properties
@@ -155,7 +155,7 @@ git.allowCreateOnPush = true
 # information.
 #
 # SINCE 1.4.0
-git.allowAnonymousPushes = true
+git.allowAnonymousPushes = false
 
 # The default access restriction for new repositories.
 # Valid values are NONE, PUSH, CLONE, VIEW
@@ -165,7 +165,7 @@ git.allowAnonymousPushes = true
 #  VIEW = authenticated view, clone, & push
 #
 # SINCE 1.0.0
-git.defaultAccessRestriction = NONE
+git.defaultAccessRestriction = PUSH
 
 # The default authorization control for new repositories.
 # Valid values are AUTHENTICATED and NAMED
diff --git a/src/main/java/com/gitblit/GitBlit.java b/src/main/java/com/gitblit/GitBlit.java
index c31a0e97..c5304b4f 100644
--- a/src/main/java/com/gitblit/GitBlit.java
+++ b/src/main/java/com/gitblit/GitBlit.java
@@ -2008,7 +2008,7 @@ public class GitBlit implements ServletContextListener {
 			model.incrementalPushTagPrefix = getConfig(config, "incrementalPushTagPrefix", null);
 			model.allowForks = getConfig(config, "allowForks", true);
 			model.accessRestriction = AccessRestrictionType.fromName(getConfig(config,
-					"accessRestriction", settings.getString(Keys.git.defaultAccessRestriction, null)));
+					"accessRestriction", settings.getString(Keys.git.defaultAccessRestriction, "PUSH")));
 			model.authorizationControl = AuthorizationControl.fromName(getConfig(config,
 					"authorizationControl", settings.getString(Keys.git.defaultAuthorizationControl, null)));
 			model.verifyCommitter = getConfig(config, "verifyCommitter", false);
diff --git a/src/main/java/com/gitblit/GitFilter.java b/src/main/java/com/gitblit/GitFilter.java
index 8c6dd80d..baa7ff0f 100644
--- a/src/main/java/com/gitblit/GitFilter.java
+++ b/src/main/java/com/gitblit/GitFilter.java
@@ -224,7 +224,7 @@ public class GitFilter extends AccessRestrictionFilter {
 				} else {
 					// common repository, user default server settings
 					model.authorizationControl = AuthorizationControl.fromName(GitBlit.getString(Keys.git.defaultAuthorizationControl, ""));
-					model.accessRestriction = AccessRestrictionType.fromName(GitBlit.getString(Keys.git.defaultAccessRestriction, ""));
+					model.accessRestriction = AccessRestrictionType.fromName(GitBlit.getString(Keys.git.defaultAccessRestriction, "PUSH"));
 				}
 
 				// create the repository
diff --git a/src/main/java/com/gitblit/client/GitblitClient.java b/src/main/java/com/gitblit/client/GitblitClient.java
index cc7d58a6..427f45ba 100644
--- a/src/main/java/com/gitblit/client/GitblitClient.java
+++ b/src/main/java/com/gitblit/client/GitblitClient.java
@@ -193,7 +193,7 @@ public class GitblitClient implements Serializable {
 	}
 	
 	public AccessRestrictionType getDefaultAccessRestriction() {
-		String restriction = null;
+		String restriction = "PUSH";
 		if (settings.hasKey(Keys.git.defaultAccessRestriction)) {
 			restriction = settings.get(Keys.git.defaultAccessRestriction).currentValue;
 		}
diff --git a/src/main/java/com/gitblit/git/GitblitReceivePackFactory.java b/src/main/java/com/gitblit/git/GitblitReceivePackFactory.java
index feb33e92..b2862f03 100644
--- a/src/main/java/com/gitblit/git/GitblitReceivePackFactory.java
+++ b/src/main/java/com/gitblit/git/GitblitReceivePackFactory.java
@@ -81,7 +81,7 @@ public class GitblitReceivePackFactory<X> implements ReceivePackFactory<X> {
 			timeout = client.getDaemon().getTimeout();
 		}
 
-		boolean allowAnonymousPushes = GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true);
+		boolean allowAnonymousPushes = GitBlit.getBoolean(Keys.git.allowAnonymousPushes, false);
 		if (!allowAnonymousPushes && UserModel.ANONYMOUS.equals(user)) {
 			// prohibit anonymous pushes
 			throw new ServiceNotEnabledException();
diff --git a/src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.java b/src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.java
index 568c3123..f2c47f2e 100644
--- a/src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/EditRepositoryPage.java
@@ -86,7 +86,7 @@ public class EditRepositoryPage extends RootSubPage {
 		super();
 		isCreate = true;
 		RepositoryModel model = new RepositoryModel();
-		String restriction = GitBlit.getString(Keys.git.defaultAccessRestriction, null);
+		String restriction = GitBlit.getString(Keys.git.defaultAccessRestriction, "PUSH");
 		model.accessRestriction = AccessRestrictionType.fromName(restriction);
 		String authorization = GitBlit.getString(Keys.git.defaultAuthorizationControl, null);
 		model.authorizationControl = AuthorizationControl.fromName(authorization);
@@ -418,7 +418,7 @@ public class EditRepositoryPage extends RootSubPage {
 		form.add(ownersPalette);
 		form.add(new CheckBox("allowForks").setEnabled(GitBlit.getBoolean(Keys.web.allowForking, true)));
 		DropDownChoice<AccessRestrictionType> accessRestriction = new DropDownChoice<AccessRestrictionType>("accessRestriction",
-				AccessRestrictionType.choices(GitBlit.getBoolean(Keys.git.allowAnonymousPushes, true)), new AccessRestrictionRenderer());
+				AccessRestrictionType.choices(GitBlit.getBoolean(Keys.git.allowAnonymousPushes, false)), new AccessRestrictionRenderer());
 		form.add(accessRestriction);
 		form.add(new CheckBox("isFrozen"));
 		// TODO enable origin definition
-- 
2.39.5