From 58e7ec808177e53981792b1489695a51d2c91fe5 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 10 Oct 2012 17:13:18 -0400
Subject: [PATCH] Add regex permission matching to hasRepositoryPermission check (issue 36)
---
src/com/gitblit/models/TeamModel.java | 16 +++++++++++++++-
tests/com/gitblit/tests/PermissionsTest.java | 4 ++++
src/com/gitblit/models/UserModel.java | 16 +++++++++++++++-
3 files changed, 34 insertions(+), 2 deletions(-)
diff --git a/src/com/gitblit/models/TeamModel.java b/src/com/gitblit/models/TeamModel.java
index 0b9c506..896adfe 100644
--- a/src/com/gitblit/models/TeamModel.java
+++ b/src/com/gitblit/models/TeamModel.java
@@ -92,7 +92,21 @@
*/
public boolean hasRepositoryPermission(String name) {
String repository = AccessPermission.repositoryFromRole(name).toLowerCase();
- return permissions.containsKey(repository) || repositories.contains(repository);
+ if (permissions.containsKey(repository)) {
+ // exact repository permission specified
+ return true;
+ } else {
+ // search for regex permission match
+ for (String key : permissions.keySet()) {
+ if (name.matches(key)) {
+ AccessPermission p = permissions.get(key);
+ if (p != null) {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
}
/**
diff --git a/src/com/gitblit/models/UserModel.java b/src/com/gitblit/models/UserModel.java
index a4a4024..d8c2abe 100644
--- a/src/com/gitblit/models/UserModel.java
+++ b/src/com/gitblit/models/UserModel.java
@@ -132,7 +132,21 @@
*/
public boolean hasRepositoryPermission(String name) {
String repository = AccessPermission.repositoryFromRole(name).toLowerCase();
- return permissions.containsKey(repository) || repositories.contains(repository);
+ if (permissions.containsKey(repository)) {
+ // exact repository permission specified
+ return true;
+ } else {
+ // search for regex permission match
+ for (String key : permissions.keySet()) {
+ if (name.matches(key)) {
+ AccessPermission p = permissions.get(key);
+ if (p != null) {
+ return true;
+ }
+ }
+ }
+ }
+ return false;
}
/**
diff --git a/tests/com/gitblit/tests/PermissionsTest.java b/tests/com/gitblit/tests/PermissionsTest.java
index 83ab11e..41ff5a6 100644
--- a/tests/com/gitblit/tests/PermissionsTest.java
+++ b/tests/com/gitblit/tests/PermissionsTest.java
@@ -2329,6 +2329,7 @@
UserModel user = new UserModel("test");
repository.owner = user.username;
+ assertFalse("user SHOULD NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
assertTrue("owner CAN NOT view!", user.canView(repository));
assertTrue("owner CAN NOT clone!", user.canClone(repository));
assertTrue("owner CAN NOT push!", user.canPush(repository));
@@ -2352,6 +2353,7 @@
UserModel user = new UserModel("test");
repository.owner = user.username;
+ assertFalse("user SHOULD NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
assertTrue("user CAN NOT view!", user.canView(repository));
assertTrue("user CAN NOT clone!", user.canClone(repository));
assertTrue("user CAN NOT push!", user.canPush(repository));
@@ -2375,6 +2377,7 @@
UserModel user = new UserModel("visitor");
repository.owner = "test";
+ assertFalse("user HAS a repository permission!", user.hasRepositoryPermission(repository.name));
assertFalse("user CAN view!", user.canView(repository));
assertFalse("user CAN clone!", user.canClone(repository));
assertFalse("user CAN push!", user.canPush(repository));
@@ -2398,6 +2401,7 @@
UserModel user = new UserModel("test");
user.setRepositoryPermission("ubercool/[A-Za-z0-9-~_\\./]+", AccessPermission.CLONE);
+ assertTrue("user DOES NOT HAVE a repository permission!", user.hasRepositoryPermission(repository.name));
assertTrue("user CAN NOT view!", user.canView(repository));
assertTrue("user CAN NOT clone!", user.canClone(repository));
assertFalse("user CAN push!", user.canPush(repository));
--
Gitblit v1.9.1