From 00afd77a2182ece3d9522d41b86b4ddd7e132288 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 19 May 2011 17:13:50 -0400
Subject: [PATCH] Owner editing. Frozen status. Grouped repositories. Documentation.

---
 src/com/gitblit/wicket/pages/EditRepositoryPage.java |   66 ++++++++++++++++++++++++++++++--
 1 files changed, 61 insertions(+), 5 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/EditRepositoryPage.java b/src/com/gitblit/wicket/pages/EditRepositoryPage.java
index 8820290..56d1d55 100644
--- a/src/com/gitblit/wicket/pages/EditRepositoryPage.java
+++ b/src/com/gitblit/wicket/pages/EditRepositoryPage.java
@@ -3,6 +3,7 @@
 import java.text.MessageFormat;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collections;
 import java.util.Date;
 import java.util.Iterator;
 import java.util.List;
@@ -23,13 +24,14 @@
 import com.gitblit.Constants.AccessRestrictionType;
 import com.gitblit.GitBlit;
 import com.gitblit.GitBlitException;
+import com.gitblit.Keys;
 import com.gitblit.utils.StringUtils;
-import com.gitblit.wicket.AdminPage;
 import com.gitblit.wicket.BasePage;
+import com.gitblit.wicket.GitBlitWebSession;
 import com.gitblit.wicket.WicketUtils;
 import com.gitblit.wicket.models.RepositoryModel;
+import com.gitblit.wicket.models.UserModel;
 
-@AdminPage
 public class EditRepositoryPage extends BasePage {
 
 	private final boolean isCreate;
@@ -51,6 +53,9 @@
 	}
 
 	protected void setupPage(final RepositoryModel repositoryModel) {
+		// ensure this user can create or edit this repository
+		checkPermissions(repositoryModel);
+		
 		List<String> repositoryUsers = new ArrayList<String>();
 		if (isCreate) {
 			super.setupPage("", getString("gb.newRepository"));
@@ -58,6 +63,7 @@
 			super.setupPage("", getString("gb.edit"));
 			if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) {
 				repositoryUsers.addAll(GitBlit.self().getRepositoryUsers(repositoryModel));
+				Collections.sort(repositoryUsers);
 			}
 		}
 
@@ -99,16 +105,20 @@
 						error("Please select access restriction!");
 						return;
 					}
-					
+
 					// save the repository
 					GitBlit.self().editRepositoryModel(repositoryModel, isCreate);
-					
+
 					// save the repository access list
 					if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) {
 						Iterator<String> users = usersPalette.getSelectedChoices();
 						List<String> repositoryUsers = new ArrayList<String>();
 						while (users.hasNext()) {
 							repositoryUsers.add(users.next());
+						}
+						// ensure the owner is added to the user list
+						if (!repositoryUsers.contains(repositoryModel.owner)) {
+							repositoryUsers.add(repositoryModel.owner);
 						}
 						GitBlit.self().setRepositoryUsers(repositoryModel, repositoryUsers);
 					}
@@ -124,8 +134,9 @@
 		// field names reflective match RepositoryModel fields
 		form.add(new TextField<String>("name").setEnabled(isCreate));
 		form.add(new TextField<String>("description"));
-		form.add(new TextField<String>("owner"));
+		form.add(new DropDownChoice<String>("owner", GitBlit.self().getAllUsernames()).setEnabled(GitBlitWebSession.get().canAdmin()));
 		form.add(new DropDownChoice<AccessRestrictionType>("accessRestriction", Arrays.asList(AccessRestrictionType.values()), new AccessRestrictionRenderer()));
+		form.add(new CheckBox("isFrozen"));
 		form.add(new CheckBox("useTickets"));
 		form.add(new CheckBox("useDocs"));
 		form.add(new CheckBox("showRemoteBranches"));
@@ -133,6 +144,51 @@
 
 		add(form);
 	}
+	
+	/**
+	 * Unfortunately must repeat part of AuthorizaitonStrategy here because that
+	 * mechanism does not take PageParameters into consideration, only page
+	 * instantiation.
+	 * 
+	 * Repository Owners should be able to edit their repository.
+	 */
+	private void checkPermissions(RepositoryModel model) {
+		boolean authenticateAdmin = GitBlit.self().settings().getBoolean(Keys.web.authenticateAdminPages, true);
+		boolean allowAdmin = GitBlit.self().settings().getBoolean(Keys.web.allowAdministration, true);
+
+		GitBlitWebSession session = GitBlitWebSession.get();
+		UserModel user = session.getUser();
+
+		if (allowAdmin) {
+			if (authenticateAdmin) {
+				if (user == null) {
+					// No Login Available
+					error("Administration requires a login", true);
+				}
+				if (isCreate) {
+					// Create Repository
+					if (!user.canAdmin()) {
+						// Only Administrators May Create
+						error("Only an administrator may create a repository", true);
+					}
+				} else {
+					// Edit Repository
+					if (user.canAdmin()) {
+						// Admins can edit everything
+						return;
+					} else {
+						if (!model.owner.equalsIgnoreCase(user.getUsername())) {
+							// User is not an Admin nor Owner
+							error("Only an administrator or the owner may edit a repository", true);
+						}
+					}					
+				}
+			}
+		} else {
+			// No Administration Permitted
+			error("Administration is disabled", true);
+		}
+	}
 
 	private class AccessRestrictionRenderer implements IChoiceRenderer<AccessRestrictionType> {
 

--
Gitblit v1.9.1