From c08990a9e01ac81d827c855c36ee5939095ff306 Mon Sep 17 00:00:00 2001 From: Sebastian Sdorra Date: Fri, 28 Jan 2011 17:55:54 +0100 Subject: [PATCH] hide permissions to improve security --- .../repository/xml/XmlRepositoryManager.java | 44 +++++++++++++- .../webapp/resources/js/sonia.repository.js | 59 +------------------ 2 files changed, 44 insertions(+), 59 deletions(-) diff --git a/scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java b/scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java index 565d8d7c00..dc44df19a0 100644 --- a/scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java +++ b/scm-webapp/src/main/java/sonia/scm/repository/xml/XmlRepositoryManager.java @@ -48,6 +48,7 @@ import sonia.scm.SCMContext; import sonia.scm.SCMContextProvider; import sonia.scm.Type; import sonia.scm.repository.AbstractRepositoryManager; +import sonia.scm.repository.Permission; import sonia.scm.repository.PermissionType; import sonia.scm.repository.PermissionUtil; import sonia.scm.repository.Repository; @@ -68,6 +69,7 @@ import sonia.scm.web.security.WebSecurityContext; import java.io.IOException; +import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; @@ -330,6 +332,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager { assertIsReader(repository); repository = repository.clone(); + prepareRepository(repository); } return repository; @@ -357,6 +360,7 @@ public class XmlRepositoryManager extends AbstractRepositoryManager if (isReader(repository)) { repository = repository.clone(); + prepareRepository(repository); } else { @@ -382,7 +386,10 @@ public class XmlRepositoryManager extends AbstractRepositoryManager { if (handlerMap.containsKey(repository.getType()) && isReader(repository)) { - repositories.add(repository.clone()); + Repository r = repository.clone(); + + prepareRepository(r); + repositories.add(r); } } @@ -486,6 +493,27 @@ public class XmlRepositoryManager extends AbstractRepositoryManager PermissionType.READ); } + /** + * Method description + * + * + * @param repository + */ + private void prepareRepository(Repository repository) + { + if (isOwner(repository)) + { + if (repository.getPermissions() == null) + { + repository.setPermissions(new ArrayList()); + } + } + else + { + repository.setPermissions(null); + } + } + /** * Method description * @@ -546,6 +574,20 @@ public class XmlRepositoryManager extends AbstractRepositoryManager return handler; } + /** + * Method description + * + * + * @param repository + * + * @return + */ + private boolean isOwner(Repository repository) + { + return PermissionUtil.hasPermission(repository, securityContextProvider, + PermissionType.OWNER); + } + /** * Method description * diff --git a/scm-webapp/src/main/webapp/resources/js/sonia.repository.js b/scm-webapp/src/main/webapp/resources/js/sonia.repository.js index ea7e46e9b9..ae976e81fa 100644 --- a/scm-webapp/src/main/webapp/resources/js/sonia.repository.js +++ b/scm-webapp/src/main/webapp/resources/js/sonia.repository.js @@ -46,65 +46,8 @@ Ext.ns('Sonia.repository'); // functions -Sonia.repository.getPermissionValue = function(type){ - var value = 0; - switch (type){ - case "READ": - value = 0; - break; - case "WRITE": - value = 10; - break; - case "OWNER": - value = 100; - break; - } - return value; -} - -Sonia.repository.isMember = function(group){ - var result = false; - if ( Ext.isDefined(state.groups) ){ - for ( var i=0; i= value ){ - if ( p.groupPermission ){ - if ( Sonia.repository.isMember( p.name ) ){ - result = true; - break; - } - } else if ( p.name == state.user.name ) { - result = true; - break; - } - } - } - } - } - return result; -} - Sonia.repository.isOwner = function(repository){ - return Sonia.repository.hasPermission(repository, 'OWNER'); + return repository.permissions != null; } Sonia.repository.setEditPanel = function(panel){