Search in sources :

Example 11 with AccessPermission

use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.

the class UserModel method addRepositoryPermission.

/**
	 * Adds a repository permission to the team.
	 * <p>
	 * Role may be formatted as:
	 * <ul>
	 * <li> myrepo.git <i>(this is implicitly RW+)</i>
	 * <li> RW+:myrepo.git
	 * </ul>
	 * @param role
	 */
public void addRepositoryPermission(String role) {
    AccessPermission permission = AccessPermission.permissionFromRole(role);
    String repository = AccessPermission.repositoryFromRole(role).toLowerCase();
    repositories.add(repository);
    permissions.put(repository, permission);
}
Also used : AccessPermission(com.gitblit.Constants.AccessPermission)

Example 12 with AccessPermission

use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.

the class UserModel method getRepositoryPermissions.

/**
	 * Returns a list of repository permissions for this user exclusive of
	 * permissions inherited from team memberships.
	 *
	 * @return the user's list of permissions
	 */
public List<RegistrantAccessPermission> getRepositoryPermissions() {
    List<RegistrantAccessPermission> list = new ArrayList<RegistrantAccessPermission>();
    if (canAdmin()) {
        // user has REWIND access to all repositories
        return list;
    }
    for (Map.Entry<String, AccessPermission> entry : permissions.entrySet()) {
        String registrant = entry.getKey();
        AccessPermission ap = entry.getValue();
        String source = null;
        boolean mutable = true;
        PermissionType pType = PermissionType.EXPLICIT;
        if (isMyPersonalRepository(registrant)) {
            pType = PermissionType.OWNER;
            ap = AccessPermission.REWIND;
            mutable = false;
        } else if (StringUtils.findInvalidCharacter(registrant) != null) {
            // a regex will have at least 1 invalid character
            pType = PermissionType.REGEX;
            source = registrant;
        }
        list.add(new RegistrantAccessPermission(registrant, ap, pType, RegistrantType.REPOSITORY, source, mutable));
    }
    Collections.sort(list);
    // include immutable team permissions, being careful to preserve order
    Set<RegistrantAccessPermission> set = new LinkedHashSet<RegistrantAccessPermission>(list);
    for (TeamModel team : teams) {
        for (RegistrantAccessPermission teamPermission : team.getRepositoryPermissions()) {
            // we can not change an inherited team permission, though we can override
            teamPermission.registrantType = RegistrantType.REPOSITORY;
            teamPermission.permissionType = PermissionType.TEAM;
            teamPermission.source = team.name;
            teamPermission.mutable = false;
            set.add(teamPermission);
        }
    }
    return new ArrayList<RegistrantAccessPermission>(set);
}
Also used : LinkedHashSet(java.util.LinkedHashSet) PermissionType(com.gitblit.Constants.PermissionType) ArrayList(java.util.ArrayList) AccessPermission(com.gitblit.Constants.AccessPermission) LinkedHashMap(java.util.LinkedHashMap) Map(java.util.Map)

Example 13 with AccessPermission

use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.

the class ConfigUserService method renameRepositoryRole.

/**
	 * Renames a repository role.
	 *
	 * @param oldRole
	 * @param newRole
	 * @return true if successful
	 */
@Override
public synchronized boolean renameRepositoryRole(String oldRole, String newRole) {
    try {
        read();
        // identify users which require role rename
        for (UserModel model : users.values()) {
            if (model.hasRepositoryPermission(oldRole)) {
                AccessPermission permission = model.removeRepositoryPermission(oldRole);
                model.setRepositoryPermission(newRole, permission);
            }
        }
        // identify teams which require role rename
        for (TeamModel model : teams.values()) {
            if (model.hasRepositoryPermission(oldRole)) {
                AccessPermission permission = model.removeRepositoryPermission(oldRole);
                model.setRepositoryPermission(newRole, permission);
            }
        }
        // persist changes
        write();
        return true;
    } catch (Throwable t) {
        logger.error(MessageFormat.format("Failed to rename role {0} to {1}!", oldRole, newRole), t);
    }
    return false;
}
Also used : UserModel(com.gitblit.models.UserModel) TeamModel(com.gitblit.models.TeamModel) AccessPermission(com.gitblit.Constants.AccessPermission)

Example 14 with AccessPermission

use of com.gitblit.Constants.AccessPermission in project gitblit by gitblit.

the class LdapKeyManager method setKeyPermissions.

private void setKeyPermissions(SshKey key, GbAuthorizedKeyEntry keyEntry) {
    List<String> env = keyEntry.getLoginOptionValues("environment");
    if (env != null && !env.isEmpty()) {
        // Walk over all entries and find one that sets 'gbPerm'. The last one wins.
        for (String envi : env) {
            Matcher m = GB_PERM_PATTERN.matcher(envi);
            if (m.find()) {
                String perm = m.group(1).trim();
                AccessPermission ap = AccessPermission.fromCode(perm);
                if (ap == AccessPermission.NONE) {
                    ap = AccessPermission.valueOf(perm.toUpperCase());
                }
                if (ap != null && ap != AccessPermission.NONE) {
                    try {
                        key.setPermission(ap);
                    } catch (IllegalArgumentException e) {
                        log.warn("Incorrect permissions ({}) set for SSH key entry {}.", ap, envi, e);
                    }
                }
            }
        }
    }
}
Also used : Matcher(java.util.regex.Matcher) AccessPermission(com.gitblit.Constants.AccessPermission)

Aggregations

AccessPermission (com.gitblit.Constants.AccessPermission)14 ArrayList (java.util.ArrayList)7 UserModel (com.gitblit.models.UserModel)4 Map (java.util.Map)4 TeamModel (com.gitblit.models.TeamModel)3 File (java.io.File)3 IOException (java.io.IOException)3 PermissionType (com.gitblit.Constants.PermissionType)2 LinkedHashMap (java.util.LinkedHashMap)2 StoredConfig (org.eclipse.jgit.lib.StoredConfig)2 ConfigUserService (com.gitblit.ConfigUserService)1 Transport (com.gitblit.Constants.Transport)1 ForbiddenException (com.gitblit.GitBlitException.ForbiddenException)1 IUserService (com.gitblit.IUserService)1 RefModel (com.gitblit.models.RefModel)1 RepositoryModel (com.gitblit.models.RepositoryModel)1 RepositoryUrl (com.gitblit.models.RepositoryUrl)1 SshKey (com.gitblit.transport.ssh.SshKey)1 CloneResult (com.gitblit.utils.JGitUtils.CloneResult)1 FileOutputStream (java.io.FileOutputStream)1