githubFork/gitblit.git - Solinfo Gitblit

parent: ba54242b | patch | commit | ignore whitespace

Permission regexes are now case-insensitive

James Moger

2012-10-22 e5aaa5db9b323f58d9eb8338532fd04fce885048

Permission regexes are now case-insensitive

6 files modified

	docs/01_setup.mkd	4 ●●●●● patch \| view \| raw \| blame \| history
	docs/04_releases.mkd	4 ●●●●● patch \| view \| raw \| blame \| history
	src/com/gitblit/models/TeamModel.java	5 ●●●●● patch \| view \| raw \| blame \| history
	src/com/gitblit/models/UserModel.java	4 ●●●●● patch \| view \| raw \| blame \| history
	src/com/gitblit/utils/StringUtils.java	13 ●●●●● patch \| view \| raw \| blame \| history
	tests/com/gitblit/tests/PermissionsTest.java	2 ●●●●● patch \| view \| raw \| blame \| history

 docs/01_setup.mkd

@@ -264,9 +264,9 @@


#### Discrete Permissions with Regex Matching (Gitblit v1.2.0+)



Gitblit also supports regex matching for repository permissions.  The following permission grants push privileges to all repositories in the *mygroup* folder.

Gitblit also supports *case-insensitive* regex matching for repository permissions.  The following permission grants push privileges to all repositories in the *mygroup* folder.



    RW:mygroup/[A-Za-z0-9-~_\\./]+

    RW:mygroup/[a-z0-9-~_\\./]+



#### No-So-Discrete Permissions (Gitblit <= v1.1.0)




 docs/04_releases.mkd

@@ -32,8 +32,8 @@
    - RWD (clone and push with ref creation, deletion)

    - RW+ (clone and push with ref creation, deletion, rewind)  

While not as sophisticated as Gitolite, this does give finer access controls.  These permissions fit in cleanly with the existing users.conf and users.properties files.  In Gitblit <= 1.1.0, all your existing user accounts have RW+ access.   If you are upgrading to 1.2.0, the RW+ access is *preserved* and you will have to lower/adjust accordingly.

- Implemented regex repository permission matching (issue 36)  
This allows you to specify a permission like `RW:mygroup/[A-Za-z0-9-~_\\./]+` to grant push privileges to all repositories within the *mygroup* project/folder.

- Implemented *case-insensitive* regex repository permission matching (issue 36)  
This allows you to specify a permission like `RW:mygroup/[a-z0-9-~_\\./]+` to grant push privileges to all repositories within the *mygroup* project/folder.

- Added DELETE, CREATE, and NON-FAST-FORWARD ref change logging

- Added support for personal repositories.  

Personal repositories can be created by accounts with the *create* permission and are stored in *git.repositoriesFolder/~username*.  Each user with personal repositories will have a user page, something like the GitHub profile page.  Personal repositories have all the same features as common repositories, except personal repositories can be renamed by their owner.


 src/com/gitblit/models/TeamModel.java

@@ -29,6 +29,7 @@
import com.gitblit.Constants.AccessRestrictionType;

import com.gitblit.Constants.RegistrantType;

import com.gitblit.Constants.Unused;

import com.gitblit.utils.StringUtils;



/**

 * TeamModel is a serializable model class that represents a group of users and

@@ -184,9 +185,9 @@
                permission = p;

            }

        } else {

            // search for regex permission match

            // search for case-insensitive regex permission match

            for (String key : permissions.keySet()) {

                if (repository.name.matches(key)) {

                if (StringUtils.matchesIgnoreCase(repository.name, key)) {

                    AccessPermission p = permissions.get(key);

                    if (p != null) {

                        permission = p;


 src/com/gitblit/models/UserModel.java

@@ -227,9 +227,9 @@
                return p;

            }

        } else {

            // search for regex permission match

            // search for case-insensitive regex permission match

            for (String key : permissions.keySet()) {

                if (repository.name.matches(key)) {

                if (StringUtils.matchesIgnoreCase(repository.name, key)) {

                    AccessPermission p = permissions.get(key);

                    if (p != null) {

                        permission = p;


 src/com/gitblit/utils/StringUtils.java

@@ -692,4 +692,17 @@
        }

        return path;

    }

	
    /**

     * Variation of String.matches() which disregards case issues.

     * 
     * @param regex

     * @param input

     * @return true if the pattern matches

     */

    public static boolean matchesIgnoreCase(String input, String regex) {

        Pattern p = Pattern.compile(regex, Pattern.CASE_INSENSITIVE);

        Matcher m = p.matcher(input);

        return m.matches();

    }

}

 tests/com/gitblit/tests/PermissionsTest.java

@@ -2399,7 +2399,7 @@
        repository.accessRestriction = AccessRestrictionType.VIEW;

        UserModel user = new UserModel("test");
        user.setRepositoryPermission("ubercool/[A-Za-z0-9-~_\\./]+", AccessPermission.CLONE);
        user.setRepositoryPermission("ubercool/[A-Z0-9-~_\\./]+", AccessPermission.CLONE);

        assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
        assertTrue("user CAN NOT view!", user.canView(repository));

			@@ -264,9 +264,9 @@

			#### Discrete Permissions with Regex Matching (Gitblit v1.2.0+)

			Gitblit also supports regex matching for repository permissions. The following permission grants push privileges to all repositories in the mygroup folder.
			Gitblit also supports case-insensitive regex matching for repository permissions. The following permission grants push privileges to all repositories in the mygroup folder.

			RW:mygroup/[A-Za-z0-9-~_\\./]+
			RW:mygroup/[a-z0-9-~_\\./]+

			#### No-So-Discrete Permissions (Gitblit <= v1.1.0)

			@@ -32,8 +32,8 @@
			- RWD (clone and push with ref creation, deletion)
			- RW+ (clone and push with ref creation, deletion, rewind)
			While not as sophisticated as Gitolite, this does give finer access controls. These permissions fit in cleanly with the existing users.conf and users.properties files. In Gitblit <= 1.1.0, all your existing user accounts have RW+ access. If you are upgrading to 1.2.0, the RW+ access is preserved and you will have to lower/adjust accordingly.
			- Implemented regex repository permission matching (issue 36)
			This allows you to specify a permission like `RW:mygroup/[A-Za-z0-9-~_\\./]+` to grant push privileges to all repositories within the mygroup project/folder.
			- Implemented case-insensitive regex repository permission matching (issue 36)
			This allows you to specify a permission like `RW:mygroup/[a-z0-9-~_\\./]+` to grant push privileges to all repositories within the mygroup project/folder.
			- Added DELETE, CREATE, and NON-FAST-FORWARD ref change logging
			- Added support for personal repositories.
			Personal repositories can be created by accounts with the create permission and are stored in git.repositoriesFolder/~username. Each user with personal repositories will have a user page, something like the GitHub profile page. Personal repositories have all the same features as common repositories, except personal repositories can be renamed by their owner.

			@@ -29,6 +29,7 @@
			import com.gitblit.Constants.AccessRestrictionType;
			import com.gitblit.Constants.RegistrantType;
			import com.gitblit.Constants.Unused;
			import com.gitblit.utils.StringUtils;

			/**
			* TeamModel is a serializable model class that represents a group of users and
			@@ -184,9 +185,9 @@
			permission = p;
			}
			} else {
			// search for regex permission match
			// search for case-insensitive regex permission match
			for (String key : permissions.keySet()) {
			if (repository.name.matches(key)) {
			if (StringUtils.matchesIgnoreCase(repository.name, key)) {
			AccessPermission p = permissions.get(key);
			if (p != null) {
			permission = p;

			@@ -227,9 +227,9 @@
			return p;
			}
			} else {
			// search for regex permission match
			// search for case-insensitive regex permission match
			for (String key : permissions.keySet()) {
			if (repository.name.matches(key)) {
			if (StringUtils.matchesIgnoreCase(repository.name, key)) {
			AccessPermission p = permissions.get(key);
			if (p != null) {
			permission = p;

			@@ -692,4 +692,17 @@
			}
			return path;
			}

			/**
			* Variation of String.matches() which disregards case issues.
			*
			* @param regex
			* @param input
			* @return true if the pattern matches
			*/
			public static boolean matchesIgnoreCase(String input, String regex) {
			Pattern p = Pattern.compile(regex, Pattern.CASE_INSENSITIVE);
			Matcher m = p.matcher(input);
			return m.matches();
			}
			}

			@@ -2399,7 +2399,7 @@
			repository.accessRestriction = AccessRestrictionType.VIEW;

			UserModel user = new UserModel("test");
			user.setRepositoryPermission("ubercool/[A-Za-z0-9-~_\\./]+", AccessPermission.CLONE);
			user.setRepositoryPermission("ubercool/[A-Z0-9-~_\\./]+", AccessPermission.CLONE);

			assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
			assertTrue("user CAN NOT view!", user.canView(repository));