From 2bfb8ab137ac18b60cad0c375c7b9bef67499b94 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 23 Oct 2012 17:35:42 -0400
Subject: [PATCH] Enforce strict order for permission determination

---
 src/com/gitblit/wicket/pages/EditRepositoryPage.java |   59 ++++++++++++++++++++++-------------------------------------
 1 files changed, 22 insertions(+), 37 deletions(-)

diff --git a/src/com/gitblit/wicket/pages/EditRepositoryPage.java b/src/com/gitblit/wicket/pages/EditRepositoryPage.java
index 8176c28..98b04f5 100644
--- a/src/com/gitblit/wicket/pages/EditRepositoryPage.java
+++ b/src/com/gitblit/wicket/pages/EditRepositoryPage.java
@@ -54,6 +54,7 @@
 import com.gitblit.GitBlit;
 import com.gitblit.GitBlitException;
 import com.gitblit.Keys;
+import com.gitblit.models.RegistrantAccessPermission;
 import com.gitblit.models.RepositoryModel;
 import com.gitblit.models.UserModel;
 import com.gitblit.utils.ArrayUtils;
@@ -62,6 +63,7 @@
 import com.gitblit.wicket.StringChoiceRenderer;
 import com.gitblit.wicket.WicketUtils;
 import com.gitblit.wicket.panels.BulletListPanel;
+import com.gitblit.wicket.panels.RegistrantPermissionsPanel;
 
 public class EditRepositoryPage extends RootSubPage {
 
@@ -94,6 +96,7 @@
 		}
 		
 		setupPage(model);
+		setStatelessHint(false);
 	}
 
 	public EditRepositoryPage(PageParameters params) {
@@ -103,6 +106,7 @@
 		String name = WicketUtils.getRepositoryName(params);
 		RepositoryModel model = GitBlit.self().getRepositoryModel(name);
 		setupPage(model);
+		setStatelessHint(false);
 	}
 
 	protected void setupPage(final RepositoryModel repositoryModel) {
@@ -111,14 +115,15 @@
 
 		List<String> indexedBranches = new ArrayList<String>();
 		List<String> federationSets = new ArrayList<String>();
-		List<String> repositoryUsers = new ArrayList<String>();
-		List<String> repositoryTeams = new ArrayList<String>();
+		final List<RegistrantAccessPermission> repositoryUsers = new ArrayList<RegistrantAccessPermission>();
+		final List<RegistrantAccessPermission> repositoryTeams = new ArrayList<RegistrantAccessPermission>();
 		List<String> preReceiveScripts = new ArrayList<String>();
 		List<String> postReceiveScripts = new ArrayList<String>();
 
 		GitBlitWebSession session = GitBlitWebSession.get();
 		final UserModel user = session.getUser() == null ? UserModel.ANONYMOUS : session.getUser();
-
+		final boolean allowEditName = isCreate || isAdmin || repositoryModel.isUsersPersonalRepository(user.username);
+		
 		if (isCreate) {
 			if (user.canAdmin()) {
 				super.setupPage(getString("gb.newRepository"), "");
@@ -128,8 +133,8 @@
 		} else {
 			super.setupPage(getString("gb.edit"), repositoryModel.name);
 			if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) {
-				repositoryUsers.addAll(GitBlit.self().getRepositoryUsers(repositoryModel));
-				repositoryTeams.addAll(GitBlit.self().getRepositoryTeams(repositoryModel));
+				repositoryUsers.addAll(GitBlit.self().getUserAccessPermissions(repositoryModel));
+				repositoryTeams.addAll(GitBlit.self().getTeamAccessPermissions(repositoryModel));
 				Collections.sort(repositoryUsers);
 			}
 			federationSets.addAll(repositoryModel.federationSets);
@@ -139,15 +144,11 @@
 		}
 
 		final String oldName = repositoryModel.name;
-		// users palette
-		final Palette<String> usersPalette = new Palette<String>("users", new ListModel<String>(
-				repositoryUsers), new CollectionModel<String>(GitBlit.self().getAllUsernames()),
-				new StringChoiceRenderer(), 10, false);
 
-		// teams palette
-		final Palette<String> teamsPalette = new Palette<String>("teams", new ListModel<String>(
-				repositoryTeams), new CollectionModel<String>(GitBlit.self().getAllTeamnames()),
-				new StringChoiceRenderer(), 8, false);
+		RegistrantPermissionsPanel usersPalette = new RegistrantPermissionsPanel("users", 
+				GitBlit.self().getAllUsernames(), repositoryUsers, getAccessPermissions());
+		RegistrantPermissionsPanel teamsPalette = new RegistrantPermissionsPanel("teams", 
+				GitBlit.self().getAllTeamnames(), repositoryTeams, getAccessPermissions());
 
 		// indexed local branches palette
 		List<String> allLocalBranches = new ArrayList<String>();
@@ -253,7 +254,7 @@
 						return;
 					}
 					
-					if (user.canCreate() && !user.canAdmin()) {
+					if (user.canCreate() && !user.canAdmin() && allowEditName) {
 						// ensure repository name begins with the user's path
 						if (!repositoryModel.name.startsWith(user.getPersonalPath())) {
 							error(MessageFormat.format(getString("gb.illegalPersonalRepositoryLocation"),
@@ -342,28 +343,10 @@
 					// save the repository
 					GitBlit.self().updateRepositoryModel(oldName, repositoryModel, isCreate);
 
-					// repository access
+					// repository access permissions
 					if (repositoryModel.accessRestriction.exceeds(AccessRestrictionType.NONE)) {
-						// save the user access list
-						Iterator<String> users = usersPalette.getSelectedChoices();
-						List<String> repositoryUsers = new ArrayList<String>();
-						while (users.hasNext()) {
-							repositoryUsers.add(users.next());
-						}
-						// ensure the owner is added to the user list
-						if (repositoryModel.owner != null
-								&& !repositoryUsers.contains(repositoryModel.owner)) {
-							repositoryUsers.add(repositoryModel.owner);
-						}
-						GitBlit.self().setRepositoryUsers(repositoryModel, repositoryUsers);
-
-						// save the team access list
-						Iterator<String> teams = teamsPalette.getSelectedChoices();
-						List<String> repositoryTeams = new ArrayList<String>();
-						while (teams.hasNext()) {
-							repositoryTeams.add(teams.next());
-						}
-						GitBlit.self().setRepositoryTeams(repositoryModel, repositoryTeams);
+						GitBlit.self().setUserAccessPermissions(repositoryModel, repositoryUsers);
+						GitBlit.self().setTeamAccessPermissions(repositoryModel, repositoryTeams);
 					}
 				} catch (GitBlitException e) {
 					error(e.getMessage());
@@ -378,7 +361,7 @@
 		form.add(new SimpleAttributeModifier("autocomplete", "off"));
 
 		// field names reflective match RepositoryModel fields
-		form.add(new TextField<String>("name").setEnabled(isCreate || isAdmin || repositoryModel.isUsersPersonalRepository(user.username)));
+		form.add(new TextField<String>("name").setEnabled(allowEditName));
 		form.add(new TextField<String>("description"));
 		form.add(new DropDownChoice<String>("owner", GitBlit.self().getAllUsernames())
 				.setEnabled(GitBlitWebSession.get().canAdmin()));
@@ -406,7 +389,7 @@
 		form.add(new DropDownChoice<FederationStrategy>("federationStrategy", federationStrategies,
 				new FederationTypeRenderer()));
 		form.add(new CheckBox("useTickets"));
-		form.add(new CheckBox("useDocs"));		
+		form.add(new CheckBox("useDocs"));
 		form.add(new CheckBox("showRemoteBranches"));
 		form.add(new CheckBox("showReadme"));
 		form.add(new CheckBox("skipSizeCalculation"));
@@ -423,6 +406,8 @@
 		group.add(allowNamed);
 		form.add(group);
 				
+		form.add(new CheckBox("verifyCommitter"));
+
 		form.add(usersPalette);
 		form.add(teamsPalette);
 		form.add(federationSetsPalette);

--
Gitblit v1.9.1