@@ -13,9 +13,9 @@ public class Constants { | |||
public static enum AccessRestrictionType { | |||
NONE, PUSH, CLONE, VIEW; | |||
public static AccessRestrictionType fromString(String name) { | |||
public static AccessRestrictionType fromName(String name) { | |||
for (AccessRestrictionType type : values()) { | |||
if (type.toString().equalsIgnoreCase(name)) { | |||
if (type.name().equalsIgnoreCase(name)) { | |||
return type; | |||
} | |||
} | |||
@@ -29,13 +29,13 @@ public class Constants { | |||
public String toString() { | |||
switch (this) { | |||
case NONE: | |||
return "none"; | |||
return "Anonymous View, Clone, & Push"; | |||
case PUSH: | |||
return "push"; | |||
return "Anonymous View & Clone, Authenticated Push"; | |||
case CLONE: | |||
return "clone"; | |||
return "Anonymous View, Authenticated Clone & Push"; | |||
case VIEW: | |||
return "view"; | |||
return "Authenticated View, Clone, & Push"; | |||
} | |||
return "none"; | |||
} |
@@ -140,7 +140,7 @@ public class GitBlit implements ServletContextListener { | |||
public RepositoryModel getRepositoryModel(UserModel user, String repositoryName) { | |||
RepositoryModel model = getRepositoryModel(repositoryName); | |||
if (model.accessRestriction.atLeast(AccessRestrictionType.VIEW)) { | |||
if (user != null && user.canView(model)) { | |||
if (user != null && user.canAccessRepository(model.name)) { | |||
return model; | |||
} | |||
return null; | |||
@@ -161,7 +161,7 @@ public class GitBlit implements ServletContextListener { | |||
model.owner = config.getString("gitblit", null, "owner"); | |||
model.useTickets = config.getBoolean("gitblit", "useTickets", false); | |||
model.useDocs = config.getBoolean("gitblit", "useDocs", false); | |||
model.accessRestriction = AccessRestrictionType.fromString(config.getString("gitblit", null, "accessRestriction")); | |||
model.accessRestriction = AccessRestrictionType.fromName(config.getString("gitblit", null, "accessRestriction")); | |||
model.showRemoteBranches = config.getBoolean("gitblit", "showRemoteBranches", false); | |||
} | |||
r.close(); | |||
@@ -195,7 +195,7 @@ public class GitBlit implements ServletContextListener { | |||
config.setString("gitblit", null, "owner", repository.owner); | |||
config.setBoolean("gitblit", null, "useTickets", repository.useTickets); | |||
config.setBoolean("gitblit", null, "useDocs", repository.useDocs); | |||
config.setString("gitblit", null, "accessRestriction", repository.accessRestriction.toString()); | |||
config.setString("gitblit", null, "accessRestriction", repository.accessRestriction.name()); | |||
config.setBoolean("gitblit", null, "showRemoteBranches", repository.showRemoteBranches); | |||
try { | |||
config.save(); |
@@ -49,9 +49,8 @@ public class GitBlitServlet extends GitServlet { | |||
boolean authorizedUser = req.isUserInRole(repository); | |||
if (function.startsWith("git-receive-pack") || (query.indexOf("service=git-receive-pack") > -1)) { | |||
// Push request | |||
boolean pushRestricted = model.accessRestriction.atLeast(AccessRestrictionType.PUSH); | |||
if (!pushRestricted || (pushRestricted && authorizedUser)) { | |||
// push-unrestricted or push-authorized | |||
if (authorizedUser) { | |||
// clone-restricted or push-authorized | |||
super.service(req, rsp); | |||
return; | |||
} else { | |||
@@ -64,7 +63,7 @@ public class GitBlitServlet extends GitServlet { | |||
// Clone request | |||
boolean cloneRestricted = model.accessRestriction.atLeast(AccessRestrictionType.CLONE); | |||
if (!cloneRestricted || (cloneRestricted && authorizedUser)) { | |||
// clone-unrestricted or clone-authorized | |||
// push-restricted or clone-authorized | |||
super.service(req, rsp); | |||
return; | |||
} else { |
@@ -4,8 +4,6 @@ import java.io.Serializable; | |||
import java.util.ArrayList; | |||
import java.util.List; | |||
import com.gitblit.Constants.AccessRestrictionType; | |||
public class UserModel implements Serializable { | |||
private static final long serialVersionUID = 1L; | |||
@@ -39,27 +37,9 @@ public class UserModel implements Serializable { | |||
public boolean canAdmin() { | |||
return canAdmin; | |||
} | |||
public boolean canClone(RepositoryModel repository) { | |||
return canAccess(repository, AccessRestrictionType.CLONE); | |||
} | |||
public boolean canPush(RepositoryModel repository) { | |||
return canAccess(repository, AccessRestrictionType.PUSH); | |||
} | |||
public boolean canView(RepositoryModel repository) { | |||
return canAccess(repository, AccessRestrictionType.VIEW); | |||
} | |||
private boolean canAccess(RepositoryModel repository, AccessRestrictionType minimum) { | |||
if (repository.accessRestriction.atLeast(minimum)) { | |||
// repository is restricted, must check roles | |||
return canAdmin || repositories.contains(repository.name); | |||
} else { | |||
// repository is not restricted | |||
return true; | |||
} | |||
public boolean canAccessRepository(String repositoryName) { | |||
return canAdmin || repositories.contains(repositoryName); | |||
} | |||
public void setCookie(String cookie) { |