Add regex permission matching to hasRepositoryPermission check (issue 36)

3 files changed, 34 insertions, 2 deletions

diff --git a/src/com/gitblit/models/TeamModel.java b/src/com/gitblit/models/TeamModel.java
index 0b9c5069..896adfe6 100644
--- a/src/com/gitblit/models/TeamModel.java
+++ b/src/com/gitblit/models/TeamModel.java
@@ -92,7 +92,21 @@ public class TeamModel implements Serializable, Comparable<TeamModel> {
 	 */

 	public boolean hasRepositoryPermission(String name) {

 		String repository = AccessPermission.repositoryFromRole(name).toLowerCase();

-		return permissions.containsKey(repository) || repositories.contains(repository);

+		if (permissions.containsKey(repository)) {

+			// exact repository permission specified

+			return true;

+		} else {

+			// search for regex permission match

+			for (String key : permissions.keySet()) {

+				if (name.matches(key)) {

+					AccessPermission p = permissions.get(key);

+					if (p != null) {

+						return true;

+					}

+				}

+			}

+		}

+		return false;

 	}

 	

 	/**

diff --git a/src/com/gitblit/models/UserModel.java b/src/com/gitblit/models/UserModel.java
index a4a40245..d8c2abe3 100644
--- a/src/com/gitblit/models/UserModel.java
+++ b/src/com/gitblit/models/UserModel.java
@@ -132,7 +132,21 @@ public class UserModel implements Principal, Serializable, Comparable<UserModel>
 	 */

 	public boolean hasRepositoryPermission(String name) {

 		String repository = AccessPermission.repositoryFromRole(name).toLowerCase();

-		return permissions.containsKey(repository) || repositories.contains(repository);

+		if (permissions.containsKey(repository)) {

+			// exact repository permission specified

+			return true;

+		} else {

+			// search for regex permission match

+			for (String key : permissions.keySet()) {

+				if (name.matches(key)) {

+					AccessPermission p = permissions.get(key);

+					if (p != null) {

+						return true;

+					}

+				}

+			}

+		}

+		return false;

 	}

 	

 	/**

diff --git a/tests/com/gitblit/tests/PermissionsTest.java b/tests/com/gitblit/tests/PermissionsTest.java
index 83ab11e1..41ff5a63 100644
--- a/tests/com/gitblit/tests/PermissionsTest.java
+++ b/tests/com/gitblit/tests/PermissionsTest.java
@@ -2329,6 +2329,7 @@ public class PermissionsTest extends Assert {
 		UserModel user = new UserModel("test");
 		repository.owner = user.username;
 
+		assertFalse("user SHOULD NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
 		assertTrue("owner CAN NOT view!", user.canView(repository));
 		assertTrue("owner CAN NOT clone!", user.canClone(repository));
 		assertTrue("owner CAN NOT push!", user.canPush(repository));
@@ -2352,6 +2353,7 @@ public class PermissionsTest extends Assert {
 		UserModel user = new UserModel("test");
 		repository.owner = user.username;
 
+		assertFalse("user SHOULD NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
 		assertTrue("user CAN NOT view!", user.canView(repository));
 		assertTrue("user CAN NOT clone!", user.canClone(repository));
 		assertTrue("user CAN NOT push!", user.canPush(repository));
@@ -2375,6 +2377,7 @@ public class PermissionsTest extends Assert {
 		UserModel user = new UserModel("visitor");
 		repository.owner = "test";
 
+		assertFalse("user HAS a repository permission!", user.hasRepositoryPermission(repository.name));
 		assertFalse("user CAN view!", user.canView(repository));
 		assertFalse("user CAN clone!", user.canClone(repository));
 		assertFalse("user CAN push!", user.canPush(repository));
@@ -2398,6 +2401,7 @@ public class PermissionsTest extends Assert {
 		UserModel user = new UserModel("test");
 		user.setRepositoryPermission("ubercool/[A-Za-z0-9-~_\\./]+", AccessPermission.CLONE);
 
+		assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
 		assertTrue("user CAN NOT view!", user.canView(repository));
 		assertTrue("user CAN NOT clone!", user.canClone(repository));
 		assertFalse("user CAN push!", user.canPush(repository));