Add system roles to repository role REST resource

scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryRoleDto.java

@@ -18,6 +18,7 @@ public class RepositoryRoleDto extends HalRepresentation {
   private String name;
   @NoBlankStrings @NotEmpty
   private Collection<String> verbs;
+  private boolean system;
 
   RepositoryRoleDto(Links links, Embedded embedded) {
     super(links, embedded);

scm-webapp/src/main/java/sonia/scm/api/v2/resources/RepositoryRoleToRepositoryRoleDtoMapper.java

@@ -3,9 +3,9 @@ package sonia.scm.api.v2.resources;
 import de.otto.edison.hal.Embedded;
 import de.otto.edison.hal.Links;
 import org.mapstruct.Mapper;
+import org.mapstruct.Mapping;
 import org.mapstruct.ObjectFactory;
 import sonia.scm.repository.RepositoryRole;
-import sonia.scm.repository.RepositoryRoleManager;
 import sonia.scm.repository.RepositoryRolePermissions;
 
 import javax.inject.Inject;
@@ -19,16 +19,17 @@ import static de.otto.edison.hal.Links.linkingTo;
 @Mapper
 public abstract class RepositoryRoleToRepositoryRoleDtoMapper extends BaseMapper<RepositoryRole, RepositoryRoleDto> {
 
-  @Inject
-  private RepositoryRoleManager repositoryRoleManager;
-
   @Inject
   private ResourceLinks resourceLinks;
 
+  @Override
+  @Mapping(source = "type", target = "system")
+  public abstract RepositoryRoleDto map(RepositoryRole modelObject);
+
   @ObjectFactory
   RepositoryRoleDto createDto(RepositoryRole repositoryRole) {
     Links.Builder linksBuilder = linkingTo().self(resourceLinks.repositoryRole().self(repositoryRole.getName()));
-    if (RepositoryRolePermissions.modify().isPermitted()) {
+    if (!isSystemRole(repositoryRole.getType()) && RepositoryRolePermissions.modify().isPermitted()) {
       linksBuilder.single(link("delete", resourceLinks.repositoryRole().delete(repositoryRole.getName())));
       linksBuilder.single(link("update", resourceLinks.repositoryRole().update(repositoryRole.getName())));
     }
@@ -39,4 +40,7 @@ public abstract class RepositoryRoleToRepositoryRoleDtoMapper extends BaseMapper
     return new RepositoryRoleDto(linksBuilder.build(), embeddedBuilder.build());
   }
 
+  boolean isSystemRole(String type) {
+    return "system".equals(type);
+  }
 }

scm-webapp/src/main/java/sonia/scm/repository/DefaultRepositoryRoleManager.java

@@ -33,8 +33,6 @@
 
 package sonia.scm.repository;
 
-import com.github.sdorra.ssp.PermissionActionCheck;
-import com.github.sdorra.ssp.PermissionCheck;
 import com.google.inject.Inject;
 import com.google.inject.Singleton;
 import org.slf4j.Logger;
@@ -44,6 +42,7 @@ import sonia.scm.HandlerEventType;
 import sonia.scm.ManagerDaoAdapter;
 import sonia.scm.NotFoundException;
 import sonia.scm.SCMContextProvider;
+import sonia.scm.security.RepositoryPermissionProvider;
 import sonia.scm.util.Util;
 
 import java.util.ArrayList;
@@ -51,6 +50,7 @@ import java.util.Collection;
 import java.util.Collections;
 import java.util.Comparator;
 import java.util.List;
+import java.util.Optional;
 import java.util.function.Predicate;
 
 @Singleton @EagerSingleton
@@ -62,10 +62,11 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
     LoggerFactory.getLogger(DefaultRepositoryRoleManager.class);
 
   @Inject
-  public DefaultRepositoryRoleManager(RepositoryRoleDAO repositoryRoleDAO)
+  public DefaultRepositoryRoleManager(RepositoryRoleDAO repositoryRoleDAO, RepositoryPermissionProvider repositoryPermissionProvider)
   {
     this.repositoryRoleDAO = repositoryRoleDAO;
     this.managerDaoAdapter = new ManagerDaoAdapter<>(repositoryRoleDAO);
+    this.repositoryPermissionProvider = repositoryPermissionProvider;
   }
 
   @Override
@@ -131,6 +132,10 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
   public RepositoryRole get(String id) {
     RepositoryRolePermissions.read();
 
+    return findSystemRole(id).orElse(findCustomRole(id));
+  }
+
+  private RepositoryRole findCustomRole(String id) {
     RepositoryRole repositoryRole = repositoryRoleDAO.get(id);
 
     if (repositoryRole != null) {
@@ -140,6 +145,10 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
     }
   }
 
+  private Optional<RepositoryRole> findSystemRole(String id) {
+    return repositoryPermissionProvider.availableRoles().stream().filter(role -> role.getName().equals(id)).findFirst();
+  }
+
   @Override
   public Collection<RepositoryRole> getAll() {
     return getAll(repositoryRole -> true, null);
@@ -152,7 +161,7 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
     if (!RepositoryRolePermissions.read().isPermitted()) {
       return Collections.emptySet();
     }
-    for (RepositoryRole repositoryRole : repositoryRoleDAO.getAll()) {
+    for (RepositoryRole repositoryRole : repositoryPermissionProvider.availableRoles()) {
       repositoryRoles.add(repositoryRole.clone());
     }
 
@@ -188,4 +197,5 @@ public class DefaultRepositoryRoleManager extends AbstractRepositoryRoleManager
 
   private final RepositoryRoleDAO repositoryRoleDAO;
   private final ManagerDaoAdapter<RepositoryRole> managerDaoAdapter;
+  private final RepositoryPermissionProvider repositoryPermissionProvider;
 }