githubFork/gitblit.git - Solinfo Gitblit

			@@ -17,8 +17,6 @@

			import java.util.Date;

			import org.junit.Assert;

			import org.junit.Test;

			import com.gitblit.Constants.AccessPermission;
			@@ -30,11 +28,11 @@

			/**
			* Comprehensive, brute-force test of all permutations of discrete permissions.
			*
			*
			* @author James Moger
			*
			*/
			public class PermissionsTest extends Assert {
			public class PermissionsTest extends GitblitUnitTest {

			/**
			* Admin access rights/permissions
			@@ -43,45 +41,45 @@
			public void testAdmin() throws Exception {
			UserModel user = new UserModel("admin");
			user.canAdmin = true;


			for (AccessRestrictionType ar : AccessRestrictionType.values()) {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = ar;


			assertTrue("admin CAN NOT view!", user.canView(repository));
			assertTrue("admin CAN NOT clone!", user.canClone(repository));
			assertTrue("admin CAN NOT push!", user.canPush(repository));


			assertTrue("admin CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("admin CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("admin CAN NOT rewind ref!", user.canRewindRef(repository));


			assertEquals("admin has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			assertTrue("admin CAN NOT fork!", user.canFork(repository));


			assertTrue("admin CAN NOT delete!", user.canDelete(repository));
			assertTrue("admin CAN NOT edit!", user.canEdit(repository));
			}
			}


			/**
			* Anonymous access rights/permissions
			* Anonymous access rights/permissions
			*/
			@Test
			public void testAnonymous_NONE() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.NONE;


			UserModel user = UserModel.ANONYMOUS;


			// all permissions, except fork
			assertTrue("anonymous CAN NOT view!", user.canView(repository));
			assertTrue("anonymous CAN NOT clone!", user.canClone(repository));
			assertTrue("anonymous CAN NOT push!", user.canPush(repository));


			assertTrue("anonymous CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("anonymous CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("anonymous CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -92,11 +90,11 @@
			assertFalse("anonymous CAN fork!", user.canFork(repository));
			repository.allowForks = true;
			assertFalse("anonymous CAN fork!", user.canFork(repository));


			assertFalse("anonymous CAN delete!", user.canDelete(repository));
			assertFalse("anonymous CAN edit!", user.canEdit(repository));
			}


			@Test
			public void testAnonymous_PUSH() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			@@ -108,11 +106,11 @@
			assertTrue("anonymous CAN NOT view!", user.canView(repository));
			assertTrue("anonymous CAN NOT clone!", user.canClone(repository));
			assertFalse("anonymous CAN push!", user.canPush(repository));


			assertFalse("anonymous CAN create ref!", user.canCreateRef(repository));
			assertFalse("anonymous CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("anonymous CAN rewind ref!", user.canRewindRef(repository));


			assertEquals("anonymous has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -120,7 +118,7 @@
			repository.allowForks = true;
			assertFalse("anonymous CAN fork!", user.canFork(repository));
			}


			@Test
			public void testAnonymous_CLONE() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			@@ -132,7 +130,7 @@
			assertTrue("anonymous CAN NOT view!", user.canView(repository));
			assertFalse("anonymous CAN clone!", user.canClone(repository));
			assertFalse("anonymous CAN push!", user.canPush(repository));


			assertFalse("anonymous CAN create ref!", user.canCreateRef(repository));
			assertFalse("anonymous CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("anonymous CAN rewind ref!", user.canRewindRef(repository));
			@@ -144,19 +142,19 @@
			repository.allowForks = true;
			assertFalse("anonymous CAN fork!", user.canFork(repository));
			}


			@Test
			public void testAnonymous_VIEW() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = UserModel.ANONYMOUS;

			assertFalse("anonymous CAN view!", user.canView(repository));
			assertFalse("anonymous CAN clone!", user.canClone(repository));
			assertFalse("anonymous CAN push!", user.canPush(repository));


			assertFalse("anonymous CAN create ref!", user.canCreateRef(repository));
			assertFalse("anonymous CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("anonymous CAN rewind ref!", user.canRewindRef(repository));
			@@ -168,23 +166,23 @@
			repository.allowForks = true;
			assertFalse("anonymous CAN fork!", user.canFork(repository));
			}


			/**
			* Authenticated access rights/permissions
			* Authenticated access rights/permissions
			*/
			@Test
			public void testAuthenticated_NONE() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.AUTHENTICATED;
			repository.accessRestriction = AccessRestrictionType.NONE;


			UserModel user = new UserModel("test");


			// all permissions, except fork
			assertTrue("authenticated CAN NOT view!", user.canView(repository));
			assertTrue("authenticated CAN NOT clone!", user.canClone(repository));
			assertTrue("authenticated CAN NOT push!", user.canPush(repository));


			assertTrue("authenticated CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("authenticated CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("authenticated CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -198,7 +196,7 @@
			assertFalse("authenticated CAN fork!", user.canFork(repository));
			user.canFork = true;
			assertTrue("authenticated CAN NOT fork!", user.canFork(repository));


			assertFalse("authenticated CAN delete!", user.canDelete(repository));
			assertFalse("authenticated CAN edit!", user.canEdit(repository));
			}
			@@ -208,13 +206,13 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.AUTHENTICATED;
			repository.accessRestriction = AccessRestrictionType.PUSH;


			UserModel user = new UserModel("test");

			assertTrue("authenticated CAN NOT view!", user.canView(repository));
			assertTrue("authenticated CAN NOT clone!", user.canClone(repository));
			assertTrue("authenticated CAN NOT push!", user.canPush(repository));


			assertTrue("authenticated CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("authenticated CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("authenticated CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -229,19 +227,19 @@
			user.canFork = true;
			assertTrue("authenticated CAN NOT fork!", user.canFork(repository));
			}


			@Test
			public void testAuthenticated_CLONE() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.AUTHENTICATED;
			repository.accessRestriction = AccessRestrictionType.CLONE;


			UserModel user = new UserModel("test");

			assertTrue("authenticated CAN NOT view!", user.canView(repository));
			assertTrue("authenticated CAN NOT clone!", user.canClone(repository));
			assertTrue("authenticated CAN NOT push!", user.canPush(repository));


			assertTrue("authenticated CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("authenticated CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("authenticated CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -256,19 +254,19 @@
			user.canFork = true;
			assertTrue("authenticated CAN NOT fork!", user.canFork(repository));
			}


			@Test
			public void testAuthenticated_VIEW() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.AUTHENTICATED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = new UserModel("test");

			assertTrue("authenticated CAN NOT view!", user.canView(repository));
			assertTrue("authenticated CAN NOT clone!", user.canClone(repository));
			assertTrue("authenticated CAN NOT push!", user.canPush(repository));


			assertTrue("authenticated CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("authenticated CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("authenticated CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -283,7 +281,7 @@
			user.canFork = true;
			assertTrue("authenticated CAN NOT fork!", user.canFork(repository));
			}


			/**
			* NONE_NONE = NO access restriction, NO access permission
			*/
			@@ -294,15 +292,15 @@
			repository.accessRestriction = AccessRestrictionType.NONE;

			UserModel user = new UserModel("test");


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -312,11 +310,11 @@
			assertFalse("named CAN fork!", user.canFork(repository));
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));


			assertFalse("named CAN delete!", user.canDelete(repository));
			assertFalse("named CAN edit!", user.canEdit(repository));
			}


			/**
			* PUSH_NONE = PUSH access restriction, NO access permission
			*/
			@@ -325,13 +323,13 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.PUSH;


			UserModel user = new UserModel("test");


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -346,7 +344,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* CLONE_NONE = CLONE access restriction, NO access permission
			*/
			@@ -355,13 +353,13 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.CLONE;


			UserModel user = new UserModel("test");


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertFalse("named CAN clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -376,7 +374,7 @@
			repository.allowForks = true;
			assertFalse("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* VIEW_NONE = VIEW access restriction, NO access permission
			*/
			@@ -385,17 +383,17 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = new UserModel("test");


			assertFalse("named CAN view!", user.canView(repository));
			assertFalse("named CAN clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.NONE, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -407,7 +405,7 @@
			assertFalse("named CAN NOT fork!", user.canFork(repository));
			}



			/**
			* NONE_VIEW = NO access restriction, VIEW access permission.
			* (not useful scenario)
			@@ -420,11 +418,11 @@

			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.VIEW);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -439,7 +437,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* PUSH_VIEW = PUSH access restriction, VIEW access permission
			*/
			@@ -448,14 +446,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.PUSH;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.VIEW);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -470,7 +468,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* CLONE_VIEW = CLONE access restriction, VIEW access permission
			*/
			@@ -479,14 +477,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.CLONE;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.VIEW);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertFalse("named CAN clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -501,7 +499,7 @@
			repository.allowForks = true;
			assertFalse("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* VIEW_VIEW = VIEW access restriction, VIEW access permission
			*/
			@@ -510,18 +508,18 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.VIEW);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertFalse("named CAN clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.VIEW, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -532,7 +530,7 @@
			repository.allowForks = true;
			assertFalse("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* NONE_CLONE = NO access restriction, CLONE access permission.
			* (not useful scenario)
			@@ -545,15 +543,15 @@

			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.CLONE);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -564,7 +562,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* PUSH_CLONE = PUSH access restriction, CLONE access permission
			*/
			@@ -573,14 +571,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.PUSH;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.CLONE);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -595,7 +593,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* CLONE_CLONE = CLONE access restriction, CLONE access permission
			*/
			@@ -604,14 +602,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.CLONE;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.CLONE);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -626,7 +624,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* VIEW_CLONE = VIEW access restriction, CLONE access permission
			*/
			@@ -635,18 +633,18 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.CLONE);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertFalse("named CAN push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -656,7 +654,7 @@
			assertFalse("named CAN fork!", user.canFork(repository));
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}
			}

			/**
			* NONE_PUSH = NO access restriction, PUSH access permission.
			@@ -670,15 +668,15 @@

			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.PUSH);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -689,7 +687,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* PUSH_PUSH = PUSH access restriction, PUSH access permission
			*/
			@@ -698,14 +696,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.PUSH;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.PUSH);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -720,7 +718,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* CLONE_PUSH = CLONE access restriction, PUSH access permission
			*/
			@@ -729,14 +727,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.CLONE;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.PUSH);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete red!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -751,7 +749,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* VIEW_PUSH = VIEW access restriction, PUSH access permission
			*/
			@@ -760,18 +758,18 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.PUSH);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN not push!", user.canPush(repository));


			assertFalse("named CAN create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.PUSH, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -795,15 +793,15 @@

			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.CREATE);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -814,7 +812,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* PUSH_CREATE = PUSH access restriction, CREATE access permission
			*/
			@@ -823,14 +821,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.PUSH;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.CREATE);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -845,7 +843,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* CLONE_CREATE = CLONE access restriction, CREATE access permission
			*/
			@@ -854,14 +852,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.CLONE;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.CREATE);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete red!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -876,7 +874,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* VIEW_CREATE = VIEW access restriction, CREATE access permission
			*/
			@@ -885,18 +883,18 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.CREATE);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN not push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertFalse("named CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.CREATE, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -920,15 +918,15 @@

			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.DELETE);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -939,7 +937,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* PUSH_DELETE = PUSH access restriction, DELETE access permission
			*/
			@@ -948,14 +946,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.PUSH;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.DELETE);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -970,7 +968,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* CLONE_DELETE = CLONE access restriction, DELETE access permission
			*/
			@@ -979,14 +977,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.CLONE;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.DELETE);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete red!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));
			@@ -1001,7 +999,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* VIEW_DELETE = VIEW access restriction, DELETE access permission
			*/
			@@ -1010,18 +1008,18 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.DELETE);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN not push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertFalse("named CAN rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.DELETE, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -1032,7 +1030,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* NONE_REWIND = NO access restriction, REWIND access permission.
			* (not useful scenario)
			@@ -1045,15 +1043,15 @@

			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.REWIND);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -1064,7 +1062,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* PUSH_REWIND = PUSH access restriction, REWIND access permission
			*/
			@@ -1073,14 +1071,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.PUSH;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.REWIND);


			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -1095,7 +1093,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* CLONE_REWIND = CLONE access restriction, REWIND access permission
			*/
			@@ -1104,14 +1102,14 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.CLONE;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.REWIND);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -1126,7 +1124,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* VIEW_REWIND = VIEW access restriction, REWIND access permission
			*/
			@@ -1135,18 +1133,18 @@
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;


			UserModel user = new UserModel("test");
			user.setRepositoryPermission(repository.name, AccessPermission.REWIND);

			assertTrue("named CAN NOT view!", user.canView(repository));
			assertTrue("named CAN NOT clone!", user.canClone(repository));
			assertTrue("named CAN NOT push!", user.canPush(repository));


			assertTrue("named CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("named CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("named CAN NOT rewind ref!", user.canRewindRef(repository));


			assertEquals("named has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			repository.allowForks = false;
			@@ -1157,7 +1155,7 @@
			repository.allowForks = true;
			assertTrue("named CAN NOT fork!", user.canFork(repository));
			}


			/**
			* NONE_NONE = NO access restriction, NO access permission
			*/
			@@ -1168,19 +1166,19 @@
			repository.accessRestriction = AccessRestrictionType.NONE;

			TeamModel team = new TeamModel("test");


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));


			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repository).permission);

			}


			/**
			* PUSH_NONE = PUSH access restriction, NO access permission
			*/
			@@ -1191,15 +1189,15 @@
			repository.accessRestriction = AccessRestrictionType.PUSH;

			TeamModel team = new TeamModel("test");


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));


			assertEquals("team has wrong permission!", AccessPermission.CLONE, team.getRepositoryPermission(repository).permission);

			}
			@@ -1214,15 +1212,15 @@
			repository.accessRestriction = AccessRestrictionType.CLONE;

			TeamModel team = new TeamModel("test");


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertFalse("team CAN clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));


			assertEquals("team has wrong permission!", AccessPermission.VIEW, team.getRepositoryPermission(repository).permission);
			}

			@@ -1236,18 +1234,18 @@
			repository.accessRestriction = AccessRestrictionType.VIEW;

			TeamModel team = new TeamModel("test");


			assertFalse("team CAN view!", team.canView(repository));
			assertFalse("team CAN clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));


			assertEquals("team has wrong permission!", AccessPermission.NONE, team.getRepositoryPermission(repository).permission);
			}


			/**
			* NONE_PUSH = NO access restriction, PUSH access permission
			* (not useful scenario)
			@@ -1260,18 +1258,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.PUSH);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));


			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_PUSH = PUSH access restriction, PUSH access permission
			*/
			@@ -1283,18 +1281,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.PUSH);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));


			assertEquals("team has wrong permission!", AccessPermission.PUSH, team.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_PUSH = CLONE access restriction, PUSH access permission
			*/
			@@ -1306,18 +1304,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.PUSH);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));


			assertEquals("team has wrong permission!", AccessPermission.PUSH, team.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_PUSH = VIEW access restriction, PUSH access permission
			*/
			@@ -1329,18 +1327,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.PUSH);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.PUSH, team.getRepositoryPermission(repository).permission);
			}


			/**
			* NONE_CREATE = NO access restriction, CREATE access permission
			* (not useful scenario)
			@@ -1353,18 +1351,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.CREATE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_CREATE = PUSH access restriction, CREATE access permission
			*/
			@@ -1376,18 +1374,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.CREATE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.CREATE, team.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_CREATE = CLONE access restriction, CREATE access permission
			*/
			@@ -1399,18 +1397,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.CREATE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.CREATE, team.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_CREATE = VIEW access restriction, CREATE access permission
			*/
			@@ -1422,11 +1420,11 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.CREATE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));
			@@ -1446,18 +1444,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.DELETE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_DELETE = PUSH access restriction, DELETE access permission
			*/
			@@ -1469,18 +1467,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.DELETE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.DELETE, team.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_DELETE = CLONE access restriction, DELETE access permission
			*/
			@@ -1492,18 +1490,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.DELETE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));


			assertEquals("team has wrong permission!", AccessPermission.DELETE, team.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_DELETE = VIEW access restriction, DELETE access permission
			*/
			@@ -1515,18 +1513,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.DELETE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.DELETE, team.getRepositoryPermission(repository).permission);
			}


			/**
			* NONE_REWIND = NO access restriction, REWIND access permission
			* (not useful scenario)
			@@ -1539,18 +1537,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.REWIND);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_REWIND = PUSH access restriction, REWIND access permission
			*/
			@@ -1562,18 +1560,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.REWIND);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_REWIND = CLONE access restriction, REWIND access permission
			*/
			@@ -1585,18 +1583,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.REWIND);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_REWIND = VIEW access restriction, REWIND access permission
			*/
			@@ -1608,18 +1606,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.REWIND);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repository).permission);
			}


			/**
			* NONE_CLONE = NO access restriction, CLONE access permission
			* (not useful scenario)
			@@ -1632,11 +1630,11 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.CLONE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));
			@@ -1655,11 +1653,11 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.CLONE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));
			@@ -1678,18 +1676,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.CLONE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.CLONE, team.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_CLONE = VIEW access restriction, CLONE access permission
			*/
			@@ -1701,11 +1699,11 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.CLONE);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));
			@@ -1725,11 +1723,11 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.VIEW);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertTrue("team CAN NOT push!", team.canPush(repository));


			assertTrue("team CAN NOT create ref!", team.canCreateRef(repository));
			assertTrue("team CAN NOT delete ref!", team.canDeleteRef(repository));
			assertTrue("team CAN NOT rewind ref!", team.canRewindRef(repository));
			@@ -1748,18 +1746,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.VIEW);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertTrue("team CAN NOT clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.CLONE, team.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_VIEW = CLONE access restriction, VIEW access permission
			*/
			@@ -1771,18 +1769,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.VIEW);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertFalse("team CAN clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.VIEW, team.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_VIEW = VIEW access restriction, VIEW access permission
			*/
			@@ -1794,18 +1792,18 @@

			TeamModel team = new TeamModel("test");
			team.setRepositoryPermission(repository.name, AccessPermission.VIEW);


			assertTrue("team CAN NOT view!", team.canView(repository));
			assertFalse("team CAN clone!", team.canClone(repository));
			assertFalse("team CAN push!", team.canPush(repository));


			assertFalse("team CAN create ref!", team.canCreateRef(repository));
			assertFalse("team CAN delete ref!", team.canDeleteRef(repository));
			assertFalse("team CAN rewind ref!", team.canRewindRef(repository));

			assertEquals("team has wrong permission!", AccessPermission.VIEW, team.getRepositoryPermission(repository).permission);
			}


			/**
			* NONE_NONE = NO access restriction, NO access permission
			*/
			@@ -1818,18 +1816,18 @@
			TeamModel team = new TeamModel("test");
			UserModel user = new UserModel("test");
			user.teams.add(team);


			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_NONE = PUSH access restriction, NO access permission
			*/
			@@ -1842,11 +1840,11 @@
			TeamModel team = new TeamModel("test");
			UserModel user = new UserModel("test");
			user.teams.add(team);


			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));
			@@ -1866,11 +1864,11 @@
			TeamModel team = new TeamModel("test");
			UserModel user = new UserModel("test");
			user.teams.add(team);


			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertFalse("team member CAN clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));
			@@ -1890,18 +1888,18 @@
			TeamModel team = new TeamModel("test");
			UserModel user = new UserModel("test");
			user.teams.add(team);


			assertFalse("team member CAN view!", user.canView(repository));
			assertFalse("team member CAN clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.NONE, user.getRepositoryPermission(repository).permission);
			}


			/**
			* NONE_PUSH = NO access restriction, PUSH access permission
			* (not useful scenario)
			@@ -1916,18 +1914,18 @@
			team.setRepositoryPermission(repository.name, AccessPermission.PUSH);
			UserModel user = new UserModel("test");
			user.teams.add(team);


			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_PUSH = PUSH access restriction, PUSH access permission
			*/
			@@ -1945,14 +1943,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.PUSH, user.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_PUSH = CLONE access restriction, PUSH access permission
			*/
			@@ -1970,14 +1968,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.PUSH, user.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_PUSH = VIEW access restriction, PUSH access permission
			*/
			@@ -1995,14 +1993,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.PUSH, user.getRepositoryPermission(repository).permission);
			}


			/**
			* NONE_CREATE = NO access restriction, CREATE access permission
			* (not useful scenario)
			@@ -2017,18 +2015,18 @@
			team.setRepositoryPermission(repository.name, AccessPermission.CREATE);
			UserModel user = new UserModel("test");
			user.teams.add(team);


			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_CREATE = PUSH access restriction, CREATE access permission
			*/
			@@ -2046,14 +2044,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.CREATE, user.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_CREATE = CLONE access restriction, CREATE access permission
			*/
			@@ -2071,14 +2069,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.CREATE, user.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_CREATE = VIEW access restriction, CREATE access permission
			*/
			@@ -2096,7 +2094,7 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));
			@@ -2118,18 +2116,18 @@
			team.setRepositoryPermission(repository.name, AccessPermission.DELETE);
			UserModel user = new UserModel("test");
			user.teams.add(team);


			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_DELETE = PUSH access restriction, DELETE access permission
			*/
			@@ -2147,14 +2145,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.DELETE, user.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_DELETE = CLONE access restriction, DELETE access permission
			*/
			@@ -2172,14 +2170,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.DELETE, user.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_DELETE = VIEW access restriction, DELETE access permission
			*/
			@@ -2197,7 +2195,7 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));
			@@ -2219,18 +2217,18 @@
			team.setRepositoryPermission(repository.name, AccessPermission.REWIND);
			UserModel user = new UserModel("test");
			user.teams.add(team);


			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);
			}


			/**
			* PUSH_REWIND = PUSH access restriction, REWIND access permission
			*/
			@@ -2248,14 +2246,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_REWIND = CLONE access restriction, REWIND access permission
			*/
			@@ -2273,14 +2271,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_REWIND = VIEW access restriction, REWIND access permission
			*/
			@@ -2298,14 +2296,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);
			}


			/**
			* NONE_CLONE = NO access restriction, CLONE access permission
			* (not useful scenario)
			@@ -2324,7 +2322,7 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -2349,7 +2347,7 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));
			@@ -2374,14 +2372,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_CLONE = VIEW access restriction, CLONE access permission
			*/
			@@ -2399,7 +2397,7 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));
			@@ -2425,7 +2423,7 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertTrue("team member CAN NOT push!", user.canPush(repository));


			assertTrue("team member CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("team member CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("team member CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -2450,14 +2448,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertTrue("team member CAN NOT clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(repository).permission);
			}


			/**
			* CLONE_VIEW = CLONE access restriction, VIEW access permission
			*/
			@@ -2475,14 +2473,14 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertFalse("team member CAN clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.VIEW, user.getRepositoryPermission(repository).permission);
			}


			/**
			* VIEW_VIEW = VIEW access restriction, VIEW access permission
			*/
			@@ -2500,17 +2498,17 @@
			assertTrue("team member CAN NOT view!", user.canView(repository));
			assertFalse("team member CAN clone!", user.canClone(repository));
			assertFalse("team member CAN push!", user.canPush(repository));


			assertFalse("team member CAN create ref!", user.canCreateRef(repository));
			assertFalse("team member CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("team member CAN rewind ref!", user.canRewindRef(repository));

			assertEquals("team member has wrong permission!", AccessPermission.VIEW, user.getRepositoryPermission(repository).permission);
			}


			@Test
			public void testOwner() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			RepositoryModel repository = new RepositoryModel("~jj/myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;

			@@ -2521,7 +2519,7 @@
			assertTrue("owner CAN NOT view!", user.canView(repository));
			assertTrue("owner CAN NOT clone!", user.canClone(repository));
			assertTrue("owner CAN NOT push!", user.canPush(repository));


			assertTrue("owner CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("owner CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("owner CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -2529,14 +2527,33 @@
			assertEquals("owner has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			assertTrue("owner CAN NOT fork!", user.canFork(repository));


			assertFalse("owner CAN NOT delete!", user.canDelete(repository));
			assertTrue("owner CAN NOT edit!", user.canEdit(repository));

			// test personal repo owner
			UserModel jj = new UserModel("jj");
			assertFalse("jj SHOULD NOT HAVE a repository permission!", jj.hasRepositoryPermission(repository.name));
			assertTrue("jj CAN NOT view!", jj.canView(repository));
			assertTrue("jj CAN NOT clone!", jj.canClone(repository));
			assertTrue("jj CAN NOT push!", jj.canPush(repository));

			assertTrue("jj CAN NOT create ref!", jj.canCreateRef(repository));
			assertTrue("jj CAN NOT delete ref!", jj.canDeleteRef(repository));
			assertTrue("jj CAN NOT rewind ref!", jj.canRewindRef(repository));

			assertEquals("jj has wrong permission!", AccessPermission.REWIND, jj.getRepositoryPermission(repository).permission);

			assertFalse("jj CAN fork!", jj.canFork(repository));

			assertTrue("jj CAN NOT delete!", jj.canDelete(repository));
			assertTrue("jj CAN NOT edit!", jj.canEdit(repository));
			assertTrue(repository.isOwner(jj.username));
			}


			@Test
			public void testMultipleOwners() throws Exception {
			RepositoryModel repository = new RepositoryModel("myrepo.git", null, null, new Date());
			RepositoryModel repository = new RepositoryModel("~jj/myrepo.git", null, null, new Date());
			repository.authorizationControl = AuthorizationControl.NAMED;
			repository.accessRestriction = AccessRestrictionType.VIEW;

			@@ -2550,7 +2567,7 @@
			assertTrue("owner CAN NOT view!", user.canView(repository));
			assertTrue("owner CAN NOT clone!", user.canClone(repository));
			assertTrue("owner CAN NOT push!", user.canPush(repository));


			assertTrue("owner CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("owner CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("owner CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -2558,16 +2575,16 @@
			assertEquals("owner has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			assertTrue("owner CAN NOT fork!", user.canFork(repository));


			assertFalse("owner CAN NOT delete!", user.canDelete(repository));
			assertTrue("owner CAN NOT edit!", user.canEdit(repository));


			// second owner
			assertFalse("user SHOULD NOT HAVE a repository permission!", user2.hasRepositoryPermission(repository.name));
			assertTrue("owner CAN NOT view!", user2.canView(repository));
			assertTrue("owner CAN NOT clone!", user2.canClone(repository));
			assertTrue("owner CAN NOT push!", user2.canPush(repository));


			assertTrue("owner CAN NOT create ref!", user2.canCreateRef(repository));
			assertTrue("owner CAN NOT delete ref!", user2.canDeleteRef(repository));
			assertTrue("owner CAN NOT rewind ref!", user2.canRewindRef(repository));
			@@ -2575,14 +2592,33 @@
			assertEquals("owner has wrong permission!", AccessPermission.REWIND, user2.getRepositoryPermission(repository).permission);

			assertTrue("owner CAN NOT fork!", user2.canFork(repository));


			assertFalse("owner CAN NOT delete!", user2.canDelete(repository));
			assertTrue("owner CAN NOT edit!", user2.canEdit(repository));


			assertTrue(repository.isOwner(user.username));
			assertTrue(repository.isOwner(user2.username));
			assertTrue(repository.isOwner(user2.username));

			// test personal repo owner
			UserModel jj = new UserModel("jj");
			assertFalse("jj SHOULD NOT HAVE a repository permission!", jj.hasRepositoryPermission(repository.name));
			assertTrue("jj CAN NOT view!", jj.canView(repository));
			assertTrue("jj CAN NOT clone!", jj.canClone(repository));
			assertTrue("jj CAN NOT push!", jj.canPush(repository));

			assertTrue("jj CAN NOT create ref!", jj.canCreateRef(repository));
			assertTrue("jj CAN NOT delete ref!", jj.canDeleteRef(repository));
			assertTrue("jj CAN NOT rewind ref!", jj.canRewindRef(repository));

			assertEquals("jj has wrong permission!", AccessPermission.REWIND, jj.getRepositoryPermission(repository).permission);

			assertFalse("jj CAN fork!", jj.canFork(repository));

			assertTrue("jj CAN NOT delete!", jj.canDelete(repository));
			assertTrue("jj CAN NOT edit!", jj.canEdit(repository));
			assertTrue(repository.isOwner(jj.username));
			}


			@Test
			public void testOwnerPersonalRepository() throws Exception {
			RepositoryModel repository = new RepositoryModel("~test/myrepo.git", null, null, new Date());
			@@ -2596,7 +2632,7 @@
			assertTrue("user CAN NOT view!", user.canView(repository));
			assertTrue("user CAN NOT clone!", user.canClone(repository));
			assertTrue("user CAN NOT push!", user.canPush(repository));


			assertTrue("user CAN NOT create ref!", user.canCreateRef(repository));
			assertTrue("user CAN NOT delete ref!", user.canDeleteRef(repository));
			assertTrue("user CAN NOT rewind ref!", user.canRewindRef(repository));
			@@ -2604,7 +2640,7 @@
			assertEquals("user has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repository).permission);

			assertFalse("user CAN fork!", user.canFork(repository));


			assertTrue("user CAN NOT delete!", user.canDelete(repository));
			assertTrue("user CAN NOT edit!", user.canEdit(repository));
			}
			@@ -2622,7 +2658,7 @@
			assertFalse("user CAN view!", user.canView(repository));
			assertFalse("user CAN clone!", user.canClone(repository));
			assertFalse("user CAN push!", user.canPush(repository));


			assertFalse("user CAN create ref!", user.canCreateRef(repository));
			assertFalse("user CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("user CAN rewind ref!", user.canRewindRef(repository));
			@@ -2630,11 +2666,11 @@
			assertEquals("user has wrong permission!", AccessPermission.NONE, user.getRepositoryPermission(repository).permission);

			assertFalse("user CAN fork!", user.canFork(repository));


			assertFalse("user CAN delete!", user.canDelete(repository));
			assertFalse("user CAN edit!", user.canEdit(repository));
			}


			@Test
			public void testRegexMatching() throws Exception {
			RepositoryModel repository = new RepositoryModel("ubercool/_my-r/e~po.git", null, null, new Date());
			@@ -2648,7 +2684,7 @@
			assertTrue("user CAN NOT view!", user.canView(repository));
			assertTrue("user CAN NOT clone!", user.canClone(repository));
			assertFalse("user CAN push!", user.canPush(repository));


			assertFalse("user CAN create ref!", user.canCreateRef(repository));
			assertFalse("user CAN delete ref!", user.canDeleteRef(repository));
			assertFalse("user CAN rewind ref!", user.canRewindRef(repository));
			@@ -2656,14 +2692,14 @@
			assertEquals("user has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(repository).permission);

			assertFalse("user CAN fork!", user.canFork(repository));


			assertFalse("user CAN delete!", user.canDelete(repository));
			assertFalse("user CAN edit!", user.canEdit(repository));
			}

			@Test
			public void testRegexIncludeCommonExcludePersonal() throws Exception {


			UserModel user = new UserModel("test");
			user.setRepositoryPermission("[^~].*", AccessPermission.CLONE);

			@@ -2671,12 +2707,12 @@
			RepositoryModel common = new RepositoryModel("ubercool/_my-r/e~po.git", null, null, new Date());
			common.authorizationControl = AuthorizationControl.NAMED;
			common.accessRestriction = AccessRestrictionType.VIEW;


			assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(common.name));
			assertTrue("user CAN NOT view!", user.canView(common));
			assertTrue("user CAN NOT clone!", user.canClone(common));
			assertFalse("user CAN push!", user.canPush(common));


			assertFalse("user CAN create ref!", user.canCreateRef(common));
			assertFalse("user CAN delete ref!", user.canDeleteRef(common));
			assertFalse("user CAN rewind ref!", user.canRewindRef(common));
			@@ -2684,7 +2720,7 @@
			assertEquals("user has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(common).permission);

			assertFalse("user CAN fork!", user.canFork(common));


			assertFalse("user CAN delete!", user.canDelete(common));
			assertFalse("user CAN edit!", user.canEdit(common));

			@@ -2692,12 +2728,12 @@
			RepositoryModel personal = new RepositoryModel("~ubercool/_my-r/e~po.git", null, null, new Date());
			personal.authorizationControl = AuthorizationControl.NAMED;
			personal.accessRestriction = AccessRestrictionType.VIEW;


			assertFalse("user HAS a repository permission!", user.hasRepositoryPermission(personal.name));
			assertFalse("user CAN NOT view!", user.canView(personal));
			assertFalse("user CAN NOT clone!", user.canClone(personal));
			assertFalse("user CAN push!", user.canPush(personal));


			assertFalse("user CAN create ref!", user.canCreateRef(personal));
			assertFalse("user CAN delete ref!", user.canDeleteRef(personal));
			assertFalse("user CAN rewind ref!", user.canRewindRef(personal));
			@@ -2705,11 +2741,11 @@
			assertEquals("user has wrong permission!", AccessPermission.NONE, user.getRepositoryPermission(personal).permission);

			assertFalse("user CAN fork!", user.canFork(personal));


			assertFalse("user CAN delete!", user.canDelete(personal));
			assertFalse("user CAN edit!", user.canEdit(personal));
			}


			@Test
			public void testRegexMatching2() throws Exception {
			RepositoryModel personal = new RepositoryModel("~ubercool/_my-r/e~po.git", null, null, new Date());
			@@ -2721,13 +2757,13 @@
			user.setRepositoryPermission("[^~].*", AccessPermission.CLONE);
			// permitall ~ubercool repositories
			user.setRepositoryPermission("~ubercool/.*", AccessPermission.CLONE);


			// personal
			assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(personal.name));
			assertTrue("user CAN NOT view!", user.canView(personal));
			assertTrue("user CAN NOT clone!", user.canClone(personal));
			assertFalse("user CAN push!", user.canPush(personal));


			assertFalse("user CAN create ref!", user.canCreateRef(personal));
			assertFalse("user CAN delete ref!", user.canDeleteRef(personal));
			assertFalse("user CAN rewind ref!", user.canRewindRef(personal));
			@@ -2735,11 +2771,11 @@
			assertEquals("user has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(personal).permission);

			assertFalse("user CAN fork!", user.canFork(personal));


			assertFalse("user CAN delete!", user.canDelete(personal));
			assertFalse("user CAN edit!", user.canEdit(personal));
			}


			@Test
			public void testRegexOrder() throws Exception {
			RepositoryModel personal = new RepositoryModel("~ubercool/_my-r/e~po.git", null, null, new Date());
			@@ -2749,13 +2785,13 @@
			UserModel user = new UserModel("test");
			user.setRepositoryPermission(".*", AccessPermission.PUSH);
			user.setRepositoryPermission("~ubercool/.*", AccessPermission.CLONE);

			// has PUSH access because first match is PUSH permission

			// has PUSH access because first match is PUSH permission
			assertTrue("user HAS a repository permission!", user.hasRepositoryPermission(personal.name));
			assertTrue("user CAN NOT view!", user.canView(personal));
			assertTrue("user CAN NOT clone!", user.canClone(personal));
			assertTrue("user CAN NOT push!", user.canPush(personal));


			assertFalse("user CAN create ref!", user.canCreateRef(personal));
			assertFalse("user CAN delete ref!", user.canDeleteRef(personal));
			assertFalse("user CAN rewind ref!", user.canRewindRef(personal));
			@@ -2763,20 +2799,20 @@
			assertEquals("user has wrong permission!", AccessPermission.PUSH, user.getRepositoryPermission(personal).permission);

			assertFalse("user CAN fork!", user.canFork(personal));


			assertFalse("user CAN delete!", user.canDelete(personal));
			assertFalse("user CAN edit!", user.canEdit(personal));


			user.permissions.clear();
			user.setRepositoryPermission("~ubercool/.*", AccessPermission.CLONE);
			user.setRepositoryPermission(".*", AccessPermission.PUSH);


			// has CLONE access because first match is CLONE permission
			assertTrue("user HAS a repository permission!", user.hasRepositoryPermission(personal.name));
			assertTrue("user CAN NOT view!", user.canView(personal));
			assertTrue("user CAN NOT clone!", user.canClone(personal));
			assertFalse("user CAN push!", user.canPush(personal));


			assertFalse("user CAN create ref!", user.canCreateRef(personal));
			assertFalse("user CAN delete ref!", user.canDeleteRef(personal));
			assertFalse("user CAN rewind ref!", user.canRewindRef(personal));
			@@ -2784,11 +2820,11 @@
			assertEquals("user has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(personal).permission);

			assertFalse("user CAN fork!", user.canFork(personal));


			assertFalse("user CAN delete!", user.canDelete(personal));
			assertFalse("user CAN edit!", user.canEdit(personal));
			}


			@Test
			public void testExclusion() throws Exception {
			RepositoryModel personal = new RepositoryModel("~ubercool/_my-r/e~po.git", null, null, new Date());
			@@ -2798,13 +2834,13 @@
			UserModel user = new UserModel("test");
			user.setRepositoryPermission("~ubercool/.*", AccessPermission.EXCLUDE);
			user.setRepositoryPermission(".*", AccessPermission.PUSH);


			// has EXCLUDE access because first match is EXCLUDE permission
			assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(personal.name));
			assertFalse("user CAN NOT view!", user.canView(personal));
			assertFalse("user CAN NOT clone!", user.canClone(personal));
			assertFalse("user CAN push!", user.canPush(personal));


			assertFalse("user CAN create ref!", user.canCreateRef(personal));
			assertFalse("user CAN delete ref!", user.canDeleteRef(personal));
			assertFalse("user CAN rewind ref!", user.canRewindRef(personal));
			@@ -2812,7 +2848,7 @@
			assertEquals("user has wrong permission!", AccessPermission.EXCLUDE, user.getRepositoryPermission(personal).permission);

			assertFalse("user CAN fork!", user.canFork(personal));


			assertFalse("user CAN delete!", user.canDelete(personal));
			assertFalse("user CAN edit!", user.canEdit(personal));
			}
			@@ -2825,7 +2861,7 @@
			user.teams.add(team);
			assertTrue("User did not inherit admin privileges", user.canAdmin());
			}


			@Test
			public void testForkTeamInheritance() throws Exception {
			UserModel user = new UserModel("test");
			@@ -2844,4 +2880,57 @@
			assertTrue("User did not inherit create privileges", user.canCreate());
			}

			@Test
			public void testIsFrozen() throws Exception {
			RepositoryModel repo = new RepositoryModel("somerepo.git", null, null, new Date());
			repo.authorizationControl = AuthorizationControl.NAMED;
			repo.accessRestriction = AccessRestrictionType.NONE;

			UserModel user = new UserModel("test");
			TeamModel team = new TeamModel("team");

			assertEquals("user has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repo).permission);
			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repo).permission);

			// freeze repo
			repo.isFrozen = true;
			assertEquals("user has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(repo).permission);
			assertEquals("team has wrong permission!", AccessPermission.CLONE, team.getRepositoryPermission(repo).permission);
			}

			@Test
			public void testIsBare() throws Exception {
			RepositoryModel repo = new RepositoryModel("somerepo.git", null, null, new Date());
			repo.authorizationControl = AuthorizationControl.NAMED;
			repo.accessRestriction = AccessRestrictionType.NONE;

			UserModel user = new UserModel("test");
			TeamModel team = new TeamModel("team");

			assertEquals("user has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repo).permission);
			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repo).permission);

			// set repo to have a working copy, pushes prohibited
			repo.isBare = false;
			assertEquals("user has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(repo).permission);
			assertEquals("team has wrong permission!", AccessPermission.CLONE, team.getRepositoryPermission(repo).permission);
			}

			@Test
			public void testIsMirror() throws Exception {
			RepositoryModel repo = new RepositoryModel("somerepo.git", null, null, new Date());
			repo.authorizationControl = AuthorizationControl.NAMED;
			repo.accessRestriction = AccessRestrictionType.NONE;

			UserModel user = new UserModel("test");
			TeamModel team = new TeamModel("team");

			assertEquals("user has wrong permission!", AccessPermission.REWIND, user.getRepositoryPermission(repo).permission);
			assertEquals("team has wrong permission!", AccessPermission.REWIND, team.getRepositoryPermission(repo).permission);

			// set repo to be a mirror, pushes prohibited
			repo.isMirror = true;
			assertEquals("user has wrong permission!", AccessPermission.CLONE, user.getRepositoryPermission(repo).permission);
			assertEquals("team has wrong permission!", AccessPermission.CLONE, team.getRepositoryPermission(repo).permission);
			}
			}