Merged in bugfix/repo_permissions_without_admin (pull request #258)

Fix bug for repository owners without global role permission
2025-11-12 08:25:44 +01:00 · 2019-06-03 13:56:11 +00:00
parent 3664d69713 743feb27a8
commit 3b3ddd8fb0
7 changed files with 31 additions and 26 deletions
--- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IndexDtoGenerator.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/IndexDtoGenerator.java
@@ -63,9 +63,7 @@ public class IndexDtoGenerator extends HalAppenderMapper {

      builder.single(link("repositoryTypes", resourceLinks.repositoryTypeCollection().self()));
      builder.single(link("namespaceStrategies", resourceLinks.namespaceStrategies().self()));
-      if (RepositoryRolePermissions.read().isPermitted()) {
-        builder.single(link("repositoryRoles", resourceLinks.repositoryRoleCollection().self()));
-      }
+      builder.single(link("repositoryRoles", resourceLinks.repositoryRoleCollection().self()));
    } else {
      builder.single(link("login", resourceLinks.authentication().jsonLogin()));
    }
--- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryRoleCollectionToDtoMapper.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryRoleCollectionToDtoMapper.java
@@ -25,7 +25,7 @@ public class RepositoryRoleCollectionToDtoMapper extends BasicCollectionToDtoMap
  }

  Optional<String> createCreateLink() {
-    return RepositoryRolePermissions.modify().isPermitted() ? of(resourceLinks.repositoryRoleCollection().create()): empty();
+    return RepositoryRolePermissions.write().isPermitted() ? of(resourceLinks.repositoryRoleCollection().create()): empty();
  }

  String createSelfLink() {
--- a/scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryRoleToRepositoryRoleDtoMapper.java
+++ b/scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryRoleToRepositoryRoleDtoMapper.java
@@ -27,7 +27,7 @@ public abstract class RepositoryRoleToRepositoryRoleDtoMapper extends BaseMapper
  @ObjectFactory
  RepositoryRoleDto createDto(RepositoryRole repositoryRole) {
    Links.Builder linksBuilder = linkingTo().self(resourceLinks.repositoryRole().self(repositoryRole.getName()));
-    if (!"system".equals(repositoryRole.getType()) && RepositoryRolePermissions.modify().isPermitted()) {
+    if (!"system".equals(repositoryRole.getType()) && RepositoryRolePermissions.write().isPermitted()) {
      linksBuilder.single(link("delete", resourceLinks.repositoryRole().delete(repositoryRole.getName())));
      linksBuilder.single(link("update", resourceLinks.repositoryRole().update(repositoryRole.getName())));
    }
--- a/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryRoleManager.java
+++ b/scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryRoleManager.java
@@ -88,7 +88,7 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager

    return managerDaoAdapter.create(
      repositoryRole,
-      RepositoryRolePermissions::modify,
+      RepositoryRolePermissions::write,
      newRepositoryRole -> fireEvent(HandlerEventType.BEFORE_CREATE, newRepositoryRole),
      newRepositoryRole -> fireEvent(HandlerEventType.CREATE, newRepositoryRole)
    );
@@ -100,7 +100,7 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
    logger.info("delete repositoryRole {} of type {}", repositoryRole.getName(), repositoryRole.getType());
    managerDaoAdapter.delete(
      repositoryRole,
-      RepositoryRolePermissions::modify,
+      RepositoryRolePermissions::write,
      toDelete -> fireEvent(HandlerEventType.BEFORE_DELETE, toDelete),
      toDelete -> fireEvent(HandlerEventType.DELETE, toDelete)
    );
@@ -116,7 +116,7 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
    logger.info("modify repositoryRole {} of type {}", repositoryRole.getName(), repositoryRole.getType());
    managerDaoAdapter.modify(
      repositoryRole,
-      x -> RepositoryRolePermissions.modify(),
+      x -> RepositoryRolePermissions.write(),
      notModified -> fireEvent(HandlerEventType.BEFORE_MODIFY, repositoryRole, notModified),
      notModified -> fireEvent(HandlerEventType.MODIFY, repositoryRole, notModified));
  }
@@ -125,7 +125,6 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
  public void refresh(RepositoryRole repositoryRole) {
    logger.info("refresh repositoryRole {} of type {}", repositoryRole.getName(), repositoryRole.getType());

-    RepositoryRolePermissions.read().check();
    RepositoryRole fresh = repositoryRoleDAO.get(repositoryRole.getName());

    if (fresh == null) {
@@ -135,8 +134,6 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager

  @Override
  public RepositoryRole get(String id) {
-    RepositoryRolePermissions.read().check();
-
    return findSystemRole(id).orElse(findCustomRole(id));
  }

@@ -168,9 +165,6 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
  public List<RepositoryRole> getAll() {
    List<RepositoryRole> repositoryRoles = new ArrayList<>();

-    if (!RepositoryRolePermissions.read().isPermitted()) {
-      return Collections.emptyList();
-    }
    for (RepositoryRole repositoryRole : repositoryPermissionProvider.availableRoles()) {
      repositoryRoles.add(repositoryRole.clone());
    }