From 7ca05374db6f6af9de06665c9d2d08acfe85aa4f Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 5 Mar 2014 12:26:14 -0500
Subject: Centralized ticket editing permission controls

---
 src/main/java/com/gitblit/models/UserModel.java | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

(limited to 'src/main/java/com/gitblit/models/UserModel.java')

diff --git a/src/main/java/com/gitblit/models/UserModel.java b/src/main/java/com/gitblit/models/UserModel.java
index fbf311a5..fee9c172 100644
--- a/src/main/java/com/gitblit/models/UserModel.java
+++ b/src/main/java/com/gitblit/models/UserModel.java
@@ -447,16 +447,23 @@ public class UserModel implements Principal, Serializable, Comparable<UserModel>
 		return canAdmin() || model.isUsersPersonalRepository(username) || model.isOwner(username);
 	}
 
+	public boolean canEdit(TicketModel ticket, RepositoryModel repository) {
+		 return isAuthenticated() &&
+				 (username.equals(ticket.createdBy)
+				 || username.equals(ticket.responsible)
+				 || canPush(repository));
+	}
+
 	public boolean canReviewPatchset(RepositoryModel model) {
-		return isAuthenticated && canClone(model);
+		return isAuthenticated() && canClone(model);
 	}
 
 	public boolean canApprovePatchset(RepositoryModel model) {
-		return isAuthenticated && canPush(model);
+		return isAuthenticated() && canPush(model);
 	}
 
 	public boolean canVetoPatchset(RepositoryModel model) {
-		return isAuthenticated && canPush(model);
+		return isAuthenticated() && canPush(model);
 	}
 
 	/**
@@ -540,6 +547,10 @@ public class UserModel implements Principal, Serializable, Comparable<UserModel>
 		return false;
 	}
 
+	public boolean isAuthenticated() {
+		return !UserModel.ANONYMOUS.equals(this) && isAuthenticated;
+	}
+
 	public boolean isTeamMember(String teamname) {
 		for (TeamModel team : teams) {
 			if (team.name.equalsIgnoreCase(teamname)) {
-- 
cgit v1.2.3