From a5e762ba4ab82f0c6ef71d853c5103f19bbf8e22 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 11 Oct 2012 08:10:20 -0400
Subject: [PATCH] Tweak canFork description

---
 src/com/gitblit/models/UserModel.java |   91 +++++++++++++++++++++++++++++++++++++++++----
 1 files changed, 83 insertions(+), 8 deletions(-)

diff --git a/src/com/gitblit/models/UserModel.java b/src/com/gitblit/models/UserModel.java
index a4a4024..6fe8df2 100644
--- a/src/com/gitblit/models/UserModel.java
+++ b/src/com/gitblit/models/UserModel.java
@@ -26,6 +26,7 @@
 import com.gitblit.Constants.AccessRestrictionType;
 import com.gitblit.Constants.AuthorizationControl;
 import com.gitblit.Constants.Unused;
+import com.gitblit.utils.ArrayUtils;
 import com.gitblit.utils.StringUtils;
 
 /**
@@ -80,7 +81,7 @@
 	 */
 	@Deprecated
 	public boolean canAccessRepository(String repositoryName) {
-		return canAdmin || repositories.contains(repositoryName.toLowerCase())
+		return canAdmin() || repositories.contains(repositoryName.toLowerCase())
 				|| hasTeamAccess(repositoryName);
 	}
 
@@ -90,7 +91,7 @@
 		boolean isOwner = !StringUtils.isEmpty(repository.owner)
 				&& repository.owner.equals(username);
 		boolean allowAuthenticated = isAuthenticated && AuthorizationControl.AUTHENTICATED.equals(repository.authorizationControl);
-		return canAdmin || isOwner || repositories.contains(repository.name.toLowerCase())
+		return canAdmin() || isOwner || repositories.contains(repository.name.toLowerCase())
 				|| hasTeamAccess(repository.name) || allowAuthenticated;
 	}
 
@@ -132,7 +133,21 @@
 	 */
 	public boolean hasRepositoryPermission(String name) {
 		String repository = AccessPermission.repositoryFromRole(name).toLowerCase();
-		return permissions.containsKey(repository) || repositories.contains(repository);
+		if (permissions.containsKey(repository)) {
+			// exact repository permission specified
+			return true;
+		} else {
+			// search for regex permission match
+			for (String key : permissions.keySet()) {
+				if (name.matches(key)) {
+					AccessPermission p = permissions.get(key);
+					if (p != null) {
+						return true;
+					}
+				}
+			}
+		}
+		return false;
 	}
 	
 	/**
@@ -163,7 +178,7 @@
 	}
 
 	public AccessPermission getRepositoryPermission(RepositoryModel repository) {
-		if (canAdmin || repository.isOwner(username) || repository.isUsersPersonalRepository(username)) {
+		if (canAdmin() || repository.isOwner(username) || repository.isUsersPersonalRepository(username)) {
 			return AccessPermission.REWIND;
 		}
 		if (AuthorizationControl.AUTHENTICATED.equals(repository.authorizationControl) && isAuthenticated) {
@@ -251,24 +266,84 @@
 			// can not fork your own repository
 			return false;
 		}
-		if (canAdmin || repository.isOwner(username)) {
+		if (canAdmin() || repository.isOwner(username)) {
 			return true;
 		}
 		if (!repository.allowForks) {
 			return false;
 		}
-		if (!isAuthenticated || !canFork) {
+		if (!isAuthenticated || !canFork()) {
 			return false;
 		}
 		return canClone(repository);
 	}
 	
 	public boolean canDelete(RepositoryModel model) {
-		return canAdmin || model.isUsersPersonalRepository(username);
+		return canAdmin() || model.isUsersPersonalRepository(username);
 	}
 	
 	public boolean canEdit(RepositoryModel model) {
-		return canAdmin || model.isUsersPersonalRepository(username) || model.isOwner(username);
+		return canAdmin() || model.isUsersPersonalRepository(username) || model.isOwner(username);
+	}
+	
+	/**
+	 * This returns true if the user has fork privileges or the user has fork
+	 * privileges because of a team membership.
+	 * 
+	 * @return true if the user can fork
+	 */
+	public boolean canFork() {
+		if (canFork) {
+			return true;
+		}
+		if (!ArrayUtils.isEmpty(teams)) {
+			for (TeamModel team : teams) {
+				if (team.canFork) {
+					return true;
+				}
+			}
+		}
+		return false;
+	}
+
+	/**
+	 * This returns true if the user has admin privileges or the user has admin
+	 * privileges because of a team membership.
+	 * 
+	 * @return true if the user can admin
+	 */
+	public boolean canAdmin() {
+		if (canAdmin) {
+			return true;
+		}
+		if (!ArrayUtils.isEmpty(teams)) {
+			for (TeamModel team : teams) {
+				if (team.canAdmin) {
+					return true;
+				}
+			}
+		}
+		return false;
+	}
+
+	/**
+	 * This returns true if the user has create privileges or the user has create
+	 * privileges because of a team membership.
+	 * 
+	 * @return true if the user can admin
+	 */
+	public boolean canCreate() {
+		if (canCreate) {
+			return true;
+		}
+		if (!ArrayUtils.isEmpty(teams)) {
+			for (TeamModel team : teams) {
+				if (team.canCreate) {
+					return true;
+				}
+			}
+		}
+		return false;
 	}
 
 	public boolean isTeamMember(String teamname) {

--
Gitblit v1.9.1