| src/com/gitblit/ConfigUserService.java | ●●●●● patch | view | raw | blame | history | |
| src/com/gitblit/FileUserService.java | ●●●●● patch | view | raw | blame | history | |
| src/com/gitblit/models/TeamModel.java | ●●●●● patch | view | raw | blame | history | |
| src/com/gitblit/models/UserModel.java | ●●●●● patch | view | raw | blame | history |
src/com/gitblit/ConfigUserService.java
@@ -841,7 +841,7 @@ config.setStringList(USER, model.username, ROLE, roles); // discrete repository permissions if (model.permissions != null) { if (model.permissions != null && !model.canAdmin) { List<String> permissions = new ArrayList<String>(); for (Map.Entry<String, AccessPermission> entry : model.permissions.entrySet()) { if (entry.getValue().exceeds(AccessPermission.NONE)) { @@ -872,6 +872,8 @@ } config.setStringList(TEAM, model.name, ROLE, roles); if (!model.canAdmin) { // write team permission for non-admin teams if (model.permissions == null) { // null check on "final" repositories because JSON-sourced TeamModel // can have a null repositories object @@ -889,6 +891,7 @@ } } config.setStringList(TEAM, model.name, REPOSITORY, permissions); } } // null check on "final" users because JSON-sourced TeamModel @@ -975,10 +978,13 @@ user.excludeFromFederation = roles.contains(Constants.NOT_FEDERATED_ROLE); // repository memberships if (!user.canAdmin) { // non-admin, read permissions Set<String> repositories = new HashSet<String>(Arrays.asList(config .getStringList(USER, username, REPOSITORY))); for (String repository : repositories) { user.addRepositoryPermission(repository); } } // update cache @@ -998,8 +1004,11 @@ team.canFork = roles.contains(Constants.FORK_ROLE); team.canCreate = roles.contains(Constants.CREATE_ROLE); if (!team.canAdmin) { // non-admin team, read permissions team.addRepositoryPermissions(Arrays.asList(config.getStringList(TEAM, teamname, REPOSITORY))); } team.addUsers(Arrays.asList(config.getStringList(TEAM, teamname, USER))); team.addMailingLists(Arrays.asList(config.getStringList(TEAM, teamname, MAILINGLIST))); src/com/gitblit/FileUserService.java
@@ -796,7 +796,10 @@ repositories.add(role); } } if (!team.canAdmin) { // only read permissions for non-admin teams team.addRepositoryPermissions(repositories); } team.addUsers(users); team.addMailingLists(mailingLists); team.preReceiveScripts.addAll(preReceive); src/com/gitblit/models/TeamModel.java
@@ -98,6 +98,10 @@ */ public List<RegistrantAccessPermission> getRepositoryPermissions() { List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>(); if (canAdmin) { // team has REWIND access to all repositories return list; } for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) { String registrant = entry.getKey(); String source = null; src/com/gitblit/models/UserModel.java
@@ -138,23 +138,26 @@ */ public List<RegistrantAccessPermission> getRepositoryPermissions() { List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>(); if (canAdmin()) { // user has REWIND access to all repositories return list; } for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) { String registrant = entry.getKey(); AccessPermission ap = entry.getValue(); String source = null; boolean editable = true; boolean mutable = true; PermissionType pType = PermissionType.EXPLICIT; if (canAdmin()) { pType = PermissionType.ADMINISTRATOR; editable = false; } else if (isMyPersonalRepository(registrant)) { if (isMyPersonalRepository(registrant)) { pType = PermissionType.OWNER; editable = false; ap = AccessPermission.REWIND; mutable = false; } else if (StringUtils.findInvalidCharacter(registrant) != null) { // a regex will have at least 1 invalid character pType = PermissionType.REGEX; source = registrant; } list.add(new RegistrantAccessPermission(registrant, entry.getValue(), pType, RegistrantType.REPOSITORY, source, editable)); list.add(new RegistrantAccessPermission(registrant, ap, pType, RegistrantType.REPOSITORY, source, mutable)); } Collections.sort(list); return list;
