From 27ae9095639bb228a1b7ff86a3ebe4264abf05be Mon Sep 17 00:00:00 2001
From: mschaefers <mschaefers@scoop-gmbh.de>
Date: Thu, 29 Nov 2012 12:33:09 -0500
Subject: [PATCH] feature: when using LdapUserService one can configure Gitblit to fetch all users from ldap that can possibly login. This allows to see newly generated LDAP users instantly in Gitblit. By now an LDAP user had to log in once to appear in GitBlit.

---
 src/com/gitblit/client/GitblitClient.java |   97 +++++++++++++++++++++++++++++-------------------
 1 files changed, 58 insertions(+), 39 deletions(-)

diff --git a/src/com/gitblit/client/GitblitClient.java b/src/com/gitblit/client/GitblitClient.java
index b7047d7..1101cd6 100644
--- a/src/com/gitblit/client/GitblitClient.java
+++ b/src/com/gitblit/client/GitblitClient.java
@@ -507,39 +507,64 @@
 		return usernames;
 	}
 	
+	/**
+	 * Returns the effective list of permissions for this user, taking into account
+	 * team memberships, ownerships.
+	 * 
+	 * @param user
+	 * @return the effective list of permissions for the user
+	 */
+	public List<RegistrantAccessPermission> getUserAccessPermissions(UserModel user) {
+		Set<RegistrantAccessPermission> set = new LinkedHashSet<RegistrantAccessPermission>();
+		set.addAll(user.getRepositoryPermissions());
+		// Flag missing repositories
+		for (RegistrantAccessPermission permission : set) {
+			if (permission.mutable && PermissionType.EXPLICIT.equals(permission.permissionType)) {
+				RepositoryModel rm = getRepository(permission.registrant);
+				if (rm == null) {
+					permission.permissionType = PermissionType.MISSING;
+					permission.mutable = false;
+					continue;
+				}
+			}
+		}
+
+		// TODO reconsider ownership as a user property
+		// manually specify personal repository ownerships
+		for (RepositoryModel rm : allRepositories) {
+			if (rm.isUsersPersonalRepository(user.username) || rm.isOwner(user.username)) {
+				RegistrantAccessPermission rp = new RegistrantAccessPermission(rm.name, AccessPermission.REWIND,
+						PermissionType.OWNER, RegistrantType.REPOSITORY, null, false);
+				// user may be owner of a repository to which they've inherited
+				// a team permission, replace any existing perm with owner perm
+				set.remove(rp);
+				set.add(rp);
+			}
+		}
+		
+		List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>(set);
+		Collections.sort(list);
+		return list;
+	}
+	
 	public List<RegistrantAccessPermission> getUserAccessPermissions(RepositoryModel repository) {
-		Set<RegistrantAccessPermission> list = new LinkedHashSet<RegistrantAccessPermission>();
-		if (!StringUtils.isEmpty(repository.owner)) {
-			UserModel owner = getUser(repository.owner);
-			if (owner != null) {
-				list.add(new RegistrantAccessPermission(owner.username, AccessPermission.REWIND, PermissionType.OWNER, RegistrantType.USER, false));
+		List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();
+		if (AccessRestrictionType.NONE.equals(repository.accessRestriction)) {
+			// no permissions needed, REWIND for everyone!
+			return list;
+		}
+		if (AuthorizationControl.AUTHENTICATED.equals(repository.authorizationControl)) {
+			// no permissions needed, REWIND for authenticated!
+			return list;
+		}
+		// NAMED users and teams
+		for (UserModel user : allUsers) {
+			RegistrantAccessPermission ap = user.getRepositoryPermission(repository);
+			if (ap.permission.exceeds(AccessPermission.NONE)) {
+				list.add(ap);
 			}
 		}
-		if (repository.isPersonalRepository()) {
-			UserModel owner = getUser(repository.projectPath.substring(1));
-			if (owner != null) {
-				list.add(new RegistrantAccessPermission(owner.username, AccessPermission.REWIND, PermissionType.OWNER, RegistrantType.USER, false));
-			}
-		}
-		for (UserModel user : getUsers()) {
-			if (user.hasRepositoryPermission(repository.name)) {
-				AccessPermission ap = user.getRepositoryPermission(repository);
-				PermissionType pType = PermissionType.REGEX;
-				boolean editable = false;
-				if (repository.isOwner(user.username)) {
-					pType = PermissionType.OWNER;
-				} else if (repository.isUsersPersonalRepository(user.username)) {
-					pType = PermissionType.OWNER;
-				} else if (user.hasExplicitRepositoryPermission(repository.name)) {
-					pType = PermissionType.EXPLICIT;
-					editable = true;
-				}			
-				list.add(new RegistrantAccessPermission(user.username, ap, pType, RegistrantType.USER, editable));
-			}
-		}
-		List<RegistrantAccessPermission> raps = new ArrayList<RegistrantAccessPermission>(list);
-		Collections.sort(raps);
-		return raps;
+		return list;
 	}
 
 	public boolean setUserAccessPermissions(RepositoryModel repository, List<RegistrantAccessPermission> permissions) throws IOException {
@@ -572,15 +597,9 @@
 	public List<RegistrantAccessPermission> getTeamAccessPermissions(RepositoryModel repository) {
 		List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();
 		for (TeamModel team : allTeams) {
-			if (team.hasRepositoryPermission(repository.name)) {
-				AccessPermission ap = team.getRepositoryPermission(repository);
-				PermissionType pType = PermissionType.REGEX;
-				boolean editable = false;
-				if (team.hasExplicitRepositoryPermission(repository.name)) {
-					pType = PermissionType.EXPLICIT;
-					editable = true;
-				}
-				list.add(new RegistrantAccessPermission(team.name, ap, pType, RegistrantType.TEAM, editable));
+			RegistrantAccessPermission ap = team.getRepositoryPermission(repository);
+			if (ap.permission.exceeds(AccessPermission.NONE)) {
+				list.add(ap);
 			}
 		}
 		Collections.sort(list);

--
Gitblit v1.9.1