diff options
| author | James Moger <james.moger@gitblit.com> | 2014-03-12 17:21:12 -0400 |
|---|---|---|
| committer | James Moger <james.moger@gitblit.com> | 2014-03-12 17:21:12 -0400 |
| commit | a66312f3d4bb9f1f6aad5ed66d2082057c99f519 (patch) | |
| tree | f57afd293d7b92244eb4938953aa6bfc2a74fbb2 | |
| parent | 04916f41ad69c03638b6b67e24c37593437d339b (diff) | |
| download | gitblit-a66312f3d4bb9f1f6aad5ed66d2082057c99f519.tar.gz gitblit-a66312f3d4bb9f1f6aad5ed66d2082057c99f519.zip | |
Tweak the receive pack push permission check to be a method
| -rw-r--r-- | src/main/java/com/gitblit/git/GitblitReceivePack.java | 28 |
1 files changed, 27 insertions, 1 deletions
diff --git a/src/main/java/com/gitblit/git/GitblitReceivePack.java b/src/main/java/com/gitblit/git/GitblitReceivePack.java index e3e2faeb..73da3d3e 100644 --- a/src/main/java/com/gitblit/git/GitblitReceivePack.java +++ b/src/main/java/com/gitblit/git/GitblitReceivePack.java @@ -124,6 +124,32 @@ public class GitblitReceivePack extends ReceivePack implements PreReceiveHook, P }
/**
+ * Returns true if the user is permitted to apply the receive commands to
+ * the repository.
+ *
+ * @param commands
+ * @return true if the user may push these commands
+ */
+ protected boolean canPush(Collection<ReceiveCommand> commands) {
+ // TODO Consider supporting branch permissions here (issue-36)
+ // Not sure if that should be Gerrit-style, refs/meta/config, or
+ // gitolite-style, permissions in users.conf
+ //
+ // How could commands be empty?
+ //
+ // Because a subclass, like PatchsetReceivePack, filters receive
+ // commands before this method is called. This makes it possible for
+ // this method to test an empty list. In this case, we assume that the
+ // subclass receive pack properly enforces push restrictions. for the
+ // ref.
+ //
+ // The empty test is not explicitly required, it's written here to
+ // clarify special-case behavior.
+
+ return commands.isEmpty() ? true : user.canPush(repository);
+ }
+
+ /**
* Instrumentation point where the incoming push event has been parsed,
* validated, objects created BUT refs have not been updated. You might
* use this to enforce a branch-write permissions model.
@@ -155,7 +181,7 @@ public class GitblitReceivePack extends ReceivePack implements PreReceiveHook, P return;
}
- if (!user.canPush(repository)) {
+ if (!canPush(commands)) {
// user does not have push permissions
for (ReceiveCommand cmd : commands) {
sendRejection(cmd, "User \"{0}\" does not have push permissions for \"{1}\"!", user.username, repository.name);
|