New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

allow internal privilege evaluation external URLs #281

Merged
merged 1 commit into from Jul 4, 2015

Conversation

Projects
None yet
3 participants
@mrjoel
Collaborator

mrjoel commented Jun 30, 2015

commit c20191f enabled support
for hiding internal URLs, but didn't consider that it broke the
evaluation of permissions (used for tickets, etc.), and caused
a NPE on repoUrl.permission when trying to view the TicketPage.

With all internal mechanisms disabled, it would result in the
first URL being external with unknown permissions. This adds an
option to use internal permissions even for external URLs.

Note that this does not grant any additional permissions, but
does offer the option to have gitblit advertise the full set of
what is allowed, even if the external URL imposes additional
restrictions.

Show outdated Hide outdated src/main/java/com/gitblit/models/RepositoryUrl.java
@@ -41,8 +41,8 @@ public RepositoryUrl(String url, AccessPermission permission) {
this.permission = permission;
}
public boolean isExternal() {
return permission == null;
public boolean isPermissionKnown() {

This comment has been minimized.

@gitblit

gitblit Jun 30, 2015

Owner

I would prefer hasPermission()

@gitblit

gitblit Jun 30, 2015

Owner

I would prefer hasPermission()

This comment has been minimized.

@mrjoel

mrjoel Jul 1, 2015

Collaborator

Updated

@mrjoel

mrjoel Jul 1, 2015

Collaborator

Updated

Show outdated Hide outdated src/main/distrib/data/defaults.properties
# rights, but may incorrectly offer actions that are unavailable.
#
# SINCE 1.7.0
web.useInternalPermissionsForOtherUrls = false

This comment has been minimized.

@gitblit

gitblit Jun 30, 2015

Owner

Would this be a better name? web.advertiseAccessPermissionForOtherUrls and then describe that the configured push transports determine the advertised url permission?

@gitblit

gitblit Jun 30, 2015

Owner

Would this be a better name? web.advertiseAccessPermissionForOtherUrls and then describe that the configured push transports determine the advertised url permission?

This comment has been minimized.

@mrjoel

mrjoel Jul 1, 2015

Collaborator

Yep, that reads more clearly. I also added the clarification on push transports.

@mrjoel

mrjoel Jul 1, 2015

Collaborator

Yep, that reads more clearly. I also added the clarification on push transports.

allow advertising gitblit privileges for external URLs
commit c20191f enabled support
for hiding internal URLs, but didn't consider that it broke the
evaluation of permissions (used for tickets, etc.), and caused
a NPE on repoUrl.permission when trying to view the TicketPage.

With all internal mechanisms disabled, it would result in the
first URL being external with unknown permissions. This adds an
option to use internal permissions even for external URLs.

Note that this does not grant any additional permissions, but
does offer the option to have gitblit advertise the full set of
what is allowed, even if the external URL imposes additional
restrictions.

gitblit added a commit that referenced this pull request Jul 4, 2015

Merge pull request #281 from mrjoel/mrjoel-ticketswithexternalurl
allow internal privilege evaluation external URLs

@gitblit gitblit merged commit 7c4d074 into gitblit:develop Jul 4, 2015

@mrjoel mrjoel deleted the mrjoel:mrjoel-ticketswithexternalurl branch Jul 5, 2015

@fzs fzs modified the milestone: 1.7.0 Mar 18, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment