mirrors
/
gitblit
kopie van https://github.com/gitblit/gitblit.git
Volgen 1
Ster 0
Vork 0
Code Kwesties 0 Publicaties 43 Wiki Activiteit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1550 Commits
11 Branches
Tree: 04a98505a4
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van '04a98505a4'
${ noResults }
gitblit/src/main/java/com/gitblit/models/TeamModel.java

TeamModel.java 11KB
Ruw Blame Geschiedenis

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377 
  1. /*

  2.  * Copyright 2011 gitblit.com.

  3.  *

  4.  * Licensed under the Apache License, Version 2.0 (the "License");

  5.  * you may not use this file except in compliance with the License.

  6.  * You may obtain a copy of the License at

  7.  *

  8.  *     http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  * Unless required by applicable law or agreed to in writing, software

  11.  * distributed under the License is distributed on an "AS IS" BASIS,

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  * See the License for the specific language governing permissions and

  14.  * limitations under the License.

  15.  */

  16. package com.gitblit.models;

  17. 

  18. import java.io.Serializable;

  19. import java.util.ArrayList;

  20. import java.util.Collection;

  21. import java.util.Collections;

  22. import java.util.HashSet;

  23. import java.util.LinkedHashMap;

  24. import java.util.List;

  25. import java.util.Map;

  26. import java.util.Set;

  27. 

  28. import com.gitblit.Constants.AccessPermission;

  29. import com.gitblit.Constants.AccessRestrictionType;

  30. import com.gitblit.Constants.AccountType;

  31. import com.gitblit.Constants.PermissionType;

  32. import com.gitblit.Constants.RegistrantType;

  33. import com.gitblit.Constants.Unused;

  34. import com.gitblit.utils.StringUtils;

  35. 

  36. /**

  37.  * TeamModel is a serializable model class that represents a group of users and

  38.  * a list of accessible repositories.

  39.  *

  40.  * @author James Moger

  41.  *

  42.  */

  43. public class TeamModel implements Serializable, Comparable<TeamModel> {

  44. 

  45. 	private static final long serialVersionUID = 1L;

  46. 

  47. 	// field names are reflectively mapped in EditTeam page

  48. 	public String name;

  49. 	public boolean canAdmin;

  50. 	public boolean canFork;

  51. 	public boolean canCreate;

  52. 	public AccountType accountType;

  53. 	public final Set<String> users = new HashSet<String>();

  54. 	// retained for backwards-compatibility with RPC clients

  55. 	@Deprecated

  56. 	public final Set<String> repositories = new HashSet<String>();

  57. 	public final Map<String, AccessPermission> permissions = new LinkedHashMap<String, AccessPermission>();

  58. 	public final Set<String> mailingLists = new HashSet<String>();

  59. 	public final List<String> preReceiveScripts = new ArrayList<String>();

  60. 	public final List<String> postReceiveScripts = new ArrayList<String>();

  61. 

  62. 	public TeamModel(String name) {

  63. 		this.name = name;

  64. 		this.accountType = AccountType.LOCAL;

  65. 	}

  66. 

  67. 	/**

  68. 	 * @use hasRepositoryPermission

  69. 	 * @param name

  70. 	 * @return

  71. 	 */

  72. 	@Deprecated

  73. 	@Unused

  74. 	public boolean hasRepository(String name) {

  75. 		return hasRepositoryPermission(name);

  76. 	}

  77. 

  78. 	@Deprecated

  79. 	@Unused

  80. 	public void addRepository(String name) {

  81. 		addRepositoryPermission(name);

  82. 	}

  83. 

  84. 	@Deprecated

  85. 	@Unused

  86. 	public void addRepositories(Collection<String> names) {

  87. 		addRepositoryPermissions(names);

  88. 	}

  89. 

  90. 	@Deprecated

  91. 	@Unused

  92. 	public void removeRepository(String name) {

  93. 		removeRepositoryPermission(name);

  94. 	}

  95. 

  96. 

  97. 	/**

  98. 	 * Returns a list of repository permissions for this team.

  99. 	 *

  100. 	 * @return the team's list of permissions

  101. 	 */

  102. 	public List<RegistrantAccessPermission> getRepositoryPermissions() {

  103. 		List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();

  104. 		if (canAdmin) {

  105. 			// team has REWIND access to all repositories

  106. 			return list;

  107. 		}

  108. 		for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) {

  109. 			String registrant = entry.getKey();

  110. 			String source = null;

  111. 			boolean editable = true;

  112. 			PermissionType pType = PermissionType.EXPLICIT;

  113. 			if (StringUtils.findInvalidCharacter(registrant) != null) {

  114. 				// a regex will have at least 1 invalid character

  115. 				pType = PermissionType.REGEX;

  116. 				source = registrant;

  117. 			}

  118. 			list.add(new RegistrantAccessPermission(registrant, entry.getValue(), pType, RegistrantType.REPOSITORY, source, editable));

  119. 		}

  120. 		Collections.sort(list);

  121. 		return list;

  122. 	}

  123. 

  124. 	/**

  125. 	 * Returns true if the team has any type of specified access permission for

  126. 	 * this repository.

  127. 	 *

  128. 	 * @param name

  129. 	 * @return true if team has a specified access permission for the repository

  130. 	 */

  131. 	public boolean hasRepositoryPermission(String name) {

  132. 		String repository = AccessPermission.repositoryFromRole(name).toLowerCase();

  133. 		if (permissions.containsKey(repository)) {

  134. 			// exact repository permission specified

  135. 			return true;

  136. 		} else {

  137. 			// search for regex permission match

  138. 			for (String key : permissions.keySet()) {

  139. 				if (name.matches(key)) {

  140. 					AccessPermission p = permissions.get(key);

  141. 					if (p != null) {

  142. 						return true;

  143. 					}

  144. 				}

  145. 			}

  146. 		}

  147. 		return false;

  148. 	}

  149. 

  150. 	/**

  151. 	 * Returns true if the team has an explicitly specified access permission for

  152. 	 * this repository.

  153. 	 *

  154. 	 * @param name

  155. 	 * @return if the team has an explicitly specified access permission

  156. 	 */

  157. 	public boolean hasExplicitRepositoryPermission(String name) {

  158. 		String repository = AccessPermission.repositoryFromRole(name).toLowerCase();

  159. 		return permissions.containsKey(repository);

  160. 	}

  161. 

  162. 	/**

  163. 	 * Adds a repository permission to the team.

  164. 	 * <p>

  165. 	 * Role may be formatted as:

  166. 	 * <ul>

  167. 	 * <li> myrepo.git <i>(this is implicitly RW+)</i>

  168. 	 * <li> RW+:myrepo.git

  169. 	 * </ul>

  170. 	 * @param role

  171. 	 */

  172. 	public void addRepositoryPermission(String role) {

  173. 		AccessPermission permission = AccessPermission.permissionFromRole(role);

  174. 		String repository = AccessPermission.repositoryFromRole(role).toLowerCase();

  175. 		repositories.add(repository);

  176. 		permissions.put(repository, permission);

  177. 	}

  178. 

  179. 	public void addRepositoryPermissions(Collection<String> roles) {

  180. 		for (String role:roles) {

  181. 			addRepositoryPermission(role);

  182. 		}

  183. 	}

  184. 

  185. 	public AccessPermission removeRepositoryPermission(String name) {

  186. 		String repository = AccessPermission.repositoryFromRole(name).toLowerCase();

  187. 		repositories.remove(repository);

  188. 		return permissions.remove(repository);

  189. 	}

  190. 

  191. 	public void setRepositoryPermission(String repository, AccessPermission permission) {

  192. 		if (permission == null) {

  193. 			// remove the permission

  194. 			permissions.remove(repository.toLowerCase());

  195. 			repositories.remove(repository.toLowerCase());

  196. 		} else {

  197. 			// set the new permission

  198. 			permissions.put(repository.toLowerCase(), permission);

  199. 			repositories.add(repository.toLowerCase());

  200. 		}

  201. 	}

  202. 

  203. 	public RegistrantAccessPermission getRepositoryPermission(RepositoryModel repository) {

  204. 		RegistrantAccessPermission ap = new RegistrantAccessPermission();

  205. 		ap.registrant = name;

  206. 		ap.registrantType = RegistrantType.TEAM;

  207. 		ap.permission = AccessPermission.NONE;

  208. 		ap.mutable = false;

  209. 

  210. 		// determine maximum permission for the repository

  211. 		final AccessPermission maxPermission =

  212. 				(repository.isFrozen || !repository.isBare || repository.isMirror) ?

  213. 						AccessPermission.CLONE : AccessPermission.REWIND;

  214. 

  215. 		if (AccessRestrictionType.NONE.equals(repository.accessRestriction)) {

  216. 			// anonymous rewind

  217. 			ap.permissionType = PermissionType.ANONYMOUS;

  218. 			if (AccessPermission.REWIND.atMost(maxPermission)) {

  219. 				ap.permission = AccessPermission.REWIND;

  220. 			} else {

  221. 				ap.permission = maxPermission;

  222. 			}

  223. 			return ap;

  224. 		}

  225. 

  226. 		if (canAdmin) {

  227. 			ap.permissionType = PermissionType.ADMINISTRATOR;

  228. 			if (AccessPermission.REWIND.atMost(maxPermission)) {

  229. 				ap.permission = AccessPermission.REWIND;

  230. 			} else {

  231. 				ap.permission = maxPermission;

  232. 			}

  233. 			return ap;

  234. 		}

  235. 

  236. 		if (permissions.containsKey(repository.name.toLowerCase())) {

  237. 			// exact repository permission specified

  238. 			AccessPermission p = permissions.get(repository.name.toLowerCase());

  239. 			if (p != null && repository.accessRestriction.isValidPermission(p)) {

  240. 				ap.permissionType = PermissionType.EXPLICIT;

  241. 				if (p.atMost(maxPermission)) {

  242. 					ap.permission = p;

  243. 				} else {

  244. 					ap.permission = maxPermission;

  245. 				}

  246. 				ap.mutable = true;

  247. 				return ap;

  248. 			}

  249. 		} else {

  250. 			// search for case-insensitive regex permission match

  251. 			for (String key : permissions.keySet()) {

  252. 				if (StringUtils.matchesIgnoreCase(repository.name, key)) {

  253. 					AccessPermission p = permissions.get(key);

  254. 					if (p != null && repository.accessRestriction.isValidPermission(p)) {

  255. 						// take first match

  256. 						ap.permissionType = PermissionType.REGEX;

  257. 						if (p.atMost(maxPermission)) {

  258. 							ap.permission = p;

  259. 						} else {

  260. 							ap.permission = maxPermission;

  261. 						}

  262. 						ap.source = key;

  263. 						return ap;

  264. 					}

  265. 				}

  266. 			}

  267. 		}

  268. 

  269. 		// still no explicit or regex, check for implicit permissions

  270. 		if (AccessPermission.NONE == ap.permission) {

  271. 			switch (repository.accessRestriction) {

  272. 			case VIEW:

  273. 				// no implicit permissions possible

  274. 				break;

  275. 			case CLONE:

  276. 				// implied view permission

  277. 				ap.permission = AccessPermission.VIEW;

  278. 				ap.permissionType = PermissionType.ANONYMOUS;

  279. 				break;

  280. 			case PUSH:

  281. 				// implied clone permission

  282. 				ap.permission = AccessPermission.CLONE;

  283. 				ap.permissionType = PermissionType.ANONYMOUS;

  284. 				break;

  285. 			case NONE:

  286. 				// implied REWIND or CLONE

  287. 				ap.permission = maxPermission;

  288. 				ap.permissionType = PermissionType.ANONYMOUS;

  289. 				break;

  290. 			}

  291. 		}

  292. 

  293. 		return ap;

  294. 	}

  295. 

  296. 	protected boolean canAccess(RepositoryModel repository, AccessRestrictionType ifRestriction, AccessPermission requirePermission) {

  297. 		if (repository.accessRestriction.atLeast(ifRestriction)) {

  298. 			RegistrantAccessPermission ap = getRepositoryPermission(repository);

  299. 			return ap.permission.atLeast(requirePermission);

  300. 		}

  301. 		return true;

  302. 	}

  303. 

  304. 	public boolean canView(RepositoryModel repository) {

  305. 		return canAccess(repository, AccessRestrictionType.VIEW, AccessPermission.VIEW);

  306. 	}

  307. 

  308. 	public boolean canClone(RepositoryModel repository) {

  309. 		return canAccess(repository, AccessRestrictionType.CLONE, AccessPermission.CLONE);

  310. 	}

  311. 

  312. 	public boolean canPush(RepositoryModel repository) {

  313. 		if (repository.isFrozen) {

  314. 			return false;

  315. 		}

  316. 		return canAccess(repository, AccessRestrictionType.PUSH, AccessPermission.PUSH);

  317. 	}

  318. 

  319. 	public boolean canCreateRef(RepositoryModel repository) {

  320. 		if (repository.isFrozen) {

  321. 			return false;

  322. 		}

  323. 		return canAccess(repository, AccessRestrictionType.PUSH, AccessPermission.CREATE);

  324. 	}

  325. 

  326. 	public boolean canDeleteRef(RepositoryModel repository) {

  327. 		if (repository.isFrozen) {

  328. 			return false;

  329. 		}

  330. 		return canAccess(repository, AccessRestrictionType.PUSH, AccessPermission.DELETE);

  331. 	}

  332. 

  333. 	public boolean canRewindRef(RepositoryModel repository) {

  334. 		if (repository.isFrozen) {

  335. 			return false;

  336. 		}

  337. 		return canAccess(repository, AccessRestrictionType.PUSH, AccessPermission.REWIND);

  338. 	}

  339. 

  340. 	public boolean hasUser(String name) {

  341. 		return users.contains(name.toLowerCase());

  342. 	}

  343. 

  344. 	public void addUser(String name) {

  345. 		users.add(name.toLowerCase());

  346. 	}

  347. 

  348. 	public void addUsers(Collection<String> names) {

  349. 		for (String name:names) {

  350. 			users.add(name.toLowerCase());

  351. 		}

  352. 	}

  353. 

  354. 	public void removeUser(String name) {

  355. 		users.remove(name.toLowerCase());

  356. 	}

  357. 

  358. 	public void addMailingLists(Collection<String> addresses) {

  359. 		for (String address:addresses) {

  360. 			mailingLists.add(address.toLowerCase());

  361. 		}

  362. 	}

  363. 

  364. 	public boolean isLocalTeam() {

  365. 		return accountType.isLocal();

  366. 	}

  367. 

  368. 	@Override

  369. 	public String toString() {

  370. 		return name;

  371. 	}

  372. 

  373. 	@Override

  374. 	public int compareTo(TeamModel o) {

  375. 		return name.compareTo(o.name);

  376. 	}

  377. }