From 7ca05374db6f6af9de06665c9d2d08acfe85aa4f Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Wed, 05 Mar 2014 12:26:14 -0500
Subject: [PATCH] Centralized ticket editing permission controls

---
 src/main/java/com/gitblit/models/UserModel.java |   17 ++++++++++++++---
 1 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/src/main/java/com/gitblit/models/UserModel.java b/src/main/java/com/gitblit/models/UserModel.java
index fbf311a..fee9c17 100644
--- a/src/main/java/com/gitblit/models/UserModel.java
+++ b/src/main/java/com/gitblit/models/UserModel.java
@@ -447,16 +447,23 @@
 		return canAdmin() || model.isUsersPersonalRepository(username) || model.isOwner(username);
 	}
 
+	public boolean canEdit(TicketModel ticket, RepositoryModel repository) {
+		 return isAuthenticated() &&
+				 (username.equals(ticket.createdBy)
+				 || username.equals(ticket.responsible)
+				 || canPush(repository));
+	}
+
 	public boolean canReviewPatchset(RepositoryModel model) {
-		return isAuthenticated && canClone(model);
+		return isAuthenticated() && canClone(model);
 	}
 
 	public boolean canApprovePatchset(RepositoryModel model) {
-		return isAuthenticated && canPush(model);
+		return isAuthenticated() && canPush(model);
 	}
 
 	public boolean canVetoPatchset(RepositoryModel model) {
-		return isAuthenticated && canPush(model);
+		return isAuthenticated() && canPush(model);
 	}
 
 	/**
@@ -540,6 +547,10 @@
 		return false;
 	}
 
+	public boolean isAuthenticated() {
+		return !UserModel.ANONYMOUS.equals(this) && isAuthenticated;
+	}
+
 	public boolean isTeamMember(String teamname) {
 		for (TeamModel team : teams) {
 			if (team.name.equalsIgnoreCase(teamname)) {

--
Gitblit v1.9.1