Nemcio/SCM-Manager
1
0
Fork 0
mirror of https://github.com/scm-manager/scm-manager.git synced 2025-11-10 23:45:44 +01:00
Code Issues Packages Projects Releases Activity

hide permissions to improve security

Browse Source
This commit is contained in:
Sebastian Sdorra
2011-01-28 17:55:54 +01:00
parent 1aee9ed756
commit c08990a9e0
2 changed files with 44 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java
View File

@@ -48,6 +48,7 @@ import sonia.scm.SCMContext;
import sonia.scm.SCMContextProvider;
import sonia.scm.Type;
import sonia.scm.repository.AbstractRepositoryManager;
import sonia.scm.repository.Permission;
import sonia.scm.repository.PermissionType;
import sonia.scm.repository.PermissionUtil;
import sonia.scm.repository.Repository;
@@ -68,6 +69,7 @@ import sonia.scm.web.security.WebSecurityContext;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
@@ -330,6 +332,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
{
assertIsReader(repository);
repository = repository.clone();
prepareRepository(repository);
}
return repository;
@@ -357,6 +360,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
if (isReader(repository))
{
repository = repository.clone();
prepareRepository(repository);
}
else
{
@@ -382,7 +386,10 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
{
if (handlerMap.containsKey(repository.getType()) && isReader(repository))
{
repositories.add(repository.clone());
Repository r = repository.clone();
prepareRepository(r);
repositories.add(r);
}
}
@@ -486,6 +493,27 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
PermissionType.READ);
}
/**
* Method description
*
*
* @param repository
*/
private void prepareRepository(Repository repository)
{
if (isOwner(repository))
{
if (repository.getPermissions() == null)
{
repository.setPermissions(new ArrayList<Permission>());
}
}
else
{
repository.setPermissions(null);
}
}
/**
* Method description
*
@@ -546,6 +574,20 @@ public class XmlRepositoryManager extends AbstractRepositoryManager
return handler;
}
/**
* Method description
*
*
* @param repository
*
* @return
*/
private boolean isOwner(Repository repository)
{
return PermissionUtil.hasPermission(repository, securityContextProvider,
PermissionType.OWNER);
}
/**
* Method description
*

59
scm-webapp/src/main/webapp/resources/js/sonia.repository.js
View File

@@ -46,65 +46,8 @@ Ext.ns('Sonia.repository');
// functions
Sonia.repository.getPermissionValue = function(type){
var value = 0;
switch (type){
case "READ":
value = 0;
break;
case "WRITE":
value = 10;
break;
case "OWNER":
value = 100;
break;
}
return value;
}
Sonia.repository.isMember = function(group){
var result = false;
if ( Ext.isDefined(state.groups) ){
for ( var i=0; i<state.groups.length; i++ ){
if ( state.groups[i] == group ){
result = true;
break;
}
}
}
return result;
}
Sonia.repository.hasPermission = function(repository, type){
var result = false;
if ( admin ){
result = true;
} else {
var permissions = repository.permissions;
if ( Ext.isDefined(permissions) ){
var value = Sonia.repository.getPermissionValue( type );
for (var i=0;i<permissions.length; i++ ){
var p = permissions[i];
var pv = Sonia.repository.getPermissionValue( p.type );
if ( pv >= value ){
if ( p.groupPermission ){
if ( Sonia.repository.isMember( p.name ) ){
result = true;
break;
}
} else if ( p.name == state.user.name ) {
result = true;
break;
}
}
}
}
}
return result;
}
Sonia.repository.isOwner = function(repository){
return Sonia.repository.hasPermission(repository, 'OWNER');
return repository.permissions != null;
}
Sonia.repository.setEditPanel = function(panel){