Merge with 2.0.0-m3

scm-webapp/src/main/java/sonia/scm/api/rest/StatusExceptionMapper.java

@@ -1,30 +1,30 @@
-/**
- * Copyright (c) 2010, Sebastian Sdorra All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- *
- * 1. Redistributions of source code must retain the above copyright notice,
- * this list of conditions and the following disclaimer. 2. Redistributions in
- * binary form must reproduce the above copyright notice, this list of
- * conditions and the following disclaimer in the documentation and/or other
- * materials provided with the distribution. 3. Neither the name of SCM-Manager;
- * nor the names of its contributors may be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
- * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
- * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
- * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
- * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * http://bitbucket.org/sdorra/scm-manager
- *
+/*
+  Copyright (c) 2010, Sebastian Sdorra All rights reserved.
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer. 2. Redistributions in
+  binary form must reproduce the above copyright notice, this list of
+  conditions and the following disclaimer in the documentation and/or other
+  materials provided with the distribution. 3. Neither the name of SCM-Manager;
+  nor the names of its contributors may be used to endorse or promote products
+  derived from this software without specific prior written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+  ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+  ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+  CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+  http://bitbucket.org/sdorra/scm-manager
+
  */
 
 
@@ -36,11 +36,11 @@ package sonia.scm.api.rest;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-//~--- JDK imports ------------------------------------------------------------
-
 import javax.ws.rs.core.Response;
 import javax.ws.rs.ext.ExceptionMapper;
 
+//~--- JDK imports ------------------------------------------------------------
+
 /**
  *
  * @author Sebastian Sdorra
@@ -56,14 +56,14 @@ public class StatusExceptionMapper<E extends Throwable>
   private static final Logger logger =
     LoggerFactory.getLogger(StatusExceptionMapper.class);
 
-  //~--- constructors ---------------------------------------------------------
+  private final Response.Status status;
+  private final Class<E> type;
 
   /**
-   * Constructs ...
+   * Map an Exception to a HTTP Response
    *
-   *
-   * @param type
-   * @param status
+   * @param type the exception class
+   * @param status the http status to be mapped
    */
   public StatusExceptionMapper(Class<E> type, Response.Status status)
   {
@@ -71,15 +71,12 @@ public class StatusExceptionMapper<E extends Throwable>
     this.status = status;
   }
 
-  //~--- methods --------------------------------------------------------------
-
   /**
-   * Method description
+   * provide a http responses from an exception
    *
+   * @param exception the thrown exception
    *
-   * @param exception
-   *
-   * @return
+   * @return the http response with the exception presentation
    */
   @Override
   public Response toResponse(E exception)
@@ -95,12 +92,4 @@ public class StatusExceptionMapper<E extends Throwable>
 
     return Response.status(status).build();
   }
-
-  //~--- fields ---------------------------------------------------------------
-
-  /** Field description */
-  private final Response.Status status;
-
-  /** Field description */
-  private final Class<E> type;
 }

scm-webapp/src/main/java/sonia/scm/api/v2/resources/MapperModule.java

@@ -25,6 +25,8 @@ public class MapperModule extends AbstractModule {
     bind(RepositoryTypeCollectionToDtoMapper.class);
 
     bind(BranchToBranchDtoMapper.class).to(Mappers.getMapper(BranchToBranchDtoMapper.class).getClass());
+    bind(PermissionDtoToPermissionMapper.class).to(Mappers.getMapper(PermissionDtoToPermissionMapper.class).getClass());
+    bind(PermissionToPermissionDtoMapper.class).to(Mappers.getMapper(PermissionToPermissionDtoMapper.class).getClass());
 
     bind(FileObjectToFileObjectDtoMapper.class).to(Mappers.getMapper(FileObjectToFileObjectDtoMapper.class).getClass());
 

scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionAlreadyExistsExceptionMapper.java

@@ -0,0 +1,49 @@
+/*
+  Copyright (c) 2014, Sebastian Sdorra All rights reserved.
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer. 2. Redistributions in
+  binary form must reproduce the above copyright notice, this list of
+  conditions and the following disclaimer in the documentation and/or other
+  materials provided with the distribution. 3. Neither the name of SCM-Manager;
+  nor the names of its contributors may be used to endorse or promote products
+  derived from this software without specific prior written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+  ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+  ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+  CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+  http://bitbucket.org/sdorra/scm-manager
+
+ */
+
+
+package sonia.scm.api.v2.resources;
+
+
+import sonia.scm.api.rest.StatusExceptionMapper;
+import sonia.scm.repository.PermissionAlreadyExistsException;
+
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.Provider;
+
+/**
+ * @since 2.0.0
+ */
+@Provider
+public class PermissionAlreadyExistsExceptionMapper extends StatusExceptionMapper<PermissionAlreadyExistsException> {
+
+  public PermissionAlreadyExistsExceptionMapper() {
+    super(PermissionAlreadyExistsException.class, Response.Status.CONFLICT);
+  }
+}

scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionCollectionResource.java

@@ -1,18 +0,0 @@
-package sonia.scm.api.v2.resources;
-
-import javax.ws.rs.DefaultValue;
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
-import javax.ws.rs.QueryParam;
-import javax.ws.rs.core.Response;
-
-public class PermissionCollectionResource {
-  @GET
-  @Path("")
-  public Response getAll(@DefaultValue("0") @QueryParam("page") int page,
-    @DefaultValue("10") @QueryParam("pageSize") int pageSize,
-    @QueryParam("sortBy") String sortBy,
-    @DefaultValue("false") @QueryParam("desc") boolean desc) {
-    throw new UnsupportedOperationException();
-  }
-}

scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionCollectionToDtoMapper.java

@@ -0,0 +1,51 @@
+package sonia.scm.api.v2.resources;
+
+import com.google.inject.Inject;
+import de.otto.edison.hal.Embedded;
+import de.otto.edison.hal.HalRepresentation;
+import de.otto.edison.hal.Links;
+import sonia.scm.repository.Repository;
+import sonia.scm.repository.RepositoryPermissions;
+
+import java.util.List;
+
+import static de.otto.edison.hal.Embedded.embeddedBuilder;
+import static de.otto.edison.hal.Link.link;
+import static de.otto.edison.hal.Links.linkingTo;
+import static java.util.stream.Collectors.toList;
+
+public class PermissionCollectionToDtoMapper {
+
+  private final ResourceLinks resourceLinks;
+  private final PermissionToPermissionDtoMapper permissionToPermissionDtoMapper;
+
+  @Inject
+  public PermissionCollectionToDtoMapper(PermissionToPermissionDtoMapper permissionToPermissionDtoMapper, ResourceLinks resourceLinks) {
+    this.resourceLinks = resourceLinks;
+    this.permissionToPermissionDtoMapper = permissionToPermissionDtoMapper;
+  }
+
+  public HalRepresentation map(Repository repository) {
+    List<PermissionDto> permissionDtoList = repository.getPermissions()
+      .stream()
+      .map(permission -> permissionToPermissionDtoMapper.map(permission, repository))
+      .collect(toList());
+    return new HalRepresentation(createLinks(repository), embedDtos(permissionDtoList));
+  }
+
+  private Links createLinks(Repository repository) {
+    RepositoryPermissions.permissionRead(repository).check();
+    Links.Builder linksBuilder = linkingTo()
+      .with(Links.linkingTo().self(resourceLinks.permission().all(repository.getNamespace(), repository.getName())).build());
+    if (RepositoryPermissions.permissionWrite(repository).isPermitted()) {
+      linksBuilder.single(link("create", resourceLinks.permission().create(repository.getNamespace(), repository.getName())));
+    }
+    return linksBuilder.build();
+  }
+
+  private Embedded embedDtos(List<PermissionDto> permissionDtoList) {
+    return embeddedBuilder()
+      .with("permissions", permissionDtoList)
+      .build();
+  }
+}

scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionDto.java

@@ -0,0 +1,35 @@
+package sonia.scm.api.v2.resources;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import de.otto.edison.hal.HalRepresentation;
+import de.otto.edison.hal.Links;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
+
+@Getter @Setter @ToString
+public class PermissionDto extends HalRepresentation {
+
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String name;
+
+  /**
+   * the type can be replaced with a dto enum if the mapstruct 1.3.0 is stable
+   * the mapstruct has a Bug on mapping enums in the 1.2.0-Final Version
+   *
+   * see the bug fix: https://github.com/mapstruct/mapstruct/commit/460e87eef6eb71245b387fdb0509c726676a8e19
+   *
+   **/
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private String type ;
+
+
+  private boolean groupPermission = false;
+
+
+  @Override
+  @SuppressWarnings("squid:S1185") // We want to have this method available in this package
+  protected HalRepresentation add(Links links) {
+    return super.add(links);
+  }
+}

scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionDtoToPermissionMapper.java

@@ -0,0 +1,21 @@
+package sonia.scm.api.v2.resources;
+
+import org.mapstruct.Mapper;
+import org.mapstruct.MappingTarget;
+import sonia.scm.repository.Permission;
+
+@Mapper
+public abstract class PermissionDtoToPermissionMapper {
+
+  public abstract Permission map(PermissionDto permissionDto);
+
+  /**
+   * this method is needed to modify an existing permission object
+   *
+   * @param target the target permission
+   * @param permissionDto the source dto
+   * @return the mapped target permission object
+   */
+  public abstract void modify(@MappingTarget Permission target, PermissionDto permissionDto);
+
+}

scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionNotFoundExceptionMapper.java

@@ -0,0 +1,49 @@
+/*
+  Copyright (c) 2014, Sebastian Sdorra All rights reserved.
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer. 2. Redistributions in
+  binary form must reproduce the above copyright notice, this list of
+  conditions and the following disclaimer in the documentation and/or other
+  materials provided with the distribution. 3. Neither the name of SCM-Manager;
+  nor the names of its contributors may be used to endorse or promote products
+  derived from this software without specific prior written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+  ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+  ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+  CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+  http://bitbucket.org/sdorra/scm-manager
+
+ */
+
+
+package sonia.scm.api.v2.resources;
+
+
+import sonia.scm.api.rest.StatusExceptionMapper;
+import sonia.scm.repository.PermissionNotFoundException;
+
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.Provider;
+
+/**
+ * @since 2.0.0
+ */
+@Provider
+public class PermissionNotFoundExceptionMapper extends StatusExceptionMapper<PermissionNotFoundException> {
+
+  public PermissionNotFoundExceptionMapper() {
+    super(PermissionNotFoundException.class, Response.Status.NOT_FOUND);
+  }
+}

scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionRootResource.java

@@ -1,20 +1,235 @@
 package sonia.scm.api.v2.resources;
 
-import javax.inject.Inject;
-import javax.inject.Provider;
-import javax.ws.rs.Path;
+import com.webcohesion.enunciate.metadata.rs.ResponseCode;
+import com.webcohesion.enunciate.metadata.rs.ResponseHeader;
+import com.webcohesion.enunciate.metadata.rs.StatusCodes;
+import com.webcohesion.enunciate.metadata.rs.TypeHint;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang.StringUtils;
+import sonia.scm.repository.NamespaceAndName;
+import sonia.scm.repository.Permission;
+import sonia.scm.repository.PermissionAlreadyExistsException;
+import sonia.scm.repository.PermissionNotFoundException;
+import sonia.scm.repository.Repository;
+import sonia.scm.repository.RepositoryException;
+import sonia.scm.repository.RepositoryManager;
+import sonia.scm.repository.RepositoryNotFoundException;
+import sonia.scm.repository.RepositoryPermissions;
+import sonia.scm.web.VndMediaType;
 
+import javax.inject.Inject;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.DELETE;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.PUT;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.Response;
+import java.net.URI;
+import java.util.Optional;
+
+@Slf4j
 public class PermissionRootResource {
 
-  private final Provider<PermissionCollectionResource> permissionCollectionResource;
+  private PermissionDtoToPermissionMapper dtoToModelMapper;
+  private PermissionToPermissionDtoMapper modelToDtoMapper;
+  private PermissionCollectionToDtoMapper permissionCollectionToDtoMapper;
+  private ResourceLinks resourceLinks;
+  private final RepositoryManager manager;
+
 
   @Inject
-  public PermissionRootResource(Provider<PermissionCollectionResource> permissionCollectionResource) {
-    this.permissionCollectionResource = permissionCollectionResource;
+  public PermissionRootResource(PermissionDtoToPermissionMapper dtoToModelMapper, PermissionToPermissionDtoMapper modelToDtoMapper, PermissionCollectionToDtoMapper permissionCollectionToDtoMapper, ResourceLinks resourceLinks, RepositoryManager manager) {
+    this.dtoToModelMapper = dtoToModelMapper;
+    this.modelToDtoMapper = modelToDtoMapper;
+    this.permissionCollectionToDtoMapper = permissionCollectionToDtoMapper;
+    this.resourceLinks = resourceLinks;
+    this.manager = manager;
   }
 
+
+  /**
+   * Adds a new permission to the user or group managed by the repository
+   *
+   * @param permission permission to add
+   * @return a web response with the status code 201 and the url to GET the added permission
+   */
+  @POST
+  @StatusCodes({
+    @ResponseCode(code = 201, condition = "creates", additionalHeaders = {
+      @ResponseHeader(name = "Location", description = "uri of the  created permission")
+    }),
+    @ResponseCode(code = 500, condition = "internal server error"),
+    @ResponseCode(code = 404, condition = "not found"),
+    @ResponseCode(code = 409, condition = "conflict")
+  })
+  @TypeHint(TypeHint.NO_CONTENT.class)
+  @Consumes(VndMediaType.PERMISSION)
   @Path("")
-  public PermissionCollectionResource getPermissionCollectionResource() {
-    return permissionCollectionResource.get();
+  public Response create(@PathParam("namespace") String namespace, @PathParam("name") String name, PermissionDto permission) throws RepositoryException {
+    log.info("try to add new permission: {}", permission);
+    Repository repository = load(namespace, name);
+    RepositoryPermissions.permissionWrite(repository).check();
+    checkPermissionAlreadyExists(permission, repository);
+    repository.getPermissions().add(dtoToModelMapper.map(permission));
+    manager.modify(repository);
+    return Response.created(URI.create(resourceLinks.permission().self(namespace, name, permission.getName()))).build();
+  }
+
+
+  /**
+   * Get the searched permission with permission name related to a repository
+   *
+   * @param namespace the repository namespace
+   * @param name      the repository name
+   * @return the http response with a list of permissionDto objects
+   * @throws RepositoryNotFoundException if the repository does not exists
+   */
+  @GET
+  @StatusCodes({
+    @ResponseCode(code = 200, condition = "ok"),
+    @ResponseCode(code = 404, condition = "not found"),
+    @ResponseCode(code = 500, condition = "internal server error")
+  })
+  @Produces(VndMediaType.PERMISSION)
+  @TypeHint(PermissionDto.class)
+  @Path("{permission-name}")
+  public Response get(@PathParam("namespace") String namespace, @PathParam("name") String name, @PathParam("permission-name") String permissionName) throws RepositoryException {
+    Repository repository = load(namespace, name);
+    RepositoryPermissions.permissionRead(repository).check();
+    return Response.ok(
+      repository.getPermissions()
+        .stream()
+        .filter(permission -> permissionName.equals(permission.getName()))
+        .map(permission -> modelToDtoMapper.map(permission, repository))
+        .findFirst()
+        .orElseThrow(() -> new PermissionNotFoundException(repository, permissionName))
+    ).build();
+  }
+
+
+  /**
+   * Get all permissions related to a repository
+   *
+   * @param namespace the repository namespace
+   * @param name      the repository name
+   * @return the http response with a list of permissionDto objects
+   * @throws RepositoryNotFoundException if the repository does not exists
+   */
+  @GET
+  @StatusCodes({
+    @ResponseCode(code = 200, condition = "ok"),
+    @ResponseCode(code = 404, condition = "not found"),
+    @ResponseCode(code = 500, condition = "internal server error")
+  })
+  @Produces(VndMediaType.PERMISSION)
+  @TypeHint(PermissionDto.class)
+  @Path("")
+  public Response getAll(@PathParam("namespace") String namespace, @PathParam("name") String name) throws RepositoryNotFoundException {
+    Repository repository = load(namespace, name);
+    RepositoryPermissions.permissionRead(repository).check();
+    return Response.ok(permissionCollectionToDtoMapper.map(repository)).build();
+  }
+
+
+  /**
+   * Update a permission to the user or group managed by the repository
+   *
+   * @param permission     permission to modify
+   * @param permissionName permission to modify
+   * @return a web response with the status code 204
+   */
+  @PUT
+  @StatusCodes({
+    @ResponseCode(code = 204, condition = "update success"),
+    @ResponseCode(code = 401, condition = "not authenticated / invalid credentials"),
+    @ResponseCode(code = 500, condition = "internal server error")
+  })
+  @TypeHint(TypeHint.NO_CONTENT.class)
+  @Consumes(VndMediaType.PERMISSION)
+  @Path("{permission-name}")
+  public Response update(@PathParam("namespace") String namespace,
+                         @PathParam("name") String name,
+                         @PathParam("permission-name") String permissionName,
+                         PermissionDto permission) throws RepositoryException {
+    log.info("try to update the permission with name: {}. the modified permission is: {}", permissionName, permission);
+    Repository repository = load(namespace, name);
+    RepositoryPermissions.permissionWrite(repository).check();
+    Permission existingPermission = repository.getPermissions()
+      .stream()
+      .filter(perm -> StringUtils.isNotBlank(perm.getName()) && perm.getName().equals(permissionName))
+      .findFirst()
+      .orElseThrow(() -> new PermissionNotFoundException(repository, permissionName));
+    dtoToModelMapper.modify(existingPermission, permission);
+    manager.modify(repository);
+    log.info("the permission with name: {} is updated.", permissionName);
+    return Response.noContent().build();
+  }
+
+  /**
+   * Update a permission to the user or group managed by the repository
+   *
+   * @param permissionName permission to delete
+   * @return a web response with the status code 204
+   */
+  @DELETE
+  @StatusCodes({
+    @ResponseCode(code = 204, condition = "delete success or nothing to delete"),
+    @ResponseCode(code = 401, condition = "not authenticated / invalid credentials"),
+    @ResponseCode(code = 403, condition = "not authorized"),
+    @ResponseCode(code = 500, condition = "internal server error")
+  })
+  @TypeHint(TypeHint.NO_CONTENT.class)
+  @Path("{permission-name}")
+  public Response delete(@PathParam("namespace") String namespace,
+                         @PathParam("name") String name,
+                         @PathParam("permission-name") String permissionName) throws RepositoryException {
+    log.info("try to delete the permission with name: {}.", permissionName);
+    Repository repository = load(namespace, name);
+    RepositoryPermissions.modify(repository).check();
+    repository.getPermissions()
+      .stream()
+      .filter(perm -> StringUtils.isNotBlank(perm.getName()) && perm.getName().equals(permissionName))
+      .findFirst()
+      .ifPresent(p -> repository.getPermissions().remove(p))
+    ;
+    manager.modify(repository);
+    log.info("the permission with name: {} is updated.", permissionName);
+    return Response.noContent().build();
+  }
+
+
+  /**
+   * check if the actual user is permitted to manage the repository permissions
+   * return the repository if the user is permitted
+   *
+   * @param namespace the repository namespace
+   * @param name      the repository name
+   * @return the repository if the user is permitted
+   * @throws RepositoryNotFoundException if the repository does not exists
+   */
+  private Repository load(String namespace, String name) throws RepositoryNotFoundException {
+    return Optional.ofNullable(manager.get(new NamespaceAndName(namespace, name)))
+      .orElseThrow(() -> new RepositoryNotFoundException(name));
+  }
+
+  /**
+   * check if the permission already exists in the repository
+   *
+   * @param permission the searched permission
+   * @param repository the repository to be inspected
+   * @throws PermissionAlreadyExistsException if the permission already exists in the repository
+   */
+  private void checkPermissionAlreadyExists(PermissionDto permission, Repository repository) throws PermissionAlreadyExistsException {
+    boolean isPermissionAlreadyExist = repository.getPermissions()
+      .stream()
+      .anyMatch(p -> p.getName().equals(permission.getName()));
+    if (isPermissionAlreadyExist) {
+      throw new PermissionAlreadyExistsException(repository, permission.getName());
+    }
   }
 }
+
+

scm-webapp/src/main/java/sonia/scm/api/v2/resources/PermissionToPermissionDtoMapper.java

@@ -0,0 +1,51 @@
+package sonia.scm.api.v2.resources;
+
+import de.otto.edison.hal.Links;
+import org.mapstruct.AfterMapping;
+import org.mapstruct.BeforeMapping;
+import org.mapstruct.Context;
+import org.mapstruct.Mapper;
+import org.mapstruct.Mapping;
+import org.mapstruct.MappingTarget;
+import sonia.scm.repository.Permission;
+import sonia.scm.repository.Repository;
+import sonia.scm.repository.RepositoryPermissions;
+
+import javax.inject.Inject;
+
+import static de.otto.edison.hal.Link.link;
+import static de.otto.edison.hal.Links.linkingTo;
+
+@Mapper
+public abstract class PermissionToPermissionDtoMapper {
+
+  @Inject
+  private ResourceLinks resourceLinks;
+
+  @Mapping(target = "attributes", ignore = true) // We do not map HAL attributes
+  public abstract PermissionDto map(Permission permission, @Context Repository repository);
+
+
+  @BeforeMapping
+  void validatePermissions(@Context Repository repository) {
+    RepositoryPermissions.permissionRead(repository).check();
+  }
+
+  /**
+   * Add the self, update and delete links.
+   *
+   * @param target     the mapped dto
+   * @param repository the repository
+   */
+  @AfterMapping
+  void appendLinks(@MappingTarget PermissionDto target, @Context Repository repository) {
+    Links.Builder linksBuilder = linkingTo()
+      .self(resourceLinks.permission().self(repository.getNamespace(), repository.getName(), target.getName()));
+    if (RepositoryPermissions.permissionWrite(repository).isPermitted()) {
+      linksBuilder.single(link("update", resourceLinks.permission().update(repository.getNamespace(), repository.getName(), target.getName())));
+      linksBuilder.single(link("delete", resourceLinks.permission().delete(repository.getNamespace(), repository.getName(), target.getName())));
+    }
+    target.add(linksBuilder.build());
+  }
+}
+

scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryNotFoundExceptionMapper.java

@@ -0,0 +1,49 @@
+/*
+  Copyright (c) 2014, Sebastian Sdorra All rights reserved.
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions are met:
+
+  1. Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer. 2. Redistributions in
+  binary form must reproduce the above copyright notice, this list of
+  conditions and the following disclaimer in the documentation and/or other
+  materials provided with the distribution. 3. Neither the name of SCM-Manager;
+  nor the names of its contributors may be used to endorse or promote products
+  derived from this software without specific prior written permission.
+
+  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+  ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR
+  ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+  DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+  SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+  CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+  OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+  OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+  http://bitbucket.org/sdorra/scm-manager
+
+ */
+
+
+package sonia.scm.api.v2.resources;
+
+
+import sonia.scm.api.rest.StatusExceptionMapper;
+import sonia.scm.repository.RepositoryNotFoundException;
+
+import javax.ws.rs.core.Response;
+import javax.ws.rs.ext.Provider;
+
+/**
+ * @since 2.0.0
+ */
+@Provider
+public class RepositoryNotFoundExceptionMapper extends StatusExceptionMapper<RepositoryNotFoundException> {
+
+  public RepositoryNotFoundExceptionMapper() {
+    super(RepositoryNotFoundException.class, Response.Status.NOT_FOUND);
+  }
+}

scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryResource.java

@@ -128,11 +128,17 @@ public class RepositoryResource {
   public Response update(@PathParam("namespace") String namespace, @PathParam("name") String name, RepositoryDto repositoryDto) {
     return adapter.update(
       loadBy(namespace, name),
-      existing -> dtoToRepositoryMapper.map(repositoryDto, existing.getId()),
+      existing -> processUpdate(repositoryDto, existing),
       nameAndNamespaceStaysTheSame(namespace, name)
     );
   }
 
+  private Repository processUpdate(RepositoryDto repositoryDto, Repository existing) {
+    Repository changedRepository = dtoToRepositoryMapper.map(repositoryDto, existing.getId());
+    changedRepository.setPermissions(existing.getPermissions());
+    return changedRepository;
+  }
+
   @Path("tags/")
   public TagRootResource tags() {
     return tagRootResource.get();
@@ -176,6 +182,6 @@ public class RepositoryResource {
   }
 
   private Predicate<Repository> nameAndNamespaceStaysTheSame(String namespace, String name) {
-    return changed -> changed.getName().equals(name) && changed.getNamespace().equals(namespace);
+    return changed -> name.equals(changed.getName()) && namespace.equals(changed.getNamespace());
   }
 }

scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryToRepositoryDtoMapper.java

@@ -36,7 +36,7 @@ public abstract class RepositoryToRepositoryDtoMapper extends BaseMapper<Reposit
     }
     if (RepositoryPermissions.modify(repository).isPermitted()) {
       linksBuilder.single(link("update", resourceLinks.repository().update(target.getNamespace(), target.getName())));
-      linksBuilder.single(link("permissions", resourceLinks.permissionCollection().self(target.getNamespace(), target.getName())));
+      linksBuilder.single(link("permissions", resourceLinks.permission().all(target.getNamespace(), target.getName())));
     }
     try (RepositoryService repositoryService = serviceFactory.create(repository)) {
       if (repositoryService.isSupported(Command.TAGS)) {

scm-webapp/src/main/java/sonia/scm/api/v2/resources/ResourceLinks.java

@@ -314,20 +314,39 @@ class ResourceLinks {
       return sourceLinkBuilder.method("getRepositoryResource").parameters(namespace, name).method("content").parameters().method("get").parameters(revision, path).href();
     }
   }
-
-  public PermissionCollectionLinks permissionCollection() {
-    return new PermissionCollectionLinks(uriInfoStore.get());
+  public PermissionLinks permission() {
+    return new PermissionLinks(uriInfoStore.get());
   }
 
-  static class PermissionCollectionLinks {
+  static class PermissionLinks {
     private final LinkBuilder permissionLinkBuilder;
 
-    PermissionCollectionLinks(UriInfo uriInfo) {
-      permissionLinkBuilder = new LinkBuilder(uriInfo, RepositoryRootResource.class, RepositoryResource.class, PermissionRootResource.class, PermissionCollectionResource.class);
+    PermissionLinks(UriInfo uriInfo) {
+      permissionLinkBuilder = new LinkBuilder(uriInfo, RepositoryRootResource.class, RepositoryResource.class, PermissionRootResource.class);
     }
 
-    String self(String namespace, String name) {
-      return permissionLinkBuilder.method("getRepositoryResource").parameters(namespace, name).method("permissions").parameters().method("getPermissionCollectionResource").parameters().method("getAll").parameters().href();
+    String all(String namespace, String name) {
+      return permissionLinkBuilder.method("getRepositoryResource").parameters(namespace, name).method("permissions").parameters().method("getAll").parameters().href();
+    }
+
+    String create(String repositoryNamespace, String repositoryName) {
+      return permissionLinkBuilder.method("getRepositoryResource").parameters(repositoryNamespace, repositoryName).method("permissions").parameters().method("create").parameters().href();
+    }
+
+    String self(String repositoryNamespace, String repositoryName, String permissionName) {
+      return getLink(repositoryNamespace, repositoryName, permissionName, "get");
+    }
+
+    String update(String repositoryNamespace, String repositoryName, String permissionName) {
+      return getLink(repositoryNamespace, repositoryName, permissionName, "update");
+    }
+
+    String delete(String repositoryNamespace, String repositoryName, String permissionName) {
+      return getLink(repositoryNamespace, repositoryName, permissionName, "delete");
+    }
+
+    private String getLink(String repositoryNamespace, String repositoryName, String permissionName, String methodName) {
+      return permissionLinkBuilder.method("getRepositoryResource").parameters(repositoryNamespace, repositoryName).method("permissions").parameters().method(methodName).parameters(permissionName).href();
     }
   }
 }