From 27ae9095639bb228a1b7ff86a3ebe4264abf05be Mon Sep 17 00:00:00 2001
From: mschaefers <mschaefers@scoop-gmbh.de>
Date: Thu, 29 Nov 2012 12:33:09 -0500
Subject: [PATCH] feature: when using LdapUserService one can configure Gitblit to fetch all users from ldap that can possibly login. This allows to see newly generated LDAP users instantly in Gitblit. By now an LDAP user had to log in once to appear in GitBlit.

---
 src/com/gitblit/models/TeamModel.java |   59 ++++++++++++++++++++++++++++++++++++++++++++++-------------
 1 files changed, 46 insertions(+), 13 deletions(-)

diff --git a/src/com/gitblit/models/TeamModel.java b/src/com/gitblit/models/TeamModel.java
index 9ba2f66..9587ca7 100644
--- a/src/com/gitblit/models/TeamModel.java
+++ b/src/com/gitblit/models/TeamModel.java
@@ -19,16 +19,18 @@
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.Collections;
-import java.util.HashMap;
 import java.util.HashSet;
+import java.util.LinkedHashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
 import com.gitblit.Constants.AccessPermission;
 import com.gitblit.Constants.AccessRestrictionType;
+import com.gitblit.Constants.PermissionType;
 import com.gitblit.Constants.RegistrantType;
 import com.gitblit.Constants.Unused;
+import com.gitblit.utils.StringUtils;
 
 /**
  * TeamModel is a serializable model class that represents a group of users and
@@ -50,7 +52,7 @@
 	// retained for backwards-compatibility with RPC clients
 	@Deprecated
 	public final Set<String> repositories = new HashSet<String>();
-	public final Map<String, AccessPermission> permissions = new HashMap<String, AccessPermission>();
+	public final Map<String, AccessPermission> permissions = new LinkedHashMap<String, AccessPermission>();
 	public final Set<String> mailingLists = new HashSet<String>();
 	public final List<String> preReceiveScripts = new ArrayList<String>();
 	public final List<String> postReceiveScripts = new ArrayList<String>();
@@ -96,8 +98,21 @@
 	 */
 	public List<RegistrantAccessPermission> getRepositoryPermissions() {
 		List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();
+		if (canAdmin) {
+			// team has REWIND access to all repositories
+			return list;
+		}
 		for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) {
-			list.add(new RegistrantAccessPermission(entry.getKey(), entry.getValue(), true, RegistrantType.REPOSITORY));
+			String registrant = entry.getKey();
+			String source = null;
+			boolean editable = true;
+			PermissionType pType = PermissionType.EXPLICIT;
+			if (StringUtils.findInvalidCharacter(registrant) != null) {
+				// a regex will have at least 1 invalid character
+				pType = PermissionType.REGEX;
+				source = registrant;
+			}
+			list.add(new RegistrantAccessPermission(registrant, entry.getValue(), pType, RegistrantType.REPOSITORY, source, editable));
 		}
 		Collections.sort(list);
 		return list;
@@ -175,32 +190,50 @@
 		repositories.add(repository.toLowerCase());
 	}
 	
-	public AccessPermission getRepositoryPermission(RepositoryModel repository) {
-		AccessPermission permission = AccessPermission.NONE;
+	public RegistrantAccessPermission getRepositoryPermission(RepositoryModel repository) {
+		RegistrantAccessPermission ap = new RegistrantAccessPermission();
+		ap.registrant = name;
+		ap.registrantType = RegistrantType.TEAM;
+		ap.permission = AccessPermission.NONE;
+		ap.mutable = false;
+		
+		if (canAdmin) {
+			ap.permissionType = PermissionType.ADMINISTRATOR;
+			ap.permission = AccessPermission.REWIND;
+			return ap;
+		}
+		
 		if (permissions.containsKey(repository.name.toLowerCase())) {
 			// exact repository permission specified
 			AccessPermission p = permissions.get(repository.name.toLowerCase());
 			if (p != null) {
-				permission = p;
+				ap.permissionType = PermissionType.EXPLICIT;
+				ap.permission = p;
+				ap.mutable = true;
+				return ap;
 			}
 		} else {
-			// search for regex permission match
+			// search for case-insensitive regex permission match
 			for (String key : permissions.keySet()) {
-				if (repository.name.matches(key)) {
+				if (StringUtils.matchesIgnoreCase(repository.name, key)) {
 					AccessPermission p = permissions.get(key);
 					if (p != null) {
-						permission = p;
+						// take first match
+						ap.permissionType = PermissionType.REGEX;
+						ap.permission = p;
+						ap.source = key;
+						return ap;
 					}
 				}
 			}
 		}
-		return permission;
+		return ap;
 	}
 	
-	private boolean canAccess(RepositoryModel repository, AccessRestrictionType ifRestriction, AccessPermission requirePermission) {
+	protected boolean canAccess(RepositoryModel repository, AccessRestrictionType ifRestriction, AccessPermission requirePermission) {
 		if (repository.accessRestriction.atLeast(ifRestriction)) {
-			AccessPermission permission = getRepositoryPermission(repository);
-			return permission.atLeast(requirePermission);
+			RegistrantAccessPermission ap = getRepositoryPermission(repository);
+			return ap.permission.atLeast(requirePermission);
 		}
 		return true;
 	}

--
Gitblit v1.9.1