From 2654d99368054b7f8cfaec056b599cac4cfb53d9 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 30 Sep 2014 09:48:27 -0400
Subject: [PATCH] Merge branch 'ticket/196' into develop

---
 src/main/java/com/gitblit/wicket/pages/EditUserPage.java |   49 ++++++++++++++++++++++++++++++++++++++++++-------
 1 files changed, 42 insertions(+), 7 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/pages/EditUserPage.java b/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
index 15c35fa..5ee2f9f 100644
--- a/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/EditUserPage.java
@@ -35,6 +35,7 @@
 import org.apache.wicket.model.util.ListModel;
 
 import com.gitblit.Constants.RegistrantType;
+import com.gitblit.Constants.Role;
 import com.gitblit.GitBlitException;
 import com.gitblit.Keys;
 import com.gitblit.models.RegistrantAccessPermission;
@@ -216,17 +217,26 @@
 		// do not let the browser pre-populate these fields
 		form.add(new SimpleAttributeModifier("autocomplete", "off"));
 
-		// not all user services support manipulating username and password
+		// not all user providers support manipulating username and password
 		boolean editCredentials = app().authentication().supportsCredentialChanges(userModel);
 
-		// not all user services support manipulating display name
+		// not all user providers support manipulating display name
 		boolean editDisplayName = app().authentication().supportsDisplayNameChanges(userModel);
 
-		// not all user services support manipulating email address
+		// not all user providers support manipulating email address
 		boolean editEmailAddress = app().authentication().supportsEmailAddressChanges(userModel);
 
-		// not all user services support manipulating team memberships
+		// not all user providers support manipulating team memberships
 		boolean editTeams = app().authentication().supportsTeamMembershipChanges(userModel);
+
+		// not all user providers support manipulating the admin role
+		boolean changeAdminRole = app().authentication().supportsRoleChanges(userModel, Role.ADMIN);
+
+		// not all user providers support manipulating the create role
+		boolean changeCreateRole = app().authentication().supportsRoleChanges(userModel, Role.CREATE);
+
+		// not all user providers support manipulating the fork role
+		boolean changeForkRole = app().authentication().supportsRoleChanges(userModel, Role.FORK);
 
 		// field names reflective match UserModel fields
 		form.add(new TextField<String>("username").setEnabled(editCredentials));
@@ -239,10 +249,35 @@
 		form.add(confirmPasswordField.setEnabled(editCredentials));
 		form.add(new TextField<String>("displayName").setEnabled(editDisplayName));
 		form.add(new TextField<String>("emailAddress").setEnabled(editEmailAddress));
-		form.add(new CheckBox("canAdmin"));
-		form.add(new CheckBox("canFork").setEnabled(app().settings().getBoolean(Keys.web.allowForking, true)));
-		form.add(new CheckBox("canCreate"));
+
+		if (userModel.canAdmin() && !userModel.canAdmin) {
+			// user inherits Admin permission
+			// display a disabled-yet-checked checkbox
+			form.add(new CheckBox("canAdmin", Model.of(true)).setEnabled(false));
+		} else {
+			form.add(new CheckBox("canAdmin").setEnabled(changeAdminRole));
+		}
+
+		if (userModel.canFork() && !userModel.canFork) {
+			// user inherits Fork permission
+			// display a disabled-yet-checked checkbox
+			form.add(new CheckBox("canFork", Model.of(true)).setEnabled(false));
+		} else {
+			final boolean forkingAllowed = app().settings().getBoolean(Keys.web.allowForking, true);
+			form.add(new CheckBox("canFork").setEnabled(forkingAllowed && changeForkRole));
+		}
+
+		if (userModel.canCreate() && !userModel.canCreate) {
+			// user inherits Create permission
+			// display a disabled-yet-checked checkbox
+			form.add(new CheckBox("canCreate", Model.of(true)).setEnabled(false));
+		} else {
+			form.add(new CheckBox("canCreate").setEnabled(changeCreateRole));
+		}
+
 		form.add(new CheckBox("excludeFromFederation"));
+		form.add(new CheckBox("disabled"));
+
 		form.add(new RegistrantPermissionsPanel("repositories",	RegistrantType.REPOSITORY, repos, permissions, getAccessPermissions()));
 		form.add(teams.setEnabled(editTeams));
 

--
Gitblit v1.9.1