From 54cc7d7c2483d7ca100a5db47f4e1e98bd97c7fe Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 25 Sep 2014 09:27:04 -0400
Subject: [PATCH] Merged #187 "Restrict Gitblit cookie to the context path"

---
 src/main/java/com/gitblit/wicket/pages/NewTicketPage.java |   31 ++++++++++++++++++++++++-------
 1 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/src/main/java/com/gitblit/wicket/pages/NewTicketPage.java b/src/main/java/com/gitblit/wicket/pages/NewTicketPage.java
index cc0474a..e6d9cb1 100644
--- a/src/main/java/com/gitblit/wicket/pages/NewTicketPage.java
+++ b/src/main/java/com/gitblit/wicket/pages/NewTicketPage.java
@@ -19,6 +19,8 @@
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
+import java.util.Set;
+import java.util.TreeSet;
 
 import org.apache.wicket.PageParameters;
 import org.apache.wicket.ajax.AjaxRequestTarget;
@@ -35,6 +37,7 @@
 
 import com.gitblit.Constants;
 import com.gitblit.Constants.AccessPermission;
+import com.gitblit.Constants.AuthorizationControl;
 import com.gitblit.models.RegistrantAccessPermission;
 import com.gitblit.models.TicketModel;
 import com.gitblit.models.TicketModel.Change;
@@ -103,7 +106,7 @@
 		form.add(new TextField<String>("title", titleModel));
 		form.add(new TextField<String>("topic", topicModel));
 
-		final IModel<String> markdownPreviewModel = new Model<String>();
+		final IModel<String> markdownPreviewModel = Model.of();
 		descriptionPreview = new Label("descriptionPreview", markdownPreviewModel);
 		descriptionPreview.setEscapeModelStrings(false);
 		descriptionPreview.setOutputMarkupId(true);
@@ -115,15 +118,29 @@
 
 		if (currentUser.canAdmin(null, getRepositoryModel())) {
 			// responsible
-			List<TicketResponsible> responsibles = new ArrayList<TicketResponsible>();
-			for (RegistrantAccessPermission rp : app().repositories().getUserAccessPermissions(getRepositoryModel())) {
-				if (rp.permission.atLeast(AccessPermission.PUSH) && !rp.isTeam()) {
-					UserModel user = app().users().getUserModel(rp.registrant);
-					if (user != null) {
-						responsibles.add(new TicketResponsible(user));
+			Set<String> userlist = new TreeSet<String>();
+
+			if (UserModel.ANONYMOUS.canPush(getRepositoryModel())
+					|| AuthorizationControl.AUTHENTICATED == getRepositoryModel().authorizationControl) {
+				// 	authorization is ANONYMOUS or AUTHENTICATED (i.e. all users can be set responsible)
+				userlist.addAll(app().users().getAllUsernames());
+			} else {
+				// authorization is by NAMED users (users with PUSH permission can be set responsible)
+				for (RegistrantAccessPermission rp : app().repositories().getUserAccessPermissions(getRepositoryModel())) {
+					if (rp.permission.atLeast(AccessPermission.PUSH)) {
+						userlist.add(rp.registrant);
 					}
 				}
 			}
+
+			List<TicketResponsible> responsibles = new ArrayList<TicketResponsible>();
+			for (String username : userlist) {
+				UserModel user = app().users().getUserModel(username);
+				if (user != null && !user.disabled) {
+					TicketResponsible responsible = new TicketResponsible(user);
+					responsibles.add(responsible);
+				}
+			}
 			Collections.sort(responsibles);
 			Fragment responsible = new Fragment("responsible", "responsibleFragment", this);
 			responsible.add(new DropDownChoice<TicketResponsible>("responsible", responsibleModel, responsibles));

--
Gitblit v1.9.1