From 2ea85bfe371215ef21fcd528bc40fa57c48ee698 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 31 Oct 2012 16:38:03 -0400
Subject: [PATCH] Personal repositories must always be owned by the account the repo is stored in
---
src/com/gitblit/wicket/pages/RepositoryPage.java | 33 ++++++++++++++++++++-------------
1 files changed, 20 insertions(+), 13 deletions(-)
diff --git a/src/com/gitblit/wicket/pages/RepositoryPage.java b/src/com/gitblit/wicket/pages/RepositoryPage.java
index fd2cbcc..2bd1ec2 100644
--- a/src/com/gitblit/wicket/pages/RepositoryPage.java
+++ b/src/com/gitblit/wicket/pages/RepositoryPage.java
@@ -92,19 +92,6 @@
}
objectId = WicketUtils.getObject(params);
- if (objectId != null) {
- RefModel branch = null;
- if ((branch = JGitUtils.getBranch(getRepository(), objectId)) != null) {
- boolean canAccess = GitBlitWebSession
- .get()
- .getUser()
- .hasBranchPermission(getRepositoryModel().name,
- branch.reference.getName());
- if (!canAccess) {
- error("Access denied", true);
- }
- }
- }
if (StringUtils.isEmpty(repositoryName)) {
error(MessageFormat.format(getString("gb.repositoryNotSpecifiedFor"), getPageName()), true);
}
@@ -112,6 +99,26 @@
if (!getRepositoryModel().hasCommits) {
setResponsePage(EmptyRepositoryPage.class, params);
}
+
+ if (getRepositoryModel().isCollectingGarbage) {
+ error(MessageFormat.format(getString("gb.busyCollectingGarbage"), getRepositoryModel().name), true);
+ }
+
+ if (objectId != null) {
+ RefModel branch = null;
+ if ((branch = JGitUtils.getBranch(getRepository(), objectId)) != null) {
+ UserModel user = GitBlitWebSession.get().getUser();
+ if (user == null) {
+ // workaround until get().getUser() is reviewed throughout the app
+ user = UserModel.ANONYMOUS;
+ }
+ boolean canAccess = user.hasBranchPermission(repositoryName,
+ branch.reference.getName());
+ if (!canAccess) {
+ error(getString("gb.accessDeined"), true);
+ }
+ }
+ }
// register the available page links for this page and user
registeredPages = registerPages();
--
Gitblit v1.9.1