use of com.gitblit.models.RegistrantAccessPermission in project gitblit by gitblit.
the class RpcTests method testTeamAdministration.
@Test
public void testTeamAdministration() throws IOException {
List<TeamModel> teams = RpcUtils.getTeams(url, account, password.toCharArray());
assertEquals(1, teams.size());
// Create the A-Team
TeamModel aTeam = new TeamModel("A-Team");
aTeam.users.add("admin");
aTeam.addRepositoryPermission("helloworld.git");
assertTrue(RpcUtils.createTeam(aTeam, url, account, password.toCharArray()));
aTeam = null;
teams = RpcUtils.getTeams(url, account, password.toCharArray());
assertEquals(2, teams.size());
for (TeamModel team : teams) {
if (team.name.equals("A-Team")) {
aTeam = team;
break;
}
}
assertNotNull(aTeam);
assertTrue(aTeam.hasUser("admin"));
assertTrue(aTeam.hasRepositoryPermission("helloworld.git"));
RepositoryModel helloworld = null;
Map<String, RepositoryModel> repositories = RpcUtils.getRepositories(url, account, password.toCharArray());
for (RepositoryModel repository : repositories.values()) {
if (repository.name.equals("helloworld.git")) {
helloworld = repository;
break;
}
}
assertNotNull(helloworld);
// Confirm that we have added the team
List<String> helloworldTeams = RpcUtils.getRepositoryTeams(helloworld, url, account, password.toCharArray());
assertEquals(1, helloworldTeams.size());
assertTrue(helloworldTeams.contains(aTeam.name));
// set no teams
List<RegistrantAccessPermission> permissions = new ArrayList<RegistrantAccessPermission>();
for (String team : helloworldTeams) {
permissions.add(new RegistrantAccessPermission(team, AccessPermission.NONE, PermissionType.EXPLICIT, RegistrantType.TEAM, null, true));
}
assertTrue(RpcUtils.setRepositoryTeamPermissions(helloworld, permissions, url, account, password.toCharArray()));
helloworldTeams = RpcUtils.getRepositoryTeams(helloworld, url, account, password.toCharArray());
assertEquals(0, helloworldTeams.size());
// delete the A-Team
assertTrue(RpcUtils.deleteTeam(aTeam, url, account, password.toCharArray()));
teams = RpcUtils.getTeams(url, account, password.toCharArray());
assertEquals(1, teams.size());
}
use of com.gitblit.models.RegistrantAccessPermission in project gitblit by gitblit.
the class RepositoryManager method setUserAccessPermissions.
/**
* Sets the access permissions to the specified repository for the specified users.
*
* @param repository
* @param permissions
* @return true if the user models have been updated
*/
@Override
public boolean setUserAccessPermissions(RepositoryModel repository, Collection<RegistrantAccessPermission> permissions) {
List<UserModel> users = new ArrayList<UserModel>();
for (RegistrantAccessPermission up : permissions) {
if (up.mutable) {
// only set editable defined permissions
UserModel user = userManager.getUserModel(up.registrant);
user.setRepositoryPermission(repository.name, up.permission);
users.add(user);
}
}
return userManager.updateUserModels(users);
}
use of com.gitblit.models.RegistrantAccessPermission in project gitblit by gitblit.
the class EditTeamPage method setupPage.
protected void setupPage(final TeamModel teamModel) {
if (isCreate) {
super.setupPage(getString("gb.newTeam"), "");
} else {
super.setupPage(getString("gb.edit"), teamModel.name);
}
CompoundPropertyModel<TeamModel> model = new CompoundPropertyModel<TeamModel>(teamModel);
List<String> repos = getAccessRestrictedRepositoryList(true, null);
List<String> teamUsers = new ArrayList<String>(teamModel.users);
List<String> preReceiveScripts = new ArrayList<String>();
List<String> postReceiveScripts = new ArrayList<String>();
final String oldName = teamModel.name;
final List<RegistrantAccessPermission> permissions = teamModel.getRepositoryPermissions();
// users palette
final Palette<UserChoice> users = new Palette<UserChoice>("users", new ListModel<UserChoice>(getTeamUsers(teamUsers)), new CollectionModel<UserChoice>(sortByDisplayName(getTeamUsers(app().users().getAllUsernames()))), new ChoiceRenderer<UserChoice>(null, "userId"), 10, false);
// pre-receive palette
if (teamModel.preReceiveScripts != null) {
preReceiveScripts.addAll(teamModel.preReceiveScripts);
}
final Palette<String> preReceivePalette = new Palette<String>("preReceiveScripts", new ListModel<String>(preReceiveScripts), new CollectionModel<String>(app().repositories().getPreReceiveScriptsUnused(null)), new StringChoiceRenderer(), 12, true);
// post-receive palette
if (teamModel.postReceiveScripts != null) {
postReceiveScripts.addAll(teamModel.postReceiveScripts);
}
final Palette<String> postReceivePalette = new Palette<String>("postReceiveScripts", new ListModel<String>(postReceiveScripts), new CollectionModel<String>(app().repositories().getPostReceiveScriptsUnused(null)), new StringChoiceRenderer(), 12, true);
Form<TeamModel> form = new Form<TeamModel>("editForm", model) {
private static final long serialVersionUID = 1L;
/*
* (non-Javadoc)
*
* @see org.apache.wicket.markup.html.form.Form#onSubmit()
*/
@Override
protected void onSubmit() {
String teamname = teamModel.name;
if (StringUtils.isEmpty(teamname)) {
error(getString("gb.pleaseSetTeamName"));
return;
}
if (isCreate) {
TeamModel model = app().users().getTeamModel(teamname);
if (model != null) {
error(MessageFormat.format(getString("gb.teamNameUnavailable"), teamname));
return;
}
}
// update team permissions
for (RegistrantAccessPermission repositoryPermission : permissions) {
teamModel.setRepositoryPermission(repositoryPermission.registrant, repositoryPermission.permission);
}
Iterator<UserChoice> selectedUsers = users.getSelectedChoices();
List<String> members = new ArrayList<String>();
while (selectedUsers.hasNext()) {
members.add(selectedUsers.next().getUserId().toLowerCase());
}
teamModel.users.clear();
teamModel.users.addAll(members);
// set mailing lists
String ml = mailingLists.getObject();
if (!StringUtils.isEmpty(ml)) {
Set<String> list = new HashSet<String>();
for (String address : ml.split("(,|\\s)")) {
if (StringUtils.isEmpty(address)) {
continue;
}
list.add(address.toLowerCase());
}
teamModel.mailingLists.clear();
teamModel.mailingLists.addAll(list);
}
// pre-receive scripts
List<String> preReceiveScripts = new ArrayList<String>();
Iterator<String> pres = preReceivePalette.getSelectedChoices();
while (pres.hasNext()) {
preReceiveScripts.add(pres.next());
}
teamModel.preReceiveScripts.clear();
teamModel.preReceiveScripts.addAll(preReceiveScripts);
// post-receive scripts
List<String> postReceiveScripts = new ArrayList<String>();
Iterator<String> post = postReceivePalette.getSelectedChoices();
while (post.hasNext()) {
postReceiveScripts.add(post.next());
}
teamModel.postReceiveScripts.clear();
teamModel.postReceiveScripts.addAll(postReceiveScripts);
try {
if (isCreate) {
app().gitblit().addTeam(teamModel);
} else {
app().gitblit().reviseTeam(oldName, teamModel);
}
} catch (GitBlitException e) {
error(e.getMessage());
return;
}
setRedirect(false);
if (isCreate) {
// create another team
info(MessageFormat.format(getString("gb.teamCreated"), teamModel.name));
}
// back to users page
setResponsePage(TeamsPage.class);
}
};
// do not let the browser pre-populate these fields
form.add(new SimpleAttributeModifier("autocomplete", "off"));
// not all user providers support manipulating team memberships
boolean editMemberships = app().authentication().supportsTeamMembershipChanges(teamModel);
// not all user providers support manipulating the admin role
boolean changeAdminRole = app().authentication().supportsRoleChanges(teamModel, Role.ADMIN);
// not all user providers support manipulating the create role
boolean changeCreateRole = app().authentication().supportsRoleChanges(teamModel, Role.CREATE);
// not all user providers support manipulating the fork role
boolean changeForkRole = app().authentication().supportsRoleChanges(teamModel, Role.FORK);
// field names reflective match TeamModel fields
form.add(new TextField<String>("name"));
form.add(new CheckBox("canAdmin").setEnabled(changeAdminRole));
form.add(new CheckBox("canFork").setEnabled(app().settings().getBoolean(Keys.web.allowForking, true) && changeForkRole));
form.add(new CheckBox("canCreate").setEnabled(changeCreateRole));
form.add(users.setEnabled(editMemberships));
mailingLists = new Model<String>(teamModel.mailingLists == null ? "" : StringUtils.flattenStrings(teamModel.mailingLists, " "));
form.add(new TextField<String>("mailingLists", mailingLists));
form.add(new RegistrantPermissionsPanel("repositories", RegistrantType.REPOSITORY, repos, permissions, getAccessPermissions()));
form.add(preReceivePalette);
form.add(new BulletListPanel("inheritedPreReceive", "inherited", app().repositories().getPreReceiveScriptsInherited(null)));
form.add(postReceivePalette);
form.add(new BulletListPanel("inheritedPostReceive", "inherited", app().repositories().getPostReceiveScriptsInherited(null)));
form.add(new Button("save"));
Button cancel = new Button("cancel") {
private static final long serialVersionUID = 1L;
@Override
public void onSubmit() {
setResponsePage(TeamsPage.class);
}
};
cancel.setDefaultFormProcessing(false);
form.add(cancel);
add(form);
}
use of com.gitblit.models.RegistrantAccessPermission in project gitblit by gitblit.
the class EditUserPage method setupPage.
protected void setupPage(final UserModel userModel) {
if (isCreate) {
super.setupPage(getString("gb.newUser"), "");
} else {
super.setupPage(getString("gb.edit"), userModel.username);
}
final Model<String> confirmPassword = new Model<String>(StringUtils.isEmpty(userModel.password) ? "" : userModel.password);
CompoundPropertyModel<UserModel> model = new CompoundPropertyModel<UserModel>(userModel);
// build list of projects including all repositories wildcards
List<String> repos = getAccessRestrictedRepositoryList(true, userModel);
List<String> userTeams = new ArrayList<String>();
for (TeamModel team : userModel.teams) {
userTeams.add(team.name);
}
Collections.sort(userTeams);
final String oldName = userModel.username;
final List<RegistrantAccessPermission> permissions = app().repositories().getUserAccessPermissions(userModel);
final Palette<String> teams = new Palette<String>("teams", new ListModel<String>(new ArrayList<String>(userTeams)), new CollectionModel<String>(app().users().getAllTeamNames()), new StringChoiceRenderer(), 10, false);
Locale locale = userModel.getPreferences().getLocale();
if (locale == null) {
locale = Locale.ENGLISH;
}
List<Language> languages = UserPage.getLanguages();
Language preferredLanguage = null;
if (locale != null) {
String localeCode = locale.getLanguage();
if (!StringUtils.isEmpty(locale.getCountry())) {
localeCode += "_" + locale.getCountry();
}
for (Language lang : languages) {
if (lang.code.equals(localeCode)) {
// language_COUNTRY match
preferredLanguage = lang;
} else if (preferredLanguage != null && lang.code.startsWith(locale.getLanguage())) {
// language match
preferredLanguage = lang;
}
}
}
final IModel<Language> language = Model.of(preferredLanguage);
Form<UserModel> form = new Form<UserModel>("editForm", model) {
private static final long serialVersionUID = 1L;
/*
* (non-Javadoc)
*
* @see org.apache.wicket.markup.html.form.Form#onSubmit()
*/
@Override
protected void onSubmit() {
if (StringUtils.isEmpty(userModel.username)) {
error(getString("gb.pleaseSetUsername"));
return;
}
Language lang = language.getObject();
if (lang != null) {
userModel.getPreferences().setLocale(lang.code);
}
// force username to lower-case
userModel.username = userModel.username.toLowerCase();
String username = userModel.username;
if (isCreate) {
UserModel model = app().users().getUserModel(username);
if (model != null) {
error(MessageFormat.format(getString("gb.usernameUnavailable"), username));
return;
}
}
boolean rename = !StringUtils.isEmpty(oldName) && !oldName.equalsIgnoreCase(username);
if (app().authentication().supportsCredentialChanges(userModel)) {
if (!userModel.password.equals(confirmPassword.getObject())) {
error(getString("gb.passwordsDoNotMatch"));
return;
}
String password = userModel.password;
if (!password.toUpperCase().startsWith(StringUtils.MD5_TYPE) && !password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
// This is a plain text password.
// Check length.
int minLength = app().settings().getInteger(Keys.realm.minPasswordLength, 5);
if (minLength < 4) {
minLength = 4;
}
if (password.trim().length() < minLength) {
error(MessageFormat.format(getString("gb.passwordTooShort"), minLength));
return;
}
// change the cookie
userModel.cookie = userModel.createCookie();
// Optionally store the password MD5 digest.
String type = app().settings().getString(Keys.realm.passwordStorage, "md5");
if (type.equalsIgnoreCase("md5")) {
// store MD5 digest of password
userModel.password = StringUtils.MD5_TYPE + StringUtils.getMD5(userModel.password);
} else if (type.equalsIgnoreCase("combined-md5")) {
// store MD5 digest of username+password
userModel.password = StringUtils.COMBINED_MD5_TYPE + StringUtils.getMD5(username + userModel.password);
}
} else if (rename && password.toUpperCase().startsWith(StringUtils.COMBINED_MD5_TYPE)) {
error(getString("gb.combinedMd5Rename"));
return;
}
}
// update user permissions
for (RegistrantAccessPermission repositoryPermission : permissions) {
if (repositoryPermission.mutable) {
userModel.setRepositoryPermission(repositoryPermission.registrant, repositoryPermission.permission);
}
}
Iterator<String> selectedTeams = teams.getSelectedChoices();
userModel.teams.clear();
while (selectedTeams.hasNext()) {
TeamModel team = app().users().getTeamModel(selectedTeams.next());
if (team == null) {
continue;
}
userModel.teams.add(team);
}
try {
if (isCreate) {
app().gitblit().addUser(userModel);
} else {
app().gitblit().reviseUser(oldName, userModel);
}
} catch (GitBlitException e) {
error(e.getMessage());
return;
}
setRedirect(false);
if (isCreate) {
// create another user
info(MessageFormat.format(getString("gb.userCreated"), userModel.username));
setResponsePage(EditUserPage.class);
} else {
// back to users page
setResponsePage(UsersPage.class);
}
}
};
// do not let the browser pre-populate these fields
form.add(new SimpleAttributeModifier("autocomplete", "off"));
// not all user providers support manipulating username and password
boolean editCredentials = app().authentication().supportsCredentialChanges(userModel);
// not all user providers support manipulating display name
boolean editDisplayName = app().authentication().supportsDisplayNameChanges(userModel);
// not all user providers support manipulating email address
boolean editEmailAddress = app().authentication().supportsEmailAddressChanges(userModel);
// not all user providers support manipulating team memberships
boolean editTeams = app().authentication().supportsTeamMembershipChanges(userModel);
// not all user providers support manipulating the admin role
boolean changeAdminRole = app().authentication().supportsRoleChanges(userModel, Role.ADMIN);
// not all user providers support manipulating the create role
boolean changeCreateRole = app().authentication().supportsRoleChanges(userModel, Role.CREATE);
// not all user providers support manipulating the fork role
boolean changeForkRole = app().authentication().supportsRoleChanges(userModel, Role.FORK);
// field names reflective match UserModel fields
form.add(new TextField<String>("username").setEnabled(editCredentials));
NonTrimmedPasswordTextField passwordField = new NonTrimmedPasswordTextField("password");
passwordField.setResetPassword(false);
form.add(passwordField.setEnabled(editCredentials));
NonTrimmedPasswordTextField confirmPasswordField = new NonTrimmedPasswordTextField("confirmPassword", confirmPassword);
confirmPasswordField.setResetPassword(false);
form.add(confirmPasswordField.setEnabled(editCredentials));
form.add(new TextField<String>("displayName").setEnabled(editDisplayName));
form.add(new TextField<String>("emailAddress").setEnabled(editEmailAddress));
DropDownChoice<Language> choice = new DropDownChoice<Language>("language", language, languages);
form.add(choice.setEnabled(languages.size() > 0));
if (userModel.canAdmin() && !userModel.canAdmin) {
// user inherits Admin permission
// display a disabled-yet-checked checkbox
form.add(new CheckBox("canAdmin", Model.of(true)).setEnabled(false));
} else {
form.add(new CheckBox("canAdmin").setEnabled(changeAdminRole));
}
if (userModel.canFork() && !userModel.canFork) {
// user inherits Fork permission
// display a disabled-yet-checked checkbox
form.add(new CheckBox("canFork", Model.of(true)).setEnabled(false));
} else {
final boolean forkingAllowed = app().settings().getBoolean(Keys.web.allowForking, true);
form.add(new CheckBox("canFork").setEnabled(forkingAllowed && changeForkRole));
}
if (userModel.canCreate() && !userModel.canCreate) {
// user inherits Create permission
// display a disabled-yet-checked checkbox
form.add(new CheckBox("canCreate", Model.of(true)).setEnabled(false));
} else {
form.add(new CheckBox("canCreate").setEnabled(changeCreateRole));
}
form.add(new CheckBox("excludeFromFederation"));
form.add(new CheckBox("disabled"));
form.add(new RegistrantPermissionsPanel("repositories", RegistrantType.REPOSITORY, repos, permissions, getAccessPermissions()));
form.add(teams.setEnabled(editTeams));
form.add(new TextField<String>("organizationalUnit").setEnabled(editDisplayName));
form.add(new TextField<String>("organization").setEnabled(editDisplayName));
form.add(new TextField<String>("locality").setEnabled(editDisplayName));
form.add(new TextField<String>("stateProvince").setEnabled(editDisplayName));
form.add(new TextField<String>("countryCode").setEnabled(editDisplayName));
form.add(new Button("save"));
Button cancel = new Button("cancel") {
private static final long serialVersionUID = 1L;
@Override
public void onSubmit() {
setResponsePage(UsersPage.class);
}
};
cancel.setDefaultFormProcessing(false);
form.add(cancel);
add(form);
}
use of com.gitblit.models.RegistrantAccessPermission in project gitblit by gitblit.
the class RepositoriesPanel method editRepository.
/**
* Displays the edit repository dialog and fires a SwingWorker to update the
* server, if appropriate.
*
* @param repository
*/
protected void editRepository(final RepositoryModel repository) {
EditRepositoryDialog dialog = new EditRepositoryDialog(gitblit.getProtocolVersion(), repository);
dialog.setLocationRelativeTo(RepositoriesPanel.this);
List<String> usernames = gitblit.getUsernames();
List<RegistrantAccessPermission> members = gitblit.getUserAccessPermissions(repository);
dialog.setUsers(new ArrayList<String>(repository.owners), usernames, members);
dialog.setTeams(gitblit.getTeamnames(), gitblit.getTeamAccessPermissions(repository));
dialog.setRepositories(gitblit.getRepositories());
dialog.setFederationSets(gitblit.getFederationSets(), repository.federationSets);
List<String> allLocalBranches = new ArrayList<String>();
allLocalBranches.add(Constants.DEFAULT_BRANCH);
allLocalBranches.addAll(repository.getLocalBranches());
dialog.setIndexedBranches(allLocalBranches, repository.indexedBranches);
dialog.setPreReceiveScripts(gitblit.getPreReceiveScriptsUnused(repository), gitblit.getPreReceiveScriptsInherited(repository), repository.preReceiveScripts);
dialog.setPostReceiveScripts(gitblit.getPostReceiveScriptsUnused(repository), gitblit.getPostReceiveScriptsInherited(repository), repository.postReceiveScripts);
if (gitblit.getSettings().hasKey(Keys.groovy.customFields)) {
Map<String, String> map = gitblit.getSettings().get(Keys.groovy.customFields).getMap();
dialog.setCustomFields(repository, map);
}
dialog.setVisible(true);
final RepositoryModel revisedRepository = dialog.getRepository();
final List<RegistrantAccessPermission> permittedUsers = dialog.getUserAccessPermissions();
final List<RegistrantAccessPermission> permittedTeams = dialog.getTeamAccessPermissions();
if (revisedRepository == null) {
return;
}
GitblitWorker worker = new GitblitWorker(this, RpcRequest.EDIT_REPOSITORY) {
@Override
protected Boolean doRequest() throws IOException {
boolean success = gitblit.updateRepository(repository.name, revisedRepository, permittedUsers, permittedTeams);
if (success) {
gitblit.refreshRepositories();
gitblit.refreshUsers();
gitblit.refreshTeams();
}
return success;
}
@Override
protected void onSuccess() {
updateTable(false);
updateUsersTable();
updateTeamsTable();
}
@Override
protected void onFailure() {
showFailure("Failed to execute request \"{0}\" for repository \"{1}\".", getRequestType(), repository.name);
}
};
worker.execute();
}
Aggregations